[openstackclient] Update controller to watch named input resources

Adds watches for name secret and configmap resources from the OpenStackClient CRD. This allows to watch the specific resources when they change. Also adds EnvTest for OpenstackClient being created by the OpenstackControlPlane controller. Depends-On: openstack-k8s-operators/lib-common#384
stuggi · Dec 6, 2023 · 837f776 · 837f776
1 parent 12c57ba
commit 837f776
Show file tree

Hide file tree

Showing 14 changed files with 299 additions and 67 deletions.
diff --git a/apis/bases/client.openstack.org_openstackclients.yaml b/apis/bases/client.openstack.org_openstackclients.yaml
@@ -36,7 +36,7 @@ spec:
             type: object
           spec:
             properties:
-              caSecretName:
+              caBundleSecretName:
                 type: string
               containerImage:
                 type: string

diff --git a/apis/bases/core.openstack.org_openstackcontrolplanes.yaml b/apis/bases/core.openstack.org_openstackcontrolplanes.yaml
@@ -6479,6 +6479,33 @@ spec:
                         type: object
                       secret:
                         type: string
+                      tls:
+                        properties:
+                          api:
+                            properties:
+                              disabled:
+                                type: boolean
+                              endpoint:
+                                additionalProperties:
+                                  properties:
+                                    secretName:
+                                      type: string
+                                  type: object
+                                type: object
+                            type: object
+                          caBundleSecretName:
+                            type: string
+                          db:
+                            properties:
+                              disabled:
+                                type: boolean
+                            type: object
+                          messaging:
+                            properties:
+                              disabled:
+                                type: boolean
+                            type: object
+                        type: object
                       trustFlushArgs:
                         default: ""
                         type: string
@@ -10339,7 +10366,7 @@ spec:
                 properties:
                   template:
                     properties:
-                      caSecretName:
+                      caBundleSecretName:
                         type: string
                       containerImage:
                         type: string
@@ -15186,7 +15213,7 @@ spec:
                     public:
                       enabled: true
                 properties:
-                  caSecretName:
+                  caBundleSecretName:
                     type: string
                   endpoint:
                     additionalProperties:

diff --git a/apis/go.mod b/apis/go.mod
@@ -113,3 +113,5 @@ replace github.com/openshift/api => github.com/openshift/api v0.0.0-202304141430
 
 // Bump golang.org/x/net to avoid Rapid Reset CVE
 replace golang.org/x/net => golang.org/x/net v0.18.0 //allow-merging
+
+replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5
diff --git a/apis/go.sum b/apis/go.sum
@@ -1,6 +1,8 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5 h1:5+xXZONbkUa2QBbqtyvABRuUazwRs9e5UgJgK3vQ6Oc=
+github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5/go.mod h1:ImxqioQ1ID+d7fMMD4lK8CxJqNTB5tsQ+lGKcN/xx5M=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
@@ -148,8 +150,6 @@ github.com/openstack-k8s-operators/ironic-operator/api v0.3.1-0.20231127105109-2
 github.com/openstack-k8s-operators/ironic-operator/api v0.3.1-0.20231127105109-2a854ad66b54/go.mod h1:H6BuZ52u+Dq/vWJgpGIJLttRTnPPH3xdVeqhI99QE/k=
 github.com/openstack-k8s-operators/keystone-operator/api v0.3.1-0.20231128185906-0b4579c3dadf h1:Omn04tJTZlNOXIszGurB8XfpbsGf+6LIn86BaN9XRDs=
 github.com/openstack-k8s-operators/keystone-operator/api v0.3.1-0.20231128185906-0b4579c3dadf/go.mod h1:kDtQ2LCkf28F7xgK8GBFAMPDhXnL6iRb8NztHhrYaO0=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20231128145648-956f4d361a63 h1:iA/8vt+o2bMxYvvenNB7VArBvM8UyDLw3G7S/teMLc0=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20231128145648-956f4d361a63/go.mod h1:OYad2L+OD4j5CR49di7gu3Q1UkLBmpYwvtdoGlnasL4=
 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20231128145648-956f4d361a63 h1:Bl+kXtdCux8H/iXixa+g/fdtPKCJc7oCyPsfZo70thE=
 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20231128145648-956f4d361a63/go.mod h1:IUYIDD1uazTWDPYTmAojTBFQDZ7lATPWTfynx2QlPjU=
 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20231128145648-956f4d361a63 h1:ok420+r0QGypb4ORk2Zi4k9i0pgXjMZHQ1w/6zgxyrE=

