From b64b67d3aa41e7ef09d4be1b155fa13f81260b68 Mon Sep 17 00:00:00 2001 From: Tamar Weisskopf Date: Mon, 22 Jun 2026 00:30:50 +0300 Subject: [PATCH] Rename ExploitIQ/Agent morpheus to Exploit Intelligence --- .golangci.yml | 2 +- Makefile | 14 +-- README.md | 52 ++++---- api/v1alpha1/conditions.go | 6 +- ...go => exploitintelligencestack_helpers.go} | 6 +- ...s.go => exploitintelligencestack_types.go} | 30 ++--- api/v1alpha1/groupversion_info.go | 6 +- api/v1alpha1/zz_generated.deepcopy.go | 38 +++--- bundle.Dockerfile | 2 +- ...r-manager-metrics-service_v1_service.yaml} | 6 +- ...c.authorization.k8s.io_v1_clusterrole.yaml | 21 ++++ ....authorization.k8s.io_v1_clusterrole.yaml} | 12 +- ...c.authorization.k8s.io_v1_clusterrole.yaml | 23 ++++ ....authorization.k8s.io_v1_clusterrole.yaml} | 2 +- ...gence-operator.clusterserviceversion.yaml} | 70 +++++------ ...c.authorization.k8s.io_v1_clusterrole.yaml | 21 ---- ...c.authorization.k8s.io_v1_clusterrole.yaml | 23 ---- ...enshift.io_exploitintelligencestacks.yaml} | 22 ++-- bundle/metadata/annotations.yaml | 2 +- cmd/main.go | 32 ++--- ...enshift.io_exploitintelligencestacks.yaml} | 22 ++-- config/crd/kustomization.yaml | 2 +- config/default/kustomization.yaml | 4 +- config/default/metrics_service.yaml | 4 +- config/manager/manager.yaml | 8 +- ...gence-operator.clusterserviceversion.yaml} | 22 ++-- config/manifests/kustomization.yaml | 2 +- .../network-policy/allow-metrics-traffic.yaml | 4 +- config/prometheus/monitor.yaml | 4 +- ... exploitintelligencestack_admin_role.yaml} | 16 +-- ...exploitintelligencestack_editor_role.yaml} | 16 +-- ...exploitintelligencestack_viewer_role.yaml} | 16 +-- config/rbac/kustomization.yaml | 8 +- config/rbac/leader_election_role.yaml | 2 +- config/rbac/leader_election_role_binding.yaml | 2 +- config/rbac/role.yaml | 12 +- config/rbac/role_binding.yaml | 2 +- config/rbac/service_account.yaml | 2 +- config/samples/README.md | 34 +++--- ...nce_v1alpha1_exploitintelligencestack.yaml | 13 ++ ...1_exploitintelligencestack_kubernetes.yaml | 16 +++ ...intelligencestack_kubernetes_ingress.yaml} | 10 +- ...oitintelligencestack_kubernetes_oidc.yaml} | 10 +- ...oitintelligencestack_self_hosted_llm.yaml} | 12 +- .../exploitiq_v1alpha1_exploitiqstack.yaml | 13 -- ...iq_v1alpha1_exploitiqstack_kubernetes.yaml | 16 --- config/samples/kustomization.yaml | 4 +- docs/developing.md | 18 +-- docs/installing_kubernetes.md | 22 ++-- docs/managing_bundles_catalogs.md | 56 ++++----- hack/get-related-image-digests.sh | 4 +- internal/controller/components/argilla.go | 42 +++---- internal/controller/components/cache.go | 40 +++--- .../controller/components/componentsyncer.go | 18 +-- internal/controller/components/database.go | 22 ++-- internal/controller/components/engine.go | 46 +++---- .../controller/components/factory_test.go | 4 +- internal/controller/components/interface.go | 8 +- internal/controller/components/tasks.go | 4 +- internal/controller/components/webapp.go | 72 +++++------ internal/controller/components/webapp_test.go | 38 +++--- internal/controller/conditions/manager.go | 4 +- ...=> exploitintelligencestack_controller.go} | 44 +++---- ...ploitintelligencestack_controller_test.go} | 18 +-- ...=> exploitintelligencestack_reconciler.go} | 6 +- internal/k8s/dependency_resolver.go | 4 +- internal/k8s/hash.go | 8 +- internal/k8s/labels.go | 8 +- internal/k8s/route.go | 2 +- internal/resources/argilla/configmap.go | 2 +- internal/resources/argilla/configmap_test.go | 14 +-- internal/resources/argilla/constants.go | 8 +- internal/resources/argilla/deployment.go | 16 +-- internal/resources/argilla/deployment_test.go | 22 ++-- internal/resources/argilla/ingress.go | 2 +- internal/resources/argilla/ingress_test.go | 26 ++-- internal/resources/argilla/pvc.go | 2 +- internal/resources/argilla/pvc_test.go | 22 ++-- internal/resources/argilla/rbac.go | 4 +- internal/resources/argilla/rbac_test.go | 20 +-- internal/resources/argilla/route.go | 2 +- internal/resources/argilla/route_test.go | 14 +-- internal/resources/argilla/secret.go | 2 +- internal/resources/argilla/secret_test.go | 18 +-- internal/resources/argilla/service.go | 2 +- internal/resources/argilla/service_test.go | 12 +- internal/resources/argilla/serviceaccount.go | 2 +- .../resources/argilla/serviceaccount_test.go | 10 +- internal/resources/cache/configmap.go | 8 +- internal/resources/cache/configmap_test.go | 46 +++---- internal/resources/cache/deployment.go | 10 +- internal/resources/cache/deployment_test.go | 30 ++--- internal/resources/cache/pvc.go | 2 +- internal/resources/cache/pvc_test.go | 10 +- internal/resources/cache/service.go | 2 +- internal/resources/cache/service_test.go | 10 +- .../resources/componentsyncer/configmap.go | 2 +- .../componentsyncer/configmap_test.go | 36 +++--- .../resources/componentsyncer/constants.go | 2 +- internal/resources/componentsyncer/jobsink.go | 4 +- .../resources/componentsyncer/jobsink_test.go | 52 ++++---- internal/resources/componentsyncer/secret.go | 2 +- .../resources/componentsyncer/secret_test.go | 10 +- internal/resources/database/constants.go | 12 +- internal/resources/database/deployment.go | 8 +- .../resources/database/deployment_test.go | 44 +++---- internal/resources/database/init_configmap.go | 4 +- internal/resources/database/pvc.go | 2 +- internal/resources/database/pvc_test.go | 10 +- internal/resources/database/secret.go | 4 +- internal/resources/database/service.go | 2 +- internal/resources/database/service_test.go | 10 +- ...ig.yml => exploit-intelligence-config.yml} | 10 +- internal/resources/engine/configmap.go | 10 +- internal/resources/engine/configmap_test.go | 66 +++++----- internal/resources/engine/constants.go | 30 ++--- internal/resources/engine/deployment.go | 20 +-- internal/resources/engine/deployment_test.go | 106 ++++++++-------- internal/resources/engine/ingress.go | 2 +- internal/resources/engine/ingress_test.go | 24 ++-- internal/resources/engine/pvc.go | 2 +- internal/resources/engine/pvc_test.go | 10 +- internal/resources/engine/rbac.go | 2 +- internal/resources/engine/rbac_test.go | 10 +- internal/resources/engine/route.go | 2 +- internal/resources/engine/route_test.go | 10 +- internal/resources/engine/service.go | 4 +- internal/resources/engine/service_test.go | 22 ++-- internal/resources/engine/serviceaccount.go | 2 +- .../resources/engine/serviceaccount_test.go | 10 +- internal/resources/webapp/configmap.go | 2 +- internal/resources/webapp/configmap_test.go | 10 +- internal/resources/webapp/constants.go | 36 +++--- internal/resources/webapp/deployment.go | 24 ++-- internal/resources/webapp/deployment_test.go | 114 +++++++++--------- internal/resources/webapp/ingress.go | 4 +- internal/resources/webapp/ingress_test.go | 60 ++++----- internal/resources/webapp/oauth.go | 8 +- internal/resources/webapp/oauth_test.go | 66 +++++----- internal/resources/webapp/route.go | 4 +- internal/resources/webapp/route_test.go | 18 +-- internal/resources/webapp/service.go | 2 +- internal/resources/webapp/service_test.go | 20 +-- internal/resources/webapp/serviceaccount.go | 2 +- .../resources/webapp/serviceaccount_test.go | 10 +- internal/resources/webapp/servicemonitor.go | 6 +- test/e2e/e2e_suite_test.go | 8 +- test/e2e/e2e_test.go | 10 +- test/e2e/openshift_full_e2e_test.go | 32 ++--- test/e2e/openshift_test.go | 64 +++++----- 150 files changed, 1259 insertions(+), 1259 deletions(-) rename api/v1alpha1/{exploitiqstack_helpers.go => exploitintelligencestack_helpers.go} (86%) rename api/v1alpha1/{exploitiqstack_types.go => exploitintelligencestack_types.go} (93%) rename bundle/manifests/{exploit-iq-operator-controller-manager-metrics-service_v1_service.yaml => exploit-intelligence-operator-controller-manager-metrics-service_v1_service.yaml} (62%) create mode 100644 bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml rename bundle/manifests/{exploit-iq-operator-exploitiqstack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml => exploit-intelligence-operator-exploitintelligencestack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml} (52%) create mode 100644 bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml rename bundle/manifests/{exploit-iq-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml => exploit-intelligence-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml} (74%) rename bundle/manifests/{exploit-iq-operator.clusterserviceversion.yaml => exploit-intelligence-operator.clusterserviceversion.yaml} (87%) delete mode 100644 bundle/manifests/exploit-iq-operator-exploitiqstack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml delete mode 100644 bundle/manifests/exploit-iq-operator-exploitiqstack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml rename bundle/manifests/{exploitiq.openshift.io_exploitiqstacks.yaml => exploitintelligence.openshift.io_exploitintelligencestacks.yaml} (99%) rename config/crd/bases/{exploitiq.openshift.io_exploitiqstacks.yaml => exploitintelligence.openshift.io_exploitintelligencestacks.yaml} (99%) rename config/manifests/bases/{exploit-iq-operator.clusterserviceversion.yaml => exploit-intelligence-operator.clusterserviceversion.yaml} (90%) rename config/rbac/{exploitiqstack_admin_role.yaml => exploitintelligencestack_admin_role.yaml} (55%) rename config/rbac/{exploitiqstack_editor_role.yaml => exploitintelligencestack_editor_role.yaml} (60%) rename config/rbac/{exploitiqstack_viewer_role.yaml => exploitintelligencestack_viewer_role.yaml} (55%) create mode 100644 config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml create mode 100644 config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes.yaml rename config/samples/{exploitiq_v1alpha1_exploitiqstack_kubernetes_ingress.yaml => exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_ingress.yaml} (57%) rename config/samples/{exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml => exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml} (72%) rename config/samples/{exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml => exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml} (62%) delete mode 100644 config/samples/exploitiq_v1alpha1_exploitiqstack.yaml delete mode 100644 config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes.yaml rename internal/controller/{exploitiqstack_controller.go => exploitintelligencestack_controller.go} (88%) rename internal/controller/{exploitiqstack_controller_test.go => exploitintelligencestack_controller_test.go} (81%) rename internal/controller/{exploitiqstack_reconciler.go => exploitintelligencestack_reconciler.go} (94%) rename internal/resources/engine/assets/{exploit-iq-config.yml => exploit-intelligence-config.yml} (95%) diff --git a/.golangci.yml b/.golangci.yml index c66ec54..714a22b 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -49,7 +49,7 @@ linters: path: api/v1alpha1/groupversion_info\.go - linters: - gochecknoglobals - path: api/v1alpha1/exploitiqstack_types\.go + path: api/v1alpha1/exploitintelligencestack_types\.go - linters: - gochecknoglobals path: cmd/main\.go diff --git a/Makefile b/Makefile index ee4714b..235e574 100644 --- a/Makefile +++ b/Makefile @@ -18,7 +18,7 @@ BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) # This variable is used to construct full image tags for bundle and catalog images. # # For example, running 'make bundle-build bundle-push catalog-build catalog-push' will build and push both -# openshift.io/exploit-iq-operator-bundle:$VERSION and openshift.io/exploit-iq-operator-catalog:$VERSION. +# openshift.io/exploit-intelligence-operator-bundle:$VERSION and openshift.io/exploit-intelligence-operator-catalog:$VERSION. IMAGE_TAG_BASE ?= quay.io/redhat-user-workloads/exploit-intelligence-tenant/operator-tech-preview # BUNDLE_IMG defines the image:tag used for the bundle. @@ -106,7 +106,7 @@ test: manifests generate fmt vet setup-envtest ## Run tests. # The default setup assumes Kind is pre-installed and builds/loads the Manager Docker image locally. # CertManager is installed by default; skip with: # - CERT_MANAGER_INSTALL_SKIP=true -KIND_CLUSTER ?= exploit-iq-operator-test-e2e +KIND_CLUSTER ?= exploit-intelligence-operator-test-e2e .PHONY: setup-test-e2e setup-test-e2e: ## Set up a Kind cluster for e2e tests if it does not exist @@ -178,10 +178,10 @@ PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le docker-buildx: ## Build and push docker image for the manager for cross-platform support # copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross - - $(CONTAINER_TOOL) buildx create --name exploit-iq-operator-builder - $(CONTAINER_TOOL) buildx use exploit-iq-operator-builder + - $(CONTAINER_TOOL) buildx create --name exploit-intelligence-operator-builder + $(CONTAINER_TOOL) buildx use exploit-intelligence-operator-builder - $(CONTAINER_TOOL) buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross . - - $(CONTAINER_TOOL) buildx rm exploit-iq-operator-builder + - $(CONTAINER_TOOL) buildx rm exploit-intelligence-operator-builder rm Dockerfile.cross .PHONY: build-installer @@ -199,7 +199,7 @@ endif .PHONY: redeploy redeploy: manifests generate fmt vet docker-build-push deploy ## Complete redeployment: generate manifests, build image, push, and deploy. @echo "Restarting controller pod..." - @$(KUBECTL) delete pod -n exploit-iq-operator-system -l control-plane=controller-manager --ignore-not-found=true + @$(KUBECTL) delete pod -n exploit-intelligence-operator-system -l control-plane=controller-manager --ignore-not-found=true @echo "Redeployment complete!" @echo " Image: ${IMG}" @echo " Deployed to cluster: $(shell $(KUBECTL) config current-context)" @@ -207,7 +207,7 @@ redeploy: manifests generate fmt vet docker-build-push deploy ## Complete redepl .PHONY: redeploy-olm redeploy-olm: manifests generate fmt vet docker-build-push bundle bundle-build bundle-push catalog-build catalog-push deploy ## Complete OLM redeployment: includes bundle and catalog updates. @echo "Restarting controller pod..." - @$(KUBECTL) delete pod -n exploit-iq-operator-system -l control-plane=controller-manager --ignore-not-found=true + @$(KUBECTL) delete pod -n exploit-intelligence-operator-system -l control-plane=controller-manager --ignore-not-found=true @echo "OLM redeployment complete!" @echo " Operator Image: ${IMG}" @echo " Bundle Image: $(BUNDLE_IMG)" diff --git a/README.md b/README.md index f81977c..896584c 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# ExploitIQ Operator +# RHTPA Exploit Intelligence Operator -An operator that automates the deployment and lifecycle management of the ExploitIQ Stack on OpenShift and Kubernetes clusters. +An operator that automates the deployment and lifecycle management of the RHTPA exploit intelligence stack on OpenShift and Kubernetes clusters. ## Quick Start @@ -9,17 +9,17 @@ For the fastest deployment on OpenShift using OperatorHub: 1. Create a project: ```bash - oc new-project exploit-iq + oc new-project exploit-intelligence ``` -2. Install the operator from OperatorHub (web console: **Operators → OperatorHub → ExploitIQ**) +2. Install the operator from OperatorHub (web console: **Operators → OperatorHub → RHTPA exploit intelligence**) 3. Create required Secrets (refer to [Prerequisites](#prerequisites)) 4. Deploy the stack: ```bash - oc apply -f config/samples/exploitiq_v1alpha1_exploitiqstack.yaml + oc apply -f config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml ``` For Kubernetes installations or advanced configurations, refer to the sections below. @@ -47,7 +47,7 @@ The operator manages the following components: The operator does not manage sensitive credentials. Create the following Secrets in your application namespace before deploying the stack. All Secret manifests use `stringData` for plain-text values, which the API server automatically encodes. -#### ExploitIQ API Keys +#### RHTPA Exploit Intelligence API Keys The Cache and WebApp components require API keys for external services. @@ -65,7 +65,7 @@ For additional details, refer to the [upstream README](https://github.com/RHEcos apiVersion: v1 kind: Secret metadata: - name: exploit-iq-secret + name: exploit-intelligence-secret type: Opaque stringData: ghsa_api_key: "YOUR_KEY" @@ -91,7 +91,7 @@ The Engine and WebApp components require credentials to pull images from the Qua ```bash cat ${HOME}/.docker/config.json | jq '{auths: {"quay.io": .auths["quay.io"]}}' > quay-pull-secret.json - oc create secret generic exploit-iq-pull-secret \ + oc create secret generic exploit-intelligence-pull-secret \ --from-file=.dockerconfigjson=quay-pull-secret.json \ --type=kubernetes.io/dockerconfigjson rm quay-pull-secret.json @@ -142,7 +142,7 @@ On OpenShift, if you want to provide your own OAuth client secret and base domai openshift-domain: "" ``` -On Kubernetes with OIDC sidecar authentication, use `spec.auth.oidc.clientSecretRef` in the `ExploitIQStack` CR instead. Refer to [config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml](config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml) for an example. +On Kubernetes with OIDC sidecar authentication, use `spec.auth.oidc.clientSecretRef` in the `ExploitIntelligenceStack` CR instead. Refer to [config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml](config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml) for an example. ## Installing on OpenShift @@ -151,7 +151,7 @@ On Kubernetes with OIDC sidecar authentication, use `spec.auth.oidc.clientSecret 1. Build and push your own catalog image (refer to [Building a CatalogSource](docs/managing_bundles_catalogs.md#building-a-catalogsource) for details): ```bash - make catalog-build catalog-push CATALOG_IMG=/exploit-iq-operator-catalog:latest + make catalog-build catalog-push CATALOG_IMG=/exploit-intelligence-operator-catalog:latest ``` 2. Create a CatalogSource in the `openshift-marketplace` namespace: @@ -161,10 +161,10 @@ On Kubernetes with OIDC sidecar authentication, use `spec.auth.oidc.clientSecret apiVersion: operators.coreos.com/v1alpha1 kind: CatalogSource metadata: - name: exploit-iq-catalog + name: exploit-intelligence-catalog namespace: openshift-marketplace spec: - displayName: ExploitIQ + displayName: RHTPA Exploit Intelligence image: '' publisher: Red Hat sourceType: grpc @@ -178,12 +178,12 @@ On Kubernetes with OIDC sidecar authentication, use `spec.auth.oidc.clientSecret ```bash oc -n openshift-marketplace wait --for=condition=Ready pod \ - -l olm.catalogSource=exploit-iq-catalog --timeout=300s + -l olm.catalogSource=exploit-intelligence-catalog --timeout=300s ``` 4. Install the operator from the web console: - Navigate to **Operators → OperatorHub** - - Select the **ExploitIQ** source + - Select the **RHTPA exploit intelligence** source - Select the operator - Click **Install** @@ -191,40 +191,40 @@ On Kubernetes with OIDC sidecar authentication, use `spec.auth.oidc.clientSecret ```bash oc wait --for=condition=ready pod \ - -l app.kubernetes.io/name=exploit-iq-operator \ - -n exploit-iq-operator-system \ + -l app.kubernetes.io/name=exploit-intelligence-operator \ + -n exploit-intelligence-operator-system \ --timeout=300s ``` ### Creating the Stack Instance -After installing the operator, create an `ExploitIQStack` instance: +After installing the operator, create an `ExploitIntelligenceStack` instance: 1. Create or select your project: ```bash - oc new-project exploit-iq + oc new-project exploit-intelligence ``` 2. Create the required Secrets (refer to [Prerequisites](#prerequisites)) -3. Create the `ExploitIQStack` instance: +3. Create the `ExploitIntelligenceStack` instance: ```bash - oc apply -f config/samples/exploitiq_v1alpha1_exploitiqstack.yaml + oc apply -f config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml ``` Example minimal CR: ```yaml - apiVersion: exploitiq.openshift.io/v1alpha1 - kind: ExploitIQStack + apiVersion: exploitintelligence.openshift.io/v1alpha1 + kind: ExploitIntelligenceStack metadata: name: example spec: engine: pullSecretRef: - name: exploit-iq-pull-secret + name: exploit-intelligence-pull-secret webApp: registryCredentialsSecretRef: name: image-registry-credentials @@ -238,16 +238,16 @@ For Kubernetes installations (without OLM), refer to [docs/installing_kubernetes ## Uninstalling -Delete all `ExploitIQStack` custom resources: +Delete all `ExploitIntelligenceStack` custom resources: ```bash -oc delete exploitiqstack --all -n +oc delete exploitintelligencestack --all -n ``` Or delete a specific instance: ```bash -oc delete -f config/samples/exploitiq_v1alpha1_exploitiqstack.yaml +oc delete -f config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml ``` For OLM-based installations, uninstall the operator from the web console (**Operators → Installed Operators**) or using the `oc` CLI. diff --git a/api/v1alpha1/conditions.go b/api/v1alpha1/conditions.go index 542e5a0..55ca134 100644 --- a/api/v1alpha1/conditions.go +++ b/api/v1alpha1/conditions.go @@ -3,11 +3,11 @@ package v1alpha1 type ConditionType string const ( - // ConditionTypeDegraded indicates that the ExploitIQStack is operating in a degraded state. + // ConditionTypeDegraded indicates that the ExploitIntelligenceStack is operating in a degraded state. ConditionTypeDegraded ConditionType = "Degraded" - // ConditionTypeProgressing indicates that the ExploitIQStack is currently being reconciled. + // ConditionTypeProgressing indicates that the ExploitIntelligenceStack is currently being reconciled. ConditionTypeProgressing ConditionType = "Progressing" - // ConditionTypeReady indicates that the ExploitIQStack is ready and all components are operational. + // ConditionTypeReady indicates that the ExploitIntelligenceStack is ready and all components are operational. ConditionTypeReady ConditionType = "Ready" // ConditionTypeCacheReady indicates that the Cache component is ready. diff --git a/api/v1alpha1/exploitiqstack_helpers.go b/api/v1alpha1/exploitintelligencestack_helpers.go similarity index 86% rename from api/v1alpha1/exploitiqstack_helpers.go rename to api/v1alpha1/exploitintelligencestack_helpers.go index 67466a4..1d6062e 100644 --- a/api/v1alpha1/exploitiqstack_helpers.go +++ b/api/v1alpha1/exploitintelligencestack_helpers.go @@ -2,14 +2,14 @@ package v1alpha1 // GetReferencedSecretNames returns the unique names of all Kubernetes Secrets // (both operator-managed defaults and user-provided ones) that the -// ExploitIQStack CR depends on. The controller uses this list to index stacks +// ExploitIntelligenceStack CR depends on. The controller uses this list to index stacks // by referenced Secret so that Secret changes can trigger // reconciliation of only the affected stacks. -func (r *ExploitIQStack) GetReferencedSecretNames() []string { +func (r *ExploitIntelligenceStack) GetReferencedSecretNames() []string { secrets := make(map[string]struct{}) // Default Secrets // TODO: Import from constants? - secrets["exploit-iq-secret"] = struct{}{} + secrets["exploit-intelligence-secret"] = struct{}{} secrets["oauth-client-secret"] = struct{}{} // Engine diff --git a/api/v1alpha1/exploitiqstack_types.go b/api/v1alpha1/exploitintelligencestack_types.go similarity index 93% rename from api/v1alpha1/exploitiqstack_types.go rename to api/v1alpha1/exploitintelligencestack_types.go index b82fb8c..e7359f6 100644 --- a/api/v1alpha1/exploitiqstack_types.go +++ b/api/v1alpha1/exploitintelligencestack_types.go @@ -21,8 +21,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// ExploitIQStackSpec defines the desired state of ExploitIQStack. -type ExploitIQStackSpec struct { +// ExploitIntelligenceStackSpec defines the desired state of ExploitIntelligenceStack. +type ExploitIntelligenceStackSpec struct { // Auth defines the configuration for the authentication component. // +kubebuilder:validation:Optional Auth AuthSpec `json:"auth,omitempty"` @@ -116,7 +116,7 @@ type DatabaseSpec struct { // CredentialsSecretRef references an existing Secret with MongoDB credentials. // If not provided, the operator auto-generates one. - // The Secret must contain keys: admin-user, admin-password, exploit-iq-user, exploit-iq-password. + // The Secret must contain keys: admin-user, admin-password, exploit-intelligence-user, exploit-intelligence-password. // +kubebuilder:validation:Optional CredentialsSecretRef *corev1.LocalObjectReference `json:"credentialsSecretRef,omitempty"` @@ -380,9 +380,9 @@ type GatewayReference struct { Namespace string `json:"namespace,omitempty"` } -// ExploitIQStackStatus defines the observed state of ExploitIQStack. -type ExploitIQStackStatus struct { - // Conditions store the status conditions of the ExploitIQ stack status +// ExploitIntelligenceStackStatus defines the observed state of ExploitIntelligenceStack. +type ExploitIntelligenceStackStatus struct { + // Conditions store the status conditions of the RHTPA exploit intelligence stack status // +operator-sdk:csv:customresourcedefinitions:type=status Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"` } @@ -390,26 +390,26 @@ type ExploitIQStackStatus struct { // +kubebuilder:object:root=true // +kubebuilder:subresource:status -// ExploitIQStack is the Schema for the exploitiqstacks API. -// +operator-sdk:csv:customresourcedefinitions:displayName="Exploit IQStack",resources={{Deployment,v1,exploit-iq},{Service,v1,exploit-iq},{ConfigMap,v1,exploit-iq-config},{PersistentVolumeClaim,v1,exploit-iq-data},{ServiceAccount,v1,exploit-iq-engine},{Route,v1,exploit-iq}} +// ExploitIntelligenceStack is the Schema for the exploitiqstacks API. +// +operator-sdk:csv:customresourcedefinitions:displayName="Exploit IntelligenceStack",resources={{Deployment,v1,exploit-intelligence},{Service,v1,exploit-intelligence},{ConfigMap,v1,exploit-intelligence-config},{PersistentVolumeClaim,v1,exploit-intelligence-data},{ServiceAccount,v1,exploit-intelligence-engine},{Route,v1,exploit-intelligence}} // +kubebuilder:subresource:status -type ExploitIQStack struct { +type ExploitIntelligenceStack struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - Spec ExploitIQStackSpec `json:"spec,omitempty"` - Status ExploitIQStackStatus `json:"status,omitempty"` + Spec ExploitIntelligenceStackSpec `json:"spec,omitempty"` + Status ExploitIntelligenceStackStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true -// ExploitIQStackList contains a list of ExploitIQStack. -type ExploitIQStackList struct { +// ExploitIntelligenceStackList contains a list of ExploitIntelligenceStack. +type ExploitIntelligenceStackList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` - Items []ExploitIQStack `json:"items"` + Items []ExploitIntelligenceStack `json:"items"` } func init() { - SchemeBuilder.Register(&ExploitIQStack{}, &ExploitIQStackList{}) + SchemeBuilder.Register(&ExploitIntelligenceStack{}, &ExploitIntelligenceStackList{}) } diff --git a/api/v1alpha1/groupversion_info.go b/api/v1alpha1/groupversion_info.go index ec10017..48df61e 100644 --- a/api/v1alpha1/groupversion_info.go +++ b/api/v1alpha1/groupversion_info.go @@ -14,9 +14,9 @@ See the License for the specific language governing permissions and limitations under the License. */ -// Package v1alpha1 contains API Schema definitions for the exploitiq v1alpha1 API group. +// Package v1alpha1 contains API Schema definitions for the exploitintelligence v1alpha1 API group. // +kubebuilder:object:generate=true -// +groupName=exploitiq.openshift.io +// +groupName=exploitintelligence.openshift.io package v1alpha1 import ( @@ -26,7 +26,7 @@ import ( var ( // GroupVersion is group version used to register these objects. - GroupVersion = schema.GroupVersion{Group: "exploitiq.openshift.io", Version: "v1alpha1"} + GroupVersion = schema.GroupVersion{Group: "exploitintelligence.openshift.io", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme. SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index c8b82e9..1e0c2e2 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -268,7 +268,7 @@ func (in *EngineSpec) DeepCopy() *EngineSpec { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExploitIQStack) DeepCopyInto(out *ExploitIQStack) { +func (in *ExploitIntelligenceStack) DeepCopyInto(out *ExploitIntelligenceStack) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) @@ -276,18 +276,18 @@ func (in *ExploitIQStack) DeepCopyInto(out *ExploitIQStack) { in.Status.DeepCopyInto(&out.Status) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIQStack. -func (in *ExploitIQStack) DeepCopy() *ExploitIQStack { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIntelligenceStack. +func (in *ExploitIntelligenceStack) DeepCopy() *ExploitIntelligenceStack { if in == nil { return nil } - out := new(ExploitIQStack) + out := new(ExploitIntelligenceStack) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ExploitIQStack) DeepCopyObject() runtime.Object { +func (in *ExploitIntelligenceStack) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -295,31 +295,31 @@ func (in *ExploitIQStack) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExploitIQStackList) DeepCopyInto(out *ExploitIQStackList) { +func (in *ExploitIntelligenceStackList) DeepCopyInto(out *ExploitIntelligenceStackList) { *out = *in out.TypeMeta = in.TypeMeta in.ListMeta.DeepCopyInto(&out.ListMeta) if in.Items != nil { in, out := &in.Items, &out.Items - *out = make([]ExploitIQStack, len(*in)) + *out = make([]ExploitIntelligenceStack, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIQStackList. -func (in *ExploitIQStackList) DeepCopy() *ExploitIQStackList { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIntelligenceStackList. +func (in *ExploitIntelligenceStackList) DeepCopy() *ExploitIntelligenceStackList { if in == nil { return nil } - out := new(ExploitIQStackList) + out := new(ExploitIntelligenceStackList) in.DeepCopyInto(out) return out } // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ExploitIQStackList) DeepCopyObject() runtime.Object { +func (in *ExploitIntelligenceStackList) DeepCopyObject() runtime.Object { if c := in.DeepCopy(); c != nil { return c } @@ -327,7 +327,7 @@ func (in *ExploitIQStackList) DeepCopyObject() runtime.Object { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExploitIQStackSpec) DeepCopyInto(out *ExploitIQStackSpec) { +func (in *ExploitIntelligenceStackSpec) DeepCopyInto(out *ExploitIntelligenceStackSpec) { *out = *in in.Auth.DeepCopyInto(&out.Auth) if in.Managed != nil { @@ -345,18 +345,18 @@ func (in *ExploitIQStackSpec) DeepCopyInto(out *ExploitIQStackSpec) { in.Argilla.DeepCopyInto(&out.Argilla) } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIQStackSpec. -func (in *ExploitIQStackSpec) DeepCopy() *ExploitIQStackSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIntelligenceStackSpec. +func (in *ExploitIntelligenceStackSpec) DeepCopy() *ExploitIntelligenceStackSpec { if in == nil { return nil } - out := new(ExploitIQStackSpec) + out := new(ExploitIntelligenceStackSpec) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ExploitIQStackStatus) DeepCopyInto(out *ExploitIQStackStatus) { +func (in *ExploitIntelligenceStackStatus) DeepCopyInto(out *ExploitIntelligenceStackStatus) { *out = *in if in.Conditions != nil { in, out := &in.Conditions, &out.Conditions @@ -367,12 +367,12 @@ func (in *ExploitIQStackStatus) DeepCopyInto(out *ExploitIQStackStatus) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIQStackStatus. -func (in *ExploitIQStackStatus) DeepCopy() *ExploitIQStackStatus { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExploitIntelligenceStackStatus. +func (in *ExploitIntelligenceStackStatus) DeepCopy() *ExploitIntelligenceStackStatus { if in == nil { return nil } - out := new(ExploitIQStackStatus) + out := new(ExploitIntelligenceStackStatus) in.DeepCopyInto(out) return out } diff --git a/bundle.Dockerfile b/bundle.Dockerfile index 277af7b..5c35aef 100644 --- a/bundle.Dockerfile +++ b/bundle.Dockerfile @@ -18,7 +18,7 @@ LABEL cpe="cpe:/a:redhat:exploit_intelligence:0.0::el9" LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ -LABEL operators.operatorframework.io.bundle.package.v1=exploit-iq-operator +LABEL operators.operatorframework.io.bundle.package.v1=exploit-intelligence-operator LABEL operators.operatorframework.io.bundle.channels.v1=pre-ga LABEL operators.operatorframework.io.bundle.channel.default.v1=pre-ga LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.41.1 diff --git a/bundle/manifests/exploit-iq-operator-controller-manager-metrics-service_v1_service.yaml b/bundle/manifests/exploit-intelligence-operator-controller-manager-metrics-service_v1_service.yaml similarity index 62% rename from bundle/manifests/exploit-iq-operator-controller-manager-metrics-service_v1_service.yaml rename to bundle/manifests/exploit-intelligence-operator-controller-manager-metrics-service_v1_service.yaml index 0ee56bc..7f40219 100644 --- a/bundle/manifests/exploit-iq-operator-controller-manager-metrics-service_v1_service.yaml +++ b/bundle/manifests/exploit-intelligence-operator-controller-manager-metrics-service_v1_service.yaml @@ -4,9 +4,9 @@ metadata: creationTimestamp: null labels: app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator control-plane: controller-manager - name: exploit-iq-operator-controller-manager-metrics-service + name: exploit-intelligence-operator-controller-manager-metrics-service spec: ports: - name: https @@ -14,7 +14,7 @@ spec: protocol: TCP targetPort: 8443 selector: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator control-plane: controller-manager status: loadBalancer: {} diff --git a/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 0000000..b83a61d --- /dev/null +++ b/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,21 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: exploit-intelligence-operator + name: exploit-intelligence-operator-exploitintelligencestack-admin-role +rules: +- apiGroups: + - exploitintelligence.openshift.io + resources: + - exploitintelligencestacks + verbs: + - '*' +- apiGroups: + - exploitintelligence.openshift.io + resources: + - exploitintelligencestacks/status + verbs: + - get diff --git a/bundle/manifests/exploit-iq-operator-exploitiqstack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml similarity index 52% rename from bundle/manifests/exploit-iq-operator-exploitiqstack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml rename to bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml index cffaeb3..32ddbb6 100644 --- a/bundle/manifests/exploit-iq-operator-exploitiqstack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml +++ b/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-editor-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -4,13 +4,13 @@ metadata: creationTimestamp: null labels: app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: exploit-iq-operator - name: exploit-iq-operator-exploitiqstack-editor-role + app.kubernetes.io/name: exploit-intelligence-operator + name: exploit-intelligence-operator-exploitintelligencestack-editor-role rules: - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks + - exploitintelligencestacks verbs: - create - delete @@ -20,8 +20,8 @@ rules: - update - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/status + - exploitintelligencestacks/status verbs: - get diff --git a/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 0000000..72c18a6 --- /dev/null +++ b/bundle/manifests/exploit-intelligence-operator-exploitintelligencestack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,23 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: exploit-intelligence-operator + name: exploit-intelligence-operator-exploitintelligencestack-viewer-role +rules: +- apiGroups: + - exploitintelligence.openshift.io + resources: + - exploitintelligencestacks + verbs: + - get + - list + - watch +- apiGroups: + - exploitintelligence.openshift.io + resources: + - exploitintelligencestacks/status + verbs: + - get diff --git a/bundle/manifests/exploit-iq-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/exploit-intelligence-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml similarity index 74% rename from bundle/manifests/exploit-iq-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml rename to bundle/manifests/exploit-intelligence-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml index 4a6342b..6a80525 100644 --- a/bundle/manifests/exploit-iq-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml +++ b/bundle/manifests/exploit-intelligence-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: exploit-iq-operator-metrics-reader + name: exploit-intelligence-operator-metrics-reader rules: - nonResourceURLs: - /metrics diff --git a/bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml b/bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml similarity index 87% rename from bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml rename to bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml index da07706..8e4e530 100644 --- a/bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml +++ b/bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml @@ -5,18 +5,18 @@ metadata: alm-examples: |- [ { - "apiVersion": "exploitiq.openshift.io/v1alpha1", - "kind": "ExploitIQStack", + "apiVersion": "exploitintelligence.openshift.io/v1alpha1", + "kind": "ExploitIntelligenceStack", "metadata": { "labels": { - "app.kubernetes.io/name": "exploitiq-operator" + "app.kubernetes.io/name": "exploit-intelligence-operator" }, - "name": "exploitiqstack-sample" + "name": "exploitintelligencestack-sample" }, "spec": { "engine": { "pullSecretRef": { - "name": "exploit-iq-pull-secret" + "name": "exploit-intelligence-pull-secret" } }, "webApp": { @@ -27,24 +27,24 @@ metadata: } }, { - "apiVersion": "exploitiq.openshift.io/v1alpha1", - "kind": "ExploitIQStack", + "apiVersion": "exploitintelligence.openshift.io/v1alpha1", + "kind": "ExploitIntelligenceStack", "metadata": { "labels": { - "app.kubernetes.io/name": "exploitiq-operator" + "app.kubernetes.io/name": "exploit-intelligence-operator" }, - "name": "exploitiqstack-self-hosted-llm" + "name": "exploitintelligencestack-self-hosted-llm" }, "spec": { "engine": { "pullSecretRef": { - "name": "exploit-iq-pull-secret" + "name": "exploit-intelligence-pull-secret" } }, "llm": { "authSecretRef": { "key": "openai_api_key", - "name": "exploit-iq-secret" + "name": "exploit-intelligence-secret" }, "baseURL": "http://ollama.ai-namespace.svc:11434/v1", "mode": "openai", @@ -75,34 +75,34 @@ metadata: operators.operatorframework.io/builder: operator-sdk-v1.41.1 operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 repository: https://github.com/RHEcosystemAppEng/exploit-iq-operator - name: exploit-iq-operator.v0.0.2 + name: exploit-intelligence-operator.v0.0.2 namespace: placeholder spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - description: ExploitIQStack is the Schema for the exploitiqstacks API. + - description: ExploitIntelligenceStack is the Schema for the exploitintelligencestacks API. displayName: Exploit IQStack - kind: ExploitIQStack - name: exploitiqstacks.exploitiq.openshift.io + kind: ExploitIntelligenceStack + name: exploitintelligencestacks.exploitintelligence.openshift.io resources: - kind: Deployment - name: exploit-iq + name: exploit-intelligence version: v1 - kind: Route - name: exploit-iq + name: exploit-intelligence version: v1 - kind: Service - name: exploit-iq + name: exploit-intelligence version: v1 - kind: ConfigMap - name: exploit-iq-config + name: exploit-intelligence-config version: v1 - kind: PersistentVolumeClaim - name: exploit-iq-data + name: exploit-intelligence-data version: v1 - kind: ServiceAccount - name: exploit-iq-engine + name: exploit-intelligence-engine version: v1 specDescriptors: - description: Argilla component configuration @@ -124,7 +124,7 @@ spec: displayName: WebApp path: webApp statusDescriptors: - - description: Conditions store the status conditions of the ExploitIQ stack + - description: Conditions store the status conditions of the RHTPA exploit intelligence stack status displayName: Conditions path: conditions @@ -207,9 +207,9 @@ spec: - list - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks + - exploitintelligencestacks verbs: - create - delete @@ -219,15 +219,15 @@ spec: - update - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/finalizers + - exploitintelligencestacks/finalizers verbs: - update - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/status + - exploitintelligencestacks/status verbs: - get - patch @@ -321,18 +321,18 @@ spec: - subjectaccessreviews verbs: - create - serviceAccountName: exploit-iq-operator-controller-manager + serviceAccountName: exploit-intelligence-operator-controller-manager deployments: - label: app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator control-plane: controller-manager - name: exploit-iq-operator-controller-manager + name: exploit-intelligence-operator-controller-manager spec: replicas: 1 selector: matchLabels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator control-plane: controller-manager strategy: {} template: @@ -340,7 +340,7 @@ spec: annotations: kubectl.kubernetes.io/default-container: manager labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator control-plane: controller-manager spec: containers: @@ -381,7 +381,7 @@ spec: runAsNonRoot: true seccompProfile: type: RuntimeDefault - serviceAccountName: exploit-iq-operator-controller-manager + serviceAccountName: exploit-intelligence-operator-controller-manager terminationGracePeriodSeconds: 10 permissions: - rules: @@ -416,7 +416,7 @@ spec: verbs: - create - patch - serviceAccountName: exploit-iq-operator-controller-manager + serviceAccountName: exploit-intelligence-operator-controller-manager strategy: deployment installModes: - supported: true diff --git a/bundle/manifests/exploit-iq-operator-exploitiqstack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/exploit-iq-operator-exploitiqstack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml deleted file mode 100644 index 3de69a9..0000000 --- a/bundle/manifests/exploit-iq-operator-exploitiqstack-admin-role_rbac.authorization.k8s.io_v1_clusterrole.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: exploit-iq-operator - name: exploit-iq-operator-exploitiqstack-admin-role -rules: -- apiGroups: - - exploitiq.openshift.io - resources: - - exploitiqstacks - verbs: - - '*' -- apiGroups: - - exploitiq.openshift.io - resources: - - exploitiqstacks/status - verbs: - - get diff --git a/bundle/manifests/exploit-iq-operator-exploitiqstack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/exploit-iq-operator-exploitiqstack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml deleted file mode 100644 index 5266d15..0000000 --- a/bundle/manifests/exploit-iq-operator-exploitiqstack-viewer-role_rbac.authorization.k8s.io_v1_clusterrole.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - labels: - app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/name: exploit-iq-operator - name: exploit-iq-operator-exploitiqstack-viewer-role -rules: -- apiGroups: - - exploitiq.openshift.io - resources: - - exploitiqstacks - verbs: - - get - - list - - watch -- apiGroups: - - exploitiq.openshift.io - resources: - - exploitiqstacks/status - verbs: - - get diff --git a/bundle/manifests/exploitiq.openshift.io_exploitiqstacks.yaml b/bundle/manifests/exploitintelligence.openshift.io_exploitintelligencestacks.yaml similarity index 99% rename from bundle/manifests/exploitiq.openshift.io_exploitiqstacks.yaml rename to bundle/manifests/exploitintelligence.openshift.io_exploitintelligencestacks.yaml index 399b35f..b049a04 100644 --- a/bundle/manifests/exploitiq.openshift.io_exploitiqstacks.yaml +++ b/bundle/manifests/exploitintelligence.openshift.io_exploitintelligencestacks.yaml @@ -4,20 +4,20 @@ metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 creationTimestamp: null - name: exploitiqstacks.exploitiq.openshift.io + name: exploitintelligencestacks.exploitintelligence.openshift.io spec: - group: exploitiq.openshift.io + group: exploitintelligence.openshift.io names: - kind: ExploitIQStack - listKind: ExploitIQStackList - plural: exploitiqstacks - singular: exploitiqstack + kind: ExploitIntelligenceStack + listKind: ExploitIntelligenceStackList + plural: exploitintelligencestacks + singular: exploitintelligencestack scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: - description: ExploitIQStack is the Schema for the exploitiqstacks API. + description: ExploitIntelligenceStack is the Schema for the exploitintelligencestacks API. properties: apiVersion: description: |- @@ -37,7 +37,7 @@ spec: metadata: type: object spec: - description: ExploitIQStackSpec defines the desired state of ExploitIQStack. + description: ExploitIntelligenceStackSpec defines the desired state of ExploitIntelligenceStack. properties: argilla: description: Argilla component configuration @@ -2326,7 +2326,7 @@ spec: description: |- CredentialsSecretRef references an existing Secret with MongoDB credentials. If not provided, the operator auto-generates one. - The Secret must contain keys: admin-user, admin-password, exploit-iq-user, exploit-iq-password. + The Secret must contain keys: admin-user, admin-password, exploit-intelligence-user, exploit-intelligence-password. properties: name: default: "" @@ -3358,10 +3358,10 @@ spec: type: object type: object status: - description: ExploitIQStackStatus defines the observed state of ExploitIQStack. + description: ExploitIntelligenceStackStatus defines the observed state of ExploitIntelligenceStack. properties: conditions: - description: Conditions store the status conditions of the ExploitIQ + description: Conditions store the status conditions of the RHTPA exploit intelligence stack status items: description: Condition contains details for one aspect of the current diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml index da85323..cf5caee 100644 --- a/bundle/metadata/annotations.yaml +++ b/bundle/metadata/annotations.yaml @@ -3,7 +3,7 @@ annotations: operators.operatorframework.io.bundle.mediatype.v1: registry+v1 operators.operatorframework.io.bundle.manifests.v1: manifests/ operators.operatorframework.io.bundle.metadata.v1: metadata/ - operators.operatorframework.io.bundle.package.v1: exploit-iq-operator + operators.operatorframework.io.bundle.package.v1: exploit-intelligence-operator operators.operatorframework.io.bundle.channels.v1: pre-ga operators.operatorframework.io.bundle.channel.default.v1: pre-ga operators.operatorframework.io.metrics.builder: operator-sdk-v1.41.1 diff --git a/cmd/main.go b/cmd/main.go index 309b270..b225f30 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -284,32 +284,32 @@ func main() { // Filter all resources managed by our operator to reduce memory usage &corev1.Service{}: { Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), }, &corev1.ConfigMap{}: { Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), }, &appsv1.Deployment{}: { Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), }, &corev1.PersistentVolumeClaim{}: { Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), }, &corev1.ServiceAccount{}: { Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), }, &rbacv1.RoleBinding{}: { Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), }, // Note: OAuthClient is cluster-scoped and shared, so we don't filter it by labels @@ -320,7 +320,7 @@ func main() { if hasOpenShiftRoute && scheme.Recognizes(routev1.SchemeGroupVersion.WithKind("Route")) { cacheOpts.ByObject[&routev1.Route{}] = cache.ByObject{ Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), } } @@ -329,7 +329,7 @@ func main() { if hasPrometheusOperator && scheme.Recognizes(monitoringv1.SchemeGroupVersion.WithKind("ServiceMonitor")) { cacheOpts.ByObject[&monitoringv1.ServiceMonitor{}] = cache.ByObject{ Label: labels.SelectorFromSet(labels.Set{ - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", }), } } @@ -359,13 +359,13 @@ func main() { os.Exit(1) } - if err := (&controller.ExploitIQStackReconciler{ + if err := (&controller.ExploitIntelligenceStackReconciler{ Client: mgr.GetClient(), APIReader: mgr.GetAPIReader(), Scheme: mgr.GetScheme(), - Recorder: mgr.GetEventRecorderFor("exploitiqstack-controller"), + Recorder: mgr.GetEventRecorderFor("exploitintelligencestack-controller"), }).SetupWithManager(mgr); err != nil { - setupLog.Error(err, "unable to create controller", "controller", "ExploitIQStack") + setupLog.Error(err, "unable to create controller", "controller", "ExploitIntelligenceStack") os.Exit(1) } // +kubebuilder:scaffold:builder @@ -401,17 +401,17 @@ func main() { setupLog.Info("starting manager") // Index referenced secrets to allow efficient lookups by the controller (used in EnqueueRequestsFromMapFunc) const secretIndexField = ".metadata.secrets" - // Build a field index on ExploitIQStack that maps each CR to the names of Secrets it references. - // This lets the controller quickly find all ExploitIQStack objects that depend on a given Secret, + // Build a field index on ExploitIntelligenceStack that maps each CR to the names of Secrets it references. + // This lets the controller quickly find all ExploitIntelligenceStack objects that depend on a given Secret, // so that changes to that Secret can efficiently trigger reconciles of only the affected stacks. err = mgr.GetFieldIndexer().IndexField( context.Background(), - &exploitiqv1alpha1.ExploitIQStack{}, + &exploitiqv1alpha1.ExploitIntelligenceStack{}, secretIndexField, func(rawObj client.Object) []string { - stack, ok := rawObj.(*exploitiqv1alpha1.ExploitIQStack) + stack, ok := rawObj.(*exploitiqv1alpha1.ExploitIntelligenceStack) if !ok { - setupLog.Error(nil, "Failed to cast object to ExploitIQStack", "type", fmt.Sprintf("%T", rawObj)) + setupLog.Error(nil, "Failed to cast object to ExploitIntelligenceStack", "type", fmt.Sprintf("%T", rawObj)) return nil } secrets := stack.GetReferencedSecretNames() diff --git a/config/crd/bases/exploitiq.openshift.io_exploitiqstacks.yaml b/config/crd/bases/exploitintelligence.openshift.io_exploitintelligencestacks.yaml similarity index 99% rename from config/crd/bases/exploitiq.openshift.io_exploitiqstacks.yaml rename to config/crd/bases/exploitintelligence.openshift.io_exploitintelligencestacks.yaml index 4f577dd..95cdb10 100644 --- a/config/crd/bases/exploitiq.openshift.io_exploitiqstacks.yaml +++ b/config/crd/bases/exploitintelligence.openshift.io_exploitintelligencestacks.yaml @@ -4,20 +4,20 @@ kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.18.0 - name: exploitiqstacks.exploitiq.openshift.io + name: exploitintelligencestacks.exploitintelligence.openshift.io spec: - group: exploitiq.openshift.io + group: exploitintelligence.openshift.io names: - kind: ExploitIQStack - listKind: ExploitIQStackList - plural: exploitiqstacks - singular: exploitiqstack + kind: ExploitIntelligenceStack + listKind: ExploitIntelligenceStackList + plural: exploitintelligencestacks + singular: exploitintelligencestack scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: - description: ExploitIQStack is the Schema for the exploitiqstacks API. + description: ExploitIntelligenceStack is the Schema for the exploitintelligencestacks API. properties: apiVersion: description: |- @@ -37,7 +37,7 @@ spec: metadata: type: object spec: - description: ExploitIQStackSpec defines the desired state of ExploitIQStack. + description: ExploitIntelligenceStackSpec defines the desired state of ExploitIntelligenceStack. properties: argilla: description: Argilla component configuration @@ -2326,7 +2326,7 @@ spec: description: |- CredentialsSecretRef references an existing Secret with MongoDB credentials. If not provided, the operator auto-generates one. - The Secret must contain keys: admin-user, admin-password, exploit-iq-user, exploit-iq-password. + The Secret must contain keys: admin-user, admin-password, exploit-intelligence-user, exploit-intelligence-password. properties: name: default: "" @@ -3358,10 +3358,10 @@ spec: type: object type: object status: - description: ExploitIQStackStatus defines the observed state of ExploitIQStack. + description: ExploitIntelligenceStackStatus defines the observed state of ExploitIntelligenceStack. properties: conditions: - description: Conditions store the status conditions of the ExploitIQ + description: Conditions store the status conditions of the RHTPA exploit intelligence stack status items: description: Condition contains details for one aspect of the current diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 6045e92..bfa7943 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -2,7 +2,7 @@ # since it depends on service name and namespace that are out of this kustomize package. # It should be run by config/default resources: -- bases/exploitiq.openshift.io_exploitiqstacks.yaml +- bases/exploitintelligence.openshift.io_exploitintelligencestacks.yaml # +kubebuilder:scaffold:crdkustomizeresource patches: diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index e64d71f..7a12e72 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -1,12 +1,12 @@ # Adds namespace to all resources. -namespace: exploit-iq-operator-system +namespace: exploit-intelligence-operator-system # Value of this field is prepended to the # names of all resources, e.g. a deployment named # "wordpress" becomes "alices-wordpress". # Note that it should also match with the prefix (text before '-') of the namespace # field above. -namePrefix: exploit-iq-operator- +namePrefix: exploit-intelligence-operator- # Labels to add to all resources and selectors. #labels: diff --git a/config/default/metrics_service.yaml b/config/default/metrics_service.yaml index ca4e8ca..4885783 100644 --- a/config/default/metrics_service.yaml +++ b/config/default/metrics_service.yaml @@ -3,7 +3,7 @@ kind: Service metadata: labels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-service namespace: system @@ -15,4 +15,4 @@ spec: targetPort: 8443 selector: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index 26c16a3..a054de9 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -3,7 +3,7 @@ kind: Namespace metadata: labels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: system --- @@ -14,13 +14,13 @@ metadata: namespace: system labels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize spec: selector: matchLabels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator replicas: 1 template: metadata: @@ -28,7 +28,7 @@ spec: kubectl.kubernetes.io/default-container: manager labels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator spec: # TODO(user): Uncomment the following code to configure the nodeAffinity expression # according to the platforms which are supported by your solution. diff --git a/config/manifests/bases/exploit-iq-operator.clusterserviceversion.yaml b/config/manifests/bases/exploit-intelligence-operator.clusterserviceversion.yaml similarity index 90% rename from config/manifests/bases/exploit-iq-operator.clusterserviceversion.yaml rename to config/manifests/bases/exploit-intelligence-operator.clusterserviceversion.yaml index ddd107d..3a94958 100644 --- a/config/manifests/bases/exploit-iq-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/exploit-intelligence-operator.clusterserviceversion.yaml @@ -17,34 +17,34 @@ metadata: operators.openshift.io/valid-subscription: '["Red Hat Trusted Profile Analyzer exploit intelligence"]' repository: https://github.com/RHEcosystemAppEng/exploit-iq-operator - name: exploit-iq-operator.v0.0.0 + name: exploit-intelligence-operator.v0.0.0 namespace: placeholder spec: apiservicedefinitions: {} customresourcedefinitions: owned: - - description: ExploitIQStack is the Schema for the exploitiqstacks API. + - description: ExploitIntelligenceStack is the Schema for the exploitintelligencestacks API. displayName: Exploit IQStack - kind: ExploitIQStack - name: exploitiqstacks.exploitiq.openshift.io + kind: ExploitIntelligenceStack + name: exploitintelligencestacks.exploitintelligence.openshift.io resources: - kind: Deployment - name: exploit-iq + name: exploit-intelligence version: v1 - kind: Route - name: exploit-iq + name: exploit-intelligence version: v1 - kind: Service - name: exploit-iq + name: exploit-intelligence version: v1 - kind: ConfigMap - name: exploit-iq-config + name: exploit-intelligence-config version: v1 - kind: PersistentVolumeClaim - name: exploit-iq-data + name: exploit-intelligence-data version: v1 - kind: ServiceAccount - name: exploit-iq-engine + name: exploit-intelligence-engine version: v1 specDescriptors: - description: Argilla component configuration @@ -66,7 +66,7 @@ spec: displayName: WebApp path: webApp statusDescriptors: - - description: Conditions store the status conditions of the ExploitIQ stack + - description: Conditions store the status conditions of the RHTPA exploit intelligence stack status displayName: Conditions path: conditions diff --git a/config/manifests/kustomization.yaml b/config/manifests/kustomization.yaml index 05dc4d7..f9eb3af 100644 --- a/config/manifests/kustomization.yaml +++ b/config/manifests/kustomization.yaml @@ -1,7 +1,7 @@ # These resources constitute the fully configured set of manifests # used to generate the 'manifests/' directory in a bundle. resources: -- bases/exploit-iq-operator.clusterserviceversion.yaml +- bases/exploit-intelligence-operator.clusterserviceversion.yaml - ../default - ../samples - ../scorecard diff --git a/config/network-policy/allow-metrics-traffic.yaml b/config/network-policy/allow-metrics-traffic.yaml index b325248..c8889fc 100644 --- a/config/network-policy/allow-metrics-traffic.yaml +++ b/config/network-policy/allow-metrics-traffic.yaml @@ -5,7 +5,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: allow-metrics-traffic namespace: system @@ -13,7 +13,7 @@ spec: podSelector: matchLabels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator policyTypes: - Ingress ingress: diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index 08b6b0e..be4637b 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -4,7 +4,7 @@ kind: ServiceMonitor metadata: labels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-monitor namespace: system @@ -24,4 +24,4 @@ spec: selector: matchLabels: control-plane: controller-manager - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator diff --git a/config/rbac/exploitiqstack_admin_role.yaml b/config/rbac/exploitintelligencestack_admin_role.yaml similarity index 55% rename from config/rbac/exploitiqstack_admin_role.yaml rename to config/rbac/exploitintelligencestack_admin_role.yaml index d8b5e70..b82b4e5 100644 --- a/config/rbac/exploitiqstack_admin_role.yaml +++ b/config/rbac/exploitintelligencestack_admin_role.yaml @@ -1,7 +1,7 @@ -# This rule is not used by the project exploit-iq-operator itself. +# This rule is not used by the project exploit-intelligence-operator itself. # It is provided to allow the cluster admin to help manage permissions for users. # -# Grants full permissions ('*') over exploitiq.openshift.io. +# Grants full permissions ('*') over exploitintelligence.openshift.io. # This role is intended for users authorized to modify roles and bindings within the cluster, # enabling them to delegate specific permissions to other users or groups as needed. @@ -9,19 +9,19 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize - name: exploitiqstack-admin-role + name: exploitintelligencestack-admin-role rules: - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks + - exploitintelligencestacks verbs: - '*' - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/status + - exploitintelligencestacks/status verbs: - get diff --git a/config/rbac/exploitiqstack_editor_role.yaml b/config/rbac/exploitintelligencestack_editor_role.yaml similarity index 60% rename from config/rbac/exploitiqstack_editor_role.yaml rename to config/rbac/exploitintelligencestack_editor_role.yaml index 3a4f085..a96e2f4 100644 --- a/config/rbac/exploitiqstack_editor_role.yaml +++ b/config/rbac/exploitintelligencestack_editor_role.yaml @@ -1,7 +1,7 @@ -# This rule is not used by the project exploit-iq-operator itself. +# This rule is not used by the project exploit-intelligence-operator itself. # It is provided to allow the cluster admin to help manage permissions for users. # -# Grants permissions to create, update, and delete resources within the exploitiq.openshift.io. +# Grants permissions to create, update, and delete resources within the exploitintelligence.openshift.io. # This role is intended for users who need to manage these resources # but should not control RBAC or manage permissions for others. @@ -9,14 +9,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize - name: exploitiqstack-editor-role + name: exploitintelligencestack-editor-role rules: - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks + - exploitintelligencestacks verbs: - create - delete @@ -26,8 +26,8 @@ rules: - update - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/status + - exploitintelligencestacks/status verbs: - get diff --git a/config/rbac/exploitiqstack_viewer_role.yaml b/config/rbac/exploitintelligencestack_viewer_role.yaml similarity index 55% rename from config/rbac/exploitiqstack_viewer_role.yaml rename to config/rbac/exploitintelligencestack_viewer_role.yaml index dd5cd1d..59d2cab 100644 --- a/config/rbac/exploitiqstack_viewer_role.yaml +++ b/config/rbac/exploitintelligencestack_viewer_role.yaml @@ -1,7 +1,7 @@ -# This rule is not used by the project exploit-iq-operator itself. +# This rule is not used by the project exploit-intelligence-operator itself. # It is provided to allow the cluster admin to help manage permissions for users. # -# Grants read-only access to exploitiq.openshift.io resources. +# Grants read-only access to exploitintelligence.openshift.io resources. # This role is intended for users who need visibility into these resources # without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing. @@ -9,21 +9,21 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize - name: exploitiqstack-viewer-role + name: exploitintelligencestack-viewer-role rules: - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks + - exploitintelligencestacks verbs: - get - list - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/status + - exploitintelligencestacks/status verbs: - get diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml index ba02102..397c7af 100644 --- a/config/rbac/kustomization.yaml +++ b/config/rbac/kustomization.yaml @@ -20,9 +20,9 @@ resources: - metrics_reader_role.yaml # For each CRD, "Admin", "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are -# not used by the exploit-iq-operator itself. You can comment the following lines +# not used by the exploit-intelligence-operator itself. You can comment the following lines # if you do not want those helpers be installed with your Project. -- exploitiqstack_admin_role.yaml -- exploitiqstack_editor_role.yaml -- exploitiqstack_viewer_role.yaml +- exploitintelligencestack_admin_role.yaml +- exploitintelligencestack_editor_role.yaml +- exploitintelligencestack_viewer_role.yaml diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml index 7e08493..401119a 100644 --- a/config/rbac/leader_election_role.yaml +++ b/config/rbac/leader_election_role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: leader-election-role rules: diff --git a/config/rbac/leader_election_role_binding.yaml b/config/rbac/leader_election_role_binding.yaml index 7d5013a..ed76c4e 100644 --- a/config/rbac/leader_election_role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: leader-election-rolebinding roleRef: diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index cd97b95..ba1e014 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -62,9 +62,9 @@ rules: - list - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks + - exploitintelligencestacks verbs: - create - delete @@ -74,15 +74,15 @@ rules: - update - watch - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/finalizers + - exploitintelligencestacks/finalizers verbs: - update - apiGroups: - - exploitiq.openshift.io + - exploitintelligence.openshift.io resources: - - exploitiqstacks/status + - exploitintelligencestacks/status verbs: - get - patch diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml index 126ac86..a8248ac 100644 --- a/config/rbac/role_binding.yaml +++ b/config/rbac/role_binding.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: manager-rolebinding roleRef: diff --git a/config/rbac/service_account.yaml b/config/rbac/service_account.yaml index bb667a0..98b7eb6 100644 --- a/config/rbac/service_account.yaml +++ b/config/rbac/service_account.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: - app.kubernetes.io/name: exploit-iq-operator + app.kubernetes.io/name: exploit-intelligence-operator app.kubernetes.io/managed-by: kustomize name: controller-manager namespace: system diff --git a/config/samples/README.md b/config/samples/README.md index dd1d7e1..45a8f1f 100644 --- a/config/samples/README.md +++ b/config/samples/README.md @@ -1,6 +1,6 @@ -# ExploitIQStack Samples +# ExploitIntelligenceStack Samples -This directory contains sample Custom Resource (CR) manifests for the ExploitIQStack operator. +This directory contains sample Custom Resource (CR) manifests for the ExploitIntelligenceStack operator. ## Important Notes @@ -10,7 +10,7 @@ Before deploying any sample, you must create the required Secrets as documented ## Available Samples -### 1. **exploitiq_v1alpha1_exploitiqstack.yaml** (Default) +### 1. **exploitintelligence_v1alpha1_exploitintelligencestack.yaml** (Default) **Platform**: OpenShift **Use Case**: Minimal production deployment @@ -21,12 +21,12 @@ Before deploying any sample, you must create the required Secrets as documented - Automatic TLS certificate management ```bash -oc apply -f exploitiq_v1alpha1_exploitiqstack.yaml +oc apply -f exploitintelligence_v1alpha1_exploitintelligencestack.yaml ``` --- -### 2. **exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml** +### 2. **exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml** **Platform**: OpenShift or Kubernetes **Use Case**: Self-hosted LLM deployment (NOT NVIDIA NIM) @@ -48,10 +48,10 @@ oc apply -f exploitiq_v1alpha1_exploitiqstack.yaml 1. Replace `baseURL` with your self-hosted LLM endpoint (e.g., `http://ollama.ai-namespace.svc:11434/v1`) 2. Replace `modelName` with your model identifier (e.g., `llama3.1:latest`, `mistral:latest`) -3. If your LLM requires authentication, add `openai_api_key` to `exploit-iq-secret`: +3. If your LLM requires authentication, add `openai_api_key` to `exploit-intelligence-secret`: ```bash - oc create secret generic exploit-iq-secret \ + oc create secret generic exploit-intelligence-secret \ --from-literal=ghsa_api_key=YOUR_GITHUB_TOKEN \ --from-literal=nvidia_api_key=YOUR_NVIDIA_KEY \ --from-literal=serpapi_api_key=YOUR_SERPAPI_KEY \ @@ -66,7 +66,7 @@ oc apply -f exploitiq_v1alpha1_exploitiqstack.yaml - **Text Generation Inference**: `http://tgi.ai-namespace.svc:8080/v1` ```bash -oc apply -f exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml +oc apply -f exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml ``` --- @@ -75,7 +75,7 @@ oc apply -f exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml ```bash # 1. Create required secrets (see main README.md) -oc create secret generic exploit-iq-secret \ +oc create secret generic exploit-intelligence-secret \ --from-literal=ghsa_api_key=YOUR_GITHUB_TOKEN \ --from-literal=nvidia_api_key=YOUR_NVIDIA_KEY \ --from-literal=serpapi_api_key=YOUR_SERPAPI_KEY @@ -84,7 +84,7 @@ oc create secret generic exploit-iq-secret \ # ... (docker-registry secrets) # 3. Deploy the stack -oc apply -f exploitiq_v1alpha1_exploitiqstack.yaml +oc apply -f exploitintelligence_v1alpha1_exploitintelligencestack.yaml ``` --- @@ -95,7 +95,7 @@ After deploying, check the status: ```bash # Check CR status -oc get exploitiqstack -o wide +oc get exploitintelligencestack -o wide # Check component status oc get pods @@ -103,7 +103,7 @@ oc get deployments oc get services # Check conditions -oc get exploitiqstack exploitiqstack-sample -o jsonpath='{.status.conditions}' | jq +oc get exploitintelligencestack exploitintelligencestack-sample -o jsonpath='{.status.conditions}' | jq ``` --- @@ -114,10 +114,10 @@ oc get exploitiqstack exploitiqstack-sample -o jsonpath='{.status.conditions}' | ```bash # Check operator logs -oc logs -n exploit-iq-operator-system deployment/exploit-iq-operator-controller-manager +oc logs -n exploit-intelligence-operator-system deployment/exploit-intelligence-operator-controller-manager # Check component conditions -oc describe exploitiqstack exploitiqstack-sample +oc describe exploitintelligencestack exploitintelligencestack-sample # Check pod events oc get events --sort-by='.lastTimestamp' @@ -128,14 +128,14 @@ oc get events --sort-by='.lastTimestamp' The operator will report missing secrets in the CR status conditions: ```bash -oc get exploitiqstack exploitiqstack-sample -o yaml | grep -A 5 "conditions:" +oc get exploitintelligencestack exploitintelligencestack-sample -o yaml | grep -A 5 "conditions:" ``` --- ## Customization -All samples can be customized by adding optional fields from the [API documentation](../../api/v1alpha1/exploitiqstack_types.go). +All samples can be customized by adding optional fields from the [API documentation](../../api/v1alpha1/exploitintelligencestack_types.go). Common customizations: @@ -149,5 +149,5 @@ Common customizations: ## Related Documentation - [Main README](../../README.md) - Installation and prerequisites -- [API Reference](../../api/v1alpha1/exploitiqstack_types.go) - Complete API specification +- [API Reference](../../api/v1alpha1/exploitintelligencestack_types.go) - Complete API specification - [Operator SDK Documentation](https://sdk.operatorframework.io/) diff --git a/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml new file mode 100644 index 0000000..f31d30b --- /dev/null +++ b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack.yaml @@ -0,0 +1,13 @@ +apiVersion: exploitintelligence.openshift.io/v1alpha1 +kind: ExploitIntelligenceStack +metadata: + labels: + app.kubernetes.io/name: exploit-intelligence-operator + name: exploitintelligencestack-sample +spec: + engine: + pullSecretRef: + name: exploit-intelligence-pull-secret + webApp: + registryCredentialsSecretRef: + name: image-registry-credentials diff --git a/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes.yaml b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes.yaml new file mode 100644 index 0000000..7add104 --- /dev/null +++ b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes.yaml @@ -0,0 +1,16 @@ +apiVersion: exploitintelligence.openshift.io/v1alpha1 +kind: ExploitIntelligenceStack +metadata: + labels: + app.kubernetes.io/name: exploit-intelligence-operator + name: exploitintelligencestack-kubernetes +spec: + platform: + ingress: + mode: headless # No external ingress, internal access only + engine: + pullSecretRef: + name: exploit-intelligence-pull-secret + webApp: + registryCredentialsSecretRef: + name: image-registry-credentials diff --git a/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_ingress.yaml b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_ingress.yaml similarity index 57% rename from config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_ingress.yaml rename to config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_ingress.yaml index b3746f4..11203e7 100644 --- a/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_ingress.yaml +++ b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_ingress.yaml @@ -1,9 +1,9 @@ -apiVersion: exploitiq.openshift.io/v1alpha1 -kind: ExploitIQStack +apiVersion: exploitintelligence.openshift.io/v1alpha1 +kind: ExploitIntelligenceStack metadata: labels: - app.kubernetes.io/name: exploitiq-operator - name: exploitiqstack-kubernetes-ingress + app.kubernetes.io/name: exploit-intelligence-operator + name: exploitintelligencestack-kubernetes-ingress spec: platform: ingress: @@ -12,7 +12,7 @@ spec: baseDomain: example.com # Replace with your external domain engine: pullSecretRef: - name: exploit-iq-pull-secret + name: exploit-intelligence-pull-secret webApp: registryCredentialsSecretRef: name: image-registry-credentials diff --git a/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml similarity index 72% rename from config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml rename to config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml index 0c70132..e503bbc 100644 --- a/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml +++ b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml @@ -1,9 +1,9 @@ -apiVersion: exploitiq.openshift.io/v1alpha1 -kind: ExploitIQStack +apiVersion: exploitintelligence.openshift.io/v1alpha1 +kind: ExploitIntelligenceStack metadata: labels: - app.kubernetes.io/name: exploitiq-operator - name: exploitiqstack-kubernetes-oidc + app.kubernetes.io/name: exploit-intelligence-operator + name: exploitintelligencestack-kubernetes-oidc spec: platform: ingress: @@ -19,7 +19,7 @@ spec: key: client-secret engine: pullSecretRef: - name: exploit-iq-pull-secret + name: exploit-intelligence-pull-secret webApp: registryCredentialsSecretRef: name: image-registry-credentials diff --git a/config/samples/exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml similarity index 62% rename from config/samples/exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml rename to config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml index 0514a69..2694145 100644 --- a/config/samples/exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml +++ b/config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml @@ -1,20 +1,20 @@ -apiVersion: exploitiq.openshift.io/v1alpha1 -kind: ExploitIQStack +apiVersion: exploitintelligence.openshift.io/v1alpha1 +kind: ExploitIntelligenceStack metadata: labels: - app.kubernetes.io/name: exploitiq-operator - name: exploitiqstack-self-hosted-llm + app.kubernetes.io/name: exploit-intelligence-operator + name: exploitintelligencestack-self-hosted-llm spec: llm: mode: openai # Self-hosted LLM with OpenAI-compatible API baseURL: http://ollama.ai-namespace.svc:11434/v1 # Replace with your self-hosted LLM endpoint modelName: llama3.1:latest # Replace with your model name authSecretRef: # Optional: API key for self-hosted LLM - name: exploit-iq-secret + name: exploit-intelligence-secret key: openai_api_key engine: pullSecretRef: - name: exploit-iq-pull-secret + name: exploit-intelligence-pull-secret webApp: registryCredentialsSecretRef: name: image-registry-credentials diff --git a/config/samples/exploitiq_v1alpha1_exploitiqstack.yaml b/config/samples/exploitiq_v1alpha1_exploitiqstack.yaml deleted file mode 100644 index 41bd90f..0000000 --- a/config/samples/exploitiq_v1alpha1_exploitiqstack.