зеркало из https://github.com/Azure/ARO-RP.git
Convert ServicePrincipalProfile to pointer
* Adjust converters + tests
This commit is contained in:
cadenmarchese
Родитель
d67323be48
Коммит
e7f7b692e1
|
|
@ -43,7 +43,7 @@ type OpenShiftClusterProperties struct {
|
|||
ClusterProfile ClusterProfile `json:"clusterProfile,omitempty"`
|
||||
FeatureProfile FeatureProfile `json:"featureProfile,omitempty"`
|
||||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
PlatformWorkloadIdentityProfile *PlatformWorkloadIdentityProfile `json:"platformWorkloadIdentityProfile,omitempty"`
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
MasterProfile MasterProfile `json:"masterProfile,omitempty"`
|
||||
|
|
@ -149,8 +149,9 @@ type ConsoleProfile struct {
|
|||
|
||||
// ServicePrincipalProfile represents a service principal profile.
|
||||
type ServicePrincipalProfile struct {
|
||||
ClientID string `json:"clientId,omitempty"`
|
||||
SPObjectID string `json:"spObjectId,omitempty"`
|
||||
ClientID string `json:"clientId,omitempty"`
|
||||
SPObjectID string `json:"spObjectId,omitempty"`
|
||||
ClientSecret string `json:"clientSecret,omitempty"`
|
||||
}
|
||||
|
||||
// SoftwareDefinedNetwork constants.
|
||||
|
|
|
|||
|
|
@ -45,10 +45,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
SPObjectID: oc.Properties.ServicePrincipalProfile.SPObjectID,
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
SoftwareDefinedNetwork: SoftwareDefinedNetwork(oc.Properties.NetworkProfile.SoftwareDefinedNetwork),
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
|
|
@ -77,6 +73,14 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
SPObjectID: oc.Properties.ServicePrincipalProfile.SPObjectID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.NetworkProfile.LoadBalancerProfile != nil {
|
||||
out.Properties.NetworkProfile.LoadBalancerProfile = &LoadBalancerProfile{}
|
||||
|
||||
|
|
@ -275,8 +279,13 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.FeatureProfile.GatewayEnabled = oc.Properties.FeatureProfile.GatewayEnabled
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.SPObjectID = oc.Properties.ServicePrincipalProfile.SPObjectID
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
SPObjectID: oc.Properties.ServicePrincipalProfile.SPObjectID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
if oc.Properties.PlatformWorkloadIdentityProfile != nil && oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities != nil {
|
||||
out.Properties.PlatformWorkloadIdentityProfile = &api.PlatformWorkloadIdentityProfile{}
|
||||
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make([]api.PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
|
||||
|
|
|
|||
|
|
@ -314,7 +314,7 @@ func TestOpenShiftClusterStaticValidateDelta(t *testing.T) {
|
|||
oc: func() *OpenShiftCluster {
|
||||
return &OpenShiftCluster{
|
||||
Properties: OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientID: "clientId",
|
||||
},
|
||||
},
|
||||
|
|
@ -330,7 +330,7 @@ func TestOpenShiftClusterStaticValidateDelta(t *testing.T) {
|
|||
oc: func() *OpenShiftCluster {
|
||||
return &OpenShiftCluster{
|
||||
Properties: OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
SPObjectID: "clientId",
|
||||
},
|
||||
},
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ func (sv openShiftVersionStaticValidator) Static(_new interface{}, _current *api
|
|||
current = (&openShiftVersionConverter{}).ToExternal(_current).(*OpenShiftVersion)
|
||||
}
|
||||
|
||||
err := sv.validate(new, current == nil)
|
||||
err := sv.validate(new)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -33,7 +33,7 @@ func (sv openShiftVersionStaticValidator) Static(_new interface{}, _current *api
|
|||
return sv.validateDelta(new, current)
|
||||
}
|
||||
|
||||
func (sv openShiftVersionStaticValidator) validate(new *OpenShiftVersion, isCreate bool) error {
|
||||
func (sv openShiftVersionStaticValidator) validate(new *OpenShiftVersion) error {
|
||||
if new.Properties.Version == "" {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, "properties.version", "Must be provided")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ type OpenShiftClusterProperties struct {
|
|||
|
||||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
PlatformWorkloadIdentityProfile *PlatformWorkloadIdentityProfile `json:"platformWorkloadIdentityProfile,omitempty"`
|
||||
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ func ExampleOpenShiftClusterDocument() *OpenShiftClusterDocument {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "clientId",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -30,10 +30,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -50,6 +46,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
|
||||
|
|
@ -130,8 +133,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.Version = oc.Properties.ClusterProfile.Version
|
