From 4722f9ae3be4443a3fb6db0823fb39bc454d556a Mon Sep 17 00:00:00 2001 From: Melisa Griffin Date: Fri, 4 Aug 2023 17:06:01 -0400 Subject: [PATCH] cleanup --- charts/consul/templates/crd-gatewayclassconfigs.yaml | 4 ++++ charts/consul/templates/gateway-resources-job.yaml | 2 +- control-plane/api-gateway/common/helm_config.go | 4 ---- control-plane/api/v1alpha1/api_gateway_types_test.go | 1 + control-plane/subcommand/gateway-resources/command.go | 3 ++- control-plane/subcommand/gateway-resources/command_test.go | 2 ++ 6 files changed, 10 insertions(+), 6 deletions(-) diff --git a/charts/consul/templates/crd-gatewayclassconfigs.yaml b/charts/consul/templates/crd-gatewayclassconfigs.yaml index 4ab6570e31..3f53341a60 100644 --- a/charts/consul/templates/crd-gatewayclassconfigs.yaml +++ b/charts/consul/templates/crd-gatewayclassconfigs.yaml @@ -138,6 +138,10 @@ spec: type: string type: object type: array + openshiftSCCName: + description: The name of an existing Openshift SCC + to bind to the managed role. + type: string type: object type: object served: true diff --git a/charts/consul/templates/gateway-resources-job.yaml b/charts/consul/templates/gateway-resources-job.yaml index 8a34e3f1bf..3c40e25c6e 100644 --- a/charts/consul/templates/gateway-resources-job.yaml +++ b/charts/consul/templates/gateway-resources-job.yaml @@ -99,7 +99,7 @@ spec: - {{- toYaml .Values.connectInject.apiGateway.managedGatewayClass.copyAnnotations.service.annotations | nindent 14 -}} {{- end }} - -service-type={{ .Values.connectInject.apiGateway.managedGatewayClass.serviceType }} - - -openshift-scc-name={{ .Values.connectInject.apiGateway.openshiftSccName }} + - -openshift-scc-name={{ .Values.connectInject.apiGateway.managedGatewayClass.openshiftSccName }} {{- end}} resources: requests: diff --git a/control-plane/api-gateway/common/helm_config.go b/control-plane/api-gateway/common/helm_config.go index 0261637957..35bc42700a 100644 --- a/control-plane/api-gateway/common/helm_config.go +++ b/control-plane/api-gateway/common/helm_config.go @@ -35,10 +35,6 @@ type HelmConfig struct { // and should create SecurityContextConstraints. EnableOpenShift bool - // OpenshiftSCCName allows the user to specify which security context they - // would like to run their gateways with. - OpenshiftSCCName string - // ReleaseName indicates the name of the release for the Helm installation. This value is used // as a prefix for some resources - SecurityContextConstraints, for example - so it must be known. ReleaseName string diff --git a/control-plane/api/v1alpha1/api_gateway_types_test.go b/control-plane/api/v1alpha1/api_gateway_types_test.go index 1f9d8ebef0..6e0690b9b2 100644 --- a/control-plane/api/v1alpha1/api_gateway_types_test.go +++ b/control-plane/api/v1alpha1/api_gateway_types_test.go @@ -21,6 +21,7 @@ func TestGatewayClassConfigDeepCopy(t *testing.T) { NodeSelector: map[string]string{ "test": "test", }, + OpenshiftSCCName: "restricted-v2", } config := &GatewayClassConfig{ ObjectMeta: metav1.ObjectMeta{ diff --git a/control-plane/subcommand/gateway-resources/command.go b/control-plane/subcommand/gateway-resources/command.go index d3426fa387..3ad3ff7f53 100644 --- a/control-plane/subcommand/gateway-resources/command.go +++ b/control-plane/subcommand/gateway-resources/command.go @@ -126,7 +126,8 @@ func (c *Command) init() { "The annotations to copy over from a gateway to its service.", ) c.flags.StringVar(&c.flagOpenshiftSCCName, "openshift-scc-name", "", - "Name of security context constraint to use for gateways on Openshift") + "Name of security context constraint to use for gateways on Openshift.", + ) c.k8s = &flags.K8SFlags{} flags.Merge(c.flags, c.k8s.Flags()) diff --git a/control-plane/subcommand/gateway-resources/command_test.go b/control-plane/subcommand/gateway-resources/command_test.go index 0c40e67244..f60e376042 100644 --- a/control-plane/subcommand/gateway-resources/command_test.go +++ b/control-plane/subcommand/gateway-resources/command_test.go @@ -163,6 +163,7 @@ bar: 2`, flagServiceAnnotations: ` - foo - bar`, + flagOpenshiftSCCName: "restricted-v2", }, }, } { @@ -245,6 +246,7 @@ func TestRun(t *testing.T) { "-release-name", "test", "-component", "test", "-controller-name", "test", + "-openshift-scc-name", "restricted-v2", }) require.Equal(t, 0, code)