Skip to content

Commit 412a4bb

Browse files
ludydooclaude
ludydoo
and
claude
committed
ROX-30638: Remove tenant Route53 record management
This removes all Route53 DNS record management functionality from the fleet manager since tenant DNS records are now managed by external DNS. Key changes: - Removed Route53 methods from AWS client and CentralService - Deleted CentralRoutesCNAMEManager worker - Removed Route53 configuration fields from AWS config - Added database migration to remove routes_creation_id field - Removed E2E DNS test utilities - Updated tests and regenerated mocks 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <[email protected]>
1 parent 8df2e91 commit 412a4bb

File tree

16 files changed

+34
-783
lines changed

16 files changed

+34
-783
lines changed

e2e/dns/record_cleanup.go

Lines changed: 0 additions & 40 deletions
This file was deleted.

e2e/dns/records_loader.go

Lines changed: 0 additions & 112 deletions
This file was deleted.

e2e/e2e_test.go

Lines changed: 0 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,6 @@ import (
1616
. "github.com/onsi/ginkgo/v2"
1717
. "github.com/onsi/gomega"
1818
openshiftRouteV1 "github.com/openshift/api/route/v1"
19-
"github.com/stackrox/acs-fleet-manager/e2e/dns"
2019
"github.com/stackrox/acs-fleet-manager/e2e/testutil"
2120
"github.com/stackrox/acs-fleet-manager/fleetshard/pkg/k8s"
2221
"github.com/stackrox/acs-fleet-manager/internal/central/constants"
@@ -200,29 +199,6 @@ var _ = Describe("Central", Ordered, func() {
200199
Should(Succeed())
201200
})
202201

203-
It("should have created AWS Route53 records", func() {
204-
testutil.SkipIf(!dnsEnabled, testutil.SkipDNSMsg)
205-
206-
var centralRequest public.CentralRequest
207-
Expect(testutil.GetCentralRequest(ctx, client, centralRequestID, &centralRequest)).
208-
To(Succeed())
209-
210-
var reencryptIngress openshiftRouteV1.RouteIngress
211-
Eventually(testutil.AssertReencryptIngressRouteExist(context.Background(), routeService, centralRequest, &reencryptIngress)).
212-
WithTimeout(waitTimeout).
213-
WithPolling(defaultPolling).
214-
Should(Succeed())
215-
216-
dnsRecordsLoader := dns.NewRecordsLoader(route53Client, centralRequest)
217-
218-
Eventually(dnsRecordsLoader.LoadDNSRecords).
219-
WithTimeout(waitTimeout).
220-
WithPolling(defaultPolling).
221-
Should(HaveLen(len(dnsRecordsLoader.CentralDomainNames)), "Started at %s", time.Now())
222-
223-
recordSets := dnsRecordsLoader.LastResult
224-
testutil.AssertDNSMatchesRouter(dnsRecordsLoader.CentralDomainNames, recordSets, &reencryptIngress)
225-
})
226202

227203
It("should backup important secrets in FM database", func() {
228204
expectedSecrets := k8s.NewSecretBackup(k8sClient, false).GetWatchedSecrets()
@@ -348,17 +324,6 @@ var _ = Describe("Central", Ordered, func() {
348324
Should(Succeed())
349325
})
350326

351-
It("should delete external DNS entries", func() {
352-
testutil.SkipIf(!dnsEnabled, testutil.SkipDNSMsg)
353-
var centralRequest public.CentralRequest
354-
Expect(testutil.GetCentralRequest(ctx, client, centralRequestID, &centralRequest)).
355-
To(Succeed())
356-
dnsRecordsLoader := dns.NewRecordsLoader(route53Client, centralRequest)
357-
Eventually(dnsRecordsLoader.LoadDNSRecords).
358-
WithTimeout(waitTimeout).
359-
WithPolling(defaultPolling).
360-
Should(BeEmpty(), "Started at %s", time.Now())
361-
})
362327

