diff --git a/controllers/storageconfig_controller.go b/controllers/storageconfig_controller.go index 456fd0a3..ccd1ef52 100644 --- a/controllers/storageconfig_controller.go +++ b/controllers/storageconfig_controller.go @@ -55,6 +55,9 @@ func newStorageSecret(dataConnectionSecretsList *corev1.SecretList) *corev1.Secr dataConnectionElement["endpoint_url"] = string(secret.Data["AWS_S3_ENDPOINT"]) dataConnectionElement["default_bucket"] = string(secret.Data["AWS_S3_BUCKET"]) dataConnectionElement["region"] = string(secret.Data["AWS_DEFAULT_REGION"]) + if secret.Data["AWS_CA_BUNDLE"] != nil { + dataConnectionElement["certificate"] = string(secret.Data["AWS_CA_BUNDLE"]) + } jsonBytes, _ := json.Marshal(dataConnectionElement) storageByteData[secret.Name] = jsonBytes } @@ -169,9 +172,8 @@ func reconcileOpenDataHubSecrets() predicate.Predicate { return checkOpenDataHubLabel(objectLabels) }, UpdateFunc: func(e event.UpdateEvent) bool { - objectOldLabels := e.ObjectOld.GetLabels() objectNewLabels := e.ObjectNew.GetLabels() - return checkOpenDataHubLabel(objectNewLabels) || checkOpenDataHubLabel(objectOldLabels) + return checkOpenDataHubLabel(objectNewLabels) }, } } diff --git a/controllers/storageconfig_controller_test.go b/controllers/storageconfig_controller_test.go new file mode 100644 index 00000000..75ec8250 --- /dev/null +++ b/controllers/storageconfig_controller_test.go @@ -0,0 +1,166 @@ +/* + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "log" + "reflect" + "time" + + corev1 "k8s.io/api/core/v1" + "sigs.k8s.io/controller-runtime/pkg/client" + + mfc "github.com/manifestival/controller-runtime-client" + mf "github.com/manifestival/manifestival" + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" +) + +const ( + dataconnectionStringPath = "./testdata/secrets/dataconnection-string.yaml" + storageconfigEncodedPath = "./testdata/secrets/storageconfig-encoded.yaml" + storageconfigEncodedUnmanagedPath = "./testdata/secrets/storageconfig-encoded-unmanaged.yaml" +) + +var _ = Describe("StorageConfig controller", func() { + var opts mf.Option + ctx := context.Background() + client := mfc.NewClient(cli) + opts = mf.UseClient(client) + + Context("when a dataconnection secret that has 'opendatahub.io/managed=true' and 'opendatahub.io/dashboard=true' is created", func() { + It("should create a storage-config secret", func() { + dataconnectionStringSecret := &corev1.Secret{} + + By("creating dataconnection secret") + err := convertToStructuredResource(dataconnectionStringPath, dataconnectionStringSecret, opts) + Expect(err).NotTo(HaveOccurred()) + Expect(cli.Create(ctx, dataconnectionStringSecret)).Should(Succeed()) + + storegeconfigSecret, err := waitForSecret(cli, WorkingNamespace, "storage-config", 