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: exploitiq.openshift.io/v1alpha1 -kind: ExploitIQStack -metadata: - labels: - app.kubernetes.io/name: exploitiq-operator - name: exploitiqstack-sample -spec: - engine: - pullSecretRef: - name: exploit-iq-pull-secret - webApp: - registryCredentialsSecretRef: - name: image-registry-credentials diff --git a/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes.yaml b/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes.yaml deleted file mode 100644 index ca7ed92..0000000 --- a/config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: exploitiq.openshift.io/v1alpha1 -kind: ExploitIQStack -metadata: - labels: - app.kubernetes.io/name: exploitiq-operator - name: exploitiqstack-kubernetes -spec: - platform: - ingress: - mode: headless # No external ingress, internal access only - engine: - pullSecretRef: - name: exploit-iq-pull-secret - webApp: - registryCredentialsSecretRef: - name: image-registry-credentials diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index d424aab..635a2e3 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,5 +1,5 @@ ## Append samples of your project ## resources: -- exploitiq_v1alpha1_exploitiqstack.yaml -- exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml +- exploitintelligence_v1alpha1_exploitintelligencestack.yaml +- exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml # +kubebuilder:scaffold:manifestskustomizesamples diff --git a/docs/developing.md b/docs/developing.md index 6eef5db..2f52007 100644 --- a/docs/developing.md +++ b/docs/developing.md @@ -1,6 +1,6 @@ -# Developing ExploitIQ Operator +# Developing RHTPA exploit intelligence operator -This document provides guidance for building, testing, and contributing to the ExploitIQ Operator. +This document provides guidance for building, testing, and contributing to the RHTPA exploit intelligence operator. ## Prerequisites @@ -33,7 +33,7 @@ make docker-build IMG=/: Example: ```bash -make docker-build IMG=quay.io/myorg/exploit-iq-operator:v1.0.0 +make docker-build IMG=quay.io/myorg/exploit-intelligence-operator:v1.0.0 ``` ### Pushing the Container Image @@ -47,7 +47,7 @@ make docker-push IMG=/: Example: ```bash -make docker-push IMG=quay.io/myorg/exploit-iq-operator:v1.0.0 +make docker-push IMG=quay.io/myorg/exploit-intelligence-operator:v1.0.0 ``` ### Building and Pushing Combined @@ -122,7 +122,7 @@ make test-e2e ``` This command: -- Creates a Kind cluster (`exploit-iq-operator-test-e2e`) +- Creates a Kind cluster (`exploit-intelligence-operator-test-e2e`) - Runs e2e tests in `test/e2e/` - Cleans up the cluster after tests complete @@ -192,7 +192,7 @@ Deploy the operator to your cluster: make deploy IMG=/: ``` -The operator deploys into the `exploit-iq-operator-system` namespace. +The operator deploys into the `exploit-intelligence-operator-system` namespace. ### Undeploying the Operator @@ -239,13 +239,13 @@ For all bundle and catalog operations (creating new versions, fixing production ### Checking Operator Logs ```bash -oc logs -n exploit-iq-operator-system deployment/exploit-iq-operator-controller-manager +oc logs -n exploit-intelligence-operator-system deployment/exploit-intelligence-operator-controller-manager ``` ### Checking CR Status ```bash -oc get exploitiqstack -o yaml +oc get exploitintelligencestack -o yaml ``` ### Checking Component Deployments @@ -257,7 +257,7 @@ oc get deployments -n ### Checking Conditions ```bash -oc get exploitiqstack -o jsonpath='{.status.conditions}' | jq +oc get exploitintelligencestack -o jsonpath='{.status.conditions}' | jq ``` ## Additional Resources diff --git a/docs/installing_kubernetes.md b/docs/installing_kubernetes.md index 1609987..233df08 100644 --- a/docs/installing_kubernetes.md +++ b/docs/installing_kubernetes.md @@ -1,6 +1,6 @@ # Installing on Kubernetes -This document covers installing and running the ExploitIQ Operator on vanilla Kubernetes clusters. +This document covers installing and running the RHTPA exploit intelligence operator on vanilla Kubernetes clusters. For OpenShift installations using OLM, refer to the [README](../README.md#installing-on-openshift). @@ -26,7 +26,7 @@ For OpenShift installations using OLM, refer to the [README](../README.md#instal make deploy IMG=/: ``` - The operator deploys into the `exploit-iq-operator-system` namespace. + The operator deploys into the `exploit-intelligence-operator-system` namespace. ## Installing Knative Eventing @@ -44,8 +44,8 @@ Use a Knative version compatible with your cluster. Version 1.15.x is known to w 1. Create a namespace: ```bash - kubectl create namespace exploit-iq - kubectl config set-context --current --namespace=exploit-iq + kubectl create namespace exploit-intelligence + kubectl config set-context --current --namespace=exploit-intelligence ``` 2. Create the required Secrets (refer to [Prerequisites](../README.md#prerequisites)) @@ -53,7 +53,7 @@ Use a Knative version compatible with your cluster. Version 1.15.x is known to w 3. Deploy the stack: ```bash - kubectl apply -f config/samples/exploitiq_v1alpha1_exploitiqstack_kubernetes.yaml + kubectl apply -f config/samples/exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes.yaml ``` ## Deployment Scenarios @@ -62,17 +62,17 @@ The operator supports multiple deployment scenarios on Kubernetes. Refer to [con Available samples: -- **exploitiq_v1alpha1_exploitiqstack_kubernetes.yaml**: Headless deployment -- **exploitiq_v1alpha1_exploitiqstack_kubernetes_ingress.yaml**: Managed Ingress resources -- **exploitiq_v1alpha1_exploitiqstack_kubernetes_oidc.yaml**: OIDC authentication with OAuth2 Proxy -- **exploitiq_v1alpha1_exploitiqstack_self_hosted_llm.yaml**: Self-hosted LLM integration +- **exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes.yaml**: Headless deployment +- **exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_ingress.yaml**: Managed Ingress resources +- **exploitintelligence_v1alpha1_exploitintelligencestack_kubernetes_oidc.yaml**: OIDC authentication with OAuth2 Proxy +- **exploitintelligence_v1alpha1_exploitintelligencestack_self_hosted_llm.yaml**: Self-hosted LLM integration ## Uninstalling -1. Delete all `ExploitIQStack` custom resources: +1. Delete all `ExploitIntelligenceStack` custom resources: ```bash - kubectl delete exploitiqstack --all -n + kubectl delete exploitintelligencestack --all -n ``` 2. Remove the operator and CRDs: diff --git a/docs/managing_bundles_catalogs.md b/docs/managing_bundles_catalogs.md index e49647d..02e0e0c 100644 --- a/docs/managing_bundles_catalogs.md +++ b/docs/managing_bundles_catalogs.md @@ -55,14 +55,14 @@ vi catalog-template.yaml - schema: olm.channel name: alpha entries: - - name: exploit-iq-operator.v0.0.1 - - name: exploit-iq-operator.v0.0.2 - replaces: exploit-iq-operator.v0.0.1 + - name: exploit-intelligence-operator.v0.0.1 + - name: exploit-intelligence-operator.v0.0.2 + replaces: exploit-intelligence-operator.v0.0.1 - schema: olm.bundle - image: /exploit-iq-operator-bundle:v0.0.1 + image: /exploit-intelligence-operator-bundle:v0.0.1 - schema: olm.bundle - image: /exploit-iq-operator-bundle:v0.0.2 + image: /exploit-intelligence-operator-bundle:v0.0.2 ``` ```bash @@ -82,7 +82,7 @@ make catalog-build catalog-push ```bash export VERSION=0.0.2 -# Edit api/v1alpha1/exploitiqstack_types.go +# Edit api/v1alpha1/exploitintelligencestack_types.go make generate manifests @@ -94,7 +94,7 @@ make bundle-build bundle-push make catalog-build catalog-push -oc delete pod -n openshift-marketplace -l olm.catalogSource=exploit-iq-catalog +oc delete pod -n openshift-marketplace -l olm.catalogSource=exploit-intelligence-catalog ``` **Warning:** This **overwrites** `operator:0.0.2` and `bundle:v0.0.2`. Existing installations won't auto-upgrade. @@ -114,13 +114,13 @@ oc delete pod -n openshift-marketplace -l olm.catalogSource=exploit-iq-catalog ```bash export VERSION=0.0.2 -vi bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml +vi bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml make bundle-build bundle-push make catalog-build catalog-push -oc delete pod -n openshift-marketplace -l olm.catalogSource=exploit-iq-catalog +oc delete pod -n openshift-marketplace -l olm.catalogSource=exploit-intelligence-catalog ``` **Note:** If you only edited the CSV file, you can skip `make bundle` and go straight to `make bundle-build`. @@ -144,14 +144,14 @@ export VERSION=0.0.2 make docker-build docker-push -vi bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml +vi bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml ``` **Edit CSV:** ```yaml metadata: - name: exploit-iq-operator-v0.0.2-1 + name: exploit-intelligence-operator-v0.0.2-1 spec: version: 0.0.2 release: "1" @@ -163,7 +163,7 @@ spec: make generate manifests make bundle -make bundle-build bundle-push BUNDLE_IMG=/exploit-iq-operator-bundle:v0.0.2-1 +make bundle-build bundle-push BUNDLE_IMG=/exploit-intelligence-operator-bundle:v0.0.2-1 vi catalog-template.yaml ``` @@ -177,16 +177,16 @@ entries: - schema: olm.channel name: alpha entries: - - name: exploit-iq-operator.v0.0.1 - - name: exploit-iq-operator.v0.0.2 - replaces: exploit-iq-operator.v0.0.1 + - name: exploit-intelligence-operator.v0.0.1 + - name: exploit-intelligence-operator.v0.0.2 + replaces: exploit-intelligence-operator.v0.0.1 - schema: olm.bundle - image: /exploit-iq-operator-bundle:v0.0.2 + image: /exploit-intelligence-operator-bundle:v0.0.2 substitutions: - - name: /exploit-iq-operator-bundle:v0.0.2-1 - base: exploit-iq-operator.v0.0.2 + - name: /exploit-intelligence-operator-bundle:v0.0.2-1 + base: exploit-intelligence-operator.v0.0.2 ``` ```bash @@ -216,7 +216,7 @@ vi catalog-template.yaml ```yaml entries: - schema: olm.package - name: exploit-iq-operator + name: exploit-intelligence-operator defaultChannel: alpha description: | # Updated Description @@ -258,13 +258,13 @@ To install the operator via OLM on your own cluster, build and push a catalog im ```bash export VERSION=0.0.2 -make docker-build docker-push IMG=/exploit-iq-operator:v${VERSION} +make docker-build docker-push IMG=/exploit-intelligence-operator:v${VERSION} -make bundle IMG=/exploit-iq-operator:v${VERSION} +make bundle IMG=/exploit-intelligence-operator:v${VERSION} -make bundle-build bundle-push BUNDLE_IMG=/exploit-iq-operator-bundle:v${VERSION} +make bundle-build bundle-push BUNDLE_IMG=/exploit-intelligence-operator-bundle:v${VERSION} -make catalog-build catalog-push CATALOG_IMG=/exploit-iq-operator-catalog:latest +make catalog-build catalog-push CATALOG_IMG=/exploit-intelligence-operator-catalog:latest ``` ### 2. Create the CatalogSource @@ -274,11 +274,11 @@ oc create -f - </exploit-iq-operator-catalog:latest' + displayName: RHTPA Exploit Intelligence + image: '/exploit-intelligence-operator-catalog:latest' publisher: Red Hat sourceType: grpc updateStrategy: @@ -291,7 +291,7 @@ EOF ```bash oc -n openshift-marketplace wait --for=condition=Ready pod \ - -l olm.catalogSource=exploit-iq-catalog --timeout=300s + -l olm.catalogSource=exploit-intelligence-catalog --timeout=300s ``` -The operator appears in **OperatorHub** under the **ExploitIQ** source. +The operator appears in **OperatorHub** under the **RHTPA exploit intelligence** source. diff --git a/hack/get-related-image-digests.sh b/hack/get-related-image-digests.sh index 987633a..36ca951 100755 --- a/hack/get-related-image-digests.sh +++ b/hack/get-related-image-digests.sh @@ -5,10 +5,10 @@ set -euo pipefail # # Without flags : print resolved digests to stdout # --patch-csv : also update relatedImages and operator deployment image -# in the CSV file (default: bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml) +# in the CSV file (default: bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml) PATCH_CSV=false -CSV_FILE="bundle/manifests/exploit-iq-operator.clusterserviceversion.yaml" +CSV_FILE="bundle/manifests/exploit-intelligence-operator.clusterserviceversion.yaml" while [[ $# -gt 0 ]]; do case "$1" in diff --git a/internal/controller/components/argilla.go b/internal/controller/components/argilla.go index 989189e..bb034e2 100644 --- a/internal/controller/components/argilla.go +++ b/internal/controller/components/argilla.go @@ -22,7 +22,7 @@ import ( argillares "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/resources/argilla" ) -// argilla reconciles the Argilla (user feedback) component of the ExploitIQStack. +// argilla reconciles the Argilla (user feedback) component of the ExploitIntelligenceStack. type argilla struct { client.Client APIReader client.Reader @@ -53,7 +53,7 @@ func (a *argilla) ConditionType() exploitiqv1alpha1.ConditionType { // Status implements Component. func (a *argilla) Status( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { deployment := &appsv1.Deployment{} key := types.NamespacedName{ @@ -96,7 +96,7 @@ func (a *argilla) Status( // Reconcile is the main reconciliation loop for the Argilla component. func (a *argilla) Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { // PVC must be created first (Create-only, not Patch) @@ -144,7 +144,7 @@ func (a *argilla) Reconcile( // PVCs are created once and never updated (Create-only). func (a *argilla) reconcilePVC( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := argillares.PVC(cr, a.Scheme) if err != nil { @@ -166,7 +166,7 @@ func (a *argilla) reconcilePVC( // This secret is always auto-generated (no user override). func (a *argilla) reconcileCredentialsSecret( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { live := &corev1.Secret{} @@ -200,7 +200,7 @@ func (a *argilla) reconcileCredentialsSecret( // reconcileConfigMap creates/updates the Argilla configuration ConfigMap. func (a *argilla) reconcileConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := argillares.ConfigMap(cr, a.Scheme) if err != nil { @@ -216,7 +216,7 @@ func (a *argilla) reconcileConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply configmap: %w", err) @@ -228,7 +228,7 @@ func (a *argilla) reconcileConfigMap( // reconcileServiceAccount creates/updates the Argilla ServiceAccount. func (a *argilla) reconcileServiceAccount( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := argillares.ServiceAccount(cr, a.Scheme) if err != nil { @@ -244,7 +244,7 @@ func (a *argilla) reconcileServiceAccount( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply service account: %w", err) @@ -256,7 +256,7 @@ func (a *argilla) reconcileServiceAccount( // reconcileRole creates/updates the RBAC Role for Argilla. func (a *argilla) reconcileRole( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := argillares.Role(cr, a.Scheme) if err != nil { @@ -272,7 +272,7 @@ func (a *argilla) reconcileRole( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply role: %w", err) @@ -284,7 +284,7 @@ func (a *argilla) reconcileRole( // reconcileRoleBinding creates/updates the RBAC RoleBinding for Argilla. func (a *argilla) reconcileRoleBinding( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := argillares.RoleBinding(cr, a.Scheme) if err != nil { @@ -300,7 +300,7 @@ func (a *argilla) reconcileRoleBinding( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply rolebinding: %w", err) @@ -312,7 +312,7 @@ func (a *argilla) reconcileRoleBinding( // reconcileService creates/updates the Argilla Service. func (a *argilla) reconcileService( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := argillares.Service(cr, a.Scheme) if err != nil { @@ -328,7 +328,7 @@ func (a *argilla) reconcileService( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply service: %w", err) @@ -340,7 +340,7 @@ func (a *argilla) reconcileService( // reconcileDeployment creates/updates the Argilla Deployment with dependency hash. func (a *argilla) reconcileDeployment( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { // Resolve dependencies for hash calculation resolver := k8s.NewDependencyResolver(a.Client, a.APIReader, cr).UseAPIReader() @@ -374,7 +374,7 @@ func (a *argilla) reconcileDeployment( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply deployment: %w", err) @@ -386,7 +386,7 @@ func (a *argilla) reconcileDeployment( // reconcileRoute creates/updates the OpenShift Route for Argilla. func (a *argilla) reconcileRoute( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { routeEnabled := cr.Spec.Argilla.RouteEnabled != nil && *cr.Spec.Argilla.RouteEnabled @@ -420,7 +420,7 @@ func (a *argilla) reconcileRoute( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply route: %w", err) @@ -432,7 +432,7 @@ func (a *argilla) reconcileRoute( // reconcileIngress creates/updates the Kubernetes Ingress for Argilla. func (a *argilla) reconcileIngress( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { baseDomain := cr.Spec.Platform.Ingress.BaseDomain @@ -450,7 +450,7 @@ func (a *argilla) reconcileIngress( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply ingress: %w", err) diff --git a/internal/controller/components/cache.go b/internal/controller/components/cache.go index 4827eb5..9b39fc8 100644 --- a/internal/controller/components/cache.go +++ b/internal/controller/components/cache.go @@ -1,4 +1,4 @@ -// Package components contains the components of the ExploitIQStack. +// Package components contains the components of the ExploitIntelligenceStack. package components import ( @@ -21,7 +21,7 @@ import ( rescache "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/resources/cache" ) -// сache reconciles the Cache (Nginx) component of the ExploitIQStack. +// сache reconciles the Cache (Nginx) component of the ExploitIntelligenceStack. type cache struct { client.Client APIReader client.Reader @@ -50,7 +50,7 @@ func (c *cache) ConditionType() exploitiqv1alpha1.ConditionType { func (c *cache) Status( //nolint:dupl ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { deployment := &appsv1.Deployment{} key := types.NamespacedName{ @@ -93,7 +93,7 @@ func (c *cache) Status( //nolint:dupl // Reconcile is the main reconciliation loop for the Cache component. func (c *cache) Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { manifestParams := c.buildManifestsParams(cr) @@ -110,7 +110,7 @@ func (c *cache) Reconcile( {Name: "Service", Fn: c.reconcileService}, { Name: "Deployment", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return c.reconcileDeployment(ctx, cr, manifestParams) }, }, @@ -121,7 +121,7 @@ func (c *cache) Reconcile( func (c *cache) reconcilePVC( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := rescache.PVC(cr, c.Scheme) if err != nil { @@ -141,7 +141,7 @@ func (c *cache) reconcilePVC( func (c *cache) reconcileConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := rescache.ConfigMap(cr, c.Scheme, c.Profile) if err != nil { @@ -157,7 +157,7 @@ func (c *cache) reconcileConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply resource: %w", err) @@ -168,7 +168,7 @@ func (c *cache) reconcileConfigMap( func (c *cache) reconcileRoutesConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := rescache.ConfigMapRoutes(cr, c.Scheme) if err != nil { @@ -184,7 +184,7 @@ func (c *cache) reconcileRoutesConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply resource: %w", err) @@ -195,7 +195,7 @@ func (c *cache) reconcileRoutesConfigMap( func (c *cache) reconcileVariablesConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := rescache.ConfigMapVariables(cr, c.Scheme) if err != nil { @@ -211,7 +211,7 @@ func (c *cache) reconcileVariablesConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply resource: %w", err) @@ -222,7 +222,7 @@ func (c *cache) reconcileVariablesConfigMap( func (c *cache) reconcileService( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := rescache.Service(cr, c.Scheme) if err != nil { @@ -238,7 +238,7 @@ func (c *cache) reconcileService( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply resource: %w", err) @@ -249,7 +249,7 @@ func (c *cache) reconcileService( func (c *cache) reconcileEnvConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { params := c.buildManifestsParams(cr) @@ -301,7 +301,7 @@ func (c *cache) reconcileEnvConfigMap( func (c *cache) reconcileDeployment( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, manifestParams *rescache.ManifestsParams, ) error { resolver := k8s.NewDependencyResolver(c.Client, c.APIReader, cr).UseAPIReader() @@ -309,9 +309,9 @@ func (c *cache) reconcileDeployment( resolver.AddConfigMap(rescache.ConfigMapRoutesName) resolver.AddConfigMap(rescache.ConfigMapVariablesName) resolver.AddConfigMap(rescache.EnvConfigMapName) - resolver.AddSecret("exploit-iq-secret") + resolver.AddSecret("exploit-intelligence-secret") resolver.SetSecretFallback(func(name string) (*corev1.Secret, error) { - // exploit-iq-secret is user-provided; use empty fallback for hash stability on first run. + // exploit-intelligence-secret is user-provided; use empty fallback for hash stability on first run. return &corev1.Secret{}, nil }) resolver.SetConfigMapFallback(func(name string) (*corev1.ConfigMap, error) { @@ -354,7 +354,7 @@ func (c *cache) reconcileDeployment( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -364,7 +364,7 @@ func (c *cache) reconcileDeployment( } func (c *cache) buildManifestsParams( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) *rescache.ManifestsParams { upstreamURL := cr.Spec.LLM.BaseURL if upstreamURL == "" { diff --git a/internal/controller/components/componentsyncer.go b/internal/controller/components/componentsyncer.go index 586a568..161d2e0 100644 --- a/internal/controller/components/componentsyncer.go +++ b/internal/controller/components/componentsyncer.go @@ -20,7 +20,7 @@ import ( webappres "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/resources/webapp" ) -// componentsyncer reconciles the ComponentSyncer component of the ExploitIQStack. +// componentsyncer reconciles the ComponentSyncer component of the ExploitIntelligenceStack. type componentsyncer struct { client.Client APIReader client.Reader @@ -50,7 +50,7 @@ func (cs *componentsyncer) ConditionType() exploitiqv1alpha1.ConditionType { // Status returns the status of the ComponentSyncer component. func (cs *componentsyncer) Status( //nolint:dupl ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { // Check if JobSink exists and is ready jobSink := &sinksv1alpha1.JobSink{} @@ -93,7 +93,7 @@ func (cs *componentsyncer) Status( //nolint:dupl // Reconcile is the main reconciliation loop for the ComponentSyncer component. func (cs *componentsyncer) Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { manifestParams := cs.buildManifestsParams(cr) @@ -101,7 +101,7 @@ func (cs *componentsyncer) Reconcile( tasks := []ReconcileTask{ { Name: "reconcileConfigMap", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return cs.reconcileConfigMap(ctx, cr, manifestParams) }, }, @@ -113,7 +113,7 @@ func (cs *componentsyncer) Reconcile( func (cs *componentsyncer) reconcileConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, manifestParams *csres.ManifestsParams, ) error { // Create base ConfigMap with default environment variables @@ -128,13 +128,13 @@ func (cs *componentsyncer) reconcileConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploitiq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } func (cs *componentsyncer) reconcileJobSink( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := csres.NewJobSink(cr, cs.Scheme) if err != nil { @@ -149,12 +149,12 @@ func (cs *componentsyncer) reconcileJobSink( ctx, desired, client.Apply, - client.FieldOwner("exploitiq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } func (cs *componentsyncer) buildManifestsParams( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) *csres.ManifestsParams { scheme := "https" port := webappres.HTTPSPort diff --git a/internal/controller/components/database.go b/internal/controller/components/database.go index 80c794b..da9b170 100644 --- a/internal/controller/components/database.go +++ b/internal/controller/components/database.go @@ -20,7 +20,7 @@ import ( dbres "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/resources/database" ) -// database reconciles the Database component of the ExploitIQStack. +// database reconciles the Database component of the ExploitIntelligenceStack. type database struct { client.Client APIReader client.Reader @@ -52,7 +52,7 @@ func (d *database) ConditionType() exploitiqv1alpha1.ConditionType { // TODO: add more comprehensive status checking. func (d *database) Status( //nolint:dupl ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { deployment := &appsv1.Deployment{} key := types.NamespacedName{ @@ -95,7 +95,7 @@ func (d *database) Status( //nolint:dupl // Reconcile is the main reconciliation loop for the Database component. func (d *database) Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { if err := d.reconcilePVC(ctx, cr); err != nil { @@ -114,7 +114,7 @@ func (d *database) Reconcile( func (d *database) reconcilePVC( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := dbres.PVC(cr, d.Scheme) if err != nil { @@ -134,7 +134,7 @@ func (d *database) reconcilePVC( func (d *database) reconcileService( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := dbres.Service(cr, d.Scheme) if err != nil { @@ -150,7 +150,7 @@ func (d *database) reconcileService( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -161,7 +161,7 @@ func (d *database) reconcileService( func (d *database) reconcileCredentialsSecret( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { // If user provided their own secret, skip auto-generation. if cr.Spec.Database.CredentialsSecretRef != nil && cr.Spec.Database.CredentialsSecretRef.Name != "" { @@ -197,7 +197,7 @@ func (d *database) reconcileCredentialsSecret( func (d *database) reconcileInitConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { // If user provided their own init scripts ConfigMap, skip auto-generation. if cr.Spec.Database.InitScriptsConfigMapRef != nil && @@ -216,7 +216,7 @@ func (d *database) reconcileInitConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply init configmap: %w", err) @@ -227,7 +227,7 @@ func (d *database) reconcileInitConfigMap( func (d *database) reconcileDeployment( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { credSecretName := dbres.GetCredentialsSecretName(cr) initCMName := dbres.GetInitConfigMapName(cr) @@ -268,7 +268,7 @@ func (d *database) reconcileDeployment( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err diff --git a/internal/controller/components/engine.go b/internal/controller/components/engine.go index 8ab2504..0acf0fc 100644 --- a/internal/controller/components/engine.go +++ b/internal/controller/components/engine.go @@ -22,7 +22,7 @@ import ( engineres "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/resources/engine" ) -// engine reconciles the Engine component of the ExploitIQStack. +// engine reconciles the Engine component of the ExploitIntelligenceStack. type engine struct { client.Client APIReader client.Reader @@ -54,7 +54,7 @@ func (e *engine) ConditionType() exploitiqv1alpha1.ConditionType { // TODO: add more comprehensive status checking and extract to common helper. func (e *engine) Status( //nolint:dupl ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { deployment := &appsv1.Deployment{} key := types.NamespacedName{ @@ -98,7 +98,7 @@ func (e *engine) Status( //nolint:dupl // US3: Conditionally creates TracingRoute only on OpenShift. func (e *engine) Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { if err := e.reconcilePVC(ctx, cr); err != nil { @@ -132,7 +132,7 @@ func (e *engine) Reconcile( tasks, ReconcileTask{ Name: "TracingIngress", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return e.reconcileTracingIngress(ctx, cr, reconcileCtx) }, }, @@ -146,7 +146,7 @@ func (e *engine) Reconcile( // This secret is auto-generated and shared between Engine and WebApp components. func (e *engine) reconcileCredentialEncryptionKeySecret( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { live := &corev1.Secret{} @@ -197,7 +197,7 @@ func (e *engine) reconcileCredentialEncryptionKeySecret( // In the future, we may refine this using predicates or smarter reconciliation logic. func (e *engine) reconcileServiceAccount( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := engineres.ServiceAccount(cr, e.Scheme) if err != nil { @@ -213,7 +213,7 @@ func (e *engine) reconcileServiceAccount( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -224,7 +224,7 @@ func (e *engine) reconcileServiceAccount( func (e *engine) reconcileRBAC( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := engineres.RBAC(cr, e.Scheme) if err != nil { @@ -240,7 +240,7 @@ func (e *engine) reconcileRBAC( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -251,7 +251,7 @@ func (e *engine) reconcileRBAC( func (e *engine) reconcilePVC( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := engineres.PVC(cr, e.Scheme) if err != nil { @@ -271,7 +271,7 @@ func (e *engine) reconcilePVC( func (e *engine) reconcileConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { if cr.Spec.Engine.CustomConfigMapRef != nil && cr.Spec.Engine.CustomConfigMapRef.Name != "" { customCM := &corev1.ConfigMap{} @@ -350,7 +350,7 @@ func (e *engine) reconcileConfigMap( func (e *engine) reconcileEnvConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := engineres.EnvConfigMap(cr, e.Scheme) if err != nil { @@ -400,7 +400,7 @@ func (e *engine) reconcileEnvConfigMap( func (e *engine) reconcileDeployment( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { resolver := k8s.NewDependencyResolver(e.Client, e.APIReader, cr) resolver.AddConfigMap(engineres.ConfigMapName) @@ -454,7 +454,7 @@ func (e *engine) reconcileDeployment( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -465,7 +465,7 @@ func (e *engine) reconcileDeployment( func (e *engine) reconcileService( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := engineres.Service(cr, e.Scheme) if err != nil { @@ -481,7 +481,7 @@ func (e *engine) reconcileService( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -492,7 +492,7 @@ func (e *engine) reconcileService( func (e *engine) reconcileTracingService( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := engineres.TracingService(cr, e.Scheme) if err != nil { @@ -508,7 +508,7 @@ func (e *engine) reconcileTracingService( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -519,7 +519,7 @@ func (e *engine) reconcileTracingService( func (e *engine) reconcileTracingRoute( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { tracingEnabled := cr.Spec.Engine.TracingRouteEnabled != nil && *cr.Spec.Engine.TracingRouteEnabled @@ -553,7 +553,7 @@ func (e *engine) reconcileTracingRoute( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -563,7 +563,7 @@ func (e *engine) reconcileTracingRoute( } func (e *engine) buildManifestsParams( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) (*engineres.ManifestsParams, error) { var tracingHost string @@ -594,7 +594,7 @@ func (e *engine) buildManifestsParams( func (e *engine) reconcileTracingIngress( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { manifestParams, err := e.buildManifestsParams(cr, reconcileCtx) @@ -616,7 +616,7 @@ func (e *engine) reconcileTracingIngress( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err diff --git a/internal/controller/components/factory_test.go b/internal/controller/components/factory_test.go index b92ac3c..8d79838 100644 --- a/internal/controller/components/factory_test.go +++ b/internal/controller/components/factory_test.go @@ -31,7 +31,7 @@ func (m *mockComponent) ConditionType() exploitiqv1alpha1.ConditionType { func (m *mockComponent) Reconcile( _ context.Context, - _ *exploitiqv1alpha1.ExploitIQStack, + _ *exploitiqv1alpha1.ExploitIntelligenceStack, _ *reconcile.ReconcileContext, ) error { return nil @@ -39,7 +39,7 @@ func (m *mockComponent) Reconcile( func (m *mockComponent) Status( _ context.Context, - _ *exploitiqv1alpha1.ExploitIQStack, + _ *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { return conditions.ComponentStatus{} } diff --git a/internal/controller/components/interface.go b/internal/controller/components/interface.go index 4beebf8..d073cea 100644 --- a/internal/controller/components/interface.go +++ b/internal/controller/components/interface.go @@ -8,19 +8,19 @@ import ( "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/controller/reconcile" ) -// Component is the interface that represents a single component of the ExploitIQStack. +// Component is the interface that represents