review updates

fghanmi · fghanmi · commit f780f8702c6b · 2025-12-01T17:56:42.000+01:00
diff --git a/api/v1alpha1/common.go b/api/v1alpha1/common.go
@@ -43,6 +43,9 @@ type MonitoringWithTLogConfig struct {
 	// Configuration for Rekor transparency log monitoring
 	//+optional
 	TLog TlogMonitoring `json:"tlog"`
+	// TUF service configuration
+	//+optional
+	Tuf TufService `json:"tuf,omitempty"`
 }
 
 // TrillianService configuration to connect Trillian server
@@ -66,7 +69,6 @@ type TufService struct {
 	// Port of TUF Server End point
 	//+kubebuilder:validation:Minimum:=1
 	//+kubebuilder:validation:Maximum:=65535
-	//+kubebuilder:default:=8080
 	//+optional
 	Port *int32 `json:"port,omitempty"`
 }
diff --git a/api/v1alpha1/rekor_types.go b/api/v1alpha1/rekor_types.go
@@ -19,10 +19,6 @@ type RekorSpec struct {
 	// Trillian service configuration
 	//+kubebuilder:default:={port: 8091}
 	Trillian TrillianService `json:"trillian,omitempty"`
-	// TUF service configuration
-	//+kubebuilder:default:={port: 8080}
-	//+optional
-	Tuf TufService `json:"tuf,omitempty"`
 	// Define whether you want to export service or not
 	ExternalAccess ExternalAccess `json:"externalAccess,omitempty"`
 	//Enable Service monitors for rekor
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/config/crd/bases/rhtas.redhat.com_rekors.yaml b/config/crd/bases/rhtas.redhat.com_rekors.yaml
@@ -1281,6 +1281,19 @@ spec:
                     required:
                     - enabled
                     type: object
+                  tuf:
+                    description: TUF service configuration
+                    properties:
+                      address:
+                        description: Address to TUF Server End point
+                        type: string
+                      port:
+                        description: Port of TUF Server End point
+                        format: int32
+                        maximum: 65535
+                        minimum: 1
+                        type: integer
+                    type: object
                 required:
                 - enabled
                 type: object
@@ -2705,22 +2718,6 @@ spec:
                 - name
                 type: object
                 x-kubernetes-map-type: atomic
-              tuf:
-                default:
-                  port: 8080
-                description: TUF service configuration
-                properties:
-                  address:
-                    description: Address to TUF Server End point
-                    type: string
-                  port:
-                    default: 8080
-                    description: Port of TUF Server End point
-                    format: int32
-                    maximum: 65535
-                    minimum: 1
-                    type: integer
-                type: object
             type: object
           status:
             description: RekorStatus defines the observed state of Rekor
diff --git a/config/crd/bases/rhtas.redhat.com_securesigns.yaml b/config/crd/bases/rhtas.redhat.com_securesigns.yaml
@@ -3894,6 +3894,19 @@ spec:
                         required:
                         - enabled
                         type: object
+                      tuf:
+                        description: TUF service configuration
+                        properties:
+                          address:
+                            description: Address to TUF Server End point
+                            type: string
+                          port:
+                            description: Port of TUF Server End point
+                            format: int32
+                            maximum: 65535
+                            minimum: 1
+                            type: integer
+                        type: object
                     required:
                     - enabled
                     type: object
@@ -5325,22 +5338,6 @@ spec:
                     - name
                     type: object
                     x-kubernetes-map-type: atomic
-                  tuf:
-                    default:
-                      port: 8080
-                    description: TUF service configuration
-                    properties:
-                      address:
-                        description: Address to TUF Server End point
-                        type: string
-                      port:
-                        default: 8080
-                        description: Port of TUF Server End point
-                        format: int32
-                        maximum: 65535
-                        minimum: 1
-                        type: integer
-                    type: object
                 type: object
               trillian:
                 description: TrillianSpec defines the desired state of Trillian
diff --git a/internal/controller/rekor/actions/monitor/statefulset.go b/internal/controller/rekor/actions/monitor/statefulset.go
@@ -12,7 +12,6 @@ import (
 	"github.com/securesign/operator/internal/action"
 	"github.com/securesign/operator/internal/constants"
 	"github.com/securesign/operator/internal/controller/rekor/actions"
-	tufConstants "github.com/securesign/operator/internal/controller/tuf/constants"
 	"github.com/securesign/operator/internal/labels"
 	cutils "github.com/securesign/operator/internal/utils"
 	"github.com/securesign/operator/internal/utils/kubernetes"
@@ -54,11 +53,7 @@ func (i statefulSetAction) Handle(ctx context.Context, instance *rhtasv1alpha1.R
 		result controllerutil.OperationResult
 	)
 
-	switch instance.Spec.Tuf.Address {
-	case "":
-		instance.Spec.Tuf.Address = fmt.Sprintf("%s.%s.svc", tufConstants.DeploymentName, instance.Namespace)
-	}
-	tufServerHost := fmt.Sprintf("http://%s", instance.Spec.Tuf.Address)
+	tufServerHost := i.resolveTufUrl(instance)
 	rekorServerHost := fmt.Sprintf("http://%s.%s.svc", actions.ServerComponentName, instance.Namespace)
 
 	labels := labels.For(actions.MonitorComponentName, actions.MonitorStatefulSetName, instance.Name)
@@ -99,6 +94,17 @@ func (i statefulSetAction) Handle(ctx context.Context, instance *rhtasv1alpha1.R
 	return i.Continue()
 }
 
+func (i statefulSetAction) resolveTufUrl(instance *rhtasv1alpha1.Rekor) string {
+	if instance.Spec.Monitoring.Tuf.Address != "" {
+		url := instance.Spec.Monitoring.Tuf.Address
+		if instance.Spec.Monitoring.Tuf.Port != nil {
+			url = fmt.Sprintf("%s:%d", url, *instance.Spec.Monitoring.Tuf.Port)
+		}
+		return url
+	}
+	return fmt.Sprintf("http://tuf.%s.svc", instance.Namespace)
+}
+
 func (i statefulSetAction) ensureMonitorStatefulSet(instance *rhtasv1alpha1.Rekor, sa string, labels map[string]string, rekorServerHost string, tufServerHost string) func(*v1.StatefulSet) error {
 	return func(ss *v1.StatefulSet) error {
 
