Merge pull request #396 from kstrenkova/add-input-condition

Validate openstack inputs and add input condition

Author: openshift-merge-bot[bot]

internal/controller/ansibletest_controller.go

@@ -115,7 +115,7 @@ func (r *AnsibleTestReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		// Initialize conditions used later as Status=Unknown
 		cl := condition.CreateList(
 			condition.UnknownCondition(condition.ReadyCondition, condition.InitReason, condition.ReadyInitMessage),
-			condition.UnknownCondition(condition.ServiceConfigReadyCondition, condition.InitReason, condition.ServiceConfigReadyMessage),
+			condition.UnknownCondition(condition.InputReadyCondition, condition.InitReason, condition.InputReadyInitMessage),
 			condition.UnknownCondition(condition.DeploymentReadyCondition, condition.InitReason, condition.DeploymentReadyInitMessage),
 		)
 		instance.Status.Conditions.Init(&cl)
@@ -207,7 +207,17 @@ func (r *AnsibleTestReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	}
 	// Create PersistentVolumeClaim - end
 
-	instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage)
+	err = r.ValidateOpenstackInputs(ctx, instance, instance.Spec.OpenStackConfigMap, instance.Spec.OpenStackConfigSecret)
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityError,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{RequeueAfter: RequeueAfterValue}, err
+	}
+	instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)
 
 	// Create a new pod
 	mountCerts := r.CheckSecretExists(ctx, instance, "combined-ca-bundle")

internal/controller/common.go

@@ -94,6 +94,9 @@ var (
 
 	// ErrFieldNotFound indicates a field name does not exist on the struct.
 	ErrFieldNotFound = errors.New("field not found")
+
+	// ErrMissingRequiredKey indicates that a required key is missing in a resource.
+	ErrMissingRequiredKey = errors.New("missing required key")
 )
 
 // Reconciler provides common functionality for all test framework reconcilers
@@ -350,6 +353,82 @@ func (r *Reconciler) CheckSecretExists(ctx context.Context, instance client.Obje
 	return true
 }
 
+// ValidateSecretWithKeys validates that a Secret exists and contains required keys
+func (r *Reconciler) ValidateSecretWithKeys(
+	ctx context.Context,
+	instance client.Object,
+	secretName string,
+	requiredKeys []string,
+) error {
+	// When secret is not specified, skip it
+	if secretName == "" {
+		return nil
+	}
+
+	secret := &corev1.Secret{}
+	err := r.Client.Get(ctx, client.ObjectKey{Namespace: instance.GetNamespace(), Name: secretName}, secret)
+	if err != nil {
+		return err
+	}
+
+	// Validate required keys
+	for _, key := range requiredKeys {
+		if _, ok := secret.Data[key]; !ok {
+			return fmt.Errorf("%w '%s' in secret %s", ErrMissingRequiredKey, key, secretName)
+		}
+	}
+
+	return nil
+}
+
+// ValidateConfigMapWithKeys validates that a ConfigMap exists and contains required keys
+func (r *Reconciler) ValidateConfigMapWithKeys(
+	ctx context.Context,
+	instance client.Object,
+	configMapName string,
+	requiredKeys []string,
+) error {
+	// When config map is not specified, skip it
+	if configMapName == "" {
+		return nil
+	}
+
+	cm := &corev1.ConfigMap{}
+	err := r.Client.Get(ctx, client.ObjectKey{Namespace: instance.GetNamespace(), Name: configMapName}, cm)
+	if err != nil {
+		return err
+	}
+
+	// Validate required keys
+	for _, key := range requiredKeys {
+		if _, ok := cm.Data[key]; !ok {
+			return fmt.Errorf("%w '%s' in config map %s", ErrMissingRequiredKey, key, configMapName)
+		}
+	}
+
+	return nil
+}
+
+// ValidateOpenstackInputs validates OpenStack configuration inputs
+func (r *Reconciler) ValidateOpenstackInputs(
+	ctx context.Context,
+	instance client.Object,
+	openstackConfigMapName string,
+	openstackConfigSecretName string,
+) error {
+	err := r.ValidateConfigMapWithKeys(ctx, instance, openstackConfigMapName, []string{"clouds.yaml"})
+	if err != nil {
+		return err
+	}
+
+	err = r.ValidateSecretWithKeys(ctx, instance, openstackConfigSecretName, []string{"secure.yaml"})
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
 // GetStringHash returns a hash of the given string with the specified length
 func GetStringHash(str string, hashLength int) string {
 	hash := sha256.New()

