Fetches cluster fsid through secret and not mc

This commit fixes the issue with hub recovery where the new hub cluster does not have managedcluster CRs updated due to clusterclaims on the managed clusters being in an non updated state. We are changing the method from looking into the MC CRs to fetching it from the rook secret synced on hub. Signed-off-by: vbadrina <[email protected]>
red-hat-storage · Jan 31, 2024 · eed48ca · eed48ca
1 parent 045c553
commit eed48ca
Show file tree

Hide file tree

Showing 2 changed files with 38 additions and 35 deletions.
diff --git a/controllers/drpolicy_controller.go b/controllers/drpolicy_controller.go
@@ -23,7 +23,6 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/klog/v2"
-	clusterv1 "open-cluster-management.io/api/cluster/v1"
 	workv1 "open-cluster-management.io/api/work/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/builder"
@@ -256,23 +255,23 @@ func (r *DRPolicyReconciler) createOrUpdateManifestWorkForVRC(ctx context.Contex
 }
 
 func (r *DRPolicyReconciler) fetchClusterFSIDs(ctx context.Context, peer *multiclusterv1alpha1.MirrorPeer, clusterFSIDs map[string]string) error {
-	var mcList clusterv1.ManagedClusterList
-	err := r.HubClient.List(ctx, &mcList)
-	if err != nil {
-		return err
-	}
-
 	for _, pr := range peer.Spec.Items {
-		for _, mc := range mcList.Items {
-			if mc.Name == pr.ClusterName {
-				for _, cc := range mc.Status.ClusterClaims {
-					if cc.Name == "cephfsid.odf.openshift.io" {
-						clusterFSIDs[pr.ClusterName] = cc.Value
-						break
-					}
-				}
+		rookSecretName := utils.GetSecretNameByPeerRef(pr)
+		klog.Info("Fetching rook secret ", "Secret Name:", rookSecretName)
+		hs, err := utils.FetchSecretWithName(ctx, r.HubClient, types.NamespacedName{Name: rookSecretName, Namespace: pr.ClusterName})
+		if err != nil {
+			if errors.IsNotFound(err) {
+				klog.Info("could not find secret %q. will attempt to fetch it again after a delay", rookSecretName)
 			}
+			return err
+		}
+		klog.Info("Unmarshalling rook secret ", "Secret Name:", rookSecretName)
+		rt, err := utils.UnmarshalHubSecret(hs)
+		if err != nil {
+			klog.Error(err, "Failed to unmarshal rook secret", "Secret", rookSecretName)
+			return err
 		}
+		clusterFSIDs[pr.ClusterName] = rt.FSID
 	}
 
