openshift · openshift-merge-robot · Dec 3, 2019 · Nov 26, 2019
diff --git a/hack/test-unit.sh b/hack/test-unit.sh
@@ -10,7 +10,6 @@ PACKAGES_TO_TEST=(
     "github.com/openshift/console-operator/pkg/console/operator"
     "github.com/openshift/console-operator/pkg/console/starter"
     "github.com/openshift/console-operator/pkg/console/subresource/configmap"
-    "github.com/openshift/console-operator/pkg/console/subresource/consoleserver"
     "github.com/openshift/console-operator/pkg/console/subresource/deployment"
     "github.com/openshift/console-operator/pkg/console/subresource/oauthclient"
     "github.com/openshift/console-operator/pkg/console/subresource/route"

diff --git a/pkg/api/api.go b/pkg/api/api.go
@@ -15,7 +15,6 @@ const (
 	OpenShiftConsoleConfigMapName       = "console-config"
 	OpenShiftConsolePublicConfigMapName = "console-public"
 	ServiceCAConfigMapName              = "service-ca"
-	RouterCAConfigMapName               = "router-ca"
 	OpenShiftConsoleDeploymentName      = OpenShiftConsoleName
 	OpenShiftConsoleServiceName         = OpenShiftConsoleName
 	OpenShiftConsoleRouteName           = OpenShiftConsoleName

diff --git a/pkg/console/controllers/resourcesyncdestination/controller.go b/pkg/console/controllers/resourcesyncdestination/controller.go
diff --git a/pkg/console/operator/sync_v400.go b/pkg/console/operator/sync_v400.go
@@ -82,9 +82,6 @@ func (co *consoleOperator) sync_v400(updatedOperatorConfig *operatorv1.Console,
 	// The sync loop may not settle, we are unable to honor it in current state.
 	status.HandleProgressingOrDegraded(updatedOperatorConfig, "CustomLogoSync", customLogoErrReason, customLogoError)
 
-	routerCAConfigMap, routerCAErrReason, routerCAError := co.ValidateRouterCAConfigMap()
-	status.HandleProgressingOrDegraded(updatedOperatorConfig, "RouterCAValidation", routerCAErrReason, routerCAError)
-
 	sec, secChanged, secErr := co.SyncSecret(set.Operator)
 	toUpdate = toUpdate || secChanged
 	status.HandleProgressingOrDegraded(updatedOperatorConfig, "OAuthClientSecretSync", "FailedApply", secErr)
@@ -99,7 +96,7 @@ func (co *consoleOperator) sync_v400(updatedOperatorConfig *operatorv1.Console,
 		return oauthErr
 	}
 
-	actualDeployment, depChanged, depErrReason, depErr := co.SyncDeployment(set.Operator, cm, serviceCAConfigMap, routerCAConfigMap, trustedCAConfigMap, sec, rt, set.Proxy, customLogoCanMount)
+	actualDeployment, depChanged, depErrReason, depErr := co.SyncDeployment(set.Operator, cm, serviceCAConfigMap, trustedCAConfigMap, sec, rt, set.Proxy, customLogoCanMount)
 	toUpdate = toUpdate || depChanged
 	status.HandleProgressingOrDegraded(updatedOperatorConfig, "DeploymentSync", depErrReason, depErr)
 	if depErr != nil {
@@ -212,14 +209,13 @@ func (co *consoleOperator) SyncDeployment(
 	operatorConfig *operatorv1.Console,
 	cm *corev1.ConfigMap,
 	serviceCAConfigMap *corev1.ConfigMap,
-	routerCAConfigMap *corev1.ConfigMap,
 	trustedCAConfigMap *corev1.ConfigMap,
 	sec *corev1.Secret,
 	rt *routev1.Route,
 	proxyConfig *configv1.Proxy,
 	canMountCustomLogo bool) (consoleDeployment *appsv1.Deployment, changed bool, reason string, err error) {
 
-	requiredDeployment := deploymentsub.DefaultDeployment(operatorConfig, cm, serviceCAConfigMap, routerCAConfigMap, trustedCAConfigMap, sec, rt, proxyConfig, canMountCustomLogo)
+	requiredDeployment := deploymentsub.DefaultDeployment(operatorConfig, cm, serviceCAConfigMap, trustedCAConfigMap, sec, rt, proxyConfig, canMountCustomLogo)
 	expectedGeneration := getDeploymentGeneration(co)
 	genChanged := operatorConfig.ObjectMeta.Generation != operatorConfig.Status.ObservedGeneration
 
