Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove role/rolebindings for csm objects #591

Closed
wants to merge 6 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions controllers/acc_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -438,6 +438,7 @@

// DeployApexConnectivityClient - perform deployment
func DeployApexConnectivityClient(ctx context.Context, isDeleting bool, operatorConfig utils.OperatorConfig, cr csmv1.ApexConnectivityClient, ctrlClient crclient.Client) error {
log := logger.GetLogger(ctx)
YamlString := ""
ModifiedYamlString := ""
deploymentPath := fmt.Sprintf("%s/clientconfig/%s/%s/%s", operatorConfig.ConfigDirectory, csmv1.DreadnoughtClient, cr.Spec.Client.ConfigVersion, AccManifest)
Expand Down Expand Up @@ -465,6 +466,24 @@
}
}

//If existing csm-installations are found, proceed to get those namespaces and create roles/rolebindings

Check failure on line 469 in controllers/acc_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

File is not `gofumpt`-ed (gofumpt)
csmList := &csmv1.ContainerStorageModuleList{}
err = ctrlClient.List(ctx, csmList)
if err == nil && len(csmList.Items) > 0 {
log.Info("Found existing csm installations. Proceeding to onboard them to Apex Navigator for Kubernetes")
BrownfieldCR := "brownfield-onboard.yaml"

brownfieldManifestFilePath := fmt.Sprintf("%s/clientconfig/%s/%s/%s", operatorConfig.ConfigDirectory, csmv1.DreadnoughtClient, cr.Spec.Client.ConfigVersion, BrownfieldCR)
if isDeleting {
if err = utils.BrownfieldOnboard(ctx, brownfieldManifestFilePath, cr, ctrlClient, true); err != nil {
log.Error(err, "brownfield cluster onboarding failed")
}
} else {
if err = utils.BrownfieldOnboard(ctx, brownfieldManifestFilePath, cr, ctrlClient, false); err != nil {
log.Error(err, "brownfield cluster onboarding failed")
}
}
}
return nil
}

Expand Down
54 changes: 54 additions & 0 deletions controllers/csm_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,14 @@
if csm.IsBeingDeleted() {
log.Infow("Delete request", "csm", req.Namespace, "Name", req.Name)

//remove role/rolebinding from the csm object namespace

Check failure on line 275 in controllers/csm_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

File is not `gofumpt`-ed (gofumpt)
err := r.SyncRbac(ctx, *csm, *operatorConfig, r.Client)
if err != nil {
r.EventRecorder.Event(csm, corev1.EventTypeWarning, csmv1.EventDeleted, fmt.Sprintf("Failed to sync rbac: %s", err))
log.Errorw("sync rbac", "error", err.Error())
return ctrl.Result{}, fmt.Errorf("error when syncing rbac: %v", err)
}

// check for force cleanup
if csm.Spec.Driver.ForceRemoveDriver {
// remove all resources deployed from CR by operator
Expand Down Expand Up @@ -879,6 +887,26 @@
}

}
//If dell connectivity client is deployed, create role/rolebindings in the csm namespaces

Check failure on line 890 in controllers/csm_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

File is not `gofumpt`-ed (gofumpt)
list := &csmv1.ApexConnectivityClientList{}
if err := ctrlClient.List(ctx, list); err != nil {
log.Info("dell connectivity client not found")
return nil
} else if len(list.Items) <= 0 {
log.Info("dell connectivity client not found")
return nil
} else {

Check warning on line 898 in controllers/csm_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

indent-error-flow: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) (revive)
log.Info("dell connectivity client found")
cr := new(csmv1.ApexConnectivityClient)
BrownfieldCR := "brownfield-onboard.yaml"
configVersion1 := list.Items[0].Spec.Client.ConfigVersion
brownfieldManifestFilePath := fmt.Sprintf("%s/clientconfig/%s/%s/%s", operatorConfig.ConfigDirectory, csmv1.DreadnoughtClient, configVersion1, BrownfieldCR)

if err = utils.BrownfieldOnboard(ctx, brownfieldManifestFilePath, *cr, ctrlClient, false); err != nil {
log.Error(err, "error creating role/rolebindings to newly discovered csm namespace")
return err
}
}
return nil
}

