Update names based on Luke's comments.

hashicorp · Jan 26, 2022 · c80c9ec · c80c9ec
1 parent 7842c75
commit c80c9ec
Show file tree

Hide file tree

Showing 10 changed files with 22 additions and 17 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 ## UNRELEASED
 
+BREAKING CHANGES:
+* Helm
+  * Some Consul components from the Helm chart have been renamed to ensure consistency in naming across the components.
+  This will not be a breaking change if Consul components are not referred to by name externally. Check the PR for the list of renamed components. [[GH-993](https://github.com/hashicorp/consul-k8s/pull/985)]
+
 FEATURES:
 * Helm
   * Support Envoy 1.20.1. [[GH-958](https://github.com/hashicorp/consul-k8s/pull/958)]

diff --git a/charts/consul/templates/connect-inject-authmethod-clusterrole.yaml b/charts/consul/templates/connect-inject-authmethod-clusterrole.yaml
@@ -3,7 +3,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: {{ template "consul.fullname" . }}-connect-injector-authmethod
+  name: {{ template "consul.fullname" . }}-connect-injector
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}

diff --git a/charts/consul/templates/connect-inject-authmethod-clusterrolebinding.yaml b/charts/consul/templates/connect-inject-authmethod-clusterrolebinding.yaml
@@ -3,7 +3,7 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: {{ template "consul.fullname" . }}-connect-injector-authmethod-authdelegator
+  name: {{ template "consul.fullname" . }}-connect-injector-authdelegator
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}
@@ -16,13 +16,13 @@ roleRef:
   name: "system:auth-delegator"
 subjects:
   - kind: ServiceAccount
-    name: {{ template "consul.fullname" . }}-connect-injector-authmethod
+    name: {{ template "consul.fullname" . }}-connect-injector
     namespace: {{ .Release.Namespace }}
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: {{ template "consul.fullname" . }}-connect-injector-authmethod-serviceaccount
+  name: {{ template "consul.fullname" . }}-connect-injector
   labels:
     app: {{ template "consul.name" . }}
     chart: {{ template "consul.chart" . }}
@@ -31,10 +31,10 @@ metadata:
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: {{ template "consul.fullname" . }}-connect-injector-authmethod
+  name: {{ template "consul.fullname" . }}-connect-injector
 subjects:
   - kind: ServiceAccount
-    name: {{ template "consul.fullname" . }}-connect-injector-authmethod
+    name: {{ template "consul.fullname" . }}-connect-injector
     namespace: {{ .Release.Namespace }}
 {{- end }}
 {{- end }}
diff --git a/charts/consul/templates/connect-inject-authmethod-serviceaccount.yaml b/charts/consul/templates/connect-inject-authmethod-serviceaccount.yaml
@@ -3,7 +3,7 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ template "consul.fullname" . }}-connect-injector-authmethod
+  name: {{ template "consul.fullname" . }}-connect-injector
   namespace: {{ .Release.Namespace }}
   labels:
     app: {{ template "consul.name" . }}

diff --git a/charts/consul/templates/enterprise-license-job.yaml b/charts/consul/templates/enterprise-license-job.yaml
@@ -4,7 +4,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: {{ template "consul.fullname" . }}-license
+  name: {{ template "consul.fullname" . }}-enterprise-license
   namespace: {{ .Release.Namespace }}
   labels:
     app.kubernetes.io/managed-by: {{.Release.Service | quote }}

diff --git a/charts/consul/templates/partition-init-role.yaml b/charts/consul/templates/partition-init-role.yaml
@@ -26,7 +26,7 @@ rules:
     resources:
       - serviceaccounts
     resourceNames:
-      - {{ template "consul.fullname" . }}-connect-injector-authmethod
+      - {{ template "consul.fullname" . }}-connect-injector
     verbs:
       - get
 {{- end }}

