From 2f0c181cc7cc93fb60e5bfe3ca0e6e711febf3fe Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Tue, 3 Oct 2023 15:46:22 +0200 Subject: [PATCH 1/5] add password-update-container after trino container --- rust/operator-binary/src/authentication/mod.rs | 3 +++ rust/operator-binary/src/controller.rs | 3 +++ 2 files changed, 6 insertions(+) diff --git a/rust/operator-binary/src/authentication/mod.rs b/rust/operator-binary/src/authentication/mod.rs index ee8c2e61..0f9662b0 100644 --- a/rust/operator-binary/src/authentication/mod.rs +++ b/rust/operator-binary/src/authentication/mod.rs @@ -145,7 +145,10 @@ impl TrinoAuthenticationConfig { stackable_trino_crd::Container::Vector => {} } } + } + /// Add required init / side car containers + pub fn add_authentication_containers(&self, role: &TrinoRole, pod_builder: &mut PodBuilder) { // containers for container in self.sidecar_containers(role) { pod_builder.add_container(container); diff --git a/rust/operator-binary/src/controller.rs b/rust/operator-binary/src/controller.rs index bec7a9e0..f530f2a0 100644 --- a/rust/operator-binary/src/controller.rs +++ b/rust/operator-binary/src/controller.rs @@ -976,6 +976,9 @@ fn build_rolegroup_statefulset( // add trino container first to better default into that container (e.g. instead of vector) pod_builder.add_container(container_trino); + // add password-update container if required + trino_authentication_config.add_authentication_containers(trino_role, &mut pod_builder); + if let Some(ContainerLogConfig { choice: Some(ContainerLogConfigChoice::Custom(CustomContainerLogConfig { From 3ac0e4aa91ffe75600c84d4d2792d3cf7e1a7d24 Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Wed, 4 Oct 2023 13:04:59 +0200 Subject: [PATCH 2/5] fix tls tests --- ...{20-install-check.yaml => 20-install-check.yaml.j2} | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) rename tests/templates/kuttl/tls/{20-install-check.yaml => 20-install-check.yaml.j2} (94%) diff --git a/tests/templates/kuttl/tls/20-install-check.yaml b/tests/templates/kuttl/tls/20-install-check.yaml.j2 similarity index 94% rename from tests/templates/kuttl/tls/20-install-check.yaml rename to tests/templates/kuttl/tls/20-install-check.yaml.j2 index b3a6a474..8740db44 100644 --- a/tests/templates/kuttl/tls/20-install-check.yaml +++ b/tests/templates/kuttl/tls/20-install-check.yaml.j2 @@ -15,17 +15,18 @@ spec: labels: app: trino-test-helper spec: + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + fsGroup: 1000 containers: - name: trino-test-helper image: docker.stackable.tech/stackable/testing-tools:0.2.0-stackable0.0.0-dev command: ["sleep", "infinity"] +{% if test_scenario['values']['use-tls'] == 'true' %} volumeMounts: - mountPath: "/stackable/trusted" name: server-tls-mount - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 volumes: - name: server-tls-mount ephemeral: @@ -40,3 +41,4 @@ spec: requests: storage: "1" storageClassName: secrets.stackable.tech +{% endif %} \ No newline at end of file From 097a4c9c68fa5ca5e58a835a27ae54bbcf5f6e8b Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Wed, 4 Oct 2023 13:33:44 +0200 Subject: [PATCH 3/5] set gracefultime out period to fix orphaned resources test --- tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 b/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 index 2aa12601..75914b03 100644 --- a/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 +++ b/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 @@ -8,6 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 1s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} From fdb01123c68a038af1ccf101095583e9a440bfdf Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Wed, 4 Oct 2023 13:44:39 +0200 Subject: [PATCH 4/5] set gracefulShutdownTimeout to fix cluster operations test --- tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 | 1 + tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 | 1 + tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 | 1 + tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 | 1 + 4 files changed, 4 insertions(+) diff --git a/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 index 573fe54a..5c1caeca 100644 --- a/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 @@ -8,6 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 1s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 index 6e60b1f8..55e4f42b 100644 --- a/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 @@ -8,6 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 1s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 index 398c35a7..0636b5b6 100644 --- a/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 @@ -8,6 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 1s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 index 16d9cfe7..bada31c1 100644 --- a/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 @@ -8,6 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 1s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} From 0f5077c76f42efa67c81385c8df4db6ac774a039 Mon Sep 17 00:00:00 2001 From: Malte Sander Date: Wed, 4 Oct 2023 17:05:34 +0200 Subject: [PATCH 5/5] set gracefulShutdownTimeout in every test to avoid insufficient cluster resources due to terminating pods. --- .../templates/kuttl/authentication/create-trino-cluster.yaml.j2 | 1 + .../templates/kuttl/cluster-operation/10-install-trino.yaml.j2 | 2 +- tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 | 2 +- tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 | 2 +- .../templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 | 2 +- tests/templates/kuttl/logging/02-install-trino.yaml.j2 | 1 + .../templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 | 2 +- tests/templates/kuttl/resources/10-install-trino.yaml.j2 | 1 + tests/templates/kuttl/smoke/10-install-trino.yaml.j2 | 1 + tests/templates/kuttl/tls/10-install-trino.yaml.j2 | 1 + 10 files changed, 10 insertions(+), 5 deletions(-) diff --git a/tests/templates/kuttl/authentication/create-trino-cluster.yaml.j2 b/tests/templates/kuttl/authentication/create-trino-cluster.yaml.j2 index 58d79447..1c1380d5 100644 --- a/tests/templates/kuttl/authentication/create-trino-cluster.yaml.j2 +++ b/tests/templates/kuttl/authentication/create-trino-cluster.yaml.j2 @@ -20,6 +20,7 @@ spec: productVersion: "'"{{ test_scenario['values']['trino-latest'] }}"'" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 index 5c1caeca..51628d45 100644 --- a/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/10-install-trino.yaml.j2 @@ -8,7 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} - gracefulShutdownTimeout: 1s + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 index 55e4f42b..1ffc0c25 100644 --- a/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/20-stop-trino.yaml.j2 @@ -8,7 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} - gracefulShutdownTimeout: 1s + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 index 0636b5b6..6450db42 100644 --- a/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/30-pause-trino.yaml.j2 @@ -8,7 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} - gracefulShutdownTimeout: 1s + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 b/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 index bada31c1..ee309878 100644 --- a/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 +++ b/tests/templates/kuttl/cluster-operation/40-restart-trino.yaml.j2 @@ -8,7 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} - gracefulShutdownTimeout: 1s + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/logging/02-install-trino.yaml.j2 b/tests/templates/kuttl/logging/02-install-trino.yaml.j2 index cfeba96f..34f4e5eb 100644 --- a/tests/templates/kuttl/logging/02-install-trino.yaml.j2 +++ b/tests/templates/kuttl/logging/02-install-trino.yaml.j2 @@ -34,6 +34,7 @@ spec: productVersion: "{{ test_scenario['values']['trino'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 5s vectorAggregatorConfigMapName: trino-vector-aggregator-discovery # in order to add the password-file-updater container authentication: diff --git a/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 b/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 index 75914b03..2464f19b 100644 --- a/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 +++ b/tests/templates/kuttl/orphaned-resources/1-install-trino.yaml.j2 @@ -8,7 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} - gracefulShutdownTimeout: 1s + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/resources/10-install-trino.yaml.j2 b/tests/templates/kuttl/resources/10-install-trino.yaml.j2 index d32515ef..6061544b 100644 --- a/tests/templates/kuttl/resources/10-install-trino.yaml.j2 +++ b/tests/templates/kuttl/resources/10-install-trino.yaml.j2 @@ -8,6 +8,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/smoke/10-install-trino.yaml.j2 b/tests/templates/kuttl/smoke/10-install-trino.yaml.j2 index 28a35795..d0e686c8 100644 --- a/tests/templates/kuttl/smoke/10-install-trino.yaml.j2 +++ b/tests/templates/kuttl/smoke/10-install-trino.yaml.j2 @@ -16,6 +16,7 @@ spec: opa: configMapName: opa package: trino + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %} diff --git a/tests/templates/kuttl/tls/10-install-trino.yaml.j2 b/tests/templates/kuttl/tls/10-install-trino.yaml.j2 index 26953639..433dbf5d 100644 --- a/tests/templates/kuttl/tls/10-install-trino.yaml.j2 +++ b/tests/templates/kuttl/tls/10-install-trino.yaml.j2 @@ -58,6 +58,7 @@ spec: productVersion: "{{ test_scenario['values']['trino-latest'] }}" clusterConfig: catalogLabelSelector: {} + gracefulShutdownTimeout: 5s {% if lookup('env', 'VECTOR_AGGREGATOR') %} vectorAggregatorConfigMapName: vector-aggregator-discovery {% endif %}