ROX-26039: fix

stackrox · Oct 31, 2024 · 53fdb52 · 53fdb52
1 parent 09fdeb8
commit 53fdb52
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 50 deletions.
diff --git a/fleetshard/config/config.go b/fleetshard/config/config.go
@@ -35,17 +35,17 @@ type Config struct {
 	// If it is empty, nothing is injected (for example, it is not required when running on OpenShift).
 	// It is required when central images need to fetched from a private Quay registry.
 	// It needs to given as Docker Config JSON object.
-	TenantImagePullSecret               string `env:"TENANT_IMAGE_PULL_SECRET"`
-	DefaultTenantArgoCdAppSourceRepoURL string `env:"DEFAULT_TENANT_ARGOCD_APP_SOURCE_REPO_URL" envDefault:"https://github.com/stackrox/acscs-manifests.git"`
-	DefaultTenantArgoCdAppSourceRef     string `env:"DEFAULT_TENANT_ARGOCD_APP_SOURCE_REF" envDefault:"HEAD"`
-	DefaultTenantArgoCdAppSourcePath    string `env:"DEFAULT_TENANT_ARGOCD_APP_SOURCE_PATH" envDefault:"tenant-resources"`
-	ArgoCdNamespace                     string `env:"ARGOCD_NAMESPACE" envDefault:"openshift-gitops"`
-	ManagedDB                           ManagedDB
-	Telemetry                           Telemetry
-	AuditLogging                        AuditLogging
-	SecretEncryption                    SecretEncryption
-	RouteParameters                     RouteConfig
-	FleetshardAddonName                 string `env:"FLEETSHARD_ADDON_NAME" envDefault:"acs-fleetshard"`
+	TenantImagePullSecret                      string `env:"TENANT_IMAGE_PULL_SECRET"`
+	DefaultTenantArgoCdAppSourceRepoURL        string `env:"DEFAULT_TENANT_ARGOCD_APP_SOURCE_REPO_URL" envDefault:"https://github.com/stackrox/acscs-manifests.git"`
+	DefaultTenantArgoCdAppSourceTargetRevision string `env:"DEFAULT_TENANT_ARGOCD_APP_SOURCE_TARGET_REVISION" envDefault:"HEAD"`
+	DefaultTenantArgoCdAppSourcePath           string `env:"DEFAULT_TENANT_ARGOCD_APP_SOURCE_PATH" envDefault:"tenant-resources"`
+	ArgoCdNamespace                            string `env:"ARGOCD_NAMESPACE" envDefault:"openshift-gitops"`
+	ManagedDB                                  ManagedDB
+	Telemetry                                  Telemetry
+	AuditLogging                               AuditLogging
+	SecretEncryption                           SecretEncryption
+	RouteParameters                            RouteConfig
+	FleetshardAddonName                        string `env:"FLEETSHARD_ADDON_NAME" envDefault:"acs-fleetshard"`
 
 	// The SecureTenantNetwork option controls whether the Tenant's K8s
 	// Namespace will be secured at the network level, e.g. by using

diff --git a/fleetshard/pkg/central/reconciler/reconciler.go b/fleetshard/pkg/central/reconciler/reconciler.go
@@ -117,20 +117,20 @@ type encryptedSecrets struct {
 
 // CentralReconcilerOptions are the static options for creating a reconciler.
 type CentralReconcilerOptions struct {
-	UseRoutes                           bool
-	WantsAuthProvider                   bool
-	ManagedDBEnabled                    bool
-	Telemetry                           config.Telemetry
-	ClusterName                         string
-	Environment                         string
-	AuditLogging                        config.AuditLogging
-	TenantImagePullSecret               string
-	RouteParameters                     config.RouteConfig
-	SecureTenantNetwork                 bool
-	DefaultTenantArgoCdAppSourceRepoURL string
-	DefaultTenantArgoCdAppSourceRef     string
-	DefaultTenantArgoCdAppSourcePath    string
-	ArgoCdNamespace                     string
+	UseRoutes                                  bool
+	WantsAuthProvider                          bool
+	ManagedDBEnabled                           bool
+	Telemetry                                  config.Telemetry
+	ClusterName                                string
+	Environment                                string
+	AuditLogging                               config.AuditLogging
+	TenantImagePullSecret                      string
+	RouteParameters                            config.RouteConfig
+	SecureTenantNetwork                        bool
+	DefaultTenantArgoCdAppSourceRepoURL        string
+	DefaultTenantArgoCdAppSourceTargetRevision string
+	DefaultTenantArgoCdAppSourcePath           string
+	ArgoCdNamespace                            string
 }
 
 // CentralReconciler is a reconciler tied to a one Central instance. It installs, updates and deletes Central instances
@@ -170,10 +170,10 @@ type CentralReconciler struct {
 	needsReconcileFunc        needsReconcileFunc
 	restoreCentralSecretsFunc restoreCentralSecretsFunc
 
