mirror of
https://github.com/vmware-tanzu/pinniped.git
synced 2026-01-05 13:07:14 +00:00
Move conditions reason Success to conditions_util
This commit is contained in:
Joshua Casey
committed by
Ryan Richard
Ryan Richard
parent
920b519ebf
commit
2d5943b21a
@@ -56,7 +56,6 @@ const (
|
||||
typeJWKSFetchValid = "JWKSFetchValid"
|
||||
typeAuthenticatorValid = "AuthenticatorValid"
|
||||
|
||||
reasonSuccess = "Success"
|
||||
reasonNotReady = "NotReady"
|
||||
reasonUnableToValidate = "UnableToValidate"
|
||||
reasonInvalidIssuerURL = "InvalidIssuerURL"
|
||||
@@ -376,7 +375,7 @@ func (c *jwtCacheFillerController) validateIssuer(issuer string, conditions []*m
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIssuerURLValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "issuer is a valid URL",
|
||||
})
|
||||
return issuerURL, conditions, true
|
||||
@@ -411,7 +410,7 @@ func (c *jwtCacheFillerController) validateProviderDiscovery(ctx context.Context
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeDiscoveryValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: msg,
|
||||
})
|
||||
return pJSON, provider, conditions, nil
|
||||
@@ -470,7 +469,7 @@ func (c *jwtCacheFillerController) validateProviderJWKSURL(provider *coreosoidc.
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeJWKSURLValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "jwks_uri is a valid URL",
|
||||
})
|
||||
return pJSON.JWKSURL, conditions, nil
|
||||
@@ -529,7 +528,7 @@ func (c *jwtCacheFillerController) validateJWKSFetch(ctx context.Context, jwksUR
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeJWKSFetchValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "successfully fetched jwks",
|
||||
})
|
||||
return keySet, conditions, nil
|
||||
@@ -619,7 +618,7 @@ func (c *jwtCacheFillerController) newCachedJWTAuthenticator(
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeAuthenticatorValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: msg,
|
||||
})
|
||||
return &cachedJWTAuthenticator{
|
||||
@@ -650,7 +649,7 @@ func (c *jwtCacheFillerController) updateStatus(
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeReady,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the JWTAuthenticator is ready",
|
||||
})
|
||||
}
|
||||
|
||||
@@ -47,7 +47,6 @@ const (
|
||||
typeWebhookConnectionValid = "WebhookConnectionValid"
|
||||
typeEndpointURLValid = "EndpointURLValid"
|
||||
typeAuthenticatorValid = "AuthenticatorValid"
|
||||
reasonSuccess = "Success"
|
||||
reasonNotReady = "NotReady"
|
||||
reasonUnableToValidate = "UnableToValidate"
|
||||
reasonUnableToCreateClient = "UnableToCreateClient"
|
||||
@@ -291,7 +290,7 @@ func newWebhookAuthenticator(
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeAuthenticatorValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: msg,
|
||||
})
|
||||
|
||||
@@ -333,7 +332,7 @@ func (c *webhookCacheFillerController) validateConnection(certPool *x509.CertPoo
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeWebhookConnectionValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "successfully dialed webhook server",
|
||||
})
|
||||
return conditions, nil
|
||||
@@ -391,7 +390,7 @@ func (c *webhookCacheFillerController) validateEndpoint(endpoint string, conditi
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeEndpointURLValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "spec.endpoint is a valid URL",
|
||||
})
|
||||
return &endpointHostPort, conditions, true
|
||||
@@ -417,7 +416,7 @@ func (c *webhookCacheFillerController) updateStatus(
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeReady,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the WebhookAuthenticator is ready",
|
||||
})
|
||||
}
|
||||
|
||||
@@ -48,7 +48,6 @@ const (
|
||||
typeTransformsExpressionsValid = "TransformsExpressionsValid"
|
||||
typeTransformsExamplesPassed = "TransformsExamplesPassed"
|
||||
|
||||
reasonSuccess = "Success"
|
||||
reasonNotReady = "NotReady"
|
||||
reasonUnableToValidate = "UnableToValidate"
|
||||
reasonInvalidIssuerURL = "InvalidIssuerURL"
|
||||
@@ -673,7 +672,7 @@ func appendIdentityProviderObjectRefKindCondition(expectedKinds []string, badSuf
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIdentityProvidersObjectRefKindValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the kinds specified by .spec.identityProviders[].objectRef.kind are recognized",
|
||||
})
|
||||
}
|
||||
@@ -701,7 +700,7 @@ func appendIdentityProvidersFoundCondition(
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIdentityProvidersFound,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the resources specified by .spec.identityProviders[].objectRef were found",
