Merge pull request #300 from vmware-tanzu/even-more-opc-renames

Even more "op" and "opc" local variable renames
This commit is contained in:
Ryan Richard 2020-12-17 13:51:54 -08:00 committed by GitHub
commit 780d236d89
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 66 additions and 66 deletions

View File

@ -92,7 +92,7 @@ func startControllers(
kubeInformers kubeinformers.SharedInformerFactory, kubeInformers kubeinformers.SharedInformerFactory,
pinnipedInformers pinnipedinformers.SharedInformerFactory, pinnipedInformers pinnipedinformers.SharedInformerFactory,
) { ) {
opInformer := pinnipedInformers.Config().V1alpha1().FederationDomains() federationDomainInformer := pinnipedInformers.Config().V1alpha1().FederationDomains()
secretInformer := kubeInformers.Core().V1().Secrets() secretInformer := kubeInformers.Core().V1().Secrets()
// Create controller manager. // Create controller manager.
@ -112,7 +112,7 @@ func startControllers(
issuerManager, issuerManager,
clock.RealClock{}, clock.RealClock{},
pinnipedClient, pinnipedClient,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -123,7 +123,7 @@ func startControllers(
kubeClient, kubeClient,
pinnipedClient, pinnipedClient,
secretInformer, secretInformer,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -132,7 +132,7 @@ func startControllers(
supervisorconfig.NewJWKSObserverController( supervisorconfig.NewJWKSObserverController(
dynamicJWKSProvider, dynamicJWKSProvider,
secretInformer, secretInformer,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -142,7 +142,7 @@ func startControllers(
dynamicTLSCertProvider, dynamicTLSCertProvider,
cfg.NamesConfig.DefaultTLSCertificateSecret, cfg.NamesConfig.DefaultTLSCertificateSecret,
secretInformer, secretInformer,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -180,7 +180,7 @@ func startControllers(
kubeClient, kubeClient,
pinnipedClient, pinnipedClient,
secretInformer, secretInformer,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -203,7 +203,7 @@ func startControllers(
kubeClient, kubeClient,
pinnipedClient, pinnipedClient,
secretInformer, secretInformer,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -226,7 +226,7 @@ func startControllers(
kubeClient, kubeClient,
pinnipedClient, pinnipedClient,
secretInformer, secretInformer,
opInformer, federationDomainInformer,
controllerlib.WithInformer, controllerlib.WithInformer,
), ),
singletonWorker, singletonWorker,
@ -236,7 +236,7 @@ func startControllers(
dynamicUpstreamIDPProvider, dynamicUpstreamIDPProvider,
pinnipedClient, pinnipedClient,
pinnipedInformers.IDP().V1alpha1().OIDCIdentityProviders(), pinnipedInformers.IDP().V1alpha1().OIDCIdentityProviders(),
kubeInformers.Core().V1().Secrets(), secretInformer,
klogr.New()), klogr.New()),
singletonWorker) singletonWorker)

View File

@ -15,7 +15,7 @@ import (
) )
const ( const (
opKind = "FederationDomain" federationDomainKind = "FederationDomain"
) )
func generateSymmetricKey() ([]byte, error) { func generateSymmetricKey() ([]byte, error) {
@ -100,5 +100,5 @@ func isFederationDomainControllee(obj metav1.Object) bool {
controller := metav1.GetControllerOf(obj) controller := metav1.GetControllerOf(obj)
return controller != nil && return controller != nil &&
controller.APIVersion == configv1alpha1.SchemeGroupVersion.String() && controller.APIVersion == configv1alpha1.SchemeGroupVersion.String() &&
controller.Kind == opKind controller.Kind == federationDomainKind
} }