 	return nil

diff --git a/controllers/drpolicy_controller_test.go b/controllers/drpolicy_controller_test.go
@@ -8,10 +8,10 @@ import (
 	ramenv1alpha1 "github.com/ramendr/ramen/api/v1alpha1"
 	multiclusterv1alpha1 "github.com/red-hat-storage/odf-multicluster-orchestrator/api/v1alpha1"
 	"github.com/red-hat-storage/odf-multicluster-orchestrator/controllers/utils"
+	corev1 "k8s.io/api/core/v1"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
-	clusterv1 "open-cluster-management.io/api/cluster/v1"
 	workv1 "open-cluster-management.io/api/work/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
@@ -103,33 +103,37 @@ func getFakeDRPolicyReconciler(drpolicy *ramenv1alpha1.DRPolicy, mp *multicluste
 			Name: cName2,
 		},
 	}
-	mc1 := &clusterv1.ManagedCluster{
+
+	// Constitutes both blue secret and green secret present on the hub
+	hubSecret1 := corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: cName1,
+			Name:      utils.GetSecretNameByPeerRef(mp.Spec.Items[0]),
+			Namespace: cName1,
 		},
-		Status: clusterv1.ManagedClusterStatus{
-			ClusterClaims: []clusterv1.ManagedClusterClaim{
-				{
-					Name:  "cephfsid.odf.openshift.io",
-					Value: "db47dafb-1459-44ca-8a7a-b55ba2ec2d7c",
-				},
-			},
+		Data: map[string][]byte{
+			"namespace":            []byte("openshift-storage"),
+			"secret-data":          []byte(`{"cluster":"b2NzLXN0b3JhZ2VjbHVzdGVyLWNlcGhjbHVzdGVy","token":"ZXlKbWMybGtJam9pWXpSak56SmpNRE10WXpCbFlpMDBZMlppTFRnME16RXRNekExTmpZME16UmxZV1ZqSWl3aVkyeHBaVzUwWDJsa0lqb2ljbUprTFcxcGNuSnZjaTF3WldWeUlpd2lhMlY1SWpvaVFWRkVkbGxyTldrM04xbG9TMEpCUVZZM2NFZHlVVXBrU1VvelJtZGpjVWxGVUZWS0wzYzlQU0lzSW0xdmJsOW9iM04wSWpvaU1UY3lMak13TGpFd01TNHlORGs2TmpjNE9Td3hOekl1TXpBdU1UZ3pMakU1TURvMk56ZzVMREUzTWk0ek1DNHlNak11TWpFd09qWTNPRGtpTENKdVlXMWxjM0JoWTJVaU9pSnZjR1Z1YzJocFpuUXRjM1J2Y21GblpTSjk="}`),
+			"secret-origin":        []byte("rook"),
+			"storage-cluster-name": []byte("ocs-storagecluster"),
 		},
+		Type: "multicluster.odf.openshift.io/secret-type",
 	}
-	mc2 := &clusterv1.ManagedCluster{
+
+	hubSecret2 := corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: cName2,
+			Name:      utils.GetSecretNameByPeerRef(mp.Spec.Items[1]),
+			Namespace: cName2,
 		},
-		Status: clusterv1.ManagedClusterStatus{
-			ClusterClaims: []clusterv1.ManagedClusterClaim{
-				{
-					Name:  "cephfsid.odf.openshift.io",
-					Value: "5b544f43-3ff9-4296-bc9f-051e60dcecdf",
-				},
-			},
+		Data: map[string][]byte{
+			"namespace":            []byte("openshift-storage"),
+			"secret-data":          []byte(`{"cluster":"b2NzLXN0b3JhZ2VjbHVzdGVyLWNlcGhjbHVzdGVy","token":"ZXlKbWMybGtJam9pWXpSak56SmpNRE10WXpCbFlpMDBZMlppTFRnME16RXRNekExTmpZME16UmxZV1ZqSWl3aVkyeHBaVzUwWDJsa0lqb2ljbUprTFcxcGNuSnZjaTF3WldWeUlpd2lhMlY1SWpvaVFWRkVkbGxyTldrM04xbG9TMEpCUVZZM2NFZHlVVXBrU1VvelJtZGpjVWxGVUZWS0wzYzlQU0lzSW0xdmJsOW9iM04wSWpvaU1UY3lMak13TGpFd01TNHlORGs2TmpjNE9Td3hOekl1TXpBdU1UZ3pMakU1TURvMk56ZzVMREUzTWk0ek1DNHlNak11TWpFd09qWTNPRGtpTENKdVlXMWxjM0JoWTJVaU9pSnZjR1Z1YzJocFpuUXRjM1J2Y21GblpTSjk="}`),
+			"secret-origin":        []byte("rook"),
+			"storage-cluster-name": []byte("ocs-storagecluster"),
 		},
+		Type: "multicluster.odf.openshift.io/secret-type",
 	}
-	fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithObjects(drpolicy, mp, ns1, ns2, mc1, mc2).Build()
+
+	fakeClient := fake.NewClientBuilder().WithScheme(scheme).WithObjects(drpolicy, mp, ns1, ns2, &hubSecret1, &hubSecret2).Build()
 
 	r := DRPolicyReconciler{
 		HubClient: fakeClient,