Skip to content

Commit

Permalink
import rosa cluster with autoimportsecret
Browse files Browse the repository at this point in the history
Signed-off-by: Wei Liu <[email protected]>
  • Loading branch information
skeeey committed Jan 17, 2024
1 parent e9de6bb commit 304e153
Show file tree
Hide file tree
Showing 13 changed files with 1,314 additions and 89 deletions.
2 changes: 1 addition & 1 deletion build/run-unit-tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ export XDG_CACHE_HOME="${cache_dir}"

export KUBEBUILDER_ASSETS="${repo_dir}/_output/kubebuilder/bin"

k8s_version=1.16.4
k8s_version="1.23.1"
kubebuilder="kubebuilder-tools-${k8s_version}-${GOHOSTOS}-${GOHOSTARCH}.tar.gz"
kubebuilder_path="${repo_dir}/_output/${kubebuilder}"

Expand Down
25 changes: 24 additions & 1 deletion go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/stolostron/managedcluster-import-controller

go 1.20
go 1.21

require (
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
Expand Down Expand Up @@ -29,9 +29,17 @@ require (
)

require (
github.com/openshift-online/ocm-sdk-go v0.1.392
github.com/sethvargo/go-password v0.2.0
)

require (
github.com/RangelReale/osincli v0.0.0-20160924135400-fababb0555f2 // indirect
github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect
github.com/aymerick/douceur v0.2.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cenkalti/backoff/v4 v4.1.3 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
Expand All @@ -51,20 +59,34 @@ require (
github.com/go-stack/stack v1.8.0 // indirect
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v4 v4.4.2 // indirect
github.com/golang/glog v1.0.0 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/gnostic v0.5.7-v3refs // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/gorilla/css v1.0.0 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/inconshreveable/mousetrap v1.0.1 // indirect
github.com/itchyny/gojq v0.12.7 // indirect
github.com/itchyny/timefmt-go v0.1.3 // indirect
github.com/jackc/chunkreader/v2 v2.0.1 // indirect
github.com/jackc/pgconn v1.12.0 // indirect
github.com/jackc/pgio v1.0.0 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgproto3/v2 v2.3.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect
github.com/jackc/pgtype v1.11.0 // indirect
github.com/jackc/pgx/v4 v4.16.0 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.4 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
github.com/microcosm-cc/bluemonday v1.0.18 // indirect
github.com/mitchellh/mapstructure v1.4.1 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
Expand All @@ -81,6 +103,7 @@ require (
go.mongodb.org/mongo-driver v1.7.5 // indirect
go.uber.org/atomic v1.8.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
golang.org/x/crypto v0.1.0 // indirect
golang.org/x/net v0.10.0 // indirect
golang.org/x/oauth2 v0.5.0 // indirect
golang.org/x/sys v0.8.0 // indirect
Expand Down
153 changes: 153 additions & 0 deletions go.sum

Large diffs are not rendered by default.

71 changes: 61 additions & 10 deletions pkg/controller/autoimport/autoimport_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,9 @@ import (
"strings"

"github.com/openshift/library-go/pkg/operator/events"
corev1 "k8s.io/api/core/v1"
"k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/meta"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/types"
"k8s.io/client-go/kubernetes"
Expand All @@ -29,11 +31,12 @@ var log = logf.Log.WithName(controllerName)

// ReconcileAutoImport reconciles the managed cluster auto import secret to import the managed cluster
type ReconcileAutoImport struct {
client client.Client
kubeClient kubernetes.Interface
informerHolder *source.InformerHolder
recorder events.Recorder
importHelper *helpers.ImportHelper
client client.Client
kubeClient kubernetes.Interface
informerHolder *source.InformerHolder
recorder events.Recorder
importHelper *helpers.ImportHelper
rosaKubeConfigGetters map[string]*helpers.RosaKubeConfigGetter
}

func NewReconcileAutoImport(
Expand All @@ -44,11 +47,12 @@ func NewReconcileAutoImport(
) *ReconcileAutoImport {

return &ReconcileAutoImport{
client: client,
kubeClient: kubeClient,
informerHolder: informerHolder,
recorder: recorder,
importHelper: helpers.NewImportHelper(informerHolder, recorder, log),
client: client,
kubeClient: kubeClient,
informerHolder: informerHolder,
recorder: recorder,
importHelper: helpers.NewImportHelper(informerHolder, recorder, log),
rosaKubeConfigGetters: make(map[string]*helpers.RosaKubeConfigGetter),
}
}

