From 1fe7d9d4a78830af832ade17270028642927c144 Mon Sep 17 00:00:00 2001 From: Fabricio Aguiar Date: Thu, 3 Oct 2024 20:47:15 +0200 Subject: [PATCH] Fix vhost configuration internal endpoint was being overwritten by the public one Signed-off-by: Fabricio Aguiar --- controllers/heat_controller.go | 14 ++++------- controllers/heat_controller_test.go | 38 +++++++++++++---------------- zuul.d/jobs.yaml | 3 --- 3 files changed, 22 insertions(+), 33 deletions(-) diff --git a/controllers/heat_controller.go b/controllers/heat_controller.go index 58898658..22b4b9b7 100644 --- a/controllers/heat_controller.go +++ b/controllers/heat_controller.go @@ -966,15 +966,15 @@ func (r *HeatReconciler) generateServiceSecrets( templateParameters := initTemplateParameters(instance, authURL, password, authEncryptionKey, transportURL, mc, databaseAccount, dbSecret) // Render vhost configuration for API and CFN - var httpdAPIVhostConfig map[string]interface{} - var httpdCfnAPIVhostConfig map[string]interface{} + httpdAPIVhostConfig := map[string]interface{}{} + httpdCfnAPIVhostConfig := map[string]interface{}{} for _, endpt := range []service.Endpoint{service.EndpointInternal, service.EndpointPublic} { var ( apiTLSEnabled = instance.Spec.HeatAPI.TLS.API.Enabled(endpt) cfnAPITLSEnabled = instance.Spec.HeatCfnAPI.TLS.API.Enabled(endpt) ) - httpdAPIVhostConfig = renderVhost(instance, endpt, heatapi.ServiceName, apiTLSEnabled) - httpdCfnAPIVhostConfig = renderVhost(instance, endpt, heatcfnapi.ServiceName, cfnAPITLSEnabled) + renderVhost(httpdAPIVhostConfig, instance, endpt, heatapi.ServiceName, apiTLSEnabled) + renderVhost(httpdCfnAPIVhostConfig, instance, endpt, heatcfnapi.ServiceName, cfnAPITLSEnabled) } // create HeatAPI httpd vhost template parameters @@ -1327,9 +1327,7 @@ func initTemplateParameters( } } -func renderVhost(instance *heatv1beta1.Heat, endpt service.Endpoint, serviceName string, tlsEnabled bool) map[string]interface{} { - httpdVhostConfig := map[string]interface{}{} - +func renderVhost(httpdVhostConfig map[string]interface{}, instance *heatv1beta1.Heat, endpt service.Endpoint, serviceName string, tlsEnabled bool) { var ( ServerNameString = fmt.Sprintf("%s-%s.%s.svc", serviceName, endpt.String(), instance.Namespace) SSLCertFilePath = fmt.Sprintf("/etc/pki/tls/certs/%s.crt", endpt.String()) @@ -1344,6 +1342,4 @@ func renderVhost(instance *heatv1beta1.Heat, endpt service.Endpoint, serviceName endptConfig["SSLCertificateKeyFile"] = SSLKeyFilePath } httpdVhostConfig[endpt.String()] = endptConfig - - return httpdVhostConfig } diff --git a/controllers/heat_controller_test.go b/controllers/heat_controller_test.go index 35344ba3..fee401cc 100644 --- a/controllers/heat_controller_test.go +++ b/controllers/heat_controller_test.go @@ -19,7 +19,6 @@ func TestRenderVhost(t *testing.T) { endpt service.Endpoint serviceName string tlsEnabled bool - expected map[string]interface{} }{ { name: "Basic case with TLS disabled", @@ -27,12 +26,6 @@ func TestRenderVhost(t *testing.T) { endpt: "internal", serviceName: "my-service", tlsEnabled: false, - expected: map[string]interface{}{ - "internal": map[string]interface{}{ - "ServerName": "my-service-internal.test1HeatNamespace.svc", - "TLS": false, - }, - }, }, { name: "Basic case with TLS enabled", @@ -40,23 +33,26 @@ func TestRenderVhost(t *testing.T) { endpt: "public", serviceName: "my-service", tlsEnabled: true, - expected: map[string]interface{}{ - "public": map[string]interface{}{ - "ServerName": "my-service-public.test1HeatNamespace.svc", - "TLS": true, - "SSLCertificateFile": "/etc/pki/tls/certs/public.crt", - "SSLCertificateKeyFile": "/etc/pki/tls/private/public.key", - }, - }, }, } + expected := map[string]interface{}{ + "internal": map[string]interface{}{ + "ServerName": "my-service-internal.test1HeatNamespace.svc", + "TLS": false, + }, + "public": map[string]interface{}{ + "ServerName": "my-service-public.test1HeatNamespace.svc", + "TLS": true, + "SSLCertificateFile": "/etc/pki/tls/certs/public.crt", + "SSLCertificateKeyFile": "/etc/pki/tls/private/public.key", + }, + } + result := map[string]interface{}{} for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - result := renderVhost(tt.instance, tt.endpt, tt.serviceName, tt.tlsEnabled) - if !reflect.DeepEqual(result, tt.expected) { - t.Errorf("Expected %v, got %v", tt.expected, result) - } - }) + renderVhost(result, tt.instance, tt.endpt, tt.serviceName, tt.tlsEnabled) + } + if !reflect.DeepEqual(result, expected) { + t.Errorf("Expected %v, got %v", expected, result) } } diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index daa4a501..fd7a38f6 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -27,15 +27,12 @@ heat_tempest_plugin.* cifmw_test_operator_tempest_exclude_list: | heat_tempest_plugin.tests.functional.test_os_wait_condition.OSWaitCondition.test_create_stack_with_multi_signal_waitcondition - heat_tempest_plugin.tests.functional.test_software_config.ParallelDeploymentsTest.test_deployments_metadata heat_tempest_plugin.tests.scenario.test_server_cfn_init.CfnInitIntegrationTest.test_server_cfn_init heat_tempest_plugin.tests.scenario.test_aodh_alarm.AodhAlarmTest.test_alarm heat_tempest_plugin.tests.scenario.test_base_resources.BasicResourcesTest.test_base_resources_integration heat_tempest_plugin.tests.scenario.test_server_signal.ServerSignalIntegrationTest.test_server_signal_userdata_format_raw heat_tempest_plugin.tests.scenario.test_server_signal.ServerSignalIntegrationTest.test_server_signal_userdata_format_software_config heat_tempest_plugin.tests.scenario.test_server_software_config.SoftwareConfigIntegrationTest.test_server_software_config - heat_tempest_plugin.tests.scenario.test_remote_deeply_nested.RemoteDeeplyNestedStackTest.test_remote_nested - heat_tempest_plugin.tests.functional.test_remote_stack.RemoteStackTest external_plugin: "opendev.org/openstack/heat-tempest-plugin" change_item: "{{ zuul['items'] | selectattr('project.canonical_name', 'equalto', external_plugin) }}" cifmw_test_operator_tempest_external_plugin: "{{ [] if change_item | length < 1 else [ { 'repository': 'https://' + external_plugin + '.git', 'changeRepository': 'https://review' + external_plugin, 'changeRefspec': [ 'refs/changes', change_item[0].change[-2:], change_item[0].change, change_item[0].patchset ] | join('/') } ] }}"