Skip to content

ROX-25948: Generic certificate requester#13280

Merged
vladbologa merged 7 commits intomasterfrom
vb/generic-cert-requester
Nov 14, 2024
Merged

ROX-25948: Generic certificate requester#13280
vladbologa merged 7 commits intomasterfrom
vb/generic-cert-requester

Conversation

@vladbologa
Copy link
Contributor

@vladbologa vladbologa commented Nov 8, 2024
edited
Loading

Description

This PR uses generics instead of code duplication for localscanner.CertificateRequester and securedcluster.CertificateRequester.

Even though the Local Scanner certificate refresh mechanism will be deprecated starting with ACS 4.7, it will still be supported for backward compatibility with older Centrals that do not support the Secured Cluster cert refresh API. Since they'll have to co-exist for a longer time, it might be better if they reuse code instead of duplicating it.

User-facing documentation

  • CHANGELOG is updated OR update is not needed
  • documentation PR is created and is linked above OR is not needed

Testing and quality

  • the change is production ready: the change is GA or otherwise the functionality is gated by a feature flag
  • CI results are inspected

Automated testing

  • added unit tests
  • added e2e tests
  • added regression tests
  • added compatibility tests
  • modified existing tests

How I validated my change

This PR is a refactor and should not change functionality, existing tests should verify that.

I also verified with a local deployment that a set of Secured Cluster certificates is being created on Sensor startup, and that a refresh is being scheduled.

@openshift-ci
Copy link

openshift-ci bot commented Nov 8, 2024

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@stackrox stackrox deleted a comment from openshift-ci bot Nov 8, 2024
@vladbologa vladbologa requested a review from porridge November 8, 2024 16:53
@vladbologa vladbologa mentioned this pull request Nov 8, 2024
Merged
9 tasks
@rhacs-bot
Copy link
Contributor

rhacs-bot commented Nov 8, 2024
edited
Loading

Images are ready for the commit at 0943635.

To use with deploy scripts, first export MAIN_IMAGE_TAG=4.7.x-127-g0943635ef3.

@codecov
Copy link

codecov bot commented Nov 8, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 72.47706% with 30 lines in your changes missing coverage. Please review.

Project coverage is 48.50%. Comparing base (0d2d698) to head (0943635).
Report is 3 commits behind head on master.

Files with missing lines Patch % Lines
...r/kubernetes/certrefresh/certificates/requester.go 71.96% 29 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #13280      +/-   ##
==========================================
- Coverage   48.52%   48.50%   -0.03%     
==========================================
  Files        2471     2470       -1     
  Lines      178336   178320      -16     
==========================================
- Hits        86533    86486      -47     
- Misses      84870    84900      +30     
- Partials     6933     6934       +1
Flag Coverage Δ
go-unit-tests 48.50% <72.47%> (-0.03%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

porridge
porridge approved these changes Nov 12, 2024
View reviewed changes
Copy link
Contributor

@porridge porridge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is actually more readable than I would expect!

If we really have to keep both APIs around for 1+ year, then I think I'd prefer this incarnation, even though it's just ~130 lines shorter than the identical-siblings version.

@vladbologa vladbologa force-pushed the vb/generic-cert-requester branch from a31d811 to e069aa8 Compare November 12, 2024 14:33
@vladbologa vladbologa changed the title WIP: Generic certificate requester ROX-25948: Generic certificate requester Nov 12, 2024
@vladbologa vladbologa force-pushed the vb/generic-cert-requester branch from 2388e44 to b1a79da Compare November 12, 2024 17:06
@vladbologa vladbologa marked this pull request as ready for review November 13, 2024 11:11
@vladbologa vladbologa requested a review from a team as a code owner November 13, 2024 11:11
porridge
porridge approved these changes Nov 13, 2024
View reviewed changes
@vladbologa vladbologa force-pushed the vb/generic-cert-requester branch from 3f47760 to c284edd Compare November 13, 2024 12:37
jschnath
jschnath approved these changes Nov 13, 2024
View reviewed changes
Copy link
Contributor

@jschnath jschnath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice test coverage, looks good to me

@vladbologa vladbologa force-pushed the vb/generic-cert-requester branch from c284edd to 2dbda44 Compare November 13, 2024 18:30
Base automatically changed from vb/secured-cluster-tls-issuer to master November 14, 2024 13:26
@vladbologa vladbologa force-pushed the vb/generic-cert-requester branch from 2dbda44 to 0943635 Compare November 14, 2024 13:37
@vladbologa vladbologa merged commit 1ccb341 into master Nov 14, 2024
@vladbologa vladbologa deleted the vb/generic-cert-requester branch November 14, 2024 17:38
mclasmeier pushed a commit that referenced this pull request Nov 21, 2024
@vladbologa
ROX-25948: Generic certificate requester (#13280)
570767f
mclasmeier pushed a commit that referenced this pull request Nov 22, 2024
@vladbologa
ROX-25948: Generic certificate requester (#13280)
c4121d7
mclasmeier pushed a commit that referenced this pull request Nov 22, 2024
@vladbologa
ROX-25948: Generic certificate requester (#13280)
0afdd69
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@porridge porridge porridge approved these changes

@jschnath jschnath jschnath approved these changes

Assignees

No one assigned

Labels

area/sensor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vladbologa @rhacs-bot @porridge @jschnath