Story #19: CCO Detects and Provisions Component Credentials#4
Open
splat-sdlc-agent[bot] wants to merge 1 commit into
Open
Story #19: CCO Detects and Provisions Component Credentials#4splat-sdlc-agent[bot] wants to merge 1 commit into
splat-sdlc-agent[bot] wants to merge 1 commit into
Conversation
Add support for component-specific vSphere credentials in Cloud Credential Operator (CCO). CCO now detects component secrets in kube-system namespace and provisions them to operator namespaces, with automatic fallback to shared credentials when component secrets are missing. Key changes: - Add constants for component-specific secret names (machine-api, storage, cloud-controller, diagnostics) - Update GetCredentialsRootSecret to detect and use component secrets based on target namespace - Add getComponentSecretName method to map namespaces to component secrets - Implement fallback logic to shared credential when component secret is missing - Add comprehensive unit tests for component detection and fallback - Add integration tests for full reconciliation loop - Add E2E tests for installation, migration, and rotation scenarios Addresses acceptance criteria: - CCO detects component secrets in kube-system - CCO provisions credentials to operator namespaces based on component type - CCO falls back to shared credential when component secret is missing - Auto-reconciliation on existing clusters when component secrets are added Story: openshift#19 Parent: openshift#14 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
rvanderp3
force-pushed
the
story-19-cco-component-credentials
branch
2 times, most recently
from
c12e6f1 to
ffb6322
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Story
Closes openshift-splat-team/splat-team#19
CCO Detects and Provisions Component Credentials
Implementation
This PR implements component credential detection and provisioning in CCO for story openshift#19.
See story issue for full implementation details, test results, and QE verification.
Staging PR - managed by BotMinter superman-atlas