||||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.MasterProfile.VMSize = api.VMSize(oc.Properties.MasterProfile.VMSize)
|
||||
|
|
|
|||
|
|
@ -91,7 +91,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile); err != nil {
|
||||
|
|
@ -172,6 +172,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ func validOpenShiftCluster() *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -30,10 +30,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -50,6 +46,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
|
||||
|
|
@ -130,8 +133,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.Version = oc.Properties.ClusterProfile.Version
|
||||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.MasterProfile.VMSize = api.VMSize(oc.Properties.MasterProfile.VMSize)
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile); err != nil {
|
||||
|
|
@ -175,6 +175,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ func validOpenShiftCluster() *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -30,10 +30,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -53,6 +49,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
|
||||
|
|
@ -144,8 +147,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.Version = oc.Properties.ClusterProfile.Version
|
||||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.NetworkProfile.SoftwareDefinedNetwork = api.SoftwareDefinedNetwork(oc.Properties.NetworkProfile.SoftwareDefinedNetwork)
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile); err != nil {
|
||||
|
|
@ -175,6 +175,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ func validOpenShiftCluster() *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -53,6 +49,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
|
||||
|
|
@ -145,8 +148,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.MasterProfile.VMSize = api.VMSize(oc.Properties.MasterProfile.VMSize)
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile); err != nil {
|
||||
|
|
@ -181,6 +181,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -71,7 +71,7 @@ func validOpenShiftCluster() *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -53,6 +49,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
|
||||
|
|
@ -145,8 +148,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.MasterProfile.VMSize = api.VMSize(oc.Properties.MasterProfile.VMSize)
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile); err != nil {
|
||||
|
|
@ -181,6 +181,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ func validOpenShiftCluster(name, location string) *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -54,6 +50,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
|
||||
|
|
@ -146,8 +149,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.NetworkProfile.OutboundType = api.OutboundType(oc.Properties.NetworkProfile.OutboundType)
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile, p.APIServerProfile.Visibility, p.IngressProfiles[0].Visibility); err != nil {
|
||||
|
|
@ -181,6 +181,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ func validOpenShiftCluster(name, location string) *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -54,6 +50,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.NetworkProfile.LoadBalancerProfile != nil {
|
||||
out.Properties.NetworkProfile.LoadBalancerProfile = &LoadBalancerProfile{}
|
||||
|
||||
|
|
@ -187,8 +190,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.NetworkProfile.OutboundType = api.OutboundType(oc.Properties.NetworkProfile.OutboundType)
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile, p.APIServerProfile.Visibility, p.IngressProfiles[0].Visibility); err != nil {
|
||||
|
|
@ -187,6 +187,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ func validOpenShiftCluster(name, location string) *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -55,6 +51,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.WorkerProfiles != nil {
|
||||
workerProfiles := oc.Properties.WorkerProfiles
|
||||
out.Properties.WorkerProfiles = make([]WorkerProfile, 0, len(workerProfiles))
|
||||
|
|
@ -157,8 +160,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ClusterProfile.ResourceGroupID = oc.Properties.ClusterProfile.ResourceGroupID
|
||||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.NetworkProfile.OutboundType = api.OutboundType(oc.Properties.NetworkProfile.OutboundType)
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile, p.APIServerProfile.Visibility, p.IngressProfiles[0].Visibility); err != nil {
|
||||
|
|
@ -185,6 +185,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ func validOpenShiftCluster(name, location string) *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "https://console-openshift-console.apps.cluster.location.aroapp.io/",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -53,7 +53,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The cluster network profile.
