Merge pull request #1059 from Victoremepunto/redis-redhat

feat: use Red Hat UBI Redis image
RedHatInsights · Oct 4, 2024 · 4f29dc9 · 4f29dc9
2 parents 6c93a05 + 623f660
commit 4f29dc9
Show file tree

Hide file tree

Showing 14 changed files with 51 additions and 103 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -34,6 +34,15 @@ pipeline {
     }
 
     stages {
+
+        stage('Build and Push Base Image') {
+            steps {
+                withVault([configuration: configuration, vaultSecrets: secrets]) {
+                    sh './ci/build_push_base_img.sh'
+                }
+            }
+        }
+
         stage('Did you run pre-push?') {
             environment {
                 TEST_CONTAINER="clowder-ci-prepush-test-${IMAGE_TAG}-${CURR_TIME}"
@@ -46,20 +55,12 @@ pipeline {
                         docker run -i $TEST_CONTAINER \
                             ./githooks/prepush.sh
                     '''
-                    }
                 }
-
+            }
+
             post {
                 always {
                     sh 'docker rm -f $TEST_CONTAINER'
-                    }
-                }
-            }
-
-        stage('Build and Push Base Image') {
-            steps {
-                withVault([configuration: configuration, vaultSecrets: secrets]) {
-                    sh './ci/build_push_base_img.sh'
                 }
             }
         }

diff --git a/apis/cloud.redhat.com/v1alpha1/clowdapp_webhook.go b/apis/cloud.redhat.com/v1alpha1/clowdapp_webhook.go
@@ -21,12 +21,11 @@ import (
 
 	apps "k8s.io/api/apps/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	runtime "k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
@@ -42,8 +41,6 @@ func (r *ClowdApp) SetupWebhookWithManager(mgr ctrl.Manager) error {
 //+kubebuilder:webhook:path=/validate-cloud-redhat-com-v1alpha1-clowdapp,mutating=false,failurePolicy=fail,sideEffects=None,groups=cloud.redhat.com,resources=clowdapps,verbs=create;update,versions=v1alpha1,name=vclowdapp.kb.io,admissionReviewVersions={v1}
 //+kubebuilder:webhook:path=/mutate-pod,mutating=true,failurePolicy=ignore,sideEffects=None,groups="",resources=pods,verbs=create;update,versions=v1,name=vclowdmutatepod.kb.io,admissionReviewVersions={v1}
 
-var _ webhook.Validator = &ClowdApp{}
-
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
 func (r *ClowdApp) ValidateCreate() (admission.Warnings, error) {
 	clowdapplog.Info("validate create", "name", r.Name)

diff --git a/apis/cloud.redhat.com/v1alpha1/webhook_suite_test.go b/apis/cloud.redhat.com/v1alpha1/webhook_suite_test.go
@@ -25,7 +25,7 @@ import (
 	"testing"
 	"time"
 
-	ginkgo "github.com/onsi/ginkgo/v2"
+	"github.com/onsi/ginkgo/v2"
 	g "github.com/onsi/gomega"
 
 	admissionv1beta1 "k8s.io/api/admission/v1beta1"
@@ -119,7 +119,10 @@ var _ = ginkgo.BeforeSuite(func() {
 		if err != nil {
 			return err
 		}
-		conn.Close()
+		err = conn.Close()
+		if err != nil {
+			return err
+		}
 		return nil
 	}).Should(g.Succeed())
 

diff --git a/controllers/cloud.redhat.com/errors/errors.go b/controllers/cloud.redhat.com/errors/errors.go
@@ -8,16 +8,11 @@ import (
 
 	"github.com/go-logr/logr"
 	"go.uber.org/zap"
-	k8serr "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/client-go/tools/record"
-	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
 // ClowdKey is a string determining the type of error.
 type ClowdKey string
 