@@ -289,18 +285,7 @@ func (co *consoleOperator) SyncConfigMap(
 		return nil, false, "FailedManagedConfig", mcErr
 	}
 
-	useDefaultCAFile := true
-	// We are syncing the `router-ca` configmap from `openshift-config-managed` to `openshift-console`.
-	// `router-ca` is only published in `openshift-config-managed` if an operator-generated default certificate is used.
-	// It will not exist if all ingresscontrollers user admin-provided default certificates.
-	// If the `router-ca` configmap in `openshift-console` exist we should mount that to the console container,
-	// otherwise default to `/var/run/secrets/kubernetes.io/serviceaccount/ca.crt`
-	_, rcaErr := co.configMapClient.ConfigMaps(api.OpenShiftConsoleNamespace).Get(api.RouterCAConfigMapName, metav1.GetOptions{})
-	if rcaErr != nil && apierrors.IsNotFound(rcaErr) {
-		useDefaultCAFile = false
-	}
-
-	defaultConfigmap, _, err := configmapsub.DefaultConfigMap(operatorConfig, consoleConfig, managedConfig, infrastructureConfig, consoleRoute, useDefaultCAFile)
+	defaultConfigmap, _, err := configmapsub.DefaultConfigMap(operatorConfig, consoleConfig, managedConfig, infrastructureConfig, consoleRoute)
 	if err != nil {
 		return nil, false, "FailedConsoleConfigBuilder", err
 	}
@@ -423,20 +408,6 @@ func (c *consoleOperator) SyncCustomLogoConfigMap(operatorConfig *operatorsv1.Co
 	return okToMount, reason, err
 }
 
-func (c *consoleOperator) ValidateRouterCAConfigMap() (routerCA *corev1.ConfigMap, reason string, err error) {
-	routerCAConfigMap, err := c.configMapClient.ConfigMaps(api.OpenShiftConsoleNamespace).Get(api.RouterCAConfigMapName, metav1.GetOptions{})
-	if err != nil {
-		klog.V(4).Infoln("router-ca configmap not found")
-		return nil, "FailedGet", fmt.Errorf("router-ca configmap not found")
-	}
-
-	_, caBundle := routerCAConfigMap.Data["ca-bundle.crt"]
-	if !caBundle {
-		return nil, "MissingRouterCABundle", fmt.Errorf("router-ca configmap is missing ca-bundle.crt data")
-	}
-	return routerCAConfigMap, "", nil
-}
-
 // on each pass of the operator sync loop, we need to check the
 // operator config for a custom logo.  If this has been set, then
 // we notify the resourceSyncer that it needs to start watching this

diff --git a/pkg/console/starter/starter.go b/pkg/console/starter/starter.go
@@ -18,7 +18,6 @@ import (
 	operatorv1 "github.com/openshift/api/operator"
 	"github.com/openshift/console-operator/pkg/api"
 	"github.com/openshift/console-operator/pkg/console/controllers/clidownloads"
-	"github.com/openshift/console-operator/pkg/console/controllers/resourcesyncdestination"
 	"github.com/openshift/console-operator/pkg/console/operatorclient"
 	"github.com/openshift/library-go/pkg/controller/controllercmd"
 	"github.com/openshift/library-go/pkg/operator/management"
@@ -147,12 +146,9 @@ func RunOperator(ctx *controllercmd.ControllerContext) error {
 
 	resourceSyncerInformers, resourceSyncer := getResourceSyncer(ctx, clientwrapper.WithoutSecret(kubeClient), operatorClient)
 
-	err = startResourceSyncing(resourceSyncer)
-	if err != nil {
-		return err
-	}
 	consoleMetrics := metrics.Register()
 
+	// TODO: rearrange these into informer,client pairs, NOT separated.
 	consoleOperator := operator.NewConsoleOperator(
 		// top level config
 		configClient.ConfigV1(),
@@ -183,13 +179,13 @@ func RunOperator(ctx *controllercmd.ControllerContext) error {
 		recorder,
 		resourceSyncer,
 	)
-
 	cliDownloadsController := clidownloads.NewCLIDownloadsSyncController(
 		// clients
 		operatorClient,
 		operatorConfigClient.OperatorV1(),
 		consoleClient.ConsoleV1().ConsoleCLIDownloads(),
 		routesClient.RouteV1(),
+
 		// informers
 		operatorConfigInformers.Operator().V1().Consoles(),    // OperatorConfig
 		consoleInformers.Console().V1().ConsoleCLIDownloads(), // ConsoleCliDownloads
@@ -198,19 +194,6 @@ func RunOperator(ctx *controllercmd.ControllerContext) error {
 		recorder,
 	)
 
