Skip to content

Commit

Permalink
revert changes to the system account
Browse files Browse the repository at this point in the history
  • Loading branch information
@leon-inf
leon-inf committed Jan 26, 2025
1 parent e0a32ba commit b463613
Show file tree
Hide file tree
Showing 12 changed files with 126 additions and 112 deletions.
16 changes: 12 additions & 4 deletions apis/apps/v1/types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -374,7 +374,7 @@ type ComponentSystemAccount struct {
// This field is immutable once set.
//
// +optional
SecretRef *SystemAccountSecretReference `json:"secretRef,omitempty"`
SecretRef *ProvisionSecretRef `json:"secretRef,omitempty"`
}

// PasswordConfig helps provide to customize complexity of password generation pattern.
Expand Down Expand Up @@ -433,9 +433,17 @@ const (
MixedCases LetterCase = "MixedCases"
)

// SystemAccountSecretReference represents the reference to a secret.
type SystemAccountSecretReference struct {
corev1.SecretReference `json:",inline"`
// ProvisionSecretRef represents the reference to a secret.
type ProvisionSecretRef struct {
// The unique identifier of the secret.
//
// +kubebuilder:validation:Required
Name string `json:"name"`

// The namespace where the secret is located.
//
// +kubebuilder:validation:Required
Namespace string `json:"namespace"`

// The key in the secret data that contains the password.
//
Expand Down
33 changes: 16 additions & 17 deletions apis/apps/v1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 11 additions & 10 deletions config/crd/bases/apps.kubeblocks.io_clusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5391,20 +5391,20 @@ spec:
This field is immutable once set.
properties:
name:
description: name is unique within a namespace to
reference a secret resource.
description: The unique identifier of the secret.
type: string
namespace:
description: namespace defines the space within which
the secret name must be unique.
description: The namespace where the secret is located.
type: string
password:
default: password
description: The key in the secret data that contains
the password.
type: string
required:
- name
- namespace
type: object
x-kubernetes-map-type: atomic
required:
- name
type: object
Expand Down Expand Up @@ -14155,20 +14155,21 @@ spec:
This field is immutable once set.
properties:
name:
description: name is unique within a namespace
to reference a secret resource.
description: The unique identifier of the secret.
type: string
namespace:
description: namespace defines the space within
which the secret name must be unique.
description: The namespace where the secret is
located.
type: string
password:
default: password
description: The key in the secret data that contains
the password.
type: string
required:
- name
- namespace
type: object
x-kubernetes-map-type: atomic
required:
- name
type: object
Expand Down
10 changes: 5 additions & 5 deletions config/crd/bases/apps.kubeblocks.io_components.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5570,20 +5570,20 @@ spec:
This field is immutable once set.
properties:
name:
description: name is unique within a namespace to reference
a secret resource.
description: The unique identifier of the secret.
type: string
namespace:
description: namespace defines the space within which the
secret name must be unique.
description: The namespace where the secret is located.
type: string
password:
default: password
description: The key in the secret data that contains the
password.
type: string
required:
- name
- namespace
type: object
x-kubernetes-map-type: atomic
required:
- name
type: object
Expand Down
8 changes: 3 additions & 5 deletions controllers/apps/cluster/transformer_cluster_sharding_account.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -203,11 +203,9 @@ func (t *clusterShardingAccountTransformer) rewriteSystemAccount(transCtx *clust
)
newAccount := appsv1.ComponentSystemAccount{
Name: accountName,
SecretRef: &appsv1.SystemAccountSecretReference{
SecretReference: corev1.SecretReference{
Namespace: cluster.Namespace,
Name: shardingAccountSecretName(cluster.Name, sharding.Name, accountName),
},
SecretRef: &appsv1.ProvisionSecretRef{
Namespace: cluster.Namespace,
Name: shardingAccountSecretName(cluster.Name, sharding.Name, accountName),
},
}
for i, account := range sharding.Template.SystemAccounts {
Expand Down
12 changes: 6 additions & 6 deletions controllers/apps/component/component_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1339,9 +1339,9 @@ var _ = Describe("Component Controller", func() {
constant.AccountPasswdForSecret: "sysaccount",
},
}
secretRef := func() *kbappsv1.SystemAccountSecretReference {
secretRef := func() *kbappsv1.ProvisionSecretRef {
Expect(testCtx.CreateObj(testCtx.Ctx, &secret)).Should(Succeed())
return &kbappsv1.SystemAccountSecretReference{
return &kbappsv1.ProvisionSecretRef{
SecretReference: corev1.SecretReference{

