Skip to content

Commit

Permalink
Merge branch 'main' into customization-secret-tests-required
Browse files Browse the repository at this point in the history
  • Loading branch information
@jaroslaw-pieszka
jaroslaw-pieszka authored Feb 14, 2025
2 parents 3140ec7 + 36e9b92 commit aaf0389
Show file tree
Hide file tree
Showing 18 changed files with 831 additions and 350 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/create-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,7 @@ jobs:
fi
- name: Merge PR
if: ${{ !inputs.skip-sec-file-and-chart-bump }}
if: ${{ !inputs.skip-sec-file-bump }}
env:
GH_TOKEN: ${{ secrets.BOT_TOKEN }}
REPOSITORY: ${{ env.KYMA_BTP_MANAGER_REPO }}
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build the manager binary
FROM golang:1.23.6-alpine3.20 as builder
FROM golang:1.24.0-alpine3.20 as builder

WORKDIR /btp-manager-workspace
# Copy the Go Modules manifests
Expand Down
1 change: 1 addition & 0 deletions config/rbac/role.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ rules:
- ""
resources:
- configmaps
- pods
- secrets
- serviceaccounts
- services
Expand Down
420 changes: 383 additions & 37 deletions controllers/btpoperator_controller.go
View file

Large diffs are not rendered by default.

169 changes: 97 additions & 72 deletions controllers/btpoperator_controller_secret_customization_test.go
View file

Large diffs are not rendered by default.

10 changes: 5 additions & 5 deletions controllers/btpoperator_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ func TestBtpOperatorReconciler_UpdateBtpOperatorStatus(t *testing.T) {
t.Run("should return error from client.Get", func(t *testing.T) {
// given
retryK8sClient := newLazyK8sClient(fakeK8sClient, 3)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, scheme, nil, nil)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, fakeK8sClient, scheme, nil, nil)
retryK8sClient.EnableErrorOnGet()

// when
Expand All @@ -55,7 +55,7 @@ func TestBtpOperatorReconciler_UpdateBtpOperatorStatus(t *testing.T) {
t.Run("should return error from client.Update", func(t *testing.T) {
// given
retryK8sClient := newLazyK8sClient(fakeK8sClient, 3)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, scheme, nil, nil)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, fakeK8sClient, scheme, nil, nil)
retryK8sClient.EnableErrorOnUpdate()

// when
Expand All @@ -78,7 +78,7 @@ func TestBtpOperatorReconciler_UpdateBtpOperatorStatus(t *testing.T) {
t.Run("should time out", func(t *testing.T) {
// given
disabledUpdatek8sClient := newLazyK8sClient(fakeK8sClient, 3)
btpOperatorReconciler := NewBtpOperatorReconciler(disabledUpdatek8sClient, scheme, nil, nil)
btpOperatorReconciler := NewBtpOperatorReconciler(disabledUpdatek8sClient, fakeK8sClient, scheme, nil, nil)
disabledUpdatek8sClient.DisableUpdate()

// when
Expand All @@ -100,7 +100,7 @@ func TestBtpOperatorReconciler_UpdateBtpOperatorStatus(t *testing.T) {
t.Run("should update BtpOperator status after a few retries", func(t *testing.T) {
// given
retryK8sClient := newLazyK8sClient(fakeK8sClient, 3)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, scheme, nil, nil)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, fakeK8sClient, scheme, nil, nil)

// when
err := btpOperatorReconciler.UpdateBtpOperatorStatus(ctx, btpOperator, v1alpha1.StateProcessing, conditions.Initialized, "test")
Expand All @@ -122,7 +122,7 @@ func TestBtpOperatorReconciler_UpdateBtpOperatorStatus(t *testing.T) {
t.Run("should update BtpOperator status three times", func(t *testing.T) {
// given
retryK8sClient := newLazyK8sClient(fakeK8sClient, 3)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, scheme, nil, nil)
btpOperatorReconciler := NewBtpOperatorReconciler(retryK8sClient, fakeK8sClient, scheme, nil, nil)
conditionMsg1 := "test1"
conditionMsg2 := "test2"
conditionMsg3 := "test3"
Expand Down
2 changes: 1 addition & 1 deletion controllers/suite_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ var _ = SynchronizedBeforeSuite(func() {

metrics := btpmanagermetrics.NewMetrics()
cleanupReconciler := NewInstanceBindingControllerManager(ctx, k8sManager.GetClient(), k8sManager.GetScheme(), cfg)
reconciler = NewBtpOperatorReconciler(k8sManager.GetClient(), k8sManager.GetScheme(), cleanupReconciler, metrics)
reconciler = NewBtpOperatorReconciler(k8sManager.GetClient(), k8sClient, k8sManager.GetScheme(), cleanupReconciler, metrics)

k8sClientFromManager = k8sManager.GetClient()