diff --git a/config/crd/bases/client.openstack.org_openstackclients.yaml b/config/crd/bases/client.openstack.org_openstackclients.yaml
@@ -36,7 +36,7 @@ spec:
             type: object
           spec:
             properties:
-              caSecretName:
+              caBundleSecretName:
                 type: string
               containerImage:
                 type: string

diff --git a/config/crd/bases/core.openstack.org_openstackcontrolplanes.yaml b/config/crd/bases/core.openstack.org_openstackcontrolplanes.yaml
@@ -6479,6 +6479,33 @@ spec:
                         type: object
                       secret:
                         type: string
+                      tls:
+                        properties:
+                          api:
+                            properties:
+                              disabled:
+                                type: boolean
+                              endpoint:
+                                additionalProperties:
+                                  properties:
+                                    secretName:
+                                      type: string
+                                  type: object
+                                type: object
+                            type: object
+                          caBundleSecretName:
+                            type: string
+                          db:
+                            properties:
+                              disabled:
+                                type: boolean
+                            type: object
+                          messaging:
+                            properties:
+                              disabled:
+                                type: boolean
+                            type: object
+                        type: object
                       trustFlushArgs:
                         default: ""
                         type: string
@@ -10339,7 +10366,7 @@ spec:
                 properties:
                   template:
                     properties:
-                      caSecretName:
+                      caBundleSecretName:
                         type: string
                       containerImage:
                         type: string
@@ -15186,7 +15213,7 @@ spec:
                     public:
                       enabled: true
                 properties:
-                  caSecretName:
+                  caBundleSecretName:
                     type: string
                   endpoint:
                     additionalProperties:

diff --git a/controllers/client/openstackclient_controller.go b/controllers/client/openstackclient_controller.go
@@ -26,14 +26,21 @@ import (
 	rbacv1 "k8s.io/api/rbac/v1"
 	k8s_errors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/types"
 
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/kubernetes"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+	"sigs.k8s.io/controller-runtime/pkg/handler"
 	"sigs.k8s.io/controller-runtime/pkg/log"
+	"sigs.k8s.io/controller-runtime/pkg/predicate"
+	"sigs.k8s.io/controller-runtime/pkg/reconcile"
+	"sigs.k8s.io/controller-runtime/pkg/source"
 
 	keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1"
 	"github.com/openstack-k8s-operators/lib-common/modules/common"
@@ -42,6 +49,7 @@ import (
 	"github.com/openstack-k8s-operators/lib-common/modules/common/env"
 	helper "github.com/openstack-k8s-operators/lib-common/modules/common/helper"
 	common_rbac "github.com/openstack-k8s-operators/lib-common/modules/common/rbac"
+	"github.com/openstack-k8s-operators/lib-common/modules/common/tls"
 
 	"github.com/openstack-k8s-operators/lib-common/modules/common/secret"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/util"
@@ -232,8 +240,15 @@ func (r *OpenStackClientReconciler) Reconcile(ctx context.Context, req ctrl.Requ
 	}
 	configVars[*instance.Spec.OpenStackConfigSecret] = env.SetValue(secretHash)
 