Expand Down Expand Up @@ -1419,6 +1447,32 @@
return false
}

// SyncRbac - Delete the role/rolebindings in the csm namespaces
func (r *ContainerStorageModuleReconciler) SyncRbac(ctx context.Context, cr csmv1.ContainerStorageModule, operatorConfig utils.OperatorConfig, ctrlClient client.Client) error {

Check warning on line 1451 in controllers/csm_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

unused-parameter: parameter 'cr' seems to be unused, consider removing or renaming it as _ (revive)
log := logger.GetLogger(ctx)
//If dell connectivity client is deployed, create role/rolebindings in the csm namespaces

Check failure on line 1453 in controllers/csm_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

File is not `gofumpt`-ed (gofumpt)
list := &csmv1.ApexConnectivityClientList{}
if err := ctrlClient.List(ctx, list); err != nil {
log.Info("dell connectivity client not found")
return nil
} else if len(list.Items) <= 0 {
log.Info("dell connectivity client not found")
return nil
} else {

Check warning on line 1461 in controllers/csm_controller.go

View workflow job for this annotation

GitHub Actions / golangci-lint

indent-error-flow: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) (revive)
log.Info("dell connectivity client found")
cr := new(csmv1.ApexConnectivityClient)
BrownfieldCR := "brownfield-onboard.yaml"
configVersion1 := list.Items[0].Spec.Client.ConfigVersion
brownfieldManifestFilePath := fmt.Sprintf("%s/clientconfig/%s/%s/%s", operatorConfig.ConfigDirectory, csmv1.DreadnoughtClient, configVersion1, BrownfieldCR)

if err = utils.BrownfieldOnboard(ctx, brownfieldManifestFilePath, *cr, ctrlClient, true); err != nil {
log.Error(err, "error deleting role/rolebindings to newly discovered csm namespace")
return err
}
}
return nil
}

// GetClient - returns the split client
func (r *ContainerStorageModuleReconciler) GetClient() client.Client {
return r.Client
Expand Down
52 changes: 51 additions & 1 deletion pkg/utils/utils.go
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,10 @@
PodmonNodeComponent = "podmon-node"
// ApplicationMobilityNamespace - application-mobility
ApplicationMobilityNamespace = "application-mobility"
// ExistingNamespace - BrownfieldNamespace
ExistingNamespace = "<ExistingNameSpace>"
// ClientNamespace - acc-client-namespace
ClientNamespace = "<ClientNameSpace>"
)

// SplitYaml divides a big bytes of yaml files in individual yaml files.
Expand Down Expand Up @@ -1202,7 +1206,8 @@
return upgradePath.MinUpgradePath, nil
}

func getNamespaces(ctx context.Context, ctrlClient crclient.Client) ([]string, error) {
// GetNamespaces - get all namespaces
func GetNamespaces(ctx context.Context, ctrlClient crclient.Client) ([]string, error) {
// Set to store unique namespaces
namespaceMap := make(map[string]struct{})

Expand All @@ -1223,3 +1228,48 @@

return namespaces, nil
}

// BrownfieldOnboard - brownfield onboarding
func BrownfieldOnboard(ctx context.Context, path string, cr csmv1.ApexConnectivityClient, ctrlClient crclient.Client, isDeleting bool) error {
log := logger.GetLogger(ctx)

namespace, err := GetNamespaces(ctx, ctrlClient)
if err != nil {
log.Error(err, "Failed to get namespaces")
return err
}

buf, err := os.ReadFile(filepath.Clean(path))
if err != nil {
log.Error(err, "Failed to read manifest file")
return err
}

yamlFile := string(buf)

for _, ns := range namespace {

yamlFile := strings.ReplaceAll(yamlFile, ExistingNamespace, ns)
yamlFile = strings.ReplaceAll(yamlFile, ClientNamespace, cr.Namespace)

deployObjects, err := GetModuleComponentObj([]byte(yamlFile))
if err != nil {
return err
}

for _, ctrlObj := range deployObjects {
if isDeleting {
err := DeleteObject(ctx, ctrlObj, ctrlClient)
if err != nil {
return err
}
} else {
err := ApplyObject(ctx, ctrlObj, ctrlClient)
if err != nil {
return err
}
}
}
}
return nil
}

Check failure on line 1275 in pkg/utils/utils.go

View workflow job for this annotation

GitHub Actions / golangci-lint

File is not `gofumpt`-ed (gofumpt)
Loading