Skip to content

Commit c671209

Browse files
olivergondzaolivergondza
committed
Merge branch 'master' into redis-creds-via-volume
Signed-off-by: Oliver Gondža <[email protected]>
2 parents 687fabb + e0b400e commit c671209

30 files changed

Lines changed: 740 additions & 240 deletions

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,7 @@ e2e-tests-ginkgo: e2e-tests-sequential-ginkgo e2e-tests-parallel-ginkgo ## Runs
157157
.PHONY: e2e-tests-sequential-ginkgo
158158
e2e-tests-sequential-ginkgo: ginkgo ## Runs kuttl e2e sequential tests
159159
@echo "Running GitOps Operator sequential Ginkgo E2E tests..."
160-
$(GINKGO_CLI) -v --trace --timeout 180m -r ./test/openshift/e2e/ginkgo/sequential
160+
$(GINKGO_CLI) -v --trace --timeout 240m -r ./test/openshift/e2e/ginkgo/sequential
161161

162162
.PHONY: e2e-tests-parallel-ginkgo ## Runs kuttl e2e parallel tests, (Defaults to 5 runs at a time)
163163
e2e-tests-parallel-ginkgo: ginkgo

build/redis/haproxy.cfg.tpl

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ backend check_if_redis_is_master_0
2424
{{- else}}
2525
tcp-check connect ssl
2626
{{- end}}
27-
tcp-check send "AUTH replace-with-redis-auth"\r\n
27+
tcp-check send "AUTH __REPLACE_DEFAULT_AUTH__"\r\n
2828
tcp-check expect string +OK
2929
tcp-check send PING\r\n
3030
tcp-check expect string +PONG
@@ -50,7 +50,7 @@ backend check_if_redis_is_master_1
5050
{{- else}}
5151
tcp-check connect ssl
5252
{{- end}}
53-
tcp-check send "AUTH replace-with-redis-auth"\r\n
53+
tcp-check send "AUTH __REPLACE_DEFAULT_AUTH__"\r\n
5454
tcp-check expect string +OK
5555
tcp-check send PING\r\n
5656
tcp-check expect string +PONG
@@ -76,7 +76,7 @@ backend check_if_redis_is_master_2
7676
{{- else}}
7777
tcp-check connect ssl
7878
{{- end}}
79-
tcp-check send "AUTH replace-with-redis-auth"\r\n
79+
tcp-check send "AUTH __REPLACE_DEFAULT_AUTH__"\r\n
8080
tcp-check expect string +OK
8181
tcp-check send PING\r\n
8282
tcp-check expect string +PONG
@@ -108,7 +108,7 @@ backend bk_redis_master
108108
{{- else}}
109109
tcp-check connect ssl
110110
{{- end}}
111-
tcp-check send "AUTH replace-with-redis-auth"\r\n
111+
tcp-check send "AUTH __REPLACE_DEFAULT_AUTH__"\r\n
112112
tcp-check expect string +OK
113113
tcp-check send PING\r\n
114114
tcp-check expect string +PONG

build/redis/haproxy_init.sh.tpl

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,12 @@ if [ -z "$ANNOUNCE_IP2" ]; then
3333
fi
3434
sed -i "s/REPLACE_ANNOUNCE2/$ANNOUNCE_IP2/" "$HAPROXY_CONF"
3535

36-
auth=$(cat /redis-initial-pass/admin.password)
37-
sed -i "s/replace-with-redis-auth/$auth/" "$HAPROXY_CONF"
36+
AUTH="$(cat /app/config/redis-auth/auth)"
37+
if [ -z "${AUTH}" ]; then
38+
echo "Error: Redis password not mounted correctly"
39+
exit 1
40+
fi
41+
echo "Setting redis auth values.."
42+
ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g');
43+
sed -i "s/__REPLACE_DEFAULT_AUTH__/${ESCAPED_AUTH}/" "$HAPROXY_CONF"
3844

build/redis/init.sh.tpl

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -132,10 +132,15 @@ setup_defaults() {
132132

