Org/space delete job uses an uncached client

- The cached client would sometimes return a resource without the deletion timestamp when the job endpoint was called immediately after deleting the resource. - Consolidate CFSpaceRepository and SpaceRepository interfaces. [#2604] [#2605] Co-authored-by: Dave Walter <walterda@vmware.com>
cloudfoundry · Jun 30, 2023 · 2340c78 · 2340c78
1 parent 9b4ff9f
commit 2340c78
Show file tree

Hide file tree

Showing 21 changed files with 531 additions and 541 deletions.
diff --git a/api/authorization/user_client_factory.go b/api/authorization/user_client_factory.go
@@ -14,6 +14,7 @@ import (
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/apimachinery/pkg/util/wait"
+	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/kubernetes/scheme"
 	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -22,6 +23,7 @@ import (
 type UserK8sClientFactory interface {
 	BuildClient(Info) (client.WithWatch, error)
 	BuildK8sClient(info Info) (k8sclient.Interface, error)
+	BuildDynamicClient(info Info) (dynamic.Interface, error)
 }
 
 type UnprivilegedClientFactory struct {
@@ -122,3 +124,36 @@ func (f UnprivilegedClientFactory) BuildK8sClient(authInfo Info) (k8sclient.Inte
 
 	return userK8sClient, nil
 }
+
+func (f UnprivilegedClientFactory) BuildDynamicClient(authInfo Info) (dynamic.Interface, error) {
+	config := rest.CopyConfig(f.config)
+
+	switch strings.ToLower(authInfo.Scheme()) {
+	case BearerScheme:
+		config.BearerToken = authInfo.Token
+
+	case CertScheme:
+		certBlock, rst := pem.Decode(authInfo.CertData)
+		if certBlock == nil {
+			return nil, fmt.Errorf("failed to decode cert PEM")
+		}
+
+		keyBlock, _ := pem.Decode(rst)
+		if keyBlock == nil {
+			return nil, fmt.Errorf("failed to decode key PEM")
+		}
+
+		config.CertData = pem.EncodeToMemory(certBlock)
+		config.KeyData = pem.EncodeToMemory(keyBlock)
+
+	default:
+		return nil, apierrors.NewNotAuthenticatedError(errors.New("unsupported Authorization header scheme"))
+	}
+
+	userDynamicClient, err := dynamic.NewForConfig(config)
+	if err != nil {
+		return nil, apierrors.FromK8sError(err, "")
+	}
+
+	return userDynamicClient, nil
+}
diff --git a/api/handlers/app.go b/api/handlers/app.go
@@ -61,7 +61,7 @@ type App struct {
 	processRepo      CFProcessRepository
 	routeRepo        CFRouteRepository
 	domainRepo       CFDomainRepository
-	spaceRepo        SpaceRepository
+	spaceRepo        CFSpaceRepository
 	packageRepo      CFPackageRepository
 	requestValidator RequestValidator
 }
@@ -73,7 +73,7 @@ func NewApp(
 	processRepo CFProcessRepository,
 	routeRepo CFRouteRepository,
 	domainRepo CFDomainRepository,
-	spaceRepo SpaceRepository,
+	spaceRepo CFSpaceRepository,
 	packageRepo CFPackageRepository,
 	requestValidator RequestValidator,
 ) *App {

diff --git a/api/handlers/app_test.go b/api/handlers/app_test.go
@@ -34,7 +34,7 @@ var _ = Describe("App", func() {
 		processRepo      *fake.CFProcessRepository
 		routeRepo        *fake.CFRouteRepository
 		domainRepo       *fake.CFDomainRepository
-		spaceRepo        *fake.SpaceRepository
+		spaceRepo        *fake.CFSpaceRepository
 		packageRepo      *fake.CFPackageRepository
 		requestValidator *fake.RequestValidator
 		req              *http.Request
@@ -48,7 +48,7 @@ var _ = Describe("App", func() {
 		processRepo = new(fake.CFProcessRepository)
 		routeRepo = new(fake.CFRouteRepository)
 		domainRepo = new(fake.CFDomainRepository)
-		spaceRepo = new(fake.SpaceRepository)
+		spaceRepo = new(fake.CFSpaceRepository)
 		packageRepo = new(fake.CFPackageRepository)
 		requestValidator = new(fake.RequestValidator)