Change some relationship labels on update as well (kubevirt#2018)

* Update operator-lifecycle-sdk to get fix for labels on upgrade

Update dep to get kubevirt/controller-lifecycle-operator-sdk#19

Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>

* Reconcile labels also for CDIConfig

Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>

* Reconcile labels on storageprofile

Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>

* Reconcile remaining operator resources for updated labels

BZ#2017478

Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>

go.mod

@@ -7,6 +7,7 @@ require (
 	github.com/aws/aws-sdk-go v1.15.77
 	github.com/containers/image/v5 v5.5.1
 	github.com/coreos/go-semver v0.3.0
+	github.com/docker/go-units v0.4.0
 	github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c // indirect
 	github.com/elazarl/goproxy v0.0.0-20190911111923-ecfe977594f1 // indirect
 	github.com/emicklei/go-restful v2.10.0+incompatible
@@ -47,7 +48,7 @@ require (
 	k8s.io/klog/v2 v2.4.0
 	k8s.io/kube-aggregator v0.20.2
 	k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd
-	kubevirt.io/controller-lifecycle-operator-sdk v0.2.1-0.20210723143736-64585ea1d1bd // TODO: update when release is made
+	kubevirt.io/controller-lifecycle-operator-sdk v0.2.2
 	kubevirt.io/qe-tools v0.1.6
 	sigs.k8s.io/controller-runtime v0.8.3
 )

pkg/apiserver/apiserver.go

@@ -54,8 +54,8 @@ import (
 )
 
 const (
-	// selfsigned cert secret name
-	apiSigningKeySecretName = "cdi-api-signing-key"
+	// APISigningKeySecretName is the selfsigned cert secret name
+	APISigningKeySecretName = "cdi-api-signing-key"
 
 	uploadTokenGroup = "upload.cdi.kubevirt.io"
 
@@ -196,7 +196,7 @@ func (app *cdiAPIApp) Start(ch <-chan struct{}) error {
 func (app *cdiAPIApp) getKeysAndCerts() error {
 	namespace := util.GetNamespace()
 
-	privateKey, err := keys.GetOrCreatePrivateKey(app.client, namespace, apiSigningKeySecretName, app.installerLabels)
+	privateKey, err := keys.GetOrCreatePrivateKey(app.client, namespace, APISigningKeySecretName, app.installerLabels)
 	if err != nil {
 		return errors.Wrap(err, "Error getting/creating signing key")
 	}

pkg/apiserver/apiserver_test.go

@@ -61,11 +61,11 @@ func signingKeySecretGetAction() core.Action {
 			Version:  "v1",
 		},
 		"cdi",
-		apiSigningKeySecretName)
+		APISigningKeySecretName)
 }
 
 func signingKeySecretCreateAction(privateKey *rsa.PrivateKey) core.Action {
-	secret, _ := keystest.NewPrivateKeySecret("cdi", apiSigningKeySecretName, privateKey)
+	secret, _ := keystest.NewPrivateKeySecret("cdi", APISigningKeySecretName, privateKey)
 	return core.NewCreateAction(
 		schema.GroupVersionResource{
 			Resource: "secrets",
@@ -177,7 +177,7 @@ var _ = Describe("API server tests", func() {
 		signingKey, err := generateTestKey()
 		Expect(err).ToNot(HaveOccurred())
 
-		signingKeySecret, err := keystest.NewPrivateKeySecret("cdi", apiSigningKeySecretName, signingKey)
+		signingKeySecret, err := keystest.NewPrivateKeySecret("cdi", APISigningKeySecretName, signingKey)
 		Expect(err).ToNot(HaveOccurred())
 
 		kubeobjects := []runtime.Object{}

pkg/controller/config-controller.go

@@ -114,6 +114,8 @@ func (r *CDIConfigReconciler) Reconcile(_ context.Context, req reconcile.Request
 }
 
 func (r *CDIConfigReconciler) setOperatorParams(config *cdiv1.CDIConfig) error {
+	util.SetRecommendedLabels(config, r.installerLabels, "cdi-controller")
+
 	cdiCR, err := GetActiveCDI(r.client)
 	if err != nil {
 		return err
@@ -404,6 +406,7 @@ func (r *CDIConfigReconciler) reconcileImportProxyCAConfigMap(config *cdiv1.CDIC
 			}
 			if configMap != nil {
 				configMap.Data[common.ImportProxyConfigMapKey] = certBytes
+				util.SetRecommendedLabels(configMap, r.installerLabels, "cdi-controller")
 				if err := r.client.Update(context.TODO(), configMap); err != nil {
 					return err
 				}