133133
redis_ping() {
134134
set +e
135+
AUTH="$(cat /app/config/redis-auth/auth)"
136+
if [ -z "$AUTH" ]; then
137+
echo "Error: Redis password not mounted correctly"
138+
exit 1
139+
fi
135140
if [ "$REDIS_PORT" -eq 0 ]; then
136-
redis-cli -h "${MASTER}" -a "${AUTH}" --no-auth-warning -p "${REDIS_TLS_PORT}" --tls --cacert /app/config/redis/tls/tls.crt ping
141+
env REDISCLI_AUTH="${AUTH}" redis-cli -h "${MASTER}" -p "${REDIS_TLS_PORT}" --tls --cacert /app/config/redis/tls/tls.crt ping
137142
else
138-
redis-cli -h "${MASTER}" -a "${AUTH}" --no-auth-warning -p "${REDIS_PORT}" ping
143+
env REDISCLI_AUTH="${AUTH}" redis-cli -h "${MASTER}" -p "${REDIS_PORT}" ping
139144
fi
140145
set -e
141146
}
@@ -170,7 +175,7 @@ find_master() {
170175
if [ "$SENTINEL_PORT" -eq 0 ]; then
171176
echo " on sentinel (${SERVICE}:${SENTINEL_TLS_PORT}), sentinel grp (${MASTER_GROUP})"
172177
echo " $(date).."
173-
if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /app/config/redis/tls/tls.crt sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
178+
if redis-cli -h "${SERVICE}" -p "${SENTINEL_TLS_PORT}" --tls --cacert /app/config/redis/tls/tls.crt sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
174179
echo " $(date) Failover returned with 'NOGOODSLAVE'"
175180
echo "Setting defaults for this pod.."
176181
setup_defaults
@@ -179,7 +184,7 @@ find_master() {
179184
else
180185
echo " on sentinel (${SERVICE}:${SENTINEL_PORT}), sentinel grp (${MASTER_GROUP})"
181186
echo " $(date).."
182-
if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE' ; then
187+
if redis-cli -h "${SERVICE}" -p "${SENTINEL_PORT}" sentinel failover "${MASTER_GROUP}" | grep -q 'NOGOODSLAVE'; then
183188
echo " $(date) Failover returned with 'NOGOODSLAVE'"
184189
echo "Setting defaults for this pod.."
185190
setup_defaults
@@ -252,16 +257,19 @@ else
252257
setup_defaults
253258
fi
254259

255-
if [ "${AUTH:-}" ]; then
256-
echo "Setting redis auth values.."
257-
ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g');
258-
sed -i "s/replace-default-auth/${ESCAPED_AUTH}/" "${REDIS_CONF}" "${SENTINEL_CONF}"
260+
AUTH="$(cat /app/config/redis-auth/auth)"
261+
if [ -z "${AUTH}" ]; then
262+
echo "Error: Redis password not mounted correctly"
263+
exit 1
259264
fi
265+
echo "Setting redis auth values.."
266+
ESCAPED_AUTH=$(echo "${AUTH}" | sed -e 's/[\/&]/\\&/g');
267+
sed -i "s/__REPLACE_DEFAULT_AUTH__/${ESCAPED_AUTH}/" "${REDIS_CONF}" "${SENTINEL_CONF}"
260268

261269
if [ "${SENTINELAUTH:-}" ]; then
262270
echo "Setting sentinel auth values"
263271
ESCAPED_AUTH_SENTINEL=$(echo "$SENTINELAUTH" | sed -e 's/[\/&]/\\&/g');
264-
sed -i "s/replace-default-sentinel-auth/${ESCAPED_AUTH_SENTINEL}/" "$SENTINEL_CONF"
272+
sed -i "s/__REPLACE_DEFAULT_SENTINEL_AUTH__/${ESCAPED_AUTH_SENTINEL}/" "$SENTINEL_CONF"
265273
fi
266274