a single component of the ExploitIntelligenceStack. type Component interface { Name() string ConditionType() exploitiqv1alpha1.ConditionType Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error - Status(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) conditions.ComponentStatus + Status(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) conditions.ComponentStatus } // Finalizer is the interface that represents a finalizer for a component. type Finalizer interface { - Cleanup(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error + Cleanup(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error } diff --git a/internal/controller/components/tasks.go b/internal/controller/components/tasks.go index ae06822..a690829 100644 --- a/internal/controller/components/tasks.go +++ b/internal/controller/components/tasks.go @@ -15,7 +15,7 @@ const ( ) // ReconcileFunc defines the signature for a reconciliation function that returns an OperationResult. -type ReconcileFunc func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error +type ReconcileFunc func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error // ReconcileTask defines a named reconciliation task. type ReconcileTask struct { @@ -27,7 +27,7 @@ type ReconcileTask struct { // It returns immediately on the first error encountered. func RunReconcileTasks( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, componentName string, tasks []ReconcileTask, ) error { diff --git a/internal/controller/components/webapp.go b/internal/controller/components/webapp.go index fddc399..27c9804 100644 --- a/internal/controller/components/webapp.go +++ b/internal/controller/components/webapp.go @@ -24,7 +24,7 @@ import ( webappres "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/resources/webapp" ) -// webapp reconciles the WebApp component of the ExploitIQStack. +// webapp reconciles the WebApp component of the ExploitIntelligenceStack. type webapp struct { client.Client // Uncached reader @@ -55,7 +55,7 @@ func (w *webapp) ConditionType() exploitiqv1alpha1.ConditionType { // Reconcile is the main reconciliation loop for the WebApp component. func (w *webapp) Reconcile( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) error { manifestParams, err := w.buildManifestsParams(cr, reconcileCtx) @@ -88,7 +88,7 @@ func (w *webapp) Reconcile( tasks, ReconcileTask{ Name: "MainRoute", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return w.reconcileMainRoute(ctx, cr, manifestParams) }, }, @@ -99,7 +99,7 @@ func (w *webapp) Reconcile( tasks, ReconcileTask{ Name: "SwaggerRoute", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return w.reconcileSwaggerRoute(ctx, cr, manifestParams) }, }, @@ -111,7 +111,7 @@ func (w *webapp) Reconcile( tasks, ReconcileTask{ Name: "Ingress", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return w.reconcileIngress(ctx, cr, manifestParams) }, }, @@ -124,7 +124,7 @@ func (w *webapp) Reconcile( tasks, ReconcileTask{ Name: "OAuthClient", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return w.reconcileOAuthClient(ctx, cr, manifestParams) }, }, @@ -139,7 +139,7 @@ func (w *webapp) Reconcile( tasks, ReconcileTask{ Name: "Deployment", - Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { + Fn: func(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return w.reconcileDeployment(ctx, cr, manifestParams) }, }, @@ -152,7 +152,7 @@ func (w *webapp) Reconcile( // TODO: add more comprehensive status checking. func (w *webapp) Status( //nolint:dupl ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) conditions.ComponentStatus { deployment := &appsv1.Deployment{} key := types.NamespacedName{ @@ -195,7 +195,7 @@ func (w *webapp) Status( //nolint:dupl // CleanupOAuthClient removes the instance from OAuthClient and deletes OAuthClient if it's the last instance. func (w *webapp) CleanupOAuthClient( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { // Avoid cleanup if platform is not OpenShift if w.Profile.IsKubernetes() { @@ -274,12 +274,12 @@ func (w *webapp) CleanupOAuthClient( } // Cleanup implements Finalizer. -func (w *webapp) Cleanup(ctx context.Context, cr *exploitiqv1alpha1.ExploitIQStack) error { +func (w *webapp) Cleanup(ctx context.Context, cr *exploitiqv1alpha1.ExploitIntelligenceStack) error { return w.CleanupOAuthClient(ctx, cr) } func (w *webapp) buildManifestsParams( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, reconcileCtx *reconcile.ReconcileContext, ) (*webappres.ManifestsParams, error) { var mainHost, swaggerHost string @@ -328,7 +328,7 @@ func (w *webapp) buildManifestsParams( func (w *webapp) reconcileServiceAccount( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := webappres.ServiceAccount(cr, w.Scheme) if err != nil { @@ -344,7 +344,7 @@ func (w *webapp) reconcileServiceAccount( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -355,7 +355,7 @@ func (w *webapp) reconcileServiceAccount( func (w *webapp) reconcileConfigMap( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := webappres.ConfigMap(cr, w.Scheme) if err != nil { @@ -371,7 +371,7 @@ func (w *webapp) reconcileConfigMap( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -382,7 +382,7 @@ func (w *webapp) reconcileConfigMap( func (w *webapp) reconcileService( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := webappres.Service(cr, w.Scheme, w.Profile) if err != nil { @@ -398,7 +398,7 @@ func (w *webapp) reconcileService( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -409,7 +409,7 @@ func (w *webapp) reconcileService( func (w *webapp) reconcileDeployment( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, manifestParams *webappres.ManifestsParams, ) error { mongoCredSecretName := "mongodb-credentials" //nolint:gosec // G101: Secret resource name, not actual credentials @@ -503,7 +503,7 @@ func (w *webapp) reconcileDeployment( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return err @@ -514,7 +514,7 @@ func (w *webapp) reconcileDeployment( func (w *webapp) reconcileMainRoute( //nolint:unparam ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, _ *webappres.ManifestsParams, ) error { routeEnabled := cr.Spec.WebApp.RouteEnabled == nil || *cr.Spec.WebApp.RouteEnabled @@ -549,13 +549,13 @@ func (w *webapp) reconcileMainRoute( //nolint:unparam desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } func (w *webapp) reconcileSwaggerRoute( //nolint:unparam ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, _ *webappres.ManifestsParams, ) error { swaggerEnabled := cr.Spec.WebApp.SwaggerUIRouteEnabled != nil && *cr.Spec.WebApp.SwaggerUIRouteEnabled @@ -590,13 +590,13 @@ func (w *webapp) reconcileSwaggerRoute( //nolint:unparam desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } func (w *webapp) reconcileIngress( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, params *webappres.ManifestsParams, ) error { mainIngress, err := webappres.Ingress(cr, w.Scheme, *params) @@ -613,7 +613,7 @@ func (w *webapp) reconcileIngress( mainIngress, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply main ingress: %w", err) @@ -633,7 +633,7 @@ func (w *webapp) reconcileIngress( swaggerIngress, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) if err != nil { return fmt.Errorf("apply swagger ingress: %w", err) @@ -644,7 +644,7 @@ func (w *webapp) reconcileIngress( func (w *webapp) reconcileOIDCCookieSecret( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { cookieSecret := k8s.GenerateCookieSecret(cr.UID) @@ -662,13 +662,13 @@ func (w *webapp) reconcileOIDCCookieSecret( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } func (w *webapp) reconcileOAuthClient( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, params *webappres.ManifestsParams, ) error { var secretValue, baseDomain string @@ -695,7 +695,7 @@ func (w *webapp) reconcileOAuthClient( func (w *webapp) createOAuthClient( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, params *webappres.ManifestsParams, ) (string, string, error) { newSecretVal, err := k8s.GenerateSecret(32) @@ -717,7 +717,7 @@ func (w *webapp) createOAuthClient( func (w *webapp) updateOAuthClient( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, existing *oauthv1.OAuthClient, params *webappres.ManifestsParams, ) (string, string, error) { @@ -754,7 +754,7 @@ func (w *webapp) updateOAuthClient( } } - baseDomain := clientToUpdate.Annotations["exploitiq.openshift.io/base-domain"] + baseDomain := clientToUpdate.Annotations["exploitintelligence.openshift.io/base-domain"] if baseDomain == "" { return "", "", fmt.Errorf( "oauthclient %s missing base-domain annotation", @@ -767,7 +767,7 @@ func (w *webapp) updateOAuthClient( func (w *webapp) syncLocalOAuthSecret( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, secretValue string, baseDomain string, ) error { @@ -785,13 +785,13 @@ func (w *webapp) syncLocalOAuthSecret( desiredSecret, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } func (w *webapp) reconcileServiceMonitor( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) error { desired, err := webappres.ServiceMonitor(cr, w.Scheme) if err != nil { @@ -807,6 +807,6 @@ func (w *webapp) reconcileServiceMonitor( desired, client.Apply, client.ForceOwnership, - client.FieldOwner("exploit-iq-operator"), + client.FieldOwner("exploit-intelligence-operator"), ) } diff --git a/internal/controller/components/webapp_test.go b/internal/controller/components/webapp_test.go index 2c02bb3..71cae17 100644 --- a/internal/controller/components/webapp_test.go +++ b/internal/controller/components/webapp_test.go @@ -15,18 +15,18 @@ import ( func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack profile *platform.PlatformProfile expectedTaskNames []string }{ { name: "auto mode on OpenShift creates routes and OAuth", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ Mode: exploitiqv1alpha1.IngressModeAuto, @@ -56,12 +56,12 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { }, { name: "managed mode on Kubernetes creates ingress", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ Mode: exploitiqv1alpha1.IngressModeManaged, @@ -90,12 +90,12 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { }, { name: "headless mode does not create routes, ingress or OAuth", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ Mode: exploitiqv1alpha1.IngressModeHeadless, @@ -122,12 +122,12 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { }, { name: "empty mode defaults to auto", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{}, }, @@ -155,12 +155,12 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { }, { name: "auto mode on Kubernetes without routes does not create ingress", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ Mode: exploitiqv1alpha1.IngressModeAuto, @@ -197,19 +197,19 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { tasks := []ReconcileTask{ { Name: "ServiceAccount", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, { Name: "ConfigMap", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, { Name: "Service", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, { Name: "Deployment", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, } @@ -219,11 +219,11 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { tasks, ReconcileTask{ Name: "MainRoute", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, ReconcileTask{ Name: "SwaggerRoute", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, ) } @@ -233,7 +233,7 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { tasks, ReconcileTask{ Name: "Ingress", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, ) } @@ -244,7 +244,7 @@ func TestWebApp_PlatformSpec_IngressMode(t *testing.T) { tasks, ReconcileTask{ Name: "OAuthClient", - Fn: func(context.Context, *exploitiqv1alpha1.ExploitIQStack) error { return nil }, + Fn: func(context.Context, *exploitiqv1alpha1.ExploitIntelligenceStack) error { return nil }, }, ) } diff --git a/internal/controller/conditions/manager.go b/internal/controller/conditions/manager.go index 02ffd62..7f4294a 100644 --- a/internal/controller/conditions/manager.go +++ b/internal/controller/conditions/manager.go @@ -1,4 +1,4 @@ -// Package conditions provides utilities for managing status conditions in ExploitIQStack resources. +// Package conditions provides utilities for managing status conditions in ExploitIntelligenceStack resources. package conditions import ( @@ -23,7 +23,7 @@ type ComponentStatus struct { Reason string } -// Manager manages status conditions for an ExploitIQStack resource. +// Manager manages status conditions for an ExploitIntelligenceStack resource. // It provides a centralized way to update component conditions and automatically // computes aggregated stack-level conditions (Ready, Degraded, Progressing). type Manager struct { diff --git a/internal/controller/exploitiqstack_controller.go b/internal/controller/exploitintelligencestack_controller.go similarity index 88% rename from internal/controller/exploitiqstack_controller.go rename to internal/controller/exploitintelligencestack_controller.go index 564a503..00acba7 100644 --- a/internal/controller/exploitiqstack_controller.go +++ b/internal/controller/exploitintelligencestack_controller.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -// Package controller implements the ExploitIQStack controller and setup. +// Package controller implements the ExploitIntelligenceStack controller and setup. package controller import ( @@ -55,8 +55,8 @@ const ( requeueAfterError = 5 * time.Second ) -// ExploitIQStackReconciler reconciles a ExploitIQStack object. -type ExploitIQStackReconciler struct { +// ExploitIntelligenceStackReconciler reconciles a ExploitIntelligenceStack object. +type ExploitIntelligenceStackReconciler struct { // Caching client client.Client @@ -97,23 +97,23 @@ type ExploitIQStackReconciler struct { // +kubebuilder:rbac:groups=security.openshift.io,resources=securitycontextconstraints,resourceNames=anyuid,verbs=use // +kubebuilder:rbac:groups=sinks.knative.dev,resources=jobsinks,verbs=get;list;watch;create;update;patch;delete -// Reconcile ensures the desired state of ExploitIQStack resources matches the cluster state. -func (r *ExploitIQStackReconciler) Reconcile( +// Reconcile ensures the desired state of ExploitIntelligenceStack resources matches the cluster state. +func (r *ExploitIntelligenceStackReconciler) Reconcile( ctx context.Context, req ctrl.Request, ) (ctrl.Result, error) { log := logf.FromContext(ctx) - cr := &exploitiqv1alpha1.ExploitIQStack{} + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{} err := r.Get(ctx, req.NamespacedName, cr) if err != nil { if apierrors.IsNotFound(err) { - log.Info("ExploitIQStack resource not found. Ignoring since object must be deleted") + log.Info("ExploitIntelligenceStack resource not found. Ignoring since object must be deleted") return ctrl.Result{}, nil } - log.Error(err, "Failed to get ExploitIQStack") + log.Error(err, "Failed to get ExploitIntelligenceStack") return ctrl.Result{}, err } @@ -124,7 +124,7 @@ func (r *ExploitIQStackReconciler) Reconcile( // Check if resource management is disabled if cr.Spec.Managed != nil && !*cr.Spec.Managed { - log.Info("Resource management disabled for ExploitIQStack") + log.Info("Resource management disabled for ExploitIntelligenceStack") return ctrl.Result{}, nil } @@ -147,7 +147,7 @@ func (r *ExploitIQStackReconciler) Reconcile( return ctrl.Result{}, err } - log.Info("Added finalizer to ExploitIQStack") + log.Info("Added finalizer to ExploitIntelligenceStack") } componentTypes := exploitiqv1alpha1.AllComponentConditionTypes() @@ -194,9 +194,9 @@ func (r *ExploitIQStackReconciler) Reconcile( return ctrl.Result{}, nil } -func (r *ExploitIQStackReconciler) handleDeletion( +func (r *ExploitIntelligenceStackReconciler) handleDeletion( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) (ctrl.Result, error) { log := logf.FromContext(ctx) @@ -204,7 +204,7 @@ func (r *ExploitIQStackReconciler) handleDeletion( return ctrl.Result{}, nil } - log.Info("Handling deletion of ExploitIQStack") + log.Info("Handling deletion of ExploitIntelligenceStack") if err := r.ensurePlatformProfile(ctx); err != nil { return ctrl.Result{}, err @@ -239,19 +239,19 @@ func (r *ExploitIQStackReconciler) handleDeletion( return ctrl.Result{RequeueAfter: requeueAfterError}, err } - log.Info("Removed finalizer from ExploitIQStack") + log.Info("Removed finalizer from ExploitIntelligenceStack") return ctrl.Result{}, nil } // SetupWithManager sets up the controller with the Manager. -func (r *ExploitIQStackReconciler) SetupWithManager(mgr ctrl.Manager) error { +func (r *ExploitIntelligenceStackReconciler) SetupWithManager(mgr ctrl.Manager) error { // TODO: Remove loggingPredicate after operator stabilization loggingPredicate := diagnostics.LoggingPredicate{ Log: mgr.GetLogger().WithName("update-diff-logger"), } ctrlBuilder := ctrl.NewControllerManagedBy(mgr). - For(&exploitiqv1alpha1.ExploitIQStack{}, builder.WithPredicates( + For(&exploitiqv1alpha1.ExploitIntelligenceStack{}, builder.WithPredicates( loggingPredicate, predicate.GenerationChangedPredicate{}, )). @@ -282,12 +282,12 @@ func (r *ExploitIQStackReconciler) SetupWithManager(mgr ctrl.Manager) error { ) } - return ctrlBuilder.Named("exploitiqstack").Complete(r) + return ctrlBuilder.Named("exploitintelligencestack").Complete(r) } // ensurePlatformProfile initializes the platform profile if not already cached. // This method is idempotent and performs platform detection only once. -func (r *ExploitIQStackReconciler) ensurePlatformProfile(ctx context.Context) error { +func (r *ExploitIntelligenceStackReconciler) ensurePlatformProfile(ctx context.Context) error { if r.platformProfile != nil { return nil } @@ -318,7 +318,7 @@ func (r *ExploitIQStackReconciler) ensurePlatformProfile(ctx context.Context) er // ensureComponentsFactory initializes the components factory with the platform profile. // This must be called after ensurePlatformProfile. -func (r *ExploitIQStackReconciler) ensureComponentsFactory() error { +func (r *ExploitIntelligenceStackReconciler) ensureComponentsFactory() error { if r.componentsFactory != nil { return nil } @@ -338,15 +338,15 @@ func (r *ExploitIQStackReconciler) ensureComponentsFactory() error { } // findObjectsForSecret maps a Secret change to reconciliation requests for all -// ExploitIQStack resources in the same namespace that reference this Secret. +// ExploitIntelligenceStack resources in the same namespace that reference this Secret. // It relies on the ".metadata.secrets" field index (see cmd/main.go) to // efficiently look up affected stacks and is used by the Secret watch handler // to enqueue only those stacks that depend on the modified Secret. -func (r *ExploitIQStackReconciler) findObjectsForSecret( +func (r *ExploitIntelligenceStackReconciler) findObjectsForSecret( ctx context.Context, o client.Object, ) []ctrl.Request { - attachedCRs := &exploitiqv1alpha1.ExploitIQStackList{} + attachedCRs := &exploitiqv1alpha1.ExploitIntelligenceStackList{} err := r.List(ctx, attachedCRs, client.InNamespace(o.GetNamespace()), diff --git a/internal/controller/exploitiqstack_controller_test.go b/internal/controller/exploitintelligencestack_controller_test.go similarity index 81% rename from internal/controller/exploitiqstack_controller_test.go rename to internal/controller/exploitintelligencestack_controller_test.go index 957716f..3ef814c 100644 --- a/internal/controller/exploitiqstack_controller_test.go +++ b/internal/controller/exploitintelligencestack_controller_test.go @@ -29,7 +29,7 @@ import ( exploitiqv1alpha1 "github.com/RHEcosystemAppEng/exploit-iq-operator/api/v1alpha1" ) -var _ = Describe("ExploitIQStack Controller", func() { +var _ = Describe("ExploitIntelligenceStack Controller", func() { Context("When reconciling a resource", func() { const resourceName = "test-resource" @@ -39,14 +39,14 @@ var _ = Describe("ExploitIQStack Controller", func() { Name: resourceName, Namespace: "default", // TODO(user):Modify as needed } - exploitiqstack := &exploitiqv1alpha1.ExploitIQStack{} + exploitiqstack := &exploitiqv1alpha1.ExploitIntelligenceStack{} BeforeEach(func() { - By("creating the custom resource for the Kind ExploitIQStack") + By("creating the custom resource for the Kind ExploitIntelligenceStack") err := k8sClient.Get(ctx, typeNamespacedName, exploitiqstack) if err != nil && errors.IsNotFound(err) { - resource := &exploitiqv1alpha1.ExploitIQStack{ + resource := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: resourceName, Namespace: "default", @@ -59,17 +59,17 @@ var _ = Describe("ExploitIQStack Controller", func() { AfterEach(func() { // TODO(user): Cleanup logic after each test, like removing the resource instance. - resource := &exploitiqv1alpha1.ExploitIQStack{} + resource := &exploitiqv1alpha1.ExploitIntelligenceStack{} err := k8sClient.Get(ctx, typeNamespacedName, resource) Expect(err).NotTo(HaveOccurred()) - By("Cleanup the specific resource instance ExploitIQStack") + By("Cleanup the specific resource instance ExploitIntelligenceStack") Expect(k8sClient.Delete(ctx, resource)).To(Succeed()) }) It("should successfully reconcile the resource", func() { By("Reconciling the created resource") - controllerReconciler := &ExploitIQStackReconciler{ + controllerReconciler := &ExploitIntelligenceStackReconciler{ Client: k8sClient, APIReader: k8sClient, Scheme: k8sClient.Scheme(), @@ -86,9 +86,9 @@ var _ = Describe("ExploitIQStack Controller", func() { } By("Verifying the finalizer was added") - reconciledCR := &exploitiqv1alpha1.ExploitIQStack{} + reconciledCR := &exploitiqv1alpha1.ExploitIntelligenceStack{} Expect(k8sClient.Get(ctx, typeNamespacedName, reconciledCR)).To(Succeed()) - Expect(reconciledCR.Finalizers).To(ContainElement("exploitiq.openshift.io/finalizer")) + Expect(reconciledCR.Finalizers).To(ContainElement("exploitintelligence.openshift.io/finalizer")) By("Verifying platform was detected as Kubernetes (envtest has no OpenShift CRDs)") Expect(controllerReconciler.platformProfile).NotTo(BeNil()) diff --git a/internal/controller/exploitiqstack_reconciler.go b/internal/controller/exploitintelligencestack_reconciler.go similarity index 94% rename from internal/controller/exploitiqstack_reconciler.go rename to internal/controller/exploitintelligencestack_reconciler.go index cff3a5f..2076353 100644 --- a/internal/controller/exploitiqstack_reconciler.go +++ b/internal/controller/exploitintelligencestack_reconciler.go @@ -13,12 +13,12 @@ import ( "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/k8s" ) -// reconcileStack is the main entry point for reconciling ExploitIQStack resources. +// reconcileStack is the main entry point for reconciling ExploitIntelligenceStack resources. // It acts as an orchestrator, delegating the reconciliation of each component // to specialized subreconcilers. -func (r *ExploitIQStackReconciler) reconcileStack( +func (r *ExploitIntelligenceStackReconciler) reconcileStack( ctx context.Context, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) (map[exploitiqv1alpha1.ConditionType]conditions.ComponentStatus, error) { log := logf.FromContext(ctx) diff --git a/internal/k8s/dependency_resolver.go b/internal/k8s/dependency_resolver.go index 9e41118..9083323 100644 --- a/internal/k8s/dependency_resolver.go +++ b/internal/k8s/dependency_resolver.go @@ -17,7 +17,7 @@ type DependencyResolver struct { client client.Client apiReader client.Reader preferAPIReader bool - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack configMaps []string secrets []string @@ -31,7 +31,7 @@ type DependencyResolver struct { func NewDependencyResolver( c client.Client, apiReader client.Reader, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) *DependencyResolver { return &DependencyResolver{client: c, apiReader: apiReader, cr: cr} } diff --git a/internal/k8s/hash.go b/internal/k8s/hash.go index 2a912af..b0085d3 100644 --- a/internal/k8s/hash.go +++ b/internal/k8s/hash.go @@ -18,10 +18,10 @@ import ( const ( // SpecHashAnnotation is the annotation key for storing the hash of the spec. // This approach is borrowed from https://pkg.go.dev/github.com/openshift/library-go - SpecHashAnnotation = "exploitiq.openshift.io/spec-hash" + SpecHashAnnotation = "exploitintelligence.openshift.io/spec-hash" // DependencyHashAnnotation is the annotation key for storing the hash of resolved dependencies. - DependencyHashAnnotation = "exploitiq.openshift.io/dependency-hash" + DependencyHashAnnotation = "exploitintelligence.openshift.io/dependency-hash" ) // SetSpecHashAnnotation computes the hash of the provided spec and sets an annotation @@ -88,11 +88,11 @@ func AggregateSpecHashes(objs ...client.Object) (string, error) { } // BuilderFunc builds a client.Object for hashing based on the CR and scheme. -type BuilderFunc func(*exploitiqv1alpha1.ExploitIQStack, *runtime.Scheme) (client.Object, error) +type BuilderFunc func(*exploitiqv1alpha1.ExploitIntelligenceStack, *runtime.Scheme) (client.Object, error) // CalculateDependenciesHash calculates the hash of the dependencies of the k8s objects spec. func CalculateDependenciesHash( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, builders ...BuilderFunc, ) (string, error) { diff --git a/internal/k8s/labels.go b/internal/k8s/labels.go index 2340f13..96168d4 100644 --- a/internal/k8s/labels.go +++ b/internal/k8s/labels.go @@ -6,15 +6,15 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -// CommonLabels returns the standard Kubernetes recommended labels for ExploitIQ resources. +// CommonLabels returns the standard Kubernetes recommended labels for RHTPA exploit intelligence resources. // Ref https://kubernetes.io/docs/concepts/overview/working-with-objects/common-labels/ func CommonLabels(crName, component string) map[string]string { return map[string]string{ - "app.kubernetes.io/name": "exploitiq", + "app.kubernetes.io/name": "exploit-intelligence", "app.kubernetes.io/instance": crName, "app.kubernetes.io/component": component, - "app.kubernetes.io/part-of": "exploitiq", - "app.kubernetes.io/managed-by": "exploitiq-operator", + "app.kubernetes.io/part-of": "exploit-intelligence", + "app.kubernetes.io/managed-by": "exploit-intelligence-operator", } } diff --git a/internal/k8s/route.go b/internal/k8s/route.go index 42c259c..3f6d77d 100644 --- a/internal/k8s/route.go +++ b/internal/k8s/route.go @@ -15,7 +15,7 @@ import ( func GetRouteHost( ctx context.Context, r client.Client, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, routeName string, ) (string, error) { route := &routev1.Route{} diff --git a/internal/resources/argilla/configmap.go b/internal/resources/argilla/configmap.go index be25a7c..b143893 100644 --- a/internal/resources/argilla/configmap.go +++ b/internal/resources/argilla/configmap.go @@ -12,7 +12,7 @@ import ( // ConfigMap creates the Argilla configuration ConfigMap containing environment variables // for connecting the Argilla services (all containers communicate via localhost). func ConfigMap( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ConfigMap, error) { labels := k8s.CommonLabels(cr.Name, "argilla") diff --git a/internal/resources/argilla/configmap_test.go b/internal/resources/argilla/configmap_test.go index 03ee77f..aadb9ec 100644 --- a/internal/resources/argilla/configmap_test.go +++ b/internal/resources/argilla/configmap_test.go @@ -15,21 +15,21 @@ import ( func TestConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { t.Helper() assert.Equal(t, ConfigMapName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) @@ -49,7 +49,7 @@ func TestConfigMap(t *testing.T) { assert.Equal(t, DefaultArgillaRedisURL, cm.Data[EnvArgillaRedisURL]) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", cm.Labels["app.kubernetes.io/component"]) }, @@ -57,14 +57,14 @@ func TestConfigMap(t *testing.T) { }, { name: "localhost URLs validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-localhost", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { t.Helper() // Verify all services use localhost (containers in same pod) assert.Contains(t, cm.Data[EnvArgillaElasticsearch], "localhost") diff --git a/internal/resources/argilla/constants.go b/internal/resources/argilla/constants.go index caaa42d..04d455c 100644 --- a/internal/resources/argilla/constants.go +++ b/internal/resources/argilla/constants.go @@ -3,15 +3,15 @@ package argilla const ( // Default container images. - DefaultFlaskImage = "quay.io/ecosystem-appeng/exploit-iq-feedback-api:0.0.2" + DefaultFlaskImage = "quay.io/ecosystem-appeng/exploit-intelligence-feedback-api:0.0.2" DefaultArgillaServerImage = "argilla/argilla-server:latest" DefaultRedisImage = "redis:6" DefaultElasticsearchImage = "docker.elastic.co/elasticsearch/elasticsearch:8.17.0" DefaultPostgresqlImage = "postgres:13" // Resource names. - DeploymentName = "exploit-iq-feedback" - ServiceName = "exploit-iq-feedback" + DeploymentName = "exploit-intelligence-feedback" + ServiceName = "exploit-intelligence-feedback" PVCName = "argilla-user-feedback-pvc" CredentialsSecretName = "argilla-feedback-secret" ConfigMapName = "argilla-config" @@ -20,7 +20,7 @@ const ( RoleBindingName = "argilla-anyuid-scc" RouteName = "argilla-route" IngressName = "argilla-ingress" - ImagePullSecretName = "exploit-iq-pull-secret" //nolint:gosec // G101: Resource name, not a credential + ImagePullSecretName = "exploit-intelligence-pull-secret" //nolint:gosec // G101: Resource name, not a credential // Container names. FlaskContainerName = "flask-service" diff --git a/internal/resources/argilla/deployment.go b/internal/resources/argilla/deployment.go index bb6755e..a7d3e2b 100644 --- a/internal/resources/argilla/deployment.go +++ b/internal/resources/argilla/deployment.go @@ -13,7 +13,7 @@ import ( ) func Deployment( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*appsv1.Deployment, error) { replicas := k8s.GetReplicasOrDefault(cr.Spec.Argilla.Deployment.Replicas, 1) @@ -78,7 +78,7 @@ func buildArgillaVolumes() []corev1.Volume { } } -func buildArgillaContainers(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.Container { +func buildArgillaContainers(cr *exploitiqv1alpha1.ExploitIntelligenceStack) []corev1.Container { return []corev1.Container{ buildFlaskServiceContainer(cr), buildArgillaServerContainer(cr), @@ -89,7 +89,7 @@ func buildArgillaContainers(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.Conta } } -func buildFlaskServiceContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container { +func buildFlaskServiceContainer(cr *exploitiqv1alpha1.ExploitIntelligenceStack) corev1.Container { image := k8s.GetImageOrDefault(cr.Spec.Argilla.FlaskContainer.Image, DefaultFlaskImage) imagePullPolicy := k8s.GetImagePullPolicyOrDefault( cr.Spec.Argilla.FlaskContainer.ImagePullPolicy, @@ -131,7 +131,7 @@ func buildFlaskServiceContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Con } } -func buildArgillaServerContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container { +func buildArgillaServerContainer(cr *exploitiqv1alpha1.ExploitIntelligenceStack) corev1.Container { image := k8s.GetImageOrDefault(cr.Spec.Argilla.ArgillaServerContainer.Image, DefaultArgillaServerImage) imagePullPolicy := k8s.GetImagePullPolicyOrDefault( cr.Spec.Argilla.ArgillaServerContainer.ImagePullPolicy, @@ -200,7 +200,7 @@ func buildArgillaServerContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Co } } -func buildArgillaWorkerContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container { +func buildArgillaWorkerContainer(cr *exploitiqv1alpha1.ExploitIntelligenceStack) corev1.Container { image := k8s.GetImageOrDefault(cr.Spec.Argilla.ArgillaWorkerContainer.Image, DefaultArgillaServerImage) imagePullPolicy := k8s.GetImagePullPolicyOrDefault( cr.Spec.Argilla.ArgillaWorkerContainer.ImagePullPolicy, @@ -241,7 +241,7 @@ func buildArgillaWorkerContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Co } } -func buildRedisContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container { +func buildRedisContainer(cr *exploitiqv1alpha1.ExploitIntelligenceStack) corev1.Container { image := k8s.GetImageOrDefault(cr.Spec.Argilla.RedisContainer.Image, DefaultRedisImage) imagePullPolicy := k8s.GetImagePullPolicyOrDefault( cr.Spec.Argilla.RedisContainer.ImagePullPolicy, @@ -262,7 +262,7 @@ func buildRedisContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container } } -func buildElasticsearchContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container { +func buildElasticsearchContainer(cr *exploitiqv1alpha1.ExploitIntelligenceStack) corev1.Container { image := k8s.GetImageOrDefault(cr.Spec.Argilla.ElasticsearchContainer.Image, DefaultElasticsearchImage) imagePullPolicy := k8s.GetImagePullPolicyOrDefault( cr.Spec.Argilla.ElasticsearchContainer.ImagePullPolicy, @@ -316,7 +316,7 @@ func buildElasticsearchContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Co } } -func buildPostgresqlContainer(cr *exploitiqv1alpha1.ExploitIQStack) corev1.Container { +func buildPostgresqlContainer(cr *exploitiqv1alpha1.ExploitIntelligenceStack) corev1.Container { image := k8s.GetImageOrDefault(cr.Spec.Argilla.PostgresqlContainer.Image, DefaultPostgresqlImage) imagePullPolicy := k8s.GetImagePullPolicyOrDefault( cr.Spec.Argilla.PostgresqlContainer.ImagePullPolicy, diff --git a/internal/resources/argilla/deployment_test.go b/internal/resources/argilla/deployment_test.go index 58e50e4..827b997 100644 --- a/internal/resources/argilla/deployment_test.go +++ b/internal/resources/argilla/deployment_test.go @@ -16,21 +16,21 @@ import ( func TestDeployment(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIQStack) + validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { t.Helper() assert.Equal(t, DeploymentName, dep.Name) assert.Equal(t, cr.Namespace, dep.Namespace) @@ -79,7 +79,7 @@ func TestDeployment(t *testing.T) { assert.Equal(t, PVCName, dep.Spec.Template.Spec.Volumes[0].PersistentVolumeClaim.ClaimName) // Labels validation - assert.Equal(t, "exploitiq", dep.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", dep.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, dep.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", dep.Labels["app.kubernetes.io/component"]) }, @@ -109,7 +109,7 @@ func TestDeployment(t *testing.T) { } func TestFlaskServiceContainer(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -142,7 +142,7 @@ func TestFlaskServiceContainer(t *testing.T) { } func TestArgillaServerContainer(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -183,7 +183,7 @@ func TestArgillaServerContainer(t *testing.T) { } func TestElasticsearchContainer(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -215,7 +215,7 @@ func TestElasticsearchContainer(t *testing.T) { } func TestPostgresqlContainer(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -246,7 +246,7 @@ func TestPostgresqlContainer(t *testing.T) { } func TestRedisContainer(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -265,7 +265,7 @@ func TestRedisContainer(t *testing.T) { } func TestArgillaWorkerContainer(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", diff --git a/internal/resources/argilla/ingress.go b/internal/resources/argilla/ingress.go index 667b232..acd85e6 100644 --- a/internal/resources/argilla/ingress.go +++ b/internal/resources/argilla/ingress.go @@ -14,7 +14,7 @@ import ( // Ingress creates a Kubernetes Ingress for the Argilla component. // This is used on vanilla Kubernetes (not OpenShift) when ingress mode is set to "managed". func Ingress( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, baseDomain string, ) (*networkingv1.Ingress, error) { diff --git a/internal/resources/argilla/ingress_test.go b/internal/resources/argilla/ingress_test.go index 62c1cd7..14f94dd 100644 --- a/internal/resources/argilla/ingress_test.go +++ b/internal/resources/argilla/ingress_test.go @@ -15,20 +15,20 @@ import ( func TestIngress(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme baseDomain string - validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIQStack, string) + validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIntelligenceStack, string) expectError bool }{ { name: "minimal CRD with ingressClassName and baseDomain", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -38,7 +38,7 @@ func TestIngress(t *testing.T) { }, scheme: runtime.NewScheme(), baseDomain: "example.com", - validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIQStack, baseDomain string) { + validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIntelligenceStack, baseDomain string) { assert.Equal(t, IngressName, ingress.Name) assert.Equal(t, cr.Namespace, ingress.Namespace) assert.Equal(t, "networking.k8s.io/v1", ingress.APIVersion) @@ -70,7 +70,7 @@ func TestIngress(t *testing.T) { assert.Equal(t, PortNameHTTP, path.Backend.Service.Port.Name) // Labels validation - assert.Equal(t, "exploitiq", ingress.