Merge branch 'master' into deployment-phase

Author: ewoutp

Makefile

@@ -216,8 +216,8 @@ run-unit-tests: $(GOBUILDDIR) $(SOURCES)
 		golang:$(GOVERSION) \
 		go test $(TESTVERBOSEOPTIONS) \
 			$(REPOPATH)/pkg/apis/deployment/v1alpha \
-			$(REPOPATH)/pkg/deployment \
 			$(REPOPATH)/pkg/deployment/reconcile \
+			$(REPOPATH)/pkg/deployment/resources \
 			$(REPOPATH)/pkg/util/k8sutil \
 			$(REPOPATH)/pkg/util/k8sutil/test
 

pkg/apis/deployment/v1alpha/conditions.go

@@ -37,6 +37,10 @@ const (
 	ConditionTypeTerminated ConditionType = "Terminated"
 	// ConditionTypeAutoUpgrade indicates that the member has to be started with `--database.auto-upgrade` once.
 	ConditionTypeAutoUpgrade ConditionType = "AutoUpgrade"
+	// ConditionTypeSecretsChanged indicates that the value of one of more secrets used by
+	// the deployment have changed. Once that is the case, the operator will no longer
+	// touch the deployment, until the original secrets have been restored.
+	ConditionTypeSecretsChanged ConditionType = "SecretsChanged"
 )
 
 // Condition represents one current condition of a deployment or deployment member.

pkg/apis/deployment/v1alpha/deployment.go

@@ -50,13 +50,11 @@ type ArangoDeployment struct {
 
 // AsOwner creates an OwnerReference for the given deployment
 func (d *ArangoDeployment) AsOwner() metav1.OwnerReference {
-	controller := true
 	return metav1.OwnerReference{
 		APIVersion: SchemeGroupVersion.String(),
 		Kind:       ArangoDeploymentResourceKind,
 		Name:       d.Name,
 		UID:        d.UID,
-		Controller: &controller,
 	}
 }
 

pkg/apis/deployment/v1alpha/deployment_status.go

@@ -50,4 +50,8 @@ type DeploymentStatus struct {
 
 	// AcceptedSpec contains the last specification that was accepted by the operator.
 	AcceptedSpec *DeploymentSpec `json:"accepted-spec,omitempty"`
+
+	// SecretHashes keeps a sha256 hash of secret values, so we can
+	// detect changes in secret values.
+	SecretHashes *SecretHashes `json:"secret-hashes,omitempty"`
 }

pkg/apis/deployment/v1alpha/secret_hashes.go

@@ -0,0 +1,37 @@
+//
+// DISCLAIMER
+//
+// Copyright 2018 ArangoDB GmbH, Cologne, Germany
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Copyright holder is ArangoDB GmbH, Cologne, Germany
+//
+// Author Ewout Prangsma
+//
+
+package v1alpha
+
+// SecretHashes keeps track of the value of secrets
+// so we can detect changes.
+// For each used secret, a sha256 hash is stored.
+type SecretHashes struct {
+	// AuthJWT contains the hash of the auth.jwtSecretName secret
+	AuthJWT string `json:"auth-jwt,omitempty"`
+	// RocksDBEncryptionKey contains the hash of the rocksdb.encryption.keySecretName secret
+	RocksDBEncryptionKey string `json:"rocksdb-encryption-key,omitempty"`
+	// TLSCA contains the hash of the tls.caSecretName secret
+	TLSCA string `json:"tls-ca,omitempty"`
+	// SyncTLSCA contains the hash of the sync.tls.caSecretName secret
+	SyncTLSCA string `json:"sync-tls-ca,omitempty"`
+}

pkg/apis/deployment/v1alpha/zz_generated.deepcopy.go

@@ -265,6 +265,15 @@ func (in *DeploymentStatus) DeepCopyInto(out *DeploymentStatus) {
 			(*in).DeepCopyInto(*out)
 		}
 	}
+	if in.SecretHashes != nil {
+		in, out := &in.SecretHashes, &out.SecretHashes
+		if *in == nil {
+			*out = nil
+		} else {
+			*out = new(SecretHashes)
+			**out = **in
+		}
+	}
 	return
 }
 
