diff --git a/controllers/storageconsumer/consumer_test.go b/controllers/storageconsumer/consumer_test.go index 51abe8391c..23636175f1 100644 --- a/controllers/storageconsumer/consumer_test.go +++ b/controllers/storageconsumer/consumer_test.go @@ -19,6 +19,9 @@ package controllers import ( "testing" + nbapis "github.com/noobaa/noobaa-operator/v5/pkg/apis" + "github.com/noobaa/noobaa-operator/v5/pkg/apis/noobaa/v1alpha1" + routev1 "github.com/openshift/api/route/v1" v1 "github.com/red-hat-storage/ocs-operator/api/v4/v1" ocsv1alpha1 "github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1" "github.com/red-hat-storage/ocs-operator/v4/controllers/util" @@ -46,7 +49,15 @@ func createFakeScheme(t *testing.T) *runtime.Scheme { err = rookCephv1.AddToScheme(scheme) if err != nil { - assert.Fail(t, "failed to add rookCephv1scheme") + assert.Fail(t, "failed to add rookCephv1 scheme") + } + err = routev1.AddToScheme(scheme) + if err != nil { + assert.Fail(t, "failed to add routev1 scheme") + } + err = nbapis.AddToScheme(scheme) + if err != nil { + assert.Fail(t, "failed to add nbapis scheme") } return scheme @@ -91,6 +102,14 @@ func TestCephName(t *testing.T) { Phase: "Ready", }, }, + Client: ocsv1alpha1.ClientStatus{ + ClusterID: "consumer", + }, + }, + } + r.noobaaAccount = &v1alpha1.NooBaaAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "consumer-acc", }, } _, err := r.reconcilePhases() diff --git a/controllers/storageconsumer/storageconsumer_controller.go b/controllers/storageconsumer/storageconsumer_controller.go index 97de086029..a0f123f509 100644 --- a/controllers/storageconsumer/storageconsumer_controller.go +++ b/controllers/storageconsumer/storageconsumer_controller.go @@ -21,9 +21,11 @@ import ( "crypto/md5" "encoding/hex" "encoding/json" + "fmt" "github.com/go-logr/logr" "github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1" + "github.com/red-hat-storage/ocs-operator/v4/controllers/util" rookCephv1 "github.com/rook/rook/pkg/apis/ceph.rook.io/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -36,6 +38,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/predicate" + nbv1 "github.com/noobaa/noobaa-operator/v5/pkg/apis/noobaa/v1alpha1" ocsv1alpha1 "github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1" "sigs.k8s.io/controller-runtime/pkg/reconcile" ) @@ -59,6 +62,7 @@ type StorageConsumerReconciler struct { storageConsumer *ocsv1alpha1.StorageConsumer cephClientHealthChecker *rookCephv1.CephClient namespace string + noobaaAccount *nbv1.NooBaaAccount } //+kubebuilder:rbac:groups=ocs.openshift.io,resources=storageconsumers,verbs=get;list;watch;create;update;patch;delete @@ -127,6 +131,10 @@ func (r *StorageConsumerReconciler) initReconciler(request reconcile.Request) { r.cephClientHealthChecker = &rookCephv1.CephClient{} r.cephClientHealthChecker.Name = GenerateHashForCephClient(r.storageConsumer.Name, "global") r.cephClientHealthChecker.Namespace = r.namespace + + r.noobaaAccount = &nbv1.NooBaaAccount{} + r.noobaaAccount.Name = "noobaa-remote-" + r.storageConsumer.Status.Client.ClusterID + r.noobaaAccount.Namespace = r.storageConsumer.Namespace } func (r *StorageConsumerReconciler) reconcilePhases() (reconcile.Result, error) { @@ -157,6 +165,10 @@ func (r *StorageConsumerReconciler) reconcilePhases() (reconcile.Result, error) r.storageConsumer.Status.State = v1alpha1.StorageConsumerStateReady } + if err := r.reconcileNoobaaAccount(); err != nil { + return reconcile.Result{}, err + } + } else { r.storageConsumer.Status.State = v1alpha1.StorageConsumerStateDeleting } @@ -164,6 +176,19 @@ func (r *StorageConsumerReconciler) reconcilePhases() (reconcile.Result, error) return reconcile.Result{}, nil } +func (r *StorageConsumerReconciler) reconcileNoobaaAccount() error { + _, err := ctrl.CreateOrUpdate(r.ctx, r.Client, r.noobaaAccount, func() error { + // the following annotation will enable noobaa-operator to create a auth_token secret based on this account + util.AddAnnotation(r.noobaaAccount, "remote-operator", "true") + err := r.own(r.noobaaAccount) + return err + }) + if err != nil { + return fmt.Errorf("failed to create noobaa account