Fix handling of enable-console option

client/router_create.go

@@ -77,16 +77,18 @@ func (cli *VanClient) GetVanControllerSpec(options types.SiteConfigSpec, van *ty
 	volumes := []corev1.Volume{}
 	mounts := make([][]corev1.VolumeMount, 1)
 
-	if options.AuthMode == string(types.ConsoleAuthModeOpenshift) {
-		csp := strconv.Itoa(int(types.ConsoleOpenShiftServicePort))
-		sidecars = append(sidecars, OauthProxyContainer("skupper-proxy-controller", csp))
-		envVars = append(envVars, corev1.EnvVar{Name: "METRICS_PORT", Value: csp})
-		envVars = append(envVars, corev1.EnvVar{Name: "METRICS_HOST", Value: "localhost"})
-		mounts = append(mounts, []corev1.VolumeMount{})
-		kube.AppendSecretVolume(&volumes, &mounts[oauthProxy], "skupper-controller-certs", "/etc/tls/proxy-certs/")
-	} else if options.AuthMode == string(types.ConsoleAuthModeInternal) {
-		envVars = append(envVars, corev1.EnvVar{Name: "METRICS_USERS", Value: "/etc/console-users"})
-		kube.AppendSecretVolume(&volumes, &mounts[serviceController], "skupper-console-users", "/etc/console-users/")
+	if options.EnableConsole {
+		if options.AuthMode == string(types.ConsoleAuthModeOpenshift) {
+			csp := strconv.Itoa(int(types.ConsoleOpenShiftServicePort))
+			sidecars = append(sidecars, OauthProxyContainer("skupper-proxy-controller", csp))
+			envVars = append(envVars, corev1.EnvVar{Name: "METRICS_PORT", Value: csp})
+			envVars = append(envVars, corev1.EnvVar{Name: "METRICS_HOST", Value: "localhost"})
+			mounts = append(mounts, []corev1.VolumeMount{})
+			kube.AppendSecretVolume(&volumes, &mounts[oauthProxy], "skupper-controller-certs", "/etc/tls/proxy-certs/")
+		} else if options.AuthMode == string(types.ConsoleAuthModeInternal) {
+			envVars = append(envVars, corev1.EnvVar{Name: "METRICS_USERS", Value: "/etc/console-users"})
+			kube.AppendSecretVolume(&volumes, &mounts[serviceController], "skupper-console-users", "/etc/console-users/")
+		}
 	}
 	//mount secret needed for communication with router
 	kube.AppendSecretVolume(&volumes, &mounts[serviceController], "skupper", "/etc/messaging/")
@@ -147,79 +149,81 @@ func (cli *VanClient) GetVanControllerSpec(options types.SiteConfigSpec, van *ty
 	})
 	van.Controller.RoleBindings = roleBindings
 
-	svctype := corev1.ServiceTypeClusterIP
-	metricsPort := []corev1.ServicePort{
-		{
-			Name:       "metrics",
-			Protocol:   "TCP",
-			Port:       types.ConsoleDefaultServicePort,
-			TargetPort: intstr.FromInt(int(types.ConsoleDefaultServiceTargetPort)),
-		},
-	}
-	termination := routev1.TLSTerminationEdge
-	annotations := map[string]string{}
+	if options.EnableConsole {
+		svctype := corev1.ServiceTypeClusterIP
+		metricsPort := []corev1.ServicePort{
+			{
+				Name:       "metrics",
+				Protocol:   "TCP",
+				Port:       types.ConsoleDefaultServicePort,
+				TargetPort: intstr.FromInt(int(types.ConsoleDefaultServiceTargetPort)),
+			},
+		}
+		termination := routev1.TLSTerminationEdge
+		annotations := map[string]string{}
 