pkg/controller/config-controller_test.go

@@ -57,6 +57,7 @@ var _ = Describe("CDIConfig Controller reconcile loop", func() {
 	It("Should not update if no changes happened", func() {
 		reconciler, cdiConfig := createConfigReconciler(createConfigMap(operator.ConfigMapName, testNamespace))
 		err := reconciler.client.Get(context.TODO(), types.NamespacedName{Name: reconciler.configName}, cdiConfig)
+		Expect(err).ToNot(HaveOccurred())
 		_, err = reconciler.Reconcile(context.TODO(), reconcile.Request{})
 		Expect(err).ToNot(HaveOccurred())
 		err = reconciler.client.Get(context.TODO(), types.NamespacedName{Name: reconciler.configName}, cdiConfig)
@@ -66,6 +67,24 @@ var _ = Describe("CDIConfig Controller reconcile loop", func() {
 		Expect(err).ToNot(HaveOccurred())
 	})
 
+	It("Should update labels on CDIConfig when the ones on CR change", func() {
+		reconciler, cdiConfig := createConfigReconciler(createConfigMap(operator.ConfigMapName, testNamespace))
+		err := reconciler.client.Get(context.TODO(), types.NamespacedName{Name: reconciler.configName}, cdiConfig)
+		Expect(err).ToNot(HaveOccurred())
+		_, err = reconciler.Reconcile(context.TODO(), reconcile.Request{})
+		Expect(err).ToNot(HaveOccurred())
+		err = reconciler.client.Get(context.TODO(), types.NamespacedName{Name: reconciler.configName}, cdiConfig)
+		Expect(err).ToNot(HaveOccurred())
+		// CDIConfig generated
+		reconciler.installerLabels[common.AppKubernetesPartOfLabel] = "new"
+		Expect(err).ToNot(HaveOccurred())
+		_, err = reconciler.Reconcile(context.TODO(), reconcile.Request{})
+		Expect(err).ToNot(HaveOccurred())
+		err = reconciler.client.Get(context.TODO(), types.NamespacedName{Name: reconciler.configName}, cdiConfig)
+		Expect(err).ToNot(HaveOccurred())
+		Expect(cdiConfig.Labels[common.AppKubernetesPartOfLabel]).To(Equal("new"))
+	})
+
 	DescribeTable("Should set proxyURL to override if no ingress or route exists", func(authority bool) {
 		reconciler, cdiConfig := createConfigReconciler(createConfigMap(operator.ConfigMapName, testNamespace))
 		_, err := reconciler.Reconcile(context.TODO(), reconcile.Request{})

pkg/controller/storageprofile-controller.go

@@ -77,6 +77,7 @@ func (r *StorageProfileReconciler) reconcileStorageProfile(sc *storagev1.Storage
 		storageProfile.Status.ClaimPropertySets = []cdiv1.ClaimPropertySet{*claimPropertySet}
 	}
 
+	util.SetRecommendedLabels(storageProfile, r.installerLabels, "cdi-controller")
 	if err := r.updateStorageProfile(prevStorageProfile, storageProfile, log); err != nil {
 		return reconcile.Result{}, err
 	}

pkg/operator/controller/BUILD.bazel

@@ -17,6 +17,7 @@ go_library(
     visibility = ["//visibility:public"],
     deps = [
         "//pkg/apis/core/v1beta1:go_default_library",
+        "//pkg/apiserver:go_default_library",
         "//pkg/common:go_default_library",
         "//pkg/controller:go_default_library",
         "//pkg/operator:go_default_library",

