From 80d346c87c3ece0828538eefb2030fb902ce4465 Mon Sep 17 00:00:00 2001 From: Francesco Pantano Date: Sat, 16 May 2026 09:15:47 +0200 Subject: [PATCH] Consume common templates via CommonTemplates field Remove duplicated templates from the operator and consume them from lib-common via the CommonTemplates field. This allows maintaining common configuration files (e.g. ssl.conf) in a single location across all operators. Signed-off-by: Francesco Pantano --- internal/controller/watcher_common.go | 2 ++ internal/controller/watcher_controller.go | 2 +- internal/controller/watcherapi_controller.go | 2 +- .../controller/watcherapplier_controller.go | 2 +- .../watcherdecisionengine_controller.go | 2 +- templates/watcherapi/config/ssl.conf | 21 ------------------- 6 files changed, 6 insertions(+), 25 deletions(-) delete mode 100644 templates/watcherapi/config/ssl.conf diff --git a/internal/controller/watcher_common.go b/internal/controller/watcher_common.go index adb3b4b5..e66033ae 100644 --- a/internal/controller/watcher_common.go +++ b/internal/controller/watcher_common.go @@ -309,6 +309,7 @@ func GenerateConfigsGeneric( customData map[string]string, cmLabels map[string]string, scripts bool, + commonTemplates []string, ) error { extraTemplates := map[string]string{ @@ -327,6 +328,7 @@ func GenerateConfigsGeneric( CustomData: customData, Labels: cmLabels, AdditionalTemplate: extraTemplates, + CommonTemplates: commonTemplates, }, } if scripts { diff --git a/internal/controller/watcher_controller.go b/internal/controller/watcher_controller.go index f9bb2e00..ee92a00f 100644 --- a/internal/controller/watcher_controller.go +++ b/internal/controller/watcher_controller.go @@ -948,7 +948,7 @@ func (r *WatcherReconciler) generateServiceConfigDBJobs( templateParameters["ACSecret"] = acData.Secret } - return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, true) + return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, true, []string{}) } func (r *WatcherReconciler) ensureDBSync( diff --git a/internal/controller/watcherapi_controller.go b/internal/controller/watcherapi_controller.go index 68cb4b94..605fe705 100644 --- a/internal/controller/watcherapi_controller.go +++ b/internal/controller/watcherapi_controller.go @@ -513,7 +513,7 @@ func (r *WatcherAPIReconciler) generateServiceConfigs( } templateParameters["VHosts"] = httpdVhostConfig - return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, false) + return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, false, []string{"ssl.conf"}) } func (r *WatcherAPIReconciler) ensureDeployment( diff --git a/internal/controller/watcherapplier_controller.go b/internal/controller/watcherapplier_controller.go index 58afb6ba..cd448d97 100644 --- a/internal/controller/watcherapplier_controller.go +++ b/internal/controller/watcherapplier_controller.go @@ -458,7 +458,7 @@ func (r *WatcherApplierReconciler) generateServiceConfigs( templateParameters["MemcachedAuthCa"] = fmt.Sprint(memcachedv1.CaMountPath()) } - return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, false) + return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, false, []string{}) } // SetupWithManager sets up the controller with the Manager. diff --git a/internal/controller/watcherdecisionengine_controller.go b/internal/controller/watcherdecisionengine_controller.go index 47f75ae9..a6fa6d79 100644 --- a/internal/controller/watcherdecisionengine_controller.go +++ b/internal/controller/watcherdecisionengine_controller.go @@ -609,7 +609,7 @@ func (r *WatcherDecisionEngineReconciler) generateServiceConfigs( templateParameters["MemcachedAuthCa"] = fmt.Sprint(memcachedv1.CaMountPath()) } - return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, false) + return GenerateConfigsGeneric(ctx, helper, instance, envVars, templateParameters, customData, labels, false, []string{}) } func (r *WatcherDecisionEngineReconciler) ensureDeployment( diff --git a/templates/watcherapi/config/ssl.conf b/templates/watcherapi/config/ssl.conf deleted file mode 100644 index e3da4ecb..00000000 --- a/templates/watcherapi/config/ssl.conf +++ /dev/null @@ -1,21 +0,0 @@ - - SSLRandomSeed startup builtin - SSLRandomSeed startup file:/dev/urandom 512 - SSLRandomSeed connect builtin - SSLRandomSeed connect file:/dev/urandom 512 - - AddType application/x-x509-ca-cert .crt - AddType application/x-pkcs7-crl .crl - - SSLPassPhraseDialog builtin - SSLSessionCache "shmcb:/var/cache/mod_ssl/scache(512000)" - SSLSessionCacheTimeout 300 - Mutex default - SSLCryptoDevice builtin - SSLHonorCipherOrder On - SSLUseStapling Off - SSLStaplingCache "shmcb:/run/httpd/ssl_stapling(32768)" - SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4:!3DES - SSLProtocol all -SSLv2 -SSLv3 -TLSv1 - SSLOptions StdEnvVars -