-	svcs := []*corev1.Service{}
-	if options.IsIngressRoute() {
-		if options.AuthMode == string(types.ConsoleAuthModeOpenshift) {
-			termination = routev1.TLSTerminationReencrypt
-			metricsPort = []corev1.ServicePort{
-				{
-					Name:       "metrics",
-					Protocol:   "TCP",
-					Port:       types.ConsoleOpenShiftOauthServicePort,
-					TargetPort: intstr.FromInt(int(types.ConsoleOpenShiftOauthServiceTargetPort)),
-				},
+		svcs := []*corev1.Service{}
+		if options.IsIngressRoute() {
+			if options.AuthMode == string(types.ConsoleAuthModeOpenshift) {
+				termination = routev1.TLSTerminationReencrypt
+				metricsPort = []corev1.ServicePort{
+					{
+						Name:       "metrics",
+						Protocol:   "TCP",
+						Port:       types.ConsoleOpenShiftOauthServicePort,
+						TargetPort: intstr.FromInt(int(types.ConsoleOpenShiftOauthServiceTargetPort)),
+					},
+				}
+				annotations = map[string]string{"service.alpha.openshift.io/serving-cert-secret-name": "skupper-controller-certs"}
 			}
-			annotations = map[string]string{"service.alpha.openshift.io/serving-cert-secret-name": "skupper-controller-certs"}
+		} else if options.IsIngressLoadBalancer() {
+			svctype = corev1.ServiceTypeLoadBalancer
 		}
-	} else if options.IsIngressLoadBalancer() {
-		svctype = corev1.ServiceTypeLoadBalancer
-	}
-	svcs = append(svcs, &corev1.Service{
-		TypeMeta: metav1.TypeMeta{
-			APIVersion: "v1",
-			Kind:       "Service",
-		},
-		ObjectMeta: metav1.ObjectMeta{
-			Name:        "skupper-controller",
-			Annotations: annotations,
-		},
-		Spec: corev1.ServiceSpec{
-			Selector: van.Controller.Labels,
-			Ports:    metricsPort,
-			Type:     svctype,
-		},
-	})
-	van.Controller.Services = svcs
-
-	routes := []*routev1.Route{}
-	if options.IsIngressRoute() {
-		routes = append(routes, &routev1.Route{
+		svcs = append(svcs, &corev1.Service{
 			TypeMeta: metav1.TypeMeta{
 				APIVersion: "v1",
-				Kind:       "Route",
+				Kind:       "Service",
 			},
 			ObjectMeta: metav1.ObjectMeta{
-				Name: "skupper-controller",
+				Name:        "skupper-controller",
+				Annotations: annotations,
 			},
-			Spec: routev1.RouteSpec{
-				Path: "",
-				Port: &routev1.RoutePort{
-					TargetPort: intstr.FromString("metrics"),
+			Spec: corev1.ServiceSpec{
+				Selector: van.Controller.Labels,
+				Ports:    metricsPort,
+				Type:     svctype,
+			},
+		})
+		van.Controller.Services = svcs
+
+		routes := []*routev1.Route{}
+		if options.IsIngressRoute() {
+			routes = append(routes, &routev1.Route{
+				TypeMeta: metav1.TypeMeta{
+					APIVersion: "v1",
+					Kind:       "Route",
 				},
-				To: routev1.RouteTargetReference{
-					Kind: "Service",
+				ObjectMeta: metav1.ObjectMeta{
 					Name: "skupper-controller",
 				},
-				TLS: &routev1.TLSConfig{
-					Termination:                   termination,
-					InsecureEdgeTerminationPolicy: routev1.InsecureEdgeTerminationPolicyRedirect,
+				Spec: routev1.RouteSpec{
+					Path: "",
+					Port: &routev1.RoutePort{
+						TargetPort: intstr.FromString("metrics"),
+					},
+					To: routev1.RouteTargetReference{
+						Kind: "Service",
+						Name: "skupper-controller",
+					},
+					TLS: &routev1.TLSConfig{
+						Termination:                   termination,
+						InsecureEdgeTerminationPolicy: routev1.InsecureEdgeTerminationPolicyRedirect,
+					},
 				},
-			},
-		})
+			})
+		}
+		van.Controller.Routes = routes
 	}
-	van.Controller.Routes = routes
 }
 
 func (cli *VanClient) GetRouterSpecFromOpts(options types.SiteConfigSpec, siteId string) *types.RouterSpec {