-	if instance.Spec.CaSecretName != "" {
-		_, secretHash, err := secret.GetSecret(ctx, helper, instance.Spec.CaSecretName, instance.Namespace)
+	if instance.Spec.CaBundleSecretName != "" {
+		secretHash, ctrlResult, err := tls.ValidateCACertSecret(
+			ctx,
+			helper.GetClient(),
+			types.NamespacedName{
+				Name:      instance.Spec.CaBundleSecretName,
+				Namespace: instance.Namespace,
+			},
+		)
 		if err != nil {
 			if k8s_errors.IsNotFound(err) {
 				instance.Status.Conditions.Set(condition.FalseCondition(
@@ -250,8 +265,16 @@ func (r *OpenStackClientReconciler) Reconcile(ctx context.Context, req ctrl.Requ
 				clientv1.OpenStackClientReadyErrorMessage,
 				err.Error()))
 			return ctrl.Result{}, err
+		} else if (ctrlResult != ctrl.Result{}) {
+			instance.Status.Conditions.Set(condition.FalseCondition(
+				clientv1.OpenStackClientReadyCondition,
+				condition.RequestedReason,
+				condition.SeverityInfo,
+				clientv1.OpenStackClientSecretWaitingMessage))
+			return ctrlResult, nil
 		}
-		configVars[instance.Spec.CaSecretName] = env.SetValue(secretHash)
+
+		configVars[instance.Spec.CaBundleSecretName] = env.SetValue(secretHash)
 	}
 
 	configVarsHash, err := util.HashOfInputHashes(configVars)
@@ -269,12 +292,7 @@ func (r *OpenStackClientReconciler) Reconcile(ctx context.Context, req ctrl.Requ
 	op, err := controllerutil.CreateOrPatch(ctx, r.Client, osclient, func() error {
 		isPodUpdate := !osclient.ObjectMeta.CreationTimestamp.IsZero()
 		if !isPodUpdate {
-			spec, err := openstackclient.ClientPodSpec(ctx, instance, helper, clientLabels, configVarsHash)
-			if err != nil {
-				return err
-			}
-
-			osclient.Spec = *spec
+			osclient.Spec = openstackclient.ClientPodSpec(ctx, instance, helper, clientLabels, configVarsHash)
 		} else {
 			hashupdate := false
 
@@ -367,14 +385,113 @@ func (r *OpenStackClientReconciler) Reconcile(ctx context.Context, req ctrl.Requ
 
 }
 
+// fields to index to reconcile when change
+const (
+	caBundleSecretNameField    = ".spec.caBundleSecretName"
+	openStackConfigMapField    = ".spec.openStackConfigMap"
+	openStackConfigSecretField = ".spec.openStackConfigSecret"
+)
+
+var (
+	allWatchFields = []string{
+		caBundleSecretNameField,
+		openStackConfigMapField,
+		openStackConfigSecretField,
+	}
+)
+
 // SetupWithManager sets up the controller with the Manager.
 func (r *OpenStackClientReconciler) SetupWithManager(mgr ctrl.Manager) error {
 