Check failure on line 1345 in controllers/apps/component/component_controller_test.go

View workflow job for this annotation

GitHub Actions / push-pre-check (lint) 

unknown field SecretReference in struct literal of type "github.com/apecloud/kubeblocks/apis/apps/v1".ProvisionSecretRef
Namespace: testCtx.DefaultNamespace,
Name: secret.Name,
Expand Down Expand Up @@ -1412,9 +1412,9 @@ var _ = Describe("Component Controller", func() {
constant.AccountPasswdForSecret: "sysaccount-override",
},
}
secretRef := func() *kbappsv1.SystemAccountSecretReference {
secretRef := func() *kbappsv1.ProvisionSecretRef {
Expect(testCtx.CreateObj(testCtx.Ctx, &secret)).Should(Succeed())
return &kbappsv1.SystemAccountSecretReference{
return &kbappsv1.ProvisionSecretRef{
SecretReference: corev1.SecretReference{

Check failure on line 1418 in controllers/apps/component/component_controller_test.go

View workflow job for this annotation

GitHub Actions / push-pre-check (lint) 

unknown field SecretReference in struct literal of type "github.com/apecloud/kubeblocks/apis/apps/v1".ProvisionSecretRef
Namespace: testCtx.DefaultNamespace,
Name: secret.Name,
Expand Down Expand Up @@ -1528,9 +1528,9 @@ var _ = Describe("Component Controller", func() {
"sysaccount-update": "sysaccount-update",
},
}
secretRef := func() *kbappsv1.SystemAccountSecretReference {
secretRef := func() *kbappsv1.ProvisionSecretRef {
Expect(testCtx.CreateObj(testCtx.Ctx, &secret)).Should(Succeed())
return &kbappsv1.SystemAccountSecretReference{
return &kbappsv1.ProvisionSecretRef{
SecretReference: corev1.SecretReference{

Check failure on line 1534 in controllers/apps/component/component_controller_test.go

View workflow job for this annotation

GitHub Actions / push-pre-check (lint) 

unknown field SecretReference in struct literal of type "github.com/apecloud/kubeblocks/apis/apps/v1".ProvisionSecretRef (typecheck)
Namespace: testCtx.DefaultNamespace,
Name: secret.Name,
Expand Down
2 changes: 1 addition & 1 deletion controllers/apps/component/transformer_component_account.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -292,7 +292,7 @@ func verifySystemAccountPassword(secret *corev1.Secret, hashedPassword []byte) b
type synthesizedSystemAccount struct {
appsv1.SystemAccount
disabled *bool
secretRef *appsv1.SystemAccountSecretReference
secretRef *appsv1.ProvisionSecretRef
}

func synthesizeSystemAccounts(compDefAccounts []appsv1.SystemAccount,
Expand Down
21 changes: 11 additions & 10 deletions deploy/helm/crds/apps.kubeblocks.io_clusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5391,20 +5391,20 @@ spec:
This field is immutable once set.
properties:
name:
description: name is unique within a namespace to
reference a secret resource.
description: The unique identifier of the secret.
type: string
namespace:
description: namespace defines the space within which
the secret name must be unique.
description: The namespace where the secret is located.
type: string
password:
default: password
description: The key in the secret data that contains
the password.
type: string
required:
- name
- namespace
type: object
x-kubernetes-map-type: atomic
required:
- name
type: object
Expand Down Expand Up @@ -14155,20 +14155,21 @@ spec:
This field is immutable once set.
properties:
name:
description: name is unique within a namespace
to reference a secret resource.
description: The unique identifier of the secret.
type: string
namespace:
description: namespace defines the space within
which the secret name must be unique.
description: The namespace where the secret is
located.
type: string
password:
default: password
description: The key in the secret data that contains
the password.
type: string
required:
- name
- namespace
type: object
x-kubernetes-map-type: atomic
required:
- name
type: object
Expand Down
10 changes: 5 additions & 5 deletions deploy/helm/crds/apps.kubeblocks.io_components.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5570,20 +5570,20 @@ spec:
This field is immutable once set.
properties:
name:
description: name is unique within a namespace to reference
a secret resource.
description: The unique identifier of the secret.
type: string
namespace:
description: namespace defines the space within which the
secret name must be unique.
description: The namespace where the secret is located.
type: string
password:
default: password
description: The key in the secret data that contains the
password.
type: string
required:
- name
- namespace
type: object
x-kubernetes-map-type: atomic
required:
- name
type: object
Expand Down
Loading

0 comments on commit b463613

Please sign in to comment.