-	// ResourceSyncDestinationController contains additional logic for all the
-	// secrets and configmaps that we resourceSyncer is taking care of
-	resourceSyncDestinationController := resourcesyncdestination.NewResourceSyncDestinationController(
-		// operatorconfig
-		operatorConfigClient.OperatorV1().Consoles(),
-		operatorConfigInformers.Operator().V1().Consoles(),
-		// configmap
-		kubeClient.CoreV1(),
-		kubeInformersNamespaced.Core().V1().ConfigMaps(),
-		// events
-		recorder,
-	)
-
 	consoleServiceController := service.NewServiceSyncController(
 		// clients
 		operatorConfigClient.OperatorV1().Consoles(), // operator config so we can update status
@@ -284,7 +267,6 @@ func RunOperator(ctx *controllercmd.ControllerContext) error {
 	}
 
 	go consoleServiceController.Run(1, ctx.Done())
-	go resourceSyncDestinationController.Run(1, ctx.Done())
 	go consoleOperator.Run(ctx.Done())
 	go resourceSyncer.Run(1, ctx.Done())
 	go clusterOperatorStatus.Run(1, ctx.Done())
@@ -298,25 +280,11 @@ func RunOperator(ctx *controllercmd.ControllerContext) error {
 	return fmt.Errorf("stopped")
 }
 
-// startResourceSyncing should start syncing process of all secrets and configmaps that need to be synced.
-func startResourceSyncing(resourceSyncer *resourcesynccontroller.ResourceSyncController) error {
-	// sync: 'router-ca' configmap
-	// from: 'openshift-config-managed' namespace
-	// to:   'openshift-console' namespace
-	err := resourceSyncer.SyncConfigMap(
-		resourcesynccontroller.ResourceLocation{Name: api.RouterCAConfigMapName, Namespace: api.OpenShiftConsoleNamespace},
-		resourcesynccontroller.ResourceLocation{Name: api.RouterCAConfigMapName, Namespace: api.OpenShiftConfigManagedNamespace},
-	)
-
-	return err
-}
-
 func getResourceSyncer(ctx *controllercmd.ControllerContext, kubeClient kubernetes.Interface, operatorClient v1helpers.OperatorClient) (v1helpers.KubeInformersForNamespaces, *resourcesynccontroller.ResourceSyncController) {
 	resourceSyncerInformers := v1helpers.NewKubeInformersForNamespaces(
 		kubeClient,
 		api.OpenShiftConfigNamespace,
 		api.OpenShiftConsoleNamespace,
-		api.OpenShiftConfigManagedNamespace,
 	)
 	resourceSyncer := resourcesynccontroller.NewResourceSyncController(
 		operatorClient,

diff --git a/pkg/console/subresource/configmap/configmap.go b/pkg/console/subresource/configmap/configmap.go
@@ -39,15 +39,13 @@ func DefaultConfigMap(
 	consoleConfig *configv1.Console,
 	managedConfig *corev1.ConfigMap,
 	infrastructureConfig *configv1.Infrastructure,
-	rt *routev1.Route,
-	useDefaultCAFile bool) (consoleConfigmap *corev1.ConfigMap, unsupportedOverridesHaveMerged bool, err error) {
+	rt *routev1.Route) (consoleConfigmap *corev1.ConfigMap, unsupportedOverridesHaveMerged bool, err error) {
 
 	defaultBuilder := &consoleserver.ConsoleServerCLIConfigBuilder{}
 	defaultConfig, err := defaultBuilder.Host(rt.Spec.Host).
 		LogoutURL(defaultLogoutURL).
 		Brand(DEFAULT_BRAND).
 		DocURL(DEFAULT_DOC_URL).
-		RouterCA(useDefaultCAFile).
 		APIServerURL(getApiUrl(infrastructureConfig)).
 		ConfigYAML()
 
@@ -57,7 +55,6 @@ func DefaultConfigMap(
 		LogoutURL(consoleConfig.Spec.Authentication.LogoutRedirect).
 		Brand(operatorConfig.Spec.Customization.Brand).
 		DocURL(operatorConfig.Spec.Customization.DocumentationBaseURL).
-		RouterCA(useDefaultCAFile).
 		APIServerURL(getApiUrl(infrastructureConfig)).
 		CustomLogoFile(operatorConfig.Spec.Customization.CustomLogoFile.Key).
 		CustomProductName(operatorConfig.Spec.Customization.CustomProductName).