Merge remote-tracking branch 'origin/main' into use-create-or-update-pattern

Author: LimKianAn

Dockerfile

@@ -24,7 +24,6 @@ FROM gcr.io/distroless/static:nonroot
 WORKDIR /
 COPY --from=builder /workspace/manager .
 COPY external/svc-postgres-operator.yaml external/svc-postgres-operator.yaml
-COPY external/crd-postgresql.yaml external/crd-postgresql.yaml
 USER nonroot:nonroot
 
 ENTRYPOINT ["/manager"]

api/v1/postgres_types.go

@@ -24,7 +24,6 @@ import (
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"k8s.io/apimachinery/pkg/util/yaml"
 	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 )
 
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
@@ -317,7 +316,6 @@ func (p *Postgres) ToPeripheralResourceName() string {
 func (p *Postgres) ToUserPasswordsSecret(src *corev1.SecretList, scheme *runtime.Scheme) (*corev1.Secret, error) {
 	secret := &corev1.Secret{}
 	secret.Namespace = p.Namespace
-	// todo: Consider `p.Name + "-passwords", so the`
 	secret.Name = p.ToUserPasswordsSecretName()
 	secret.Type = corev1.SecretTypeOpaque
 	secret.Data = map[string][]byte{}
@@ -327,11 +325,6 @@ func (p *Postgres) ToUserPasswordsSecret(src *corev1.SecretList, scheme *runtime
 		secret.Data[string(v.Data["username"])] = v.Data["password"]
 	}
 
-	// Set the owner of the secret
-	if err := controllerutil.SetControllerReference(p, secret, scheme); err != nil {
-		return nil, err
-	}
-
 	return secret, nil
 }
 

external/crd-postgresql.yaml renamed to charts/postgreslet/crds/postgresql.yaml

@@ -12,6 +12,7 @@ import (
 
 	"github.com/go-logr/logr"
 	zalando "github.com/zalando/postgres-operator/pkg/apis/acid.zalan.do/v1"
+	corev1 "k8s.io/api/core/v1"
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/tools/record"
 
@@ -117,6 +118,10 @@ func (r *PostgresReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 			return ctrl.Result{}, fmt.Errorf("error while uninstalling operator: %w", err)
 		}
 
+		if err := r.deleteUserPasswordsSecret(ctx, instance); err != nil {
+			return ctrl.Result{}, err
+		}
+
 		instance.RemoveFinalizer(pg.PostgresFinalizerName)
 		if err := r.CtrlClient.Update(ctx, instance); err != nil {
 			r.recorder.Eventf(instance, "Warning", "Self-Reconcilation", "failed to remove finalizer: %v", err)
@@ -229,6 +234,19 @@ func (r *PostgresReconciler) createOrUpdateZalandoPostgresql(ctx context.Context
 	return nil
 }
 
+func (r *PostgresReconciler) deleteUserPasswordsSecret(ctx context.Context, instance *pg.Postgres) error {
+	secret := &corev1.Secret{}
+	secret.Namespace = instance.Namespace
+	secret.Name = instance.ToUserPasswordsSecretName()
+	if err := r.CtrlClient.Delete(ctx, secret); err != nil {
+		msgWithFormat := "failed to delete user passwords secret: %w"
+		r.recorder.Eventf(instance, "Warning", "Error", msgWithFormat, err)
+		return fmt.Errorf(msgWithFormat, err)
+	}
+
+	return nil
+}
+
 func (r *PostgresReconciler) isManagedByUs(obj *pg.Postgres) bool {
 	if obj.Spec.PartitionID != r.PartitionID {
 		return false

controllers/postgres_controller.go

@@ -7,8 +7,6 @@
 package controllers
 
 import (
-	"time"
-
 	pg "github.com/fi-ts/postgreslet/api/v1"
 	"github.com/fi-ts/postgreslet/pkg/operatormanager"
 	firewall "github.com/metal-stack/firewall-controller/api/v1"
@@ -20,12 +18,6 @@ import (
 )
 
 var _ = Describe("postgres controller", func() {
-	const (
-		// duration = time.Second * 10
-		interval = time.Second * 2
-		timeout  = time.Second * 30
-	)
-
 	BeforeEach(func() {})
 	AfterEach(func() {})
 
@@ -88,6 +80,15 @@ var _ = Describe("postgres controller", func() {
 				}, &firewall.ClusterwideNetworkPolicy{}) == nil
 			}, timeout, interval).Should(BeTrue())
 		})
+
+		It("should create user-passwords-secret in control-plane-cluster", func() {
+			Eventually(func() bool {
+				return ctrlClusterClient.Get(newCtx(), types.NamespacedName{
+					Namespace: instance.Namespace,
+					Name:      instance.ToUserPasswordsSecretName(),
+				}, &corev1.Secret{}) == nil
+			}, timeout, interval).Should(BeTrue())
+		})
 	})
 