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", ingress.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, ingress.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", ingress.Labels["app.kubernetes.io/component"]) }, @@ -78,12 +78,12 @@ func TestIngress(t *testing.T) { }, { name: "missing ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{}, }, @@ -95,12 +95,12 @@ func TestIngress(t *testing.T) { }, { name: "missing baseDomain", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -114,12 +114,12 @@ func TestIngress(t *testing.T) { }, { name: "host generation pattern validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "my-app", Namespace: "prod-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "nginx", @@ -129,7 +129,7 @@ func TestIngress(t *testing.T) { }, scheme: runtime.NewScheme(), baseDomain: "apps.cluster.local", - validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIQStack, baseDomain string) { + validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIntelligenceStack, baseDomain string) { // Verify host follows pattern: argilla-. expectedHost := "argilla-my-app.apps.cluster.local" diff --git a/internal/resources/argilla/pvc.go b/internal/resources/argilla/pvc.go index 1b28e0d..8259f83 100644 --- a/internal/resources/argilla/pvc.go +++ b/internal/resources/argilla/pvc.go @@ -13,7 +13,7 @@ import ( // PVC creates a PersistentVolumeClaim for the Argilla component. // The PVC is shared by Elasticsearch and PostgreSQL containers using subPaths. func PVC( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.PersistentVolumeClaim, error) { // Get size from spec or use default diff --git a/internal/resources/argilla/pvc_test.go b/internal/resources/argilla/pvc_test.go index 560f17f..890df4d 100644 --- a/internal/resources/argilla/pvc_test.go +++ b/internal/resources/argilla/pvc_test.go @@ -16,21 +16,21 @@ import ( func TestPVC(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIQStack) + validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD with default size", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIQStack) { + validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, PVCName, pvc.Name) assert.Equal(t, cr.Namespace, pvc.Namespace) assert.Len(t, pvc.Spec.AccessModes, 1) @@ -41,7 +41,7 @@ func TestPVC(t *testing.T) { pvc.Spec.Resources.Requests[corev1.ResourceStorage], ) // Labels validation - assert.Equal(t, "exploitiq", pvc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", pvc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, pvc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", pvc.Labels["app.kubernetes.io/component"]) }, @@ -49,12 +49,12 @@ func TestPVC(t *testing.T) { }, { name: "custom size", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-custom", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Argilla: exploitiqv1alpha1.ArgillaSpec{ PVC: exploitiqv1alpha1.ArgillaPVCSpec{ Size: "100Gi", @@ -63,7 +63,7 @@ func TestPVC(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIQStack) { + validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal( t, resource.MustParse("100Gi"), @@ -74,12 +74,12 @@ func TestPVC(t *testing.T) { }, { name: "custom storage class", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-sc", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Argilla: exploitiqv1alpha1.ArgillaSpec{ PVC: exploitiqv1alpha1.ArgillaPVCSpec{ StorageClass: "fast-ssd", @@ -88,7 +88,7 @@ func TestPVC(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIQStack) { + validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { require.NotNil(t, pvc.Spec.StorageClassName) assert.Equal(t, "fast-ssd", *pvc.Spec.StorageClassName) }, diff --git a/internal/resources/argilla/rbac.go b/internal/resources/argilla/rbac.go index 075c1b3..9250711 100644 --- a/internal/resources/argilla/rbac.go +++ b/internal/resources/argilla/rbac.go @@ -13,7 +13,7 @@ import ( // This is required on OpenShift to run containers with arbitrary user IDs. // On vanilla Kubernetes, this role is harmless (the SCC resource type doesn't exist). func Role( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*rbacv1.Role, error) { role := &rbacv1.Role{ @@ -42,7 +42,7 @@ func Role( // RoleBinding creates a RoleBinding that binds the Argilla ServiceAccount to the anyuid Role. func RoleBinding( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*rbacv1.RoleBinding, error) { rb := &rbacv1.RoleBinding{ diff --git a/internal/resources/argilla/rbac_test.go b/internal/resources/argilla/rbac_test.go index 813a5a9..d775b8f 100644 --- a/internal/resources/argilla/rbac_test.go +++ b/internal/resources/argilla/rbac_test.go @@ -15,21 +15,21 @@ import ( func TestRole(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateRole func(*testing.T, *rbacv1.Role, *exploitiqv1alpha1.ExploitIQStack) + validateRole func(*testing.T, *rbacv1.Role, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRole: func(t *testing.T, role *rbacv1.Role, cr *exploitiqv1alpha1.ExploitIQStack) { + validateRole: func(t *testing.T, role *rbacv1.Role, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, RoleName, role.Name) assert.Equal(t, cr.Namespace, role.Namespace) assert.Equal(t, "rbac.authorization.k8s.io/v1", role.APIVersion) @@ -44,7 +44,7 @@ func TestRole(t *testing.T) { assert.Contains(t, rule.Verbs, "use") // Labels validation - assert.Equal(t, "exploitiq", role.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", role.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, role.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", role.Labels["app.kubernetes.io/component"]) }, @@ -76,21 +76,21 @@ func TestRole(t *testing.T) { func TestRoleBinding(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateRoleBinding func(*testing.T, *rbacv1.RoleBinding, *exploitiqv1alpha1.ExploitIQStack) + validateRoleBinding func(*testing.T, *rbacv1.RoleBinding, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRoleBinding: func(t *testing.T, rb *rbacv1.RoleBinding, cr *exploitiqv1alpha1.ExploitIQStack) { + validateRoleBinding: func(t *testing.T, rb *rbacv1.RoleBinding, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, RoleBindingName, rb.Name) assert.Equal(t, cr.Namespace, rb.Namespace) assert.Equal(t, "rbac.authorization.k8s.io/v1", rb.APIVersion) @@ -109,7 +109,7 @@ func TestRoleBinding(t *testing.T) { assert.Equal(t, RoleName, rb.RoleRef.Name) // Labels validation - assert.Equal(t, "exploitiq", rb.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", rb.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, rb.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", rb.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/argilla/route.go b/internal/resources/argilla/route.go index a69182f..37c8ae1 100644 --- a/internal/resources/argilla/route.go +++ b/internal/resources/argilla/route.go @@ -13,7 +13,7 @@ import ( // Route creates the OpenShift Route for the Argilla component. // The route provides external access to the flask-service on port 5001 with TLS edge termination. func Route( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*routev1.Route, error) { labels := k8s.CommonLabels(cr.Name, "argilla") diff --git a/internal/resources/argilla/route_test.go b/internal/resources/argilla/route_test.go index 5c372d5..ba85c4c 100644 --- a/internal/resources/argilla/route_test.go +++ b/internal/resources/argilla/route_test.go @@ -16,21 +16,21 @@ import ( func TestRoute(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateRoute func(*testing.T, *routev1.Route, *exploitiqv1alpha1.ExploitIQStack) + validateRoute func(*testing.T, *routev1.Route, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRoute: func(t *testing.T, route *routev1.Route, cr *exploitiqv1alpha1.ExploitIQStack) { + validateRoute: func(t *testing.T, route *routev1.Route, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, RouteName, route.Name) assert.Equal(t, cr.Namespace, route.Namespace) assert.Equal(t, "route.openshift.io/v1", route.APIVersion) @@ -53,7 +53,7 @@ func TestRoute(t *testing.T) { assert.Equal(t, ServiceName, route.Spec.To.Name) // Labels validation - assert.Equal(t, "exploitiq", route.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", route.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, route.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", route.Labels["app.kubernetes.io/component"]) }, @@ -61,14 +61,14 @@ func TestRoute(t *testing.T) { }, { name: "TLS edge termination validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-tls", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRoute: func(t *testing.T, route *routev1.Route, cr *exploitiqv1alpha1.ExploitIQStack) { + validateRoute: func(t *testing.T, route *routev1.Route, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { require.NotNil(t, route.Spec.TLS) assert.Equal(t, routev1.TLSTerminationEdge, route.Spec.TLS.Termination, "Argilla should use edge termination (not reencrypt)") diff --git a/internal/resources/argilla/secret.go b/internal/resources/argilla/secret.go index a61d827..36c4904 100644 --- a/internal/resources/argilla/secret.go +++ b/internal/resources/argilla/secret.go @@ -15,7 +15,7 @@ import ( // - argilla_api_key: API key for Argilla service (32 characters) // - argilla_username: Username for Argilla authentication (16 characters) // - argilla_password: Password for Argilla authentication (32 characters) -func CredentialsSecret(cr *exploitiqv1alpha1.ExploitIQStack) (*corev1.Secret, error) { +func CredentialsSecret(cr *exploitiqv1alpha1.ExploitIntelligenceStack) (*corev1.Secret, error) { labels := k8s.CommonLabels(cr.Name, "argilla") apiKey, err := k8s.GenerateSecret(32) diff --git a/internal/resources/argilla/secret_test.go b/internal/resources/argilla/secret_test.go index 069e144..29ede45 100644 --- a/internal/resources/argilla/secret_test.go +++ b/internal/resources/argilla/secret_test.go @@ -14,19 +14,19 @@ import ( func TestCredentialsSecret(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack - validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIQStack) + cr *exploitiqv1alpha1.ExploitIntelligenceStack + validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, CredentialsSecretName, secret.Name) assert.Equal(t, cr.Namespace, secret.Namespace) assert.Equal(t, "v1", secret.APIVersion) @@ -44,7 +44,7 @@ func TestCredentialsSecret(t *testing.T) { assert.Len(t, secret.StringData[SecretKeyPassword], 32) // Labels validation - assert.Equal(t, "exploitiq", secret.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", secret.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, secret.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", secret.Labels["app.kubernetes.io/component"]) }, @@ -52,13 +52,13 @@ func TestCredentialsSecret(t *testing.T) { }, { name: "secret generation is random", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-random", Namespace: "test-ns", }, }, - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { // Generate another secret and verify values are different secret2, err := CredentialsSecret(cr) require.NoError(t, err) @@ -74,13 +74,13 @@ func TestCredentialsSecret(t *testing.T) { }, { name: "all secret keys have correct format", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-format", Namespace: "test-ns", }, }, - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { // Verify all values contain only valid characters (alphanumeric, hyphen, underscore) for key, value := range secret.StringData { for _, c := range value { diff --git a/internal/resources/argilla/service.go b/internal/resources/argilla/service.go index 69207f3..7049f30 100644 --- a/internal/resources/argilla/service.go +++ b/internal/resources/argilla/service.go @@ -13,7 +13,7 @@ import ( // Service creates a Service for the Argilla component. // The service exposes the flask-service container on port 5001. func Service( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.Service, error) { labels := k8s.CommonLabels(cr.Name, "argilla") diff --git a/internal/resources/argilla/service_test.go b/internal/resources/argilla/service_test.go index e8ad961..5da97a8 100644 --- a/internal/resources/argilla/service_test.go +++ b/internal/resources/argilla/service_test.go @@ -16,21 +16,21 @@ import ( func TestService(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIQStack) + validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceName, svc.Name) assert.Equal(t, cr.Namespace, svc.Namespace) assert.Equal(t, "v1", svc.APIVersion) @@ -45,12 +45,12 @@ func TestService(t *testing.T) { assert.Equal(t, corev1.ProtocolTCP, port.Protocol) // Selector validation - assert.Equal(t, "exploitiq", svc.Spec.Selector["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Spec.Selector["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Spec.Selector["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", svc.Spec.Selector["app.kubernetes.io/component"]) // Labels validation - assert.Equal(t, "exploitiq", svc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", svc.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/argilla/serviceaccount.go b/internal/resources/argilla/serviceaccount.go index 39c6bd6..541e882 100644 --- a/internal/resources/argilla/serviceaccount.go +++ b/internal/resources/argilla/serviceaccount.go @@ -13,7 +13,7 @@ import ( // This ServiceAccount is used by the Argilla pod and is granted anyuid SCC privileges // via the associated Role and RoleBinding. func ServiceAccount( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ServiceAccount, error) { labels := k8s.CommonLabels(cr.Name, "argilla") diff --git a/internal/resources/argilla/serviceaccount_test.go b/internal/resources/argilla/serviceaccount_test.go index 0ce915a..09428e4 100644 --- a/internal/resources/argilla/serviceaccount_test.go +++ b/internal/resources/argilla/serviceaccount_test.go @@ -15,28 +15,28 @@ import ( func TestServiceAccount(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateServiceAcct func(*testing.T, *corev1.ServiceAccount, *exploitiqv1alpha1.ExploitIQStack) + validateServiceAcct func(*testing.T, *corev1.ServiceAccount, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateServiceAcct: func(t *testing.T, sa *corev1.ServiceAccount, cr *exploitiqv1alpha1.ExploitIQStack) { + validateServiceAcct: func(t *testing.T, sa *corev1.ServiceAccount, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceAccountName, sa.Name) assert.Equal(t, cr.Namespace, sa.Namespace) assert.Equal(t, "v1", sa.APIVersion) assert.Equal(t, "ServiceAccount", sa.Kind) // Labels validation - assert.Equal(t, "exploitiq", sa.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", sa.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, sa.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "argilla", sa.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/cache/configmap.go b/internal/resources/cache/configmap.go index f57fac8..864773a 100644 --- a/internal/resources/cache/configmap.go +++ b/internal/resources/cache/configmap.go @@ -37,7 +37,7 @@ var templateVariables string // ConfigMap creates the main Nginx configuration ConfigMap. func ConfigMap( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, profile *platform.PlatformProfile, ) (*corev1.ConfigMap, error) { @@ -72,7 +72,7 @@ func ConfigMap( // ConfigMapRoutes creates a ConfigMap with route templates. func ConfigMapRoutes( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ConfigMap, error) { labels := k8s.CommonLabels(cr.Name, "cache") @@ -101,7 +101,7 @@ func ConfigMapRoutes( // ConfigMapVariables creates a ConfigMap with variable templates. func ConfigMapVariables( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ConfigMap, error) { labels := k8s.CommonLabels(cr.Name, "cache") @@ -126,7 +126,7 @@ func ConfigMapVariables( // EnvConfigMap creates and returns a ConfigMap containing default environment variables for the Cache component. func EnvConfigMap( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, ) (*corev1.ConfigMap, error) { diff --git a/internal/resources/cache/configmap_test.go b/internal/resources/cache/configmap_test.go index 5a78abf..bc55dca 100644 --- a/internal/resources/cache/configmap_test.go +++ b/internal/resources/cache/configmap_test.go @@ -16,15 +16,15 @@ import ( func TestConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme profile *platform.PlatformProfile - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -32,7 +32,7 @@ func TestConfigMap(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeKubernetes}, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ConfigMapName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -40,7 +40,7 @@ func TestConfigMap(t *testing.T) { assert.Contains(t, cm.Data, ConfigMapSubPath) assert.NotEmpty(t, cm.Data[ConfigMapSubPath]) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "cache", cm.Labels["app.kubernetes.io/component"]) // Verify DNS resolver injection @@ -74,21 +74,21 @@ func TestConfigMap(t *testing.T) { func TestConfigMapRoutes(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "route templates content validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { // Verify all route templates are present for _, key := range []string{"intel.conf.template", "nemo.conf.template", "nim.conf.template", "nvidia.conf.template", "openai.conf.template"} { assert.Contains(t, cm.Data, key) @@ -127,21 +127,21 @@ func TestConfigMapRoutes(t *testing.T) { func TestConfigMapVariables(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ConfigMapVariablesName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -149,7 +149,7 @@ func TestConfigMapVariables(t *testing.T) { assert.Contains(t, cm.Data, "template-variables.conf.template") assert.NotEmpty(t, cm.Data["template-variables.conf.template"]) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "cache", cm.Labels["app.kubernetes.io/component"]) }, @@ -181,15 +181,15 @@ func TestConfigMapVariables(t *testing.T) { func TestEnvConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -199,7 +199,7 @@ func TestEnvConfigMap(t *testing.T) { params: ManifestsParams{ LLMUpstreamURL: "http://llm.example.com", }, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, EnvConfigMapName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -211,7 +211,7 @@ func TestEnvConfigMap(t *testing.T) { assert.Equal(t, "", cm.Data[EnvNGCAPIKey]) assert.Equal(t, "", cm.Data[EnvNGCOrgID]) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "cache", cm.Labels["app.kubernetes.io/component"]) }, @@ -219,7 +219,7 @@ func TestEnvConfigMap(t *testing.T) { }, { name: "empty LLM upstream URL", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-empty-url", Namespace: "test-ns", @@ -229,7 +229,7 @@ func TestEnvConfigMap(t *testing.T) { params: ManifestsParams{ LLMUpstreamURL: "", }, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, "", cm.Data[EnvNginxUpstreamNIMLLM]) assert.Equal(t, "", cm.Data[EnvNginxUpstreamOpenAI]) }, @@ -237,7 +237,7 @@ func TestEnvConfigMap(t *testing.T) { }, { name: "all environment variables present", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-env", Namespace: "test-ns", @@ -247,7 +247,7 @@ func TestEnvConfigMap(t *testing.T) { params: ManifestsParams{ LLMUpstreamURL: "http://llm.example.com", }, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Contains(t, cm.Data, EnvNginxUpstreamNVAI) assert.Contains(t, cm.Data, EnvNginxUpstreamNIMLLM) assert.Contains(t, cm.Data, EnvNginxUpstreamOpenAI) diff --git a/internal/resources/cache/deployment.go b/internal/resources/cache/deployment.go index bbe7998..4c9984a 100644 --- a/internal/resources/cache/deployment.go +++ b/internal/resources/cache/deployment.go @@ -13,7 +13,7 @@ import ( // Deployment creates a Deployment for the Cache (Nginx) component. func Deployment( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, ) (*appsv1.Deployment, error) { @@ -84,7 +84,7 @@ func Deployment( return dep, nil } -func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ResourceRequirements { +func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIntelligenceStack) *corev1.ResourceRequirements { defaults := corev1.ResourceRequirements{ Limits: corev1.ResourceList{ "memory": resource.MustParse("256Mi"), @@ -99,9 +99,9 @@ func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.Res return k8s.MergeResourceRequirements(cr.Spec.Cache.Container.Resources, defaults) } -func buildCacheEnv(cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) []corev1.EnvVar { +func buildCacheEnv(cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) []corev1.EnvVar { defaultSecretRef := &corev1.SecretKeySelector{ - LocalObjectReference: corev1.LocalObjectReference{Name: "exploit-iq-secret"}, + LocalObjectReference: corev1.LocalObjectReference{Name: "exploit-intelligence-secret"}, Key: "nvidia_api_key", } @@ -112,7 +112,7 @@ func buildCacheEnv(cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) Name: EnvSerpAPIKey, ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ - LocalObjectReference: corev1.LocalObjectReference{Name: "exploit-iq-secret"}, + LocalObjectReference: corev1.LocalObjectReference{Name: "exploit-intelligence-secret"}, Key: "serpapi_api_key", }, }, diff --git a/internal/resources/cache/deployment_test.go b/internal/resources/cache/deployment_test.go index 0b568d1..4cf5ff0 100644 --- a/internal/resources/cache/deployment_test.go +++ b/internal/resources/cache/deployment_test.go @@ -19,16 +19,16 @@ func TestDeployment_LLM_Logic(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack params ManifestsParams expect map[string]string notExpect []string }{ { name: "NIM mode", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "ns"}, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{ Mode: exploitiqv1alpha1.LLMModeNIM, }, @@ -40,17 +40,17 @@ func TestDeployment_LLM_Logic(t *testing.T) { expect: map[string]string{ EnvNginxUpstreamNIMLLM: "http://nim-up", EnvNginxUpstreamOpenAI: "http://nim-up", - EnvNvidiaAPIKey: "secret:exploit-iq-secret/nvidia_api_key", - EnvOpenAIAPIKey: "secret:exploit-iq-secret/nvidia_api_key", + EnvNvidiaAPIKey: "secret:exploit-intelligence-secret/nvidia_api_key", + EnvOpenAIAPIKey: "secret:exploit-intelligence-secret/nvidia_api_key", }, notExpect: nil, }, { name: "OpenAI mode – no secret", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "ns"}, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{ Mode: exploitiqv1alpha1.LLMModeOpenAI, }, @@ -70,9 +70,9 @@ func TestDeployment_LLM_Logic(t *testing.T) { { name: "OpenAI mode – with secret", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "ns"}, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{ Mode: exploitiqv1alpha1.LLMModeOpenAI, AuthSecretRef: &corev1.SecretKeySelector{ @@ -118,9 +118,9 @@ func TestDeployment_EnvironmentVars_Base(t *testing.T) { scheme := runtime.NewScheme() _ = exploitiqv1alpha1.AddToScheme(scheme) - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "n"}, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{Mode: exploitiqv1alpha1.LLMModeNIM}, }, } @@ -136,9 +136,9 @@ func TestDeployment_EnvironmentVars_Base(t *testing.T) { } func TestDeployment_Resources(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "ns"}, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Cache: exploitiqv1alpha1.CacheSpec{ Container: exploitiqv1alpha1.ContainerSpec{ Resources: &corev1.ResourceRequirements{ @@ -169,7 +169,7 @@ func TestDeployment_Resources(t *testing.T) { } func TestDeployment_Volumes(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "ns"}, } @@ -189,7 +189,7 @@ func TestDeployment_Volumes(t *testing.T) { } func TestDeployment_Mounts(t *testing.T) { - cr := &exploitiqv1alpha1.ExploitIQStack{ + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{Name: "t", Namespace: "ns"}, } diff --git a/internal/resources/cache/pvc.go b/internal/resources/cache/pvc.go index 3fa672f..371da9a 100644 --- a/internal/resources/cache/pvc.go +++ b/internal/resources/cache/pvc.go @@ -12,7 +12,7 @@ import ( // PVC creates a PersistentVolumeClaim for the Cache component. func PVC( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.PersistentVolumeClaim, error) { labels := k8s.CommonLabels(cr.Name, "cache") diff --git a/internal/resources/cache/pvc_test.go b/internal/resources/cache/pvc_test.go index 2d1f51d..7e207b7 100644 --- a/internal/resources/cache/pvc_test.go +++ b/internal/resources/cache/pvc_test.go @@ -16,21 +16,21 @@ import ( func TestPVC(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIQStack) + validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIQStack) { + validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, PVCName, pvc.Name) assert.Equal(t, cr.Namespace, pvc.Namespace) assert.Len(t, pvc.Spec.AccessModes, 1) @@ -41,7 +41,7 @@ func TestPVC(t *testing.T) { pvc.Spec.Resources.Requests[corev1.ResourceStorage], ) // Labels validation - assert.Equal(t, "exploitiq", pvc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", pvc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, pvc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "cache", pvc.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/cache/service.go b/internal/resources/cache/service.go index 7323f43..c0dc714 100644 --- a/internal/resources/cache/service.go +++ b/internal/resources/cache/service.go @@ -12,7 +12,7 @@ import ( // Service creates a Service for the Cache component. func Service( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.Service, error) { labels := k8s.CommonLabels(cr.Name, "cache") diff --git a/internal/resources/cache/service_test.go b/internal/resources/cache/service_test.go index d684818..54facde 100644 --- a/internal/resources/cache/service_test.go +++ b/internal/resources/cache/service_test.go @@ -16,21 +16,21 @@ import ( func TestService(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIQStack) + validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceName, svc.Name) assert.Equal(t, cr.Namespace, svc.Namespace) assert.Equal(t, "v1", svc.APIVersion) @@ -42,7 +42,7 @@ func TestService(t *testing.T) { assert.Equal(t, intstr.FromInt(HTTPPort), httpPort.TargetPort) assert.Equal(t, corev1.ProtocolTCP, httpPort.Protocol) // Labels and selector validation - assert.Equal(t, "exploitiq", svc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "cache", svc.Labels["app.kubernetes.io/component"]) assert.Equal(t, svc.Labels, svc.Spec.Selector) diff --git a/internal/resources/componentsyncer/configmap.go b/internal/resources/componentsyncer/configmap.go index 17493e2..684904d 100644 --- a/internal/resources/componentsyncer/configmap.go +++ b/internal/resources/componentsyncer/configmap.go @@ -14,7 +14,7 @@ import ( // ConfigMap creates a ConfigMap with default environment variables for component-syncer. func ConfigMap( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, ) *corev1.ConfigMap { diff --git a/internal/resources/componentsyncer/configmap_test.go b/internal/resources/componentsyncer/configmap_test.go index 4f2ba6e..7b2027c 100644 --- a/internal/resources/componentsyncer/configmap_test.go +++ b/internal/resources/componentsyncer/configmap_test.go @@ -16,14 +16,14 @@ import ( func TestConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) }{ { name: "minimal CRD with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -31,7 +31,7 @@ func TestConfigMap(t *testing.T) { }, scheme: runtime.NewScheme(), params: ManifestsParams{}, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, ConfigMapName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -49,14 +49,14 @@ func TestConfigMap(t *testing.T) { _, hasReportsEndpoint := cm.Data[EnvReportsEndpoint] assert.False(t, hasReportsEndpoint) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "component-syncer", cm.Labels["app.kubernetes.io/component"]) }, }, { name: "with ReportsEndpoint", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-reports", Namespace: "test-ns", @@ -66,18 +66,18 @@ func TestConfigMap(t *testing.T) { params: ManifestsParams{ ReportsEndpoint: "https://reports.example.com", }, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, params.ReportsEndpoint, cm.Data[EnvReportsEndpoint]) }, }, { name: "custom parallelism", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-parallelism", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ Parallelism: func() *int32 { p := int32(5) @@ -88,18 +88,18 @@ func TestConfigMap(t *testing.T) { }, scheme: runtime.NewScheme(), params: ManifestsParams{}, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, "5", cm.Data[EnvNumberOfWorkers]) }, }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns-full", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ Parallelism: func() *int32 { p := int32(3) @@ -115,7 +115,7 @@ func TestConfigMap(t *testing.T) { params: ManifestsParams{ ReportsEndpoint: "https://custom-reports.example.com", }, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "3", cm.Data[EnvNumberOfWorkers]) assert.Equal(t, params.ReportsEndpoint, cm.Data[EnvReportsEndpoint]) @@ -123,7 +123,7 @@ func TestConfigMap(t *testing.T) { }, { name: "empty ReportsEndpoint", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-empty-reports", Namespace: "test-ns", @@ -133,19 +133,19 @@ func TestConfigMap(t *testing.T) { params: ManifestsParams{ ReportsEndpoint: "", }, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { _, hasReportsEndpoint := cm.Data[EnvReportsEndpoint] assert.False(t, hasReportsEndpoint) }, }, { name: "minimum parallelism", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-min-parallelism", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ Parallelism: func() *int32 { p := int32(1) @@ -156,7 +156,7 @@ func TestConfigMap(t *testing.T) { }, scheme: runtime.NewScheme(), params: ManifestsParams{}, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, "1", cm.Data[EnvNumberOfWorkers]) }, }, diff --git a/internal/resources/componentsyncer/constants.go b/internal/resources/componentsyncer/constants.go index 9cccb32..cb3c445 100644 --- a/internal/resources/componentsyncer/constants.go +++ b/internal/resources/componentsyncer/constants.go @@ -2,7 +2,7 @@ package componentsyncer const ( // DefaultImage is the default container image for Component Syncer. - DefaultImage = "quay.io/vbelouso/exploitiq-component-syncer:0.1.1" + DefaultImage = "quay.io/vbelouso/exploit-intelligence-component-syncer:0.1.1" // JobSinkName is the name of the JobSink resource. JobSinkName = "component-syncer" diff --git a/internal/resources/componentsyncer/jobsink.go b/internal/resources/componentsyncer/jobsink.go index 72d5304..b53e3c5 100644 --- a/internal/resources/componentsyncer/jobsink.go +++ b/internal/resources/componentsyncer/jobsink.go @@ -14,7 +14,7 @@ import ( // NewJobSink creates a JobSink resource for the ComponentSyncer component. func NewJobSink( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*sinksv1alpha1.JobSink, error) { labels := k8s.CommonLabels(cr.Name, "component-syncer") @@ -105,7 +105,7 @@ func NewJobSink( return jobSink, nil } -func getContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ResourceRequirements { +func getContainerResources(cr *exploitiqv1alpha1.ExploitIntelligenceStack) *corev1.ResourceRequirements { defaults := corev1.ResourceRequirements{ Requests: corev1.ResourceList{ "memory": resource.MustParse("100Mi"), diff --git a/internal/resources/componentsyncer/jobsink_test.go b/internal/resources/componentsyncer/jobsink_test.go index 3bbb4b6..509369b 100644 --- a/internal/resources/componentsyncer/jobsink_test.go +++ b/internal/resources/componentsyncer/jobsink_test.go @@ -18,21 +18,21 @@ import ( func TestNewJobSink(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateJobSink func(*testing.T, *sinksv1alpha1.JobSink, *exploitiqv1alpha1.ExploitIQStack) + validateJobSink func(*testing.T, *sinksv1alpha1.JobSink, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, JobSinkName, js.Name) assert.Equal(t, cr.Namespace, js.Namespace) assert.Equal(t, "sinks.knative.dev/v1alpha1", js.APIVersion) @@ -47,7 +47,7 @@ func TestNewJobSink(t *testing.T) { assert.Equal(t, int32(2), *js.Spec.Job.Spec.BackoffLimitPerIndex) assert.Nil(t, js.Spec.Job.Spec.MaxFailedIndexes) // Labels and container name validation - assert.Equal(t, "exploitiq", js.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", js.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, js.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "component-syncer", js.Labels["app.kubernetes.io/component"]) assert.Len(t, js.Spec.Job.Spec.Template.Spec.Containers, 1) @@ -68,12 +68,12 @@ func TestNewJobSink(t *testing.T) { }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ Parallelism: func() *int32 { p := int32(5) @@ -106,7 +106,7 @@ func TestNewJobSink(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, int32(5), *js.Spec.Job.Spec.Completions) assert.Equal(t, int32(5), *js.Spec.Job.Spec.Parallelism) assert.Equal( @@ -155,14 +155,14 @@ func TestNewJobSink(t *testing.T) { }, { name: "default ConfigMap and Secret when not specified", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-defaults", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Len(t, js.Spec.Job.Spec.Template.Spec.Containers[0].EnvFrom, 2) assert.Equal( t, @@ -179,12 +179,12 @@ func TestNewJobSink(t *testing.T) { }, { name: "minimum parallelism", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-min-parallelism", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ Parallelism: func() *int32 { p := int32(1) @@ -194,7 +194,7 @@ func TestNewJobSink(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, int32(1), *js.Spec.Job.Spec.Completions) assert.Equal(t, int32(1), *js.Spec.Job.Spec.Parallelism) }, @@ -202,12 +202,12 @@ func TestNewJobSink(t *testing.T) { }, { name: "high parallelism", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-high-parallelism", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ Parallelism: func() *int32 { p := int32(10) @@ -217,7 +217,7 @@ func TestNewJobSink(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, int32(10), *js.Spec.Job.Spec.Completions) assert.Equal(t, int32(10), *js.Spec.Job.Spec.Parallelism) }, @@ -225,14 +225,14 @@ func TestNewJobSink(t *testing.T) { }, { name: "default resources", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-default-resources", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { resources := js.Spec.Job.Spec.Template.Spec.Containers[0].Resources assert.Equal( t, @@ -247,14 +247,14 @@ func TestNewJobSink(t *testing.T) { }, { name: "restart policy Never", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-restart", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal( t, corev1.RestartPolicyNever, @@ -265,12 +265,12 @@ func TestNewJobSink(t *testing.T) { }, { name: "empty ConfigMapRef uses default", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-empty-cm", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ ConfigMapRef: corev1.LocalObjectReference{ Name: "", @@ -279,7 +279,7 @@ func TestNewJobSink(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal( t, ConfigMapName, @@ -290,12 +290,12 @@ func TestNewJobSink(t *testing.T) { }, { name: "empty SecretRef uses default", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-empty-secret", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ ComponentSyncer: exploitiqv1alpha1.ComponentSyncerSpec{ SecretRef: corev1.LocalObjectReference{ Name: "", @@ -304,7 +304,7 @@ func TestNewJobSink(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIQStack) { + validateJobSink: func(t *testing.T, js *sinksv1alpha1.JobSink, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal( t, SecretName, diff --git a/internal/resources/componentsyncer/secret.go b/internal/resources/componentsyncer/secret.go index 929c7cf..8f6c79b 100644 --- a/internal/resources/componentsyncer/secret.go +++ b/internal/resources/componentsyncer/secret.go @@ -10,7 +10,7 @@ import ( ) // Secret creates a placeholder secret for component-syncer. -func Secret(cr *exploitiqv1alpha1.ExploitIQStack, scheme *runtime.Scheme) *corev1.Secret { +func Secret(cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme) *corev1.Secret { labels := k8s.CommonLabels(cr.Name, "component-syncer") secret := &corev1.Secret{ diff --git a/internal/resources/componentsyncer/secret_test.go b/internal/resources/componentsyncer/secret_test.go index 6d95476..9a667fb 100644 --- a/internal/resources/componentsyncer/secret_test.go +++ b/internal/resources/componentsyncer/secret_test.go @@ -15,20 +15,20 @@ import ( func TestSecret(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIQStack) + validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIntelligenceStack) }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, SecretName, secret.Name) assert.Equal(t, cr.Namespace, secret.Namespace) assert.Equal(t, "v1", secret.APIVersion) @@ -40,7 +40,7 @@ func TestSecret(t *testing.T) { secret.StringData["placeholder"], ) // Labels validation - assert.Equal(t, "exploitiq", secret.