|
||||
NetworkProfile NetworkProfile `json:"networkProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -31,10 +31,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -55,6 +51,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.NetworkProfile.LoadBalancerProfile != nil {
|
||||
out.Properties.NetworkProfile.LoadBalancerProfile = &LoadBalancerProfile{}
|
||||
|
||||
|
|
@ -178,8 +181,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
}
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
out.Properties.NetworkProfile.PodCIDR = oc.Properties.NetworkProfile.PodCIDR
|
||||
out.Properties.NetworkProfile.ServiceCIDR = oc.Properties.NetworkProfile.ServiceCIDR
|
||||
out.Properties.NetworkProfile.OutboundType = api.OutboundType(oc.Properties.NetworkProfile.OutboundType)
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile, p.APIServerProfile.Visibility, p.IngressProfiles[0].Visibility); err != nil {
|
||||
|
|
@ -191,6 +191,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ func validOpenShiftCluster(name, location string) *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ type OpenShiftClusterProperties struct {
|
|||
ConsoleProfile ConsoleProfile `json:"consoleProfile,omitempty"`
|
||||
|
||||
// The cluster service principal profile.
|
||||
ServicePrincipalProfile ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
ServicePrincipalProfile *ServicePrincipalProfile `json:"servicePrincipalProfile,omitempty"`
|
||||
|
||||
// The workload identity profile.
|
||||
PlatformWorkloadIdentityProfile *PlatformWorkloadIdentityProfile `json:"platformWorkloadIdentityProfile,omitempty"`
|
||||
|
|
|
|||
|
|
@ -32,10 +32,6 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: oc.Properties.ConsoleProfile.URL,
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
},
|
||||
NetworkProfile: NetworkProfile{
|
||||
PodCIDR: oc.Properties.NetworkProfile.PodCIDR,
|
||||
ServiceCIDR: oc.Properties.NetworkProfile.ServiceCIDR,
|
||||
|
|
@ -56,6 +52,13 @@ func (c openShiftClusterConverter) ToExternal(oc *api.OpenShiftCluster) interfac
|
|||
},
|
||||
}
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: string(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if oc.Properties.NetworkProfile.LoadBalancerProfile != nil {
|
||||
out.Properties.NetworkProfile.LoadBalancerProfile = &LoadBalancerProfile{}
|
||||
|
||||
|
|
@ -214,9 +217,12 @@ func (c openShiftClusterConverter) ToInternal(_oc interface{}, out *api.OpenShif
|
|||
out.Properties.ConsoleProfile.URL = oc.Properties.ConsoleProfile.URL
|
||||
}
|
||||
out.Properties.ClusterProfile.FipsValidatedModules = api.FipsValidatedModules(oc.Properties.ClusterProfile.FipsValidatedModules)
|
||||
out.Properties.ServicePrincipalProfile.ClientID = oc.Properties.ServicePrincipalProfile.ClientID
|
||||
out.Properties.ServicePrincipalProfile.ClientSecret = api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret)
|
||||
|
||||
if oc.Properties.ServicePrincipalProfile != nil {
|
||||
out.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: oc.Properties.ServicePrincipalProfile.ClientID,
|
||||
ClientSecret: api.SecureString(oc.Properties.ServicePrincipalProfile.ClientSecret),
|
||||
}
|
||||
}
|
||||
if oc.Properties.PlatformWorkloadIdentityProfile != nil && oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities != nil {
|
||||
out.Properties.PlatformWorkloadIdentityProfile = &api.PlatformWorkloadIdentityProfile{}
|
||||
out.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities = make([]api.PlatformWorkloadIdentity, len(oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities))
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ func (sv openShiftClusterStaticValidator) validateProperties(path string, p *Ope
|
|||
if err := sv.validateConsoleProfile(path+".consoleProfile", &p.ConsoleProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", &p.ServicePrincipalProfile); err != nil {
|
||||
if err := sv.validateServicePrincipalProfile(path+".servicePrincipalProfile", p.ServicePrincipalProfile); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := sv.validateNetworkProfile(path+".networkProfile", &p.NetworkProfile, p.APIServerProfile.Visibility, p.IngressProfiles[0].Visibility); err != nil {
|
||||
|
|
@ -191,6 +191,10 @@ func (sv openShiftClusterStaticValidator) validateConsoleProfile(path string, cp
|
|||
}
|
||||
|
||||
func (sv openShiftClusterStaticValidator) validateServicePrincipalProfile(path string, spp *ServicePrincipalProfile) error {
|
||||
if spp == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
valid := uuid.IsValid(spp.ClientID)
|
||||
if !valid {
|
||||
return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, path+".clientId", "The provided client ID '%s' is invalid.", spp.ClientID)
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ func validOpenShiftCluster(name, location string) *OpenShiftCluster {
|
|||
ConsoleProfile: ConsoleProfile{
|
||||
URL: "",
|
||||
},
|
||||
ServicePrincipalProfile: ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
ClientID: "11111111-1111-1111-1111-111111111111",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ func TestCreateOrUpdateClusterServicePrincipalRBAC(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
ResourceGroupID: resourceGroupID,
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
SPObjectID: fakeClusterSPObjectId,
|
||||
},
|
||||
},
|
||||
|
|
@ -263,7 +263,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
for _, tt := range []struct {
|
||||
name string
|
||||
kubernetescli func() *fake.Clientset
|
||||
spp api.ServicePrincipalProfile
|
||||
spp *api.ServicePrincipalProfile
|
||||
wantSecret func() *corev1.Secret
|
||||
wantErrMsg string
|
||||
}{
|
||||
|
|
@ -272,7 +272,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
kubernetescli: func() *fake.Clientset {
|
||||
return fake.NewSimpleClientset()
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -287,7 +287,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
})
|
||||
return cli
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -300,7 +300,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
secret.Data["cloud-config"] = []byte("This is some random data that is not going to unmarshal properly!")