|
||||
})
|
||||
}
|
||||
@@ -721,7 +720,7 @@ func appendIdentityProviderObjectRefAPIGroupSuffixCondition(expectedSuffixName s
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIdentityProvidersAPIGroupSuffixValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the API groups specified by .spec.identityProviders[].objectRef.apiGroup are recognized",
|
||||
})
|
||||
}
|
||||
@@ -740,7 +739,7 @@ func appendTransformsExpressionsValidCondition(messages []string, conditions []*
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeTransformsExpressionsValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the expressions specified by .spec.identityProviders[].transforms.expressions[] are valid",
|
||||
})
|
||||
}
|
||||
@@ -759,7 +758,7 @@ func appendTransformsExamplesPassedCondition(messages []string, conditions []*me
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeTransformsExamplesPassed,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the examples specified by .spec.identityProviders[].transforms.examples[] had no errors",
|
||||
})
|
||||
}
|
||||
@@ -779,7 +778,7 @@ func appendIdentityProviderDuplicateDisplayNamesCondition(duplicateDisplayNames
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIdentityProvidersDisplayNamesUnique,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "the names specified by .spec.identityProviders[].displayName are unique",
|
||||
})
|
||||
}
|
||||
@@ -800,7 +799,7 @@ func appendIssuerURLValidCondition(err error, conditions []*metav1.Condition) []
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIssuerURLValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "spec.issuer is a valid URL",
|
||||
})
|
||||
}
|
||||
@@ -827,7 +826,7 @@ func (c *federationDomainWatcherController) updateStatus(
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeReady,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: fmt.Sprintf("the FederationDomain is ready and its endpoints are available: "+
|
||||
"the discovery endpoint is %s/.well-known/openid-configuration", federationDomain.Spec.Issuer),
|
||||
})
|
||||
@@ -909,7 +908,7 @@ func (v *crossFederationDomainConfigValidator) Validate(federationDomain *superv
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeIssuerIsUnique,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "spec.issuer is unique among all FederationDomains",
|
||||
})
|
||||
}
|
||||
@@ -925,7 +924,7 @@ func (v *crossFederationDomainConfigValidator) Validate(federationDomain *superv
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: typeOneTLSSecretPerIssuerHostname,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: "all FederationDomains are using the same TLS secret when using the same hostname in the spec.issuer URL",
|
||||
})
|
||||
}
|
||||
|
||||
@@ -13,6 +13,7 @@ import (
|
||||
|
||||
supervisorconfigv1alpha1 "go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1"
|
||||
oidcapi "go.pinniped.dev/generated/latest/apis/supervisor/oidc"
|
||||
"go.pinniped.dev/internal/controller/conditionsutil"
|
||||
"go.pinniped.dev/internal/oidcclientsecretstorage"
|
||||
)
|
||||
|
||||
@@ -23,7 +24,6 @@ const (
|
||||
allowedGrantTypesValid = "AllowedGrantTypesValid"
|
||||
allowedScopesValid = "AllowedScopesValid"
|
||||
|
||||
reasonSuccess = "Success"
|
||||
reasonMissingRequiredValue = "MissingRequiredValue"
|
||||
reasonNoClientSecretFound = "NoClientSecretFound"
|
||||
reasonInvalidClientSecretFound = "InvalidClientSecretFound"
|
||||
@@ -79,7 +79,7 @@ func validateAllowedScopes(oidcClient *supervisorconfigv1alpha1.OIDCClient, cond
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: allowedScopesValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: fmt.Sprintf("%q is valid", allowedScopesFieldName),
|
||||
})
|
||||
} else {
|
||||
@@ -115,7 +115,7 @@ func validateAllowedGrantTypes(oidcClient *supervisorconfigv1alpha1.OIDCClient,
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: allowedGrantTypesValid,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: fmt.Sprintf("%q is valid", allowedGrantTypesFieldName),
|
||||
})
|
||||
} else {
|
||||
@@ -201,7 +201,7 @@ func validateSecret(secret *corev1.Secret, conditions []*metav1.Condition, minBc
|
||||
conditions = append(conditions, &metav1.Condition{
|
||||
Type: clientSecretExists,
|
||||
Status: metav1.ConditionTrue,
|
||||
Reason: reasonSuccess,
|
||||
Reason: conditionsutil.ReasonSuccess,
|
||||
Message: fmt.Sprintf("%d client secret(s) found", storedClientSecretsCount),
|
||||
})
|
||||
return conditions, storedClientSecrets
|
||||
|
||||
Reference in New Issue
Block a user