View File

@ -126,26 +126,26 @@ func (s *symmetricSecretHelper) IsValid(parent *configv1alpha1.FederationDomain,
// ObserveActiveSecretAndUpdateParentFederationDomain implements SecretHelper.ObserveActiveSecretAndUpdateParentFederationDomain(). // ObserveActiveSecretAndUpdateParentFederationDomain implements SecretHelper.ObserveActiveSecretAndUpdateParentFederationDomain().
func (s *symmetricSecretHelper) ObserveActiveSecretAndUpdateParentFederationDomain( func (s *symmetricSecretHelper) ObserveActiveSecretAndUpdateParentFederationDomain(
op *configv1alpha1.FederationDomain, federationDomain *configv1alpha1.FederationDomain,
secret *corev1.Secret, secret *corev1.Secret,
) *configv1alpha1.FederationDomain { ) *configv1alpha1.FederationDomain {
var cacheKey string var cacheKey string
if op != nil { if federationDomain != nil {
cacheKey = op.Spec.Issuer cacheKey = federationDomain.Spec.Issuer
} }
s.updateCacheFunc(cacheKey, secret.Data[symmetricSecretDataKey]) s.updateCacheFunc(cacheKey, secret.Data[symmetricSecretDataKey])
switch s.secretUsage { switch s.secretUsage {
case SecretUsageTokenSigningKey: case SecretUsageTokenSigningKey:
op.Status.Secrets.TokenSigningKey.Name = secret.Name federationDomain.Status.Secrets.TokenSigningKey.Name = secret.Name
case SecretUsageStateSigningKey: case SecretUsageStateSigningKey:
op.Status.Secrets.StateSigningKey.Name = secret.Name federationDomain.Status.Secrets.StateSigningKey.Name = secret.Name
case SecretUsageStateEncryptionKey: case SecretUsageStateEncryptionKey:
op.Status.Secrets.StateEncryptionKey.Name = secret.Name federationDomain.Status.Secrets.StateEncryptionKey.Name = secret.Name
default: default:
plog.Warning("unknown secret usage enum value: %d", s.secretUsage) plog.Warning("unknown secret usage enum value: %d", s.secretUsage)
} }
return op return federationDomain
} }

View File

@ -28,22 +28,22 @@ func TestSymmetricSecretHelper(t *testing.T) {
{ {
name: "token signing key", name: "token signing key",
secretUsage: SecretUsageTokenSigningKey, secretUsage: SecretUsageTokenSigningKey,
wantSetFederationDomainField: func(op *configv1alpha1.FederationDomain) string { wantSetFederationDomainField: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.TokenSigningKey.Name return federationDomain.Status.Secrets.TokenSigningKey.Name
}, },
}, },
{ {
name: "state signing key", name: "state signing key",
secretUsage: SecretUsageStateSigningKey, secretUsage: SecretUsageStateSigningKey,
wantSetFederationDomainField: func(op *configv1alpha1.FederationDomain) string { wantSetFederationDomainField: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.StateSigningKey.Name return federationDomain.Status.Secrets.StateSigningKey.Name
}, },
}, },
{ {
name: "state encryption key", name: "state encryption key",
secretUsage: SecretUsageStateEncryptionKey, secretUsage: SecretUsageStateEncryptionKey,
wantSetFederationDomainField: func(op *configv1alpha1.FederationDomain) string { wantSetFederationDomainField: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.StateEncryptionKey.Name return federationDomain.Status.Secrets.StateEncryptionKey.Name
}, },
}, },
} }
@ -145,8 +145,8 @@ func TestSymmetricSecretHelperIsValid(t *testing.T) {
}, },
{ {
name: "child not owned by parent", name: "child not owned by parent",
parent: func(op *configv1alpha1.FederationDomain) { parent: func(federationDomain *configv1alpha1.FederationDomain) {
op.UID = "wrong" federationDomain.UID = "wrong"
}, },
want: false, want: false,
}, },

