Add test for existing Etcd cert

Signed-off-by: Chuck Ha <[email protected]>

Author: chuckha

Dockerfile.dev

@@ -33,7 +33,6 @@ COPY api/ api/
 COPY controllers/ controllers/
 COPY kubeadm/ kubeadm/
 COPY cloudinit/ cloudinit/
-COPY certs/ certs/
 COPY internal/ internal/
 
 # Allow containerd to restart pods by calling /restart.sh (mostly for tilt + fast dev cycles)

cloudinit/cloudinit_test.go

@@ -21,7 +21,8 @@ import (
 	"testing"
 
 	infrav1 "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/api/v1alpha2"
-	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal"
+	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal/cluster"
+	"sigs.k8s.io/cluster-api/util/certs"
 )
 
 func TestNewInitControlPlaneAdditionalFileEncodings(t *testing.T) {
@@ -45,14 +46,16 @@ func TestNewInitControlPlaneAdditionalFileEncodings(t *testing.T) {
 			Users:      nil,
 			NTP:        nil,
 		},
-		Certificates:         internal.NewCertificates(),
+		Certificates:         cluster.NewCertificates(),
 		ClusterConfiguration: "my-cluster-config",
 		InitConfiguration:    "my-init-config",
 	}
 
 	for _, certificate := range cpinput.Certificates {
-		certificate.KeyPair.Cert = []byte("some certificate")
-		certificate.KeyPair.Key = []byte("some key")
+		certificate.KeyPair = &certs.KeyPair{
+			Cert: []byte("some certificate"),
+			Key:  []byte("some key"),
+		}
 	}
 
 	out, err := NewInitControlPlane(cpinput)

cloudinit/controlplane_init.go

@@ -17,7 +17,7 @@ limitations under the License.
 package cloudinit
 
 import (
-	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal"
+	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal/cluster"
 )
 
 const (
@@ -43,7 +43,7 @@ runcmd:
 // ControlPlaneInput defines the context to generate a controlplane instance user data.
 type ControlPlaneInput struct {
 	BaseUserData
-	internal.Certificates
+	cluster.Certificates
 
 	ClusterConfiguration string
 	InitConfiguration    string

cloudinit/controlplane_join.go

@@ -18,7 +18,7 @@ package cloudinit
 
 import (
 	"github.com/pkg/errors"
-	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal"
+	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal/cluster"
 )
 
 const (
@@ -41,7 +41,7 @@ runcmd:
 // ControlPlaneJoinInput defines context to generate controlplane instance user data for control plane node join.
 type ControlPlaneJoinInput struct {
 	BaseUserData
-	internal.Certificates
+	cluster.Certificates
 
 	BootstrapToken    string
 	JoinConfiguration string

controllers/kubeadmconfig_controller.go

@@ -29,7 +29,7 @@ import (
 	typedcorev1 "k8s.io/client-go/kubernetes/typed/core/v1"
 	bootstrapv1 "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/api/v1alpha2"
 	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/cloudinit"
-	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal"
+	internalcluster "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal/cluster"
 	kubeadmv1beta1 "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/kubeadm/v1beta1"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1alpha2"
 	capierrors "sigs.k8s.io/cluster-api/errors"
@@ -217,7 +217,7 @@ func (r *KubeadmConfigReconciler) Reconcile(req ctrl.Request) (_ ctrl.Result, re
 			return ctrl.Result{}, err
 		}
 
-		certificates := internal.NewCertificates()
+		certificates := internalcluster.NewCertificates()
 		if err := certificates.GetOrCreateCertificates(ctx, r.Client, cluster, config); err != nil {
 			log.Error(err, "unable to lookup or create cluster certificates")
 			return ctrl.Result{}, err
@@ -258,12 +258,12 @@ func (r *KubeadmConfigReconciler) Reconcile(req ctrl.Request) (_ ctrl.Result, re
 		return ctrl.Result{}, errors.New("Control plane already exists for the cluster, only KubeadmConfig objects with JoinConfiguration are allowed")
 	}
 
-	certificates := internal.NewCertificates()
+	certificates := internalcluster.NewCertificates()
 	if err := certificates.GetCertificates(ctx, r.Client, cluster); err != nil {
 		log.Error(err, "unable to lookup cluster certificates")
 		return ctrl.Result{}, err
 	}
-	hashes, err := certificates.GetCertificateByName(internal.ClusterCAName).Hashes()
+	hashes, err := certificates.GetCertificateByName(internalcluster.ClusterCAName).Hashes()
 	if err != nil {
 		log.Error(err, "Unable to generate Cluster CA certificate hashes")
 		return ctrl.Result{}, err

controllers/kubeadmconfig_controller_test.go

@@ -32,7 +32,7 @@ import (
 	typedcorev1 "k8s.io/client-go/kubernetes/typed/core/v1"
 	"k8s.io/klog/klogr"
 	bootstrapv1 "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/api/v1alpha2"
-	"sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal"
+	cluster2 "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/internal/cluster"
 	kubeadmv1beta1 "sigs.k8s.io/cluster-api-bootstrap-provider-kubeadm/kubeadm/v1beta1"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1alpha2"
 	ctrl "sigs.k8s.io/controller-runtime"
@@ -966,6 +966,38 @@ func TestKubeadmConfigReconciler_ClusterToKubeadmConfigs(t *testing.T) {
 	}
 }
 
+// Reconcile should not fail if the Etcd CA Secret already exists
+func TestKubeadmConfigReconciler_Reconcile_DoesNotFailIfCASecretsAlreadyExist(t *testing.T) {
+	cluster := newCluster("my-cluster")
+	cluster.Status.InfrastructureReady = true
+	cluster.Status.ControlPlaneInitialized = false
+	m := newControlPlaneMachine(cluster)
+	configName := "my-config"
+	c := newControlPlaneInitKubeadmConfig(m, configName)
+	scrt := &corev1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      fmt.Sprintf("%s-%s", cluster.Name, cluster2.EtcdCAName),
+			Namespace: "default",
+		},
+		Data: map[string][]byte{
+			"tls.crt": []byte("hello world"),
+			"tls.key": []byte("hello world"),
+		},
+	}
+	fakec := fake.NewFakeClientWithScheme(setupScheme(), []runtime.Object{cluster, m, c, scrt}...)
+	reconciler := &KubeadmConfigReconciler{
+		Log:             log.Log,
+		Client:          fakec,
+		KubeadmInitLock: &myInitLocker{},
+	}
+	req := ctrl.Request{
+		NamespacedName: types.NamespacedName{Namespace: "default", Name: configName},
+	}
+	if _, err := reconciler.Reconcile(req); err != nil {
+		t.Fatal(err)
+	}
+}
+
 // test utils
 
 // newCluster return a CAPI cluster object
@@ -1072,7 +1104,7 @@ func newControlPlaneInitKubeadmConfig(machine *clusterv1.Machine, name string) *
 
 func createSecrets(t *testing.T, cluster *clusterv1.Cluster, owner *bootstrapv1.KubeadmConfig) []runtime.Object {
 	out := []runtime.Object{}
-	certificates := internal.NewCertificates()
+	certificates := cluster2.NewCertificates()
 	if err := certificates.GenerateCertificates(); err != nil {
 		t.Fatal(err)
 	}