OCPBUGS-74506: Remove CSP feature flag

Author: jhadvig

pkg/console/operator/operator.go

@@ -89,9 +89,6 @@ type consoleOperator struct {
 	// lister
 	consolePluginLister listerv1.ConsolePluginLister
 
-	// CSP feature gate enabled
-	contentSecurityPolicyEnabled bool
-
 	resourceSyncer resourcesynccontroller.ResourceSyncer
 
 	trackables trackables
@@ -110,7 +107,6 @@ type trackables struct {
 
 func NewConsoleOperator(
 	ctx context.Context,
-	contentSecurityPolicyEnabled bool,
 	// top level config
 	configClient configclientv1.ConfigV1Interface,
 	configInformer configinformer.SharedInformerFactory,
@@ -192,8 +188,7 @@ func NewConsoleOperator(
 		consolePluginLister: consolePluginInformer.Lister(),
 		resourceSyncer:      resourceSyncer,
 
-		monitoringDeploymentLister:   monitoringDeploymentInformer.Lister(),
-		contentSecurityPolicyEnabled: contentSecurityPolicyEnabled,
+		monitoringDeploymentLister: monitoringDeploymentInformer.Lister(),
 	}
 
 	informers := []factory.Informer{

pkg/console/operator/sync_v400.go

@@ -397,7 +397,6 @@ func (co *consoleOperator) SyncConfigMap(
 		nodeArchitectures,
 		nodeOperatingSystems,
 		copiedCSVsDisabled,
-		co.contentSecurityPolicyEnabled,
 		telemetryConfig,
 		consoleHost,
 		techPreviewEnabled,

pkg/console/starter/starter.go

@@ -235,11 +235,9 @@ func RunOperator(ctx context.Context, controllerContext *controllercmd.Controlle
 		return err
 	}
 
-	contentSecurityPolicyEnabled := featureGates.Enabled("ConsolePluginContentSecurityPolicy")
 	// TODO: rearrange these into informer,client pairs, NOT separated.
 	consoleOperator := consoleoperator.NewConsoleOperator(
 		ctx,
-		contentSecurityPolicyEnabled,
 		// top level config
 		configClient.ConfigV1(),
 		configInformers,

pkg/console/subresource/configmap/configmap.go

@@ -46,7 +46,6 @@ func DefaultConfigMap(
 	nodeArchitectures []string,
 	nodeOperatingSystems []string,
 	copiedCSVsDisabled bool,
-	contentSecurityPolicyEnabled bool,
 	telemeterConfig map[string]string,
 	consoleHost string,
 	techPreviewEnabled bool,
@@ -89,7 +88,6 @@ func DefaultConfigMap(
 		PluginsOrder(availablePlugins, operatorConfig).
 		I18nNamespaces(pluginsWithI18nNamespace(availablePlugins)).
 		ContentSecurityPolicies(aggregateCSPDirectives(availablePlugins)).
-		ContentSecurityPolicyEnabled(contentSecurityPolicyEnabled).
 		Proxy(getPluginsProxyServices(availablePlugins)).
 		CustomLogoFile(operatorConfig.Spec.Customization.CustomLogoFile). // TODO Remove deprecated CustomLogoFile API.
 		CustomLogos(operatorConfig.Spec.Customization.Logos).

pkg/console/subresource/configmap/configmap_test.go

@@ -51,21 +51,20 @@ nV5cXbp9W1bC12Tc8nnNXn4ypLE2JTQAvyp51zoZ8hQoSnRVx/VCY55Yu+br8gQZ
 // To manually run these tests: go test -v ./pkg/console/subresource/configmap/...
 func TestDefaultConfigMap(t *testing.T) {
 	type args struct {
-		operatorConfig               *operatorv1.Console
-		authConfig                   *configv1.Authentication
-		consoleConfig                *configv1.Console
-		managedConfig                *corev1.ConfigMap
-		monitoringSharedConfig       *corev1.ConfigMap
-		authServerCAConfig           *corev1.ConfigMap
-		infrastructureConfig         *configv1.Infrastructure
-		rt                           *routev1.Route
-		inactivityTimeoutSeconds     int
-		availablePlugins             []*consolev1.ConsolePlugin
-		nodeArchitectures            []string
-		nodeOperatingSystems         []string
-		copiedCSVsDisabled           bool
-		contentSecurityPolicyEnabled bool
-		telemetryConfig              map[string]string
+		operatorConfig           *operatorv1.Console
+		authConfig               *configv1.Authentication
+		consoleConfig            *configv1.Console
+		managedConfig            *corev1.ConfigMap
+		monitoringSharedConfig   *corev1.ConfigMap
+		authServerCAConfig       *corev1.ConfigMap
+		infrastructureConfig     *configv1.Infrastructure
+		rt                       *routev1.Route
+		inactivityTimeoutSeconds int
+		availablePlugins         []*consolev1.ConsolePlugin
+		nodeArchitectures        []string
+		nodeOperatingSystems     []string
+		copiedCSVsDisabled       bool
+		telemetryConfig          map[string]string
 	}
 	t.Setenv("OPERATOR_IMAGE_VERSION", testReleaseVersion)
 	tests := []struct {
@@ -1303,7 +1302,6 @@ providers: {}
 				tt.args.nodeArchitectures,
 				tt.args.nodeOperatingSystems,
 				tt.args.copiedCSVsDisabled,
-				tt.args.contentSecurityPolicyEnabled,
 				tt.args.telemetryConfig,
 				tt.args.rt.Spec.Host,
 				false, // techPreviewEnabled - default to false for tests

