Ability to set pod_environment_secret and pod_environment_configmap on cluster resource

Author: dmvolod

pkg/cluster/k8sres.go

@@ -9,24 +9,23 @@ import (
 	"strings"
 
 	"github.com/sirupsen/logrus"
-
-	appsv1 "k8s.io/api/apps/v1"
-	v1 "k8s.io/api/core/v1"
-	policybeta1 "k8s.io/api/policy/v1beta1"
-	"k8s.io/apimachinery/pkg/api/resource"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/apimachinery/pkg/util/intstr"
-
+	acidzalando "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do"
 	acidv1 "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do/v1"
 	"github.com/zalando/postgres-operator/pkg/spec"
 	"github.com/zalando/postgres-operator/pkg/util"
 	"github.com/zalando/postgres-operator/pkg/util/config"
 	"github.com/zalando/postgres-operator/pkg/util/constants"
 	"github.com/zalando/postgres-operator/pkg/util/k8sutil"
+	appsv1 "k8s.io/api/apps/v1"
 	batchv1 "k8s.io/api/batch/v1"
 	batchv1beta1 "k8s.io/api/batch/v1beta1"
+	v1 "k8s.io/api/core/v1"
+	policybeta1 "k8s.io/api/policy/v1beta1"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/intstr"
 )
 
 const (
@@ -859,28 +858,29 @@ func deduplicateEnvVars(input []v1.EnvVar, containerName string, logger *logrus.
 	return result
 }
 
-// Return list of variables the pod recieved from the configured ConfigMap
+// Return list of variables the pod received from the configured ConfigMap
 func (c *Cluster) getPodEnvironmentConfigMapVariables() ([]v1.EnvVar, error) {
 	configMapPodEnvVarsList := make([]v1.EnvVar, 0)
 
 	if c.OpConfig.PodEnvironmentConfigMap.Name == "" {
 		return configMapPodEnvVarsList, nil
 	}
 
+	configMapName := c.podEnvironmentObjectNameTemplate(c.OpConfig.PodEnvironmentConfigMap.Name)
 	cm, err := c.KubeClient.ConfigMaps(c.OpConfig.PodEnvironmentConfigMap.Namespace).Get(
 		context.TODO(),
-		c.OpConfig.PodEnvironmentConfigMap.Name,
+		configMapName,
 		metav1.GetOptions{})
 	if err != nil {
 		// if not found, try again using the cluster's namespace if it's different (old behavior)
 		if k8sutil.ResourceNotFound(err) && c.Namespace != c.OpConfig.PodEnvironmentConfigMap.Namespace {
 			cm, err = c.KubeClient.ConfigMaps(c.Namespace).Get(
 				context.TODO(),
-				c.OpConfig.PodEnvironmentConfigMap.Name,
+				configMapName,
 				metav1.GetOptions{})
 		}
 		if err != nil {
-			return nil, fmt.Errorf("could not read PodEnvironmentConfigMap: %v", err)
+			return nil, fmt.Errorf("could not read PodEnvironmentConfigMap %s: %w", configMapName, err)
 		}
 	}
 	for k, v := range cm.Data {
@@ -899,7 +899,7 @@ func (c *Cluster) getPodEnvironmentSecretVariables() ([]v1.EnvVar, error) {
 
 	secret, err := c.KubeClient.Secrets(c.Namespace).Get(
 		context.TODO(),
-		c.OpConfig.PodEnvironmentSecret,
+		c.podEnvironmentObjectNameTemplate(c.OpConfig.PodEnvironmentSecret),
 		metav1.GetOptions{})
 	if err != nil {
 		return nil, fmt.Errorf("could not read Secret PodEnvironmentSecretName: %v", err)
@@ -920,6 +920,11 @@ func (c *Cluster) getPodEnvironmentSecretVariables() ([]v1.EnvVar, error) {
 	return secretPodEnvVarsList, nil
 }
 
+func (c *Cluster) podEnvironmentObjectNameTemplate(template string) string {
+	objectNameTemplate := config.StringTemplate(template)
+	return objectNameTemplate.Format("cluster", c.clusterName().Name, "tprkind", acidv1.PostgresCRDResourceKind, "tprgroup", acidzalando.GroupName)
+}
+
 func getSidecarContainer(sidecar acidv1.Sidecar, index int, resources *v1.ResourceRequirements) *v1.Container {
 	name := sidecar.Name
 	if name == "" {

pkg/cluster/k8sres_test.go

@@ -640,8 +640,9 @@ func TestSecretVolume(t *testing.T) {
 }
 
 const (
-	testPodEnvironmentConfigMapName = "pod_env_cm"
-	testPodEnvironmentSecretName    = "pod_env_sc"
+	testPodEnvironmentConfigMapName   = "pod_env_cm"
+	testPodEnvironmentSecretName      = "pod_env_sc"
+	testPodEnvironmentObjectNotExists = "idonotexist"
 )
 
 type mockSecret struct {
@@ -723,11 +724,11 @@ func TestPodEnvironmentConfigMapVariables(t *testing.T) {
 			opConfig: config.Config{
 				Resources: config.Resources{
 					PodEnvironmentConfigMap: spec.NamespacedName{
-						Name: "idonotexist",
+						Name: testPodEnvironmentObjectNotExists,
 					},
 				},
 			},
-			err: fmt.Errorf("could not read PodEnvironmentConfigMap: NotFound"),
+			err: fmt.Errorf("could not read PodEnvironmentConfigMap %s: NotFound", testPodEnvironmentObjectNotExists),
 		},
 		{
 			subTest: "simple PodEnvironmentConfigMap",
@@ -789,7 +790,7 @@ func TestPodEnvironmentSecretVariables(t *testing.T) {
 			subTest: "Secret referenced by PodEnvironmentSecret does not exist",
 			opConfig: config.Config{
 				Resources: config.Resources{
-					PodEnvironmentSecret: "idonotexist",
+					PodEnvironmentSecret: testPodEnvironmentObjectNotExists,
 				},
 			},
 			err: fmt.Errorf("could not read Secret PodEnvironmentSecretName: Secret PodEnvironmentSecret not found"),