-var stacksEnabled = true
-
 // ClowderError is a Clowder specific error, it has a number of functions attached to it to allow
 // for creation and checking.
 type ClowderError struct {
@@ -45,16 +40,12 @@ func (a *ClowderError) Is(target error) bool {
 	if !ok {
 		return false
 	}
-	return (a.Msg == b.Msg && a.Cause == b.Cause)
+	return a.Msg == b.Msg && a.Cause == b.Cause
 }
 
 // NewClowderError constructs a new ClowderError object.
 func NewClowderError(msg string) *ClowderError {
-	stackField := zap.String("stack", "")
-
-	if stacksEnabled {
-		stackField = zap.Stack("stack")
-	}
+	stackField := zap.Stack("stack")
 
 	return &ClowderError{
 		Msg:   msg,
@@ -108,18 +99,6 @@ func (e *MissingDependencies) Error() string {
 	return fmt.Sprintf("Missing dependencies: [%s]", body)
 }
 
-// RootCause takes an error an unwraps it, if it is nil, it calls RootCause on the returned err,
-// this will recursively find an error that has an unwrapped value.
-func RootCause(err error) error {
-	cause := errlib.Unwrap(err)
-
-	if cause != nil {
-		return RootCause(cause)
-	}
-
-	return err
-}
-
 // GetRootStack will recurse through an error until it finds one with a stack string set.
 func GetRootStack(err error) string {
 	var stack string
@@ -145,37 +124,3 @@ func LogError(ctx context.Context, err *ClowderError) {
 	log := *(ctx.Value(ClowdKey("log")).(*logr.Logger))
 	log.Error(err, err.Msg, "stack", GetRootStack(err))
 }
-
-// HandleError handles certain ClowdError types differently than normal errors.
-func HandleError(ctx context.Context, err error) bool {
-	log := *(ctx.Value(ClowdKey("log")).(*logr.Logger))
-	recorder := *(ctx.Value(ClowdKey("recorder")).(*record.EventRecorder))
-	obj := ctx.Value(ClowdKey("obj")).(client.Object)
-
-	if err != nil {
-		var depErr *MissingDependencies
-		var clowderError *ClowderError
-		if errlib.As(err, &depErr) {
-			msg := depErr.Error()
-			recorder.Event(obj, "Warning", "MissingDependencies", msg)
-			log.Info(msg)
-			return true
-		} else if errlib.As(err, &clowderError) {
-			msg := clowderError.Error()
-			recorder.Event(obj, "Warning", "ClowdError", msg)
-			log.Info(msg)
-			if clowderError.Requeue {
-				return true
-			}
-		}
-
-		root := RootCause(err)
-		if k8serr.IsConflict(root) {
-			log.Info("Conflict reported.  Requeuing request.")
-			return true
-		}
-
-		log.Error(err, "Reconciliation failure", "stack", GetRootStack(err))
-	}
-	return false
-}
diff --git a/controllers/cloud.redhat.com/providers/inmemorydb/provider.go b/controllers/cloud.redhat.com/providers/inmemorydb/provider.go
@@ -7,8 +7,6 @@ import (
 	"github.com/RedHatInsights/clowder/controllers/cloud.redhat.com/providers"
 )
 
-var DefaultImageInMemoryDBRedis = "quay.io/cloudservices/redis-ephemeral:6"
-
 // ProvName is the name/ident of the provider
 var ProvName = "inmemorydb"
 

diff --git a/controllers/cloud.redhat.com/providers/inmemorydb/redis.go b/controllers/cloud.redhat.com/providers/inmemorydb/redis.go
@@ -3,6 +3,8 @@ package inmemorydb
 import (
 	"fmt"
 