|
||||
return fake.NewSimpleClientset(&secret)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -312,7 +312,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
secret := getFakeAROSecret("aadClientId", "aadClientSecret")
|
||||
return fake.NewSimpleClientset(&secret)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientIdNew",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -327,7 +327,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
secret := getFakeAROSecret("aadClientId", "aadClientSecret")
|
||||
return fake.NewSimpleClientset(&secret)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -342,7 +342,7 @@ func TestServicePrincipalUpdated(t *testing.T) {
|
|||
secret := getFakeAROSecret("aadClientId", "aadClientSecret")
|
||||
return fake.NewSimpleClientset(&secret)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecret",
|
||||
},
|
||||
|
|
@ -397,7 +397,7 @@ func TestUpdateAROSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecret",
|
||||
},
|
||||
|
|
@ -418,7 +418,7 @@ func TestUpdateAROSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "new-client-id",
|
||||
ClientSecret: "aadClientSecret",
|
||||
},
|
||||
|
|
@ -449,7 +449,7 @@ func TestUpdateAROSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "clientID",
|
||||
ClientSecret: "aadClientSecret",
|
||||
},
|
||||
|
|
@ -528,7 +528,7 @@ func TestUpdateOpenShiftSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "azure_client_id_value",
|
||||
ClientSecret: "azure_client_secret_value",
|
||||
},
|
||||
|
|
@ -553,7 +553,7 @@ func TestUpdateOpenShiftSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "azure_client_id_value",
|
||||
ClientSecret: "new_azure_client_secret_value",
|
||||
},
|
||||
|
|
@ -580,7 +580,7 @@ func TestUpdateOpenShiftSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "azure_client_id_value",
|
||||
ClientSecret: "azure_client_secret_value",
|
||||
},
|
||||
|
|
@ -606,7 +606,7 @@ func TestUpdateOpenShiftSecret(t *testing.T) {
|
|||
},
|
||||
doc: api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "azure_client_id_value",
|
||||
ClientSecret: "azure_client_secret_value",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -248,7 +248,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
name string
|
||||
kubernetescli func() *fake.Clientset
|
||||
dynamiccli func() *dynamicfake.FakeDynamicClient
|
||||
spp api.ServicePrincipalProfile
|
||||
spp *api.ServicePrincipalProfile
|
||||
want bool
|
||||
wantErrMsg string
|
||||
}{
|
||||
|
|
@ -261,7 +261,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
dynamiccli: func() *dynamicfake.FakeDynamicClient {
|
||||
return dynamicfake.NewSimpleDynamicClient(scheme.Scheme)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecret",
|
||||
},
|
||||
|
|
@ -276,7 +276,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
dynamiccli: func() *dynamicfake.FakeDynamicClient {
|
||||
return dynamicfake.NewSimpleDynamicClient(scheme.Scheme)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -295,7 +295,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
})
|
||||
return dynamiccli
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -317,7 +317,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
}
|
||||
return dynamicfake.NewSimpleDynamicClient(scheme.Scheme, &cr)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -343,7 +343,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
}
|
||||
return dynamicfake.NewSimpleDynamicClient(scheme.Scheme, &cr)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
@ -368,7 +368,7 @@ func TestAroCredentialsRequestReconciled(t *testing.T) {
|
|||
}
|
||||
return dynamicfake.NewSimpleDynamicClient(scheme.Scheme, &cr)
|
||||
},
|
||||
spp: api.ServicePrincipalProfile{
|
||||
spp: &api.ServicePrincipalProfile{
|
||||
ClientID: "aadClientId",
|
||||
ClientSecret: "aadClientSecretNew",
|
||||
},
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ func TestCreateOrUpdateDenyAssignment(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
ResourceGroupID: fmt.Sprintf("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/%s", clusterRGName),
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
SPObjectID: fakeClusterSPObjectId,
|
||||
},
|
||||
},
|
||||
|
|
|
|||
|
|
@ -187,12 +187,10 @@ func (m *manager) Update(ctx context.Context) error {
|
|||
steps.AuthorizationRetryingAction(m.fpAuthorizer, m.validateResources),
|
||||
steps.Action(m.initializeKubernetesClients), // All init steps are first
|
||||
steps.Action(m.initializeOperatorDeployer), // depends on kube clients
|
||||
steps.Action(m.initializeClusterSPClients),
|
||||
// Since ServicePrincipalProfile is now a pointer and our converters re-build the struct,
|
||||
// our update path needs to enrich the doc with SPObjectID since it was overwritten by our API on put/patch.