Expand Down Expand Up @@ -127,6 +131,25 @@ func (r *ReconcileAutoImport) Reconcile(ctx context.Context, request reconcile.R
backupRestore = true
}

generateClientHolderFunc, err := r.getGenerateClientHolderFuncFromAutoImportSecret(autoImportSecret)
if err != nil {
if err := helpers.UpdateManagedClusterStatus(
r.client,
managedClusterName,
helpers.NewManagedClusterImportSucceededCondition(
metav1.ConditionFalse,
constants.ConditionReasonManagedClusterImportFailed,
fmt.Sprintf("AutoImportSecretInvalid %s/%s; %s",
autoImportSecret.Namespace, autoImportSecret.Name, err),
),
); err != nil {
return reconcile.Result{}, err
}
// auto import secret invalid, stop retrying
return reconcile.Result{}, nil
}

r.importHelper = r.importHelper.WithGenerateClientHolderFunc(generateClientHolderFunc)
result, condition, modified, currentRetry, iErr := r.importHelper.Import(
backupRestore, managedClusterName, autoImportSecret, lastRetry, totalRetry)
// if resources are applied but NOT modified, will not update the condition, keep the original condition.
Expand Down Expand Up @@ -170,3 +193,31 @@ func (r *ReconcileAutoImport) Reconcile(ctx context.Context, request reconcile.R

return result, iErr
}

func (r *ReconcileAutoImport) getGenerateClientHolderFuncFromAutoImportSecret(secret *corev1.Secret) (helpers.GenerateClientHolderFunc, error) {
if _, hasKubeConfig := secret.Data["kubeconfig"]; hasKubeConfig {
return helpers.GenerateImportClientFromKubeConfigSecret, nil
}

_, hasKubeAPIToken := secret.Data["token"]
_, hasKubeAPIServer := secret.Data["server"]
if hasKubeAPIToken && hasKubeAPIServer {
return helpers.GenerateImportClientFromKubeTokenSecret, nil
}

_, hasOCMAPIToken := secret.Data["ocm_api_token"]
rosaClusterID, hasRosaClusterID := secret.Data["ocm_rosa_cluster_id"]
if hasOCMAPIToken && hasRosaClusterID {
getter, ok := r.rosaKubeConfigGetters[string(rosaClusterID)]
if !ok {
getter = helpers.NewRosaKubeConfigGetter()
r.rosaKubeConfigGetters[string(rosaClusterID)] = getter
}

return func(secret *corev1.Secret) (reconcile.Result, *helpers.ClientHolder, meta.RESTMapper, error) {
return helpers.GenerateImportClientFromRosaCluster(getter, secret)
}, nil
}

return nil, fmt.Errorf("kubeconfig or token/server pair or rosa cluster info is required")
}
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,8 @@ func NewReconcileClusterDeployment(
kubeClient: kubeClient,
informerHolder: informerHolder,
recorder: recorder,
importHelper: helpers.NewImportHelper(informerHolder, recorder, log),
importHelper: helpers.NewImportHelper(informerHolder, recorder, log).
WithGenerateClientHolderFunc(helpers.GenerateImportClientFromKubeConfigSecret),
}
}

Expand Down
6 changes: 4 additions & 2 deletions pkg/controller/clusternamespacedeletion/suite_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ var _ = ginkgo.BeforeSuite(func() {
gomega.Expect(err).NotTo(gomega.HaveOccurred())

mgr, err := ctrl.NewManager(cfg, opts)
gomega.Expect(err).NotTo(gomega.HaveOccurred())
runtimeClient = mgr.GetClient()

clientHolder := &helpers.ClientHolder{
Expand All @@ -105,6 +106,7 @@ var _ = ginkgo.BeforeSuite(func() {

var _ = ginkgo.AfterSuite(func() {
ginkgo.By("tearing down the test environment")
err := testEnv.Stop()
gomega.Expect(err).ToNot(gomega.HaveOccurred())
if err := testEnv.Stop(); err != nil {
setupLog.Error(err, "problem tearing down the test environment")
}
})
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ func NewReconcileLocalCluster(
informerHolder: informerHolder,
recorder: recorder,
importHelper: helpers.NewImportHelper(informerHolder, recorder, log).WithGenerateClientHolderFunc(
func(secret *v1.Secret) (*helpers.ClientHolder, meta.RESTMapper, error) {
return clientHolder, restMapper, nil
func(secret *v1.Secret) (reconcile.Result, *helpers.ClientHolder, meta.RESTMapper, error) {
return reconcile.Result{}, clientHolder, restMapper, nil
},
),
}
Expand Down
10 changes: 5 additions & 5 deletions pkg/helpers/autoimport.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ type ApplyResourcesFunc func(backupRestore bool, client *ClientHolder, restMappe

// GenerateClientHolderFunc is a function to generate the managed cluster client holder which is
// used to import cluster(apply resources to the managed cluster)
type GenerateClientHolderFunc func(secret *corev1.Secret) (*ClientHolder, meta.RESTMapper, error)
type GenerateClientHolderFunc func(secret *corev1.Secret) (reconcile.Result, *ClientHolder, meta.RESTMapper, error)

// ImportHelper is used to helper controller to import managed cluster
type ImportHelper struct {
Expand Down Expand Up @@ -118,8 +118,7 @@ func NewImportHelper(informerHolder *source.InformerHolder,
recorder: recorder,
log: log,

generateClientHolderFunc: GenerateClientFromSecret,
applyResourcesFunc: defaultApplyResourcesFunc,
applyResourcesFunc: defaultApplyResourcesFunc,
}
}

