Modified the way to provide custom Pulp settings

Instead of providing custom configurations through the `pulp_settings` RawExtension field, this commit adds a new field called `custom_pulp_settings` which receives the name of a ConfigMap (that users should create manually) with the custom configurations. closes: #1271
pulp · Jul 12, 2024 · 8e85f32 · 8e85f32
1 parent 36417cf
commit 8e85f32
Show file tree

Hide file tree

Showing 18 changed files with 177 additions and 67 deletions.
diff --git a/CHANGES/1271.bugfix b/CHANGES/1271.bugfix
@@ -0,0 +1,3 @@
+Modified the way to provide custom Pulp settings. Instead of using a field of
+type `RawExtension`, the new `custom_pulp_settings` field allow to pass the name
+of a `ConfigMap` with the configurations.
diff --git a/apis/repo-manager.pulpproject.org/v1beta2/pulp_types.go b/apis/repo-manager.pulpproject.org/v1beta2/pulp_types.go
@@ -281,12 +281,20 @@ type PulpSpec struct {
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:hidden"}
 	Cache Cache `json:"cache,omitempty"`
 
-	// Definition of /etc/pulp/settings.py config file.
+	// [DEPRECATED] Definition of /etc/pulp/settings.py config file.
+	// This field is deprecated and will be removed in the future, use the
+	// custom_pulp_settings field instead.
 	// +kubebuilder:pruning:PreserveUnknownFields
 	// +kubebuilder:validation:Optional
 	// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:advanced"}
 	PulpSettings runtime.RawExtension `json:"pulp_settings,omitempty"`
 
+	// Name of the ConfigMap to define Pulp configurations not available
+	// through this CR.
+	// +kubebuilder:validation:Optional
+	// +operator-sdk:csv:customresourcedefinitions:type=spec,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:hidden"}
+	CustomPulpSettings string `json:"custom_pulp_settings,omitempty"`
+
 	// The image name (repo name) for the pulp webserver image.
 	// Default: "quay.io/pulp/pulp-web"
 	// +kubebuilder:validation:Optional

diff --git a/bundle/manifests/pulp-operator.clusterserviceversion.yaml b/bundle/manifests/pulp-operator.clusterserviceversion.yaml
@@ -168,7 +168,7 @@ metadata:
     capabilities: Full Lifecycle
     categories: Integration & Delivery
     containerImage: quay.io/pulp/pulp-operator:devel
-    createdAt: "2024-04-08T17:36:58Z"
+    createdAt: "2024-07-04T17:02:20Z"
     description: Pulp is a platform for managing repositories of software packages
       and making them available to a large number of consumers.
     operators.operatorframework.io/builder: operator-sdk-v1.29.0
@@ -604,6 +604,12 @@ spec:
         path: content.topology_spread_constraints
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
+      - description: Name of the ConfigMap to define Pulp configurations not available
+          through this CR.
+        displayName: Custom Pulp Settings
+        path: custom_pulp_settings
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:hidden
       - description: Database defines desired state of postgres resources
         displayName: Database
         path: database
@@ -936,7 +942,9 @@ spec:
         path: pulp_secret_key
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:hidden
-      - description: Definition of /etc/pulp/settings.py config file.
+      - description: '[DEPRECATED] Definition of /etc/pulp/settings.py config file.
+          This field is deprecated and will be removed in the future, use the custom_pulp_settings
+          field instead.'
         displayName: Pulp Settings
         path: pulp_settings
         x-descriptors:

diff --git a/bundle/manifests/repo-manager.pulpproject.org_pulps.yaml b/bundle/manifests/repo-manager.pulpproject.org_pulps.yaml
@@ -5895,6 +5895,10 @@ spec:
                       type: object
                     type: array
                 type: object
+              custom_pulp_settings:
+                description: Name of the ConfigMap to define Pulp configurations not
+                  available through this CR.
+                type: string
               database:
                 description: Database defines desired state of postgres resources
                 properties:
@@ -7735,7 +7739,9 @@ spec:
                   Default: "pulp-secret-key"'
                 type: string
               pulp_settings:
-                description: Definition of /etc/pulp/settings.py config file.
+                description: '[DEPRECATED] Definition of /etc/pulp/settings.py config
+                  file. This field is deprecated and will be removed in the future,
+                  use the custom_pulp_settings field instead.'
                 type: object
                 x-kubernetes-preserve-unknown-fields: true
               pvc:

diff --git a/config/crd/bases/repo-manager.pulpproject.org_pulps.yaml b/config/crd/bases/repo-manager.pulpproject.org_pulps.yaml
@@ -5896,6 +5896,10 @@ spec:
                       type: object
                     type: array
                 type: object
+              custom_pulp_settings:
+                description: Name of the ConfigMap to define Pulp configurations not
+                  available through this CR.
+                type: string
               database:
                 description: Database defines desired state of postgres resources
                 properties:
@@ -7736,7 +7740,9 @@ spec:
                   Default: "pulp-secret-key"'
                 type: string
               pulp_settings:
-                description: Definition of /etc/pulp/settings.py config file.
+                description: '[DEPRECATED] Definition of /etc/pulp/settings.py config
+                  file. This field is deprecated and will be removed in the future,
+                  use the custom_pulp_settings field instead.'
                 type: object
                 x-kubernetes-preserve-unknown-fields: true
               pvc:

diff --git a/config/manifests/bases/pulp-operator.clusterserviceversion.yaml b/config/manifests/bases/pulp-operator.clusterserviceversion.yaml
@@ -600,6 +600,12 @@ spec:
         path: content.topology_spread_constraints
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:advanced
+      - description: Name of the ConfigMap to define Pulp configurations not available
+          through this CR.
+        displayName: Custom Pulp Settings
+        path: custom_pulp_settings
+        x-descriptors:
+        - urn:alm:descriptor:com.tectonic.ui:hidden
       - description: Database defines desired state of postgres resources
         displayName: Database
         path: database
@@ -932,7 +938,9 @@ spec:
         path: pulp_secret_key
         x-descriptors:
         - urn:alm:descriptor:com.tectonic.ui:hidden
-      - description: Definition of /etc/pulp/settings.py config file.
+      - description: '[DEPRECATED] Definition of /etc/pulp/settings.py config file.
+          This field is deprecated and will be removed in the future, use the custom_pulp_settings
+          field instead.'
         displayName: Pulp Settings
         path: pulp_settings
         x-descriptors:

diff --git a/controllers/deployment.go b/controllers/deployment.go
@@ -728,7 +728,7 @@ func (d *CommonDeployment) setInitContainerResourceRequirements(pulp repomanager
 }
 
 // setReadinessProbe defines the container readinessprobe
-func (d *CommonDeployment) setReadinessProbe(pulp repomanagerpulpprojectorgv1beta2.Pulp, pulpcoreType settings.PulpcoreType) {
+func (d *CommonDeployment) setReadinessProbe(resources any, pulp repomanagerpulpprojectorgv1beta2.Pulp, pulpcoreType settings.PulpcoreType) {
 	readinessProbe := reflect.ValueOf(pulp.Spec).FieldByName(string(pulpcoreType)).FieldByName("ReadinessProbe").Interface().(*corev1.Probe)
 	switch pulpcoreType {
 	case settings.API:
@@ -738,7 +738,7 @@ func (d *CommonDeployment) setReadinessProbe(pulp repomanagerpulpprojectorgv1bet
 					Exec: &corev1.ExecAction{
 						Command: []string{
 							"/usr/bin/readyz.py",
-							GetPulpSetting(&pulp, "api_root") + "api/v3/status/",
+							GetAPIRoot(resources.(FunctionResources).Client, &pulp) + "api/v3/status/",
 						},
 					},
 				},
@@ -756,7 +756,7 @@ func (d *CommonDeployment) setReadinessProbe(pulp repomanagerpulpprojectorgv1bet
 					Exec: &corev1.ExecAction{
 						Command: []string{
 							"/usr/bin/readyz.py",
-							GetPulpSetting(&pulp, "content_path_prefix"),
+							GetContentPathPrefix(resources.(FunctionResources).Client, &pulp),
 						},
 					},
 				},
@@ -790,7 +790,7 @@ func (d *CommonDeployment) setReadinessProbe(pulp repomanagerpulpprojectorgv1bet
 }
 