+	providerUtils "github.com/RedHatInsights/clowder/controllers/cloud.redhat.com/providers/utils"
+
 	crd "github.com/RedHatInsights/clowder/apis/cloud.redhat.com/v1alpha1"
 	"github.com/RedHatInsights/clowder/controllers/cloud.redhat.com/config"
 	obj "github.com/RedHatInsights/clowder/controllers/cloud.redhat.com/object"
@@ -145,7 +147,7 @@ func makeLocalRedis(o obj.ClowdObject, objMap providers.ObjectMap, _ bool, nodeP
 
 	dd.Spec.Template.Spec.Containers = []core.Container{{
 		Name:  nn.Name,
-		Image: DefaultImageInMemoryDBRedis,
+		Image: providerUtils.DefaultImageInMemoryDB,
 		Command: []string{
 			"redis-server",
 			"/usr/local/etc/redis/redis.conf",
@@ -171,7 +173,7 @@ func makeLocalRedis(o obj.ClowdObject, objMap providers.ObjectMap, _ bool, nodeP
 		Name:       "redis",
 		Port:       6379,
 		Protocol:   core.ProtocolTCP,
-		TargetPort: intstr.FromInt(int(6379)),
+		TargetPort: intstr.IntOrString{Type: intstr.Int, IntVal: 6379},
 	}}
 
 	utils.MakeService(svc, nn, labels, servicePorts, o, nodePort)

diff --git a/controllers/cloud.redhat.com/providers/sizing/sizingconfig/sizingconfig.go b/controllers/cloud.redhat.com/providers/sizing/sizingconfig/sizingconfig.go
@@ -10,8 +10,8 @@ const (
 	// We need to define default sizes because if a ClowdApp doesn't provide
 	// volume or ram/cpu capacities we just get an empty string, so we need
 	// defaults to plug in there
-	DefaultSizeVol    string = SizeXSmall
-	DefaultSizeCPURAM string = SizeXSmall
+	DefaultSizeVol    = SizeXSmall
+	DefaultSizeCPURAM = SizeXSmall
 )
 
 // Get a map of CPU T-Shirt sizes to capacities

diff --git a/controllers/cloud.redhat.com/providers/utils/utils.go b/controllers/cloud.redhat.com/providers/utils/utils.go
@@ -33,6 +33,7 @@ var DefaultImageDatabasePG13 = "quay.io/cloudservices/postgresql-rds:13-2318dee"
 var DefaultImageDatabasePG14 = "quay.io/cloudservices/postgresql-rds:14-2318dee"
 var DefaultImageDatabasePG15 = "quay.io/cloudservices/postgresql-rds:15-2318dee"
 var DefaultImageDatabasePG16 = "quay.io/cloudservices/postgresql-rds:16-4649c84"
+var DefaultImageInMemoryDB = "registry.redhat.io/rhel9/redis-6:1-199.1726663404"
 
 // MakeLocalDB populates the given deployment object with the local DB struct.
 func MakeLocalDB(dd *apps.Deployment, nn types.NamespacedName, baseResource obj.ClowdObject, extraLabels *map[string]string, cfg *config.DatabaseConfig, image string, usePVC bool, dbName string, res *core.ResourceRequirements) {
@@ -158,7 +159,7 @@ func MakeLocalDBService(s *core.Service, nn types.NamespacedName, baseResource o
 		Name:       "database",
 		Port:       5432,
 		Protocol:   "TCP",
-		TargetPort: intstr.FromInt(5432),
+		TargetPort: intstr.IntOrString{Type: intstr.Int, IntVal: 5432},
 	}}
 	labels := providers.Labels{"service": "db", "app": baseResource.GetClowdName()}
 	for k, v := range *extraLabels {

diff --git a/controllers/cloud.redhat.com/providers/web/caddy_gateway_config.go b/controllers/cloud.redhat.com/providers/web/caddy_gateway_config.go
@@ -4,11 +4,11 @@ import (
 	"encoding/json"
 