Expand Down Expand Up @@ -163,9 +162,10 @@ func (i *ImportHelper) Import(backupRestore bool, clusterName string,
), false, currentRetry, nil
}

clientHolder, restMapper, err := i.generateClientHolderFunc(managedClusterKubeClientSecret)
// build import client with managed cluster kube client secret
result, clientHolder, restMapper, err := i.generateClientHolderFunc(managedClusterKubeClientSecret)
if err != nil {
return reconcile.Result{},
return result,
NewManagedClusterImportSucceededCondition(
metav1.ConditionFalse,
constants.ConditionReasonManagedClusterImportFailed,
Expand Down
78 changes: 43 additions & 35 deletions pkg/helpers/autoimport_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -136,17 +136,18 @@ func TestImportHelper(t *testing.T) {

managedClusterName := "test"
cases := []struct {
name string
autoImportSecret *corev1.Secret
importSecret *corev1.Secret
works []runtime.Object
lastRetry int
totalRetry int
expectedErr bool
expectedCurrentRetry int
expectedRequeueAfter time.Duration
expectedConditionStatus metav1.ConditionStatus
expectedConditionReason string
name string
autoImportSecret *corev1.Secret
importSecret *corev1.Secret
works []runtime.Object
lastRetry int
totalRetry int
generateClientHolderFunc GenerateClientHolderFunc
expectedErr bool
expectedCurrentRetry int
expectedRequeueAfter time.Duration
expectedConditionStatus metav1.ConditionStatus
expectedConditionReason string
}{
{
name: "no manifest works",
Expand Down Expand Up @@ -203,10 +204,11 @@ func TestImportHelper(t *testing.T) {
"kubeconfig": testinghelpers.BuildKubeconfig(config),
},
},
expectedErr: false,
expectedCurrentRetry: 0,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
generateClientHolderFunc: GenerateImportClientFromKubeConfigSecret,
expectedErr: false,
expectedCurrentRetry: 0,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
},
{
name: "update auto import secret current retry times",
Expand Down Expand Up @@ -242,11 +244,12 @@ func TestImportHelper(t *testing.T) {
"kubeconfig": testinghelpers.BuildKubeconfig(config),
},
},
expectedErr: false,
expectedCurrentRetry: 2,
expectedRequeueAfter: 10 * time.Second,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
generateClientHolderFunc: GenerateImportClientFromKubeConfigSecret,
expectedErr: false,
expectedCurrentRetry: 2,
expectedRequeueAfter: 10 * time.Second,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
},
{
name: "import cluster with auto-import secret invalid",
Expand Down Expand Up @@ -283,11 +286,12 @@ func TestImportHelper(t *testing.T) {
// no auth info
},
},
expectedErr: false,
expectedCurrentRetry: 0,
expectedRequeueAfter: 0 * time.Second,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImportFailed,
generateClientHolderFunc: GenerateImportClientFromKubeTokenSecret,
expectedErr: false,
expectedCurrentRetry: 0,
expectedRequeueAfter: 0 * time.Second,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImportFailed,
},
{
name: "only update the bootstrap secret",
Expand Down Expand Up @@ -326,11 +330,12 @@ func TestImportHelper(t *testing.T) {
"kubeconfig": testinghelpers.BuildKubeconfig(config),
},
},
expectedErr: false,
expectedCurrentRetry: 1,
expectedRequeueAfter: 0 * time.Second,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
generateClientHolderFunc: GenerateImportClientFromKubeConfigSecret,
expectedErr: false,
expectedCurrentRetry: 1,
expectedRequeueAfter: 0 * time.Second,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
},
{
name: "import cluster with auto-import secret valid",
Expand Down Expand Up @@ -369,11 +374,12 @@ func TestImportHelper(t *testing.T) {
"kubeconfig": testinghelpers.BuildKubeconfig(config),
},
},
expectedErr: false,
expectedCurrentRetry: 1,
expectedRequeueAfter: 0,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
generateClientHolderFunc: GenerateImportClientFromKubeConfigSecret,
expectedErr: false,
expectedCurrentRetry: 1,
expectedRequeueAfter: 0,
expectedConditionStatus: metav1.ConditionFalse,
expectedConditionReason: constants.ConditionReasonManagedClusterImporting,
},
}

Expand Down Expand Up @@ -404,6 +410,8 @@ func TestImportHelper(t *testing.T) {
KlusterletWorkLister: workInformerFactory.Work().V1().ManifestWorks().Lister(),
}, eventstesting.NewTestingEventRecorder(t), logf.Log.WithName("import-helper-tester"))

importHelper = importHelper.WithGenerateClientHolderFunc(c.generateClientHolderFunc)

backupRestore := false
if c.autoImportSecret != nil {
if val, ok := c.autoImportSecret.Labels[constants.LabelAutoImportRestore]; ok &&
Expand Down
Loading

0 comments on commit 304e153

Please sign in to comment.