View File

@ -97,12 +97,12 @@ func (c *lruValidatorCache) cacheKey(spec *v1alpha1.OIDCIdentityProviderSpec) in
} }
type controller struct { type controller struct {
cache IDPCache cache IDPCache
log logr.Logger log logr.Logger
client pinnipedclientset.Interface client pinnipedclientset.Interface
providers idpinformers.OIDCIdentityProviderInformer oidcIdentityProviderInformer idpinformers.OIDCIdentityProviderInformer
secrets corev1informers.SecretInformer secretInformer corev1informers.SecretInformer
validatorCache interface { validatorCache interface {
getProvider(*v1alpha1.OIDCIdentityProviderSpec) (*oidc.Provider, *http.Client) getProvider(*v1alpha1.OIDCIdentityProviderSpec) (*oidc.Provider, *http.Client)
putProvider(*v1alpha1.OIDCIdentityProviderSpec, *oidc.Provider, *http.Client) putProvider(*v1alpha1.OIDCIdentityProviderSpec, *oidc.Provider, *http.Client)
} }
@ -112,29 +112,29 @@ type controller struct {
func New( func New(
idpCache IDPCache, idpCache IDPCache,
client pinnipedclientset.Interface, client pinnipedclientset.Interface,
providers idpinformers.OIDCIdentityProviderInformer, oidcIdentityProviderInformer idpinformers.OIDCIdentityProviderInformer,
secrets corev1informers.SecretInformer, secretInformer corev1informers.SecretInformer,
log logr.Logger, log logr.Logger,
) controllerlib.Controller { ) controllerlib.Controller {
c := controller{ c := controller{
cache: idpCache, cache: idpCache,
log: log.WithName(controllerName), log: log.WithName(controllerName),
client: client, client: client,
providers: providers, oidcIdentityProviderInformer: oidcIdentityProviderInformer,
secrets: secrets, secretInformer: secretInformer,
validatorCache: &lruValidatorCache{cache: cache.NewExpiring()}, validatorCache: &lruValidatorCache{cache: cache.NewExpiring()},
} }
filter := pinnipedcontroller.MatchAnythingFilter(pinnipedcontroller.SingletonQueue()) filter := pinnipedcontroller.MatchAnythingFilter(pinnipedcontroller.SingletonQueue())
return controllerlib.New( return controllerlib.New(
controllerlib.Config{Name: controllerName, Syncer: &c}, controllerlib.Config{Name: controllerName, Syncer: &c},
controllerlib.WithInformer(providers, filter, controllerlib.InformerOption{}), controllerlib.WithInformer(oidcIdentityProviderInformer, filter, controllerlib.InformerOption{}),
controllerlib.WithInformer(secrets, filter, controllerlib.InformerOption{}), controllerlib.WithInformer(secretInformer, filter, controllerlib.InformerOption{}),
) )
} }
// Sync implements controllerlib.Syncer. // Sync implements controllerlib.Syncer.
func (c *controller) Sync(ctx controllerlib.Context) error { func (c *controller) Sync(ctx controllerlib.Context) error {
actualUpstreams, err := c.providers.Lister().List(labels.Everything()) actualUpstreams, err := c.oidcIdentityProviderInformer.Lister().List(labels.Everything())
if err != nil { if err != nil {
return fmt.Errorf("failed to list OIDCIdentityProviders: %w", err) return fmt.Errorf("failed to list OIDCIdentityProviders: %w", err)
} }
@ -196,7 +196,7 @@ func (c *controller) validateSecret(upstream *v1alpha1.OIDCIdentityProvider, res
secretName := upstream.Spec.Client.SecretName secretName := upstream.Spec.Client.SecretName
// Fetch the Secret from informer cache. // Fetch the Secret from informer cache.
secret, err := c.secrets.Lister().Secrets(upstream.Namespace).Get(secretName) secret, err := c.secretInformer.Lister().Secrets(upstream.Namespace).Get(secretName)
if err != nil { if err != nil {
return &v1alpha1.Condition{ return &v1alpha1.Condition{
Type: typeClientCredsValid, Type: typeClientCredsValid,