|
||||
steps.AuthorizationRetryingAction(m.fpAuthorizer, m.fixupClusterSPObjectID),
|
||||
|
||||
// TODO: this relies on an authorizer that isn't exposed in the manager
|
||||
// struct, so we'll rebuild the fpAuthorizer and use the error catching
|
||||
// to advance
|
||||
steps.AuthorizationRetryingAction(m.fpAuthorizer, m.clusterSPObjectID),
|
||||
// credentials rotation flow steps
|
||||
steps.Action(m.createOrUpdateClusterServicePrincipalRBAC),
|
||||
steps.Action(m.createOrUpdateDenyAssignment),
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ func TestAdminListOpenShiftCluster(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret1",
|
||||
},
|
||||
},
|
||||
|
|
@ -65,7 +65,7 @@ func TestAdminListOpenShiftCluster(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret2",
|
||||
},
|
||||
},
|
||||
|
|
@ -80,11 +80,17 @@ func TestAdminListOpenShiftCluster(t *testing.T) {
|
|||
ID: testdatabase.GetResourcePath(mockSubID, "resourceName1"),
|
||||
Name: "resourceName1",
|
||||
Type: "Microsoft.RedHatOpenShift/openshiftClusters",
|
||||
Properties: admin.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &admin.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
{
|
||||
ID: testdatabase.GetResourcePath(otherMockSubID, "resourceName2"),
|
||||
Name: "resourceName2",
|
||||
Type: "Microsoft.RedHatOpenShift/openshiftClusters",
|
||||
Properties: admin.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &admin.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ func TestGetAsyncOperationResult(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
},
|
||||
|
|
@ -69,6 +69,9 @@ func TestGetAsyncOperationResult(t *testing.T) {
|
|||
ID: testdatabase.GetResourcePath(mockSubID, "fakeClusterID"),
|
||||
Name: "resourceName",
|
||||
Type: "Microsoft.RedHatOpenShift/openshiftClusters",
|
||||
Properties: v20200430.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ func TestGetOpenShiftCluster(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
},
|
||||
|
|
@ -62,6 +62,9 @@ func TestGetOpenShiftCluster(t *testing.T) {
|
|||
ID: tt.resourceID,
|
||||
Name: "resourceName",
|
||||
Type: "Microsoft.RedHatOpenShift/openshiftClusters",
|
||||
Properties: v20200430.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
}
|
||||
},
|
||||
},
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ func makeDoc(num int) *api.OpenShiftClusterDocument {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: (api.SecureString)(clientSecret),
|
||||
},
|
||||
},
|
||||
|
|
@ -78,11 +78,17 @@ func TestListOpenShiftCluster(t *testing.T) {
|
|||
ID: fmt.Sprintf("/subscriptions/%s/resourcegroups/resourceGroup/providers/Microsoft.RedHatOpenShift/openShiftClusters/resourceName01", mockSubID),
|
||||
Name: "resourceName01",
|
||||
Type: "Microsoft.RedHatOpenShift/openShiftClusters",
|
||||
Properties: v20200430.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
{
|
||||
ID: testdatabase.GetResourcePath(mockSubID, "resourceName02"),
|
||||
Name: "resourceName02",
|
||||
Type: "Microsoft.RedHatOpenShift/openShiftClusters",
|
||||
Properties: v20200430.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
@ -117,6 +123,9 @@ func TestListOpenShiftCluster(t *testing.T) {
|
|||
ID: testdatabase.GetResourcePath(mockSubID, fmt.Sprintf("resourceName%02d", i)),
|
||||
Name: fmt.Sprintf("resourceName%02d", i),
|
||||
Type: "Microsoft.RedHatOpenShift/openShiftClusters",
|
||||
Properties: v20200430.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
|
|
@ -145,6 +154,9 @@ func TestListOpenShiftCluster(t *testing.T) {
|
|||
ID: testdatabase.GetResourcePath(mockSubID, "resourceName11"),
|
||||
Name: "resourceName11",
|
||||
Type: "Microsoft.RedHatOpenShift/openShiftClusters",
|
||||
Properties: v20200430.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -126,7 +126,7 @@ func (f *frontend) _putOrPatchOpenShiftCluster(ctx context.Context, log *logrus.