internal/controller/horizontest_controller.go

@@ -110,6 +110,7 @@ func (r *HorizonTestReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		// Initialize conditions used later as Status=Unknown
 		cl := condition.CreateList(
 			condition.UnknownCondition(condition.ReadyCondition, condition.InitReason, condition.ReadyInitMessage),
+			condition.UnknownCondition(condition.InputReadyCondition, condition.InitReason, condition.InputReadyInitMessage),
 			condition.UnknownCondition(condition.DeploymentReadyCondition, condition.InitReason, condition.DeploymentReadyInitMessage),
 		)
 		instance.Status.Conditions.Init(&cl)
@@ -214,9 +215,32 @@ func (r *HorizonTestReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	}
 	// Create PersistentVolumeClaim - end
 
+	err = r.ValidateOpenstackInputs(ctx, instance, instance.Spec.OpenStackConfigMap, instance.Spec.OpenStackConfigSecret)
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityError,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{RequeueAfter: RequeueAfterValue}, err
+	}
+	instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)
+
+	err = r.ValidateSecretWithKeys(ctx, instance, instance.Spec.KubeconfigSecretName, []string{})
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{}, err
+	}
+	mountKubeconfig := len(instance.Spec.KubeconfigSecretName) != 0
+
 	// Create Pod
 	mountCerts := r.CheckSecretExists(ctx, instance, "combined-ca-bundle")
-	mountKubeconfig := len(instance.Spec.KubeconfigSecretName) != 0
 
 	// Prepare HorizonTest env vars
 	envVars := r.PrepareHorizonTestEnvVars(instance)

internal/controller/tempest_controller.go

@@ -117,6 +117,7 @@ func (r *TempestReconciler) Reconcile(ctx context.Context, req ctrl.Request) (re
 		// Initialize conditions used later as Status=Unknown
 		cl := condition.CreateList(
 			condition.UnknownCondition(condition.ReadyCondition, condition.InitReason, condition.ReadyInitMessage),
+			condition.UnknownCondition(condition.InputReadyCondition, condition.InitReason, condition.InputReadyInitMessage),
 			condition.UnknownCondition(condition.ServiceConfigReadyCondition, condition.InitReason, condition.ServiceConfigReadyInitMessage),
 			condition.UnknownCondition(condition.DeploymentReadyCondition, condition.InitReason, condition.DeploymentReadyInitMessage),
 			condition.UnknownCondition(condition.NetworkAttachmentsReadyCondition, condition.InitReason, condition.NetworkAttachmentsReadyInitMessage),
@@ -232,10 +233,29 @@ func (r *TempestReconciler) Reconcile(ctx context.Context, req ctrl.Request) (re
 	}
 	// Create PersistentVolumeClaim - end
 
-	mountSSHKey := false
-	if instance.Spec.SSHKeySecretName != "" {
-		mountSSHKey = r.CheckSecretExists(ctx, instance, instance.Spec.SSHKeySecretName)
+	err = r.ValidateOpenstackInputs(ctx, instance, instance.Spec.OpenStackConfigMap, instance.Spec.OpenStackConfigSecret)
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityError,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{RequeueAfter: RequeueAfterValue}, err
+	}
+	instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)
+
+	err = r.ValidateSecretWithKeys(ctx, instance, instance.Spec.SSHKeySecretName, []string{})
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{}, err
 	}
+	mountSSHKey := len(instance.Spec.SSHKeySecretName) != 0
 