 	crccaddy "github.com/RedHatInsights/crc-caddy-plugin"
-	caddy "github.com/caddyserver/caddy/v2"
-	caddyconfig "github.com/caddyserver/caddy/v2/caddyconfig"
-	caddyhttp "github.com/caddyserver/caddy/v2/modules/caddyhttp"
+	"github.com/caddyserver/caddy/v2"
+	"github.com/caddyserver/caddy/v2/caddyconfig"
+	"github.com/caddyserver/caddy/v2/modules/caddyhttp"
 	caddyreverseproxy "github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy"
-	caddytls "github.com/caddyserver/caddy/v2/modules/caddytls"
+	"github.com/caddyserver/caddy/v2/modules/caddytls"
 )
 
 type ProxyRoute struct {
@@ -73,6 +73,9 @@ func GenerateConfig(hostname string, bopAddress string, whitelist []string, appR
 
 	sni := []string{hostname}
 
+	caPool := caddytls.FileCAPool{
+		TrustedCACertPEMFiles: []string{"/cas/ca.pem"},
+	}
 	appConfig := caddyhttp.App{
 		HTTPPort:  8888,
 		HTTPSPort: 9090,
@@ -93,9 +96,8 @@ func GenerateConfig(hostname string, bopAddress string, whitelist []string, appR
 					AnyTag: []string{"cert0"},
 				},
 				ClientAuthentication: &caddytls.ClientAuthentication{
-					Mode:                  "verify_if_given",
-					TrustedCACertPEMFiles: []string{"/cas/ca.pem"},
-				},
+					Mode:  "verify_if_given",
+					CARaw: caddyconfig.JSONModuleObject(caPool, "provider", "file", &warnings)},
 			}, {}},
 			Logs: &caddyhttp.ServerLogConfig{
 				LoggerNames: map[string]caddyhttp.StringArray{"localhost.localdomain": {""}},

diff --git a/controllers/cloud.redhat.com/providers/web/caddy_gateway_config_test.json b/controllers/cloud.redhat.com/providers/web/caddy_gateway_config_test.json
@@ -81,9 +81,12 @@
                 ]
               },
               "client_authentication": {
-                "trusted_ca_certs_pem_files": [
-                  "/cas/ca.pem"
-                ],
+                "ca": {
+                  "pem_files": [
+                    "/cas/ca.pem"
+                  ],
+                  "provider": "file"
+                },
                 "mode": "verify_if_given"
               }
             },

diff --git a/controllers/cloud.redhat.com/providers/web/caddy_reverse_proxy.go b/controllers/cloud.redhat.com/providers/web/caddy_reverse_proxy.go
@@ -6,11 +6,11 @@ import (
 
 	crd "github.com/RedHatInsights/clowder/apis/cloud.redhat.com/v1alpha1"
 
-	caddy "github.com/caddyserver/caddy/v2"
-	caddyconfig "github.com/caddyserver/caddy/v2/caddyconfig"
-	caddyhttp "github.com/caddyserver/caddy/v2/modules/caddyhttp"
+	"github.com/caddyserver/caddy/v2"
+	"github.com/caddyserver/caddy/v2/caddyconfig"
+	"github.com/caddyserver/caddy/v2/modules/caddyhttp"
 	"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy"
-	caddytls "github.com/caddyserver/caddy/v2/modules/caddytls"
+	"github.com/caddyserver/caddy/v2/modules/caddytls"
 )
 
 func generateServers(pub bool, priv bool, pubPort int32, privPort int32, appPubPort int32, appPrivPort int32) (map[string]*caddyhttp.Server, error) {

diff --git a/docs/contributing.md b/docs/contributing.md
@@ -20,8 +20,8 @@ package deployment
 
 import (
 	rc "github.com/RedHatInsights/rhc-osdk-utils/resourceCache"
-    p "cloud.redhat.com/clowder/v2/controllers/cloud.redhat.com/providers"
-    apps "k8s.io/api/apps/v1"
+	p "cloud.redhat.com/clowder/v2/controllers/cloud.redhat.com/providers"
+	apps "k8s.io/api/apps/v1"
 )
 