for storageConsumer %v: %v", r.storageConsumer.Name, err) + } + return nil +} + func (r *StorageConsumerReconciler) reconcileCephClientHealthChecker() error { desired := &rookCephv1.CephClient{ diff --git a/deploy/ocs-operator/manifests/provider-role.yaml b/deploy/ocs-operator/manifests/provider-role.yaml index bd708fc6fe..4c1c6c0ed3 100644 --- a/deploy/ocs-operator/manifests/provider-role.yaml +++ b/deploy/ocs-operator/manifests/provider-role.yaml @@ -61,3 +61,19 @@ rules: verbs: - get - list +- apiGroups: + - noobaa.io + resources: + - noobaaaccounts + verbs: + - get + - list + - create + - delete +- apiGroups: + - route.openshift.io + resources: + - routes + verbs: + - get + - list diff --git a/services/provider/server/consumer.go b/services/provider/server/consumer.go index 9415b8f014..6e050257fd 100644 --- a/services/provider/server/consumer.go +++ b/services/provider/server/consumer.go @@ -4,12 +4,9 @@ import ( "context" "errors" "fmt" - "strings" "sync" - nbv1 "github.com/noobaa/noobaa-operator/v5/pkg/apis/noobaa/v1alpha1" ocsv1alpha1 "github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1" - "github.com/red-hat-storage/ocs-operator/v4/controllers/util" ifaces "github.com/red-hat-storage/ocs-operator/v4/services/provider/interfaces" kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -229,47 +226,3 @@ func (c *ocsConsumerManager) UpdateConsumerStatus(ctx context.Context, id string klog.Infof("successfully updated Status for StorageConsumer %v", consumerObj.Name) return nil } - -func (c *ocsConsumerManager) CreateNoobaaAccount(ctx context.Context, id string) error { - - consumerObj, err := c.Get(ctx, id) - if err != nil { - return err - } - consumerClusterID := strings.TrimPrefix(consumerObj.Name, "storageconsumer-") - if consumerClusterID != "" && len(consumerClusterID) == 0 { - return fmt.Errorf("failed to get clusterID from consumerResource Name: %s %v", consumerObj.Name, err) - } - - noobaaAccountName := fmt.Sprintf("noobaa-remote-%s", consumerClusterID) - nbAccountObj := &nbv1.NooBaaAccount{} - nbAccountObj.Name = noobaaAccountName - nbAccountObj.Namespace = consumerObj.Namespace - // the following annotation will enable noobaa-operator to create a auth_token secret based on this account - util.AddAnnotation(nbAccountObj, "remote-operator", "true") - - err = c.client.Create(ctx, nbAccountObj) - if err != nil { - return fmt.Errorf("failed to create noobaa account for storageConsumer %v: %v", consumerObj.Name, err) - } - return nil -} - -func (c *ocsConsumerManager) DeleteNoobaaAccount(ctx context.Context, id string) error { - consumerObj, err := c.Get(ctx, id) - if err != nil { - return err - } - clusterID := strings.TrimPrefix(consumerObj.Name, "storageconsumer-") - if clusterID != "" && len(clusterID) == 0 { - return fmt.Errorf("failed to get clusterID from consumerResource Name: %s %v", consumerObj.Name, err) - } - noobaaAccountName := fmt.Sprintf("noobaa-remote-%s", clusterID) - nbAccountObj := &nbv1.NooBaaAccount{} - nbAccountObj.Name = noobaaAccountName - nbAccountObj.Namespace = consumerObj.Namespace - if err := c.client.Delete(ctx, nbAccountObj); err != nil { - return fmt.Errorf("failed to delete Noobaa account %q. %v", nbAccountObj.Name, err) - } - return nil -} diff --git a/services/provider/server/consumer_test.go b/services/provider/server/consumer_test.go index 7f05a69d5b..648440ce2f 100644 --- a/services/provider/server/consumer_test.go +++ b/services/provider/server/consumer_test.go @@ -4,7 +4,6 @@ import ( "context" "testing" - routev1 "github.com/openshift/api/route/v1" api "github.com/red-hat-storage/ocs-operator/api/v4/v1" ocsv1alpha1 "github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1" providerClient "github.com/red-hat-storage/ocs-operator/v4/services/provider/client" @@ -63,8 +62,6 @@ func newFakeClient(t *testing.T, obj ...client.Object) client.Client { err = rookCephv1.AddToScheme(scheme) assert.NoError(t, err, "failed to add rookCephv1 scheme") - err = routev1.AddToScheme(scheme) - assert.NoError(t, err, "failed to add routev1 scheme") return fake.NewClientBuilder(). WithScheme(scheme). WithObjects(obj...). diff --git a/services/provider/server/server.go b/services/provider/server/server.go index 7d16cb09cd..61d452c4a4 100644 --- a/services/provider/server/server.go +++ b/services/provider/server/server.go @@ -148,10 +148,6 @@ func (s *OCSProviderServer) AcknowledgeOnboarding(ctx context.Context, req *pb.A } return nil, status.Errorf(codes.Internal, "Failed to update the storageConsumer. %v", err) } - // create noobaa account CR - if err := s.consumerManager.CreateNoobaaAccount(ctx, req.StorageConsumerUUID); err != nil { - return nil, status.Errorf(codes.Internal, "Failed to create noobaa account for storageconsumer. %v", err) - } return &pb.AcknowledgeOnboardingResponse{}, nil } @@ -191,12 +187,7 @@ func (s *OCSProviderServer) GetStorageConfig(ctx context.Context, req *pb.Storag // OffboardConsumer RPC call to delete the StorageConsumer CR func (s *OCSProviderServer) OffboardConsumer(ctx context.Context, req *pb.OffboardConsumerRequest) (*pb.OffboardConsumerResponse, error) { - // remove noobaa account - err := s.consumerManager.DeleteNoobaaAccount(ctx, req.StorageConsumerUUID) - if err != nil { - return nil, status.Errorf(codes.Internal, "failed to delete noobaaAccount resource with the provided UUID. %v", err) - } - err = s.consumerManager.Delete(ctx, req.StorageConsumerUUID) + err := s.consumerManager.Delete(ctx, req.StorageConsumerUUID) if err != nil { return nil, status.Errorf(codes.Internal, "failed to delete storageConsumer resource with the provided UUID. %v", err) } @@ -417,12 +408,8 @@ func (s *OCSProviderServer) getExternalResources(ctx context.Context, consumerRe } // Fetch noobaa remote secret and management address and append to extResources + clusterID := consumerResource.Status.Client.ClusterID noobaaOperatorSecret := &v1.Secret{} - clusterID := strings.TrimPrefix(consumerResource.Name, "storageconsumer-") - if clusterID != "" && len(clusterID) == 0 { - return nil, fmt.Errorf("failed to get clusterID from consumerResource Name: %s %v", consumerResource.Name, err) - } - noobaaOperatorSecretName := fmt.Sprintf("noobaa-remote-join-secret-%s", clusterID) err = s.client.Get(ctx, types.NamespacedName{Name: noobaaOperatorSecretName, Namespace: s.namespace}, noobaaOperatorSecret) if err != nil { @@ -447,27 +434,23 @@ func (s *OCSProviderServer) getExternalResources(ctx context.Context, consumerRe if noobaaMgmtAddress == "" { return nil, fmt.Errorf("no Host found in noobaa-mgmt route Ingress") } - joinSecret := &corev1.Secret{ - Data: map[string][]byte{ - "auth_token": authToken, - "mgmt_addr": []byte(noobaaMgmtAddress), - }, - } extR = append(extR, &pb.ExternalResource{ Name: "noobaa-remote-join-secret", Kind: "Secret", - Data: mustMarshal(joinSecret), + Data: mustMarshal(map[string][]byte{ + "auth_token": authToken, + "mgmt_addr": []byte(noobaaMgmtAddress), + }), }) - noobaaSpec := &nbv1.NooBaaSpec{ - JoinSecret: &v1.SecretReference{ - Name: "noobaa-remote-join-secret", - }, - } extR = append(extR, &pb.ExternalResource{ Name: "noobaa-remote", Kind: "Noobaa", - Data: mustMarshal(noobaaSpec), + Data: mustMarshal(&nbv1.NooBaaSpec{ + JoinSecret: &v1.SecretReference{ + Name: "noobaa-remote-join-secret", + }, + }), }) return extR, nil } diff --git a/services/provider/server/server_test.go b/services/provider/server/server_test.go index eb1f1d8e34..1fabbb41a2 100644 --- a/services/provider/server/server_test.go +++ b/services/provider/server/server_test.go @@ -57,11 +57,9 @@ var noobaaSpec = &nbv1.NooBaaSpec{ }, } -var joinSecret = &v1.Secret{ - Data: map[string][]byte{ - "auth_token": []byte("authToken"), - "mgmt_addr": []byte("noobaaMgmtAddress"), - }, +var joinSecret = map[string][]byte{ + "auth_token": []byte("authToken"), + "mgmt_addr": []byte("noobaaMgmtAddress"), } var mockExtR = map[string]*externalResource{ @@ -133,6 +131,9 @@ var ( Kind: "CephClient", }, }, + Client: ocsv1alpha1.ClientStatus{ + ClusterID: "consumer", + }, State: ocsv1alpha1.StorageConsumerStateReady, }, } @@ -205,6 +206,9 @@ var ( Kind: "CephClient", }, }, + Client: ocsv1alpha1.ClientStatus{ + ClusterID: "consumer6", + }, State: ocsv1alpha1.StorageConsumerStateReady, }, }