From 2e231e7557703ee7e4f59040bf6719df22b53781 Mon Sep 17 00:00:00 2001 From: sakshisharma84 Date: Fri, 12 Jul 2024 17:46:09 -0400 Subject: [PATCH] [BOP-912] manage only resources(certs,issuers) that are created by BOP (#79) * manage only resources(certs,issuers) that are created by BOP * fix e2e tests --- controllers/blueprint_controller.go | 9 ++++++++ controllers/objects.go | 10 +++++++++ test/e2e/common.go | 2 ++ test/e2e/install_certs_test.go | 32 +++++++++++++++++++++++++---- 4 files changed, 49 insertions(+), 4 deletions(-) diff --git a/controllers/blueprint_controller.go b/controllers/blueprint_controller.go index 7e6e3d9a..5be4ff76 100644 --- a/controllers/blueprint_controller.go +++ b/controllers/blueprint_controller.go @@ -235,6 +235,9 @@ func issuerObject(issuer boundlessv1alpha1.Issuer) client.Object { ObjectMeta: metav1.ObjectMeta{ Name: issuer.Name, Namespace: issuer.Namespace, + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, }, Spec: issuer.Spec, } @@ -248,6 +251,9 @@ func clusterIssuerObject(issuer boundlessv1alpha1.ClusterIssuer) client.Object { }, ObjectMeta: metav1.ObjectMeta{ Name: issuer.Name, + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, }, Spec: issuer.Spec, } @@ -262,6 +268,9 @@ func certificateObject(certificate boundlessv1alpha1.Certificate) client.Object ObjectMeta: metav1.ObjectMeta{ Name: certificate.Name, Namespace: certificate.Namespace, + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, }, Spec: certificate.Spec, } diff --git a/controllers/objects.go b/controllers/objects.go index b807a0df..b6217e47 100644 --- a/controllers/objects.go +++ b/controllers/objects.go @@ -45,6 +45,16 @@ func listInstalledObjects(ctx context.Context, logger logr.Logger, apiClient cli func deleteObjects(ctx context.Context, logger logr.Logger, apiClient client.Client, objectsToUninstall map[string]client.Object) error { for _, o := range objectsToUninstall { + // Only delete the resources(cert/issuer) that are managed by BOP. + // This check can be removed once we add the label in all + // the objects created by BOP (https://mirantis.jira.com/browse/BOP-919). + if o.GetObjectKind().GroupVersionKind().Kind == "Certificate" || o.GetObjectKind().GroupVersionKind().Kind == "Issuer" { + if o.GetLabels()["app.kubernetes.io/managed-by"] != "blueprint-operator" { + logger.Info("Skipping deletion of ", "Kind", o.GetObjectKind().GroupVersionKind().Kind) + continue + } + } + logger.Info("Removing object", "Name", o.GetName(), "Namespace", o.GetNamespace()) if err := apiClient.Delete(ctx, o, client.PropagationPolicy(metav1.DeletePropagationBackground)); client.IgnoreNotFound(err) != nil { logger.Error(err, "Failed to remove object", "Name", o.GetName()) diff --git a/test/e2e/common.go b/test/e2e/common.go index 121f89e1..db70e61e 100644 --- a/test/e2e/common.go +++ b/test/e2e/common.go @@ -40,6 +40,7 @@ func newIssuer(i metav1.ObjectMeta) *certmanager.Issuer { ObjectMeta: metav1.ObjectMeta{ Name: i.Name, Namespace: i.Namespace, + Labels: i.Labels, }, } } @@ -65,6 +66,7 @@ func newCertificate(cert metav1.ObjectMeta) *certmanager.Certificate { ObjectMeta: metav1.ObjectMeta{ Name: cert.Name, Namespace: cert.Namespace, + Labels: cert.Labels, }, } } diff --git a/test/e2e/install_certs_test.go b/test/e2e/install_certs_test.go index ae90fb55..cdb757b0 100644 --- a/test/e2e/install_certs_test.go +++ b/test/e2e/install_certs_test.go @@ -20,12 +20,30 @@ import ( func TestInstallCerts(t *testing.T) { dir := filepath.Join(curDir, "manifests", "certs") - i1 := newIssuer(metav1.ObjectMeta{Name: "test-issuer-1", Namespace: "test-issuer-ns-1"}) - i2 := newIssuer(metav1.ObjectMeta{Name: "test-issuer-2", Namespace: "test-issuer-ns-1"}) + i1 := newIssuer(metav1.ObjectMeta{ + Name: "test-issuer-1", + Namespace: "test-issuer-ns-1", + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, + }) + i2 := newIssuer(metav1.ObjectMeta{ + Name: "test-issuer-2", + Namespace: "test-issuer-ns-1", + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, + }) ci1 := newClusterIssuer(metav1.ObjectMeta{Name: "test-cluster-issuer-1"}) - cert1 := newCertificate(metav1.ObjectMeta{Name: "test-cert-1", Namespace: "test-issuer-ns-1"}) + cert1 := newCertificate(metav1.ObjectMeta{ + Name: "test-cert-1", + Namespace: "test-issuer-ns-1", + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, + }) cert1Specs := certmanager.CertificateSpec{ CommonName: "test-cert-1", IsCA: true, @@ -35,7 +53,13 @@ func TestInstallCerts(t *testing.T) { Kind: "Issuer", }, } - cert2 := newCertificate(metav1.ObjectMeta{Name: "test-cert-2", Namespace: "test-cert-ns-1"}) + cert2 := newCertificate(metav1.ObjectMeta{ + Name: "test-cert-2", + Namespace: "test-cert-ns-1", + Labels: map[string]string{ + "app.kubernetes.io/managed-by": "blueprint-operator", + }, + }) cert2Specs := certmanager.CertificateSpec{ CommonName: "test-cert-2", IsCA: false,