diff --git a/mongoOperator/helpers/AdminSecretChecker.py b/mongoOperator/helpers/AdminSecretChecker.py index be4690a..dd20b91 100644 --- a/mongoOperator/helpers/AdminSecretChecker.py +++ b/mongoOperator/helpers/AdminSecretChecker.py @@ -26,6 +26,10 @@ class AdminSecretChecker(BaseResourceChecker): def getClusterName(cls, resource_name: str) -> str: return resource_name.replace(cls.NAME_FORMAT.format(""), "") + @classmethod + def getSecretName(cls, cluster_name: str) -> str: + return cls.NAME_FORMAT.format(cluster_name) + @staticmethod def _generateSecretData() -> Dict[str, str]: """Generates a root user with a random secure password to use in secrets.""" @@ -35,17 +39,17 @@ def listResources(self) -> List[T]: return self.kubernetes_service.listAllSecretsWithLabels().items def getResource(self, cluster_object: V1MongoClusterConfiguration) -> T: - name = self.NAME_FORMAT.format(cluster_object.metadata.name) + name = self.getSecretName(cluster_object.metadata.name) return self.kubernetes_service.getSecret(name, cluster_object.metadata.namespace) def createResource(self, cluster_object: V1MongoClusterConfiguration) -> T: - name = self.NAME_FORMAT.format(cluster_object.metadata.name) + name = self.getSecretName(cluster_object.metadata.name) return self.kubernetes_service.createSecret(name, cluster_object.metadata.namespace, self._generateSecretData()) def updateResource(self, cluster_object: V1MongoClusterConfiguration) -> T: - name = self.NAME_FORMAT.format(cluster_object.metadata.name) + name = self.getSecretName(cluster_object.metadata.name) return self.kubernetes_service.updateSecret(name, cluster_object.metadata.namespace, self._generateSecretData()) def deleteResource(self, cluster_name: str, namespace: str) -> V1Status: - secret_name = self.NAME_FORMAT.format(cluster_name) + secret_name = self.getSecretName(cluster_name) return self.kubernetes_service.deleteSecret(secret_name, namespace) diff --git a/mongoOperator/services/MongoService.py b/mongoOperator/services/MongoService.py index a7c498e..b55413d 100644 --- a/mongoOperator/services/MongoService.py +++ b/mongoOperator/services/MongoService.py @@ -8,6 +8,7 @@ from kubernetes.client.rest import ApiException +from mongoOperator.helpers.AdminSecretChecker import AdminSecretChecker from mongoOperator.helpers.MongoResources import MongoResources from mongoOperator.models.V1MongoClusterConfiguration import V1MongoClusterConfiguration from mongoOperator.services.KubernetesService import KubernetesService @@ -150,7 +151,8 @@ def createUsers(self, cluster_object: V1MongoClusterConfiguration) -> None: namespace = cluster_object.metadata.namespace replicas = cluster_object.spec.mongodb.replicas - admin_credentials = self.kubernetes_service.getOperatorAdminSecret(cluster_name, namespace) + secret_name = AdminSecretChecker.getSecretName(cluster_name) + admin_credentials = self.kubernetes_service.getSecret(secret_name, namespace) create_admin_command = MongoResources.createCreateAdminCommand(admin_credentials) logging.info("Creating users for %s pods", replicas) diff --git a/tests/helpers/TestClusterChecker.py b/tests/helpers/TestClusterChecker.py index 29618ab..fe9eab4 100644 --- a/tests/helpers/TestClusterChecker.py +++ b/tests/helpers/TestClusterChecker.py @@ -142,7 +142,7 @@ def test_checkCluster_new_version(self, check_mock, admin_mock, backup_mock): self.assertEqual({("mongo-cluster", "default"): "100"}, self.checker.cluster_versions) expected = [call.execInPod('mongodb', 'mongo-cluster-0', 'default', ['mongo', 'localhost:27017/admin', '--eval', 'rs.status()']), - call.getOperatorAdminSecret('mongo-cluster', 'default'), + call.getSecret('mongo-cluster-admin-credentials', 'default'), call.execInPod('mongodb', 'mongo-cluster-0', 'default', [ 'mongo', 'localhost:27017/admin', '--eval', admin_mock.return_value ])] diff --git a/tests/services/TestMongoService.py b/tests/services/TestMongoService.py index b791027..db79bf9 100644 --- a/tests/services/TestMongoService.py +++ b/tests/services/TestMongoService.py @@ -23,7 +23,7 @@ class TestMongoService(TestCase): def setUp(self): super().setUp() self.kubernetes_service: Union[MagicMock, KubernetesService] = MagicMock() - self.kubernetes_service.getOperatorAdminSecret.return_value = V1Secret( + self.kubernetes_service.getSecret.return_value = V1Secret( metadata=V1ObjectMeta(name="mongo-cluster-admin-credentials", namespace="default"), data={"password": b64encode(b"random-password"), "username": b64encode(b"root")}, ) @@ -253,7 +253,7 @@ def test_createUsers_ok(self): self.service.createUsers(self.cluster_object) expected_calls = [ - call.getOperatorAdminSecret('mongo-cluster', 'default'), + call.getSecret('mongo-cluster-admin-credentials', 'default'), call.execInPod('mongodb', 'mongo-cluster-0', 'default', ['mongo', 'localhost:27017/admin', '--eval', self.expected_user_create]) ] @@ -265,7 +265,7 @@ def test_createUsers_ValueError(self): with self.assertRaises(ValueError) as context: self.service.createUsers(self.cluster_object) expected_calls = [ - call.getOperatorAdminSecret('mongo-cluster', 'default'), + call.getSecret('mongo-cluster-admin-credentials', 'default'), call.execInPod('mongodb', 'mongo-cluster-0', 'default', ['mongo', 'localhost:27017/admin', '--eval', self.expected_user_create]) ] @@ -279,7 +279,7 @@ def test_createUsers_not_master_then_already_exists(self): self.service.createUsers(self.cluster_object) expected_calls = [ - call.getOperatorAdminSecret('mongo-cluster', 'default'), + call.getSecret('mongo-cluster-admin-credentials', 'default'), call.execInPod('mongodb', 'mongo-cluster-0', 'default', ['mongo', 'localhost:27017/admin', '--eval', self.expected_user_create]), call.execInPod('mongodb', 'mongo-cluster-1', 'default', @@ -292,7 +292,7 @@ def test_createUsers_TimeoutError(self): with self.assertRaises(TimeoutError) as context: self.service.createUsers(self.cluster_object) - expected_calls = [call.getOperatorAdminSecret('mongo-cluster', 'default')] + [ + expected_calls = [call.getSecret('mongo-cluster-admin-credentials', 'default')] + [ call.execInPod('mongodb', 'mongo-cluster-' + str(pod), 'default', ['mongo', 'localhost:27017/admin', '--eval', self.expected_user_create]) for _ in range(4) for pod in range(3)