From e5639561d87ba64b1bfc626eb329eb31da694c49 Mon Sep 17 00:00:00 2001
From: Carlos Feria <carlosthe19916@gmail.com>
Date: Thu, 8 Aug 2024 17:09:43 -0500
Subject: [PATCH] fix: use only one ingress (#21)

---
 .../java/org/trustify/operator/Constants.java |  1 -
 .../cdrs/v2alpha1/server/ServerIngress.java   | 19 ++--
 .../v2alpha1/server/ServerIngressSecure.java  | 86 -------------------
 .../ServerIngressSecureDiscriminator.java     | 20 -----
 .../controllers/TrustifyReconciler.java       |  4 +-
 5 files changed, 13 insertions(+), 117 deletions(-)
 delete mode 100644 src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecure.java
 delete mode 100644 src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecureDiscriminator.java

diff --git a/src/main/java/org/trustify/operator/Constants.java b/src/main/java/org/trustify/operator/Constants.java
index 227605d..0acad71 100644
--- a/src/main/java/org/trustify/operator/Constants.java
+++ b/src/main/java/org/trustify/operator/Constants.java
@@ -38,7 +38,6 @@ public class Constants {
 
 
     public static final String INGRESS_SUFFIX = "-" + TRUSTI_SERVER_NAME + "-ingress";
-    public static final String INGRESS_SECURE_SUFFIX = "-" + TRUSTI_SERVER_NAME + "-secure-ingress";
 
     //
     public static final String DB_SECRET_USERNAME = "username";
diff --git a/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngress.java b/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngress.java
index 228eb6e..30e9915 100644
--- a/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngress.java
+++ b/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngress.java
@@ -2,6 +2,7 @@
 
 import io.fabric8.kubernetes.api.model.networking.v1.Ingress;
 import io.fabric8.kubernetes.api.model.networking.v1.IngressTLS;
+import io.fabric8.kubernetes.api.model.networking.v1.IngressTLSBuilder;
 import io.javaoperatorsdk.operator.api.reconciler.Context;
 import io.javaoperatorsdk.operator.api.reconciler.dependent.DependentResource;
 import io.javaoperatorsdk.operator.processing.dependent.kubernetes.KubernetesDependent;
@@ -11,13 +12,14 @@
 import org.trustify.operator.cdrs.v2alpha1.TrustifySpec;
 import org.trustify.operator.utils.CRDUtils;
 
+import java.util.Collections;
 import java.util.Map;
 
 @KubernetesDependent(labelSelector = ServerIngress.LABEL_SELECTOR, resourceDiscriminator = ServerIngressDiscriminator.class)
 @ApplicationScoped
 public class ServerIngress extends ServerIngressBase {
 
-    public static final String LABEL_SELECTOR = "app.kubernetes.io/managed-by=trustify-operator,component=server,component-variant=http";
+    public static final String LABEL_SELECTOR = "app.kubernetes.io/managed-by=trustify-operator,component=server,component-variant=https";
 
     @Override
     @SuppressWarnings("unchecked")
@@ -28,16 +30,14 @@ protected Ingress desired(Trustify cr, Context<Trustify> context) {
                 getIngressName(cr),
                 Map.of(
                         "component", "server",
-                        "component-variant", "http"
+                        "component-variant", "https"
                 ),
-                Map.of(
-                        "console.alpha.openshift.io/overview-app-route", "true"
-                )
+                Collections.emptyMap()
         );
     }
 
     @Override
-    public boolean isMet(DependentResource<Ingress, Trustify> dependentResource, Trustify cr, Context<Trustify> context) {
+    public boolean isMet(DependentResource<Ingress, Trustify> dependentResource, Trustify primary, Context<Trustify> context) {
         return context.getSecondaryResource(Ingress.class, new ServerIngressDiscriminator())
                 .map(in -> {
                     final var status = in.getStatus();
@@ -68,7 +68,12 @@ protected String getHostname(Trustify cr) {
 