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", secret.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, secret.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "component-syncer", secret.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/database/constants.go b/internal/resources/database/constants.go index 81b00ce..12e4bb7 100644 --- a/internal/resources/database/constants.go +++ b/internal/resources/database/constants.go @@ -6,11 +6,11 @@ const ( DefaultImage = "mongodb/mongodb-community-server:8.0.3-ubi8" // DeploymentName is the name of the MongoDB Deployment. - DeploymentName = "exploit-iq-client-db" + DeploymentName = "exploit-intelligence-client-db" // ServiceName is the name of the MongoDB Service. - ServiceName = "exploit-iq-client-db" + ServiceName = "exploit-intelligence-client-db" // PVCName is the name of the PersistentVolumeClaim for MongoDB data. - PVCName = "exploit-iq-client-data" + PVCName = "exploit-intelligence-client-data" // CredentialsSecretName is the name of the auto-generated MongoDB credentials Secret. CredentialsSecretName = "mongodb-credentials" //nolint:gosec // G101: Secret resource name, not actual credentials // InitConfigMapName is the name of the MongoDB init scripts ConfigMap. @@ -42,12 +42,12 @@ const ( // SecretKeyAdminPassword is the key for the MongoDB admin password. SecretKeyAdminPassword = "admin-password" // SecretKeyAppUser is the key for the MongoDB application username. - SecretKeyAppUser = "exploit-iq-user" + SecretKeyAppUser = "exploit-intelligence-user" // SecretKeyAppPassword is the key for the MongoDB application password. - SecretKeyAppPassword = "exploit-iq-password" + SecretKeyAppPassword = "exploit-intelligence-password" // DefaultAdminUser is the default MongoDB admin username. DefaultAdminUser = "mongoadmin" // DefaultAppUser is the default MongoDB application username. - DefaultAppUser = "exploit-iq-user" + DefaultAppUser = "exploit-intelligence-user" ) diff --git a/internal/resources/database/deployment.go b/internal/resources/database/deployment.go index 01cf852..6227e3e 100644 --- a/internal/resources/database/deployment.go +++ b/internal/resources/database/deployment.go @@ -13,7 +13,7 @@ import ( // Deployment creates a Deployment for the Database component. func Deployment( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*appsv1.Deployment, error) { replicas := k8s.GetReplicasOrDefault(cr.Spec.Database.Deployment.Replicas, 1) @@ -73,7 +73,7 @@ func Deployment( return dep, nil } -func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ResourceRequirements { +func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIntelligenceStack) *corev1.ResourceRequirements { defaults := corev1.ResourceRequirements{ Limits: corev1.ResourceList{ "memory": resource.MustParse("1Gi"), @@ -89,7 +89,7 @@ func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.Res } func buildDatabaseVolumes( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) ([]corev1.Volume, []corev1.VolumeMount) { initCMName := GetInitConfigMapName(cr) @@ -120,7 +120,7 @@ func buildDatabaseVolumes( return volumes, volumeMounts } -func buildDatabaseEnv(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.EnvVar { +func buildDatabaseEnv(cr *exploitiqv1alpha1.ExploitIntelligenceStack) []corev1.EnvVar { secretName := GetCredentialsSecretName(cr) return []corev1.EnvVar{ diff --git a/internal/resources/database/deployment_test.go b/internal/resources/database/deployment_test.go index b3f303f..e7520ad 100644 --- a/internal/resources/database/deployment_test.go +++ b/internal/resources/database/deployment_test.go @@ -17,21 +17,21 @@ import ( func TestDeployment(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIQStack) + validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, DeploymentName, dep.Name) assert.Equal(t, cr.Namespace, dep.Namespace) assert.NotNil(t, dep.Spec.Replicas) @@ -53,7 +53,7 @@ func TestDeployment(t *testing.T) { dep.Spec.Template.Spec.Containers[0].Ports[0].ContainerPort, ) // Labels validation - assert.Equal(t, "exploitiq", dep.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", dep.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, dep.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "database", dep.Labels["app.kubernetes.io/component"]) }, @@ -61,12 +61,12 @@ func TestDeployment(t *testing.T) { }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Database: exploitiqv1alpha1.DatabaseSpec{ Deployment: exploitiqv1alpha1.DatabaseDeploymentSpec{ Replicas: func() *int32 { @@ -95,7 +95,7 @@ func TestDeployment(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, int32(1), *dep.Spec.Replicas) assert.Equal(t, "custom-mongodb:v1.0.0", dep.Spec.Template.Spec.Containers[0].Image) assert.Equal( @@ -128,12 +128,12 @@ func TestDeployment(t *testing.T) { }, { name: "zero replicas", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-zero", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Database: exploitiqv1alpha1.DatabaseSpec{ Deployment: exploitiqv1alpha1.DatabaseDeploymentSpec{ Replicas: func() *int32 { @@ -145,7 +145,7 @@ func TestDeployment(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.NotNil(t, dep.Spec.Replicas) assert.Equal(t, int32(0), *dep.Spec.Replicas) }, @@ -153,12 +153,12 @@ func TestDeployment(t *testing.T) { }, { name: "maximum replicas (1)", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-max", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Database: exploitiqv1alpha1.DatabaseSpec{ Deployment: exploitiqv1alpha1.DatabaseDeploymentSpec{ Replicas: func() *int32 { @@ -170,21 +170,21 @@ func TestDeployment(t *testing.T) { }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, int32(1), *dep.Spec.Replicas) }, expectError: false, }, { name: "default resources", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-default-resources", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { resources := dep.Spec.Template.Spec.Containers[0].Resources assert.Equal(t, resource.MustParse("1Gi"), resources.Limits[corev1.ResourceMemory]) assert.Equal(t, resource.MustParse("1"), resources.Limits[corev1.ResourceCPU]) @@ -199,14 +199,14 @@ func TestDeployment(t *testing.T) { }, { name: "volumes validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-volumes", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Len(t, dep.Spec.Template.Spec.Volumes, 2) assert.Equal(t, VolumeData, dep.Spec.Template.Spec.Volumes[0].Name) assert.Equal( @@ -225,14 +225,14 @@ func TestDeployment(t *testing.T) { }, { name: "volume mounts validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-mounts", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Len(t, dep.Spec.Template.Spec.Containers[0].VolumeMounts, 2) assert.Equal( t, @@ -260,14 +260,14 @@ func TestDeployment(t *testing.T) { }, { name: "env vars validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-env", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { envs := dep.Spec.Template.Spec.Containers[0].Env assert.Len(t, envs, 4) assert.Equal(t, "MONGODB_INITDB_ROOT_USERNAME", envs[0].Name) diff --git a/internal/resources/database/init_configmap.go b/internal/resources/database/init_configmap.go index 33e2344..048131e 100644 --- a/internal/resources/database/init_configmap.go +++ b/internal/resources/database/init_configmap.go @@ -14,7 +14,7 @@ import ( var defaultInitScript string // InitConfigMap creates a ConfigMap with MongoDB initialization scripts. -func InitConfigMap(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ConfigMap { +func InitConfigMap(cr *exploitiqv1alpha1.ExploitIntelligenceStack) *corev1.ConfigMap { labels := k8s.CommonLabels(cr.Name, "database") return &corev1.ConfigMap{ @@ -34,7 +34,7 @@ func InitConfigMap(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ConfigMap { } // GetInitConfigMapName returns the name of the init scripts ConfigMap to use. -func GetInitConfigMapName(cr *exploitiqv1alpha1.ExploitIQStack) string { +func GetInitConfigMapName(cr *exploitiqv1alpha1.ExploitIntelligenceStack) string { if cr.Spec.Database.InitScriptsConfigMapRef != nil && cr.Spec.Database.InitScriptsConfigMapRef.Name != "" { return cr.Spec.Database.InitScriptsConfigMapRef.Name diff --git a/internal/resources/database/pvc.go b/internal/resources/database/pvc.go index bd8d690..d7e54ba 100644 --- a/internal/resources/database/pvc.go +++ b/internal/resources/database/pvc.go @@ -12,7 +12,7 @@ import ( // PVC creates a PersistentVolumeClaim for the Database component. func PVC( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.PersistentVolumeClaim, error) { pvc := &corev1.PersistentVolumeClaim{ diff --git a/internal/resources/database/pvc_test.go b/internal/resources/database/pvc_test.go index 6444f67..c77d278 100644 --- a/internal/resources/database/pvc_test.go +++ b/internal/resources/database/pvc_test.go @@ -16,21 +16,21 @@ import ( func TestPVC(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIQStack) + validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIQStack) { + validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, PVCName, pvc.Name) assert.Equal(t, cr.Namespace, pvc.Namespace) assert.Len(t, pvc.Spec.AccessModes, 1) @@ -41,7 +41,7 @@ func TestPVC(t *testing.T) { pvc.Spec.Resources.Requests[corev1.ResourceStorage], ) // Labels validation - assert.Equal(t, "exploitiq", pvc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", pvc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, pvc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "database", pvc.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/database/secret.go b/internal/resources/database/secret.go index dd3fb2b..21ad9da 100644 --- a/internal/resources/database/secret.go +++ b/internal/resources/database/secret.go @@ -11,7 +11,7 @@ import ( ) // CredentialsSecret creates the MongoDB credentials Secret with auto-generated passwords. -func CredentialsSecret(cr *exploitiqv1alpha1.ExploitIQStack) (*corev1.Secret, error) { +func CredentialsSecret(cr *exploitiqv1alpha1.ExploitIntelligenceStack) (*corev1.Secret, error) { labels := k8s.CommonLabels(cr.Name, "database") adminPassword, err := k8s.GenerateSecret(32) @@ -45,7 +45,7 @@ func CredentialsSecret(cr *exploitiqv1alpha1.ExploitIQStack) (*corev1.Secret, er } // GetCredentialsSecretName returns the name of the credentials secret to use. -func GetCredentialsSecretName(cr *exploitiqv1alpha1.ExploitIQStack) string { +func GetCredentialsSecretName(cr *exploitiqv1alpha1.ExploitIntelligenceStack) string { if cr.Spec.Database.CredentialsSecretRef != nil && cr.Spec.Database.CredentialsSecretRef.Name != "" { return cr.Spec.Database.CredentialsSecretRef.Name } diff --git a/internal/resources/database/service.go b/internal/resources/database/service.go index 5ad79b1..1690cc4 100644 --- a/internal/resources/database/service.go +++ b/internal/resources/database/service.go @@ -12,7 +12,7 @@ import ( // Service creates a Service for the Database component. func Service( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.Service, error) { labels := k8s.CommonLabels(cr.Name, "database") diff --git a/internal/resources/database/service_test.go b/internal/resources/database/service_test.go index e67a13f..6f0a039 100644 --- a/internal/resources/database/service_test.go +++ b/internal/resources/database/service_test.go @@ -16,21 +16,21 @@ import ( func TestService(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIQStack) + validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceName, svc.Name) assert.Equal(t, cr.Namespace, svc.Namespace) assert.Equal(t, "v1", svc.APIVersion) @@ -40,7 +40,7 @@ func TestService(t *testing.T) { assert.Equal(t, int32(MongoDBPort), svc.Spec.Ports[0].Port) assert.Equal(t, intstr.FromInt(MongoDBPort), svc.Spec.Ports[0].TargetPort) // Labels and selector validation - assert.Equal(t, "exploitiq", svc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "database", svc.Labels["app.kubernetes.io/component"]) assert.Equal(t, svc.Labels, svc.Spec.Selector) diff --git a/internal/resources/engine/assets/exploit-iq-config.yml b/internal/resources/engine/assets/exploit-intelligence-config.yml similarity index 95% rename from internal/resources/engine/assets/exploit-iq-config.yml rename to internal/resources/engine/assets/exploit-intelligence-config.yml index ad70c5f..e5c9085 100644 --- a/internal/resources/engine/assets/exploit-iq-config.yml +++ b/internal/resources/engine/assets/exploit-intelligence-config.yml @@ -34,11 +34,11 @@ functions: _type: cve_generate_vdbs agent_name: cve_agent_executor # Used to determine which tools are enabled embedder_name: nim_embedder - base_git_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-iq-data/}git - base_vdb_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-iq-data/}vdb - base_code_index_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-iq-data/}code_index - base_pickle_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-iq-data/}pickle - base_rpm_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-iq-data/}rpms + base_git_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-intelligence-data/}git + base_vdb_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-intelligence-data/}vdb + base_code_index_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-intelligence-data/}code_index + base_pickle_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-intelligence-data/}pickle + base_rpm_dir: ${EXPLOIT_IQ_DATA_DIR:-/exploit-intelligence-data/}rpms ignore_code_embedding: true cve_fetch_intel: _type: cve_fetch_intel diff --git a/internal/resources/engine/configmap.go b/internal/resources/engine/configmap.go index 237c629..d44b87c 100644 --- a/internal/resources/engine/configmap.go +++ b/internal/resources/engine/configmap.go @@ -19,7 +19,7 @@ import ( "github.com/RHEcosystemAppEng/exploit-iq-operator/internal/k8s" ) -//go:embed assets/exploit-iq-config.yml +//go:embed assets/exploit-intelligence-config.yml var configTemplate string // ConfigMap creates and returns a ConfigMap for the Engine component. @@ -27,7 +27,7 @@ func ConfigMap( ctx context.Context, client client.Client, //nolint:revive // parameter name kept for clarity. apiReader client.Reader, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, profile *platform.PlatformProfile, ) (*corev1.ConfigMap, error) { @@ -75,7 +75,7 @@ func ConfigMap( } callbackURL := fmt.Sprintf( - "%s://exploit-iq-client.%s.svc:%d", + "%s://exploit-intelligence-client.%s.svc:%d", protocol, cr.Namespace, port, @@ -112,7 +112,7 @@ func ConfigMap( // EnvConfigMap creates and returns a ConfigMap containing default environment variables for the Engine component. func EnvConfigMap( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ConfigMap, error) { data := map[string]string{ @@ -130,7 +130,7 @@ func EnvConfigMap( EnvUbuntuBaseURL: NginxCacheBaseURL + "/ubuntu", EnvEnableExtendedJSParsers: "True", - EnvExploitIQDataDir: MountPathCache + "/", + EnvExploitIntelligenceDataDir: MountPathCache + "/", EnvSerpAPIKey: PlaceholderAPIKey, EnvNvidiaAPIKey: PlaceholderAPIKey, diff --git a/internal/resources/engine/configmap_test.go b/internal/resources/engine/configmap_test.go index 9ab0e87..b21ad78 100644 --- a/internal/resources/engine/configmap_test.go +++ b/internal/resources/engine/configmap_test.go @@ -25,22 +25,22 @@ func TestConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack client client.Client profile *platform.PlatformProfile - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, client: fake.NewClientBuilder().WithScheme(scheme).Build(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ConfigMapName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -51,14 +51,14 @@ func TestConfigMap(t *testing.T) { t, configData, fmt.Sprintf( - "https://exploit-iq-client.%s.svc:%d", + "https://exploit-intelligence-client.%s.svc:%d", cr.Namespace, WebAppCallbackPort, ), ) assert.NotContains(t, configData, "CALLBACK_URL_PLACEHOLDER") // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "config", cm.Labels["app.kubernetes.io/component"]) }, @@ -66,7 +66,7 @@ func TestConfigMap(t *testing.T) { }, { name: "callback URL replacement", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-callback", Namespace: "custom-ns", @@ -74,9 +74,9 @@ func TestConfigMap(t *testing.T) { }, client: fake.NewClientBuilder().WithScheme(scheme).Build(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { expectedURL := fmt.Sprintf( - "https://exploit-iq-client.%s.svc:%d", + "https://exploit-intelligence-client.%s.svc:%d", cr.Namespace, WebAppCallbackPort, ) @@ -86,12 +86,12 @@ func TestConfigMap(t *testing.T) { }, { name: "custom configmap ref", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ CustomConfigMapRef: &corev1.LocalObjectReference{ Name: "custom-config", @@ -110,14 +110,14 @@ func TestConfigMap(t *testing.T) { }, }, ).Build(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { configData := cm.Data[ConfigMapKeyConfig] assert.Contains(t, configData, "custom: config") assert.Contains( t, configData, fmt.Sprintf( - "https://exploit-iq-client.%s.svc:%d", + "https://exploit-intelligence-client.%s.svc:%d", cr.Namespace, WebAppCallbackPort, ), @@ -128,12 +128,12 @@ func TestConfigMap(t *testing.T) { }, { name: "custom configmap not found", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ CustomConfigMapRef: &corev1.LocalObjectReference{ Name: "missing-config", @@ -146,12 +146,12 @@ func TestConfigMap(t *testing.T) { }, { name: "custom configmap missing key", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ CustomConfigMapRef: &corev1.LocalObjectReference{ Name: "custom-config", @@ -174,12 +174,12 @@ func TestConfigMap(t *testing.T) { }, { name: "custom configmap with cert path replacement on Kubernetes", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ CustomConfigMapRef: &corev1.LocalObjectReference{ Name: "custom-config", @@ -199,14 +199,14 @@ func TestConfigMap(t *testing.T) { }, ).Build(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeKubernetes}, - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { configData := cm.Data[ConfigMapKeyConfig] assert.Contains(t, configData, "/etc/ssl/certs/ca-certificates.crt") assert.NotContains(t, configData, "/app/certs/service-ca.crt") assert.Contains( t, configData, - fmt.Sprintf("http://exploit-iq-client.%s.svc:%d", cr.Namespace, 8080), + fmt.Sprintf("http://exploit-intelligence-client.%s.svc:%d", cr.Namespace, 8080), ) assert.NotContains(t, configData, "CALLBACK_URL_PLACEHOLDER") }, @@ -244,21 +244,21 @@ func TestConfigMap(t *testing.T) { func TestEnvConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, EnvConfigMapName, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -270,9 +270,9 @@ func TestEnvConfigMap(t *testing.T) { assert.Contains(t, cm.Data[EnvCVEDetailsBaseURL], NginxCacheBaseURL) assert.Contains(t, cm.Data[EnvCWEDetailsBaseURL], NginxCacheBaseURL) assert.Contains(t, cm.Data[EnvDepsDevBaseURL], NginxCacheBaseURL) - assert.Equal(t, MountPathCache+"/", cm.Data[EnvExploitIQDataDir]) + assert.Equal(t, MountPathCache+"/", cm.Data[EnvExploitIntelligenceDataDir]) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine", cm.Labels["app.kubernetes.io/component"]) }, @@ -280,14 +280,14 @@ func TestEnvConfigMap(t *testing.T) { }, { name: "all base URLs validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-base-urls", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Contains(t, cm.Data[EnvCVEDetailsBaseURL], NginxCacheBaseURL+"/cve-details") assert.Contains(t, cm.Data[EnvCWEDetailsBaseURL], NginxCacheBaseURL+"/cwe-details") assert.Contains(t, cm.Data[EnvDepsDevBaseURL], NginxCacheBaseURL+"/depsdev") @@ -305,14 +305,14 @@ func TestEnvConfigMap(t *testing.T) { }, { name: "all API keys placeholders", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-api-keys", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, PlaceholderAPIKey, cm.Data[EnvSerpAPIKey]) assert.Equal(t, PlaceholderAPIKey, cm.Data[EnvNvidiaAPIKey]) assert.Equal(t, PlaceholderAPIKey, cm.Data[EnvNGCAPIKey]) @@ -322,14 +322,14 @@ func TestEnvConfigMap(t *testing.T) { }, { name: "extended JS parsers enabled", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-js-parsers", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, "True", cm.Data[EnvEnableExtendedJSParsers]) }, expectError: false, diff --git a/internal/resources/engine/constants.go b/internal/resources/engine/constants.go index 5fb6701..4075852 100644 --- a/internal/resources/engine/constants.go +++ b/internal/resources/engine/constants.go @@ -5,27 +5,27 @@ const ( DefaultImage = "registry.redhat.io/exploit-intelligence-tech-preview/vulnerability-analysis-rhel9:latest" // ServiceAccountName is the name of the ServiceAccount for Engine. - ServiceAccountName = "exploit-iq-sa" + ServiceAccountName = "exploit-intelligence-sa" // DeploymentName is the name of the Engine Deployment. - DeploymentName = "exploit-iq" + DeploymentName = "exploit-intelligence" // ServiceName is the name of the Engine Service. - ServiceName = "exploit-iq" + ServiceName = "exploit-intelligence" // ConfigMapName is the ConfigMap name containing Engine configuration. - ConfigMapName = "exploit-iq-config" + ConfigMapName = "exploit-intelligence-config" // EnvConfigMapName is the ConfigMap name containing Engine environment variables. - EnvConfigMapName = "exploit-iq-env" + EnvConfigMapName = "exploit-intelligence-env" // PVCName is the PersistentVolumeClaim name for Engine data. - PVCName = "exploit-iq-data" + PVCName = "exploit-intelligence-data" // TracingServiceName is the Service name for the tracing sidecar. - TracingServiceName = "exploit-iq-phoenix-tracing" + TracingServiceName = "exploit-intelligence-phoenix-tracing" // TracingRouteName is the Route name for the tracing UI. - TracingRouteName = "exploit-iq-tracing" + TracingRouteName = "exploit-intelligence-tracing" // MainContainerName is the primary Engine container name. - MainContainerName = "exploit-iq" + MainContainerName = "exploit-intelligence" // TracingContainerName is the tracing sidecar container name. - TracingContainerName = "exploit-iq-phoenix-tracing" + TracingContainerName = "exploit-intelligence-phoenix-tracing" // HTTPPort is the Engine HTTP port. HTTPPort = 8080 @@ -43,12 +43,12 @@ const ( // MountPathConfig is the mount path for Engine config files. MountPathConfig = "/configs" // MountPathCache is the mount path for Engine data directory. - MountPathCache = "/exploit-iq-data" + MountPathCache = "/exploit-intelligence-data" // MountPathCABundle is the mount path for CA bundle. MountPathCABundle = "/app/certs" // ConfigMapKeyConfig is the key name of the Engine config file. - ConfigMapKeyConfig = "exploit-iq-config.yml" + ConfigMapKeyConfig = "exploit-intelligence-config.yml" // ConfigMapOpenShiftServiceCA is the key of the injected service CA bundle. ConfigMapOpenShiftServiceCA = "openshift-service-ca.crt" @@ -80,7 +80,7 @@ const ( EnvSerpAPIBaseURL = "SERPAPI_BASE_URL" EnvUbuntuBaseURL = "UBUNTU_BASE_URL" EnvEnableExtendedJSParsers = "ENABLE_EXTENDED_JS_PARSERS" - EnvExploitIQDataDir = "EXPLOIT_IQ_DATA_DIR" + EnvExploitIntelligenceDataDir = "EXPLOIT_INTELLIGENCE_DATA_DIR" EnvGoModCache = "GOMODCACHE" EnvEnableMLOps = "ENABLE_MLOPS" EnvGitSSLCAInfo = "GIT_SSL_CAINFO" @@ -97,10 +97,10 @@ const ( // ArgPort is the CLI flag for the Engine port. ArgPort = "--port" // ArgConfigFile is the CLI flag specifying the config file path. - ArgConfigFile = "--config_file=/configs/exploit-iq-config.yml" + ArgConfigFile = "--config_file=/configs/exploit-intelligence-config.yml" // RoleBindingName is the RoleBinding name granting SCC usage to the SA. - RoleBindingName = "exploit-iq-sa" + RoleBindingName = "exploit-intelligence-sa" // ClusterRoleName is the SCC cluster role name to bind. ClusterRoleName = "system:openshift:scc:anyuid" ) diff --git a/internal/resources/engine/deployment.go b/internal/resources/engine/deployment.go index 75abba2..220eb2f 100644 --- a/internal/resources/engine/deployment.go +++ b/internal/resources/engine/deployment.go @@ -16,7 +16,7 @@ import ( // Deployment creates and returns a Deployment for the Engine component. func Deployment( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, profile *platform.PlatformProfile, ) (*appsv1.Deployment, error) { @@ -90,7 +90,7 @@ func Deployment( } func buildEngineVolumes( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, profile *platform.PlatformProfile, ) ([]corev1.Volume, []corev1.VolumeMount) { configMapName := ConfigMapName @@ -192,9 +192,9 @@ func buildEngineVolumes( return volumes, mounts } -func buildEngineBaseEnv(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.EnvVar { +func buildEngineBaseEnv(cr *exploitiqv1alpha1.ExploitIntelligenceStack) []corev1.EnvVar { envs := []corev1.EnvVar{ - {Name: EnvGoModCache, Value: "/exploit-iq-package-cache/go/pkg/mod"}, + {Name: EnvGoModCache, Value: "/exploit-intelligence-package-cache/go/pkg/mod"}, {Name: EnvEnableMLOps, Value: "true"}, { Name: EnvNamespace, @@ -207,7 +207,7 @@ func buildEngineBaseEnv(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.EnvVar { }, { Name: EnvClientBackendURL, - Value: fmt.Sprintf("https://exploit-iq-client.%s.svc.cluster.local:%d", cr.Namespace, WebAppCallbackPort), + Value: fmt.Sprintf("https://exploit-intelligence-client.%s.svc.cluster.local:%d", cr.Namespace, WebAppCallbackPort), }, } @@ -245,7 +245,7 @@ func buildEngineBaseEnv(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.EnvVar { } func buildEngineContainers( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, image string, imagePullPolicy corev1.PullPolicy, runAsUser int64, @@ -288,7 +288,7 @@ func buildEngineContainers( } func newTracingSidecar( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, image string, imagePullPolicy corev1.PullPolicy, runAsUser int64, @@ -312,7 +312,7 @@ func newTracingSidecar( } func getTracingContainerResources( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) *corev1.ResourceRequirements { defaults := corev1.ResourceRequirements{ Limits: corev1.ResourceList{ @@ -331,7 +331,7 @@ func getTracingContainerResources( ) } -func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ResourceRequirements { +func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIntelligenceStack) *corev1.ResourceRequirements { defaults := corev1.ResourceRequirements{ Limits: corev1.ResourceList{ "memory": resource.MustParse("8Gi"), @@ -347,7 +347,7 @@ func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.Res } // getLLMEnvVars generates the environment variables for the LLM. -func getLLMEnvVars(cr *exploitiqv1alpha1.ExploitIQStack) []corev1.EnvVar { +func getLLMEnvVars(cr *exploitiqv1alpha1.ExploitIntelligenceStack) []corev1.EnvVar { var ( llmType, apiBase, modelName string apiKeyEnvSource *corev1.EnvVarSource diff --git a/internal/resources/engine/deployment_test.go b/internal/resources/engine/deployment_test.go index 0379904..8fbc77b 100644 --- a/internal/resources/engine/deployment_test.go +++ b/internal/resources/engine/deployment_test.go @@ -19,20 +19,20 @@ import ( func TestDeployment(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme profile *platform.PlatformProfile - validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIQStack) + validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -42,7 +42,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, DeploymentName, dep.Name) assert.Equal(t, cr.Namespace, dep.Namespace) assert.NotNil(t, dep.Spec.Replicas) @@ -74,7 +74,7 @@ func TestDeployment(t *testing.T) { dep.Spec.Template.Spec.Containers[1].Ports[0].ContainerPort, ) // Labels validation - assert.Equal(t, "exploitiq", dep.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", dep.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, dep.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine", dep.Labels["app.kubernetes.io/component"]) }, @@ -82,12 +82,12 @@ func TestDeployment(t *testing.T) { }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ Deployment: exploitiqv1alpha1.DeploymentSpec{ Replicas: func() *int32 { @@ -136,7 +136,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, int32(3), *dep.Spec.Replicas) assert.Len(t, dep.Spec.Template.Spec.Containers, 2) // Container 0 is TracingContainer - uses image from MainContainer @@ -206,12 +206,12 @@ func TestDeployment(t *testing.T) { }, { name: "zero replicas", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-zero", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ Deployment: exploitiqv1alpha1.DeploymentSpec{ Replicas: func() *int32 { @@ -227,7 +227,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.NotNil(t, dep.Spec.Replicas) assert.Equal(t, int32(0), *dep.Spec.Replicas) }, @@ -235,12 +235,12 @@ func TestDeployment(t *testing.T) { }, { name: "without pull secret", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-no-secret", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "", @@ -250,19 +250,19 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Empty(t, dep.Spec.Template.Spec.ImagePullSecrets) }, expectError: false, }, { name: "default resources main container", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-default-resources", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -272,7 +272,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { mainContainer := dep.Spec.Template.Spec.Containers[1] resources := mainContainer.Resources assert.Equal(t, resource.MustParse("8Gi"), resources.Limits[corev1.ResourceMemory]) @@ -288,12 +288,12 @@ func TestDeployment(t *testing.T) { }, { name: "default resources tracing container", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-tracing-resources", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -303,7 +303,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { tracingContainer := dep.Spec.Template.Spec.Containers[0] resources := tracingContainer.Resources assert.Equal(t, resource.MustParse("2Gi"), resources.Limits[corev1.ResourceMemory]) @@ -319,12 +319,12 @@ func TestDeployment(t *testing.T) { }, { name: "volumes validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-volumes", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -334,7 +334,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { volumeMap := volumeToMap( dep.Spec.Template.Spec.Containers[1].VolumeMounts, dep.Spec.Template.Spec.Volumes, @@ -354,12 +354,12 @@ func TestDeployment(t *testing.T) { }, { name: "volume mounts validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-mounts", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -369,7 +369,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { mountMap := mountToMap(dep.Spec.Template.Spec.Containers[1].VolumeMounts) assert.Equal(t, MountPathConfig, mountMap[VolumeConfig]) assert.Equal(t, MountPathCache, mountMap[VolumeCache]) @@ -379,12 +379,12 @@ func TestDeployment(t *testing.T) { }, { name: "security context validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-security", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -394,7 +394,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { for _, container := range dep.Spec.Template.Spec.Containers { assert.NotNil(t, container.SecurityContext) assert.NotNil(t, container.SecurityContext.RunAsUser) @@ -405,12 +405,12 @@ func TestDeployment(t *testing.T) { }, { name: "working directory validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-workdir", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -420,7 +420,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { for _, container := range dep.Spec.Template.Spec.Containers { assert.Equal(t, "/workspace/", container.WorkingDir) } @@ -429,12 +429,12 @@ func TestDeployment(t *testing.T) { }, { name: "envFrom validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-envfrom", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -444,7 +444,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Len(t, dep.Spec.Template.Spec.Containers[1].EnvFrom, 1) assert.Equal( t, @@ -456,12 +456,12 @@ func TestDeployment(t *testing.T) { }, { name: "extra env variables", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-extra-env", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -477,7 +477,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { envMap := envToMap(dep.Spec.Template.Spec.Containers[1].Env) assert.Equal(t, "custom-value", envMap["CUSTOM_VAR"]) assert.Equal(t, "another-value", envMap["ANOTHER_VAR"]) @@ -486,12 +486,12 @@ func TestDeployment(t *testing.T) { }, { name: "service account validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-sa", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Engine: exploitiqv1alpha1.EngineSpec{ PullSecretRef: corev1.LocalObjectReference{ Name: "test-pull-secret", @@ -501,7 +501,7 @@ func TestDeployment(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceAccountName, dep.Spec.Template.Spec.ServiceAccountName) }, expectError: false, @@ -536,13 +536,13 @@ func TestDeployment(t *testing.T) { func TestGetLLMEnvVars(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack validateEnvVars func(*testing.T, []corev1.EnvVar) }{ { name: "NIM mode with default values", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{Mode: exploitiqv1alpha1.LLMModeNIM}, }, }, @@ -556,8 +556,8 @@ func TestGetLLMEnvVars(t *testing.T) { }, { name: "OpenAI mode without ModelName and AuthSecretRef", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{Mode: exploitiqv1alpha1.LLMModeOpenAI}, }, }, @@ -571,8 +571,8 @@ func TestGetLLMEnvVars(t *testing.T) { }, { name: "OpenAI mode with ModelName and AuthSecretRef", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{ Mode: exploitiqv1alpha1.LLMModeOpenAI, ModelName: "custom-model", @@ -593,8 +593,8 @@ func TestGetLLMEnvVars(t *testing.T) { }, { name: "OpenAI mode with ModelName but without AuthSecretRef", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{ Mode: exploitiqv1alpha1.LLMModeOpenAI, ModelName: "another-model", @@ -610,8 +610,8 @@ func TestGetLLMEnvVars(t *testing.T) { }, { name: "all services get LLM env vars", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ LLM: exploitiqv1alpha1.LLMSpec{Mode: exploitiqv1alpha1.LLMModeNIM}, }, }, diff --git a/internal/resources/engine/ingress.go b/internal/resources/engine/ingress.go index 6e58a44..c681197 100644 --- a/internal/resources/engine/ingress.go +++ b/internal/resources/engine/ingress.go @@ -13,7 +13,7 @@ import ( // TracingIngress creates an Ingress for the Engine's tracing service. func TracingIngress( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, ) (*networkingv1.Ingress, error) { diff --git a/internal/resources/engine/ingress_test.go b/internal/resources/engine/ingress_test.go index face452..ebeff7b 100644 --- a/internal/resources/engine/ingress_test.go +++ b/internal/resources/engine/ingress_test.go @@ -15,20 +15,20 @@ import ( func TestTracingIngress(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) expectError bool }{ { name: "minimal CRD with ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -38,9 +38,9 @@ func TestTracingIngress(t *testing.T) { }, scheme: runtime.NewScheme(), params: ManifestsParams{ - TracingHost: "exploit-iq-tracing-test-ns.example.com", + TracingHost: "exploit-intelligence-tracing-test-ns.example.com", }, - validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, TracingRouteName, ingress.Name) assert.Equal(t, cr.Namespace, ingress.Namespace) assert.NotNil(t, ingress.Spec.IngressClassName) @@ -64,7 +64,7 @@ func TestTracingIngress(t *testing.T) { "tracing", ingress.Spec.Rules[0].HTTP.Paths[0].Backend.Service.Port.Name, ) - assert.Equal(t, "exploitiq", ingress.