30*time.Second) + Expect(err).NotTo(HaveOccurred()) + + expectedStorageConfigSecret := &corev1.Secret{} + err = convertToStructuredResource(storageconfigEncodedPath, expectedStorageConfigSecret, opts) + Expect(err).NotTo(HaveOccurred()) + + Expect(compareSecrets(storegeconfigSecret, expectedStorageConfigSecret)).Should((BeTrue())) + }) + }) + + Context("when the annotation 'opendatahub.io/managed=true' in a 'storage-config' secret is set to false", func() { + It("should be excluded from reconcile target of storageConfig controller ", func() { + dataconnectionStringSecret := &corev1.Secret{} + + By("creating dataconnection secret") + err := convertToStructuredResource(dataconnectionStringPath, dataconnectionStringSecret, opts) + Expect(err).NotTo(HaveOccurred()) + Expect(cli.Create(ctx, dataconnectionStringSecret)).Should(Succeed()) + + storageconfigSecret := &corev1.Secret{} + storageconfigSecret, err = waitForSecret(cli, WorkingNamespace, "storage-config", 30*time.Second) + Expect(err).NotTo(HaveOccurred()) + + err = updateSecretLabel(cli, WorkingNamespace, storageSecretName, "opendatahub.io/managed", "false") + Expect(err).NotTo(HaveOccurred()) + storageconfigSecret, err = waitForSecret(cli, WorkingNamespace, storageSecretName, 30*time.Second) + Expect(err).NotTo(HaveOccurred()) + + err = updateSecretData(cli, WorkingNamespace, storageSecretName, "aws-connection-minio", "unmanaged") + Expect(err).NotTo(HaveOccurred()) + + storageconfigSecret, err = waitForSecret(cli, WorkingNamespace, storageSecretName, 30*time.Second) + Expect(err).NotTo(HaveOccurred()) + + expectedStorageConfigSecret := &corev1.Secret{} + err = convertToStructuredResource(storageconfigEncodedUnmanagedPath, expectedStorageConfigSecret, opts) + Expect(err).NotTo(HaveOccurred()) + + Expect(compareSecrets(storageconfigSecret, expectedStorageConfigSecret)).Should((BeTrue())) + }) + }) +}) + +func updateSecretData(cli client.Client, namespace, secretName string, dataKey string, dataValue string) error { + secret := &corev1.Secret{} + err := cli.Get(context.TODO(), client.ObjectKey{Name: secretName, Namespace: namespace}, secret) + if err != nil { + log.Printf("Error getting Secret: %v\n", err) + return err + } + + // Add the new data to the Secret + if secret.Data == nil { + secret.Data = make(map[string][]byte) + } + secret.Data[dataKey] = []byte(dataValue) + + // Save the updated Secret + err = cli.Update(context.TODO(), secret) + if err != nil { + log.Printf("Error updating Secret: %v\n", err) + return err + } + return nil +} + +func updateSecretLabel(cli client.Client, namespace, secretName string, labelKey string, labelValue string) error { + secret := &corev1.Secret{} + err := cli.Get(context.TODO(), client.ObjectKey{Name: secretName, Namespace: namespace}, secret) + if err != nil { + log.Printf("Error getting Secret: %v\n", err) + return err + } + + // Update the label + if secret.Labels == nil { + secret.Labels = make(map[string]string) + } + secret.Labels[labelKey] = labelValue + + // Save the updated Secret + err = cli.Update(context.TODO(), secret) + if err != nil { + log.Printf("Error updating Secret: %v\n", err) + return err + } + return nil +} + +func waitForSecret(cli client.Client, namespace, secretName string, timeout time.Duration) (*corev1.Secret, error) { + ctx, cancel := context.WithTimeout(context.Background(), timeout) + defer cancel() + + for { + secret := &corev1.Secret{} + err := cli.Get(ctx, client.ObjectKey{Namespace: namespace, Name: secretName}, secret) + if err != nil { + log.Printf("Waiting for Secret %s/%s to be created: %v", namespace, secretName, err) + time.Sleep(1 * time.Second) + continue + } + log.Printf("Secret %s/%s is created", secret.Namespace, secret.Name) + + return secret, nil + } +} + +// compareSecrets checks if two Secret data are equal, if not return false +func compareSecrets(s1 *corev1.Secret, s2 *corev1.Secret) bool { + // Two Secret will be equal if the data is identical + return reflect.DeepEqual(s1.Data, s2.Data) +} diff --git a/controllers/suite_test.go b/controllers/suite_test.go index bc11abb5..e4707ee3 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -21,6 +21,7 @@ import ( inferenceservicev1 "github.com/kserve/modelmesh-serving/apis/serving/v1beta1" mf "github.com/manifestival/manifestival" monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1" + corev1 "k8s.io/api/core/v1" k8srbacv1 "k8s.io/api/rbac/v1" "path/filepath" "testing" @@ -111,6 +112,7 @@ var _ = BeforeSuite(func() { utilruntime.Must(maistrav1.AddToScheme(scheme.Scheme)) utilruntime.Must(monitoringv1.AddToScheme(scheme.Scheme)) utilruntime.Must(mmv1alpha1.AddToScheme(scheme.Scheme)) + utilruntime.Must(corev1.AddToScheme(scheme.Scheme)) // +kubebuilder:scaffold:scheme @@ -176,6 +178,7 @@ var _ = AfterEach(func() { Expect(cli.DeleteAllOf(context.TODO(), &mmv1alpha1.ServingRuntime{}, inNamespace)).ToNot(HaveOccurred()) Expect(cli.DeleteAllOf(context.TODO(), &monitoringv1.ServiceMonitor{}, inNamespace)).ToNot(HaveOccurred()) Expect(cli.DeleteAllOf(context.TODO(), &k8srbacv1.RoleBinding{}, inNamespace)).ToNot(HaveOccurred()) + Expect(cli.DeleteAllOf(context.TODO(), &corev1.Secret{}, inNamespace)).ToNot(HaveOccurred()) }) diff --git a/controllers/testdata/secrets/dataconnection-encoded.yaml b/controllers/testdata/secrets/dataconnection-encoded.yaml new file mode 100644 index 00000000..b1deea5e --- /dev/null +++ b/controllers/testdata/secrets/dataconnection-encoded.