Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
k8s-ingress
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
3
Merge Requests
3
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
uplex-varnish
k8s-ingress
Commits
15842c1e
Commit
15842c1e
authored
Jun 05, 2020
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Bugfix: don't requeue if a PEM Secret is not found on delete Secret.
parent
6cc6c1a1
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
112 additions
and
0 deletions
+112
-0
secret.go
pkg/controller/secret.go
+6
-0
secret_test.go
pkg/controller/secret_test.go
+106
-0
No files found.
pkg/controller/secret.go
View file @
15842c1e
...
...
@@ -184,6 +184,12 @@ func (worker *NamespaceWorker) isVikingIngressTLSSecret(
func
(
worker
*
NamespaceWorker
)
deleteTLSSecret
(
secret
*
api_v1
.
Secret
)
error
{
certSecret
,
err
:=
worker
.
vsecr
.
Get
(
certSecretName
)
if
err
!=
nil
{
if
errors
.
IsNotFound
(
err
)
{
// XXX classify as fatal when we refactor error handling
worker
.
log
.
Errorf
(
"PEM Secret %s/%s not found, not "
+
"requeuing"
,
worker
.
namespace
,
certSecretName
)
return
nil
}
return
err
}
...
...
pkg/controller/secret_test.go
View file @
15842c1e
...
...
@@ -38,10 +38,14 @@ import (
metav1
"k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/informers"
"k8s.io/client-go/kubernetes/fake"
core_v1_listers
"k8s.io/client-go/listers/core/v1"
ext_listers
"k8s.io/client-go/listers/extensions/v1beta1"
"k8s.io/client-go/tools/cache"
"github.com/sirupsen/logrus"
logtest
"github.com/sirupsen/logrus/hooks/test"
"code.uplex.de/uplex-varnish/k8s-ingress/pkg/haproxy"
)
func
setupIngLister
(
...
...
@@ -249,3 +253,105 @@ func TestNoIngsForTLSSecret(t *testing.T) {
t
.
Error
(
"isVikingIngressTLSSecret(): wanted false, got true"
)
}
}
func
setupSecrLister
(
ctx
context
.
Context
,
client
*
fake
.
Clientset
,
ns
string
,
)
core_v1_listers
.
SecretNamespaceLister
{
infFactory
:=
informers
.
NewSharedInformerFactory
(
client
,
0
)
secrInformer
:=
infFactory
.
Core
()
.
V1
()
.
Secrets
()
.
Informer
()
secrLister
:=
infFactory
.
Core
()
.
V1
()
.
Secrets
()
.
Lister
()
secrNsLister
:=
secrLister
.
Secrets
(
ns
)
infFactory
.
Start
(
ctx
.
Done
())
cache
.
WaitForCacheSync
(
ctx
.
Done
(),
secrInformer
.
HasSynced
)
return
secrNsLister
}
func
TestDeletePEMSecret
(
t
*
testing
.
T
)
{
ns
:=
"test-ns"
ingTLSSecret
:=
&
api_v1
.
Secret
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Namespace
:
ns
,
Name
:
"viking-ingress-tls-secret"
,
},
}
spec
:=
haproxy
.
SecretSpec
{
Namespace
:
ingTLSSecret
.
ObjectMeta
.
Namespace
,
Name
:
ingTLSSecret
.
ObjectMeta
.
Name
,
}
pemName
:=
spec
.
CertName
()
client
:=
fake
.
NewSimpleClientset
(
&
api_v1
.
Secret
{
ObjectMeta
:
metav1
.
ObjectMeta
{
Namespace
:
ns
,
Name
:
certSecretName
,
},
Data
:
map
[
string
][]
byte
{
pemName
:
[]
byte
(
"pem-data"
),
},
},
)
ctx
,
cancel
:=
context
.
WithCancel
(
context
.
Background
())
defer
cancel
()
secrNsLister
:=
setupSecrLister
(
ctx
,
client
,
ns
)
worker
:=
&
NamespaceWorker
{
client
:
client
,
log
:
&
logrus
.
Logger
{
Out
:
ioutil
.
Discard
},
vsecr
:
secrNsLister
,
}
err
:=
worker
.
deleteTLSSecret
(
ingTLSSecret
)
if
err
!=
nil
{
t
.
Fatal
(
"deleteTLSSecret(): "
,
err
)
}
updSecret
,
err
:=
worker
.
vsecr
.
Get
(
certSecretName
)
if
err
!=
nil
{
t
.
Fatalf
(
"Get(%s) after deleteTLSSecret(): %+v"
,
certSecretName
,
err
)
}
if
val
,
ok
:=
updSecret
.
Data
[
pemName
];
ok
{
t
.
Errorf
(
"Secret %s/%s field %s after deleteTLSSecret(), "
+
"expected no value, got: %s"
,
ns
,
certSecretName
,
pemName
,
val
)
}
}
func
TestDeleteNoPEMSecret
(
t
*
testing
.
T
)
{
ns
:=
"test-ns"
ingTLSSecret
:=
&
api_v1
.
Secret
{}
client
:=
fake
.
NewSimpleClientset
()
ctx
,
cancel
:=
context
.
WithCancel
(
context
.
Background
())
defer
cancel
()
secrNsLister
:=
setupSecrLister
(
ctx
,
client
,
ns
)
logger
,
hook
:=
logtest
.
NewNullLogger
()
worker
:=
&
NamespaceWorker
{
client
:
client
,
namespace
:
ns
,
log
:
logger
,
vsecr
:
secrNsLister
,
}
worker
.
log
.
Level
=
logrus
.
TraceLevel
err
:=
worker
.
deleteTLSSecret
(
ingTLSSecret
)
if
err
!=
nil
{
t
.
Fatal
(
"deleteTLSSecret(): "
,
err
)
}
logEntry
:=
hook
.
LastEntry
()
if
logEntry
==
nil
{
t
.
Fatal
(
"deleteTLSSecret(): no log entry"
)
}
if
logEntry
.
Level
!=
logrus
.
ErrorLevel
{
t
.
Errorf
(
"deleteTLSSecret() log level wanted Error got %s"
,
logEntry
.
Level
)
}
msg
:=
"PEM Secret "
+
ns
+
"/"
+
certSecretName
+
" not found, not requeuing"
if
logEntry
.
Message
!=
msg
{
t
.
Errorf
(
"deleteTLSSecret() log entry wanted [%s] got [%s]"
,
msg
,
logEntry
.
Message
)
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment