Changes for working with secrets from cloud-credentials-operator

Signed-off-by: Roy Golan <[email protected]>

Author: rgolangh

Dockerfile

@@ -0,0 +1,34 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM registry.svc.ci.openshift.org/openshift/release:golang-1.12 AS builder
+
+ARG version 
+ARG release 
+
+LABEL   com.redhat.component="machine-api" \
+        name="cluster-api-provider-ovirt" \
+        version="$version" \
+        release="$release" \
+        architecture="x86_64" \
+        summary="cluster-api-provider-ovirt" \
+        maintainer="Roy Golan <[email protected]>"
+
+WORKDIR /go/cluster-api-provider-ovirt
+COPY . .
+
+RUN make build
+
+FROM registry.access.redhat.com/ubi8/ubi-minimal
+
+COPY --from=builder /go/cluster-api-provider-ovirt/bin/manager /
+COPY --from=builder /go/cluster-api-provider-ovirt/bin/machine-controller-manager /

Makefile

@@ -15,27 +15,34 @@ VERSION ?= $(shell git describe --exact-match 2> /dev/null || \
 GOFLAGS   += -mod vendor
 TAGS      :=
 LDFLAGS   := "-w -s -X 'main.version=${VERSION}'"
-REGISTRY ?= quay.io/rgolangh
+REGISTRY ?= quay.io/ovirt
+
+VERSION?=$(shell git describe --tags --always --match "v[0-9]*" | awk -F'-' '{print substr($$1,2) }')
+RELEASE?=$(shell git describe --tags --always --match "v[0-9]*" | awk -F'-' '{if ($$2 != "") {print $$2 "." $$3} else {print 1}}')
+VERSION_RELEASE=$(VERSION)$(if $(RELEASE),-$(RELEASE))
 
 .PHONY: vendor
 vendor:
-		go mod tidy
-		go mod vendor
-		go mod verify
+	go mod tidy
+	go mod vendor
+	go mod verify
 
 $(GOBIN):
 	echo "create gobin"
 	mkdir -p $(GOBIN)
 
 work: $(GOBIN)
 
-build: manager
-
-manager:
+build: export BUILDAH_LAYERS=true
+build:
 	CGO_ENABLED=0 GOOS=$(GOOS) go build \
 		-ldflags $(LDFLAGS) \
 		-o bin/manager \
 		cmd/manager/main.go
+	CGO_ENABLED=0 GOOS=$(GOOS) go build \
+		-ldflags $(LDFLAGS) \
+		-o bin/machine-controller-manager \
+		cmd/manager/main.go
 
 test: unit functional
 
@@ -104,7 +111,14 @@ shell:
 generate:
 	go generate ./pkg/... ./cmd/...
 
-images: ovirt-cluster-api-controller
+DOCKERFILE=Dockerfile
+images:
+	podman build \
+		-t $(REGISTRY)/cluster-api-provider-ovirt:$(VERSION_RELEASE) \
+		--build-arg version=$(VERSION) \
+		--build-arg release=$(RELEASE) \
+		-f $(DOCKERFILE) \
+		$(DIR)
 
 ovirt-cluster-api-controller: manager
 

cmd/manager/Dockerfile

@@ -30,7 +30,7 @@ metadata:
   namespace: ovirt-cluster-provider-system
 data:
   OS_CLOUD: >
-    url: https://rgolan.usersys.redhat.com:8443/ovirt-engine/api
+    url: https://ovirt-engine-fqdn/ovirt-engine/api
     username: admin@internal
     password: 123
     cafile: /dev/null

config/manager/manager.yaml

@@ -9,7 +9,10 @@ require (
 	github.com/onsi/ginkgo v1.8.0
 	github.com/onsi/gomega v1.5.0
 	github.com/openshift/cluster-api v0.0.0-20190917100308-655e2d6ccdd5
+	github.com/ovirt/go-ovirt v4.3.4+incompatible
+	github.com/pkg/errors v0.8.1
 	github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829 // indirect
+	github.com/prometheus/common v0.2.0
 	golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 // indirect
 	golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 // indirect
 	gopkg.in/yaml.v2 v2.2.2