client/router_create_test.go

@@ -27,6 +27,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 		isEdge               bool
 		enableController     bool
 		enableRouterConsole  bool
+		enableConsole        bool
 		authMode             string
 		user                 string
 		password             string
@@ -48,6 +49,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 			isEdge:               false,
 			enableController:     true,
 			enableRouterConsole:  false,
+			enableConsole:        false,
 			authMode:             "",
 			user:                 "",
 			password:             "",
@@ -61,7 +63,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 				"skupper-amqps",
 				"skupper",
 				"skupper-internal"},
-			svcsExpected:        []string{"skupper-messaging", "skupper-internal", "skupper-controller"},
+			svcsExpected:        []string{"skupper-messaging", "skupper-internal"},
 			svcAccountsExpected: []string{"skupper", "skupper-proxy-controller"},
 			opts: []cmp.Option{
 				trans,
@@ -78,6 +80,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 			isEdge:               false,
 			enableController:     true,
 			enableRouterConsole:  true,
+			enableConsole:        true,
 			authMode:             "unsecured",
 			user:                 "",
 			password:             "",
@@ -108,6 +111,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 			isEdge:               false,
 			enableController:     true,
 			enableRouterConsole:  true,
+			enableConsole:        true,
 			authMode:             "internal",
 			user:                 "",
 			password:             "",
@@ -139,6 +143,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 			isEdge:               false,
 			enableController:     true,
 			enableRouterConsole:  true,
+			enableConsole:        true,
 			authMode:             "openshift",
 			user:                 "",
 			password:             "",
@@ -171,6 +176,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 			isEdge:               true,
 			enableController:     true,
 			enableRouterConsole:  true,
+			enableConsole:        true,
 			authMode:             "unsecured",
 			user:                 "Barney",
 			password:             "Rubble",
@@ -295,7 +301,7 @@ func TestRouterCreateDefaults(t *testing.T) {
 				EnableServiceSync:   true,
 				EnableRouterConsole: c.enableRouterConsole,
 				AuthMode:            c.authMode,
-				EnableConsole:       false,
+				EnableConsole:       c.enableConsole,
 				User:                c.user,
 				Password:            c.password,
 				Ingress:             getIngress(),

client/serviceinterface_create_test.go

@@ -122,8 +122,8 @@ func TestServiceInterfaceCreate(t *testing.T) {
 			// show up, but I am giving it a large timeout here. The result
 			// checker will cut out as soon as it sees a result list of the
 			// right size.
-			svcsExpected:     []string{"skupper-messaging", "skupper-internal", "skupper-controller"},
-			realSvcsExpected: []string{"skupper-messaging", "skupper-internal", "skupper-controller", "vsic-5-addr"},
+			svcsExpected:     []string{"skupper-messaging", "skupper-internal"},
+			realSvcsExpected: []string{"skupper-messaging", "skupper-internal", "vsic-5-addr"},
 			timeout:          60.0,
 		},
 	}

client/serviceinterface_update_test.go

@@ -231,7 +231,7 @@ func TestVanServiceInteraceUpdate(t *testing.T) {
 	defer cancel()
 
 	svcsFound := []string{}
-	svcsExpected := []string{"skupper-messaging", "skupper-internal", "skupper-controller", "nginx", "tcp-go-echo", "tcp-go-echo-ss"}
+	svcsExpected := []string{"skupper-messaging", "skupper-internal", "nginx", "tcp-go-echo", "tcp-go-echo-ss"}
 
 	informers := informers.NewSharedInformerFactoryWithOptions(cli.KubeClient, 0, informers.WithNamespace(namespace))
 	svcInformer := informers.Core().V1().Services().Informer()

client/site_config_create.go

@@ -44,8 +44,8 @@ func (cli *VanClient) SiteConfigCreate(ctx context.Context, spec types.SiteConfi
 	if !spec.EnableServiceSync {
 		siteConfig.Data["service-sync"] = "false"
 	}
-	if spec.EnableConsole {
-		siteConfig.Data["console"] = "true"
+	if !spec.EnableConsole {
+		siteConfig.Data["console"] = "false"
 	}
 	if spec.EnableRouterConsole {
 		siteConfig.Data["router-console"] = "true"

cmd/skupper/skupper.go

@@ -279,7 +279,7 @@ installation that can then be connected to other skupper installations`,
 	cmd.Flags().BoolVarP(&routerCreateOpts.EnableRouterConsole, "enable-router-console", "", false, "Enable router console")
 	cmd.Flags().StringVarP(&routerLogging, "router-logging", "", "", "Logging settings for router (e.g. trace,debug,info,notice,warning,error)")
 	cmd.Flags().StringVarP(&routerCreateOpts.RouterDebugMode, "router-debug-mode", "", "", "Enable debug mode for router ('valgrind' or 'gdb' are valid values)")
-	cmd.Flags().BoolVarP(&routerCreateOpts.EnableConsole, "enable-console", "", false, "Enable skupper console")
+	cmd.Flags().BoolVarP(&routerCreateOpts.EnableConsole, "enable-console", "", true, "Enable skupper console")
 	cmd.Flags().StringVarP(&routerCreateOpts.AuthMode, "console-auth", "", "", "Authentication mode for console(s). One of: 'openshift', 'internal', 'unsecured'")
 	cmd.Flags().StringVarP(&routerCreateOpts.User, "console-user", "", "", "Skupper console user. Valid only when --console-auth=internal")
 	cmd.Flags().StringVarP(&routerCreateOpts.Password, "console-password", "", "", "Skupper console user. Valid only when --console-auth=internal")