diff --git a/charts/consul/templates/server-acl-init-role.yaml b/charts/consul/templates/server-acl-init-role.yaml
@@ -24,7 +24,7 @@ rules:
     resources:
       - serviceaccounts
     resourceNames:
-      - {{ template "consul.fullname" . }}-connect-injector-authmethod
+      - {{ template "consul.fullname" . }}-connect-injector
     verbs:
       - get
 {{- end }}

diff --git a/control-plane/subcommand/server-acl-init/command_test.go b/control-plane/subcommand/server-acl-init/command_test.go
@@ -2265,7 +2265,7 @@ func getBootToken(t *testing.T, k8s *fake.Clientset, prefix string, k8sNamespace
 func setUpK8sServiceAccount(t *testing.T, k8s *fake.Clientset, namespace string) (string, string) {
 	// Create ServiceAccount for the kubernetes auth method if it doesn't exist,
 	// otherwise, do nothing.
-	serviceAccountName := resourcePrefix + "-connect-injector-authmethod"
+	serviceAccountName := resourcePrefix + "-connect-injector"
 	sa, _ := k8s.CoreV1().ServiceAccounts(namespace).Get(context.Background(), serviceAccountName, metav1.GetOptions{})
 	if sa == nil {
 		// Create a service account that references two secrets.
@@ -2282,7 +2282,7 @@ func setUpK8sServiceAccount(t *testing.T, k8s *fake.Clientset, namespace string)
 						Name: resourcePrefix + "-some-other-secret",
 					},
 					{
-						Name: resourcePrefix + "-connect-injector-authmethod",
+						Name: resourcePrefix + "-connect-injector",
 					},
 				},
 			},
@@ -2297,7 +2297,7 @@ func setUpK8sServiceAccount(t *testing.T, k8s *fake.Clientset, namespace string)
 	require.NoError(t, err)
 
 	// Create a Kubernetes secret if it doesn't exist, otherwise update it
-	secretName := resourcePrefix + "-connect-injector-authmethod"
+	secretName := resourcePrefix + "-connect-injector"
 	secret := &v1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:   secretName,

diff --git a/control-plane/subcommand/server-acl-init/connect_inject.go b/control-plane/subcommand/server-acl-init/connect_inject.go
@@ -139,7 +139,7 @@ func (c *Command) configureConnectInjectAuthMethod(consulClient *api.Client) err
 func (c *Command) createAuthMethodTmpl(authMethodName string) (api.ACLAuthMethod, error) {
 	// Get the Secret name for the auth method ServiceAccount.
 	var authMethodServiceAccount *apiv1.ServiceAccount
-	saName := c.withPrefix("connect-injector-authmethod")
+	saName := c.withPrefix("connect-injector")
 	err := c.untilSucceeds(fmt.Sprintf("getting %s ServiceAccount", saName),
 		func() error {
 			var err error

diff --git a/control-plane/subcommand/server-acl-init/connect_inject_test.go b/control-plane/subcommand/server-acl-init/connect_inject_test.go
@@ -30,8 +30,8 @@ func TestCommand_createAuthMethodTmpl_SecretNotFound(t *testing.T) {
 		ctx:                ctx,
 	}
 
-	serviceAccountName := resourcePrefix + "-connect-injector-authmethod"
-	secretName := resourcePrefix + "-connect-injector-authmethod"
+	serviceAccountName := resourcePrefix + "-connect-injector"
+	secretName := resourcePrefix + "-connect-injector"
 
 	// Create a service account referencing secretName
 	sa, _ := k8s.CoreV1().ServiceAccounts(ns).Get(ctx, serviceAccountName, metav1.GetOptions{})
@@ -65,5 +65,5 @@ func TestCommand_createAuthMethodTmpl_SecretNotFound(t *testing.T) {
 	require.NoError(t, err)
 
 	_, err = cmd.createAuthMethodTmpl("test")
-	require.EqualError(t, err, "found no secret of type 'kubernetes.io/service-account-token' associated with the release-name-consul-connect-injector-authmethod service account")
+	require.EqualError(t, err, "found no secret of type 'kubernetes.io/service-account-token' associated with the release-name-consul-connect-injector service account")
 }