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", ingress.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, ingress.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine-tracing", ingress.Labels["app.kubernetes.io/component"]) }, @@ -72,12 +72,12 @@ func TestTracingIngress(t *testing.T) { }, { name: "missing ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{}, }, @@ -85,18 +85,18 @@ func TestTracingIngress(t *testing.T) { }, scheme: runtime.NewScheme(), params: ManifestsParams{ - TracingHost: "exploit-iq-tracing-test-ns.example.com", + TracingHost: "exploit-intelligence-tracing-test-ns.example.com", }, expectError: true, }, { name: "empty tracing host", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", diff --git a/internal/resources/engine/pvc.go b/internal/resources/engine/pvc.go index 002edc4..1ebaa0f 100644 --- a/internal/resources/engine/pvc.go +++ b/internal/resources/engine/pvc.go @@ -12,7 +12,7 @@ import ( // PVC builds a PersistentVolumeClaim for the Engine data storage. func PVC( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.PersistentVolumeClaim, error) { pvc := &corev1.PersistentVolumeClaim{ diff --git a/internal/resources/engine/pvc_test.go b/internal/resources/engine/pvc_test.go index 61b7418..afcd2e1 100644 --- a/internal/resources/engine/pvc_test.go +++ b/internal/resources/engine/pvc_test.go @@ -16,21 +16,21 @@ import ( func TestPVC(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIQStack) + validatePVC func(*testing.T, *corev1.PersistentVolumeClaim, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIQStack) { + validatePVC: func(t *testing.T, pvc *corev1.PersistentVolumeClaim, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, PVCName, pvc.Name) assert.Equal(t, cr.Namespace, pvc.Namespace) assert.Len(t, pvc.Spec.AccessModes, 1) @@ -41,7 +41,7 @@ func TestPVC(t *testing.T) { pvc.Spec.Resources.Requests[corev1.ResourceStorage], ) // Labels validation - assert.Equal(t, "exploitiq", pvc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", pvc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, pvc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine", pvc.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/engine/rbac.go b/internal/resources/engine/rbac.go index 483e3e1..223c6c0 100644 --- a/internal/resources/engine/rbac.go +++ b/internal/resources/engine/rbac.go @@ -11,7 +11,7 @@ import ( // RBAC builds a RoleBinding granting the Engine ServiceAccount required SCC. func RBAC( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*rbacv1.RoleBinding, error) { rb := &rbacv1.RoleBinding{ diff --git a/internal/resources/engine/rbac_test.go b/internal/resources/engine/rbac_test.go index f07cc51..1c2fd6a 100644 --- a/internal/resources/engine/rbac_test.go +++ b/internal/resources/engine/rbac_test.go @@ -15,21 +15,21 @@ import ( func TestRBAC(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateRBAC func(*testing.T, *rbacv1.RoleBinding, *exploitiqv1alpha1.ExploitIQStack) + validateRBAC func(*testing.T, *rbacv1.RoleBinding, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRBAC: func(t *testing.T, rb *rbacv1.RoleBinding, cr *exploitiqv1alpha1.ExploitIQStack) { + validateRBAC: func(t *testing.T, rb *rbacv1.RoleBinding, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, RoleBindingName, rb.Name) assert.Equal(t, cr.Namespace, rb.Namespace) assert.Equal(t, "rbac.authorization.k8s.io/v1", rb.APIVersion) @@ -42,7 +42,7 @@ func TestRBAC(t *testing.T) { assert.Equal(t, "rbac.authorization.k8s.io", rb.RoleRef.APIGroup) assert.Equal(t, ClusterRoleName, rb.RoleRef.Name) // Labels validation - assert.Equal(t, "exploitiq", rb.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", rb.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, rb.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine", rb.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/engine/route.go b/internal/resources/engine/route.go index 9c42d10..4bf420d 100644 --- a/internal/resources/engine/route.go +++ b/internal/resources/engine/route.go @@ -12,7 +12,7 @@ import ( // TracingRoute creates a Route for the Engine's tracing service. func TracingRoute( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*routev1.Route, error) { labels := k8s.CommonLabels(cr.Name, "engine-tracing") diff --git a/internal/resources/engine/route_test.go b/internal/resources/engine/route_test.go index 87287cd..d1cabb4 100644 --- a/internal/resources/engine/route_test.go +++ b/internal/resources/engine/route_test.go @@ -16,21 +16,21 @@ import ( func TestTracingRoute(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateRoute func(*testing.T, *routev1.Route, *exploitiqv1alpha1.ExploitIQStack) + validateRoute func(*testing.T, *routev1.Route, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRoute: func(t *testing.T, route *routev1.Route, cr *exploitiqv1alpha1.ExploitIQStack) { + validateRoute: func(t *testing.T, route *routev1.Route, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, TracingRouteName, route.Name) assert.Equal(t, cr.Namespace, route.Namespace) assert.Equal(t, "route.openshift.io/v1", route.APIVersion) @@ -40,7 +40,7 @@ func TestTracingRoute(t *testing.T) { assert.Equal(t, "Service", route.Spec.To.Kind) assert.Equal(t, TracingServiceName, route.Spec.To.Name) // Labels validation - assert.Equal(t, "exploitiq", route.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", route.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, route.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine-tracing", route.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/engine/service.go b/internal/resources/engine/service.go index f65235a..f96e594 100644 --- a/internal/resources/engine/service.go +++ b/internal/resources/engine/service.go @@ -12,7 +12,7 @@ import ( // Service creates and returns a Service for the Engine component. func Service( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.Service, error) { labels := k8s.CommonLabels(cr.Name, "engine") @@ -40,7 +40,7 @@ func Service( // TracingService creates a separate Service for the Engine's tracing endpoint. func TracingService( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.Service, error) { labels := k8s.CommonLabels(cr.Name, "engine-tracing") diff --git a/internal/resources/engine/service_test.go b/internal/resources/engine/service_test.go index 76c1b71..26dea94 100644 --- a/internal/resources/engine/service_test.go +++ b/internal/resources/engine/service_test.go @@ -16,21 +16,21 @@ import ( func TestService(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIQStack) + validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceName, svc.Name) assert.Equal(t, cr.Namespace, svc.Namespace) assert.Equal(t, "v1", svc.APIVersion) @@ -40,7 +40,7 @@ func TestService(t *testing.T) { assert.Equal(t, int32(HTTPPort), svc.Spec.Ports[0].Port) assert.Equal(t, intstr.FromInt(HTTPPort), svc.Spec.Ports[0].TargetPort) // Labels and selector validation - assert.Equal(t, "exploitiq", svc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine", svc.Labels["app.kubernetes.io/component"]) assert.Equal(t, svc.Labels, svc.Spec.Selector) @@ -73,21 +73,21 @@ func TestService(t *testing.T) { func TestTracingService(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIQStack) + validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, TracingServiceName, svc.Name) assert.Equal(t, cr.Namespace, svc.Namespace) assert.Equal(t, "v1", svc.APIVersion) @@ -97,11 +97,11 @@ func TestTracingService(t *testing.T) { assert.Equal(t, int32(TracingPort), svc.Spec.Ports[0].Port) assert.Equal(t, intstr.FromInt(TracingPort), svc.Spec.Ports[0].TargetPort) // Labels validation - tracing service has different component label - assert.Equal(t, "exploitiq", svc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine-tracing", svc.Labels["app.kubernetes.io/component"]) // Selector validation - uses engine labels (business logic) - assert.Equal(t, "exploitiq", svc.Spec.Selector["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Spec.Selector["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Spec.Selector["app.kubernetes.io/instance"]) assert.Equal(t, "engine", svc.Spec.Selector["app.kubernetes.io/component"]) }, diff --git a/internal/resources/engine/serviceaccount.go b/internal/resources/engine/serviceaccount.go index 970468d..44c9b11 100644 --- a/internal/resources/engine/serviceaccount.go +++ b/internal/resources/engine/serviceaccount.go @@ -11,7 +11,7 @@ import ( // ServiceAccount creates a ServiceAccount for the Engine component. func ServiceAccount( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ServiceAccount, error) { labels := k8s.CommonLabels(cr.Name, "engine") diff --git a/internal/resources/engine/serviceaccount_test.go b/internal/resources/engine/serviceaccount_test.go index 2bfcf51..15a552c 100644 --- a/internal/resources/engine/serviceaccount_test.go +++ b/internal/resources/engine/serviceaccount_test.go @@ -15,27 +15,27 @@ import ( func TestServiceAccount(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateServiceAccount func(*testing.T, *corev1.ServiceAccount, *exploitiqv1alpha1.ExploitIQStack) + validateServiceAccount func(*testing.T, *corev1.ServiceAccount, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateServiceAccount: func(t *testing.T, sa *corev1.ServiceAccount, cr *exploitiqv1alpha1.ExploitIQStack) { + validateServiceAccount: func(t *testing.T, sa *corev1.ServiceAccount, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceAccountName, sa.Name) assert.Equal(t, cr.Namespace, sa.Namespace) assert.Equal(t, "v1", sa.APIVersion) assert.Equal(t, "ServiceAccount", sa.Kind) // Labels validation - assert.Equal(t, "exploitiq", sa.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", sa.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, sa.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "engine", sa.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/webapp/configmap.go b/internal/resources/webapp/configmap.go index 624721e..c20e143 100644 --- a/internal/resources/webapp/configmap.go +++ b/internal/resources/webapp/configmap.go @@ -20,7 +20,7 @@ var includesJSON string // ConfigMap creates a ConfigMap for the WebApp component with includes/excludes configuration. func ConfigMap( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ConfigMap, error) { labels := k8s.CommonLabels(cr.Name, "webapp") diff --git a/internal/resources/webapp/configmap_test.go b/internal/resources/webapp/configmap_test.go index 6fad472..8a89951 100644 --- a/internal/resources/webapp/configmap_test.go +++ b/internal/resources/webapp/configmap_test.go @@ -15,21 +15,21 @@ import ( func TestConfigMap(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIQStack) + validateConfigMap func(*testing.T, *corev1.ConfigMap, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIQStack) { + validateConfigMap: func(t *testing.T, cm *corev1.ConfigMap, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ConfigMapIncludesExcludes, cm.Name) assert.Equal(t, cr.Namespace, cm.Namespace) assert.Equal(t, "v1", cm.APIVersion) @@ -39,7 +39,7 @@ func TestConfigMap(t *testing.T) { assert.NotEmpty(t, cm.Data[ConfigMapFileIncludes]) assert.NotEmpty(t, cm.Data[ConfigMapFileExcludes]) // Labels validation - assert.Equal(t, "exploitiq", cm.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", cm.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, cm.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", cm.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/webapp/constants.go b/internal/resources/webapp/constants.go index cfb8682..38445fe 100644 --- a/internal/resources/webapp/constants.go +++ b/internal/resources/webapp/constants.go @@ -5,30 +5,30 @@ const ( DefaultImage = "registry.redhat.io/exploit-intelligence-tech-preview/agent-client-rhel9:latest" // ServiceAccountName is the ServiceAccount used by the WebApp. - ServiceAccountName = "exploit-iq-client-sa" + ServiceAccountName = "exploit-intelligence-client-sa" // DeploymentName is the name of the WebApp Deployment. - DeploymentName = "exploit-iq-client" + DeploymentName = "exploit-intelligence-client" // ServiceName is the name of the WebApp Service. - ServiceName = "exploit-iq-client" + ServiceName = "exploit-intelligence-client" // ConfigMapIncludesExcludes is the name of the ConfigMap with UI includes/excludes. ConfigMapIncludesExcludes = "includes-excludes-json" // SecretName is the name of the OAuth client Secret. SecretName = "oauth-client-secret" //nolint:gosec // G101: Secret resource name, not actual secret value // SecretNameTLS is the name of the Secret containing TLS certs. - SecretNameTLS = "exploit-iq-client-tls" //nolint:gosec // G101: Secret resource name, not actual secret value + SecretNameTLS = "exploit-intelligence-client-tls" //nolint:gosec // G101: Secret resource name, not actual secret value // SecretNameOIDCCookie is the name of the Secret containing OIDC cookie secret. SecretNameOIDCCookie = "oidc-cookie-secret" //nolint:gosec // G101: Secret resource name, not actual secret value // RouteName is the primary Route name for the WebApp. - RouteName = "exploit-iq-client" + RouteName = "exploit-intelligence-client" // RouteNameSwaggerUI is the Route name for the Swagger UI. - RouteNameSwaggerUI = "exploit-iq-client-swagger-ui" + RouteNameSwaggerUI = "exploit-intelligence-client-swagger-ui" // ServiceMonitorName is the name of the ServiceMonitor resource. - ServiceMonitorName = "exploit-iq" + ServiceMonitorName = "exploit-intelligence" // OAuthClientName is the name of the OAuthClient resource. - OAuthClientName = "exploit-iq-webapp-oauth-client" + OAuthClientName = "exploit-intelligence-webapp-oauth-client" // MainContainerName is the name of the WebApp container. - MainContainerName = "exploit-iq-client" + MainContainerName = "exploit-intelligence-client" // HTTPPort is the HTTP port exposed by the WebApp. HTTPPort = 8080 @@ -108,7 +108,7 @@ const ( // ValueDockerConfigPath is the default Docker config path. ValueDockerConfigPath = "/tmp/.docker" // ValueQuarkusMongoDBDatabase is the default MongoDB database name. - ValueQuarkusMongoDBDatabase = "exploit-iq-client" + ValueQuarkusMongoDBDatabase = "exploit-intelligence-client" // ValueQuarkusHTTPSSLPort is the default HTTPS port value for Quarkus. ValueQuarkusHTTPSSLPort = "8443" // ValueQuarkusHTTPInsecureRequests is the default insecure requests policy. @@ -127,7 +127,7 @@ const ( FieldPathNamespace = "metadata.namespace" // MongoDBServiceName is the service name of the MongoDB dependency. - MongoDBServiceName = "exploit-iq-client-db" + MongoDBServiceName = "exploit-intelligence-client-db" // MongoDBPort is the port used by MongoDB service. MongoDBPort = 27017 // NginxCacheURL is the URL of the Nginx cache service. @@ -140,8 +140,8 @@ const ( // ArgQuarkusLogLevel sets the log level for the application package. ArgQuarkusLogLevel = "-Dquarkus.log.category.\"com.redhat.ecosystemappeng.morpheus\".level=DEBUG" - // SecretNameGitHubPAT is the name of the Secret with GitHub PAT (consolidated into exploit-iq-secret). - SecretNameGitHubPAT = "exploit-iq-secret" //nolint:gosec // G101: Secret resource name, not actual secret value + // SecretNameGitHubPAT is the name of the Secret with GitHub PAT (consolidated into exploit-intelligence-secret). + SecretNameGitHubPAT = "exploit-intelligence-secret" //nolint:gosec // G101: Secret resource name, not actual secret value // SecretKeyGitHubPAT is the key in the Secret for the GitHub PAT. SecretKeyGitHubPAT = "ghsa_api_key" //nolint:gosec // G101: Secret key name, not actual API key @@ -158,12 +158,12 @@ const ( ValueHAProxyTimeout = "5m" // AnnotationManagedBy marks resources managed by the operator. - AnnotationManagedBy = "exploitiq.openshift.io/managed-by" + AnnotationManagedBy = "exploitintelligence.openshift.io/managed-by" // AnnotationManagedInstances tracks CR instances managing the OAuthClient. - AnnotationManagedInstances = "exploitiq.openshift.io/instances" + AnnotationManagedInstances = "exploitintelligence.openshift.io/instances" // ValueManagedBy is the marker value for managed-by. - ValueManagedBy = "exploitiq-operator" + ValueManagedBy = "exploit-intelligence-operator" - // FinalizerName is the finalizer name for ExploitIQStack resources. - FinalizerName = "exploitiq.openshift.io/finalizer" + // FinalizerName is the finalizer name for ExploitIntelligenceStack resources. + FinalizerName = "exploitintelligence.openshift.io/finalizer" ) diff --git a/internal/resources/webapp/deployment.go b/internal/resources/webapp/deployment.go index 6699dbc..4b9ba92 100644 --- a/internal/resources/webapp/deployment.go +++ b/internal/resources/webapp/deployment.go @@ -16,7 +16,7 @@ import ( // Deployment creates a Deployment for the WebApp component. func Deployment( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, profile *platform.PlatformProfile, params ManifestsParams, @@ -88,7 +88,7 @@ func Deployment( return dep, nil } -func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.ResourceRequirements { +func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIntelligenceStack) *corev1.ResourceRequirements { defaults := corev1.ResourceRequirements{ Limits: corev1.ResourceList{ "memory": resource.MustParse("2Gi"), @@ -104,7 +104,7 @@ func getMainContainerResources(cr *exploitiqv1alpha1.ExploitIQStack) *corev1.Res } func buildWebAppContainers( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, image string, imagePullPolicy corev1.PullPolicy, volumeMounts []corev1.VolumeMount, @@ -183,7 +183,7 @@ func newOAuth2ProxySidecar(oidc *exploitiqv1alpha1.OIDCSpec) corev1.Container { func buildWebAppEnv( profile *platform.PlatformProfile, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, quarkusHTTPHost, openAPIServer, corsOrigins string, ) []corev1.EnvVar { mongoCredentialsSecretName := getMongoCredentialsSecretName(cr) @@ -207,14 +207,14 @@ func buildWebAppEnv( cr.Namespace, ), }, - {Name: "QUARKUS_MONGODB_HOSTS", Value: "exploit-iq-client-db:27017"}, - {Name: "QUARKUS_MONGODB_DATABASE", Value: "exploit-iq-client"}, + {Name: "QUARKUS_MONGODB_HOSTS", Value: "exploit-intelligence-client-db:27017"}, + {Name: "QUARKUS_MONGODB_DATABASE", Value: "exploit-intelligence-client"}, { Name: "QUARKUS_MONGODB_CREDENTIALS_USERNAME", ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{Name: mongoCredentialsSecretName}, - Key: "exploit-iq-user", + Key: "exploit-intelligence-user", }, }, }, @@ -223,12 +223,12 @@ func buildWebAppEnv( ValueFrom: &corev1.EnvVarSource{ SecretKeyRef: &corev1.SecretKeySelector{ LocalObjectReference: corev1.LocalObjectReference{Name: mongoCredentialsSecretName}, - Key: "exploit-iq-password", + Key: "exploit-intelligence-password", }, }, }, - {Name: "QUARKUS_MONGODB_CREDENTIALS_AUTH-SOURCE", Value: "exploit-iq-client"}, - {Name: "QUARKUS_MONGODB_APPLICATION_NAME", Value: "exploit-iq-client"}, + {Name: "QUARKUS_MONGODB_CREDENTIALS_AUTH-SOURCE", Value: "exploit-intelligence-client"}, + {Name: "QUARKUS_MONGODB_APPLICATION_NAME", Value: "exploit-intelligence-client"}, {Name: "QUARKUS_HTTP_HOST", Value: quarkusHTTPHost}, {Name: "MORPHEUS_UI_INCLUDES_PATH", Value: "/config/includes.json"}, {Name: "MORPHEUS_UI_EXCLUDES_PATH", Value: "/config/excludes.json"}, @@ -312,7 +312,7 @@ func buildWebAppEnv( func buildWebAppVolumes( profile *platform.PlatformProfile, - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, ) ([]corev1.Volume, []corev1.VolumeMount) { volumes := []corev1.Volume{ { @@ -375,7 +375,7 @@ func int32Ptr(v int32) *int32 { return &v } -func getMongoCredentialsSecretName(cr *exploitiqv1alpha1.ExploitIQStack) string { +func getMongoCredentialsSecretName(cr *exploitiqv1alpha1.ExploitIntelligenceStack) string { if cr.Spec.Database.CredentialsSecretRef != nil && cr.Spec.Database.CredentialsSecretRef.Name != "" { return cr.Spec.Database.CredentialsSecretRef.Name } diff --git a/internal/resources/webapp/deployment_test.go b/internal/resources/webapp/deployment_test.go index d7217b9..fb327de 100644 --- a/internal/resources/webapp/deployment_test.go +++ b/internal/resources/webapp/deployment_test.go @@ -19,21 +19,21 @@ import ( func TestDeployment(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme profile *platform.PlatformProfile params ManifestsParams - validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIQStack, *platform.PlatformProfile, ManifestsParams) + validateDeployment func(*testing.T, *appsv1.Deployment, *exploitiqv1alpha1.ExploitIntelligenceStack, *platform.PlatformProfile, ManifestsParams) expectError bool }{ { name: "minimal CRD with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "test-registry-secret", @@ -49,7 +49,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Equal(t, DeploymentName, dep.Name) assert.Equal(t, cr.Namespace, dep.Namespace) assert.NotNil(t, dep.Spec.Replicas) @@ -72,12 +72,12 @@ func TestDeployment(t *testing.T) { }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ Deployment: exploitiqv1alpha1.DeploymentSpec{ Replicas: func() *int32 { @@ -117,7 +117,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Equal(t, int32(3), *dep.Spec.Replicas) assert.Equal(t, "custom-image:v1.0.0", dep.Spec.Template.Spec.Containers[0].Image) assert.Equal( @@ -153,12 +153,12 @@ func TestDeployment(t *testing.T) { }, { name: "OpenShift platform with OIDC", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-oidc", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Auth: exploitiqv1alpha1.AuthSpec{ OIDC: &exploitiqv1alpha1.OIDCSpec{ ClientID: "test-client", @@ -186,7 +186,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Len(t, dep.Spec.Template.Spec.Containers, 1) envMap := envToMap(dep.Spec.Template.Spec.Containers[0].Env) assert.Equal(t, OAuthClientName, envMap["QUARKUS_OIDC_CLIENT-ID"]) @@ -199,12 +199,12 @@ func TestDeployment(t *testing.T) { }, { name: "Kubernetes platform with OIDC sidecar", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-k8s-oidc", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Auth: exploitiqv1alpha1.AuthSpec{ OIDC: &exploitiqv1alpha1.OIDCSpec{ ClientID: "k8s-client", @@ -232,7 +232,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.k8s.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Len(t, dep.Spec.Template.Spec.Containers, 2) sidecar := dep.Spec.Template.Spec.Containers[1] assert.Equal(t, "oauth2-proxy", sidecar.Name) @@ -255,12 +255,12 @@ func TestDeployment(t *testing.T) { }, { name: "Kubernetes platform without OIDC", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-k8s", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -276,7 +276,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.k8s.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Len(t, dep.Spec.Template.Spec.Containers, 1) envMap := envToMap(dep.Spec.Template.Spec.Containers[0].Env) assert.Equal(t, "0.0.0.0", envMap["QUARKUS_HTTP_HOST"]) @@ -286,12 +286,12 @@ func TestDeployment(t *testing.T) { }, { name: "zero replicas", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-zero", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ Deployment: exploitiqv1alpha1.DeploymentSpec{ Replicas: func() *int32 { @@ -313,7 +313,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.NotNil(t, dep.Spec.Replicas) assert.Equal(t, int32(0), *dep.Spec.Replicas) }, @@ -321,12 +321,12 @@ func TestDeployment(t *testing.T) { }, { name: "without registry credentials secret", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-no-registry", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "", @@ -342,7 +342,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Empty(t, dep.Spec.Template.Spec.ImagePullSecrets) volumeMap := volumeToMap( dep.Spec.Template.Spec.Containers[0].VolumeMounts, @@ -355,12 +355,12 @@ func TestDeployment(t *testing.T) { }, { name: "with registry credentials secret", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-registry", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "my-registry-secret", @@ -376,7 +376,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { assert.Len(t, dep.Spec.Template.Spec.ImagePullSecrets, 1) assert.Equal( t, @@ -395,12 +395,12 @@ func TestDeployment(t *testing.T) { }, { name: "OpenShift TLS volumes", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-tls", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -416,7 +416,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { volumeMap := volumeToMap( dep.Spec.Template.Spec.Containers[0].VolumeMounts, dep.Spec.Template.Spec.Volumes, @@ -429,12 +429,12 @@ func TestDeployment(t *testing.T) { }, { name: "Kubernetes no TLS volumes", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-k8s-no-tls", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -450,7 +450,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.k8s.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { volumeMap := volumeToMap( dep.Spec.Template.Spec.Containers[0].VolumeMounts, dep.Spec.Template.Spec.Volumes, @@ -462,12 +462,12 @@ func TestDeployment(t *testing.T) { }, { name: "default resources", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-default-resources", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -483,7 +483,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { resources := dep.Spec.Template.Spec.Containers[0].Resources assert.Equal(t, resource.MustParse("2Gi"), resources.Limits[corev1.ResourceMemory]) assert.Equal(t, resource.MustParse("500m"), resources.Limits[corev1.ResourceCPU]) @@ -498,12 +498,12 @@ func TestDeployment(t *testing.T) { }, { name: "environment variables validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-env", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -519,7 +519,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { envMap := envToMap(dep.Spec.Template.Spec.Containers[0].Env) assert.Equal( t, @@ -540,12 +540,12 @@ func TestDeployment(t *testing.T) { }, { name: "includes/excludes volume", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-volumes", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -561,7 +561,7 @@ func TestDeployment(t *testing.T) { Swagger: "swagger.example.com", }, }, - validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIQStack, prof *platform.PlatformProfile, params ManifestsParams) { + validateDeployment: func(t *testing.T, dep *appsv1.Deployment, cr *exploitiqv1alpha1.ExploitIntelligenceStack, prof *platform.PlatformProfile, params ManifestsParams) { volumeMap := volumeToMap( dep.Spec.Template.Spec.Containers[0].VolumeMounts, dep.Spec.Template.Spec.Volumes, @@ -639,15 +639,15 @@ func findPort(ports []corev1.ContainerPort, name string) *corev1.ContainerPort { } func newWebAppCR( - modifiers ...func(*exploitiqv1alpha1.ExploitIQStack), -) *exploitiqv1alpha1.ExploitIQStack { - cr := &exploitiqv1alpha1.ExploitIQStack{ + modifiers ...func(*exploitiqv1alpha1.ExploitIntelligenceStack), +) *exploitiqv1alpha1.ExploitIntelligenceStack { + cr := &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", UID: types.UID("test-uid"), }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{Name: "registry-secret"}, }, @@ -721,13 +721,13 @@ func TestNewOAuth2ProxySidecar(t *testing.T) { func TestGetMainContainerResources(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack validate func(*testing.T, *corev1.ResourceRequirements) }{ { name: "returns defaults when no resources specified", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{}, }, }, @@ -740,8 +740,8 @@ func TestGetMainContainerResources(t *testing.T) { }, { name: "merges user resources with defaults", - cr: &exploitiqv1alpha1.ExploitIQStack{ - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ Container: exploitiqv1alpha1.ContainerSpec{ Resources: &corev1.ResourceRequirements{ @@ -778,7 +778,7 @@ func TestGetMainContainerResources(t *testing.T) { func TestDeploymentEdgeCases(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack profile *platform.PlatformProfile params ManifestsParams validateDeployment func(*testing.T, *appsv1.Deployment) @@ -801,12 +801,12 @@ func TestDeploymentEdgeCases(t *testing.T) { }, { name: "labels and selector match", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ RegistryCredentialsSecretRef: corev1.LocalObjectReference{ Name: "registry-secret", @@ -844,12 +844,12 @@ func TestDeploymentEdgeCases(t *testing.T) { }, { name: "imagePullPolicy from container spec", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ Container: exploitiqv1alpha1.ContainerSpec{ ImagePullPolicy: corev1.PullAlways, @@ -877,13 +877,13 @@ func TestDeploymentEdgeCases(t *testing.T) { }, { name: "sidecar args and env validation", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", UID: types.UID("test-uid-123"), }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Auth: exploitiqv1alpha1.AuthSpec{ OIDC: &exploitiqv1alpha1.OIDCSpec{ ClientID: "sidecar-client", diff --git a/internal/resources/webapp/ingress.go b/internal/resources/webapp/ingress.go index 48b73b8..a369381 100644 --- a/internal/resources/webapp/ingress.go +++ b/internal/resources/webapp/ingress.go @@ -13,7 +13,7 @@ import ( // Ingress creates the main Ingress for the WebApp component. func Ingress( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, ) (*networkingv1.Ingress, error) { @@ -71,7 +71,7 @@ func Ingress( // SwaggerUIIngress creates an Ingress for the Swagger UI endpoint. func SwaggerUIIngress( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, ) (*networkingv1.Ingress, error) { diff --git a/internal/resources/webapp/ingress_test.go b/internal/resources/webapp/ingress_test.go index 7c6837e..23ab6a2 100644 --- a/internal/resources/webapp/ingress_test.go +++ b/internal/resources/webapp/ingress_test.go @@ -15,20 +15,20 @@ import ( func TestIngress(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) expectError bool }{ { name: "minimal CRD with ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -39,11 +39,11 @@ func TestIngress(t *testing.T) { scheme: runtime.NewScheme(), params: ManifestsParams{ Hosts: Hosts{ - Main: "exploit-iq-client-test-ns.example.com", - Swagger: "exploit-iq-client-swagger-ui-test-ns.example.com", + Main: "exploit-intelligence-client-test-ns.example.com", + Swagger: "exploit-intelligence-client-swagger-ui-test-ns.example.com", }, }, - validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, RouteName, ingress.Name) assert.Equal(t, cr.Namespace, ingress.Namespace) assert.NotNil(t, ingress.Spec.IngressClassName) @@ -67,7 +67,7 @@ func TestIngress(t *testing.T) { "http", ingress.Spec.Rules[0].HTTP.Paths[0].Backend.Service.Port.Name, ) - assert.Equal(t, "exploitiq", ingress.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", ingress.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, ingress.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", ingress.Labels["app.kubernetes.io/component"]) }, @@ -75,12 +75,12 @@ func TestIngress(t *testing.T) { }, { name: "missing ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{}, }, @@ -89,20 +89,20 @@ func TestIngress(t *testing.T) { scheme: runtime.NewScheme(), params: ManifestsParams{ Hosts: Hosts{ - Main: "exploit-iq-client-test-ns.example.com", - Swagger: "exploit-iq-client-swagger-ui-test-ns.example.com", + Main: "exploit-intelligence-client-test-ns.example.com", + Swagger: "exploit-intelligence-client-swagger-ui-test-ns.example.com", }, }, expectError: true, }, { name: "empty main host", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -114,7 +114,7 @@ func TestIngress(t *testing.T) { params: ManifestsParams{ Hosts: Hosts{ Main: "", - Swagger: "exploit-iq-client-swagger-ui-test-ns.example.com", + Swagger: "exploit-intelligence-client-swagger-ui-test-ns.example.com", }, }, expectError: true, @@ -145,20 +145,20 @@ func TestIngress(t *testing.T) { func TestSwaggerUIIngress(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateIngress func(*testing.T, *networkingv1.Ingress, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) expectError bool }{ { name: "minimal CRD with ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -169,11 +169,11 @@ func TestSwaggerUIIngress(t *testing.T) { scheme: runtime.NewScheme(), params: ManifestsParams{ Hosts: Hosts{ - Main: "exploit-iq-client-test-ns.example.com", - Swagger: "exploit-iq-client-swagger-ui-test-ns.example.com", + Main: "exploit-intelligence-client-test-ns.example.com", + Swagger: "exploit-intelligence-client-swagger-ui-test-ns.example.com", }, }, - validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateIngress: func(t *testing.T, ingress *networkingv1.Ingress, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { assert.Equal(t, RouteNameSwaggerUI, ingress.Name) assert.Equal(t, cr.Namespace, ingress.Namespace) assert.NotNil(t, ingress.Spec.IngressClassName) @@ -197,7 +197,7 @@ func TestSwaggerUIIngress(t *testing.T) { "http", ingress.Spec.Rules[0].HTTP.Paths[0].Backend.Service.Port.Name, ) - assert.Equal(t, "exploitiq", ingress.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", ingress.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, ingress.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", ingress.Labels["app.kubernetes.io/component"]) }, @@ -205,12 +205,12 @@ func TestSwaggerUIIngress(t *testing.T) { }, { name: "missing ingressClassName", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{}, }, @@ -219,20 +219,20 @@ func TestSwaggerUIIngress(t *testing.T) { scheme: runtime.NewScheme(), params: ManifestsParams{ Hosts: Hosts{ - Main: "exploit-iq-client-test-ns.example.com", - Swagger: "exploit-iq-client-swagger-ui-test-ns.example.com", + Main: "exploit-intelligence-client-test-ns.example.com", + Swagger: "exploit-intelligence-client-swagger-ui-test-ns.example.com", }, }, expectError: true, }, { name: "empty swagger host", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Platform: exploitiqv1alpha1.PlatformSpec{ Ingress: exploitiqv1alpha1.IngressSpec{ IngressClassName: "traefik", @@ -243,7 +243,7 @@ func TestSwaggerUIIngress(t *testing.T) { scheme: runtime.NewScheme(), params: ManifestsParams{ Hosts: Hosts{ - Main: "exploit-iq-client-test-ns.example.com", + Main: "exploit-intelligence-client-test-ns.example.com", Swagger: "", }, }, diff --git a/internal/resources/webapp/oauth.go b/internal/resources/webapp/oauth.go index 478dd08..34826bf 100644 --- a/internal/resources/webapp/oauth.go +++ b/internal/resources/webapp/oauth.go @@ -12,7 +12,7 @@ import ( ) func OAuthClient( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, params ManifestsParams, secretValue string, @@ -29,7 +29,7 @@ func OAuthClient( Labels: labels, Annotations: map[string]string{ AnnotationManagedInstances: instanceKey, - "exploitiq.openshift.io/base-domain": params.OAuth.BaseDomain, + "exploitintelligence.openshift.io/base-domain": params.OAuth.BaseDomain, }, }, Secret: secretValue, @@ -41,7 +41,7 @@ func OAuthClient( } func OAuthSecret( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, secretValue string, baseDomain string, @@ -69,7 +69,7 @@ func OAuthSecret( // OIDCCookieSecret creates a Secret for OIDC OAuth2 proxy cookie secret. func OIDCCookieSecret( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, cookieSecret string, ) (*corev1.Secret, error) { diff --git a/internal/resources/webapp/oauth_test.go b/internal/resources/webapp/oauth_test.go index 7c35847..b34aedd 100644 --- a/internal/resources/webapp/oauth_test.go +++ b/internal/resources/webapp/oauth_test.go @@ -17,16 +17,16 @@ import ( func TestOAuthClient(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams secretValue string - validateOAuthClient func(*testing.T, *oauthv1.OAuthClient, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams, string) + validateOAuthClient func(*testing.T, *oauthv1.OAuthClient, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams, string) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -43,7 +43,7 @@ func TestOAuthClient(t *testing.T) { BaseDomain: "example.com", }, }, - validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams, secretValue string) { + validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams, secretValue string) { assert.Equal(t, OAuthClientName, oauth.Name) assert.Equal(t, "oauth.openshift.io/v1", oauth.APIVersion) assert.Equal(t, "OAuthClient", oauth.Kind) @@ -58,10 +58,10 @@ func TestOAuthClient(t *testing.T) { assert.Equal( t, params.OAuth.BaseDomain, - oauth.Annotations["exploitiq.openshift.io/base-domain"], + oauth.Annotations["exploitintelligence.openshift.io/base-domain"], ) // Labels validation - assert.Equal(t, "exploitiq", oauth.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", oauth.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, oauth.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", oauth.Labels["app.kubernetes.io/component"]) }, @@ -69,12 +69,12 @@ func TestOAuthClient(t *testing.T) { }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns-full", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ Container: exploitiqv1alpha1.ContainerSpec{ Image: "custom-image:v1.0.0", @@ -93,7 +93,7 @@ func TestOAuthClient(t *testing.T) { BaseDomain: "custom.com", }, }, - validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams, secretValue string) { + validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams, secretValue string) { assert.Equal(t, secretValue, oauth.Secret) assert.Contains(t, oauth.RedirectURIs, "http://webapp.custom.com") assert.Contains(t, oauth.RedirectURIs, "https://webapp.custom.com") @@ -102,7 +102,7 @@ func TestOAuthClient(t *testing.T) { }, { name: "empty secret value", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -119,14 +119,14 @@ func TestOAuthClient(t *testing.T) { BaseDomain: "example.com", }, }, - validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams, secretValue string) { + validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams, secretValue string) { assert.Equal(t, "", oauth.Secret) }, expectError: false, }, { name: "empty base domain", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -143,8 +143,8 @@ func TestOAuthClient(t *testing.T) { BaseDomain: "", }, }, - validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams, secretValue string) { - assert.Equal(t, "", oauth.Annotations["exploitiq.openshift.io/base-domain"]) + validateOAuthClient: func(t *testing.T, oauth *oauthv1.OAuthClient, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams, secretValue string) { + assert.Equal(t, "", oauth.Annotations["exploitintelligence.openshift.io/base-domain"]) }, expectError: false, }, @@ -174,16 +174,16 @@ func TestOAuthClient(t *testing.T) { func TestOAuthSecret(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme secretValue string baseDomain string - validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIQStack, string, string) + validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIntelligenceStack, string, string) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -192,7 +192,7 @@ func TestOAuthSecret(t *testing.T) { scheme: runtime.NewScheme(), secretValue: "test-secret-value", baseDomain: "example.com", - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack, secretValue, baseDomain string) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack, secretValue, baseDomain string) { assert.Equal(t, SecretName, secret.Name) assert.Equal(t, cr.Namespace, secret.Namespace) assert.Equal(t, "v1", secret.APIVersion) @@ -200,7 +200,7 @@ func TestOAuthSecret(t *testing.T) { assert.Equal(t, secretValue, secret.StringData[SecretKeyOAuthClient]) assert.Equal(t, baseDomain, secret.StringData[SecretKeyOpenshiftDomain]) // Labels validation - assert.Equal(t, "exploitiq", secret.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", secret.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, secret.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", secret.Labels["app.kubernetes.io/component"]) }, @@ -208,12 +208,12 @@ func TestOAuthSecret(t *testing.T) { }, { name: "fully specified CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns-full", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ WebApp: exploitiqv1alpha1.WebAppSpec{ Container: exploitiqv1alpha1.ContainerSpec{ Image: "custom-image:v1.0.0", @@ -224,7 +224,7 @@ func TestOAuthSecret(t *testing.T) { scheme: runtime.NewScheme(), secretValue: "custom-secret-value", baseDomain: "custom.com", - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack, secretValue, baseDomain string) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack, secretValue, baseDomain string) { assert.Equal(t, cr.Namespace, secret.Namespace) assert.Equal(t, secretValue, secret.StringData[SecretKeyOAuthClient]) assert.Equal(t, baseDomain, secret.StringData[SecretKeyOpenshiftDomain]) @@ -233,7 +233,7 @@ func TestOAuthSecret(t *testing.T) { }, { name: "empty secret value", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -242,14 +242,14 @@ func TestOAuthSecret(t *testing.T) { scheme: runtime.NewScheme(), secretValue: "", baseDomain: "example.com", - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack, secretValue, baseDomain string) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack, secretValue, baseDomain string) { assert.Equal(t, "", secret.StringData[SecretKeyOAuthClient]) }, expectError: false, }, { name: "empty base domain", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -258,7 +258,7 @@ func TestOAuthSecret(t *testing.T) { scheme: runtime.NewScheme(), secretValue: "test-secret", baseDomain: "", - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack, secretValue, baseDomain string) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack, secretValue, baseDomain string) { assert.Equal(t, "", secret.StringData[SecretKeyOpenshiftDomain]) }, expectError: false, @@ -289,14 +289,14 @@ func TestOAuthSecret(t *testing.T) { func TestOIDCCookieSecret(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme cookieSecret string - validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIQStack, string) + validateSecret func(*testing.T, *corev1.Secret, *exploitiqv1alpha1.ExploitIntelligenceStack, string) }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -304,20 +304,20 @@ func TestOIDCCookieSecret(t *testing.T) { }, scheme: runtime.NewScheme(), cookieSecret: "abcdef0123456789abcdef0123456789", - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack, cookieSecret string) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack, cookieSecret string) { assert.Equal(t, SecretNameOIDCCookie, secret.Name) assert.Equal(t, cr.Namespace, secret.Namespace) assert.Equal(t, "v1", secret.APIVersion) assert.Equal(t, "Secret", secret.Kind) assert.Equal(t, cookieSecret, secret.StringData[SecretKeyOIDCCookie]) - assert.Equal(t, "exploitiq", secret.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", secret.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, secret.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", secret.Labels["app.kubernetes.io/component"]) }, }, { name: "with generated cookie secret", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-full", Namespace: "test-ns-full", @@ -326,7 +326,7 @@ func TestOIDCCookieSecret(t *testing.T) { }, scheme: runtime.NewScheme(), cookieSecret: "12345678901234567890123456789012", - validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIQStack, cookieSecret string) { + validateSecret: func(t *testing.T, secret *corev1.Secret, cr *exploitiqv1alpha1.ExploitIntelligenceStack, cookieSecret string) { assert.Equal(t, cr.Namespace, secret.Namespace) assert.Equal(t, cookieSecret, secret.StringData[SecretKeyOIDCCookie]) assert.Len(t, secret.StringData[SecretKeyOIDCCookie], 32) diff --git a/internal/resources/webapp/route.go b/internal/resources/webapp/route.go index a46e8bd..3785481 100644 --- a/internal/resources/webapp/route.go +++ b/internal/resources/webapp/route.go @@ -11,7 +11,7 @@ import ( ) // Route creates the main Route for the WebApp component. -func Route(cr *exploitiqv1alpha1.ExploitIQStack, scheme *runtime.Scheme) (*routev1.Route, error) { +func Route(cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme) (*routev1.Route, error) { labels := k8s.CommonLabels(cr.Name, "webapp") route := &routev1.Route{ @@ -47,7 +47,7 @@ func Route(cr *exploitiqv1alpha1.ExploitIQStack, scheme *runtime.Scheme) (*route // SwaggerUIRoute creates a Route for the Swagger UI endpoint. func SwaggerUIRoute( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*routev1.Route, error) { labels := k8s.CommonLabels(cr.Name, "webapp") diff --git a/internal/resources/webapp/route_test.go b/internal/resources/webapp/route_test.go index 139d16d..54f2a25 100644 --- a/internal/resources/webapp/route_test.go +++ b/internal/resources/webapp/route_test.go @@ -16,22 +16,22 @@ import ( func TestRoute(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateRoute func(*testing.T, any, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateRoute func(*testing.T, any, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRoute: func(t *testing.T, route any, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateRoute: func(t *testing.T, route any, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { r, ok := route.(*routev1.Route) require.True(t, ok, "expected *routev1.Route, got %T", route) assert.Equal(t, RouteName, r.Name) @@ -78,22 +78,22 @@ func TestRoute(t *testing.T) { func TestSwaggerUIRoute(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme params ManifestsParams - validateRoute func(*testing.T, any, *exploitiqv1alpha1.ExploitIQStack, ManifestsParams) + validateRoute func(*testing.T, any, *exploitiqv1alpha1.ExploitIntelligenceStack, ManifestsParams) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateRoute: func(t *testing.T, route any, cr *exploitiqv1alpha1.ExploitIQStack, params ManifestsParams) { + validateRoute: func(t *testing.T, route any, cr *exploitiqv1alpha1.ExploitIntelligenceStack, params ManifestsParams) { r, ok := route.(*routev1.Route) require.True(t, ok, "expected *routev1.Route, got %T", route) assert.Equal(t, RouteNameSwaggerUI, r.Name) @@ -111,7 +111,7 @@ func TestSwaggerUIRoute(t *testing.T) { assert.Equal(t, ServiceName, r.Spec.To.Name) assert.Equal(t, ValueHAProxyTimeout, r.Annotations[AnnotationHAProxyTimeout]) // Labels validation. - assert.Equal(t, "exploitiq", r.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", r.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, r.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", r.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/webapp/service.go b/internal/resources/webapp/service.go index d4b1a40..cb5b3ba 100644 --- a/internal/resources/webapp/service.go +++ b/internal/resources/webapp/service.go @@ -13,7 +13,7 @@ import ( // Service creates a Service for the WebApp component. func Service( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, profile *platform.PlatformProfile, ) (*corev1.Service, error) { diff --git a/internal/resources/webapp/service_test.go b/internal/resources/webapp/service_test.go index 6be9bd4..0544ef7 100644 --- a/internal/resources/webapp/service_test.go +++ b/internal/resources/webapp/service_test.go @@ -17,15 +17,15 @@ import ( func TestService(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme profile *platform.PlatformProfile - validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIQStack) + validateService func(*testing.T, *corev1.Service, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", @@ -33,7 +33,7 @@ func TestService(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeOpenShift}, - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceName, svc.Name) assert.Equal(t, cr.Namespace, svc.Namespace) assert.Equal(t, "v1", svc.APIVersion) @@ -50,7 +50,7 @@ func TestService(t *testing.T) { assert.Equal(t, int32(MetricsPort), metricsPort.Port) assert.Equal(t, intstr.FromInt(MetricsPort), metricsPort.TargetPort) // Labels and selector validation - assert.Equal(t, "exploitiq", svc.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", svc.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, svc.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", svc.Labels["app.kubernetes.io/component"]) assert.Equal(t, svc.Labels, svc.Spec.Selector) @@ -59,7 +59,7 @@ func TestService(t *testing.T) { }, { name: "Kubernetes platform uses HTTP", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-k8s", Namespace: "test-ns", @@ -67,7 +67,7 @@ func TestService(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeKubernetes}, - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { httpPort := findServicePort(svc.Spec.Ports, "http") assert.NotNil(t, httpPort) assert.Equal(t, int32(HTTPPort), httpPort.Port) @@ -80,12 +80,12 @@ func TestService(t *testing.T) { }, { name: "Kubernetes with OIDC uses OAuth2Proxy port", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack-k8s-oidc", Namespace: "test-ns", }, - Spec: exploitiqv1alpha1.ExploitIQStackSpec{ + Spec: exploitiqv1alpha1.ExploitIntelligenceStackSpec{ Auth: exploitiqv1alpha1.AuthSpec{ OIDC: &exploitiqv1alpha1.OIDCSpec{ ClientID: "test-client", @@ -102,7 +102,7 @@ func TestService(t *testing.T) { }, scheme: runtime.NewScheme(), profile: &platform.PlatformProfile{Platform: platform.PlatformTypeKubernetes}, - validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIQStack) { + validateService: func(t *testing.T, svc *corev1.Service, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { httpPort := findServicePort(svc.Spec.Ports, "http") assert.NotNil(t, httpPort) assert.Equal(t, int32(HTTPPort), httpPort.Port) diff --git a/internal/resources/webapp/serviceaccount.go b/internal/resources/webapp/serviceaccount.go index 4c36eba..8a1feed 100644 --- a/internal/resources/webapp/serviceaccount.go +++ b/internal/resources/webapp/serviceaccount.go @@ -11,7 +11,7 @@ import ( // ServiceAccount creates a ServiceAccount for the WebApp component. func ServiceAccount( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*corev1.ServiceAccount, error) { labels := k8s.CommonLabels(cr.Name, "webapp") diff --git a/internal/resources/webapp/serviceaccount_test.go b/internal/resources/webapp/serviceaccount_test.go index c5a2eaf..0b6ff4a 100644 --- a/internal/resources/webapp/serviceaccount_test.go +++ b/internal/resources/webapp/serviceaccount_test.go @@ -15,27 +15,27 @@ import ( func TestServiceAccount(t *testing.T) { tests := []struct { name string - cr *exploitiqv1alpha1.ExploitIQStack + cr *exploitiqv1alpha1.ExploitIntelligenceStack scheme *runtime.Scheme - validateServiceAccount func(*testing.T, *corev1.ServiceAccount, *exploitiqv1alpha1.ExploitIQStack) + validateServiceAccount func(*testing.T, *corev1.ServiceAccount, *exploitiqv1alpha1.ExploitIntelligenceStack) expectError bool }{ { name: "minimal CRD", - cr: &exploitiqv1alpha1.ExploitIQStack{ + cr: &exploitiqv1alpha1.ExploitIntelligenceStack{ ObjectMeta: metav1.ObjectMeta{ Name: "test-stack", Namespace: "test-ns", }, }, scheme: runtime.NewScheme(), - validateServiceAccount: func(t *testing.T, sa *corev1.ServiceAccount, cr *exploitiqv1alpha1.ExploitIQStack) { + validateServiceAccount: func(t *testing.T, sa *corev1.ServiceAccount, cr *exploitiqv1alpha1.ExploitIntelligenceStack) { assert.Equal(t, ServiceAccountName, sa.Name) assert.Equal(t, cr.Namespace, sa.Namespace) assert.Equal(t, "v1", sa.APIVersion) assert.Equal(t, "ServiceAccount", sa.Kind) // Labels validation - assert.Equal(t, "exploitiq", sa.Labels["app.kubernetes.io/name"]) + assert.Equal(t, "exploit-intelligence", sa.Labels["app.kubernetes.io/name"]) assert.Equal(t, cr.Name, sa.Labels["app.kubernetes.io/instance"]) assert.Equal(t, "webapp", sa.Labels["app.kubernetes.io/component"]) }, diff --git a/internal/resources/webapp/servicemonitor.go b/internal/resources/webapp/servicemonitor.go index 5d7e19e..4daa7f5 100644 --- a/internal/resources/webapp/servicemonitor.go +++ b/internal/resources/webapp/servicemonitor.go @@ -11,7 +11,7 @@ import ( // ServiceMonitor creates a ServiceMonitor for the WebApp metrics endpoint. func ServiceMonitor( - cr *exploitiqv1alpha1.ExploitIQStack, + cr *exploitiqv1alpha1.ExploitIntelligenceStack, scheme *runtime.Scheme, ) (*monitoringv1.ServiceMonitor, error) { labels := k8s.CommonLabels(cr.Name, "webapp") @@ -29,8 +29,8 @@ func ServiceMonitor( Spec: monitoringv1.ServiceMonitorSpec{ Selector: metav1.LabelSelector{ MatchLabels: map[string]string{ - "app": "exploit-iq", - "component": "exploit-iq-client", + "app": "exploit-intelligence", + "component": "exploit-intelligence-client", }, }, Endpoints: []monitoringv1.Endpoint{ diff --git a/test/e2e/e2e_suite_test.go b/test/e2e/e2e_suite_test.go index 412b99a..b025b05 100644 --- a/test/e2e/e2e_suite_test.go +++ b/test/e2e/e2e_suite_test.go @@ -40,7 +40,7 @@ var ( // projectImage is the name of the image which will be build and loaded // with the code source changes to be tested. - projectImage = "example.com/exploit-iq-operator:v0.0.1" + projectImage = "example.com/exploit-intelligence-operator:v0.0.1" // openShiftSimulation indicates whether OpenShift CRDs should be installed // to simulate an OpenShift cluster on Kind. Controlled by E2E_PLATFORM=openshift. @@ -56,7 +56,7 @@ var ( // CertManager. func TestE2E(t *testing.T) { RegisterFailHandler(Fail) - _, _ = fmt.Fprintf(GinkgoWriter, "Starting exploit-iq-operator integration test suite\n") + _, _ = fmt.Fprintf(GinkgoWriter, "Starting exploit-intelligence-operator integration test suite\n") if openShiftSimulation { _, _ = fmt.Fprintf(GinkgoWriter, "OpenShift simulation mode ENABLED\n") } @@ -227,13 +227,13 @@ func teardownOpenShiftSimulation() { utils.UninstallCRDsFromDirectory(openshiftCRDDir) } -// loadStackImagesIntoKind pre-loads ExploitIQ stack component images into Kind cluster +// loadStackImagesIntoKind pre-loads RHTPA exploit intelligence stack component images into Kind cluster // if they are available locally. This avoids image pull failures for private images during tests. func loadStackImagesIntoKind() { stackImages := []string{ "quay.io/ecosystem-appeng/agent-morpheus-rh:v0.0.2", // Engine "quay.io/ecosystem-appeng/agent-morpheus-client:v0.0.2", // WebApp - "quay.io/ecosystem-appeng/exploit-iq-feedback-api:0.0.2", // Argilla + "quay.io/ecosystem-appeng/exploit-intelligence-feedback-api:0.0.2", // Argilla "mongodb/mongodb-community-server:8.0.3-ubi8", // Database "docker.io/nginxinc/nginx-unprivileged:1.27", // Cache } diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 9be10a3..b374fc6 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -31,16 +31,16 @@ import ( ) // namespace where the project is deployed in -const namespace = "exploit-iq-operator-system" +const namespace = "exploit-intelligence-operator-system" // serviceAccountName created for the project -const serviceAccountName = "exploit-iq-operator-controller-manager" +const serviceAccountName = "exploit-intelligence-operator-controller-manager" // metricsServiceName is the name of the metrics service of the project -const metricsServiceName = "exploit-iq-operator-controller-manager-metrics-service" +const metricsServiceName = "exploit-intelligence-operator-controller-manager-metrics-service" // metricsRoleBindingName is the name of the RBAC that will be created to allow get the metrics data -const metricsRoleBindingName = "exploit-iq-operator-metrics-binding" +const metricsRoleBindingName = "exploit-intelligence-operator-metrics-binding" var _ = Describe("Manager", Label("manager"), Ordered, func() { var controllerPodName string @@ -139,7 +139,7 @@ var _ = Describe("Manager", Label("manager"), Ordered, func() { It("should ensure the metrics endpoint is serving metrics", func() { By("creating a ClusterRoleBinding for the service account to allow access to metrics") cmd := exec.Command("kubectl", "create", "clusterrolebinding", metricsRoleBindingName, - "--clusterrole=exploit-iq-operator-metrics-reader", + "--clusterrole=exploit-intelligence-operator-metrics-reader", fmt.Sprintf("--serviceaccount=%s:%s", namespace, serviceAccountName), ) _, err := utils.Run(cmd) diff --git a/test/e2e/openshift_full_e2e_test.go b/test/e2e/openshift_full_e2e_test.go index 4a4582e..2efd45c 100644 --- a/test/e2e/openshift_full_e2e_test.go +++ b/test/e2e/openshift_full_e2e_test.go @@ -33,7 +33,7 @@ const ( fullE2ECRName = "full-e2e-stack" ) -var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Ordered, func() { +var _ = Describe("ExploitIntelligenceStack Full E2E", Label("openshift", "full-e2e"), Ordered, func() { BeforeAll(func() { if !openShiftSimulation { Skip("OpenShift simulation not enabled (set E2E_PLATFORM=openshift)") @@ -47,11 +47,11 @@ var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Orde By("creating prerequisite secrets") createDummySecretsInNamespace(fullE2ENamespace) - By("creating ExploitIQStack CR for full deployment test") + By("creating ExploitIntelligenceStack CR for full deployment test") cmd = exec.Command("kubectl", "apply", "-f", "-") cmd.Stdin = ocpCRManifest(fullE2ENamespace, fullE2ECRName) _, err = utils.Run(cmd) - Expect(err).NotTo(HaveOccurred(), "Failed to create ExploitIQStack CR") + Expect(err).NotTo(HaveOccurred(), "Failed to create ExploitIntelligenceStack CR") }) AfterAll(func() { @@ -59,14 +59,14 @@ var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Orde return } - By("deleting the ExploitIQStack CR") - cmd := exec.Command("kubectl", "delete", "exploitiqstack", fullE2ECRName, + By("deleting the ExploitIntelligenceStack CR") + cmd := exec.Command("kubectl", "delete", "exploitintelligencestack", fullE2ECRName, "-n", fullE2ENamespace, "--ignore-not-found", "--timeout=120s") _, _ = utils.Run(cmd) By("cleaning up cluster-scoped OAuthClient if exists") cmd = exec.Command("kubectl", "delete", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client", "--ignore-not-found") + "exploit-intelligence-webapp-oauth-client", "--ignore-not-found") _, _ = utils.Run(cmd) By("removing full e2e test namespace") @@ -81,11 +81,11 @@ var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Orde It("should deploy all stack components successfully", func() { By("waiting for all Deployments to become Ready") expectedDeployments := []string{ - "exploit-iq", // Engine - "exploit-iq-client", // WebApp - "exploit-iq-client-db", // Database + "exploit-intelligence", // Engine + "exploit-intelligence-client", // WebApp + "exploit-intelligence-client-db", // Database "nginx-cache", // Cache - "exploit-iq-feedback", // Argilla + "exploit-intelligence-feedback", // Argilla } for _, deploymentName := range expectedDeployments { @@ -155,11 +155,11 @@ var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Orde It("should have all Services with endpoints", func() { By("verifying Services have endpoints") expectedServices := []string{ - "exploit-iq", // Engine - "exploit-iq-client", // WebApp - "exploit-iq-client-db", // Database + "exploit-intelligence", // Engine + "exploit-intelligence-client", // WebApp + "exploit-intelligence-client-db", // Database "nginx-cache", // Cache - "exploit-iq-feedback", // Argilla + "exploit-intelligence-feedback", // Argilla } for _, serviceName := range expectedServices { @@ -185,7 +185,7 @@ var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Orde "--namespace", fullE2ENamespace, "--image=curlimages/curl:latest", "--command", "--", "/bin/sh", "-c", - "curl -s -o /dev/null -w '%{http_code}' http://exploit-iq-client."+fullE2ENamespace+".svc.cluster.local:8080/") + "curl -s -o /dev/null -w '%{http_code}' http://exploit-intelligence-client."+fullE2ENamespace+".svc.cluster.local:8080/") _, _ = utils.Run(cmd) By("waiting for the curl pod to complete") @@ -223,7 +223,7 @@ var _ = Describe("ExploitIQStack Full E2E", Label("openshift", "full-e2e"), Orde It("should have Route with correct host configured", func() { By("verifying Route host is set") Eventually(func(g Gomega) { - cmd := exec.Command("kubectl", "get", "route", "exploit-iq-client", + cmd := exec.Command("kubectl", "get", "route", "exploit-intelligence-client", "-n", fullE2ENamespace, "-o", "jsonpath={.spec.host}") output, err := utils.Run(cmd) diff --git a/test/e2e/openshift_test.go b/test/e2e/openshift_test.go index 9c0248b..5f4f0ff 100644 --- a/test/e2e/openshift_test.go +++ b/test/e2e/openshift_test.go @@ -36,7 +36,7 @@ const ( ocpCRName2 = "ocp-test-stack-2" ) -var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", "infra"), Ordered, func() { +var _ = Describe("ExploitIntelligenceStack OpenShift Infrastructure", Label("openshift", "infra"), Ordered, func() { BeforeAll(func() { if !openShiftSimulation { Skip("OpenShift simulation not enabled (set E2E_PLATFORM=openshift)") @@ -56,18 +56,18 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " return } - By("deleting the ExploitIQStack CRs if they exist") - cmd := exec.Command("kubectl", "delete", "exploitiqstack", "--all", + By("deleting the ExploitIntelligenceStack CRs if they exist") + cmd := exec.Command("kubectl", "delete", "exploitintelligencestack", "--all", "-n", ocpTestNamespace, "--ignore-not-found", "--timeout=60s") _, _ = utils.Run(cmd) - cmd = exec.Command("kubectl", "delete", "exploitiqstack", "--all", + cmd = exec.Command("kubectl", "delete", "exploitintelligencestack", "--all", "-n", ocpTestNamespace2, "--ignore-not-found", "--timeout=60s") _, _ = utils.Run(cmd) By("cleaning up cluster-scoped OAuthClient") cmd = exec.Command("kubectl", "delete", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client", "--ignore-not-found") + "exploit-intelligence-webapp-oauth-client", "--ignore-not-found") _, _ = utils.Run(cmd) By("removing test namespaces") @@ -82,11 +82,11 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " Context("platform detection", func() { It("should detect OpenShift platform via API group discovery", func() { - By("creating an ExploitIQStack CR") + By("creating an ExploitIntelligenceStack CR") cmd := exec.Command("kubectl", "apply", "-f", "-") cmd.Stdin = ocpCRManifest(ocpTestNamespace, ocpCRName) _, err := utils.Run(cmd) - Expect(err).NotTo(HaveOccurred(), "Failed to create ExploitIQStack CR") + Expect(err).NotTo(HaveOccurred(), "Failed to create ExploitIntelligenceStack CR") By("verifying the operator logs show OpenShift platform detection") Eventually(func(g Gomega) { @@ -108,7 +108,7 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " It("should create Routes instead of Ingress on OpenShift", func() { By("waiting for the CR to be reconciled") Eventually(func(g Gomega) { - cmd := exec.Command("kubectl", "get", "exploitiqstack", ocpCRName, + cmd := exec.Command("kubectl", "get", "exploitintelligencestack", ocpCRName, "-n", ocpTestNamespace, "-o", "jsonpath={.status.conditions}") output, err := utils.Run(cmd) @@ -117,7 +117,7 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " }).Should(Succeed()) By("verifying Route resources exist for webapp") - verifyResourceExists("routes.route.openshift.io", "exploit-iq-client", ocpTestNamespace) + verifyResourceExists("routes.route.openshift.io", "exploit-intelligence-client", ocpTestNamespace) By("verifying no Ingress resources were created") cmd := exec.Command("kubectl", "get", "ingress", @@ -133,17 +133,17 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " Eventually(func(g Gomega) { cmd := exec.Command("kubectl", "get", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client", + "exploit-intelligence-webapp-oauth-client", "-o", "jsonpath={.metadata.name}") output, err := utils.Run(cmd) g.Expect(err).NotTo(HaveOccurred()) - g.Expect(output).To(Equal("exploit-iq-webapp-oauth-client")) + g.Expect(output).To(Equal("exploit-intelligence-webapp-oauth-client")) }).Should(Succeed()) By("verifying OAuthClient tracks the managing instance") cmd := exec.Command("kubectl", "get", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client", + "exploit-intelligence-webapp-oauth-client", "-o", "jsonpath={.metadata.annotations}") output, err := utils.Run(cmd) Expect(err).NotTo(HaveOccurred()) @@ -159,7 +159,7 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " By("creating prerequisite secrets in second namespace") createDummySecretsInNamespace(ocpTestNamespace2) - By("creating a second ExploitIQStack CR in a different namespace") + By("creating a second ExploitIntelligenceStack CR in a different namespace") cmd = exec.Command("kubectl", "apply", "-f", "-") cmd.Stdin = ocpCRManifest(ocpTestNamespace2, ocpCRName2) _, err = utils.Run(cmd) @@ -169,7 +169,7 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " Eventually(func(g Gomega) { cmd := exec.Command("kubectl", "get", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client", + "exploit-intelligence-webapp-oauth-client", "-o", "jsonpath={.metadata.annotations}") output, err := utils.Run(cmd) g.Expect(err).NotTo(HaveOccurred()) @@ -178,7 +178,7 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " }).Should(Succeed()) By("deleting the second CR") - cmd = exec.Command("kubectl", "delete", "exploitiqstack", ocpCRName2, + cmd = exec.Command("kubectl", "delete", "exploitintelligencestack", ocpCRName2, "-n", ocpTestNamespace2, "--timeout=60s") _, err = utils.Run(cmd) Expect(err).NotTo(HaveOccurred()) @@ -187,7 +187,7 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " Eventually(func(g Gomega) { cmd := exec.Command("kubectl", "get", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client", + "exploit-intelligence-webapp-oauth-client", "-o", "jsonpath={.metadata.annotations}") output, err := utils.Run(cmd) g.Expect(err).NotTo(HaveOccurred()) @@ -214,16 +214,16 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " Context("cleanup", func() { It("should clean up all OpenShift resources when CR is deleted", func() { - By("deleting the ExploitIQStack CR") - cmd := exec.Command("kubectl", "delete", "exploitiqstack", ocpCRName, + By("deleting the ExploitIntelligenceStack CR") + cmd := exec.Command("kubectl", "delete", "exploitintelligencestack", ocpCRName, "-n", ocpTestNamespace, "--timeout=60s") _, err := utils.Run(cmd) - Expect(err).NotTo(HaveOccurred(), "Failed to delete ExploitIQStack CR") + Expect(err).NotTo(HaveOccurred(), "Failed to delete ExploitIntelligenceStack CR") By("verifying Routes are removed") Eventually(func(g Gomega) { cmd := exec.Command("kubectl", "get", "routes.route.openshift.io", - "exploit-iq-client", + "exploit-intelligence-client", "-n", ocpTestNamespace, "--no-headers") _, err := utils.Run(cmd) g.Expect(err).To(HaveOccurred(), "Route should be deleted") @@ -233,14 +233,14 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " Eventually(func(g Gomega) { cmd := exec.Command("kubectl", "get", "oauthclients.oauth.openshift.io", - "exploit-iq-webapp-oauth-client") + "exploit-intelligence-webapp-oauth-client") _, err := utils.Run(cmd) g.Expect(err).To(HaveOccurred(), "OAuthClient should be deleted") }).Should(Succeed()) By("verifying Deployments are removed") Eventually(func(g Gomega) { - cmd := exec.Command("kubectl", "get", "deployment", "exploit-iq-engine", + cmd := exec.Command("kubectl", "get", "deployment", "exploit-intelligence-engine", "-n", ocpTestNamespace, "--no-headers") _, err := utils.Run(cmd) g.Expect(err).To(HaveOccurred(), "Deployment should be deleted") @@ -251,8 +251,8 @@ var _ = Describe("ExploitIQStack OpenShift Infrastructure", Label("openshift", " // createDummySecretsInNamespace creates prerequisite secrets in the given namespace. func createDummySecretsInNamespace(ns string) { - // Create exploit-iq-secret with all required keys - cmd := exec.Command("kubectl", "create", "secret", "generic", "exploit-iq-secret", + // Create exploit-intelligence-secret with all required keys + cmd := exec.Command("kubectl", "create", "secret", "generic", "exploit-intelligence-secret", "-n", ns, "--from-literal=ghsa_api_key=dummy-key", "--from-literal=serpapi_api_key=dummy-key", @@ -263,8 +263,8 @@ func createDummySecretsInNamespace(ns string) { // Create docker-registry secrets dockerSecrets := []string{ - "exploit-iq-pull-secret", - "exploit-iq-registry-credentials", + "exploit-intelligence-pull-secret", + "exploit-intelligence-registry-credentials", } for _, secretName := range dockerSecrets { cmd = exec.Command("kubectl", "create", "secret", "docker-registry", secretName, @@ -276,7 +276,7 @@ func createDummySecretsInNamespace(ns string) { } // Create TLS secret for WebApp (generic type with fake PEM placeholders) - cmd = exec.Command("kubectl", "create", "secret", "generic", "exploit-iq-client-tls", + cmd = exec.Command("kubectl", "create", "secret", "generic", "exploit-intelligence-client-tls", "-n", ns, "--from-literal=tls.crt=-----BEGIN CERTIFICATE-----\nEXAMPLEFAKEDATANOTAREALCERT\n-----END CERTIFICATE-----", // notsecret "--from-literal=tls.key=-----BEGIN PRIVATE KEY-----\nEXAMPLEFAKEDATANOTAREALKEY\n-----END PRIVATE KEY-----") // notsecret @@ -299,21 +299,21 @@ func verifyResourceExists(kind, name, ns string) { }).Should(Succeed()) } -// ocpCRManifest returns an ExploitIQStack CR for OpenShift simulation tests. +// ocpCRManifest returns an ExploitIntelligenceStack CR for OpenShift simulation tests. // Uses IngressMode auto (default) so the operator auto-detects Routes on OpenShift. func ocpCRManifest(ns, name string) io.Reader { - manifest := fmt.Sprintf(`apiVersion: exploitiq.openshift.io/v1alpha1 -kind: ExploitIQStack + manifest := fmt.Sprintf(`apiVersion: exploitintelligence.openshift.io/v1alpha1 +kind: ExploitIntelligenceStack metadata: name: %s namespace: %s spec: engine: pullSecretRef: - name: exploit-iq-pull-secret + name: exploit-intelligence-pull-secret webApp: registryCredentialsSecretRef: - name: exploit-iq-registry-credentials + name: exploit-intelligence-registry-credentials `, name, ns) return strings.NewReader(manifest)