     @Override
     protected IngressTLS getIngressTLS(Trustify cr) {
-        return null;
+        String tlsSecretName = CRDUtils.getValueFromSubSpec(cr.getSpec().httpSpec(), TrustifySpec.HttpSpec::tlsSecret)
+                .orElse(null);
+
+        return new IngressTLSBuilder()
+                .withSecretName(tlsSecretName)
+                .build();
     }
 
     public static String getIngressName(Trustify cr) {
diff --git a/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecure.java b/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecure.java
deleted file mode 100644
index a882ff5..0000000
--- a/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecure.java
+++ /dev/null
@@ -1,86 +0,0 @@
-package org.trustify.operator.cdrs.v2alpha1.server;
-
-import io.fabric8.kubernetes.api.model.networking.v1.Ingress;
-import io.fabric8.kubernetes.api.model.networking.v1.IngressTLS;
-import io.fabric8.kubernetes.api.model.networking.v1.IngressTLSBuilder;
-import io.javaoperatorsdk.operator.api.reconciler.Context;
-import io.javaoperatorsdk.operator.api.reconciler.dependent.DependentResource;
-import io.javaoperatorsdk.operator.processing.dependent.kubernetes.KubernetesDependent;
-import jakarta.enterprise.context.ApplicationScoped;
-import org.trustify.operator.Constants;
-import org.trustify.operator.cdrs.v2alpha1.Trustify;
-import org.trustify.operator.cdrs.v2alpha1.TrustifySpec;
-import org.trustify.operator.utils.CRDUtils;
-
-import java.util.Collections;
-import java.util.Map;
-
-@KubernetesDependent(labelSelector = ServerIngressSecure.LABEL_SELECTOR, resourceDiscriminator = ServerIngressSecureDiscriminator.class)
-@ApplicationScoped
-public class ServerIngressSecure extends ServerIngressBase {
-
-    public static final String LABEL_SELECTOR = "app.kubernetes.io/managed-by=trustify-operator,component=server,component-variant=https";
-
-    @Override
-    @SuppressWarnings("unchecked")
-    protected Ingress desired(Trustify cr, Context<Trustify> context) {
-        return newIngress(
-                cr,
-                context,
-                getIngressName(cr),
-                Map.of(
-                        "component", "server",
-                        "component-variant", "https"
-                ),
-                Collections.emptyMap()
-        );
-    }
-
-    @Override
-    public boolean isMet(DependentResource<Ingress, Trustify> dependentResource, Trustify primary, Context<Trustify> context) {
-        return context.getSecondaryResource(Ingress.class, new ServerIngressSecureDiscriminator())
-                .map(in -> {
-                    final var status = in.getStatus();
-                    if (status != null) {
-                        final var ingresses = status.getLoadBalancer().getIngress();
-                        // only set the status if the ingress is ready to provide the info we need
-                        return ingresses != null && !ingresses.isEmpty();
-                    }
-                    return false;
-                })
-                .orElse(false);
-    }
-
-    @Override
-    protected String getHostname(Trustify cr) {
-        return CRDUtils
-                .getValueFromSubSpec(cr.getSpec().hostnameSpec(), TrustifySpec.HostnameSpec::hostname)
-                .orElseGet(() -> getClusterDomainOnOpenshift()
-                        // Openshift
-                        .map(domain -> CRDUtils
-                                .getValueFromSubSpec(cr.getSpec().hostnameSpec(), TrustifySpec.HostnameSpec::hostname)
-                                .orElseGet(() -> getOpenshiftHostname(cr, k8sClient.getConfiguration().getNamespace(), domain))
-                        )
-                        // Kubernetes vanilla
-                        .orElse(null)
-                );
-    }
-
-    @Override
-    protected IngressTLS getIngressTLS(Trustify cr) {
-        String tlsSecretName = CRDUtils.getValueFromSubSpec(cr.getSpec().httpSpec(), TrustifySpec.HttpSpec::tlsSecret)