 // setReadinessProbe defines the container livenessprobe
-func (d *CommonDeployment) setLivenessProbe(pulp repomanagerpulpprojectorgv1beta2.Pulp, pulpcoreType settings.PulpcoreType) {
+func (d *CommonDeployment) setLivenessProbe(resources any, pulp repomanagerpulpprojectorgv1beta2.Pulp, pulpcoreType settings.PulpcoreType) {
 	livenessProbe := reflect.ValueOf(pulp.Spec).FieldByName(string(pulpcoreType)).FieldByName("LivenessProbe").Interface().(*corev1.Probe)
 	switch pulpcoreType {
 	case settings.API:
@@ -799,7 +799,7 @@ func (d *CommonDeployment) setLivenessProbe(pulp repomanagerpulpprojectorgv1beta
 				FailureThreshold: 10,
 				ProbeHandler: corev1.ProbeHandler{
 					HTTPGet: &corev1.HTTPGetAction{
-						Path: GetPulpSetting(&pulp, "api_root") + "api/v3/status/",
+						Path: GetAPIRoot(resources.(FunctionResources).Client, &pulp) + "api/v3/status/",
 						Port: intstr.IntOrString{
 							IntVal: 24817,
 						},
@@ -1126,8 +1126,8 @@ func (d *CommonDeployment) build(resources any, pulpcoreType settings.PulpcoreTy
 	d.setVolumes(resources, pulpcoreType)
 	d.setVolumeMounts(*pulp, pulpcoreType)
 	d.setResourceRequirements(*pulp, pulpcoreType)
-	d.setLivenessProbe(*pulp, pulpcoreType)
-	d.setReadinessProbe(*pulp, pulpcoreType)
+	d.setLivenessProbe(resources, *pulp, pulpcoreType)
+	d.setReadinessProbe(resources, *pulp, pulpcoreType)
 	d.setImage(*pulp)
 	d.setTopologySpreadConstraints(*pulp, pulpcoreType)
 	d.setInitContainerResourceRequirements(*pulp, pulpcoreType)

diff --git a/controllers/ocp/route.go b/controllers/ocp/route.go
@@ -113,13 +113,13 @@ func PulpRouteController(resources controllers.FunctionResources, restClient res
 	defaultPlugins := []RoutePlugin{
 		{
 			Name:        pulp.Name + "-content",
-			Path:        controllers.GetPulpSetting(pulp, "content_path_prefix"),
+			Path:        controllers.GetContentPathPrefix(resources.Client, pulp),
 			TargetPort:  "content-24816",
 			ServiceName: settings.ContentService(pulp.Name),
 		},
 		{
 			Name:        pulp.Name + "-api-v3",
-			Path:        controllers.GetPulpSetting(pulp, "api_root") + "api/v3/",
+			Path:        controllers.GetAPIRoot(resources.Client, pulp) + "api/v3/",
 			TargetPort:  "api-24817",
 			ServiceName: settings.ApiService(pulp.Name),
 		},

diff --git a/controllers/repo_manager/README.md b/controllers/repo_manager/README.md
@@ -222,7 +222,8 @@ PulpSpec defines the desired state of Pulp
 | worker | Worker defines desired state of pulpcore-worker resources | [Worker](#worker) | false |
 | web | Web defines desired state of pulpcore-web (reverse-proxy) resources | [Web](#web) | false |
 | cache | Cache defines desired state of redis resources | [Cache](#cache) | false |
-| pulp_settings | Definition of /etc/pulp/settings.py config file. | runtime.RawExtension | false |
+| pulp_settings | [DEPRECATED] Definition of /etc/pulp/settings.py config file. This field is deprecated and will be removed in the future, use the custom_pulp_settings field instead. | runtime.RawExtension | false |
+| custom_pulp_settings | Name of the ConfigMap to define Pulp configurations not available through this CR. | string | false |
 | image_web | The image name (repo name) for the pulp webserver image. Default: \"quay.io/pulp/pulp-web\" | string | false |
 | image_web_version | The image version for the pulp webserver image. Default: \"stable\" | string | false |
 | admin_password_secret | Secret where the administrator password can be found. Default: <operator's name> + \"-admin-password\" | string | false |