View File

@ -27,46 +27,46 @@ func TestSupervisorSecrets(t *testing.T) {
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute) ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel() defer cancel()
// Create our OP under test. // Create our FederationDomain under test.
op := library.CreateTestFederationDomain(ctx, t, "", "", "") federationDomain := library.CreateTestFederationDomain(ctx, t, "", "", "")
tests := []struct { tests := []struct {
name string name string
secretName func(op *configv1alpha1.FederationDomain) string secretName func(federationDomain *configv1alpha1.FederationDomain) string
ensureValid func(t *testing.T, secret *corev1.Secret) ensureValid func(t *testing.T, secret *corev1.Secret)
}{ }{
{ {
name: "csrf cookie signing key", name: "csrf cookie signing key",
secretName: func(op *configv1alpha1.FederationDomain) string { secretName: func(federationDomain *configv1alpha1.FederationDomain) string {
return env.SupervisorAppName + "-key" return env.SupervisorAppName + "-key"
}, },
ensureValid: ensureValidSymmetricKey, ensureValid: ensureValidSymmetricKey,
}, },
{ {
name: "jwks", name: "jwks",
secretName: func(op *configv1alpha1.FederationDomain) string { secretName: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.JWKS.Name return federationDomain.Status.Secrets.JWKS.Name
}, },
ensureValid: ensureValidJWKS, ensureValid: ensureValidJWKS,
}, },
{ {
name: "hmac signing secret", name: "hmac signing secret",
secretName: func(op *configv1alpha1.FederationDomain) string { secretName: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.TokenSigningKey.Name return federationDomain.Status.Secrets.TokenSigningKey.Name
}, },
ensureValid: ensureValidSymmetricKey, ensureValid: ensureValidSymmetricKey,
}, },
{ {
name: "state signature secret", name: "state signature secret",
secretName: func(op *configv1alpha1.FederationDomain) string { secretName: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.StateSigningKey.Name return federationDomain.Status.Secrets.StateSigningKey.Name
}, },
ensureValid: ensureValidSymmetricKey, ensureValid: ensureValidSymmetricKey,
}, },
{ {
name: "state encryption secret", name: "state encryption secret",
secretName: func(op *configv1alpha1.FederationDomain) string { secretName: func(federationDomain *configv1alpha1.FederationDomain) string {
return op.Status.Secrets.StateEncryptionKey.Name return federationDomain.Status.Secrets.StateEncryptionKey.Name
}, },
ensureValid: ensureValidSymmetricKey, ensureValid: ensureValidSymmetricKey,
}, },
@ -74,24 +74,24 @@ func TestSupervisorSecrets(t *testing.T) {
for _, test := range tests { for _, test := range tests {
test := test test := test
t.Run(test.name, func(t *testing.T) { t.Run(test.name, func(t *testing.T) {
// Ensure a secret is created with the OP's JWKS. // Ensure a secret is created with the FederationDomain's JWKS.
var updatedOP *configv1alpha1.FederationDomain var updatedFederationDomain *configv1alpha1.FederationDomain
var err error var err error
assert.Eventually(t, func() bool { assert.Eventually(t, func() bool {
updatedOP, err = supervisorClient. updatedFederationDomain, err = supervisorClient.
ConfigV1alpha1(). ConfigV1alpha1().
FederationDomains(env.SupervisorNamespace). FederationDomains(env.SupervisorNamespace).
Get(ctx, op.Name, metav1.GetOptions{}) Get(ctx, federationDomain.Name, metav1.GetOptions{})
return err == nil && test.secretName(updatedOP) != "" return err == nil && test.secretName(updatedFederationDomain) != ""
}, time.Second*10, time.Millisecond*500) }, time.Second*10, time.Millisecond*500)
require.NoError(t, err) require.NoError(t, err)
require.NotEmpty(t, test.secretName(updatedOP)) require.NotEmpty(t, test.secretName(updatedFederationDomain))
// Ensure the secret actually exists. // Ensure the secret actually exists.
secret, err := kubeClient. secret, err := kubeClient.
CoreV1(). CoreV1().
Secrets(env.SupervisorNamespace). Secrets(env.SupervisorNamespace).
Get(ctx, test.secretName(updatedOP), metav1.GetOptions{}) Get(ctx, test.secretName(updatedFederationDomain), metav1.GetOptions{})
require.NoError(t, err) require.NoError(t, err)
// Ensure that the secret was labelled. // Ensure that the secret was labelled.
@ -107,13 +107,13 @@ func TestSupervisorSecrets(t *testing.T) {
err = kubeClient. err = kubeClient.
CoreV1(). CoreV1().
Secrets(env.SupervisorNamespace). Secrets(env.SupervisorNamespace).
Delete(ctx, test.secretName(updatedOP), metav1.DeleteOptions{}) Delete(ctx, test.secretName(updatedFederationDomain), metav1.DeleteOptions{})
require.NoError(t, err) require.NoError(t, err)
assert.Eventually(t, func() bool { assert.Eventually(t, func() bool {
secret, err = kubeClient. secret, err = kubeClient.
CoreV1(). CoreV1().
Secrets(env.SupervisorNamespace). Secrets(env.SupervisorNamespace).
Get(ctx, test.secretName(updatedOP), metav1.GetOptions{}) Get(ctx, test.secretName(updatedFederationDomain), metav1.GetOptions{})
return err == nil return err == nil
}, time.Second*10, time.Millisecond*500) }, time.Second*10, time.Millisecond*500)
require.NoError(t, err) require.NoError(t, err)
@ -123,7 +123,7 @@ func TestSupervisorSecrets(t *testing.T) {
}) })
} }
// Upon deleting the OP, the secret is deleted (we test this behavior in our uninstall tests). // Upon deleting the FederationDomain, the secret is deleted (we test this behavior in our uninstall tests).
} }
func ensureValidJWKS(t *testing.T, secret *corev1.Secret) { func ensureValidJWKS(t *testing.T, secret *corev1.Secret) {