Merge branch 'master' into eventhub-vnet

pkg/errhelp/errors.go

@@ -46,6 +46,8 @@ const (
 	RequestConflictError                = "Conflict"
 	ValidationError                     = "ValidationError"
 	SubscriptionDoesNotHaveServer       = "SubscriptionDoesNotHaveServer"
+	NotSupported                        = "NotSupported"
+	SecretNotFound                      = "SecretNotFound"
 	RequestDisallowedByPolicy           = "RequestDisallowedByPolicy"
 )
 

pkg/resourcemanager/appinsights/appinsights.go

@@ -6,7 +6,7 @@ package appinsights
 import (
 	"context"
 	"fmt"
-	"log"
+	"net/http"
 
 	"github.com/Azure/azure-service-operator/pkg/secrets"
 
@@ -81,9 +81,12 @@ func (m *Manager) CreateAppInsights(
 	kind string,
 	applicationType string,
 	location string,
-	resourceName string) (insights.ApplicationInsightsComponent, error) {
+	resourceName string) (*insights.ApplicationInsightsComponent, error) {
 
-	componentsClient := getComponentsClient()
+	componentsClient, err := getComponentsClient()
+	if err != nil {
+		return nil, err
+	}
 
 	// submit the ARM request
 	result, err := componentsClient.CreateOrUpdate(
@@ -100,7 +103,7 @@ func (m *Manager) CreateAppInsights(
 			},
 		},
 	)
-	return result, err
+	return &result, err
 }
 
 // Ensure checks the desired state of the operator
@@ -212,7 +215,10 @@ func (m *Manager) DeleteAppInsights(
 	resourceGroupName string,
 	resourceName string) (autorest.Response, error) {
 
-	componentsClient := getComponentsClient()
+	componentsClient, err := getComponentsClient()
+	if err != nil {
+		return autorest.Response{Response: &http.Response{StatusCode: 500}}, err
+	}
 
 	result, err := componentsClient.Get(ctx, resourceGroupName, resourceName)
 	if err == nil {
@@ -227,19 +233,21 @@ func (m *Manager) GetAppInsights(
 	resourceGroupName string,
 	resourceName string) (insights.ApplicationInsightsComponent, error) {
 
-	componentsClient := getComponentsClient()
+	componentsClient, err := getComponentsClient()
+	if err != nil {
+		return insights.ApplicationInsightsComponent{}, err
+	}
 	return componentsClient.Get(ctx, resourceGroupName, resourceName)
 }
 
-func getComponentsClient() insights.ComponentsClient {
+func getComponentsClient() (insights.ComponentsClient, error) {
 	insightsClient := insights.NewComponentsClientWithBaseURI(config.BaseURI(), config.SubscriptionID())
-
 	a, err := iam.GetResourceManagementAuthorizer()
 	if err != nil {
-		log.Fatalf("failed to initialize authorizer %v\n", err)
+		insightsClient = insights.ComponentsClient{}
+	} else {
+		insightsClient.Authorizer = a
+		insightsClient.AddToUserAgent(config.UserAgent())
 	}
-	insightsClient.Authorizer = a
-	insightsClient.AddToUserAgent(config.UserAgent())
-
-	return insightsClient
+	return insightsClient, err
 }

pkg/resourcemanager/appinsights/manager.go

@@ -19,7 +19,7 @@ type ApplicationInsightsManager interface {
 		kind string,
 		applicationType string,
 		location string,
-		resourceName string) (insights.ApplicationInsightsComponent, error)
+		resourceName string) (*insights.ApplicationInsightsComponent, error)
 	DeleteAppInsights(ctx context.Context, resourceGroupName string, resourceName string) (autorest.Response, error)
 	GetAppInsights(ctx context.Context, resourceGroupName string, resourceName string) (insights.ApplicationInsightsComponent, error)
 

pkg/resourcemanager/appinsights/suite_test.go

@@ -5,12 +5,14 @@ package appinsights
 
 import (
 	"fmt"
-	"github.com/Azure/azure-service-operator/pkg/errhelp"
 	"log"
 	"testing"
 	"time"
 
+	"github.com/Azure/azure-service-operator/pkg/errhelp"
+
 	"context"
+
 	resourcemanagerconfig "github.com/Azure/azure-service-operator/pkg/resourcemanager/config"
 	resourcegroupsresourcemanager "github.com/Azure/azure-service-operator/pkg/resourcemanager/resourcegroups"
 	. "github.com/onsi/ginkgo"

pkg/resourcemanager/cosmosdbs/cosmosdbs.go

@@ -6,7 +6,6 @@ package cosmosdbs
 import (
 	"context"
 	"fmt"
-	"log"
 
 	"github.com/Azure/azure-sdk-for-go/services/cosmos-db/mgmt/2015-04-08/documentdb"
 	azurev1alpha1 "github.com/Azure/azure-service-operator/api/v1alpha1"
@@ -15,15 +14,17 @@ import (
 	"github.com/Azure/go-autorest/autorest/to"
 )
 
