Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature-1091]: Update Authorization Proxy Server Ingress and Use Local Storage for Redis by default #436

Merged
merged 8 commits into from
Jan 31, 2024
Merged

[feature-1091]: Update Authorization Proxy Server Ingress and Use Local Storage for Redis by default #436

merged 8 commits into from
Jan 31, 2024

Conversation

atye
Copy link
Contributor

@atye atye commented Jan 23, 2024
edited
Loading

Description

This updates the Authorization proxy-server ingress to enable connecting by a cluster node IP address instead of requiring one of the hostnames in the ingress, such as csm-authorization.com, because there is extra work to make a hostname like that resolve correctly. It also provisions a local volume for Redis by default if no storage class for Redis is specified.

Changes in some more detail:

Adds v1.10.0 folder for Authorization.

operatorconfig/moduleconfig/authorization/v1.10.0/ingress.yaml contains the following lines to allow connecting by IP address (no host specified).

 - http:
      paths:
      - backend:
          service:
            name: proxy-server
            port:
              number: 8080
        path: /
        pathType: Prefix

Adds operatorconfig/moduleconfig/authorization/v1.10.0/local-provisioner.yaml which contains manifests for a local provisioning storage class and a persistent volume with said storage class. If the REDIS_STORAGE_CLASS env variable is not provided, these resources will be created and used for Redis.

Adds sample file for Authorization v1.10.0 where REDIS_STORAGE_CLASS is not specified by default.

Adds unit test for deploying Authorization with default local storage for Redis.

Adds PROXY_HOST env variable to tests/e2e/env-e2e-test.sh to specify the IP or hostname of the proxy-server for karavictl instead of using hardcoded address that only resolves in a k8s cluster.

Disabled cert-manager dependency in tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml because a prerequisite step of Install Authorization Proxy Server is creating a cert which will fail unless cert-manager is installed. So, cert-manager has to be installed before e2e and shouldn't be installed again with Authorization.

Adds e2e scenario for installing Authorization using default, local storage.

GitHub Issues

List the GitHub issues impacted by this PR:

GitHub Issue #
dell/csm#1091

Checklist:

  • I have performed a self-review of my own code to ensure there are no formatting, vetting, linting, or security issues
  • I have verified that new and existing unit tests pass locally with my changes
  • I have not allowed coverage numbers to degenerate
  • I have maintained at least 90% code coverage
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • I have maintained backward compatibility

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

New unit test and manual e2e test.

This was referenced Jan 24, 2024
Closed
Merged
@atye atye closed this Jan 25, 2024
@atye atye reopened this Jan 25, 2024
@atye atye force-pushed the feature-1091-authorization-ingress-redis branch from 2a452b8 to 338aa73 Compare January 30, 2024 15:08
xuluna
xuluna previously approved these changes Jan 30, 2024
View reviewed changes
@atye atye force-pushed the feature-1091-authorization-ingress-redis branch from 1b26020 to b8f8953 Compare January 31, 2024 19:03
@atye atye merged commit d5efc82 into main Jan 31, 2024
7 of 8 checks passed
@atye atye deleted the feature-1091-authorization-ingress-redis branch January 31, 2024 19:14
ChristianAtDell added a commit that referenced this pull request Oct 15, 2024
@ChristianAtDell
[feature-1091]: Update Authorization Proxy Server Ingress and Use Loc…
683226f 
…al Storage for Redis by default (#436)

* update ingress, support default redis class, start update e2e

* update auth e2e

* revert new line

* revert new line

* fix lint

* update cr redis comments

* fix e2e

* update proxy_host comment
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PeresKereotubo PeresKereotubo PeresKereotubo approved these changes

@shaynafinocchiaro shaynafinocchiaro shaynafinocchiaro approved these changes

@EvgenyUglov EvgenyUglov EvgenyUglov approved these changes

@xuluna xuluna xuluna left review comments

@abhi16394 abhi16394 Awaiting requested review from abhi16394 abhi16394 is a code owner

@mbasha-dell mbasha-dell Awaiting requested review from mbasha-dell mbasha-dell is a code owner

@alikdell alikdell Awaiting requested review from alikdell alikdell is a code owner

@bharathsreekanth bharathsreekanth Awaiting requested review from bharathsreekanth bharathsreekanth is a code owner

@chimanjain chimanjain Awaiting requested review from chimanjain chimanjain is a code owner

@coulof coulof Awaiting requested review from coulof coulof is a code owner

@Deepak-Ghivari Deepak-Ghivari Awaiting requested review from Deepak-Ghivari Deepak-Ghivari is a code owner

@gallacher gallacher Awaiting requested review from gallacher gallacher is a code owner

@HarishH-DELL HarishH-DELL Awaiting requested review from HarishH-DELL HarishH-DELL is a code owner

@JacobGros JacobGros Awaiting requested review from JacobGros JacobGros is a code owner

@jooseppi-luna jooseppi-luna Awaiting requested review from jooseppi-luna jooseppi-luna is a code owner

@karthikk92 karthikk92 Awaiting requested review from karthikk92 karthikk92 is a code owner

@kumarkgosa kumarkgosa Awaiting requested review from kumarkgosa kumarkgosa is a code owner

@bandak2 bandak2 Awaiting requested review from bandak2 bandak2 is a code owner

@mjsdell mjsdell Awaiting requested review from mjsdell mjsdell is a code owner

@nitesh3108 nitesh3108 Awaiting requested review from nitesh3108 nitesh3108 is a code owner

@Prabhu-Dell Prabhu-Dell Awaiting requested review from Prabhu-Dell Prabhu-Dell is a code owner

@rajendraindukuri rajendraindukuri Awaiting requested review from rajendraindukuri rajendraindukuri is a code owner

@rajkumar-palani rajkumar-palani Awaiting requested review from rajkumar-palani rajkumar-palani is a code owner

@shefali-malhotra shefali-malhotra Awaiting requested review from shefali-malhotra shefali-malhotra is a code owner

@panigs7 panigs7 Awaiting requested review from panigs7 panigs7 is a code owner

@tdawe tdawe Awaiting requested review from tdawe tdawe is a code owner

@sharmilarama sharmilarama Awaiting requested review from sharmilarama sharmilarama is a code owner

@shanmydell shanmydell Awaiting requested review from shanmydell shanmydell is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@atye @xuluna @EvgenyUglov @shaynafinocchiaro @PeresKereotubo