diff --git a/controllers/repo_manager/controller.go b/controllers/repo_manager/controller.go
@@ -327,6 +327,10 @@ func indexerFunc(obj client.Object) []string {
 	if pulp.Spec.LDAP.CA != "" {
 		keys = append(keys, pulp.Spec.LDAP.CA)
 	}
+	if customSettings := pulp.Spec.CustomPulpSettings; customSettings != "" {
+		keys = append(keys, customSettings)
+	}
+
 	return keys
 }
 
@@ -337,7 +341,7 @@ func (r *RepoManagerReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	r.recorder = mgr.GetEventRecorderFor("Pulp")
 
 	// adds an index to `object_storage_azure_secret` allowing to lookup `Pulp` by a referenced `Azure Object Storage Secret` name
-	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &repomanagerpulpprojectorgv1beta2.Pulp{}, "secrets", indexerFunc); err != nil {
+	if err := mgr.GetFieldIndexer().IndexField(context.Background(), &repomanagerpulpprojectorgv1beta2.Pulp{}, "objects", indexerFunc); err != nil {
 		return err
 	}
 
@@ -354,7 +358,12 @@ func (r *RepoManagerReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		Owns(&netv1.Ingress{}).
 		Watches(
 			&corev1.Secret{},
-			handler.EnqueueRequestsFromMapFunc(r.findPulpDependentSecrets),
+			handler.EnqueueRequestsFromMapFunc(r.findPulpDependentObjects),
+			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
+		).
+		Watches(
+			&corev1.ConfigMap{},
+			handler.EnqueueRequestsFromMapFunc(r.findPulpDependentObjects),
 			builder.WithPredicates(predicate.ResourceVersionChangedPredicate{}),
 		)
 

diff --git a/controllers/repo_manager/ingress.go b/controllers/repo_manager/ingress.go
@@ -86,13 +86,13 @@ func (r *RepoManagerReconciler) pulpIngressController(ctx context.Context, pulp
 	defaultPlugins := []controllers.IngressPlugin{
 		{
 			Name:        pulp.Name + "-content",
-			Path:        controllers.GetPulpSetting(pulp, "content_path_prefix"),
+			Path:        controllers.GetContentPathPrefix(r.Client, pulp),
 			TargetPort:  "content-24816",
 			ServiceName: settings.ContentService(pulp.Name),
 		},
 		{
 			Name:        pulp.Name + "-api-v3",
-			Path:        controllers.GetPulpSetting(pulp, "api_root") + "api/v3/",
+			Path:        controllers.GetAPIRoot(r.Client, pulp) + "api/v3/",
 			TargetPort:  "api-24817",
 			ServiceName: settings.ApiService(pulp.Name),
 		},

diff --git a/controllers/repo_manager/secret.go b/controllers/repo_manager/secret.go
@@ -160,7 +160,7 @@ func pulpServerSecret(resources controllers.FunctionResources) client.Object {
 	ldapSettings(resources, &pulp_settings)
 
 	// add custom settings to the secret
-	addCustomPulpSettings(pulp, &pulp_settings)
+	addCustomPulpSettings(resources, &pulp_settings)
 
 	sec := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
@@ -520,8 +520,9 @@ func convertSettings(key string, settings interface{}) string {
 	return converted
 }
 
-// addCustomPulpSettings appends custom settings defined in Pulp CR into pulpSettings
-func addCustomPulpSettings(pulp *repomanagerpulpprojectorgv1beta2.Pulp, pulpSettings *string) {
+// [DEPRECATED] PulppSettings should not be used anymore. Keeping it to avoid compatibility issues
+// oldCustomPulpSettings appends custom settings defined in Pulp CR into pulpSettings
+func oldCustomPulpSettings(pulp *repomanagerpulpprojectorgv1beta2.Pulp, pulpSettings *string) {
 	settings := pulp.Spec.PulpSettings.Raw
 	var settingsJson map[string]interface{}
 	json.Unmarshal(settings, &settingsJson)
@@ -535,6 +536,31 @@ func addCustomPulpSettings(pulp *repomanagerpulpprojectorgv1beta2.Pulp, pulpSett
 	*pulpSettings = *pulpSettings + convertedSettings
 }
 
