fix dedupe access keys

linode · Feb 27, 2024 · 36f51dd · 36f51dd
1 parent 4a93b3f
commit 36f51dd
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 40 deletions.
diff --git a/cloud/services/object_storage_buckets.go b/cloud/services/object_storage_buckets.go
@@ -57,6 +57,22 @@ func CreateObjectStorageBucket(ctx context.Context, bucketScope *scope.ObjectSto
 
 func CreateObjectStorageKeys(ctx context.Context, bucketScope *scope.ObjectStorageBucketScope, logger logr.Logger) ([2]linodego.ObjectStorageKey, error) {
 	var newKeys [2]linodego.ObjectStorageKey
+	var existingKeys []linodego.ObjectStorageKey
+	var err error
+
+	if existingKeys, err = bucketScope.LinodeClient.ListObjectStorageKeys(
+		ctx,
+		linodego.NewListOptions(1, "{}"),
+	); err != nil {
+		logger.Info("Failed to list object storage keys", "error", err.Error())
+
+		return newKeys, err
+	}
+
+	keysSet := make(map[string]struct{})
+	for _, key := range existingKeys {
+		keysSet[key.Label] = struct{}{}
+	}
 
 	for i, e := range []struct {
 		permission string
@@ -66,26 +82,9 @@ func CreateObjectStorageKeys(ctx context.Context, bucketScope *scope.ObjectStora
 		{"read_only", "ro"},
 	} {
 		keyLabel := fmt.Sprintf("%s-%s-%s", bucketScope.Object.Spec.Cluster, bucketScope.Object.Spec.Label, e.suffix)
-		filter := map[string]string{
-			"label": keyLabel,
-		}
 
-		rawFilter, err := json.Marshal(filter)
-		if err != nil {
-			return newKeys, err
-		}
-
-		var existingKeys []linodego.ObjectStorageKey
-		if existingKeys, err = bucketScope.LinodeClient.ListObjectStorageKeys(
-			ctx,
-			linodego.NewListOptions(1, string(rawFilter)),
-		); err != nil {
-			logger.Info("Failed to list object storage keys", "error", err.Error())
-
-			return newKeys, err
-		}
-		if len(existingKeys) == 1 {
-			logger.Info(fmt.Sprintf("ObjectStorageBucket %s already exists", existingKeys[0].Label))
+		if _, ok := keysSet[keyLabel]; ok {
+			logger.Info(fmt.Sprintf("Object storage key %s already exists", keyLabel))
 
 			newKeys[i] = existingKeys[0]
 			continue

diff --git a/controller/linodeobjectstoragebucket_controller.go b/controller/linodeobjectstoragebucket_controller.go
@@ -121,9 +121,9 @@ func (r *LinodeObjectStorageBucketReconciler) reconcile(
 		return res, r.reconcileDelete(ctx, logger, bucketScope)
 	}
 
-	if err := bucketScope.AddFinalizer(ctx); err != nil {
-		return res, err
-	}
+	// if err := bucketScope.AddFinalizer(ctx); err != nil {
+	// 	return res, err
+	// }
 
 	// Created
 	if bucketScope.Object.Status.LastKeyGeneration == nil {

diff --git a/...ebucket-controller/minimal/02-assert.yaml → ...ebucket-controller/minimal/01-assert.yaml b/...ebucket-controller/minimal/02-assert.yaml → ...ebucket-controller/minimal/01-assert.yaml
@@ -6,9 +6,6 @@ spec:
   label: sample
   cluster: us-sea-1
   keyGeneration: 0
-  apiKeySecretRef:
-    name: linodeobjectstoragebucket-sample
-    key: apiToken
 status:
   ready: true
   keySecretName: linodeobjectstoragebucket-sample-access-keys

diff --git a/e2e/linodeobjectstoragebucket-controller/minimal/01-create-apisecret.yaml b/e2e/linodeobjectstoragebucket-controller/minimal/01-create-apisecret.yaml
diff --git a/.../02-create-linodeobjectstoragebucket.yaml → .../01-create-linodeobjectstoragebucket.yaml b/.../02-create-linodeobjectstoragebucket.yaml → .../01-create-linodeobjectstoragebucket.yaml
@@ -5,6 +5,3 @@ metadata:
 spec:
   label: sample
   cluster: us-sea-1
-  apiKeySecretRef:
-    name: linodeobjectstoragebucket-sample
-    key: apiToken
diff --git a/.../03-verify-linodeobjectstoragebucket.yaml → .../02-verify-linodeobjectstoragebucket.yaml b/.../03-verify-linodeobjectstoragebucket.yaml → .../02-verify-linodeobjectstoragebucket.yaml