@@ -442,6 +451,22 @@ func (in *RocksDBSpec) DeepCopy() *RocksDBSpec {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SecretHashes) DeepCopyInto(out *SecretHashes) {
+	*out = *in
+	return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretHashes.
+func (in *SecretHashes) DeepCopy() *SecretHashes {
+	if in == nil {
+		return nil
+	}
+	out := new(SecretHashes)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ServerGroupSpec) DeepCopyInto(out *ServerGroupSpec) {
 	*out = *in

pkg/apis/storage/v1alpha/local_storage.go

@@ -52,12 +52,10 @@ type ArangoLocalStorage struct {
 
 // AsOwner creates an OwnerReference for the given storage
 func (d *ArangoLocalStorage) AsOwner() metav1.OwnerReference {
-	controller := true
 	return metav1.OwnerReference{
 		APIVersion: SchemeGroupVersion.String(),
 		Kind:       ArangoLocalStorageResourceKind,
 		Name:       d.Name,
 		UID:        d.UID,
-		Controller: &controller,
 	}
 }

pkg/deployment/deployment.go

@@ -120,6 +120,7 @@ func New(config Config, deps Dependencies, apiObject *api.ArangoDeployment) (*De
 	go d.run()
 	go d.listenForPodEvents(d.stopCh)
 	go d.listenForPVCEvents(d.stopCh)
+	go d.listenForSecretEvents(d.stopCh)
 	go d.listenForServiceEvents(d.stopCh)
 	if apiObject.Spec.GetMode() == api.DeploymentModeCluster {
 		ci := newClusterScalingIntegration(d)

pkg/deployment/deployment_inspector.go

@@ -26,6 +26,7 @@ import (
 	"context"
 	"time"
 
+	api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1alpha"
 	"github.com/arangodb/kube-arangodb/pkg/util/k8sutil"
 )
 
@@ -37,12 +38,30 @@ import (
 // - once in a while
 // Returns the delay until this function should be called again.
 func (d *Deployment) inspectDeployment(lastInterval time.Duration) time.Duration {
-	//	log := d.deps.Log
+	log := d.deps.Log
 
 	nextInterval := lastInterval
 	hasError := false
 	ctx := context.Background()
 
+	// Is the deployment in failed state, if so, give up.
+	if d.status.State == api.DeploymentStateFailed {
+		log.Debug().Msg("Deployment is in Failed state.")
+		return nextInterval
+	}
+
+	// Inspect secret hashes
+	if err := d.resources.ValidateSecretHashes(); err != nil {
+		hasError = true
+		d.CreateEvent(k8sutil.NewErrorEvent("Secret hash validation failed", err, d.apiObject))
+	}
+
+	// Is the deployment in a good state?
+	if d.status.Conditions.IsTrue(api.ConditionTypeSecretsChanged) {
+		log.Debug().Msg("Condition SecretsChanged is true. Revert secrets before we can continue")
+		return nextInterval
+	}
+
 	// Ensure we have image info
 	if retrySoon, err := d.ensureImages(d.apiObject); err != nil {
 		hasError = true

pkg/deployment/informers.go

@@ -112,6 +112,49 @@ func (d *Deployment) listenForPVCEvents(stopCh <-chan struct{}) {
 	informer.Run(stopCh)
 }
 
+// listenForSecretEvents keep listening for changes in Secrets's until the given channel is closed.
+func (d *Deployment) listenForSecretEvents(stopCh <-chan struct{}) {
+	source := cache.NewListWatchFromClient(
+		d.deps.KubeCli.CoreV1().RESTClient(),
+		"secrets",
+		d.apiObject.GetNamespace(),
+		fields.Everything())
+
+	getSecret := func(obj interface{}) (*v1.Secret, bool) {
+		secret, ok := obj.(*v1.Secret)
+		if !ok {
+			tombstone, ok := obj.(cache.DeletedFinalStateUnknown)
+			if !ok {
+				return nil, false
+			}
+			secret, ok = tombstone.Obj.(*v1.Secret)
+			return secret, ok
+		}
+		return secret, true
+	}
+
+	_, informer := cache.NewIndexerInformer(source, &v1.Secret{}, 0, cache.ResourceEventHandlerFuncs{
+		// Note: For secrets we look at all of them because they do not have to be owned by this deployment.
+		AddFunc: func(obj interface{}) {
+			if _, ok := getSecret(obj); ok {
+				d.triggerInspection()
+			}
+		},
+		UpdateFunc: func(oldObj, newObj interface{}) {
+			if _, ok := getSecret(newObj); ok {
+				d.triggerInspection()
+			}
+		},
+		DeleteFunc: func(obj interface{}) {
+			if _, ok := getSecret(obj); ok {
+				d.triggerInspection()
+			}
+		},
+	}, cache.Indexers{})
+
+	informer.Run(stopCh)
+}
+
 // listenForServiceEvents keep listening for changes in Service's until the given channel is closed.
 func (d *Deployment) listenForServiceEvents(stopCh <-chan struct{}) {
 	source := cache.NewListWatchFromClient(