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +data: + AWS_ACCESS_KEY_ID: VEhFQUNDRVNTS0VZ + AWS_CA_BUNDLE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUY2VENDQTlHZ0F3SUJBZ0lVYTRwekx2ZG5ZWFdabDNydnFSaHF0UUdxOFhVd0RRWUpLb1pJaHZjTkFRRUwKQlFBd2ZERUxNQWtHQTFVRUJoTUNRMEV4RFRBTEJnTlZCQWdNQkZSeWRXVXhEekFOQmdOVkJBY01CazFKVEZSUApUakVQTUEwR0ExVUVDZ3dHVWtWRVNFRlVNUXd3Q2dZRFZRUUxEQU5UUTBVeEVEQU9CZ05WQkFNTUIxSnZiM1FnClEwRXhIREFhQmdrcWhraUc5dzBCQ1FFV0RYUmxjM1JBZEdWemRDNWpiMjB3SGhjTk1qTXdOekkzTWpBeE16TTIKV2hjTk5ETXdOekl5TWpBeE16TTJXakI4TVFzd0NRWURWUVFHRXdKRFFURU5NQXNHQTFVRUNBd0VWSEoxWlRFUApNQTBHQTFVRUJ3d0dUVWxNVkU5T01ROHdEUVlEVlFRS0RBWlNSVVJJUVZReEREQUtCZ05WQkFzTUExTkRSVEVRCk1BNEdBMVVFQXd3SFVtOXZkQ0JEUVRFY01Cb0dDU3FHU0liM0RRRUpBUllOZEdWemRFQjBaWE4wTG1OdmJUQ0MKQWlJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dJUEFEQ0NBZ29DZ2dJQkFMWTFYWkEzbmxrbSszMjBIMDZUM1FEdgozVjVNL0VDZWQ0Yk5BNDdKalZDcWlrMTFNdUU3ZEd2UlpjTnFZeDhlVHlqL0FvdEw4NXZGTTAzdk1IZ2NJU2UxCnkwdktLeC9odDJKeFBWRitVNmxzS0QyTllUV1U0dFpmOFZMSjYyM0VLUGxSZmY0ZlF4bFd6VkJ1R3VpVXIxZGMKaHlPUjlpeWtVV0FmNllXYmk5L2J3RWlUYnloTG5VZm1oazVkN29TeE5mNC9KZEx4Nkh1M1doNk9HZWI4ODdZMApDcjlFODM3YitSeWpNQ3poYWw1K29pamtkS1dNcUVoUzh5K2dwcXVRTnVPWEkrMTJ1TGwyZDFDM0ZHVzd2MWIrCjMvL2QxeXliNnNpWFhvZC9ObGZBRGtuVnlxZXhXbWMzTWVFMXRRV2JTNGxPaVhjanFlRmp0QlVtaXhuaFNFQTcKRmN4ZjF6SXZsbzRWRE5Pa2QxdCtDSzJOWitkT1NLaHh4eHhWWk1sVEdWMjdMd0cxUzRkTHZ5Unk0V0hQVlJaZgo3WUgwL2FCRWdBSmtFSndxRzFWWEg3OEliVm03azVxL3FIVGYxekJsREZBeVVKbVI0a3J5clhobHhXWTlZZ1ByCmdGZnFFMm8rMC9wWU9CKzI4VWFsbXNuVXl3VDBFNUFBYmZCRk9BTmU2QUpzVWtrU044dW1BRnBFM09tTlI4NTEKQkFmMWFxRXdZMXMvMGpNSjNudVdzUU4zelNEUUViVWtqNlB6MFhKMUpEa1NjUE9oRjRnVDh1R2JVenZsTXF2TgpFTW9mZGhHN3ArU09WeEEyV1h0SVMweGlENDV4anJBNW9hbEEveHAxZmlocG1HbGVZYnhqOUhWU013L3ZhRUE1CmhVSi9nQVo2N2VpYVNNdjd6UnpqQWdNQkFBR2pZekJoTUIwR0ExVWREZ1FXQkJSbTU1aFVWWWVuWFNrc1RQM1kKSjBORTRJRVpRVEFmQmdOVkhTTUVHREFXZ0JSbTU1aFVWWWVuWFNrc1RQM1lKME5FNElFWlFUQVBCZ05WSFJNQgpBZjhFQlRBREFRSC9NQTRHQTFVZER3RUIvd1FFQXdJQmhqQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUFQU2p0Cm5yM1RqbkpGMEoyZjFmK2Y3S28yYXpNWnE1VWdZcm82WE5GUUw3SjdKZEZDRDFaTU5ZSlZJLzhxQjVqTkRNaEgKdXVZUnhCN1J5REJnUkZYSHhucC9UN0hiRy9XT1dNQ3U0UWd2ZXZPMVlsN1VQNFVvVFdab0VQYmxta1dJUlh6MQoxVWpKeVhLOFlGUERFc1pWT0NHL29oTWM0MXZJMzJKcy91MlJmOUxKNVVyeU5LSTRzOHYvQjI5Z3FBYUVtL1hwCjN6am9QaHBBcks2OEQ5bjVGbU9ZSU1SOStHUWpnM0dWSGN4c0Ricnp4ZEp2L0x4emwyN3Zxc25aQ21maitudTMKZURieUZhYlJISU51QzFjUXVjYlJCeGh5cXptY3A2OTFjeHkxZzBWTVpETE5xRllwVUJ4MDcxOEFPNExMSkI0eQplL1ZMRXF3M1ZpS2U5UkJqTGhXZnZabWsvNHNSMkZ4aW5wT1BadGtOUGJITU0rNHBzNHRMbTNMdmsxeFpDMFFtCkJSdlcwbEVmc1BRcVdpRUFpQlJTSDB3bGw4ZEUrcHV2bEo1YVhJdTUwdXlPcmxNUzk1b3RBM3FJaXBOejhoS2wKbVladTU4UzdoRGl4MmVQZFg4S1ZQbVR2MFZNUUcxaTFsVTZJOE56MHV5R0ZJcVRHUHNYd014UE8zak1Bano0YgpGeTk0RzFnMm0rOGcxc3lsRTJuUGs1ZlFhNDJnYVNRdGY2RllPdmppTlF6K0hyK2MyMUxkdGFxb2xqa3h2Y2N2CkJqaGY2QTZpdDVvcVpMUWd0RVdEU0dmbGxDK3RkN0NwQmdQYmpzUzV1M1BCQWltQy9zZ0RnY2dCYlhWL2IyYUIKU2kxK1ljcnRGZUoyY0d0NDJpSHVrSnNSOWRSMW55Q052RmR6QXp3PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + AWS_DEFAULT_REGION: dXMtc291dGg= + AWS_S3_BUCKET: bW9kZWxtZXNoLWV4YW1wbGUtbW9kZWxz + AWS_S3_ENDPOINT: aHR0cHM6Ly9taW5pby5taW5pby5zdmM6OTAwMA== + AWS_SECRET_ACCESS_KEY: ZDdjOWM3M2NjYTE2YmRjOTJkODBlYTg4NmY4YTE1OTIzYzJhMDZmYTE0NWE5ZWYyY2EzNThhMTk1MjNlN2IzNQ== + test: YWJjCg== +kind: Secret +metadata: + annotations: + opendatahub.io/connection-type: s3 + openshift.io/display-name: dc1 + labels: + opendatahub.io/dashboard: "true" + opendatahub.io/managed: "true" + name: aws-connection-minio + namespace: default +type: Opaque diff --git a/controllers/testdata/secrets/dataconnection-string.yaml b/controllers/testdata/secrets/dataconnection-string.yaml new file mode 100644 index 00000000..fb0b00db --- /dev/null +++ b/controllers/testdata/secrets/dataconnection-string.yaml @@ -0,0 +1,19 @@ +kind: Secret +apiVersion: v1 +metadata: + name: aws-connection-minio + namespace: default + labels: + opendatahub.io/dashboard: 'true' + opendatahub.io/managed: 'true' + annotations: + opendatahub.io/connection-type: s3 + openshift.io/display-name: dc1 +stringData: + AWS_ACCESS_KEY_ID: THEACCESSKEY + AWS_DEFAULT_REGION: us-south + AWS_S3_BUCKET: modelmesh-example-models + AWS_S3_ENDPOINT: https://minio.minio.svc:9000 + AWS_SECRET_ACCESS_KEY: d7c9c73cca16bdc92d80ea886f8a15923c2a06fa145a9ef2ca358a19523e7b35 + AWS_CA_BUNDLE: "-----BEGIN CERTIFICATE-----\nMIIF6TCCA9GgAwIBAgIUa4pzLvdnYXWZl3rvqRhqtQGq8XUwDQYJKoZIhvcNAQEL\nBQAwfDELMAkGA1UEBhMCQ0ExDTALBgNVBAgMBFRydWUxDzANBgNVBAcMBk1JTFRP\nTjEPMA0GA1UECgwGUkVESEFUMQwwCgYDVQQLDANTQ0UxEDAOBgNVBAMMB1Jvb3Qg\nQ0ExHDAaBgkqhkiG9w0BCQEWDXRlc3RAdGVzdC5jb20wHhcNMjMwNzI3MjAxMzM2\nWhcNNDMwNzIyMjAxMzM2WjB8MQswCQYDVQQGEwJDQTENMAsGA1UECAwEVHJ1ZTEP\nMA0GA1UEBwwGTUlMVE9OMQ8wDQYDVQQKDAZSRURIQVQxDDAKBgNVBAsMA1NDRTEQ\nMA4GA1UEAwwHUm9vdCBDQTEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbTCC\nAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALY1XZA3nlkm+320H06T3QDv\n3V5M/ECed4bNA47JjVCqik11MuE7dGvRZcNqYx8eTyj/AotL85vFM03vMHgcISe1\ny0vKKx/ht2JxPVF+U6lsKD2NYTWU4tZf8VLJ623EKPlRff4fQxlWzVBuGuiUr1dc\nhyOR9iykUWAf6YWbi9/bwEiTbyhLnUfmhk5d7oSxNf4/JdLx6Hu3Wh6OGeb887Y0\nCr9E837b+RyjMCzhal5+oijkdKWMqEhS8y+gpquQNuOXI+12uLl2d1C3FGW7v1b+\n3//d1yyb6siXXod/NlfADknVyqexWmc3MeE1tQWbS4lOiXcjqeFjtBUmixnhSEA7\nFcxf1zIvlo4VDNOkd1t+CK2NZ+dOSKhxxxxVZMlTGV27LwG1S4dLvyRy4WHPVRZf\n7YH0/aBEgAJkEJwqG1VXH78IbVm7k5q/qHTf1zBlDFAyUJmR4kryrXhlxWY9YgPr\ngFfqE2o+0/pYOB+28UalmsnUywT0E5AAbfBFOANe6AJsUkkSN8umAFpE3OmNR851\nBAf1aqEwY1s/0jMJ3nuWsQN3zSDQEbUkj6Pz0XJ1JDkScPOhF4gT8uGbUzvlMqvN\nEMofdhG7p+SOVxA2WXtIS0xiD45xjrA5oalA/xp1fihpmGleYbxj9HVSMw/vaEA5\nhUJ/gAZ67eiaSMv7zRzjAgMBAAGjYzBhMB0GA1UdDgQWBBRm55hUVYenXSksTP3Y\nJ0NE4IEZQTAfBgNVHSMEGDAWgBRm55hUVYenXSksTP3YJ0NE4IEZQTAPBgNVHRMB\nAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAPSjt\nnr3TjnJF0J2f1f+f7Ko2azMZq5UgYro6XNFQL7J7JdFCD1ZMNYJVI/8qB5jNDMhH\nuuYRxB7RyDBgRFXHxnp/T7HbG/WOWMCu4QgvevO1Yl7UP4UoTWZoEPblmkWIRXz1\n1UjJyXK8YFPDEsZVOCG/ohMc41vI32Js/u2Rf9LJ5UryNKI4s8v/B29gqAaEm/Xp\n3zjoPhpArK68D9n5FmOYIMR9+GQjg3GVHcxsDbrzxdJv/Lxzl27vqsnZCmfj+nu3\neDbyFabRHINuC1cQucbRBxhyqzmcp691cxy1g0VMZDLNqFYpUBx0718AO4LLJB4y\ne/VLEqw3ViKe9RBjLhWfvZmk/4sR2FxinpOPZtkNPbHMM+4ps4tLm3Lvk1xZC0Qm\nBRvW0lEfsPQqWiEAiBRSH0wll8dE+puvlJ5aXIu50uyOrlMS95otA3qIipNz8hKl\nmYZu58S7hDix2ePdX8KVPmTv0VMQG1i1lU6I8Nz0uyGFIqTGPsXwMxPO3jMAjz4b\nFy94G1g2m+8g1sylE2nPk5fQa42gaSQtf6FYOvjiNQz+Hr+c21Ldtaqoljkxvccv\nBjhf6A6it5oqZLQgtEWDSGfllC+td7CpBgPbjsS5u3PBAimC/sgDgcgBbXV/b2aB\nSi1+YcrtFeJ2cGt42iHukJsR9dR1nyCNvFdzAzw=\n-----END CERTIFICATE-----\n" +type: Opaque diff --git a/controllers/testdata/secrets/storageconfig-encoded-unmanaged.yaml b/controllers/testdata/secrets/storageconfig-encoded-unmanaged.yaml new file mode 100644 index 00000000..34cac38e --- /dev/null +++ b/controllers/testdata/secrets/storageconfig-encoded-unmanaged.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +data: + aws-connection-minio: dW5tYW5hZ2Vk +kind: Secret +metadata: + labels: + opendatahub.io/managed: "false" + name: storage-config + namespace: default +type: Opaque diff --git a/controllers/testdata/secrets/storageconfig-encoded.yaml b/controllers/testdata/secrets/storageconfig-encoded.yaml new file mode 100644 index 00000000..da12f1e8 --- /dev/null +++ b/controllers/testdata/secrets/storageconfig-encoded.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +data: + aws-connection-minio: eyJhY2Nlc3Nfa2V5X2lkIjoiVEhFQUNDRVNTS0VZIiwiY2VydGlmaWNhdGUiOiItLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS1cbk1JSUY2VENDQTlHZ0F3SUJBZ0lVYTRwekx2ZG5ZWFdabDNydnFSaHF0UUdxOFhVd0RRWUpLb1pJaHZjTkFRRUxcbkJRQXdmREVMTUFrR0ExVUVCaE1DUTBFeERUQUxCZ05WQkFnTUJGUnlkV1V4RHpBTkJnTlZCQWNNQmsxSlRGUlBcblRqRVBNQTBHQTFVRUNnd0dVa1ZFU0VGVU1Rd3dDZ1lEVlFRTERBTlRRMFV4RURBT0JnTlZCQU1NQjFKdmIzUWdcblEwRXhIREFhQmdrcWhraUc5dzBCQ1FFV0RYUmxjM1JBZEdWemRDNWpiMjB3SGhjTk1qTXdOekkzTWpBeE16TTJcbldoY05ORE13TnpJeU1qQXhNek0yV2pCOE1Rc3dDUVlEVlFRR0V3SkRRVEVOTUFzR0ExVUVDQXdFVkhKMVpURVBcbk1BMEdBMVVFQnd3R1RVbE1WRTlPTVE4d0RRWURWUVFLREFaU1JVUklRVlF4RERBS0JnTlZCQXNNQTFORFJURVFcbk1BNEdBMVVFQXd3SFVtOXZkQ0JEUVRFY01Cb0dDU3FHU0liM0RRRUpBUllOZEdWemRFQjBaWE4wTG1OdmJUQ0NcbkFpSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBTFkxWFpBM25sa20rMzIwSDA2VDNRRHZcbjNWNU0vRUNlZDRiTkE0N0pqVkNxaWsxMU11RTdkR3ZSWmNOcVl4OGVUeWovQW90TDg1dkZNMDN2TUhnY0lTZTFcbnkwdktLeC9odDJKeFBWRitVNmxzS0QyTllUV1U0dFpmOFZMSjYyM0VLUGxSZmY0ZlF4bFd6VkJ1R3VpVXIxZGNcbmh5T1I5aXlrVVdBZjZZV2JpOS9id0VpVGJ5aExuVWZtaGs1ZDdvU3hOZjQvSmRMeDZIdTNXaDZPR2ViODg3WTBcbkNyOUU4MzdiK1J5ak1DemhhbDUrb2lqa2RLV01xRWhTOHkrZ3BxdVFOdU9YSSsxMnVMbDJkMUMzRkdXN3YxYitcbjMvL2QxeXliNnNpWFhvZC9ObGZBRGtuVnlxZXhXbWMzTWVFMXRRV2JTNGxPaVhjanFlRmp0QlVtaXhuaFNFQTdcbkZjeGYxekl2bG80VkROT2tkMXQrQ0syTlorZE9TS2h4eHh4VlpNbFRHVjI3THdHMVM0ZEx2eVJ5NFdIUFZSWmZcbjdZSDAvYUJFZ0FKa0VKd3FHMVZYSDc4SWJWbTdrNXEvcUhUZjF6QmxERkF5VUptUjRrcnlyWGhseFdZOVlnUHJcbmdGZnFFMm8rMC9wWU9CKzI4VWFsbXNuVXl3VDBFNUFBYmZCRk9BTmU2QUpzVWtrU044dW1BRnBFM09tTlI4NTFcbkJBZjFhcUV3WTFzLzBqTUozbnVXc1FOM3pTRFFFYlVrajZQejBYSjFKRGtTY1BPaEY0Z1Q4dUdiVXp2bE1xdk5cbkVNb2ZkaEc3cCtTT1Z4QTJXWHRJUzB4aUQ0NXhqckE1b2FsQS94cDFmaWhwbUdsZVlieGo5SFZTTXcvdmFFQTVcbmhVSi9nQVo2N2VpYVNNdjd6UnpqQWdNQkFBR2pZekJoTUIwR0ExVWREZ1FXQkJSbTU1aFVWWWVuWFNrc1RQM1lcbkowTkU0SUVaUVRBZkJnTlZIU01FR0RBV2dCUm01NWhVVlllblhTa3NUUDNZSjBORTRJRVpRVEFQQmdOVkhSTUJcbkFmOEVCVEFEQVFIL01BNEdBMVVkRHdFQi93UUVBd0lCaGpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVBTanRcbm5yM1RqbkpGMEoyZjFmK2Y3S28yYXpNWnE1VWdZcm82WE5GUUw3SjdKZEZDRDFaTU5ZSlZJLzhxQjVqTkRNaEhcbnV1WVJ4QjdSeURCZ1JGWEh4bnAvVDdIYkcvV09XTUN1NFFndmV2TzFZbDdVUDRVb1RXWm9FUGJsbWtXSVJYejFcbjFVakp5WEs4WUZQREVzWlZPQ0cvb2hNYzQxdkkzMkpzL3UyUmY5TEo1VXJ5TktJNHM4di9CMjlncUFhRW0vWHBcbjN6am9QaHBBcks2OEQ5bjVGbU9ZSU1SOStHUWpnM0dWSGN4c0Ricnp4ZEp2L0x4emwyN3Zxc25aQ21maitudTNcbmVEYnlGYWJSSElOdUMxY1F1Y2JSQnhoeXF6bWNwNjkxY3h5MWcwVk1aRExOcUZZcFVCeDA3MThBTzRMTEpCNHlcbmUvVkxFcXczVmlLZTlSQmpMaFdmdlptay80c1IyRnhpbnBPUFp0a05QYkhNTSs0cHM0dExtM0x2azF4WkMwUW1cbkJSdlcwbEVmc1BRcVdpRUFpQlJTSDB3bGw4ZEUrcHV2bEo1YVhJdTUwdXlPcmxNUzk1b3RBM3FJaXBOejhoS2xcbm1ZWnU1OFM3aERpeDJlUGRYOEtWUG1UdjBWTVFHMWkxbFU2SThOejB1eUdGSXFUR1BzWHdNeFBPM2pNQWp6NGJcbkZ5OTRHMWcybSs4ZzFzeWxFMm5QazVmUWE0MmdhU1F0ZjZGWU92amlOUXorSHIrYzIxTGR0YXFvbGpreHZjY3ZcbkJqaGY2QTZpdDVvcVpMUWd0RVdEU0dmbGxDK3RkN0NwQmdQYmpzUzV1M1BCQWltQy9zZ0RnY2dCYlhWL2IyYUJcblNpMStZY3J0RmVKMmNHdDQyaUh1a0pzUjlkUjFueUNOdkZkekF6dz1cbi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS1cbiIsImRlZmF1bHRfYnVja2V0IjoibW9kZWxtZXNoLWV4YW1wbGUtbW9kZWxzIiwiZW5kcG9pbnRfdXJsIjoiaHR0cHM6Ly9taW5pby5taW5pby5zdmM6OTAwMCIsInJlZ2lvbiI6InVzLXNvdXRoIiwic2VjcmV0X2FjY2Vzc19rZXkiOiJkN2M5YzczY2NhMTZiZGM5MmQ4MGVhODg2ZjhhMTU5MjNjMmEwNmZhMTQ1YTllZjJjYTM1OGExOTUyM2U3YjM1IiwidHlwZSI6InMzIn0= +kind: Secret +metadata: + labels: + opendatahub.io/managed: "true" + name: storage-config + namespace: default +type: Opaque diff --git a/controllers/testdata/secrets/storageconfig-string-unmanaged.yaml b/controllers/testdata/secrets/storageconfig-string-unmanaged.yaml new file mode 100644 index 00000000..175c6ffa --- /dev/null +++ b/controllers/testdata/secrets/storageconfig-string-unmanaged.