|
|||
// Our base structure for unmarshal is skeleton document with values we
|
||||
// think is required. We expect payload to have everything else required.
|
||||
case http.MethodPut:
|
||||
ext = converter.ToExternal(&api.OpenShiftCluster{
|
||||
document := &api.OpenShiftCluster{
|
||||
ID: doc.OpenShiftCluster.ID,
|
||||
Name: doc.OpenShiftCluster.Name,
|
||||
Type: doc.OpenShiftCluster.Type,
|
||||
|
|
@ -136,12 +136,16 @@ func (f *frontend) _putOrPatchOpenShiftCluster(ctx context.Context, log *logrus.
|
|||
PullSecret: doc.OpenShiftCluster.Properties.ClusterProfile.PullSecret,
|
||||
Version: doc.OpenShiftCluster.Properties.ClusterProfile.Version,
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ClientSecret: doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientSecret,
|
||||
},
|
||||
},
|
||||
SystemData: doc.OpenShiftCluster.SystemData,
|
||||
})
|
||||
}
|
||||
|
||||
if doc.OpenShiftCluster.Properties.ServicePrincipalProfile != nil {
|
||||
document.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{}
|
||||
document.Properties.ServicePrincipalProfile.ClientSecret = doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientSecret
|
||||
}
|
||||
|
||||
ext = converter.ToExternal(document)
|
||||
|
||||
// In case of PATCH we take current cluster document, which is enriched
|
||||
// from the cluster and use it as base for unmarshal. So customer can
|
||||
|
|
@ -190,7 +194,11 @@ func (f *frontend) _putOrPatchOpenShiftCluster(ctx context.Context, log *logrus.
|
|||
doc.OpenShiftCluster.Properties.ClusterProfile.ResourceGroupID = strings.ToLower(doc.OpenShiftCluster.Properties.ClusterProfile.ResourceGroupID)
|
||||
|
||||
doc.ClusterResourceGroupIDKey = strings.ToLower(doc.OpenShiftCluster.Properties.ClusterProfile.ResourceGroupID)
|
||||
doc.ClientIDKey = strings.ToLower(doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientID)
|
||||
|
||||
if doc.OpenShiftCluster.Properties.ServicePrincipalProfile != nil {
|
||||
doc.ClientIDKey = strings.ToLower(doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientID)
|
||||
}
|
||||
|
||||
doc.OpenShiftCluster.Properties.ProvisioningState = api.ProvisioningStateCreating
|
||||
|
||||
doc.Bucket, err = f.bucketAllocator.Allocate()
|
||||
|
|
@ -235,7 +243,10 @@ func (f *frontend) _putOrPatchOpenShiftCluster(ctx context.Context, log *logrus.
|
|||
// We remove sensitive data from document to prevent sensitive data being
|
||||
// returned to the customer.