-	defaultTenantArgoCdAppSourceRepoURL string
-	defaultTenantArgoCdAppSourceRef     string
-	defaultTenantArgoCdAppSourcePath    string
-	argoCdNamespace                     string
+	defaultTenantArgoCdAppSourceRepoURL        string
+	defaultTenantArgoCdAppSourceTargetRevision string
+	defaultTenantArgoCdAppSourcePath           string
+	argoCdNamespace                            string
 }
 
 // Reconcile takes a private.ManagedCentral and tries to install it into the cluster managed by the fleet-shard.
@@ -1896,9 +1896,9 @@ func (r *CentralReconciler) makeDesiredArgoCDApplication(remoteCentral private.M
 		Spec: argocd.ApplicationSpec{
 			Project: "default",
 			Source: &argocd.ApplicationSource{
-				RepoURL: r.defaultTenantArgoCdAppSourceRepoURL,
-				Ref:     r.defaultTenantArgoCdAppSourceRef,
-				Path:    r.defaultTenantArgoCdAppSourcePath,
+				RepoURL:        r.defaultTenantArgoCdAppSourceRepoURL,
+				TargetRevision: r.defaultTenantArgoCdAppSourceTargetRevision,
+				Path:           r.defaultTenantArgoCdAppSourcePath,
 				Helm: &argocd.ApplicationSourceHelm{
 					ValuesObject: &runtime.RawExtension{
 						Raw: valuesBytes,
@@ -2300,10 +2300,10 @@ func NewCentralReconciler(k8sClient ctrlClient.Client, fleetmanagerClient *fleet
 		// Todo: Allow overriding the tenant source path, repo URL, and ref
 		// on a per-tenant basis.
 
-		defaultTenantArgoCdAppSourcePath:    opts.DefaultTenantArgoCdAppSourcePath,
-		defaultTenantArgoCdAppSourceRepoURL: opts.DefaultTenantArgoCdAppSourceRepoURL,
-		defaultTenantArgoCdAppSourceRef:     opts.DefaultTenantArgoCdAppSourceRef,
-		argoCdNamespace:                     opts.ArgoCdNamespace,
+		defaultTenantArgoCdAppSourcePath:           opts.DefaultTenantArgoCdAppSourcePath,
+		defaultTenantArgoCdAppSourceRepoURL:        opts.DefaultTenantArgoCdAppSourceRepoURL,
+		defaultTenantArgoCdAppSourceTargetRevision: opts.DefaultTenantArgoCdAppSourceTargetRevision,
+		argoCdNamespace:                            opts.ArgoCdNamespace,
 	}
 	r.needsReconcileFunc = r.needsReconcile
 

diff --git a/fleetshard/pkg/runtime/runtime.go b/fleetshard/pkg/runtime/runtime.go
@@ -132,20 +132,20 @@ func (r *Runtime) Start() error {
 	routesAvailable := r.routesAvailable()
 
 	reconcilerOpts := centralReconciler.CentralReconcilerOptions{
-		UseRoutes:                           routesAvailable,
-		WantsAuthProvider:                   r.config.CreateAuthProvider,
-		ManagedDBEnabled:                    r.config.ManagedDB.Enabled,
-		Telemetry:                           r.config.Telemetry,
-		ClusterName:                         r.config.ClusterName,
-		Environment:                         r.config.Environment,
-		AuditLogging:                        r.config.AuditLogging,
-		TenantImagePullSecret:               r.config.TenantImagePullSecret, // pragma: allowlist secret
-		RouteParameters:                     r.config.RouteParameters,
-		SecureTenantNetwork:                 r.config.SecureTenantNetwork,
-		DefaultTenantArgoCdAppSourceRef:     r.config.DefaultTenantArgoCdAppSourceRef,
-		DefaultTenantArgoCdAppSourcePath:    r.config.DefaultTenantArgoCdAppSourcePath,
-		DefaultTenantArgoCdAppSourceRepoURL: r.config.DefaultTenantArgoCdAppSourceRepoURL,
-		ArgoCdNamespace:                     r.config.ArgoCdNamespace,
+		UseRoutes:             routesAvailable,
+		WantsAuthProvider:     r.config.CreateAuthProvider,
+		ManagedDBEnabled:      r.config.ManagedDB.Enabled,
+		Telemetry:             r.config.Telemetry,
+		ClusterName:           r.config.ClusterName,
+		Environment:           r.config.Environment,
+		AuditLogging:          r.config.AuditLogging,
+		TenantImagePullSecret: r.config.TenantImagePullSecret, // pragma: allowlist secret
+		RouteParameters:       r.config.RouteParameters,
+		SecureTenantNetwork:   r.config.SecureTenantNetwork,
+		DefaultTenantArgoCdAppSourceTargetRevision: r.config.DefaultTenantArgoCdAppSourceTargetRevision,
+		DefaultTenantArgoCdAppSourcePath:           r.config.DefaultTenantArgoCdAppSourcePath,
+		DefaultTenantArgoCdAppSourceRepoURL:        r.config.DefaultTenantArgoCdAppSourceRepoURL,
+		ArgoCdNamespace:                            r.config.ArgoCdNamespace,
 	}
 
 	ticker := concurrency.NewRetryTicker(func(ctx context.Context) (timeToNextTick time.Duration, err error) {