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: storage-config + namespace: default +stringData: + aws-connection-minio: "unmanaged" diff --git a/controllers/testdata/secrets/storageconfig-string.yaml b/controllers/testdata/secrets/storageconfig-string.yaml new file mode 100644 index 00000000..a5e80f91 --- /dev/null +++ b/controllers/testdata/secrets/storageconfig-string.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: storage-config + namespace: default +stringData: + aws-connection-minio: | + { + "type": "s3", + "access_key_id": "THEACCESSKEY", + "secret_access_key": "d7c9c73cca16bdc92d80ea886f8a15923c2a06fa145a9ef2ca358a19523e7b35", + "endpoint_url": "https://minio.minio.svc:9000", + "default_bucket": "modelmesh-example-models", + "region": "us-south", + "certificate": "-----BEGIN CERTIFICATE-----\nMIIF6TCCA9GgAwIBAgIUa4pzLvdnYXWZl3rvqRhqtQGq8XUwDQYJKoZIhvcNAQEL\nBQAwfDELMAkGA1UEBhMCQ0ExDTALBgNVBAgMBFRydWUxDzANBgNVBAcMBk1JTFRP\nTjEPMA0GA1UECgwGUkVESEFUMQwwCgYDVQQLDANTQ0UxEDAOBgNVBAMMB1Jvb3Qg\nQ0ExHDAaBgkqhkiG9w0BCQEWDXRlc3RAdGVzdC5jb20wHhcNMjMwNzI3MjAxMzM2\nWhcNNDMwNzIyMjAxMzM2WjB8MQswCQYDVQQGEwJDQTENMAsGA1UECAwEVHJ1ZTEP\nMA0GA1UEBwwGTUlMVE9OMQ8wDQYDVQQKDAZSRURIQVQxDDAKBgNVBAsMA1NDRTEQ\nMA4GA1UEAwwHUm9vdCBDQTEcMBoGCSqGSIb3DQEJARYNdGVzdEB0ZXN0LmNvbTCC\nAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALY1XZA3nlkm+320H06T3QDv\n3V5M/ECed4bNA47JjVCqik11MuE7dGvRZcNqYx8eTyj/AotL85vFM03vMHgcISe1\ny0vKKx/ht2JxPVF+U6lsKD2NYTWU4tZf8VLJ623EKPlRff4fQxlWzVBuGuiUr1dc\nhyOR9iykUWAf6YWbi9/bwEiTbyhLnUfmhk5d7oSxNf4/JdLx6Hu3Wh6OGeb887Y0\nCr9E837b+RyjMCzhal5+oijkdKWMqEhS8y+gpquQNuOXI+12uLl2d1C3FGW7v1b+\n3//d1yyb6siXXod/NlfADknVyqexWmc3MeE1tQWbS4lOiXcjqeFjtBUmixnhSEA7\nFcxf1zIvlo4VDNOkd1t+CK2NZ+dOSKhxxxxVZMlTGV27LwG1S4dLvyRy4WHPVRZf\n7YH0/aBEgAJkEJwqG1VXH78IbVm7k5q/qHTf1zBlDFAyUJmR4kryrXhlxWY9YgPr\ngFfqE2o+0/pYOB+28UalmsnUywT0E5AAbfBFOANe6AJsUkkSN8umAFpE3OmNR851\nBAf1aqEwY1s/0jMJ3nuWsQN3zSDQEbUkj6Pz0XJ1JDkScPOhF4gT8uGbUzvlMqvN\nEMofdhG7p+SOVxA2WXtIS0xiD45xjrA5oalA/xp1fihpmGleYbxj9HVSMw/vaEA5\nhUJ/gAZ67eiaSMv7zRzjAgMBAAGjYzBhMB0GA1UdDgQWBBRm55hUVYenXSksTP3Y\nJ0NE4IEZQTAfBgNVHSMEGDAWgBRm55hUVYenXSksTP3YJ0NE4IEZQTAPBgNVHRMB\nAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAPSjt\nnr3TjnJF0J2f1f+f7Ko2azMZq5UgYro6XNFQL7J7JdFCD1ZMNYJVI/8qB5jNDMhH\nuuYRxB7RyDBgRFXHxnp/T7HbG/WOWMCu4QgvevO1Yl7UP4UoTWZoEPblmkWIRXz1\n1UjJyXK8YFPDEsZVOCG/ohMc41vI32Js/u2Rf9LJ5UryNKI4s8v/B29gqAaEm/Xp\n3zjoPhpArK68D9n5FmOYIMR9+GQjg3GVHcxsDbrzxdJv/Lxzl27vqsnZCmfj+nu3\neDbyFabRHINuC1cQucbRBxhyqzmcp691cxy1g0VMZDLNqFYpUBx0718AO4LLJB4y\ne/VLEqw3ViKe9RBjLhWfvZmk/4sR2FxinpOPZtkNPbHMM+4ps4tLm3Lvk1xZC0Qm\nBRvW0lEfsPQqWiEAiBRSH0wll8dE+puvlJ5aXIu50uyOrlMS95otA3qIipNz8hKl\nmYZu58S7hDix2ePdX8KVPmTv0VMQG1i1lU6I8Nz0uyGFIqTGPsXwMxPO3jMAjz4b\nFy94G1g2m+8g1sylE2nPk5fQa42gaSQtf6FYOvjiNQz+Hr+c21Ldtaqoljkxvccv\nBjhf6A6it5oqZLQgtEWDSGfllC+td7CpBgPbjsS5u3PBAimC/sgDgcgBbXV/b2aB\nSi1+YcrtFeJ2cGt42iHukJsR9dR1nyCNvFdzAzw=\n-----END CERTIFICATE-----\n" + }