From f90aa29e69d6a9c5ce5bf79e67bc4ccead5ae1e2 Mon Sep 17 00:00:00 2001
From: Pavan <25031267+Pavan-SAP@users.noreply.github.com>
Date: Thu, 7 Mar 2024 11:25:38 +0100
Subject: [PATCH] [FEATURE] Operator: DNS_TARGET via env. supported (#68)

Allow consumers to configure a DNS_TARGET via env. on controller.
---
 internal/controller/reconcile-domains.go      |  6 +++-
 internal/controller/reconcile-domains_test.go | 35 +++++++++++++++++--
 internal/controller/utils.go                  | 11 ++++++
 website/includes/chart-values.md              |  5 +++
 4 files changed, 54 insertions(+), 3 deletions(-)

diff --git a/internal/controller/reconcile-domains.go b/internal/controller/reconcile-domains.go
index e7acf07..9fd1d93 100644
--- a/internal/controller/reconcile-domains.go
+++ b/internal/controller/reconcile-domains.go
@@ -879,7 +879,11 @@ func (c *Controller) getIngressGatewayInfo(ctx context.Context, ca *v1alpha1.CAP
 	// Get dnsTarget
 	// First try to use dnsTarget --> if it is set
 	dnsTarget := ca.Spec.Domains.DnsTarget
-	// Attempt to get dnsTarget from Service via annotation(s)
+	// Attempt to get dnsTarget from Env
+	if dnsTarget == "" {
+		dnsTarget = envDNSTarget()
+	}
+	// Finally attempt to get dnsTarget from Service via annotation(s)
 	if dnsTarget == "" {
 		ingressGWSvc, err := c.getIngressGatewayService(ctx, namespace, relevantPodsNames, ca)
 		if err != nil {
diff --git a/internal/controller/reconcile-domains_test.go b/internal/controller/reconcile-domains_test.go
index c67e87c..2047f75 100644
--- a/internal/controller/reconcile-domains_test.go
+++ b/internal/controller/reconcile-domains_test.go
@@ -18,6 +18,8 @@ import (
 	"k8s.io/apimachinery/pkg/labels"
 )
 
+const envDNS = "env-ingress.some.cluster.sap"
+
 func TestController_reconcileOperatorDomains(t *testing.T) {
 	tests := []struct {
 		name                  string
@@ -25,6 +27,8 @@ func TestController_reconcileOperatorDomains(t *testing.T) {
 		createCA2             bool
 		updateCA              bool
 		createIngress         bool
+		withoutDNSNames       bool
+		useEnvDNS             bool
 		cleanUpDomains        bool
 		wantErr               bool
 		expectDomainResources bool
@@ -64,6 +68,25 @@ func TestController_reconcileOperatorDomains(t *testing.T) {
 			wantErr:               false,
 			expectDomainResources: true,
 		},
+		{
+			name:                  "Test with multiple CAPApplications and Ingress GW without DNS names",
+			createCA:              true,
+			createCA2:             true,
+			createIngress:         true,
+			withoutDNSNames:       true,
+			wantErr:               true, // ingress gateway service not annotated with dns target name for CAPApplication default.ca-test-name
+			expectDomainResources: false,
+		},
+		{
+			name:                  "Test with multiple CAPApplications and Ingress GW without DNS names but DNS_TARGET env",
+			createCA:              true,
+			createCA2:             true,
+			createIngress:         true,
+			withoutDNSNames:       true,
+			useEnvDNS:             true,
+			wantErr:               false,
+			expectDomainResources: true, // Creates resources because of DNS_TARGET env
+		},
 		// {
 		// 	name:                  "Test cleanup with multiple CAPApplications and Ingress GW",
 		// 	createCA:              true,
@@ -127,7 +150,8 @@ func TestController_reconcileOperatorDomains(t *testing.T) {
 			expectDomainResources: true,
 		},
 	}
-	defer os.Setenv(certManagerEnv, "")
+	defer os.Unsetenv(certManagerEnv)
+	defer os.Unsetenv(dnsTargetEnv)
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			if tt.enableCertManagerEnv {
@@ -135,6 +159,9 @@ func TestController_reconcileOperatorDomains(t *testing.T) {
 			} else {
 				os.Setenv(certManagerEnv, certManagerGardener)
 			}
+			if tt.useEnvDNS {
+				os.Setenv(dnsTargetEnv, envDNS)
+			}
 			var c *Controller
 			var ca *v1alpha1.CAPApplication
 			var ca2 *v1alpha1.CAPApplication
@@ -150,7 +177,11 @@ func TestController_reconcileOperatorDomains(t *testing.T) {
 			}
 