+	// index caBundleSecretNameField
+	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &clientv1.OpenStackClient{}, caBundleSecretNameField, func(rawObj client.Object) []string {
+		// Extract the secret name from the spec, if one is provided
+		cr := rawObj.(*clientv1.OpenStackClient)
+		if cr.Spec.CaBundleSecretName == "" {
+			return nil
+		}
+		return []string{cr.Spec.CaBundleSecretName}
+	}); err != nil {
+		return err
+	}
+	// index openStackConfigMap
+	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &clientv1.OpenStackClient{}, openStackConfigMapField, func(rawObj client.Object) []string {
+		// Extract the configmap name from the spec, if one is provided
+		cr := rawObj.(*clientv1.OpenStackClient)
+		if cr.Spec.OpenStackConfigMap == nil {
+			return nil
+		}
+		if *cr.Spec.OpenStackConfigMap == "" {
+			return nil
+		}
+		return []string{*cr.Spec.OpenStackConfigMap}
+	}); err != nil {
+		return err
+	}
+	// index openStackConfigSecret
+	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &clientv1.OpenStackClient{}, openStackConfigSecretField, func(rawObj client.Object) []string {
+		// Extract the configmap name from the spec, if one is provided
+		cr := rawObj.(*clientv1.OpenStackClient)
+		if cr.Spec.OpenStackConfigSecret == nil {
+			return nil
+		}
+		if *cr.Spec.OpenStackConfigSecret == "" {
+			return nil
+		}
+		return []string{*cr.Spec.OpenStackConfigSecret}
+	}); err != nil {
+		return err
+	}
+
 	return ctrl.NewControllerManagedBy(mgr).
 		For(&clientv1.OpenStackClient{}).
 		Owns(&corev1.Pod{}).
 		Owns(&corev1.ServiceAccount{}).
 		Owns(&rbacv1.Role{}).
 		Owns(&rbacv1.RoleBinding{}).
+		Watches(
+			&source.Kind{Type: &corev1.Secret{}},
+			handler.EnqueueRequestsFromMapFunc(r.findObjectsForSrc),
+			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
+		).
+		Watches(
+			&source.Kind{Type: &corev1.ConfigMap{}},
+			handler.EnqueueRequestsFromMapFunc(r.findObjectsForSrc),
+			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
+		).
+		Watches(
+			&source.Kind{Type: &corev1.Secret{}},
+			handler.EnqueueRequestsFromMapFunc(r.findObjectsForSrc),
+			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
+		).
 		Complete(r)
 }
+
+func (r *OpenStackClientReconciler) findObjectsForSrc(src client.Object) []reconcile.Request {
+	requests := []reconcile.Request{}
+
+	for _, field := range allWatchFields {
+		crList := &clientv1.OpenStackClientList{}
+		listOps := &client.ListOptions{
+			FieldSelector: fields.OneTermEqualSelector(field, src.GetName()),
+			Namespace:     src.GetNamespace(),
+		}
+		err := r.List(context.TODO(), crList, listOps)
+		if err != nil {
+			return []reconcile.Request{}
+		}
+
+		for _, item := range crList.Items {
+			requests = append(requests,
+				reconcile.Request{
+					NamespacedName: types.NamespacedName{
+						Name:      item.GetName(),
+						Namespace: item.GetNamespace(),
+					},
+				},
+			)
+		}
+	}
+
+	return requests
+}
diff --git a/go.mod b/go.mod
@@ -131,3 +131,7 @@ replace github.com/openstack-k8s-operators/openstack-operator/apis => ./apis
 // mschuppert: map to latest commit from release-4.13 tag
 // must consistent within modules and service operators
 replace github.com/openshift/api => github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 //allow-merging
+
+replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5
+
+replace github.com/openstack-k8s-operators/keystone-operator/api => github.com/stuggi/keystone-operator/api v0.0.0-20231204163425-bd3998fc2d35
diff --git a/go.sum b/go.sum
@@ -1,6 +1,8 @@
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5 h1:5+xXZONbkUa2QBbqtyvABRuUazwRs9e5UgJgK3vQ6Oc=
+github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5/go.mod h1:ImxqioQ1ID+d7fMMD4lK8CxJqNTB5tsQ+lGKcN/xx5M=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
@@ -159,12 +161,8 @@ github.com/openstack-k8s-operators/infra-operator/apis v0.3.1-0.20231122104142-3
 github.com/openstack-k8s-operators/infra-operator/apis v0.3.1-0.20231122104142-3b449040167e/go.mod h1:FnKU6sravC43Uj0iq2bhZaPMjoPCBhkNlVdiVoGi5/E=
 github.com/openstack-k8s-operators/ironic-operator/api v0.3.1-0.20231127105109-2a854ad66b54 h1:feWz7K3XIqZOZenySzfei4rsCrdgpS30kInXokX06YA=
 github.com/openstack-k8s-operators/ironic-operator/api v0.3.1-0.20231127105109-2a854ad66b54/go.mod h1:H6BuZ52u+Dq/vWJgpGIJLttRTnPPH3xdVeqhI99QE/k=
-github.com/openstack-k8s-operators/keystone-operator/api v0.3.1-0.20231128185906-0b4579c3dadf h1:Omn04tJTZlNOXIszGurB8XfpbsGf+6LIn86BaN9XRDs=
-github.com/openstack-k8s-operators/keystone-operator/api v0.3.1-0.20231128185906-0b4579c3dadf/go.mod h1:kDtQ2LCkf28F7xgK8GBFAMPDhXnL6iRb8NztHhrYaO0=
 github.com/openstack-k8s-operators/lib-common/modules/certmanager v0.0.0-20231128145648-956f4d361a63 h1:kVxfqAz0Il4mEGjU71k+NwS6773u7e9LzoVBAZJNFOM=
 github.com/openstack-k8s-operators/lib-common/modules/certmanager v0.0.0-20231128145648-956f4d361a63/go.mod h1:+eEAq2Bfodi9xvh3S1OkEo4lJeTVGmhU/N7t5Hhpd6s=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20231128145648-956f4d361a63 h1:iA/8vt+o2bMxYvvenNB7VArBvM8UyDLw3G7S/teMLc0=
-github.com/openstack-k8s-operators/lib-common/modules/common v0.3.1-0.20231128145648-956f4d361a63/go.mod h1:OYad2L+OD4j5CR49di7gu3Q1UkLBmpYwvtdoGlnasL4=
 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20231128145648-956f4d361a63 h1:Bl+kXtdCux8H/iXixa+g/fdtPKCJc7oCyPsfZo70thE=
 github.com/openstack-k8s-operators/lib-common/modules/openstack v0.3.1-0.20231128145648-956f4d361a63/go.mod h1:IUYIDD1uazTWDPYTmAojTBFQDZ7lATPWTfynx2QlPjU=
 github.com/openstack-k8s-operators/lib-common/modules/storage v0.3.1-0.20231128145648-956f4d361a63 h1:ok420+r0QGypb4ORk2Zi4k9i0pgXjMZHQ1w/6zgxyrE=
@@ -230,6 +228,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stuggi/keystone-operator/api v0.0.0-20231204163425-bd3998fc2d35 h1:L/DSGuZjo+FEt5HZ7KKJDhx1i/WLmMzFjUEwcO28pDs=
+github.com/stuggi/keystone-operator/api v0.0.0-20231204163425-bd3998fc2d35/go.mod h1:vB6RW0rrO34maXX4pdbowQVxH7vEi1MLlmwelZxR33M=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
 github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y=