267275
echo "$(date) Ready..."

build/redis/redis.conf.tpl

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,4 @@ rdbcompression yes
2020
repl-diskless-sync yes
2121
save ""
2222
protected-mode no
23-
requirepass replace-default-auth
24-
masterauth replace-default-auth
25-
26-
23+
aclfile /app/config/redis-auth/users.acl

build/redis/redis_liveness.sh.tpl

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
1+
redis_pwd="$(cat /app/config/redis-auth/auth)"
2+
if [ -z "$redis_pwd" ]; then
3+
echo "Error: Redis password not mounted correctly"
4+
exit 1
5+
fi
16
response=$(
2-
redis-cli \
3-
-a "${AUTH}" --no-auth-warning \
7+
env REDISCLI_AUTH="${redis_pwd}" redis-cli \
48
-h localhost \
59
-p 6379 \
610
{{- if eq .UseTLS "true"}}

build/redis/redis_readiness.sh.tpl

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,10 @@
1+
redis_pwd="$(cat /app/config/redis-auth/auth)"
2+
if [ -z "$redis_pwd" ]; then
3+
echo "Error: Redis password not mounted correctly"
4+
exit 1
5+
fi
16
response=$(
2-
redis-cli \
3-
-a "${AUTH}" --no-auth-warning \
7+
env REDISCLI_AUTH="${redis_pwd}" redis-cli \
48
-h localhost \
59
-p 6379 \
610
{{- if eq .UseTLS "true"}}
@@ -9,7 +13,7 @@ response=$(
913
{{- end}}
1014
ping
1115
)
12-
if [ "$response" != "PONG" ] ; then
16+
if [ "$response" != "PONG" ]; then
1317
echo "$response"
1418
exit 1
1519
fi

build/redis/sentinel.conf.tpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,4 +15,4 @@ bind 0.0.0.0
1515
sentinel failover-timeout argocd 180000
1616
maxclients 10000
1717
sentinel parallel-syncs argocd 5
18-
sentinel auth-pass argocd replace-default-auth
18+
sentinel auth-pass argocd __REPLACE_DEFAULT_AUTH__

bundle/manifests/gitops-operator.clusterserviceversion.yaml

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,16 @@ metadata:
168168
}
169169
}
170170
},
171+
{
172+
"apiVersion": "argoproj.io/v1beta1",
173+
"kind": "NamespaceManagement",
174+
"metadata": {
175+
"name": "namespacemanagement-sample"
176+
},
177+
"spec": {
178+
"managedBy": "argocd-ns"
179+
}
180+
},
171181
{
172182
"apiVersion": "pipelines.openshift.io/v1alpha1",
173183
"kind": "GitopsService",
@@ -180,7 +190,7 @@ metadata:
180190
capabilities: Deep Insights
181191
console.openshift.io/plugins: '["gitops-plugin"]'
182192
containerImage: quay.io/redhat-developer/gitops-operator
183-
createdAt: "2026-03-31T07:57:47Z"
193+
createdAt: "2026-04-14T12:37:41Z"
184194
description: Enables teams to adopt GitOps principles for managing cluster configurations
185195
and application delivery across hybrid multi-cluster Kubernetes environments.
186196
features.operators.openshift.io/disconnected: "true"

bundle/manifests/pipelines.openshift.io_gitopsservices.yaml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -213,10 +213,9 @@ spec:
213213
operator:
214214
description: |-
215215
Operator represents a key's relationship to the value.
216-
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
216+
Valid operators are Exists and Equal. Defaults to Equal.
217217
Exists is equivalent to wildcard for value, so that a pod can
218218
tolerate all taints of a particular category.
219-
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
220219
type: string
221220
tolerationSeconds:
222221
description: |-

0 commit comments

Comments
 (0)