 // ProvName sets the provider name identifier
@@ -32,11 +32,11 @@ var CoreDeployment = rc.NewMultiResourceIdent(ProvName, "core_deployment", &apps
 
 // GetEnd returns the correct end provider.
 func GetDeployment(c *p.Provider) (p.ClowderProvider, error) {
-    return NewDeploymentProvider(c)
+	return NewDeploymentProvider(c)
 }
 
 func init() {
-    p.ProvidersRegistration.Register(GetDeployment, 0, ProvName)
+	p.ProvidersRegistration.Register(GetDeployment, 0, ProvName)
 }
 ```
 

diff --git a/go.sum b/go.sum
@@ -85,8 +85,6 @@ github.com/caddyserver/certmagic v0.21.3 h1:pqRRry3yuB4CWBVq9+cUqu+Y6E2z8TswbhNx
 github.com/caddyserver/certmagic v0.21.3/go.mod h1:Zq6pklO9nVRl3DIFUw9gVUfXKdpc/0qwTUAQMBlfgtI=
 github.com/caddyserver/zerossl v0.1.3 h1:onS+pxp3M8HnHpN5MMbOMyNjmTheJyWRaZYwn+YTAyA=
 github.com/caddyserver/zerossl v0.1.3/go.mod h1:CxA0acn7oEGO6//4rtrRjYgEoa4MFw/XofZnrYwGqG4=
-github.com/cert-manager/cert-manager v1.11.4 h1:vifBFrR+pGE94o/jViITNxCZ2l/TGAqPbeQbdPDU9wI=
-github.com/cert-manager/cert-manager v1.11.4/go.mod h1:ataBWLyUn2vVqGLud6JThOAVIbNKz72cZgnt7cBlajk=
 github.com/cert-manager/cert-manager v1.12.2 h1:lJ7Xn0VhmBA4uOZb5dlSZzepu38ez73okOqgE24x8YM=
 github.com/cert-manager/cert-manager v1.12.2/go.mod h1:ql0msU88JCcQSceN+PFjEY8U+AMe13y06vO2klJk8bs=
 github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
@@ -749,8 +747,6 @@ sigs.k8s.io/cluster-api v1.7.2 h1:bRE8zoao7ajuLC0HijqfZVcubKQCPlZ04HMgcA53FGE=
 sigs.k8s.io/cluster-api v1.7.2/go.mod h1:V9ZhKLvQtsDODwjXOKgbitjyCmC71yMBwDcMyNNIov0=
 sigs.k8s.io/controller-runtime v0.17.3 h1:65QmN7r3FWgTxDMz9fvGnO1kbf2nu+acg9p2R9oYYYk=
 sigs.k8s.io/controller-runtime v0.17.3/go.mod h1:N0jpP5Lo7lMTF9aL56Z/B2oWBJjey6StQM0jRbKQXtY=
-sigs.k8s.io/gateway-api v0.6.0 h1:v2FqrN2ROWZLrSnI2o91taHR8Sj3s+Eh3QU7gLNWIqA=
-sigs.k8s.io/gateway-api v0.6.0/go.mod h1:EYJT+jlPWTeNskjV0JTki/03WX1cyAnBhwBJfYHpV/0=
 sigs.k8s.io/gateway-api v0.7.0 h1:/mG8yyJNBifqvuVLW5gwlI4CQs0NR/5q4BKUlf1bVdY=
 sigs.k8s.io/gateway-api v0.7.0/go.mod h1:Xv0+ZMxX0lu1nSSDIIPEfbVztgNZ+3cfiYrJsa2Ooso=
 sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=

diff --git a/tests/kuttl/test-local-db-redis/01-assert.yaml b/tests/kuttl/test-local-db-redis/01-assert.yaml
@@ -11,5 +11,5 @@ spec:
         service: redis
     spec:    
       containers:
-        - image: quay.io/cloudservices/redis-ephemeral:6
+        - image: registry.redhat.io/rhel9/redis-6:1-199.1726663404
           resources: {}