+func addCustomPulpSettings(resources controllers.FunctionResources, pulpSettings *string) {
+	pulp := resources.Pulp
+
+	// [DEPRECATED] PulppSettings should not be used anymore. Keeping it to avoid compatibility issues
+	if pulp.Spec.PulpSettings.Raw != nil {
+		oldCustomPulpSettings(pulp, pulpSettings)
+		return
+	}
+
+	if pulp.Spec.CustomPulpSettings == "" {
+		return
+	}
+
+	settingsCM := &corev1.ConfigMap{}
+	resources.Client.Get(resources.Context, types.NamespacedName{Name: pulp.Spec.CustomPulpSettings, Namespace: pulp.Namespace}, settingsCM)
+
+	settings := ""
+	for _, k := range sortKeys(settingsCM.Data) {
+		settings = settings + fmt.Sprintf("%v = %v\n", k, settingsCM.Data[k])
+	}
+
+	*pulpSettings = *pulpSettings + settings
+
+}
+
 // debugLogging will set the log level from Pulpcore pods to DEBUG
 func debugLogging(resources controllers.FunctionResources, pulpSettings *string) {
 

diff --git a/controllers/repo_manager/utils.go b/controllers/repo_manager/utils.go
@@ -457,14 +457,14 @@ func ignoreCronjobStatus() predicate.Predicate {
 	}
 }
 
-// findPulpDependentSecrets will search for Pulp objects based on Secret names defined in Pulp CR.
-// It is used to "link" these Secrets (not "owned" by Pulp operator) with Pulp object
-func (r *RepoManagerReconciler) findPulpDependentSecrets(ctx context.Context, secret client.Object) []reconcile.Request {
+// findPulpDependentObjects will search for Pulp objects based on Secret/ConfigMap names defined in Pulp CR.
+// It is used to "link" these Secrets/ConfigMaps (not "owned" by Pulp operator) with Pulp object
+func (r *RepoManagerReconciler) findPulpDependentObjects(ctx context.Context, obj client.Object) []reconcile.Request {
 
 	associatedPulp := repomanagerpulpprojectorgv1beta2.PulpList{}
 	opts := &client.ListOptions{
-		FieldSelector: fields.OneTermEqualSelector("secrets", secret.GetName()),
-		Namespace:     secret.GetNamespace(),
+		FieldSelector: fields.OneTermEqualSelector("objects", obj.GetName()),
+		Namespace:     obj.GetNamespace(),
 	}
 	if err := r.List(context.TODO(), &associatedPulp, opts); err != nil {
 		return []reconcile.Request{}

diff --git a/controllers/repo_manager/web.go b/controllers/repo_manager/web.go
@@ -164,7 +164,7 @@ func (r *RepoManagerReconciler) deploymentForPulpWeb(m *repomanagerpulpprojector
 			FailureThreshold: 2,
 			ProbeHandler: corev1.ProbeHandler{
 				HTTPGet: &corev1.HTTPGetAction{
-					Path: controllers.GetPulpSetting(m, "api_root") + "api/v3/status/",
+					Path: controllers.GetAPIRoot(funcResources.Client, m) + "api/v3/status/",
 					Port: intstr.IntOrString{
 						IntVal: 8080,
 					},
@@ -471,7 +471,7 @@ func (r *RepoManagerReconciler) pulpWebConfigMap(m *repomanagerpulpprojectorgv1b
 				proxy_pass http://pulp-content;
 			}
 
-			location ` + controllers.GetPulpSetting(m, "api_root") + `api/v3/ {
+			location ` + controllers.GetAPIRoot(r.Client, m) + `api/v3/ {
 				proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 				proxy_set_header X-Forwarded-Proto $scheme;
 				proxy_set_header Host $http_host;