|
||||
doc.OpenShiftCluster.Properties.ClusterProfile.PullSecret = ""
|
||||
doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientSecret = ""
|
||||
|
||||
if doc.OpenShiftCluster.Properties.ServicePrincipalProfile != nil {
|
||||
doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientSecret = ""
|
||||
}
|
||||
|
||||
// We don't return enriched worker profile data on PUT/PATCH operations
|
||||
doc.OpenShiftCluster.Properties.WorkerProfilesStatus = nil
|
||||
|
|
|
|||
|
|
@ -2123,7 +2123,7 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
|
|||
},
|
||||
IngressProfiles: []api.IngressProfile{{Name: "will-be-removed"}},
|
||||
WorkerProfiles: []api.WorkerProfile{{Name: "will-be-removed"}},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "will-be-kept",
|
||||
},
|
||||
NetworkProfile: api.NetworkProfile{
|
||||
|
|
@ -2162,7 +2162,7 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
|
|||
Domain: "changed",
|
||||
FipsValidatedModules: api.FipsValidatedModulesDisabled,
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "will-be-kept",
|
||||
},
|
||||
NetworkProfile: api.NetworkProfile{
|
||||
|
|
@ -2195,6 +2195,7 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
|
|||
ClusterProfile: v20200430.ClusterProfile{
|
||||
Domain: "changed",
|
||||
},
|
||||
ServicePrincipalProfile: &v20200430.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
|
@ -2678,7 +2679,9 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
|
|||
{
|
||||
name: "creating cluster failing when provided cluster resource group already contains a cluster",
|
||||
request: func(oc *v20200430.OpenShiftCluster) {
|
||||
oc.Properties.ServicePrincipalProfile.ClientID = mockSubID
|
||||
oc.Properties.ServicePrincipalProfile = &v20200430.ServicePrincipalProfile{
|
||||
ClientID: mockSubID,
|
||||
}
|
||||
oc.Properties.ClusterProfile.ResourceGroupID = fmt.Sprintf("/subscriptions/%s/resourcegroups/aro-vjb21wca", mockSubID)
|
||||
},
|
||||
fixture: func(f *testdatabase.Fixture) {
|
||||
|
|
@ -2726,7 +2729,9 @@ func TestPutOrPatchOpenShiftCluster(t *testing.T) {
|
|||
{
|
||||
name: "creating cluster failing when provided client ID is not unique",
|
||||
request: func(oc *v20200430.OpenShiftCluster) {
|
||||
oc.Properties.ServicePrincipalProfile.ClientID = mockSubID
|
||||
oc.Properties.ServicePrincipalProfile = &v20200430.ServicePrincipalProfile{
|
||||
ClientID: mockSubID,
|
||||
}
|
||||
},
|
||||
fixture: func(f *testdatabase.Fixture) {
|
||||
f.AddSubscriptionDocuments(&api.SubscriptionDocument{
|
||||
|
|
@ -2918,7 +2923,7 @@ func TestPutOrPatchOpenShiftClusterValidated(t *testing.T) {
|
|||
VMSize: v20220401.VMSize("Standard_D32s_v3"),
|
||||
SubnetID: fmt.Sprintf("/subscriptions/%s/resourcegroups/network/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master", mockSubID),
|
||||
},
|
||||
ServicePrincipalProfile: v20220401.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &v20220401.ServicePrincipalProfile{
|
||||
ClientID: "00000000-0000-0000-1111-000000000000",
|
||||
ClientSecret: "00000000-0000-0000-0000-000000000000",
|
||||
},
|
||||
|
|
@ -2973,7 +2978,7 @@ func TestPutOrPatchOpenShiftClusterValidated(t *testing.T) {
|
|||
VMSize: api.VMSize("Standard_D32s_v3"),
|
||||
SubnetID: fmt.Sprintf("/subscriptions/%s/resourcegroups/network/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master", mockSubID),
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "00000000-0000-0000-1111-000000000000",
|
||||
ClientSecret: "00000000-0000-0000-0000-000000000000",
|
||||
},
|
||||
|
|
@ -3032,7 +3037,7 @@ func TestPutOrPatchOpenShiftClusterValidated(t *testing.T) {
|
|||
VMSize: api.VMSize("Standard_D32s_v3"),
|
||||
SubnetID: fmt.Sprintf("/subscriptions/%s/resourcegroups/network/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master", mockSubID),
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "00000000-0000-0000-1111-000000000000",
|
||||
ClientSecret: "00000000-0000-0000-0000-000000000000",
|
||||
},
|
||||
|
|
@ -3089,7 +3094,7 @@ func TestPutOrPatchOpenShiftClusterValidated(t *testing.T) {
