provider-credential-controller

module

v0.0.0-...-6deb6d6 Latest Latest Go to latest Published: Oct 11, 2023 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/stolostron/provider-credential-controller

Links

Open Source Insights

README ¶

Provider-credential-controller

What is provider-credential-controller

With provider-credential-controller, your cluster secrets will be automatically updated when making changes to the Provider Crednetial secrets.

Go to the Contributing guide to learn how to get involved.

Getting started

Steps for development:

Compile the code by running

make compile

./build/_output/manager  # Execute the binary

Run the go file manually
```
go run ./cmd/manager/main.go
```

Push an image to your repository

export VERSION=0.1 # Specify a version, must be edited in ./deploy/controller/deployment.yaml
export REPO_URL=quay.io/MY_ORGANIZATION_OR_USERNAME

make push

Steps for deployment:
- Connect to the OpenShift cluster acting as the hub for Open Cluster Management
```
oc apply -k deploy/controller
```
  - Even though this controller deploys as a single pod, it uses leader election to make sure only one instance is ever running.
  - Even if the controller is interupted while updating secrets, when it restarts, it will continue the process until all copied secrets are updated with the new values from the Provider Credential secret.
Steps for testing:
- Running unit tests:
```
make unit-tests
```
- Running scale testing (3000 copied secrets)
  - Connect to an OpenShift cluster
  - Make sure either the controller is deployed, see Steps for deployment or launched from the command line, see Steps for development
```
# Create namespace
oc new-project providers

make scale-up   # This creates a fake Ansible Provider Secret, and makes 3000 copies
                # To changes the number of copies edit ./controller/provider-credential-controller_scale_test.go
                #     const SecretCount = 3000

make scale-test # This makes FOUR token changes to the Provider secret without waiting

make scale-down # Removes a fake Ansible Provider Secret and deletes 3000 copies
```
  - This test executes a sequence of four token updates, not waiting for the 3000 copies to be reconciled. This validates that we do not lose track of the Provider secret updates, even when there is a processing delay in reconciling each copied secret.
Check the Security guide if you need to report a security issue.

Directories ¶

Path	Synopsis
cmd
manager
oldproviderconnection
controllers
oldproviderconnection
providercredential

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL