diff --git a/cmd/trust-manager/app/options/options.go b/cmd/trust-manager/app/options/options.go index baf6ea4b..a8f6f299 100644 --- a/cmd/trust-manager/app/options/options.go +++ b/cmd/trust-manager/app/options/options.go @@ -31,8 +31,6 @@ import ( cliflag "k8s.io/component-base/cli/flag" "k8s.io/klog/v2" - "github.com/cert-manager/trust-manager/pkg/bundle" - _ "k8s.io/client-go/plugin/pkg/client/auth" ) @@ -60,7 +58,7 @@ type Options struct { Webhook // Bundle are options specific to the Bundle controller. - Bundle bundle.Options + Bundle BundleOptions // log are options controlling logging log logOptions @@ -248,3 +246,24 @@ func (o *Options) addWebhookFlags(fs *pflag.FlagSet) { "Certificate and private key must be named 'tls.crt' and 'tls.key' "+ "respectively.") } + +// BundleOptions hold options for the Bundle controller. +type BundleOptions struct { + // Log is the Bundle controller logger. + Log logr.Logger + + // Namespace is the trust Namespace that source data can be referenced. + Namespace string + + // DefaultPackageLocation is the location on the filesystem from which the 'default' + // certificate package should be loaded. If set, a valid package must be successfully + // loaded in order for the controller to start. If unset, referring to the default + // certificate package in a `Bundle` resource will cause that Bundle to error. + DefaultPackageLocation string + + // SecretTargetsEnabled controls if secret targets are enabled in the Bundle API. + SecretTargetsEnabled bool + + // FilterExpiredCerts controls if expired certificates are filtered from the bundle. + FilterExpiredCerts bool +} diff --git a/pkg/bundle/bundle.go b/pkg/bundle/bundle.go index 2f534107..ee931f6b 100644 --- a/pkg/bundle/bundle.go +++ b/pkg/bundle/bundle.go @@ -35,32 +35,12 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" "github.com/cert-manager/trust-manager/pkg/bundle/internal/ssa_client" "github.com/cert-manager/trust-manager/pkg/bundle/internal/target" ) -// Options hold options for the Bundle controller. -type Options struct { - // Log is the Bundle controller logger. - Log logr.Logger - - // Namespace is the trust Namespace that source data can be referenced. - Namespace string - - // DefaultPackageLocation is the location on the filesystem from which the 'default' - // certificate package should be loaded. If set, a valid package must be successfully - // loaded in order for the controller to start. If unset, referring to the default - // certificate package in a `Bundle` resource will cause that Bundle to error. - DefaultPackageLocation string - - // SecretTargetsEnabled controls if secret targets are enabled in the Bundle API. - SecretTargetsEnabled bool - - // FilterExpiredCerts controls if expired certificates are filtered from the bundle. - FilterExpiredCerts bool -} - // bundle is a controller-runtime controller. Implements the actual controller // logic by reconciling over Bundles. type bundle struct { @@ -73,10 +53,10 @@ type bundle struct { // clock returns time which can be overwritten for testing. clock clock.Clock - // Options holds options for the Bundle controller. - Options + // BundleOptions holds options for the Bundle controller. + options.BundleOptions - sourceDataBuilder *bundleDataBuilder + sourceDataBuilder *target.BundleDataBuilder targetReconciler *target.Reconciler } @@ -132,10 +112,10 @@ func (b *bundle) reconcileBundle(ctx context.Context, req ctrl.Request) (result statusPatch = &trustapi.BundleStatus{ DefaultCAPackageVersion: bundle.Status.DefaultCAPackageVersion, } - resolvedBundle, err := b.sourceDataBuilder.buildSourceBundle(ctx, bundle.Spec.Sources, bundle.Spec.Target.AdditionalFormats) + resolvedBundle, err := b.sourceDataBuilder.BuildSourceBundle(ctx, bundle.Spec.Sources, bundle.Spec.Target.AdditionalFormats) // If any source is not found, update the Bundle status to an unready state. - if errors.As(err, ¬FoundError{}) { + if errors.As(err, &target.SourceNotFoundError{}) { log.Error(err, "bundle