 	Context("postgres instance being deleted", func() {
@@ -116,5 +117,14 @@ var _ = Describe("postgres controller", func() {
 				return svcClusterClient.Get(newCtx(), instance.ToPeripheralResourceLookupKey(), z) == nil
 			}, timeout, interval).ShouldNot(BeTrue())
 		})
+
+		It("should delete user-passwords-secret in control-plane-cluster", func() {
+			Eventually(func() bool {
+				return ctrlClusterClient.Get(newCtx(), types.NamespacedName{
+					Namespace: instance.Namespace,
+					Name:      instance.ToUserPasswordsSecretName(),
+				}, &corev1.Secret{}) == nil
+			}, timeout, interval).ShouldNot(BeTrue())
+		})
 	})
 })

controllers/postgres_controller_test.go

@@ -11,6 +11,7 @@ import (
 	"os"
 	"path/filepath"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
@@ -38,6 +39,12 @@ import (
 // These tests use Ginkgo (BDD-style Go testing framework). Refer to
 // http://onsi.github.io/ginkgo/ to learn more about Ginkgo.
 
+const (
+	// duration = time.Second * 10
+	interval = time.Second * 2
+	timeout  = time.Second * 30
+)
+
 var (
 	ctrlClusterCfg     *rest.Config
 	ctrlClusterClient  client.Client
@@ -50,6 +57,8 @@ var (
 	externalYAMLDir     = filepath.Join("..", "external")
 	externalYAMLDirTest = filepath.Join(externalYAMLDir, "test")
 
+	HelmCRDDir = filepath.Join("..", "charts", "postgreslet", "crds")
+
 	instance = &pg.Postgres{}
 )
 
@@ -77,7 +86,7 @@ var _ = BeforeSuite(func(done Done) {
 	svcClusterTestEnv = &envtest.Environment{
 		CRDInstallOptions: envtest.CRDInstallOptions{
 			Paths: []string{
-				filepath.Join(externalYAMLDir, "crd-postgresql.yaml"),
+				filepath.Join(HelmCRDDir, "postgresql.yaml"),
 				filepath.Join(externalYAMLDirTest, "crd-clusterwidenetworkpolicy.yaml"),
 			},
 		},
@@ -174,10 +183,12 @@ func createCredentialSecrets() {
 		s := &core.Secret{}
 		Expect(yaml.Unmarshal(bytes, s)).Should(Succeed())
 
-		s.Namespace = instance.Namespace
+		s.Namespace = instance.ToPeripheralResourceNamespace()
 		s.Name = users[i] + "." + instance.Name + ".credentials"
-		s.Labels = instance.ToUserPasswordSecretMatchingLabels()
-		Expect(ctrlClusterClient.Create(newCtx(), s)).Should(Succeed())
+		s.Labels = instance.ToZalandoPostgresqlMatchingLabels()
+		Eventually(func() bool {
+			return svcClusterClient.Create(newCtx(), s) == nil
+		}, timeout, interval).Should(BeTrue())
 	}
 }
 

controllers/suite_test.go

@@ -24,7 +24,6 @@ import (
 
 	databasev1 "github.com/fi-ts/postgreslet/api/v1"
 	"github.com/fi-ts/postgreslet/controllers"
-	"github.com/fi-ts/postgreslet/pkg/crdinstaller"
 	"github.com/fi-ts/postgreslet/pkg/lbmanager"
 	"github.com/fi-ts/postgreslet/pkg/operatormanager"
 	firewall "github.com/metal-stack/firewall-controller/api/v1"
@@ -91,16 +90,6 @@ func main() {
 	)
 
 	svcClusterConf := ctrl.GetConfigOrDie()
-	i, err := crdinstaller.New(svcClusterConf, scheme, ctrl.Log.WithName("CRDInstaller"))
-	if err != nil {
-		setupLog.Error(err, "unable to create `CRDInstaller`")
-		os.Exit(1)
-	}
-	if err := i.Install("external/crd-postgresql.yaml"); err != nil {
-		setupLog.Error(err, "unable to install CRD Postgresql")
-		os.Exit(1)
-	}
-
 	svcClusterMgr, err := ctrl.NewManager(svcClusterConf, ctrl.Options{
 		Scheme:             scheme,
 		MetricsBindAddress: metricsAddrSvcMgr,