pkg/operator/controller/callbacks.go

@@ -46,6 +46,7 @@ func addReconcileCallbacks(r *ReconcileCDI) {
 	r.reconciler.AddCallback(&corev1.ServiceAccount{}, reconcileCreateSCC)
 	r.reconciler.AddCallback(&corev1.ServiceAccount{}, reconcileSELinuxPerms)
 	r.reconciler.AddCallback(&appsv1.Deployment{}, reconcileCreateRoute)
+	r.reconciler.AddCallback(&appsv1.Deployment{}, reconcileRemainingRelationshipLabels)
 	r.reconciler.AddCallback(&appsv1.Deployment{}, reconcileDeleteSecrets)
 	r.reconciler.AddCallback(&extv1.CustomResourceDefinition{}, reconcileInitializeCRD)
 	r.reconciler.AddCallback(&extv1.CustomResourceDefinition{}, reconcileSetConfigAuthority)

pkg/operator/controller/cruft.go

@@ -22,11 +22,17 @@ import (
 	"fmt"
 	"reflect"
 
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 
+	cdiv1 "kubevirt.io/containerized-data-importer/pkg/apis/core/v1beta1"
+	"kubevirt.io/containerized-data-importer/pkg/apiserver"
 	"kubevirt.io/containerized-data-importer/pkg/common"
+	"kubevirt.io/containerized-data-importer/pkg/operator"
+	"kubevirt.io/containerized-data-importer/pkg/util"
 	"kubevirt.io/controller-lifecycle-operator-sdk/pkg/sdk/callbacks"
 
+	routev1 "github.com/openshift/api/route/v1"
 	secv1 "github.com/openshift/api/security/v1"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -224,3 +230,63 @@ func reconcileSELinuxPerms(args *callbacks.ReconcileCallbackArgs) error {
 
 	return nil
 }
+
+func reconcileRemainingRelationshipLabels(args *callbacks.ReconcileCallbackArgs) error {
+	if args.State != callbacks.ReconcileStatePostRead {
+		return nil
+	}
+
+	deployment := args.CurrentObject.(*appsv1.Deployment)
+	if !isControllerDeployment(deployment) || !sdk.CheckDeploymentReady(deployment) {
+		return nil
+	}
+	namespace := deployment.GetNamespace()
+	cr := args.Resource.(*cdiv1.CDI)
+	installerLabels := util.GetRecommendedInstallerLabelsFromCr(cr)
+	remainingResources := []client.Object{
+		&corev1.ConfigMap{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      operator.ConfigMapName,
+				Namespace: namespace,
+			},
+		},
+		&corev1.Secret{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      apiserver.APISigningKeySecretName,
+				Namespace: namespace,
+			},
+		},
+		&routev1.Route{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      uploadProxyRouteName,
+				Namespace: namespace,
+			},
+		},
+		&secv1.SecurityContextConstraints{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: sccName,
+			},
+		},
+	}
+
+	for _, k := range remainingResources {
+		nn := client.ObjectKeyFromObject(k)
+		if err := args.Client.Get(context.TODO(), nn, k); err != nil {
+			if errors.IsNotFound(err) || meta.IsNoMatchError(err) {
+				// Doesn't exist or CRD not installed, we're fine
+				continue
+			}
+			return err
+		}
+		// Exists, lets update labels if needed
+		labelsCopy := util.MergeLabels(k.GetLabels(), map[string]string{})
+		util.SetRecommendedLabels(k, installerLabels, "cdi-operator")
+		if !reflect.DeepEqual(labelsCopy, k.GetLabels()) {
+			if err := args.Client.Update(context.TODO(), k); err != nil {
+				return err
+			}
+		}
+	}
+
+	return nil
+}

vendor/modules.txt

@@ -125,6 +125,7 @@ github.com/docker/go-connections/tlsconfig
 # github.com/docker/go-metrics v0.0.1
 github.com/docker/go-metrics
 # github.com/docker/go-units v0.4.0
+## explicit
 github.com/docker/go-units
 # github.com/docker/spdystream v0.0.0-20181023171402-6480d4af844c
 ## explicit
@@ -999,7 +1000,7 @@ k8s.io/utils/buffer
 k8s.io/utils/integer
 k8s.io/utils/pointer
 k8s.io/utils/trace
-# kubevirt.io/controller-lifecycle-operator-sdk v0.2.1-0.20210723143736-64585ea1d1bd
+# kubevirt.io/controller-lifecycle-operator-sdk v0.2.2
 ## explicit
 kubevirt.io/controller-lifecycle-operator-sdk/pkg/sdk
 kubevirt.io/controller-lifecycle-operator-sdk/pkg/sdk/api