Expand Down
4 changes: 2 additions & 2 deletions controllers/utils_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -702,11 +702,11 @@ func getSecret(name string) *corev1.Secret {
}

func getOperatorSecret() *corev1.Secret {
return getSecret(btpServiceOperatorSecret)
return getSecret(sapBtpServiceOperatorSecretName)
}

func getOperatorConfigMap() *corev1.ConfigMap {
return getConfigMap(btpServiceOperatorConfigMap)
return getConfigMap(sapBtpServiceOperatorConfigMapName)
}
func getConfigMap(name string) *corev1.ConfigMap {
configMap := &corev1.ConfigMap{}
Expand Down
2 changes: 1 addition & 1 deletion docs/assets/module_credentials.drawio.svg
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion docs/assets/module_credentials_customized.drawio.svg
View file
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
58 changes: 32 additions & 26 deletions docs/contributor/02-10-operations.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,32 +88,38 @@ The only Condition used is of type `Ready`.
[comment]: # (table_start)
| No. | CR state | Condition type | Condition status | Condition reason | Remark |
| -------------------- | -------------------- | -------------------- | -------------------- | ----------------------------------------------- | --------------------------------------------------------------------------------------------- |
| 1 | Ready | Ready | true | ReconcileSucceeded | Reconciled successfully |
| 2 | Ready | Ready | true | UpdateCheckSucceeded | Update not required |
| 3 | Ready | Ready | true | UpdateDone | Update done |
| 4 | Processing | Ready | false | Initialized | Initial processing or chart is inconsistent |
| 5 | Processing | Ready | false | Processing | Final State after deprovisioning |
| 6 | Processing | Ready | false | UpdateCheck | Checking for updates |
| 7 | Processing | Ready | false | Updated | Resource has been updated |
| 8 | Deleting | Ready | false | HardDeleting | Trying to hard delete |
| 9 | Warning | Ready | false | ServiceInstancesAndBindingsNotCleaned | Deprovisioning blocked because of ServiceInstances and/or ServiceBindings existence |
| 10 | Deleting | Ready | false | SoftDeleting | Trying to soft delete after hard delete failed |
| 11 | Error | Ready | false | ChartInstallFailed | Failure during chart installation |
| 12 | Error | Ready | false | ChartPathEmpty | No chart path available for processing |
| 13 | Error | Ready | false | ConsistencyCheckFailed | Failure during consistency check |
| 14 | Error | Ready | false | DeletionOfOrphanedResourcesFailed | Deletion of orphaned resources failed |
| 15 | Error | Ready | false | GettingConfigMapFailed | Getting Config Map failed |
| 16 | Error | Ready | false | InconsistentChart | Chart is inconsistent. Reconciliation initialized |
| 17 | Error | Ready | false | InvalidSecret | sap-btp-manager secret does not contain required data - create proper secret |
| 18 | Warning | Ready | false | OlderCRExists | This CR is not the oldest one so does not represent the module State |
| 19 | Error | Ready | false | PreparingInstallInfoFailed | Error while preparing installation information |
| 20 | Error | Ready | false | ProvisioningFailed | Provisioning failed |
| 21 | Error | Ready | false | ReconcileFailed | Reconciliation failed |
| 22 | Error | Ready | false | ResourceRemovalFailed | Some resources can still be present due to errors while deprovisioning |
| 23 | Error | Ready | false | StoringChartDetailsFailed | Failure of storing chart details |
| 24 | Warning | Ready | false | MissingSecret | sap-btp-manager secret was not found - create proper secret |
| No. | CR state | Condition type | Condition status | Condition reason | Remark |
|-----|------------|----------------|------------------|---------------------------------------------------|-------------------------------------------------------------------------------------|
| 1 | Ready | Ready | true | ReconcileSucceeded | Reconciled successfully |
| 2 | Ready | Ready | true | UpdateCheckSucceeded | Update not required |
| 3 | Ready | Ready | true | UpdateDone | Update done |
| 4 | Processing | Ready | false | Initialized | Initial processing or chart is inconsistent |
| 5 | Processing | Ready | false | Processing | Final State after deprovisioning |
| 6 | Processing | Ready | false | UpdateCheck | Checking for updates |
| 7 | Processing | Ready | false | Updated | Resource has been updated |
| 8 | Processing | Ready | false | CredentialsNamespaceChanged | Credentials namespace changed |
| 9 | Processing | Ready | false | ClusterIdChanged | Cluster ID changed |
| 10 | Deleting | Ready | false | HardDeleting | Trying to hard delete |
| 11 | Deleting | Ready | false | SoftDeleting | Trying to soft-delete after hard-delete failed |
| 12 | Warning | Ready | false | ServiceInstancesAndBindingsNotCleaned | Deprovisioning blocked because of ServiceInstances and/or ServiceBindings existence |
| 13 | Warning | Ready | false | OlderCRExists | This CR is not the oldest one so does not represent the module State |
| 14 | Warning | Ready | false | MissingSecret | `sap-btp-manager` Secret was not found - create proper Secret |
| 15 | Error | Ready | false | ChartInstallFailed | Failure during chart installation |
| 16 | Error | Ready | false | ChartPathEmpty | No chart path available for processing |
| 17 | Error | Ready | false | ConsistencyCheckFailed | Failure during consistency check |
| 18 | Error | Ready | false | DeletionOfOrphanedResourcesFailed | Deletion of orphaned resources failed |
| 19 | Error | Ready | false | GettingConfigMapFailed | Getting ConfigMap failed |
| 20 | Error | Ready | false | InconsistentChart | Chart is inconsistent, reconciliation initialized |
| 21 | Error | Ready | false | InvalidSecret | `sap-btp-manager` Secret does not contain required data - create proper Secret |
| 22 | Error | Ready | false | PreparingInstallInfoFailed | Error while preparing installation information |
| 23 | Error | Ready | false | ProvisioningFailed | Provisioning failed |
| 24 | Error | Ready | false | ReconcileFailed | Reconciliation failed |
| 25 | Error | Ready | false | ResourceRemovalFailed | Some resources can still be present due to errors while deprovisioning |
| 26 | Error | Ready | false | StoringChartDetailsFailed | Failure of storing chart details |
| 27 | Error | Ready | false | GettingDefaultCredentialsSecretFailed | Getting default credentials Secret failed |
| 28 | Error | Ready | false | AnnotatingSecretFailed | Annotating the required Secret failed |
| 29 | Error | Ready | false | GettingSapBtpServiceOperatorConfigMapFailed | Getting SAP BTP service operator ConfigMap failed |
| 30 | Error | Ready | false | GettingSapBtpServiceOperatorClusterIdSecretFailed | Getting SAP BTP service operator Cluster ID Secret failed |
[comment]: # (table_end)
Expand Down
13 changes: 7 additions & 6 deletions docs/user/03-11-customize_secret.md
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
# Customize the Default Credentials and Access

