util: Add MultiTemplateDir to support multi-segment path in template#682
Conversation
amartyasinha
force-pushed
the
template-type-directory
branch
2 times, most recently
from
612b299 to
1f926c7
Compare
amartyasinha
force-pushed
the
template-type-directory
branch
from
1f926c7 to
eb33f7f
Compare
| // get all scripts templates which are in ../templesPath/cr.Kind/CMType/<OSPVersion - optional> | ||
| templatesFiles := GetAllTemplates(templatesPath, t.InstanceType, string(t.Type), string(t.Version)) | ||
| // If MultiTemplateDir is set but InstanceType is not, return an error | ||
| // though we do not use InstanceType here, but it is used in secret.go |
There was a problem hiding this comment.
Yeah I see it in https://github.com/openstack-k8s-operators/lib-common/blame/3e1007da0cbd673047305e423866c8c50b1e3167/modules/common/secret/secret.go#L272
I'm wondering why we are setting an owner label on a Secret this way instead of using the owner reference way. Also it is strange that we only do that on Secret but not on ConfigMap.
@stuggi Are we still supporting cross namespace Secrets? (That is the most I could extract from the code why we are labelling)
Also it is strange that we only enforce InstanceType if the template is not TemplateTypeNone. So I guess a template with TemplateTypeNone and without a InstanceType cannot be outside of our namespace as secret creation would fail due to the missing InstanceType.
- If we don't need to support Secrets outside of the namespace the I suggest to clean that code up and remove this dependency and checks
- if we do need to support Secrets outside of the namespace then I suggest
- to make the InstanceType mandatory in all template types to avoid surprises
- consider supporting the same thing for ConfigMaps as well.
There was a problem hiding this comment.
yes, the owner label is coming from creating/tracking object in different namespaces. There is one use case I know of where we create secret in a different namespace and this is for BMH provisioning, where userdata and networkdata secret needs to be created in the bmh namespaces , https://github.com/openstack-k8s-operators/openstack-baremetal-operator/blob/main/internal/openstackbaremetalset/baremetalhost.go#L83 ,
Just from a quick search it is not using the labels, for delete its using name https://github.com/openstack-k8s-operators/openstack-baremetal-operator/blob/main/internal/openstackbaremetalset/baremetalhost.go#L318, but I think its still good to see from the labels who the owner is, if someone checks the env and wonders who created those secrets in the bmh namespace. Therefore I don't think we should remove it. We can consider supporting it for CMs as well in a follow up. I wanted to spend more time on lib-common to cleanup/align things, but got other prios. Maybe after FR6 I can spend some time on this.
amartyasinha
force-pushed
the
template-type-directory
branch
2 times, most recently
from
45b3cb9 to
135bf0a
Compare
amartyasinha
changed the title
gibizer
left a comment
gibizer
left a comment
There was a problem hiding this comment.
It is cleaner now and the nova-operator patchs shows the intended usage of it. I wait for @stuggi about the wide question of instanceType usage and namespace external secret support. But other than that I'm OK to land this. Thanks @amartyasinha !
Thanks @gibizer for the review. IMHO, since secrets using |
amartyasinha
changed the title
| // get all scripts templates which are in ../templesPath/cr.Kind/CMType/<OSPVersion - optional> | ||
| templatesFiles := GetAllTemplates(templatesPath, t.InstanceType, string(t.Type), string(t.Version)) | ||
| // If MultiTemplateDir is set but InstanceType is not, return an error | ||
| // though we do not use InstanceType here, but it is used in secret.go |
There was a problem hiding this comment.
yes, the owner label is coming from creating/tracking object in different namespaces. There is one use case I know of where we create secret in a different namespace and this is for BMH provisioning, where userdata and networkdata secret needs to be created in the bmh namespaces , https://github.com/openstack-k8s-operators/openstack-baremetal-operator/blob/main/internal/openstackbaremetalset/baremetalhost.go#L83 ,
Just from a quick search it is not using the labels, for delete its using name https://github.com/openstack-k8s-operators/openstack-baremetal-operator/blob/main/internal/openstackbaremetalset/baremetalhost.go#L318, but I think its still good to see from the labels who the owner is, if someone checks the env and wonders who created those secrets in the bmh namespace. Therefore I don't think we should remove it. We can consider supporting it for CMs as well in a follow up. I wanted to spend more time on lib-common to cleanup/align things, but got other prios. Maybe after FR6 I can spend some time on this.
| if t.MultiTemplateDir != "" { | ||
| templateSubdir = t.MultiTemplateDir | ||
| } else { | ||
| templateSubdir = strings.ToLower(t.InstanceType) |
There was a problem hiding this comment.
good, we are doing the ToLower here, was wondering above
| { | ||
| name: "Get TemplateTypeConfig templates with no version", | ||
| kind: "testservice", | ||
| subdir: "testservice", |
There was a problem hiding this comment.
maybe we should use TestService in one of them to check the ToLower situation? something we did not have right now.
There was a problem hiding this comment.
Used TestService at L369.
In general looks good to me. maybe we can adjust one of the tests I commented inline. I can land it later today. |
A new parameter MultiTemplateDir is introduced in Template struct. It takes the multi-segment path which we have inside templates dir and then continues to execute the templates. Earlier, only single- segment path (kind) was supported through InstanceType. Signed-off-by: Amartya Sinha <amsinha@redhat.com>
amartyasinha
force-pushed
the
template-type-directory
branch
from
135bf0a to
67d7fbc
Compare
Thanks @stuggi! Addressed the change. |
|
@gibizer I can not merge it as it seems there is still a change request from your review. could you approve it so that it gets cleared? |
4 participants
A new parameter MultiTemplateDir is introduced in Template struct. It takes the multi-segment path which we have inside templates dir and then continues to execute the templates. Earlier, only single- segment path (kind) was supported through InstanceType.
Follow-up nova-operator PR with the usage of MultiTemplateDir: openstack-k8s-operators/nova-operator#1096