363328
AfterAll(func() {
364329
Expect(restoreDefaultGitopsConfig()).To(Succeed())
@@ -428,17 +393,6 @@ var _ = Describe("Central", Ordered, func() {
428393
Should(Succeed())
429394
})
430395

431-
It("should delete external DNS entries", func() {
432-
testutil.SkipIf(!dnsEnabled, testutil.SkipDNSMsg)
433-
var centralRequest public.CentralRequest
434-
Expect(testutil.GetCentralRequest(ctx, client, centralRequestID, &centralRequest)).
435-
To(Succeed())
436-
dnsRecordsLoader := dns.NewRecordsLoader(route53Client, centralRequest)
437-
Eventually(dnsRecordsLoader.LoadDNSRecords).
438-
WithTimeout(waitTimeout).
439-
WithPolling(defaultPolling).
440-
Should(BeEmpty(), "Started at %s", time.Now())
441-
})
442396

443397
It("should be restorable", func() {
444398
By("calling the admin restore API", func() {
@@ -468,17 +422,6 @@ var _ = Describe("Central", Ordered, func() {
468422
Should(Succeed())
469423
})
470424

471-
By("deleting external DNS entries", func() {
472-
testutil.SkipIf(!dnsEnabled, testutil.SkipDNSMsg)
473-
var centralRequest public.CentralRequest
474-
Expect(testutil.GetCentralRequest(ctx, client, centralRequestID, &centralRequest)).
475-
To(Succeed())
476-
dnsRecordsLoader := dns.NewRecordsLoader(route53Client, centralRequest)
477-
Eventually(dnsRecordsLoader.LoadDNSRecords).
478-
WithTimeout(waitTimeout).
479-
WithPolling(defaultPolling).
480-
Should(BeEmpty(), "Started at %s", time.Now())
481-
})
482425
})
483426

484427
})
@@ -551,14 +494,6 @@ var _ = Describe("Central", Ordered, func() {
551494
Expect(k8sClient.Delete(ctx, namespace)).ToNot(HaveOccurred())
552495
})
553496

554-
It("should delete external DNS entries", func() {
555-
testutil.SkipIf(!dnsEnabled, testutil.SkipDNSMsg)
556-
dnsRecordsLoader := dns.NewRecordsLoader(route53Client, readyCentralRequest)
557-
Eventually(dnsRecordsLoader.LoadDNSRecords).
558-
WithTimeout(waitTimeout).
559-
WithPolling(defaultPolling).
560-
Should(BeEmpty(), "Started at %s", time.Now())
561-
})
562497
})
563498
})
564499

e2e/multicluster/multicluster_migration_test.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,6 @@ import (
99
. "github.com/onsi/ginkgo/v2"
1010
. "github.com/onsi/gomega"
1111
openshiftRouteV1 "github.com/openshift/api/route/v1"
12-
"github.com/stackrox/acs-fleet-manager/e2e/dns"
1312
"github.com/stackrox/acs-fleet-manager/e2e/testutil"
1413
"github.com/stackrox/acs-fleet-manager/fleetshard/pkg/k8s"
1514
"github.com/stackrox/acs-fleet-manager/internal/central/pkg/api/admin/private"

internal/central/pkg/api/dbapi/central_request_types.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,6 @@ type CentralRequest struct {
8080
SecretDataSha256Sum string `json:"secret_data_sha256_sum"`
8181

8282
Namespace string `json:"namespace"`
83-
RoutesCreationID string `json:"routes_creation_id"`
8483
// DeletionTimestamp stores the timestamp of the DELETE api call for the resource.
8584
DeletionTimestamp sql.NullTime `json:"deletionTimestamp"`
8685

internal/central/pkg/config/aws.go

Lines changed: 0 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,6 @@ type AWSConfig struct {
1818
SecretAccessKey string `json:"secret_access_key"`
1919
SecretAccessKeyFile string `json:"secret_access_key_file"`
2020

21-
// Used for domain modifications in Route 53
22-
Route53AccessKey string `json:"route53_access_key"`
23-
Route53AccessKeyFile string `json:"route53_access_key_file"`
24-
Route53SecretAccessKey string `json:"route53_secret_access_key"`
25-
Route53SecretAccessKeyFile string `json:"route53_secret_access_key_file"`
2621
}
2722

