Skip to content

Watch for keystone-overrides #795

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Watch for keystone-overrides #795

wants to merge 1 commit into from

Conversation

@fmount
Copy link
Contributor

@fmount fmount commented Sep 11, 2025
edited
Loading

This patch implements a watcher over keystone-overrides secrets based on a particular labelSelector. By doing this it is possible to extract and process keystone parameters (auth_url, www_authenticate_uri, region) and override the default information.

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Sep 11, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: fmount

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@fmount fmount requested review from Deydra71 and vakwetu and removed request for dprince and konan-abhi September 11, 2025 09:51
fmount
fmount commented Sep 11, 2025
View reviewed changes
@fmount fmount force-pushed the ko branch 2 times, most recently from d07c59f to b0508a9 Compare September 11, 2025 12:15
fmount
fmount commented Sep 11, 2025
View reviewed changes
controllers/glanceapi_controller.go
if ls := secret.GetLabels(); ls != nil {
lSelector := labels.GetLabelSelector(ls)
kSelector := labels.GetLabelSelector(keystonev1.KeystoneOverridesLabelSelector)
if labels.EqualLabelSelectors(lSelector, kSelector) {
Copy link
Contributor Author

@fmount fmount Sep 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Deydra71 labels.EqualLabelSelectors is available in lib-common: openstack-k8s-operators/lib-common#638 and it is useful here where we want to trigger a reconcile based on a set of labels extracted from the secret.
We expect the secret labels to be the same of what is defined in keystonev1.KeystoneOverridesLabelSelector, which is instead available in keystone-operator: openstack-k8s-operators/keystone-operator#625.

This way this logic has minimal dependencies on the object that the controller reconciles, and minimize the amount of changes required in a service operator.

fmount
fmount commented Sep 11, 2025
View reviewed changes
@fmount
Copy link
Contributor Author

fmount commented Sep 11, 2025
edited
Loading

@Deydra71 I think I reduced as much as possible the amount of code required in the service operator.
Here's a summary:

  1. a watcher over the secret, that triggers a reconcile based on the labelSelector (requires Add EqualLabelSelectors utility function lib-common#638)
  2. a small logic that eventually merges the overrides in keystoneData map, which is used in generateConfig function. It is based on the helper provided by keystone-operator (Add GetKeystoneOverrides function keystone-operator#625).
    This is an interesting point because an update to that function can be propagated with a bump to all the service operators that consume it.

By doing this is very easy to consume the same function on a different operator and copy/paste the same pattern. I'll verify this with Manila.

@fmount
Watch for keystone-overrides
4701df0 
This patch implements a watcher over keystone-overrides secrets based on
a particular labelSelector. By doing this it is possible to extract and
process keystone parameters (auth_url, www_authenticate_uri, region) and
override the default information.

Signed-off-by: Francesco Pantano <[email protected]>
@fmount fmount changed the title wip - Watch for keystone-overrides Watch for keystone-overrides Sep 11, 2025
@openshift-merge-robot
Copy link
Contributor

openshift-merge-robot commented Sep 13, 2025

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@fmount
Copy link
Contributor Author

fmount commented Sep 22, 2025

Closing as we discussed a different (better) solution

@fmount fmount closed this Sep 22, 2025
@fmount fmount mentioned this pull request Oct 3, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vakwetu vakwetu Awaiting requested review from vakwetu

@Deydra71 Deydra71 Awaiting requested review from Deydra71

Assignees

No one assigned

Labels

approved do-not-merge/hold needs-rebase

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@fmount @openshift-merge-robot