> [!NOTE]
> This feature is still being developed and will be available soon.
You can customize the `sap-btp-manager` Secret and manage your own default configuration of the SAP BTP Operator module.

## Prerequisites

You have the SAP BTP Operator module added.

## Context

When you create SAP BTP, Kyma runtime, the `sap-btp-manager` Secret is automatically created as the default Secret managing the SAP BTP Operator's resources.
Expand All @@ -23,11 +24,11 @@ To customize the `sap-btp-manager` Secret, modify the credentials in the followi

* Label the Secret with `kyma-project.io/skip-reconciliation: 'true'`.
* Provide the following credentials from your SAP Service Manager instance: **clientid**, **clientsecret**, **sm_url**, and **tokenurl**.
* Optionally, provide your **cluster_id**. Otherwise, it is generated automatically.
* Optionally, add the **credentials_namespace** parameter and provide the name of your custom namespace for Secrets with credentials to communicate with the SAP Service Manager.
* Optionally, provide your **cluster_id**. Otherwise, the default generated one is used.
* Optionally, add the **credentials_namespace** parameter and provide the name of your existing custom namespace for Secrets with credentials to communicate with the SAP Service Manager.

>[!NOTE]
> Setting the **credentials_namespace** parameter changes the values of **MANAGEMENT_NAMESPACE** and **RELEASE_NAMESPACE** keys in the `sap-btp-operator-config` ConfigMap. The custom namespace replaces the default `kyma-system` namespace for `sap-btp-service-operator` and `sap-btp-operator-clusterid` Secrets. BTP Manager deletes the Secrets from the default namespace and creates them in the custom namespace.
> Setting the **credentials_namespace** parameter changes the values of **MANAGEMENT_NAMESPACE** and **RELEASE_NAMESPACE** keys in the `sap-btp-operator-config` ConfigMap. The custom namespace replaces the default `kyma-system` namespace for `sap-btp-service-operator` and `sap-btp-operator-clusterid` Secrets. BTP Manager deletes the Secrets from the default `kyma-system` namespace and creates them in the custom namespace.
See the following example:

Expand Down
Loading

0 comments on commit aaf0389

Please sign in to comment.