2823
// NewAWSConfig ...
@@ -31,8 +26,6 @@ func NewAWSConfig() *AWSConfig {
3126
AccountIDFile: "secrets/aws.accountid",
3227
AccessKeyFile: "secrets/aws.accesskey",
3328
SecretAccessKeyFile: "secrets/aws.secretaccesskey", // pragma: allowlist secret
34-
Route53AccessKeyFile: "secrets/aws.route53accesskey",
35-
Route53SecretAccessKeyFile: "secrets/aws.route53secretaccesskey", // pragma: allowlist secret
3629
}
3730
}
3831

@@ -41,8 +34,6 @@ func (c *AWSConfig) AddFlags(fs *pflag.FlagSet) {
4134
fs.StringVar(&c.AccountIDFile, "aws-account-id-file", c.AccountIDFile, "File containing AWS account id")
4235
fs.StringVar(&c.AccessKeyFile, "aws-access-key-file", c.AccessKeyFile, "File containing AWS access key")
4336
fs.StringVar(&c.SecretAccessKeyFile, "aws-secret-access-key-file", c.SecretAccessKeyFile, "File containing AWS secret access key")
44-
fs.StringVar(&c.Route53AccessKeyFile, "aws-route53-access-key-file", c.Route53AccessKeyFile, "File containing AWS access key for route53")
45-
fs.StringVar(&c.Route53SecretAccessKeyFile, "aws-route53-secret-access-key-file", c.Route53SecretAccessKeyFile, "File containing AWS secret access key for route53")
4637
}
4738

4839
// ReadFiles ...
@@ -59,13 +50,5 @@ func (c *AWSConfig) ReadFiles() error {
5950
if err != nil {
6051
return fmt.Errorf("reading secret access key file: %w", err)
6152
}
62-
err = shared.ReadFileValueString(c.Route53AccessKeyFile, &c.Route53AccessKey)
63-
if err != nil {
64-
return fmt.Errorf("reading route 53 access key file: %w", err)
65-
}
66-
err = shared.ReadFileValueString(c.Route53SecretAccessKeyFile, &c.Route53SecretAccessKey)
67-
if err != nil {
68-
return fmt.Errorf("reading route 53 secret access key file: %w", err)
69-
}
7053
return nil
7154
}

internal/central/pkg/migrations/20250826000000_remove_routes_creation_id_from_central_request.go

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
package migrations
2+
3+
import (
4+
"github.com/go-gormigrate/gormigrate/v2"
5+
"github.com/stackrox/acs-fleet-manager/internal/central/pkg/api/dbapi"
6+
"gorm.io/gorm"
7+
)
8+
9+
func removeRoutesCreationIDFromCentralRequest() *gormigrate.Migration {
10+
type CentralRequest struct {
11+
RoutesCreationID string `json:"routes_creation_id"`
12+
}
13+
14+
return &gormigrate.Migration{
15+
ID: "20250826000000",
16+
Migrate: func(tx *gorm.DB) error {
17+
// Remove routes_creation_id column from central_requests table
18+
// since Route53 record management has been moved to external DNS
19+
return dropIfColumnExists(tx, &dbapi.CentralRequest{}, "routes_creation_id")
20+
},
21+
Rollback: func(tx *gorm.DB) error {
22+
// Re-add the column on rollback
23+
return addColumnIfNotExists(tx, &CentralRequest{}, "routes_creation_id")
24+
},
25+
}
26+
}

internal/central/pkg/migrations/migrations.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,7 @@ func getMigrations() []*gormigrate.Migration {
5757
addSecretDataSha256SumToCentralRequest(),
5858
addEnteredProvisioningAtToCentralRequest(),
5959
renameLeaderLeaseTypes(),
60+
removeRoutesCreationIDFromCentralRequest(),
6061
}
6162
}
6263

0 commit comments

Comments
 (0)