-func getCosmosDBClient() documentdb.DatabaseAccountsClient {
+func getCosmosDBClient() (documentdb.DatabaseAccountsClient, error) {
 	cosmosDBClient := documentdb.NewDatabaseAccountsClientWithBaseURI(config.BaseURI(), config.SubscriptionID())
 	a, err := iam.GetResourceManagementAuthorizer()
 	if err != nil {
-		log.Fatalf("failed to initialize authorizer: %v\n", err)
+		cosmosDBClient = documentdb.DatabaseAccountsClient{}
+	} else {
+		cosmosDBClient.Authorizer = a
+		cosmosDBClient.AddToUserAgent(config.UserAgent())
 	}
-	cosmosDBClient.Authorizer = a
-	cosmosDBClient.AddToUserAgent(config.UserAgent())
-	return cosmosDBClient
+
+	return cosmosDBClient, err
 }
 
 // CreateCosmosDB creates a new CosmosDB
@@ -33,7 +34,10 @@ func CreateCosmosDB(ctx context.Context, groupName string,
 	kind azurev1alpha1.CosmosDBKind,
 	dbType azurev1alpha1.CosmosDBDatabaseAccountOfferType,
 	tags map[string]*string) (*documentdb.DatabaseAccount, error) {
-	cosmosDBClient := getCosmosDBClient()
+	cosmosDBClient, err := getCosmosDBClient()
+	if err != nil {
+		return nil, err
+	}
 
 	dbKind := documentdb.DatabaseAccountKind(kind)
 	sDBType := string(dbType)
@@ -91,7 +95,14 @@ func CreateCosmosDB(ctx context.Context, groupName string,
 }
 
 // DeleteCosmosDB removes the resource group named by env var
-func DeleteCosmosDB(ctx context.Context, groupName string, cosmosDBName string) (result documentdb.DatabaseAccountsDeleteFuture, err error) {
-	cosmosDBClient := getCosmosDBClient()
-	return cosmosDBClient.Delete(ctx, groupName, cosmosDBName)
+func DeleteCosmosDB(ctx context.Context, groupName string, cosmosDBName string) (result *documentdb.DatabaseAccountsDeleteFuture, err error) {
+	cosmosDBClient, err := getCosmosDBClient()
+	if err != nil {
+		return nil, err
+	}
+	future, err := cosmosDBClient.Delete(ctx, groupName, cosmosDBName)
+	if err != nil {
+		return nil, err
+	}
+	return &future, nil
 }

pkg/secrets/keyvault/client.go

@@ -7,6 +7,7 @@ import (
 	"context"
 	"fmt"
 	"strings"
+	"time"
 
 	"encoding/json"
 
@@ -35,15 +36,6 @@ func getVaultsClient() (mgmtclient.VaultsClient, error) {
 	return vaultsClient, nil
 }
 
-func GetVault(ctx context.Context, groupName string, vaultName string) (result mgmtclient.Vault, err error) {
-	vaultsClient, err := getVaultsClient()
-	if err != nil {
-		return mgmtclient.Vault{}, err
-	}
-	return vaultsClient.Get(ctx, groupName, vaultName)
-
-}
-
 // KeyvaultSecretClient struct has the Key vault BaseClient that Azure uses and the KeyVault name
 type KeyvaultSecretClient struct {
 	KeyVaultClient keyvaults.BaseClient
@@ -64,10 +56,6 @@ func GetKeyVaultName(instance runtime.Object) string {
 
 func getVaultsURL(ctx context.Context, vaultName string) string {
 	vaultURL := "https://" + vaultName + "." + config.Environment().KeyVaultDNSSuffix //default
-	vault, err := GetVault(ctx, "", vaultName)
-	if err == nil {
-		vaultURL = *vault.Properties.VaultURI
-	}
 	return vaultURL
 }
 
@@ -302,6 +290,28 @@ func (k *KeyvaultSecretClient) Delete(ctx context.Context, key types.NamespacedN
 		secretName = key.Name
 	}
 	_, err := k.KeyVaultClient.DeleteSecret(ctx, vaultBaseURL, secretName)
+
+	if err != nil {
+		azerr := errhelp.NewAzureErrorAzureError(err)
+		if azerr.Type != errhelp.SecretNotFound { // If not found still need to purge
+			return err
+		}
+	}
+
+	// If Keyvault has softdelete enabled, we will need to purge the secret in addition to deleting it
+	_, err = k.KeyVaultClient.PurgeDeletedSecret(ctx, vaultBaseURL, secretName)
+	for err != nil {
+		azerr := errhelp.NewAzureErrorAzureError(err)
+		if azerr.Type == errhelp.NotSupported { // Keyvault not softdelete enabled; ignore error
+			return nil
+		}
+		if azerr.Type == errhelp.RequestConflictError { // keyvault is still deleting and so purge encounters a "conflict"; purge again
+			time.Sleep(2 * time.Second)
+			_, err = k.KeyVaultClient.PurgeDeletedSecret(ctx, vaultBaseURL, secretName)
+		} else {
+			return err
+		}
+	}
 	return err
 }