docs/config.md

@@ -94,6 +94,7 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN
 github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223 h1:F9x/1yl3T2AeKLr2AMdilSD8+f9bvMnNN8VS5iDtovc=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
@@ -105,6 +106,8 @@ github.com/onsi/gomega v1.5.0 h1:izbySO9zDPmjJ8rDjLvkA2zJHIo+HkYXHnf7eN7SSyo=
 github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/openshift/cluster-api v0.0.0-20190917100308-655e2d6ccdd5 h1:r1srojcJfutWWqI++8p7j4xRX0n4e88nCBOqkIdYsa0=
 github.com/openshift/cluster-api v0.0.0-20190917100308-655e2d6ccdd5/go.mod h1:mNsD1dsD4T57kV4/C6zTHke/Ro166xgnyyRZqkamiEU=
+github.com/ovirt/go-ovirt v4.3.4+incompatible h1:jXcJpcXyNZ3mXJ1IVU3l3tMpE4JEUSNjqRiEJnVpG40=
+github.com/ovirt/go-ovirt v4.3.4+incompatible/go.mod h1:r33ZGjVKCPMiI6hw791/Zx8tNKk0Gn+4VFWbOfyIvZQ=
 github.com/pborman/uuid v0.0.0-20170612153648-e790cca94e6c h1:MUyE44mTvnI5A0xrxIxaMqoWFzPfQvtE2IWUollMDMs=
 github.com/pborman/uuid v0.0.0-20170612153648-e790cca94e6c/go.mod h1:VyrYX9gd7irzKovcSS6BIIEwPRkP2Wm2m9ufcdFSJ34=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=

go.mod

@@ -33,7 +33,7 @@ const GroupName = "ovirtclusterproviderconfig"
 
 var (
 	// SchemeGroupVersion is group version used to register these objects
-	SchemeGroupVersion = schema.GroupVersion{Group: fmt.Sprintf("%s.k8s.io", GroupName), Version: "v1alpha1"}
+	SchemeGroupVersion = schema.GroupVersion{Group: fmt.Sprintf("%s.k8s.io", GroupName), Version: "v1beta1"}
 
 	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
 	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

go.sum

@@ -30,10 +30,17 @@ type OvirtMachineProviderSpec struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
+	// UserDataSecret contains a local reference to a secret that contains the
+	// UserData to apply to the instance
+	UserDataSecret *corev1.LocalObjectReference `json:"userDataSecret,omitempty"`
+
 	// CredentialsSecret is a reference to the secret with oVirt credentials.
 	CredentialsSecret *corev1.LocalObjectReference `json:"credentialsSecret,omitempty"`
 
+	// Id is the UUID of the VM
 	Id string `json:"id"`
+
+	// Name is the VM name
 	Name string `json:"name"`
 	// The VM template this instance will be created from
 	TemplateId string `json:"template_id"`

pkg/apis/ovirtclusterproviderconfig/v1alpha1/register.go

@@ -0,0 +1,29 @@
+package clients
+
+import (
+	"context"
+	"fmt"
+	apicorev1 "k8s.io/api/core/v1"
+
+	machinev1 "github.com/openshift/cluster-api/pkg/apis/machine/v1beta1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	"github.com/ovirt/cluster-api-provider-ovirt/pkg/apis/ovirtclusterproviderconfig/v1alpha1"
+)
+
+func getCredentialsSecret(coreClient client.Client, machine machinev1.Machine, spec v1alpha1.OvirtMachineProviderSpec) (map[string][]byte, error) {
+	if spec.CredentialsSecret == nil {
+		return nil, nil
+	}
+	var credentialsSecret apicorev1.Secret
+
+	if err := coreClient.Get(context.Background(), client.ObjectKey{Namespace: machine.GetNamespace(), Name: spec.CredentialsSecret.Name}, &credentialsSecret); err != nil {
+		if errors.IsNotFound(err) {
+			return nil, fmt.Errorf("error getting credentials secret %q in namespace %q: %v", spec.CredentialsSecret.Name, machine.GetNamespace(), err)
+		}
+	}
+
+	return credentialsSecret.Data, nil
+}
+