Skip to content

Commit

Permalink
Merge pull request #2824 from openshift-cherrypick-robot/cherry-pick-…
Browse files Browse the repository at this point in the history
…2819-to-release-4.17

Bug 2314200:[release-4.17] Prevent noobaaccount creation in provider cluster
  • Loading branch information
openshift-merge-bot[bot] authored Sep 30, 2024
2 parents afaf9a4 + 6f3f6ec commit 535ef9d
Show file tree
Hide file tree
Showing 4 changed files with 55 additions and 14 deletions.
40 changes: 35 additions & 5 deletions controllers/storageconsumer/consumer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,12 @@ limitations under the License.
package controllers

import (
"context"
"testing"

noobaaApis "github.com/noobaa/noobaa-operator/v5/pkg/apis"
"github.com/noobaa/noobaa-operator/v5/pkg/apis/noobaa/v1alpha1"
configv1 "github.com/openshift/api/config/v1"
routev1 "github.com/openshift/api/route/v1"
v1 "github.com/red-hat-storage/ocs-operator/api/v4/v1"
ocsv1alpha1 "github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1"
Expand Down Expand Up @@ -59,12 +61,17 @@ func createFakeScheme(t *testing.T) *runtime.Scheme {
if err != nil {
assert.Fail(t, "failed to add nbapis scheme")
}
err = configv1.AddToScheme(scheme)
if err != nil {
assert.Fail(t, "failed to add configv1 scheme")
}

return scheme
}

func TestCephName(t *testing.T) {
var r StorageConsumerReconciler
ctx := context.TODO()
r.cephClientHealthChecker = &rookCephv1.CephClient{
ObjectMeta: metav1.ObjectMeta{
Name: "healthchecker",
Expand All @@ -75,12 +82,13 @@ func TestCephName(t *testing.T) {
}
scheme := createFakeScheme(t)
client := fake.NewClientBuilder().WithScheme(scheme).WithObjects(r.cephClientHealthChecker).Build()

r.Client = client
r.Scheme = scheme
r.Log = log.Log.WithName("controller_storagecluster_test")

r.storageConsumer = &ocsv1alpha1.StorageConsumer{
ObjectMeta: metav1.ObjectMeta{
Name: "provider",
},
Spec: ocsv1alpha1.StorageConsumerSpec{
Enable: true,
},
Expand Down Expand Up @@ -108,7 +116,7 @@ func TestCephName(t *testing.T) {
},
},
Client: ocsv1alpha1.ClientStatus{
ClusterID: "consumer",
ClusterID: "provider",
},
},
}
Expand All @@ -120,7 +128,17 @@ func TestCephName(t *testing.T) {
Phase: v1alpha1.NooBaaAccountPhaseReady,
},
}
_, err := r.reconcilePhases()
clusterVersionProvider := &configv1.ClusterVersion{
ObjectMeta: metav1.ObjectMeta{
Name: "version",
},
Spec: configv1.ClusterVersionSpec{
ClusterID: "12345",
},
}
err := client.Create(ctx, clusterVersionProvider)
assert.NoError(t, err)
_, err = r.reconcilePhases()
assert.NoError(t, err)

want := []*ocsv1alpha1.CephResourcesSpec{
Expand Down Expand Up @@ -150,6 +168,9 @@ func TestCephName(t *testing.T) {
r.Client = client

r.storageConsumer = &ocsv1alpha1.StorageConsumer{
ObjectMeta: metav1.ObjectMeta{
Name: "consumer",
},
Spec: ocsv1alpha1.StorageConsumerSpec{
Enable: true,
},
Expand Down Expand Up @@ -186,7 +207,16 @@ func TestCephName(t *testing.T) {
Phase: v1alpha1.NooBaaAccountPhaseRejected,
},
}

clusterVersionConsumer := &configv1.ClusterVersion{
ObjectMeta: metav1.ObjectMeta{
Name: "version",
},
Spec: configv1.ClusterVersionSpec{
ClusterID: "provider",
},
}
err = client.Create(ctx, clusterVersionConsumer)
assert.NoError(t, err)
_, err = r.reconcilePhases()
assert.NoError(t, err)

Expand Down
12 changes: 9 additions & 3 deletions controllers/storageconsumer/storageconsumer_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"encoding/hex"
"encoding/json"
"fmt"
"strings"

"github.com/go-logr/logr"
"github.com/red-hat-storage/ocs-operator/api/v4/v1alpha1"
Expand Down Expand Up @@ -153,9 +154,14 @@ func (r *StorageConsumerReconciler) reconcilePhases() (reconcile.Result, error)
if err := r.reconcileCephClientHealthChecker(); err != nil {
return reconcile.Result{}, err
}

if err := r.reconcileNoobaaAccount(); err != nil {
return reconcile.Result{}, err
// A provider cluster already has a NooBaa system and does not require a NooBaa account
// to connect to a remote cluster, unlike client clusters.
// A NooBaa account only needs to be created if the storage consumer is for a client cluster.
clusterID := util.GetClusterID(r.ctx, r.Client, &r.Log)
if clusterID != "" && !strings.Contains(r.storageConsumer.Name, clusterID) {
if err := r.reconcileNoobaaAccount(); err != nil {
return reconcile.Result{}, err
}
}

cephResourcesReady := true
Expand Down
11 changes: 8 additions & 3 deletions services/provider/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -437,6 +437,11 @@ func (s *OCSProviderServer) getExternalResources(ctx context.Context, consumerRe
noobaaOperatorSecret.Namespace = s.namespace

if err := s.client.Get(ctx, client.ObjectKeyFromObject(noobaaOperatorSecret), noobaaOperatorSecret); err != nil {
if kerrors.IsNotFound(err) {
// ignoring because it is a provider cluster and the noobaa secret does not exist
return extR, nil

}
return nil, fmt.Errorf("failed to get %s secret. %v", noobaaOperatorSecret.Name, err)
}

Expand All @@ -463,9 +468,9 @@ func (s *OCSProviderServer) getExternalResources(ctx context.Context, consumerRe
extR = append(extR, &pb.ExternalResource{
Name: "noobaa-remote-join-secret",
Kind: "Secret",
Data: mustMarshal(map[string][]byte{
"auth_token": authToken,
"mgmt_addr": []byte(noobaaMgmtAddress),
Data: mustMarshal(map[string]string{
"auth_token": string(authToken),
"mgmt_addr": noobaaMgmtAddress,
}),
})

Expand Down
6 changes: 3 additions & 3 deletions services/provider/server/server_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,9 +60,9 @@ var noobaaSpec = &nbv1.NooBaaSpec{
},
}

var joinSecret = map[string][]byte{
"auth_token": []byte("authToken"),
"mgmt_addr": []byte("noobaaMgmtAddress"),
var joinSecret = map[string]string{
"auth_token": "authToken",
"mgmt_addr": "noobaaMgmtAddress",
}

var ocsSubscriptionSpec = &opv1a1.SubscriptionSpec{
Expand Down

0 comments on commit 535ef9d

Please sign in to comment.