-                .orElse(null);
-
-        return new IngressTLSBuilder()
-                .withSecretName(tlsSecretName)
-                .build();
-    }
-
-    public static String getIngressName(Trustify cr) {
-        return cr.getMetadata().getName() + Constants.INGRESS_SECURE_SUFFIX;
-    }
-
-    public static String getOpenshiftHostname(Trustify cr, String namespace, String domain) {
-        return "secure-" + namespace + "-" + cr.getMetadata().getName() + "." + domain;
-    }
-}
diff --git a/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecureDiscriminator.java b/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecureDiscriminator.java
deleted file mode 100644
index 04ede41..0000000
--- a/src/main/java/org/trustify/operator/cdrs/v2alpha1/server/ServerIngressSecureDiscriminator.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package org.trustify.operator.cdrs.v2alpha1.server;
-
-import io.fabric8.kubernetes.api.model.networking.v1.Ingress;
-import io.javaoperatorsdk.operator.api.reconciler.Context;
-import io.javaoperatorsdk.operator.api.reconciler.ResourceDiscriminator;
-import io.javaoperatorsdk.operator.processing.event.ResourceID;
-import io.javaoperatorsdk.operator.processing.event.source.informer.InformerEventSource;
-import org.trustify.operator.cdrs.v2alpha1.Trustify;
-
-import java.util.Optional;
-
-public class ServerIngressSecureDiscriminator implements ResourceDiscriminator<Ingress, Trustify> {
-    @Override
-    public Optional<Ingress> distinguish(Class<Ingress> resource, Trustify cr, Context<Trustify> context) {
-        String ingressName = ServerIngressSecure.getIngressName(cr);
-        ResourceID resourceID = new ResourceID(ingressName, cr.getMetadata().getNamespace());
-        var informerEventSource = (InformerEventSource<Ingress, Trustify>) context.eventSourceRetriever().getResourceEventSourceFor(Ingress.class);
-        return informerEventSource.get(resourceID);
-    }
-}
diff --git a/src/main/java/org/trustify/operator/controllers/TrustifyReconciler.java b/src/main/java/org/trustify/operator/controllers/TrustifyReconciler.java
index b47d622..e509142 100644
--- a/src/main/java/org/trustify/operator/controllers/TrustifyReconciler.java
+++ b/src/main/java/org/trustify/operator/controllers/TrustifyReconciler.java
@@ -14,7 +14,6 @@
 import org.trustify.operator.cdrs.v2alpha1.TrustifyStatusCondition;
 import org.trustify.operator.cdrs.v2alpha1.server.ServerDeployment;
 import org.trustify.operator.cdrs.v2alpha1.server.ServerIngress;
-import org.trustify.operator.cdrs.v2alpha1.server.ServerIngressSecure;
 import org.trustify.operator.cdrs.v2alpha1.server.ServerService;
 import org.trustify.operator.cdrs.v2alpha1.db.DBDeployment;
 import org.trustify.operator.cdrs.v2alpha1.db.DBPersistentVolumeClaim;
@@ -38,8 +37,7 @@
                 @Dependent(name = "server-deployment", type = ServerDeployment.class, dependsOn = {"db-service"}, readyPostcondition = ServerDeployment.class, useEventSourceWithName = TrustifyReconciler.DEPLOYMENT_EVENT_SOURCE),
                 @Dependent(name = "server-service", type = ServerService.class, dependsOn = {"db-service"}, useEventSourceWithName = TrustifyReconciler.SERVICE_EVENT_SOURCE),
 
-                @Dependent(name = "ingress", type = ServerIngress.class, dependsOn = {"db-service"}, readyPostcondition = ServerIngress.class, useEventSourceWithName = TrustifyReconciler.INGRESS_EVENT_SOURCE),
-                @Dependent(name = "ingress-secure", type = ServerIngressSecure.class, dependsOn = {"db-service"}, readyPostcondition = ServerIngressSecure.class, useEventSourceWithName = TrustifyReconciler.INGRESS_EVENT_SOURCE)
+                @Dependent(name = "ingress", type = ServerIngress.class, dependsOn = {"db-service"}, readyPostcondition = ServerIngress.class, useEventSourceWithName = TrustifyReconciler.INGRESS_EVENT_SOURCE)
         }
 )
 public class TrustifyReconciler implements Reconciler<Trustify>, ContextInitializer<Trustify>,