diff --git a/pkg/openstack/ca.go b/pkg/openstack/ca.go
@@ -135,16 +135,16 @@ func ReconcileCAs(ctx context.Context, instance *corev1.OpenStackControlPlane, h
 	instance.Status.Conditions.MarkTrue(corev1.OpenStackControlPlaneCAReadyCondition, corev1.OpenStackControlPlaneCAReadyMessage)
 
 	// create/update combined CA secret
-	if instance.Spec.TLS.CaSecretName != "" {
-		caSecret, _, err := secret.GetSecret(ctx, helper, instance.Spec.TLS.CaSecretName, instance.Namespace)
+	if instance.Spec.TLS.CaBundleSecretName != "" {
+		caSecret, _, err := secret.GetSecret(ctx, helper, instance.Spec.TLS.CaBundleSecretName, instance.Namespace)
 		if err != nil {
 			instance.Status.Conditions.Set(condition.FalseCondition(
 				corev1.OpenStackControlPlaneCAReadyCondition,
 				condition.ErrorReason,
 				condition.SeverityWarning,
 				corev1.OpenStackControlPlaneCAReadyErrorMessage,
 				"secret",
-				instance.Spec.TLS.CaSecretName,
+				instance.Spec.TLS.CaBundleSecretName,
 				err.Error()))
 
 			return ctrlResult, err
Original file line number	Diff line number	Diff line change
Expand Up		@@ -113,3 +113,5 @@ replace github.com/openshift/api => github.com/openshift/api v0.0.0-202304141430

		// Bump golang.org/x/net to avoid Rapid Reset CVE
		replace golang.org/x/net => golang.org/x/net v0.18.0 //allow-merging

		replace github.com/openstack-k8s-operators/lib-common/modules/common => github.com/Deydra71/lib-common/modules/common v0.0.0-20231204140814-3719cbd23dc5