 	// Generate ConfigMaps
 	err = r.generateServiceConfigMaps(ctx, helper, instance, nextWorkflowStep)

internal/controller/tobiko_controller.go

@@ -114,6 +114,7 @@ func (r *TobikoReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res
 		// Initialize conditions used later as Status=Unknown
 		cl := condition.CreateList(
 			condition.UnknownCondition(condition.ReadyCondition, condition.InitReason, condition.ReadyInitMessage),
+			condition.UnknownCondition(condition.InputReadyCondition, condition.InitReason, condition.InputReadyInitMessage),
 			condition.UnknownCondition(condition.DeploymentReadyCondition, condition.InitReason, condition.DeploymentReadyInitMessage),
 			condition.UnknownCondition(condition.NetworkAttachmentsReadyCondition, condition.InitReason, condition.NetworkAttachmentsReadyInitMessage),
 		)
@@ -229,6 +230,30 @@ func (r *TobikoReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res
 	}
 	// Create PersistentVolumeClaim - end
 
+	err = r.ValidateOpenstackInputs(ctx, instance, instance.Spec.OpenStackConfigMap, instance.Spec.OpenStackConfigSecret)
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityError,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{RequeueAfter: RequeueAfterValue}, err
+	}
+	instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)
+
+	err = r.ValidateSecretWithKeys(ctx, instance, instance.Spec.KubeconfigSecretName, []string{})
+	if err != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			condition.InputReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			condition.InputReadyErrorMessage,
+			err.Error()))
+		return ctrl.Result{}, err
+	}
+	mountKubeconfig := len(instance.Spec.KubeconfigSecretName) != 0
+
 	serviceAnnotations, ctrlResult, err := r.EnsureNetworkAttachments(
 		ctx,
 		Log,
@@ -266,8 +291,6 @@ func (r *TobikoReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res
 		mountKeys = true
 	}
 
-	mountKubeconfig := len(instance.Spec.KubeconfigSecretName) != 0
-
 	// Prepare Tobiko env vars
 	envVars := r.PrepareTobikoEnvVars(ctx, serviceLabels, instance, helper, nextWorkflowStep)
 	podName := r.GetPodName(instance, nextWorkflowStep)

test/functional/horizontest_controller_test.go

@@ -48,7 +48,7 @@ var _ = Describe("HorizonTest controller", func() {
 		It("initializes the status fields", func() {
 			Eventually(func(g Gomega) {
 				horizonTest := GetHorizonTest(horizonTestName)
-				g.Expect(horizonTest.Status.Conditions).To(HaveLen(2))
+				g.Expect(horizonTest.Status.Conditions).To(HaveLen(3))
 			}, timeout*2, interval).Should(Succeed())
 		})
 

test/functional/tempest_controller_test.go

@@ -48,7 +48,7 @@ var _ = Describe("Tempest controller", func() {
 		It("initializes the status fields", func() {
 			Eventually(func(g Gomega) {
 				tempest := GetTempest(tempestName)
-				g.Expect(tempest.Status.Conditions).To(HaveLen(4))
+				g.Expect(tempest.Status.Conditions).To(HaveLen(5))
 			}, timeout*2, interval).Should(Succeed())
 		})
 

test/functional/tobiko_controller_test.go

@@ -48,7 +48,7 @@ var _ = Describe("Tobiko controller", func() {
 		It("initializes the status fields", func() {
 			Eventually(func(g Gomega) {
 				tobiko := GetTobiko(tobikoName)
-				g.Expect(tobiko.Status.Conditions).To(HaveLen(3))
+				g.Expect(tobiko.Status.Conditions).To(HaveLen(4))
 			}, timeout*2, interval).Should(Succeed())
 		})