From f80908a401103212b39af4d180a51b8786d70a12 Mon Sep 17 00:00:00 2001 From: Teddy Andrieux Date: Fri, 7 Nov 2025 12:46:36 +0000 Subject: [PATCH 1/2] chore: Remove pointer in struct when not needed Signed-off-by: Teddy Andrieux --- api/v1alpha1/managedcrl_types.go | 13 +++---------- api/v1alpha1/zz_generated.deepcopy.go | 11 +---------- test/integration/managedcrl_controller_test.go | 6 +++--- 3 files changed, 7 insertions(+), 23 deletions(-) diff --git a/api/v1alpha1/managedcrl_types.go b/api/v1alpha1/managedcrl_types.go index 4456b73..539667d 100644 --- a/api/v1alpha1/managedcrl_types.go +++ b/api/v1alpha1/managedcrl_types.go @@ -95,7 +95,7 @@ type CRLExposeSpec struct { // Image specifies the container image to use for exposing the CRL. // +optional - Image *ImageSpec `json:"image"` + Image ImageSpec `json:"image,omitempty"` // Node Selector to deploy the CRL server // +optional NodeSelector map[string]string `json:"nodeSelector,omitempty"` @@ -128,8 +128,7 @@ type RevocationSpec struct { RevocationTime *metav1.Time `json:"revocationTime,omitempty"` // Reason is the reason for revocation (refer to RFC 5280 Section 5.3.1.). - // +optional - ReasonCode *int `json:"reasonCode,omitempty"` + ReasonCode int `json:"reasonCode,omitempty"` } // ManagedCRLSpec defines the desired state of ManagedCRL. @@ -300,15 +299,9 @@ func (rs *RevocationSpec) withDefaults() { if rs.RevocationTime == nil { rs.RevocationTime = &metav1.Time{Time: metav1.Now().Time} } - if rs.ReasonCode == nil { - rs.ReasonCode = ptr.To(0) // Unspecified - } } func (ces *CRLExposeSpec) withDefaults() { - if ces.Image == nil { - ces.Image = &ImageSpec{} - } ces.Image.withDefaults() if ces.Ingress != nil { @@ -439,7 +432,7 @@ func (rs RevocationSpec) ToRevocationListEntry() (x509.RevocationListEntry, erro return x509.RevocationListEntry{ SerialNumber: serial, RevocationTime: rs.RevocationTime.Time, - ReasonCode: *rs.ReasonCode, + ReasonCode: rs.ReasonCode, }, nil } diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 0cdce52..75db1f2 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -29,11 +29,7 @@ import ( // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CRLExposeSpec) DeepCopyInto(out *CRLExposeSpec) { *out = *in - if in.Image != nil { - in, out := &in.Image, &out.Image - *out = new(ImageSpec) - (*in).DeepCopyInto(*out) - } + in.Image.DeepCopyInto(&out.Image) if in.NodeSelector != nil { in, out := &in.NodeSelector, &out.NodeSelector *out = make(map[string]string, len(*in)) @@ -292,11 +288,6 @@ func (in *RevocationSpec) DeepCopyInto(out *RevocationSpec) { in, out := &in.RevocationTime, &out.RevocationTime *out = (*in).DeepCopy() } - if in.ReasonCode != nil { - in, out := &in.ReasonCode, &out.ReasonCode - *out = new(int) - **out = **in - } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RevocationSpec. diff --git a/test/integration/managedcrl_controller_test.go b/test/integration/managedcrl_controller_test.go index 73f6bb0..23a6db8 100644 --- a/test/integration/managedcrl_controller_test.go +++ b/test/integration/managedcrl_controller_test.go @@ -69,7 +69,7 @@ var ( spec: crloperatorv1alpha1.ManagedCRLSpec{ Expose: &crloperatorv1alpha1.CRLExposeSpec{ Enabled: true, - Image: &crloperatorv1alpha1.ImageSpec{Repository: ptr.To("custom/repo"), Tag: ptr.To("v1.2.3")}, + Image: crloperatorv1alpha1.ImageSpec{Repository: ptr.To("custom/repo"), Tag: ptr.To("v1.2.3")}, Internal: ptr.To(false), }, }, @@ -401,7 +401,7 @@ var _ = Describe("ManagedCRL Controller", func() { retrieved.Spec.Revocations = []crloperatorv1alpha1.RevocationSpec{ { SerialNumber: "123456789", - ReasonCode: ptr.To(2), + ReasonCode: 2, }, } Expect(k8sClient.Update(ctx, retrieved)).To(Succeed()) @@ -412,7 +412,7 @@ var _ = Describe("ManagedCRL Controller", func() { retrieved.Spec.Revocations = []crloperatorv1alpha1.RevocationSpec{ { SerialNumber: "123456789", - ReasonCode: ptr.To(1), + ReasonCode: 1, }, } Expect(k8sClient.Update(ctx, retrieved)).To(Succeed()) From 6775a3b24f39a805382b37b8fd5292b892cb6cd1 Mon Sep 17 00:00:00 2001 From: Teddy Andrieux Date: Fri, 7 Nov 2025 13:01:58 +0000 Subject: [PATCH 2/2] chore: Remove validate from reconcile loop Signed-off-by: Teddy Andrieux --- api/v1alpha1/managedcrl_types.go | 7 +++++++ internal/controller/managedcrl_controller.go | 3 --- internal/webhook/v1alpha1/managedcrl_webhook.go | 1 - test/integration/managedcrl_controller_test.go | 5 ----- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/api/v1alpha1/managedcrl_types.go b/api/v1alpha1/managedcrl_types.go index 539667d..4f482de 100644 --- a/api/v1alpha1/managedcrl_types.go +++ b/api/v1alpha1/managedcrl_types.go @@ -333,6 +333,7 @@ func (is *IngressSpec) withDefaults() { // Validate validates the ManagedCRL resource. func (mcrl *ManagedCRL) Validate() error { + mcrl.WithDefaults() err := mcrl.Spec.validate() if err != nil { return fmt.Errorf("spec validation failed: %w", err) @@ -438,6 +439,8 @@ func (rs RevocationSpec) ToRevocationListEntry() (x509.RevocationListEntry, erro // GetRevokedListEntries converts the Revocations in ManagedCRLSpec to a slice of x509.RevocationListEntry. func (mcrls *ManagedCRLSpec) GetRevokedListEntries() ([]x509.RevocationListEntry, error) { + mcrls.withDefaults() + if mcrls.Revocations == nil { return []x509.RevocationListEntry{}, nil } @@ -455,6 +458,8 @@ func (mcrls *ManagedCRLSpec) GetRevokedListEntries() ([]x509.RevocationListEntry // GetImage returns the full image string in the format "repository/name:tag". func (is *ImageSpec) GetImage() string { + is.withDefaults() + image := fmt.Sprintf("%s:%s", *is.Name, *is.Tag) if is.Repository != nil { image = fmt.Sprintf("%s/%s", *is.Repository, image) @@ -464,6 +469,8 @@ func (is *ImageSpec) GetImage() string { // GetCRLDistributionPoint returns the CRL distribution point URL based on the Ingress configuration. func (mcrl *ManagedCRL) GetCRLDistributionPoint() []string { + mcrl.WithDefaults() + var urls []string // Add Ingress URLs if enabled diff --git a/internal/controller/managedcrl_controller.go b/internal/controller/managedcrl_controller.go index c91720d..4995f45 100644 --- a/internal/controller/managedcrl_controller.go +++ b/internal/controller/managedcrl_controller.go @@ -152,9 +152,6 @@ func (r *ManagedCRLReconciler) Reconcile(ctx context.Context, req ctrl.Request) } // Apply defaults instance.WithDefaults() - if err := instance.Validate(); err != nil { - return ctrl.Result{}, fmt.Errorf("validation failed: %w", err) - } needRenewal := false original := instance.DeepCopy() diff --git a/internal/webhook/v1alpha1/managedcrl_webhook.go b/internal/webhook/v1alpha1/managedcrl_webhook.go index e9f549d..d912fc2 100644 --- a/internal/webhook/v1alpha1/managedcrl_webhook.go +++ b/internal/webhook/v1alpha1/managedcrl_webhook.go @@ -103,7 +103,6 @@ func (v *ManagedCRLCustomValidator) ValidateDelete(ctx context.Context, obj runt // validationManagedCRL validates the ManagedCRL fields. func validationManagedCRL(logger logr.Logger, ctx context.Context, c client.Client, managedcrl *crloperatorv1alpha1.ManagedCRL) error { - managedcrl.WithDefaults() if err := managedcrl.Validate(); err != nil { logger.Error(err, "Validation failed") return err diff --git a/test/integration/managedcrl_controller_test.go b/test/integration/managedcrl_controller_test.go index 23a6db8..77330af 100644 --- a/test/integration/managedcrl_controller_test.go +++ b/test/integration/managedcrl_controller_test.go @@ -510,7 +510,6 @@ func checkSecret(mcrlRef types.NamespacedName) { } return false }, 10*time.Second, time.Second).Should(BeTrue()) - retrieved.WithDefaults() Expect(retrieved.ObjectMeta.Finalizers).To(ContainElement("crl-operator.scality.com/finalizer")) @@ -576,7 +575,6 @@ func checkExposePod(mcrlRef types.NamespacedName, shouldRestart bool) { } return false }, 10*time.Second, time.Second).Should(BeTrue()) - retrieved.WithDefaults() Expect(retrieved.Status.PodExposed).To(PointTo(BeFalse())) // Check the deployment @@ -615,7 +613,6 @@ func checkExposePod(mcrlRef types.NamespacedName, shouldRestart bool) { } return false }, 10*time.Second, time.Second).Should(BeTrue()) - retrieved.WithDefaults() Expect(retrieved.Status.PodExposed).To(PointTo(BeTrue())) @@ -663,7 +660,6 @@ func checkIngress(mcrlRef types.NamespacedName) { } return false }, 10*time.Second, time.Second).Should(BeTrue()) - retrieved.WithDefaults() Expect(retrieved.Status.IngressExposed).To(PointTo(BeTrue())) @@ -707,7 +703,6 @@ func checkIssuerConfigured(mcrlRef types.NamespacedName) { } return false }, 10*time.Second, time.Second).Should(BeTrue()) - retrieved.WithDefaults() Expect(retrieved.Status.IssuerConfigured).To(PointTo(BeTrue()))