 			if tt.createIngress {
-				ingressRes = createIngressResource(ingressGWName, ca, dnsTarget)
+				dns := dnsTarget
+				if tt.withoutDNSNames {
+					dns = ""
+				}
+				ingressRes = createIngressResource(ingressGWName, ca, dns)
 			}
 
 			c = getTestController(testResources{
diff --git a/internal/controller/utils.go b/internal/controller/utils.go
index e4bcd81..150867e 100644
--- a/internal/controller/utils.go
+++ b/internal/controller/utils.go
@@ -33,6 +33,7 @@ const (
 const (
 	certManagerEnv = "CERT_MANAGER"
 	dnsManagerEnv  = "DNS_MANAGER"
+	dnsTargetEnv   = "DNS_TARGET"
 )
 
 type ownerInfo struct {
@@ -157,6 +158,16 @@ func dnsManager() string {
 	return mgr
 }
 
+func envDNSTarget() string {
+	target := ""
+	env := os.Getenv(dnsTargetEnv)
+	if env != "" {
+		// convert to lower case
+		target = strings.ToLower(env)
+	}
+	return target
+}
+
 func updateResourceAnnotation(object *metav1.ObjectMeta, hash string) {
 	if object.Annotations == nil {
 		object.Annotations = map[string]string{}
diff --git a/website/includes/chart-values.md b/website/includes/chart-values.md
index f6f0745..b06ae29 100644
--- a/website/includes/chart-values.md
+++ b/website/includes/chart-values.md
@@ -10,6 +10,7 @@
 | affinity | object | `{}` | Default affinity settings (can be overwritten on component level) |
 | tolerations | list | `[]` | Default tolerations (can be overwritten on component level) |
 | priorityClassName | string | `""` | Default priority class (can be overwritten on component level) |
+| topologySpreadConstraints | list | `[]` | Default topology spread constraints (can be overwritten on component level) |
 | controller.replicas | int | `1` | Replicas |
 | controller.image.repository | string | `"ghcr.io/sap/cap-operator/controller"` | Image repository |
 | controller.image.tag | string | `""` | Image tag |
@@ -20,11 +21,13 @@
 | controller.affinity | object | `{}` | Affinity settings |
 | controller.tolerations | list | `[]` | Tolerations |
 | controller.priorityClassName | string | `""` | Priority class |
+| controller.topologySpreadConstraints | list | `[]` | Topology spread constraints |
 | controller.securityContext | object | `{}` | Security context |
 | controller.resources.limits.memory | string | `"500Mi"` | Memory limit |
 | controller.resources.limits.cpu | float | `0.2` | CPU limit |
 | controller.resources.requests.memory | string | `"50Mi"` | Memory request |
 | controller.resources.requests.cpu | float | `0.02` | CPU request |
+| controller.dnsTarget | string | `""` | The dns target mentioned on the public ingress gateway service used in the cluster |
 | subscriptionServer.replicas | int | `1` | Replicas |
 | subscriptionServer.image.repository | string | `"ghcr.io/sap/cap-operator/server"` | Image repository |
 | subscriptionServer.image.tag | string | `""` | Image tag |
@@ -35,6 +38,7 @@
 | subscriptionServer.affinity | object | `{}` | Affinity settings |
 | subscriptionServer.tolerations | list | `[]` | Tolerations |
 | subscriptionServer.priorityClassName | string | `""` | Priority class |
+| subscriptionServer.topologySpreadConstraints | list | `[]` | Topology spread constraints |
 | subscriptionServer.securityContext | object | `{}` | Security context |
 | subscriptionServer.resources.limits.memory | string | `"200Mi"` | Memory limit |
 | subscriptionServer.resources.limits.cpu | float | `0.1` | CPU limit |
@@ -56,6 +60,7 @@
 | webhook.affinity | object | `{}` | Affinity settings |
 | webhook.tolerations | list | `[]` | Tolerations |
 | webhook.priorityClassName | string | `""` | Priority class |
+| webhook.topologySpreadConstraints | list | `[]` | Topology spread constraints |
 | webhook.securityContext | object | `{}` | Security context |
 | webhook.resources.limits.memory | string | `"200Mi"` | Memory limit |
 | webhook.resources.limits.cpu | float | `0.1` | CPU limit |