source was not found") b.setBundleCondition( bundle.Status.Conditions, @@ -161,7 +141,7 @@ func (b *bundle) reconcileBundle(ctx context.Context, req ctrl.Request) (result } // Detect if we have a bundle with Secret targets but the feature is disabled. - if !b.Options.SecretTargetsEnabled && bundle.Spec.Target.Secret != nil { + if !b.SecretTargetsEnabled && bundle.Spec.Target.Secret != nil { log.Error(err, "bundle has Secret targets but the feature is disabled") b.recorder.Eventf(&bundle, corev1.EventTypeWarning, "SecretTargetsDisabled", "Bundle has Secret targets but the feature is disabled") @@ -235,7 +215,7 @@ func (b *bundle) reconcileBundle(ctx context.Context, req ctrl.Request) (result // Find all old existing target resources. targetKinds := []targetKind{configMapTarget} - if b.Options.SecretTargetsEnabled { + if b.SecretTargetsEnabled { targetKinds = append(targetKinds, secretTarget) } for _, kind := range targetKinds { @@ -330,7 +310,7 @@ func (b *bundle) reconcileBundle(ctx context.Context, req ctrl.Request) (result } } - if b.setBundleStatusDefaultCAVersion(statusPatch, resolvedBundle.defaultCAPackageStringID) { + if b.setBundleStatusDefaultCAVersion(statusPatch, resolvedBundle.DefaultCAPackageStringID) { needsUpdate = true } diff --git a/pkg/bundle/bundle_test.go b/pkg/bundle/bundle_test.go index f523bad8..eb597ee0 100644 --- a/pkg/bundle/bundle_test.go +++ b/pkg/bundle/bundle_test.go @@ -39,6 +39,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" "github.com/cert-manager/trust-manager/pkg/bundle/internal/ssa_client" "github.com/cert-manager/trust-manager/pkg/bundle/internal/target" @@ -1311,20 +1312,20 @@ func Test_Reconcile(t *testing.T) { ) log, ctx := ktesting.NewTestContext(t) - opts := Options{ + opts := options.BundleOptions{ Log: log, Namespace: trustNamespace, SecretTargetsEnabled: !test.disableSecretTargets, FilterExpiredCerts: true, } b := &bundle{ - client: fakeClient, - recorder: fakeRecorder, - clock: fixedclock, - Options: opts, - sourceDataBuilder: &bundleDataBuilder{ - client: fakeClient, - Options: opts, + client: fakeClient, + recorder: fakeRecorder, + clock: fixedclock, + BundleOptions: opts, + sourceDataBuilder: &target.BundleDataBuilder{ + Client: fakeClient, + BundleOptions: opts, }, targetReconciler: &target.Reconciler{ Client: fakeClient, @@ -1340,7 +1341,7 @@ func Test_Reconcile(t *testing.T) { } if test.configureDefaultPackage { - b.sourceDataBuilder.defaultPackage = testDefaultPackage.Clone() + b.sourceDataBuilder.DefaultPackage = testDefaultPackage.Clone() } resp, result, err := b.reconcileBundle(ctx, ctrl.Request{NamespacedName: types.NamespacedName{Name: bundleName}}) if (err != nil) != test.expError { diff --git a/pkg/bundle/controller.go b/pkg/bundle/controller.go index d6b5fcd0..e693817b 100644 --- a/pkg/bundle/controller.go +++ b/pkg/bundle/controller.go @@ -36,6 +36,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" "sigs.k8s.io/controller-runtime/pkg/source" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" "github.com/cert-manager/trust-manager/pkg/bundle/internal/target" "github.com/cert-manager/trust-manager/pkg/fspkg" @@ -49,17 +50,17 @@ import ( func AddBundleController( ctx context.Context, mgr manager.Manager, - opts Options, + opts options.BundleOptions, targetCache cache.Cache, ) error { b := &bundle{ - client: mgr.GetClient(), - recorder: mgr.GetEventRecorderFor("bundles"), - clock: clock.RealClock{}, - Options: opts, - sourceDataBuilder: &bundleDataBuilder{ - client: mgr.GetClient(), - Options: opts, + client: mgr.GetClient(), + recorder: mgr.GetEventRecorderFor("bundles"), + clock: clock.RealClock{}, + BundleOptions: opts, + sourceDataBuilder: &target.BundleDataBuilder{ + Client: mgr.GetClient(), + BundleOptions: opts, }, targetReconciler: &target.Reconciler{ Client: mgr.GetClient(), @@ -67,15 +68,15 @@ func AddBundleController( }, } - if b.Options.DefaultPackageLocation != "" { - pkg, err := fspkg.LoadPackageFromFile(b.Options.DefaultPackageLocation) + if b.DefaultPackageLocation != "" { + pkg, err := fspkg.LoadPackageFromFile(b.DefaultPackageLocation) if err != nil { return fmt.Errorf("must load default package successfully when default package location is set: %w", err) } - b.sourceDataBuilder.defaultPackage = &pkg + b.sourceDataBuilder.DefaultPackage = &pkg - b.Options.Log.Info("successfully loaded default package from filesystem", "path", b.Options.DefaultPackageLocation) + b.Log.Info("successfully loaded default package from filesystem", "path", b.BundleOptions.DefaultPackageLocation) } // Only reconcile config maps that match the well known name @@ -144,7 +145,7 @@ func AddBundleController( } } return false - }), builder.WithPredicates(inNamespacePredicate(b.Options.Namespace))). + }), builder.WithPredicates(inNamespacePredicate(b.Namespace))). // Watch Secrets in trust Namespace. // Reconcile Bundles who reference a modified source Secret. @@ -156,7 +157,7 @@ func AddBundleController( } } return false - }), builder.WithPredicates(inNamespacePredicate(b.Options.Namespace))) + }), builder.WithPredicates(inNamespacePredicate(b.Namespace))) // Complete controller. if err := controller.Complete(b); err != nil { diff --git a/pkg/bundle/source.go b/pkg/bundle/internal/target/source.go similarity index 76% rename from pkg/bundle/source.go rename to pkg/bundle/internal/target/source.go index 5fc0f2bc..d74c0f9e 100644 --- a/pkg/bundle/source.go +++ b/pkg/bundle/internal/target/source.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package bundle +package target import ( "context" @@ -27,44 +27,44 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" - "github.com/cert-manager/trust-manager/pkg/bundle/internal/target" "github.com/cert-manager/trust-manager/pkg/fspkg" "github.com/cert-manager/trust-manager/pkg/util" ) -type notFoundError struct{ error } +type SourceNotFoundError struct{ error } type selectsNothingError struct{ error } type invalidSecretSourceError struct{ error } -// bundleData holds the result of a call to buildSourceBundle. It contains the resulting PEM-encoded +// BundleData holds the result of a call to BuildSourceBundle. It contains the resulting PEM-encoded // certificate data from concatenating all the sources together, binary data for any additional formats and // any metadata from the sources which needs to be exposed on the Bundle resource's status field. -type bundleData struct { - target.Data +type BundleData struct { + Data - defaultCAPackageStringID string + DefaultCAPackageStringID string } -type bundleDataBuilder struct { - // a cache-backed Kubernetes client - client client.Client +type BundleDataBuilder struct { + // a cache-backed Kubernetes Client + Client client.Client - // defaultPackage holds the loaded 'default' certificate package, if one was specified + // DefaultPackage holds the loaded 'default' certificate package, if one was specified // at startup. - defaultPackage *fspkg.Package + DefaultPackage *fspkg.Package - // Options holds options for the Bundle controller. - Options + // BundleOptions holds options for the Bundle controller. + options.BundleOptions } -// buildSourceBundle retrieves and concatenates all source bundle data for this Bundle object. +// BuildSourceBundle retrieves and concatenates all source bundle data for this Bundle object. // Each source data is validated and pruned to ensure that all certificates within are valid, and // is each bundle is concatenated together with a new line character. -func (b *bundleDataBuilder) buildSourceBundle(ctx context.Context, sources []trustapi.BundleSource, formats *trustapi.AdditionalFormats) (bundleData, error) { - var resolvedBundle bundleData +func (b *BundleDataBuilder) BuildSourceBundle(ctx context.Context, sources []trustapi.BundleSource, formats *trustapi.AdditionalFormats) (BundleData, error) { + var resolvedBundle BundleData certPool := util.NewCertPool(util.WithFilteredExpiredCerts(b.FilterExpiredCerts)) for _, source := range sources { @@ -88,11 +88,11 @@ func (b *bundleDataBuilder) buildSourceBundle(ctx context.Context, sources []tru continue } - if b.defaultPackage == nil { - err = notFoundError{fmt.Errorf("no default package was specified when trust-manager was started; default CAs not available")} + if b.DefaultPackage == nil { + err = SourceNotFoundError{fmt.Errorf("no default package was specified when trust-manager was started; default CAs not available")} } else { - sourceData = b.defaultPackage.Bundle - resolvedBundle.defaultCAPackageStringID = b.defaultPackage.StringID() + sourceData = b.DefaultPackage.Bundle + resolvedBundle.DefaultCAPackageStringID = b.DefaultPackage.StringID() } } @@ -103,28 +103,28 @@ func (b *bundleDataBuilder) buildSourceBundle(ctx context.Context, sources []tru } if err != nil { - return bundleData{}, fmt.Errorf("failed to retrieve bundle from source: %w", err) + return BundleData{}, fmt.Errorf("failed to retrieve bundle from source: %w", err) } if err := certPool.AddCertsFromPEM([]byte(sourceData)); err != nil { - return bundleData{}, fmt.Errorf("invalid PEM data in source: %w", err) + return BundleData{}, fmt.Errorf("invalid PEM data in source: %w", err) } } // NB: empty bundles are not valid so check and return an error if one somehow snuck through. if certPool.Size() == 0 { - return bundleData{}, fmt.Errorf("couldn't find any valid certificates in bundle") + return BundleData{}, fmt.Errorf("couldn't find any valid certificates in bundle") } if err := resolvedBundle.Data.Populate(certPool, formats); err != nil { - return bundleData{}, err + return BundleData{}, err } return resolvedBundle, nil } // configMapBundle returns the data in the source ConfigMap within the trust Namespace. -func (b *bundleDataBuilder) configMapBundle(ctx context.Context, ref *trustapi.SourceObjectKeySelector) (string, error) { +func (b *BundleDataBuilder) configMapBundle(ctx context.Context, ref *trustapi.SourceObjectKeySelector) (string, error) { // this slice will contain a single ConfigMap if we fetch by name // or potentially multiple ConfigMaps if we fetch by label selector var configMaps []corev1.ConfigMap @@ -132,11 +132,11 @@ func (b *bundleDataBuilder) configMapBundle(ctx context.Context, ref *trustapi.S // if Name is set, we `Get` by name if ref.Name != "" { cm := corev1.ConfigMap{} - if err := b.client.Get(ctx, client.ObjectKey{ + if err := b.Client.Get(ctx, client.ObjectKey{ Namespace: b.Namespace, Name: ref.Name, }, &cm); apierrors.IsNotFound(err) { - return "", notFoundError{err} + return "", SourceNotFoundError{err} } else if err != nil { return "", fmt.Errorf("failed to get ConfigMap %s/%s: %w", b.Namespace, ref.Name, err) } @@ -149,7 +149,7 @@ func (b *bundleDataBuilder) configMapBundle(ctx context.Context, ref *trustapi.S if selectorErr != nil { return "", fmt.Errorf("failed to parse label selector as Selector for ConfigMap in namespace %s: %w", b.Namespace, selectorErr) } - if err := b.client.List(ctx, &cml, client.MatchingLabelsSelector{Selector: selector}); err != nil { + if err := b.Client.List(ctx, &cml, client.MatchingLabelsSelector{Selector: selector}); err != nil { return "", fmt.Errorf("failed to get ConfigMapList: %w", err) } else if len(cml.Items) == 0 { return "", selectsNothingError{fmt.Errorf("label selector %s for ConfigMap didn't match any resources", selector.String())} @@ -163,7 +163,7 @@ func (b *bundleDataBuilder) configMapBundle(ctx context.Context, ref *trustapi.S if len(ref.Key) > 0 { data, ok := cm.Data[ref.Key] if !ok { - return "", notFoundError{fmt.Errorf("no data found in ConfigMap %s/%s at key %q", cm.Namespace, cm.Name, ref.Key)} + return "", SourceNotFoundError{fmt.Errorf("no data found in ConfigMap %s/%s at key %q", cm.Namespace, cm.Name, ref.Key)} } results.WriteString(data) results.WriteByte('\n') @@ -178,7 +178,7 @@ func (b *bundleDataBuilder) configMapBundle(ctx context.Context, ref *trustapi.S } // secretBundle returns the data in the source Secret within the trust Namespace. -func (b *bundleDataBuilder) secretBundle(ctx context.Context, ref *trustapi.SourceObjectKeySelector) (string, error) { +func (b *BundleDataBuilder) secretBundle(ctx context.Context, ref *trustapi.SourceObjectKeySelector) (string, error) { // this slice will contain a single Secret if we fetch by name // or potentially multiple Secrets if we fetch by label selector var secrets []corev1.Secret @@ -186,11 +186,11 @@ func (b *bundleDataBuilder) secretBundle(ctx context.Context, ref *trustapi.Sour // if Name is set, we `Get` by name if ref.Name != "" { s := corev1.Secret{} - if err := b.client.Get(ctx, client.ObjectKey{ + if err := b.Client.Get(ctx, client.ObjectKey{ Namespace: b.Namespace, Name: ref.Name, }, &s); apierrors.IsNotFound(err) { - return "", notFoundError{err} + return "", SourceNotFoundError{err} } else if err != nil { return "", fmt.Errorf("failed to get Secret %s/%s: %w", b.Namespace, ref.Name, err) } @@ -203,7 +203,7 @@ func (b *bundleDataBuilder) secretBundle(ctx context.Context, ref *trustapi.Sour if selectorErr != nil { return "", fmt.Errorf("failed to parse label selector as Selector for Secret in namespace %s: %w", b.Namespace, selectorErr) } - if err := b.client.List(ctx, &sl, client.MatchingLabelsSelector{Selector: selector}); err != nil { + if err := b.Client.List(ctx, &sl, client.MatchingLabelsSelector{Selector: selector}); err != nil { return "", fmt.Errorf("failed to get SecretList: %w", err) } else if len(sl.Items) == 0 { return "", selectsNothingError{fmt.Errorf("label selector %s for Secret didn't match any resources", selector.String())} @@ -217,7 +217,7 @@ func (b *bundleDataBuilder) secretBundle(ctx context.Context, ref *trustapi.Sour if len(ref.Key) > 0 { data, ok := secret.Data[ref.Key] if !ok { - return "", notFoundError{fmt.Errorf("no data found in Secret %s/%s at key %q", secret.Namespace, secret.Name, ref.Key)} + return "", SourceNotFoundError{fmt.Errorf("no data found in Secret %s/%s at key %q", secret.Namespace, secret.Name, ref.Key)} } results.Write(data) results.WriteByte('\n') diff --git a/pkg/bundle/source_test.go b/pkg/bundle/internal/target/source_test.go similarity index 98% rename from pkg/bundle/source_test.go rename to pkg/bundle/internal/target/source_test.go index d122ab02..b8a02103 100644 --- a/pkg/bundle/source_test.go +++ b/pkg/bundle/internal/target/source_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package bundle +package target import ( "bytes" @@ -39,12 +39,6 @@ import ( "github.com/cert-manager/trust-manager/test/dummy" ) -const ( - jksKey = "trust.jks" - pkcs12Key = "trust.p12" - data = dummy.TestCertificate1 -) - func Test_buildSourceBundle(t *testing.T) { tests := map[string]struct { sources []trustapi.BundleSource @@ -445,9 +439,9 @@ func Test_buildSourceBundle(t *testing.T) { WithScheme(trustapi.GlobalScheme). Build() - b := &bundleDataBuilder{ - client: fakeClient, - defaultPackage: &fspkg.Package{ + b := &BundleDataBuilder{ + Client: fakeClient, + DefaultPackage: &fspkg.Package{ Name: "testpkg", Version: "123", Bundle: dummy.TestCertificate5, @@ -471,12 +465,12 @@ func Test_buildSourceBundle(t *testing.T) { } } - resolvedBundle, err := b.buildSourceBundle(context.TODO(), test.sources, test.formats) + resolvedBundle, err := b.BuildSourceBundle(context.TODO(), test.sources, test.formats) if (err != nil) != test.expError { t.Errorf("unexpected error, exp=%t got=%v", test.expError, err) } - if errors.As(err, ¬FoundError{}) != test.expNotFoundError { + if errors.As(err, &SourceNotFoundError{}) != test.expNotFoundError { t.Errorf("unexpected notFoundError, exp=%t got=%v", test.expNotFoundError, err) } if errors.As(err, &invalidSecretSourceError{}) != test.expInvalidSecretSourceError { diff --git a/test/env/data.go b/test/env/data.go index 6188da85..50ce5b58 100644 --- a/test/env/data.go +++ b/test/env/data.go @@ -29,8 +29,8 @@ import ( utilerrors "k8s.io/apimachinery/pkg/util/errors" "sigs.k8s.io/controller-runtime/pkg/client" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" - bundlectrl "github.com/cert-manager/trust-manager/pkg/bundle" "github.com/cert-manager/trust-manager/pkg/util" "github.com/cert-manager/trust-manager/test/dummy" @@ -78,7 +78,7 @@ func DefaultTrustData() TestData { // newTestBundle creates a new Bundle in the API using the input test data. // Returns the create Bundle object. -func newTestBundle(ctx context.Context, cl client.Client, opts bundlectrl.Options, td TestData, targetType string) *trustapi.Bundle { +func newTestBundle(ctx context.Context, cl client.Client, opts options.BundleOptions, td TestData, targetType string) *trustapi.Bundle { By("creating trust Bundle") configMap := corev1.ConfigMap{ @@ -148,13 +148,13 @@ func newTestBundle(ctx context.Context, cl client.Client, opts bundlectrl.Option // NewTestBundleSecretTarget creates a new Bundle in the API using the input test data. // Returns the create Bundle object. -func NewTestBundleSecretTarget(ctx context.Context, cl client.Client, opts bundlectrl.Options, td TestData) *trustapi.Bundle { +func NewTestBundleSecretTarget(ctx context.Context, cl client.Client, opts options.BundleOptions, td TestData) *trustapi.Bundle { return newTestBundle(ctx, cl, opts, td, "Secret") } // newTestBundleConfigMapTarget creates a new Bundle in the API using the input test data with target set to ConfigMap. // Returns the create Bundle object. -func NewTestBundleConfigMapTarget(ctx context.Context, cl client.Client, opts bundlectrl.Options, td TestData) *trustapi.Bundle { +func NewTestBundleConfigMapTarget(ctx context.Context, cl client.Client, opts options.BundleOptions, td TestData) *trustapi.Bundle { return newTestBundle(ctx, cl, opts, td, "ConfigMap") } diff --git a/test/integration/bundle/suite.go b/test/integration/bundle/suite.go index 93efb13c..97844d65 100644 --- a/test/integration/bundle/suite.go +++ b/test/integration/bundle/suite.go @@ -37,6 +37,7 @@ import ( logf "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/manager" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" "github.com/cert-manager/trust-manager/pkg/bundle" "github.com/cert-manager/trust-manager/pkg/fspkg" @@ -63,7 +64,7 @@ var _ = Describe("Integration", func() { cl client.Client mgr manager.Manager mgrStopped chan struct{} - opts bundle.Options + opts options.BundleOptions testBundle *trustapi.Bundle testData testenv.TestData @@ -95,7 +96,7 @@ var _ = Describe("Integration", func() { Expect(cl.Create(ctx, namespace)).NotTo(HaveOccurred()) By("Created trust Namespace: " + namespace.Name) - opts = bundle.Options{ + opts = options.BundleOptions{ Log: logf.Log, Namespace: namespace.Name, DefaultPackageLocation: tmpFileName, diff --git a/test/smoke/suite_test.go b/test/smoke/suite_test.go index 556267c7..9c2352a5 100644 --- a/test/smoke/suite_test.go +++ b/test/smoke/suite_test.go @@ -27,8 +27,8 @@ import ( "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" + "github.com/cert-manager/trust-manager/cmd/trust-manager/app/options" trustapi "github.com/cert-manager/trust-manager/pkg/apis/trust/v1alpha1" - "github.com/cert-manager/trust-manager/pkg/bundle" "github.com/cert-manager/trust-manager/test/dummy" "github.com/cert-manager/trust-manager/test/env" @@ -67,7 +67,7 @@ var _ = Describe("Smoke", func() { By("Creating Bundle for test") testData := env.DefaultTrustData() - testBundle := env.NewTestBundleConfigMapTarget(ctx, cl, bundle.Options{ + testBundle := env.NewTestBundleConfigMapTarget(ctx, cl, options.BundleOptions{ Log: log, Namespace: cnf.TrustNamespace, }, testData) @@ -87,7 +87,7 @@ var _ = Describe("Smoke", func() { By("Creating Bundle for test") testData := env.DefaultTrustData() - testBundle := env.NewTestBundleSecretTarget(ctx, cl, bundle.Options{ + testBundle := env.NewTestBundleSecretTarget(ctx, cl, options.BundleOptions{ Log: log, Namespace: cnf.TrustNamespace, }, testData)