From a52232317fbcd2f978610c054d27e44de180b431 Mon Sep 17 00:00:00 2001 From: Anisur Rahman Date: Wed, 6 Aug 2025 19:20:55 +0600 Subject: [PATCH] Reconcile to NooBaa for secret creation Signed-off-by: Anisur Rahman --- .gitignore | 1 + pkg/controller/noobaa/noobaa_controller.go | 11 ++++++++ pkg/system/system.go | 30 ++++++++++++++++++++++ pkg/util/util.go | 15 +++++++++++ 4 files changed, 57 insertions(+) diff --git a/.gitignore b/.gitignore index 3218a1b923..fd6728e82b 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,4 @@ build-releases/ noobaa.cfg.yaml *.IGNORE +.idea/ \ No newline at end of file diff --git a/pkg/controller/noobaa/noobaa_controller.go b/pkg/controller/noobaa/noobaa_controller.go index df8314d5cd..c61e794af9 100644 --- a/pkg/controller/noobaa/noobaa_controller.go +++ b/pkg/controller/noobaa/noobaa_controller.go @@ -135,6 +135,17 @@ func Add(mgr manager.Manager) error { return err } + secretsHandler := handler.EnqueueRequestsFromMapFunc(func(ctx context.Context, obj client.Object) []reconcile.Request { + return system.MapSecretToNooBaa(types.NamespacedName{ + Name: obj.GetName(), + Namespace: obj.GetNamespace(), + }) + }) + err = c.Watch(source.Kind[client.Object](mgr.GetCache(), &corev1.Secret{}, secretsHandler, logEventsPredicate)) + if err != nil { + return err + } + // handler for global RPC message and ,simply trigger a reconcile on every message nb.GlobalRPC.Handler = func(req *nb.RPCMessage) (interface{}, error) { logrus.Infof("RPC Handle: {Op: %s, API: %s, Method: %s, Error: %s, Params: %+v}", req.Op, req.API, req.Method, req.Error, req.Params) diff --git a/pkg/system/system.go b/pkg/system/system.go index c5fabf536e..0a810f5f27 100644 --- a/pkg/system/system.go +++ b/pkg/system/system.go @@ -1294,6 +1294,36 @@ func LoadConfigMapFromFlags() { } } +// MapSecretToBackingStores returns a list of backingstores that uses the secret in their secretReference +// used by backingstore_controller to watch secrets changes +func MapSecretToNooBaa(secret types.NamespacedName) []reconcile.Request { + log := util.Logger() + log.Infof("checking which nooBaas to reconcile. mapping secret %v to nooBaas external postgres secret", secret) + nbList := &nbv1.NooBaaList{ + TypeMeta: metav1.TypeMeta{Kind: "NooBaaList"}, + } + if !util.KubeList(nbList, &client.ListOptions{Namespace: secret.Namespace}) { + log.Infof("Could not found NooBaa in namespace %q, while trying to find NooBaa that uses %s secret", secret.Namespace, secret.Name) + return nil + } + + reqs := []reconcile.Request{} + + for _, nb := range nbList.Items { + nbSecret := util.GetNooBaaExternalPgSecret(&nb) + if nbSecret != nil && nbSecret.Name == secret.Name { + reqs = append(reqs, reconcile.Request{ + NamespacedName: types.NamespacedName{ + Name: nb.Name, + Namespace: nb.Namespace, + }, + }) + } + } + + return reqs +} + // SetAllowNoobaaDeletion sets AllowNoobaaDeletion Noobaa CR field to true so the webhook won't block the deletion func SetAllowNoobaaDeletion(noobaa *nbv1.NooBaa) error { // Explicitly allow deletion of NooBaa CR diff --git a/pkg/util/util.go b/pkg/util/util.go index d16ecb8abe..03195fb3f7 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -1862,6 +1862,21 @@ func NooBaaCondition(noobaa *nbv1.NooBaa, t conditionsv1.ConditionType, s corev1 return found } +// GetNooBaaExternalPgSecret returns the secret and adding the namespace if it is missing +func GetNooBaaExternalPgSecret(nb *nbv1.NooBaa) *corev1.SecretReference { + var secretRef *corev1.SecretReference + if nb.Spec.ExternalPgSecret != nil { + secretRef = &corev1.SecretReference{ + Name: nb.Spec.ExternalPgSecret.Name, + Namespace: nb.Spec.ExternalPgSecret.Namespace, + } + if secretRef.Namespace == "" { + secretRef.Namespace = nb.Namespace + } + } + return secretRef +} + // GetAvailabeKubeCli will check which k8s cli command is availabe in the system: oc or kubectl // returns one of: "oc" or "kubectl" func GetAvailabeKubeCli() string {