From a52554dfefa7876966204cd493c1f1db2f872747 Mon Sep 17 00:00:00 2001
From: Joao Marcal <jmarcal@redhat.com>
Date: Wed, 20 Dec 2023 15:00:43 +0100
Subject: [PATCH] operator: Refactor ensureObjectStoreCredentials in
 manifests/storage package (#11531)

Co-authored-by: Periklis Tsirakidis <periklis@redhat.com>
---
 .../internal/manifests/storage/configure.go   | 134 ++++++------------
 1 file changed, 47 insertions(+), 87 deletions(-)

diff --git a/operator/internal/manifests/storage/configure.go b/operator/internal/manifests/storage/configure.go
index 5c148116341aa..f6f2c9ac8a331 100644
--- a/operator/internal/manifests/storage/configure.go
+++ b/operator/internal/manifests/storage/configure.go
@@ -109,7 +109,6 @@ func ensureObjectStoreCredentials(p *corev1.PodSpec, opts Options) corev1.PodSpe
 	container := p.Containers[0].DeepCopy()
 	volumes := p.Volumes
 	secretName := opts.SecretName
-	storeType := opts.SharedStore
 
 	volumes = append(volumes, corev1.Volume{
 		Name: secretName,
@@ -126,100 +125,40 @@ func ensureObjectStoreCredentials(p *corev1.PodSpec, opts Options) corev1.PodSpe
 		MountPath: secretDirectory,
 	})
 
-	var storeEnvVars []corev1.EnvVar
-	switch storeType {
+	container.Env = append(container.Env, staticAuthCredentials(opts)...)
+
+	return corev1.PodSpec{
+		Containers: []corev1.Container{
+			*container,
+		},
+		Volumes: volumes,
+	}
+}
+
+func staticAuthCredentials(opts Options) []corev1.EnvVar {
+	secretName := opts.SecretName
+	switch opts.SharedStore {
 	case lokiv1.ObjectStorageSecretAzure:
-		storeEnvVars = []corev1.EnvVar{
-			{
-				Name: EnvAzureStorageAccountName,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: secretName,
-						},
-						Key: KeyAzureStorageAccountName,
-					},
-				},
-			},
-			{
-				Name: EnvAzureStorageAccountKey,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: secretName,
-						},
-						Key: KeyAzureStorageAccountKey,
-					},
-				},
-			},
+		return []corev1.EnvVar{
+			envVarFromSecret(EnvAzureStorageAccountName, secretName, KeyAzureStorageAccountName),
+			envVarFromSecret(EnvAzureStorageAccountKey, secretName, KeyAzureStorageAccountKey),
 		}
 	case lokiv1.ObjectStorageSecretGCS:
-		storeEnvVars = []corev1.EnvVar{
-			{
-				Name:  EnvGoogleApplicationCredentials,
-				Value: path.Join(secretDirectory, KeyGCPServiceAccountKeyFilename),
-			},
+		return []corev1.EnvVar{
+			envVarFromValue(EnvGoogleApplicationCredentials, path.Join(secretDirectory, KeyGCPServiceAccountKeyFilename)),
 		}
 	case lokiv1.ObjectStorageSecretS3:
-		storeEnvVars = []corev1.EnvVar{
-			{
-				Name: EnvAWSAccessKeyID,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: secretName,
-						},
-						Key: KeyAWSAccessKeyID,
-					},
-				},
-			},
-			{
-				Name: EnvAWSAccessKeySecret,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: secretName,
-						},
-						Key: KeyAWSAccessKeySecret,
-					},
-				},
-			},
+		return []corev1.EnvVar{
+			envVarFromSecret(EnvAWSAccessKeyID, secretName, KeyAWSAccessKeyID),
+			envVarFromSecret(EnvAWSAccessKeySecret, secretName, KeyAWSAccessKeySecret),
 		}
-
 	case lokiv1.ObjectStorageSecretSwift:
-		storeEnvVars = []corev1.EnvVar{
-			{
-				Name: EnvSwiftUsername,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: secretName,
-						},
-						Key: KeySwiftUsername,
-					},
-				},
-			},
-			{
-				Name: EnvSwiftPassword,
-				ValueFrom: &corev1.EnvVarSource{
-					SecretKeyRef: &corev1.SecretKeySelector{
-						LocalObjectReference: corev1.LocalObjectReference{
-							Name: secretName,
-						},
-						Key: KeySwiftPassword,
-					},
-				},
-			},
+		return []corev1.EnvVar{
+			envVarFromSecret(EnvSwiftUsername, secretName, KeySwiftUsername),
+			envVarFromSecret(EnvSwiftPassword, secretName, KeySwiftPassword),
 		}
-	}
-
-	container.Env = append(container.Env, storeEnvVars...)
-
-	return corev1.PodSpec{
-		Containers: []corev1.Container{
-			*container,
-		},
-		Volumes: volumes,
+	default:
+		return []corev1.EnvVar{}
 	}
 }
 
@@ -255,3 +194,24 @@ func ensureCAForS3(p *corev1.PodSpec, tls *TLSConfig) corev1.PodSpec {
 		Volumes: volumes,
 	}
 }
+
+func envVarFromSecret(name, secretName, secretKey string) corev1.EnvVar {
+	return corev1.EnvVar{
+		Name: name,
+		ValueFrom: &corev1.EnvVarSource{
+			SecretKeyRef: &corev1.SecretKeySelector{
+				LocalObjectReference: corev1.LocalObjectReference{
+					Name: secretName,
+				},
+				Key: secretKey,
+			},
+		},
+	}
+}
+
+func envVarFromValue(name, value string) corev1.EnvVar {
+	return corev1.EnvVar{
+		Name:  name,
+		Value: value,
+	}
+}