|
|||
VMSize: v20220401.VMSize("Standard_D32s_v3"),
|
||||
SubnetID: fmt.Sprintf("/subscriptions/%s/resourcegroups/network/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/master", mockSubID),
|
||||
},
|
||||
ServicePrincipalProfile: v20220401.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &v20220401.ServicePrincipalProfile{
|
||||
ClientID: "00000000-0000-0000-1111-000000000000",
|
||||
},
|
||||
NetworkProfile: v20220401.NetworkProfile{
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ func TestPostOpenShiftClusterCredentials(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
KubeadminPassword: "password",
|
||||
|
|
@ -105,7 +105,7 @@ func TestPostOpenShiftClusterCredentials(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
},
|
||||
|
|
@ -139,7 +139,7 @@ func TestPostOpenShiftClusterCredentials(t *testing.T) {
|
|||
ClusterProfile: api.ClusterProfile{
|
||||
PullSecret: "{}",
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
},
|
||||
|
|
@ -174,7 +174,7 @@ func TestPostOpenShiftClusterCredentials(t *testing.T) {
|
|||
PullSecret: "{}",
|
||||
},
|
||||
FailedProvisioningState: api.ProvisioningStateCreating,
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
},
|
||||
|
|
@ -209,7 +209,7 @@ func TestPostOpenShiftClusterCredentials(t *testing.T) {
|
|||
PullSecret: "{}",
|
||||
},
|
||||
FailedProvisioningState: api.ProvisioningStateDeleting,
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientSecret: "clientSecret",
|
||||
},
|
||||
},
|
||||
|
|
|
|||
|
|
@ -54,8 +54,9 @@ func TestPostOpenShiftClusterKubeConfigCredentials(t *testing.T) {
|
|||
Name: "resourceName",
|
||||
Type: "Microsoft.RedHatOpenShift/openshiftClusters",
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ProvisioningState: api.ProvisioningStateSucceeded,
|
||||
UserAdminKubeconfig: api.SecureBytes("{kubeconfig}"),
|
||||
ProvisioningState: api.ProvisioningStateSucceeded,
|
||||
UserAdminKubeconfig: api.SecureBytes("{kubeconfig}"),
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{},
|
||||
},
|
||||
},
|
||||
})
|
||||
|
|
|
|||
|
|
@ -425,10 +425,6 @@ func (c *Cluster) createCluster(ctx context.Context, vnetResourceGroup, clusterN
|
|||
FipsValidatedModules: api.FipsValidatedModulesEnabled,
|
||||
Version: osClusterVersion,
|
||||
},
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ClientID: clientID,
|
||||
ClientSecret: api.SecureString(clientSecret),
|
||||
},
|
||||
NetworkProfile: api.NetworkProfile{
|
||||
PodCIDR: "10.128.0.0/14",
|
||||
ServiceCIDR: "172.30.0.0/16",
|
||||
|
|
@ -464,6 +460,13 @@ func (c *Cluster) createCluster(ctx context.Context, vnetResourceGroup, clusterN
|
|||
Location: c.env.Location(),
|
||||
}
|
||||
|
||||
if clientID != "" && clientSecret != "" {
|
||||
oc.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
|
||||
ClientID: clientID,
|
||||
ClientSecret: api.SecureString(clientSecret),
|
||||
}
|
||||
}
|
||||
|
||||
if c.env.IsLocalDevelopmentMode() {
|
||||
err := c.registerSubscription(ctx)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ func TestClusterServidePrincipalEnricherTask(t *testing.T) {
|
|||
}),
|
||||
wantOc: &api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "new-client-id",
|
||||
ClientSecret: api.SecureString("new-client-secret"),
|
||||
},
|
||||
|
|
@ -56,7 +56,7 @@ func TestClusterServidePrincipalEnricherTask(t *testing.T) {
|
|||
client: fake.NewSimpleClientset(),
|
||||
wantOc: &api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "old-client-id",
|
||||
ClientSecret: "old-client-secret",
|
||||
},
|
||||
|
|
@ -68,7 +68,7 @@ func TestClusterServidePrincipalEnricherTask(t *testing.T) {
|
|||
t.Run(tt.name, func(t *testing.T) {
|
||||
oc := &api.OpenShiftCluster{
|
||||
Properties: api.OpenShiftClusterProperties{
|
||||
ServicePrincipalProfile: api.ServicePrincipalProfile{
|
||||
ServicePrincipalProfile: &api.ServicePrincipalProfile{
|
||||
ClientID: "old-client-id",
|
||||
ClientSecret: api.SecureString("old-client-secret"),
|
||||
},
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче