Fix mocks function updates

Signed-off-by: melserngawy <[email protected]>

Author: serngawy

config/crd/bases/controlplane.cluster.x-k8s.io_rosacontrolplanes.yaml

@@ -86,11 +86,11 @@ spec:
                 description: ClusterRegistryConfig represents registry config used
                   with the cluster.
                 properties:
-                  additionalTrustedCa:
+                  additionalTrustedCAs:
                     additionalProperties:
                       type: string
                     description: |-
-                      AdditionalTrustedCa containing the registry hostname as the key, and the PEM-encoded certificate as the value,
+                      AdditionalTrustedCAs containing the registry hostname as the key, and the PEM-encoded certificate as the value,
                       for each additional registry CA to trust.
                     type: object
                   allowedRegistriesForImport:

controlplane/rosa/api/v1beta2/rosacontrolplane_types.go

@@ -188,10 +188,10 @@ type RosaControlPlaneSpec struct { //nolint: maligned
 
 // RegistryConfig for ROSA-HCP cluster
 type RegistryConfig struct {
-	// AdditionalTrustedCa containing the registry hostname as the key, and the PEM-encoded certificate as the value,
+	// AdditionalTrustedCAs containing the registry hostname as the key, and the PEM-encoded certificate as the value,
 	// for each additional registry CA to trust.
 	// +optional
-	AdditionalTrustedCa map[string]string `json:"additionalTrustedCa,omitempty"`
+	AdditionalTrustedCAs map[string]string `json:"additionalTrustedCAs,omitempty"`
 
 	// AllowedRegistriesForImport limits the container image registries that normal users may import
 	// images from. Set this list to the registries that you trust to contain valid Docker

controlplane/rosa/api/v1beta2/rosacontrolplane_webhook.go

@@ -42,6 +42,10 @@ func (r *ROSAControlPlane) ValidateCreate() (warnings admission.Warnings, err er
 		allErrs = append(allErrs, err)
 	}
 
+	if err := r.validateClusterRegistryConfig(); err != nil {
+		allErrs = append(allErrs, err)
+	}
+
 	allErrs = append(allErrs, r.validateNetwork()...)
 	allErrs = append(allErrs, r.Spec.AdditionalTags.Validate()...)
 
@@ -56,6 +60,14 @@ func (r *ROSAControlPlane) ValidateCreate() (warnings admission.Warnings, err er
 	)
 }
 
+func (r *ROSAControlPlane) validateClusterRegistryConfig() *field.Error {
+	if len(r.Spec.ClusterRegistryConfig.RegistrySources.AllowedRegistries) > 0 && len(r.Spec.ClusterRegistryConfig.RegistrySources.BlockedRegistries) > 0 {
+		return field.Invalid(field.NewPath("spec.clusterRegistryConfig.registrySources"), r.Spec.ClusterRegistryConfig.RegistrySources, "allowedRegistries and blockedRegistries are mutually exclusive fields")
+	}
+
+	return nil
+}
+
 // ValidateUpdate implements admission.Validator.
 func (r *ROSAControlPlane) ValidateUpdate(old runtime.Object) (warnings admission.Warnings, err error) {
 	var allErrs field.ErrorList

controlplane/rosa/api/v1beta2/zz_generated.deepcopy.go

@@ -476,7 +476,7 @@ func (r *ROSAControlPlaneReconciler) updateOCMClusterSpec(rosaControlPlane *rosa
 		RegistrySources: &rosacontrolplanev1.RegistrySources{},
 	}
 	if rosaControlPlane.Spec.ClusterRegistryConfig != nil {
-		regConfig.AdditionalTrustedCa = rosaControlPlane.Spec.ClusterRegistryConfig.AdditionalTrustedCa
+		regConfig.AdditionalTrustedCAs = rosaControlPlane.Spec.ClusterRegistryConfig.AdditionalTrustedCAs
 		regConfig.AllowedRegistriesForImport = rosaControlPlane.Spec.ClusterRegistryConfig.AllowedRegistriesForImport
 
 		if rosaControlPlane.Spec.ClusterRegistryConfig.RegistrySources != nil {
@@ -485,8 +485,8 @@ func (r *ROSAControlPlaneReconciler) updateOCMClusterSpec(rosaControlPlane *rosa
 			regConfig.RegistrySources.InsecureRegistries = rosaControlPlane.Spec.ClusterRegistryConfig.RegistrySources.InsecureRegistries
 		}
 	}
-	if !reflect.DeepEqual(regConfig.AdditionalTrustedCa, cluster.RegistryConfig().AdditionalTrustedCa()) {
-		ocmClusterSpec.AdditionalTrustedCa = regConfig.AdditionalTrustedCa
+	if !reflect.DeepEqual(regConfig.AdditionalTrustedCAs, cluster.RegistryConfig().AdditionalTrustedCa()) {
+		ocmClusterSpec.AdditionalTrustedCa = regConfig.AdditionalTrustedCAs
 		updated = true
 	}
 	if !reflect.DeepEqual(regConfig.RegistrySources.AllowedRegistries, cluster.RegistryConfig().RegistrySources().AllowedRegistries()) {
@@ -955,8 +955,8 @@ func buildOCMClusterSpec(controlPlaneSpec rosacontrolplanev1.RosaControlPlaneSpe
 
 	// Set the cluster registry config.
 	if controlPlaneSpec.ClusterRegistryConfig != nil {
-		if len(controlPlaneSpec.ClusterRegistryConfig.AdditionalTrustedCa) > 0 {
-			ocmClusterSpec.AdditionalTrustedCa = controlPlaneSpec.ClusterRegistryConfig.AdditionalTrustedCa
+		if len(controlPlaneSpec.ClusterRegistryConfig.AdditionalTrustedCAs) > 0 {
+			ocmClusterSpec.AdditionalTrustedCa = controlPlaneSpec.ClusterRegistryConfig.AdditionalTrustedCAs
 		}
 
 		if len(controlPlaneSpec.ClusterRegistryConfig.AllowedRegistriesForImport) > 0 {

controlplane/rosa/controllers/rosacontrolplane_controller.go

@@ -36,7 +36,7 @@ func TestUpdateOCMClusterSpec(t *testing.T) {
 			Spec: rosacontrolplanev1.RosaControlPlaneSpec{
 				AuditLogRoleARN: "arn:aws:iam::123456789012:role/AuditLogRole",
 				ClusterRegistryConfig: &rosacontrolplanev1.RegistryConfig{
-					AdditionalTrustedCa: map[string]string{"trusted-ca": "-----BEGIN CERTIFICATE----- testcert -----END CERTIFICATE-----"},
+					AdditionalTrustedCAs: map[string]string{"trusted-ca": "-----BEGIN CERTIFICATE----- testcert -----END CERTIFICATE-----"},
 					AllowedRegistriesForImport: []rosacontrolplanev1.RegistryLocation{
 						{DomainName: "registry1.com", Insecure: false},
 					},
@@ -91,7 +91,7 @@ func TestUpdateOCMClusterSpec(t *testing.T) {
 		rosaControlPlane := &rosacontrolplanev1.ROSAControlPlane{
 			Spec: rosacontrolplanev1.RosaControlPlaneSpec{
 				ClusterRegistryConfig: &rosacontrolplanev1.RegistryConfig{
-					AdditionalTrustedCa: map[string]string{"trusted-ca": "-----BEGIN CERTIFICATE----- testcert -----END CERTIFICATE-----"},
+					AdditionalTrustedCAs: map[string]string{"trusted-ca": "-----BEGIN CERTIFICATE----- testcert -----END CERTIFICATE-----"},
 					AllowedRegistriesForImport: []rosacontrolplanev1.RegistryLocation{
 						{DomainName: "new-registry.com", Insecure: true},
 					},
@@ -111,7 +111,7 @@ func TestUpdateOCMClusterSpec(t *testing.T) {
 			Build()
 
 		expectedOCMSpec := ocm.Spec{
-			AdditionalTrustedCa:        rosaControlPlane.Spec.ClusterRegistryConfig.AdditionalTrustedCa,
+			AdditionalTrustedCa:        rosaControlPlane.Spec.ClusterRegistryConfig.AdditionalTrustedCAs,
 			AllowedRegistriesForImport: "new-registry.com:true",
 			AllowedRegistries:          rosaControlPlane.Spec.ClusterRegistryConfig.RegistrySources.AllowedRegistries,
 		}