pkg/console/subresource/configmap/tech_preview_test.go

@@ -94,7 +94,6 @@ func TestTechPreviewEnabled(t *testing.T) {
 				[]string{"amd64"},            // nodeArchitectures
 				[]string{"linux"},            // nodeOperatingSystems
 				false,                        // copiedCSVsDisabled
-				false,                        // contentSecurityPolicyEnabled
 				map[string]string{},          // telemetryConfig
 				"console.test.cluster",       // consoleHost
 				tt.args.techPreviewEnabled,

pkg/console/subresource/consoleserver/config_builder.go

@@ -46,44 +46,43 @@ var SupportedLightspeedArchitectures = []string{"amd64"}
 //
 //	b.Host().Brand("").Config()
 type ConsoleServerCLIConfigBuilder struct {
-	host                         string
-	logoutRedirectURL            string
-	brand                        operatorv1.Brand
-	docURL                       string
-	apiServerURL                 string
-	controlPlaneToplogy          configv1.TopologyMode
-	statusPageID                 string
-	customProductName            string
-	devCatalogCustomization      operatorv1.DeveloperConsoleCatalogCustomization
-	projectAccess                operatorv1.ProjectAccess
-	quickStarts                  operatorv1.QuickStarts
-	addPage                      operatorv1.AddPage
-	perspectives                 []operatorv1.Perspective
-	CAFile                       string
-	monitoring                   map[string]string
-	customHostnameRedirectPort   int
-	inactivityTimeoutSeconds     int
-	pluginsList                  map[string]string
-	pluginsOrder                 []string
-	i18nNamespaceList            []string
-	proxyServices                []ProxyService
-	telemetry                    map[string]string
-	releaseVersion               string
-	nodeArchitectures            []string
-	nodeOperatingSystems         []string
-	copiedCSVsDisabled           bool
-	oauthClientID                string
-	oidcExtraScopes              []string
-	oidcIssuerURL                string
-	oidcOCLoginCommand           string
-	authType                     string
-	sessionEncryptionFile        string
-	sessionAuthenticationFile    string
-	capabilities                 []operatorv1.Capability
-	contentSecurityPolicyEnabled bool
-	contentSecurityPolicyList    map[v1.DirectiveType][]string
-	logos                        []operatorv1.Logo
-	techPreviewEnabled           bool
+	host                       string
+	logoutRedirectURL          string
+	brand                      operatorv1.Brand
+	docURL                     string
+	apiServerURL               string
+	controlPlaneToplogy        configv1.TopologyMode
+	statusPageID               string
+	customProductName          string
+	devCatalogCustomization    operatorv1.DeveloperConsoleCatalogCustomization
+	projectAccess              operatorv1.ProjectAccess
+	quickStarts                operatorv1.QuickStarts
+	addPage                    operatorv1.AddPage
+	perspectives               []operatorv1.Perspective
+	CAFile                     string
+	monitoring                 map[string]string
+	customHostnameRedirectPort int
+	inactivityTimeoutSeconds   int
+	pluginsList                map[string]string
+	pluginsOrder               []string
+	i18nNamespaceList          []string
+	proxyServices              []ProxyService
+	telemetry                  map[string]string
+	releaseVersion             string
+	nodeArchitectures          []string
+	nodeOperatingSystems       []string
+	copiedCSVsDisabled         bool
+	oauthClientID              string
+	oidcExtraScopes            []string
+	oidcIssuerURL              string
+	oidcOCLoginCommand         string
+	authType                   string
+	sessionEncryptionFile      string
+	sessionAuthenticationFile  string
+	capabilities               []operatorv1.Capability
+	contentSecurityPolicyList  map[v1.DirectiveType][]string
+	logos                      []operatorv1.Logo
+	techPreviewEnabled         bool
 }
 
 func (b *ConsoleServerCLIConfigBuilder) Host(host string) *ConsoleServerCLIConfigBuilder {
@@ -272,11 +271,6 @@ func (b *ConsoleServerCLIConfigBuilder) ContentSecurityPolicies(cspList map[v1.D
 	return b
 }
 
-func (b *ConsoleServerCLIConfigBuilder) ContentSecurityPolicyEnabled(enabled bool) *ConsoleServerCLIConfigBuilder {
-	b.contentSecurityPolicyEnabled = enabled
-	return b
-}
-
 func (b *ConsoleServerCLIConfigBuilder) I18nNamespaces(i18nNamespaces []string) *ConsoleServerCLIConfigBuilder {
 	b.i18nNamespaceList = i18nNamespaces
 	return b
@@ -319,22 +313,21 @@ func (b *ConsoleServerCLIConfigBuilder) TechPreviewEnabled(techPreviewEnabled bo
 
 func (b *ConsoleServerCLIConfigBuilder) Config() Config {
 	return Config{
-		Kind:                         "ConsoleConfig",
-		APIVersion:                   "console.openshift.io/v1",
-		Auth:                         b.auth(),
-		Session:                      b.session(),
-		ClusterInfo:                  b.clusterInfo(),
-		Customization:                b.customization(),
-		ServingInfo:                  b.servingInfo(),
-		Providers:                    b.providers(),
-		MonitoringInfo:               b.monitoringInfo(),
-		Plugins:                      b.plugins(),
-		PluginsOrder:                 b.getPluginsOrder(),
-		I18nNamespaces:               b.i18nNamespaces(),
-		Proxy:                        b.proxy(),
-		ContentSecurityPolicy:        b.contentSecurityPolicy(),
-		ContentSecurityPolicyEnabled: b.getContentSecurityPolicyEnabled(),
-		Telemetry:                    b.telemetry,
+		Kind:                  "ConsoleConfig",
+		APIVersion:            "console.openshift.io/v1",
+		Auth:                  b.auth(),
+		Session:               b.session(),
+		ClusterInfo:           b.clusterInfo(),
+		Customization:         b.customization(),
+		ServingInfo:           b.servingInfo(),
+		Providers:             b.providers(),
+		MonitoringInfo:        b.monitoringInfo(),
+		Plugins:               b.plugins(),
+		PluginsOrder:          b.getPluginsOrder(),
+		I18nNamespaces:        b.i18nNamespaces(),
+		Proxy:                 b.proxy(),
+		ContentSecurityPolicy: b.contentSecurityPolicy(),
+		Telemetry:             b.telemetry,
 	}
 }
 
@@ -618,10 +611,6 @@ func (b *ConsoleServerCLIConfigBuilder) contentSecurityPolicy() map[v1.Directive
 	return b.contentSecurityPolicyList
 }
 
-func (b *ConsoleServerCLIConfigBuilder) getContentSecurityPolicyEnabled() bool {
-	return b.contentSecurityPolicyEnabled
-}
-
 func (b *ConsoleServerCLIConfigBuilder) proxy() Proxy {
 	return Proxy{
 		Services: b.proxyServices,

pkg/console/subresource/consoleserver/types.go

@@ -18,22 +18,21 @@ import (
 
 // Config is the top-level console server cli configuration.
 type Config struct {
-	APIVersion                   string `yaml:"apiVersion"`
-	Kind                         string `yaml:"kind"`
-	ServingInfo                  `yaml:"servingInfo"`
-	ClusterInfo                  `yaml:"clusterInfo"`
-	Auth                         `yaml:"auth"`
-	Session                      `yaml:"session"`
-	Customization                `yaml:"customization"`
-	Providers                    `yaml:"providers"`
-	MonitoringInfo               `yaml:"monitoringInfo,omitempty"`
-	Plugins                      map[string]string             `yaml:"plugins,omitempty"`
-	PluginsOrder                 []string                      `yaml:"pluginsOrder,omitempty"`
-	I18nNamespaces               []string                      `yaml:"i18nNamespaces,omitempty"`
-	Proxy                        Proxy                         `yaml:"proxy,omitempty"`
-	ContentSecurityPolicy        map[v1.DirectiveType][]string `yaml:"contentSecurityPolicy,omitempty"`
-	ContentSecurityPolicyEnabled bool                          `yaml:"contentSecurityPolicyEnabled,omitempty"`
-	Telemetry                    map[string]string             `yaml:"telemetry,omitempty"`
+	APIVersion            string `yaml:"apiVersion"`
+	Kind                  string `yaml:"kind"`
+	ServingInfo           `yaml:"servingInfo"`
+	ClusterInfo           `yaml:"clusterInfo"`
+	Auth                  `yaml:"auth"`
+	Session               `yaml:"session"`
+	Customization         `yaml:"customization"`
+	Providers             `yaml:"providers"`
+	MonitoringInfo        `yaml:"monitoringInfo,omitempty"`
+	Plugins               map[string]string             `yaml:"plugins,omitempty"`
+	PluginsOrder          []string                      `yaml:"pluginsOrder,omitempty"`
+	I18nNamespaces        []string                      `yaml:"i18nNamespaces,omitempty"`
+	Proxy                 Proxy                         `yaml:"proxy,omitempty"`
+	ContentSecurityPolicy map[v1.DirectiveType][]string `yaml:"contentSecurityPolicy,omitempty"`
+	Telemetry             map[string]string             `yaml:"telemetry,omitempty"`
 }
 
 type Proxy struct {