creation of onboarding job be part seaprate ensure function

Signed-off-by: rchikatw <[email protected]>
red-hat-storage · Mar 21, 2024 · f61abcc · f61abcc
1 parent 6db2c5d
commit f61abcc
Show file tree

Hide file tree

Showing 5 changed files with 115 additions and 75 deletions.
diff --git a/controllers/storagecluster/onboarding_validation_keys_generator_job.go b/controllers/storagecluster/onboarding_validation_keys_generator_job.go
@@ -0,0 +1,111 @@
+package storagecluster
+
+import (
+	"fmt"
+	"os"
+
+	batchv1 "k8s.io/api/batch/v1"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/utils/ptr"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/reconcile"
+
+	ocsv1 "github.com/red-hat-storage/ocs-operator/api/v4/v1"
+	"github.com/red-hat-storage/ocs-operator/v4/controllers/util"
+	"k8s.io/klog/v2"
+	controllerutil "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+)
+
+const (
+	onboardingValidationKeysGeneratorImage   = "ONBOARDING_VALIDATION_KEYS_GENERATOR_IMAGE"
+	onboardingValidationKeysGeneratorJobName = "onboarding-validation-keys-generator"
+	onboardingValidationPublicKeySecretName  = "onboarding-ticket-key"
+)
+
+var onboardingJob = &batchv1.Job{
+	Spec: batchv1.JobSpec{
+		// Eligible to delete automatically when job finishes
+		TTLSecondsAfterFinished: ptr.To(int32(0)),
+		Template: corev1.PodTemplateSpec{
+			Spec: corev1.PodSpec{
+				RestartPolicy:      corev1.RestartPolicyOnFailure,
+				ServiceAccountName: onboardingValidationKeysGeneratorJobName,
+				Containers: []corev1.Container{
+					{
+						Name:    onboardingValidationKeysGeneratorJobName,
+						Image:   os.Getenv(onboardingValidationKeysGeneratorImage),
+						Command: []string{"/usr/local/bin/onboarding-validation-keys-gen"},
+						Env: []corev1.EnvVar{
+							{
+								Name:  util.OperatorNamespaceEnvVar,
+								Value: os.Getenv(util.OperatorNamespaceEnvVar),
+							},
+						},
+					},
+				},
+			},
+		},
+	},
+}
+
+type onboardingValidationKeysGeneratorJob struct{}
+
+var _ resourceManager = &onboardingValidationKeysGeneratorJob{}
+
+func (o *onboardingValidationKeysGeneratorJob) ensureCreated(r *StorageClusterReconciler, instance *ocsv1.StorageCluster) (reconcile.Result, error) {
+
+	if !instance.Spec.AllowRemoteStorageConsumers {
+		r.Log.Info("Spec.AllowRemoteStorageConsumers is disabled, skipping onboarding validation key generator job creation")
+		return reconcile.Result{}, nil
+	}
+
+	if res, err := o.createJob(r, instance); err != nil {
+		return reconcile.Result{}, err
+	} else if !res.IsZero() {
+		return res, nil
+	}
+
+	return reconcile.Result{}, nil
+}
+
+func (o *onboardingValidationKeysGeneratorJob) createJob(r *StorageClusterReconciler, instance *ocsv1.StorageCluster) (reconcile.Result, error) {
+	var err error
+	r.Log.Info("Spec.AllowRemoteStorageConsumers is enabled. Creating Onboarding validation key generator job")
+	if os.Getenv(onboardingValidationKeysGeneratorImage) == "" {
+		err = fmt.Errorf("OnboardingSecretGeneratorImage env var is not set")
+		r.Log.Error(err, "No value set for env variable")
+		return reconcile.Result{}, err
+	}
+	publicKeySecret := &corev1.Secret{}
+	publicKeySecret.Name = onboardingValidationPublicKeySecretName
+	actualSecret := &corev1.Secret{}
+	actualSecret.Namespace = instance.Namespace
+	// Creating the job only if public is not found
+	err = r.Client.Get(r.ctx, client.ObjectKeyFromObject(publicKeySecret), actualSecret)
+	if errors.IsNotFound(err) {
+		onboardingSecretGeneratorJob := onboardingJob.DeepCopy()
+		onboardingSecretGeneratorJob.Name = onboardingValidationKeysGeneratorJobName
+		onboardingSecretGeneratorJob.Namespace = instance.Namespace
+		_, err := controllerutil.CreateOrUpdate(r.ctx, r.Client, onboardingSecretGeneratorJob, nil)
+		if err != nil {
+			r.Log.Error(err, "failed to create onboarding validation key generator job")
+			return reconcile.Result{}, err
+		}
+
+	}
+	return reconcile.Result{}, nil
+}
+
+func (o *onboardingValidationKeysGeneratorJob) ensureDeleted(r *StorageClusterReconciler, instance *ocsv1.StorageCluster) (reconcile.Result, error) {
+	onboardingSecretGeneratorJob := &batchv1.Job{}
+	onboardingSecretGeneratorJob.Name = onboardingValidationKeysGeneratorJobName
+	onboardingSecretGeneratorJob.Namespace = instance.Namespace
+	err := r.Client.Delete(r.ctx, onboardingSecretGeneratorJob)
+	if err != nil && !errors.IsNotFound(err) {
+		klog.Infof("Failed to delete secret %s: %v", onboardingSecretGeneratorJob.Name, err)
+		return reconcile.Result{}, err
+	}
+
+	return reconcile.Result{}, nil
+}
diff --git a/controllers/storagecluster/provider_server.go b/controllers/storagecluster/provider_server.go
@@ -10,13 +10,10 @@ import (
 
 	"go.uber.org/multierr"
 	appsv1 "k8s.io/api/apps/v1"
-	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/intstr"
-	"k8s.io/utils/ptr"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
@@ -28,11 +25,8 @@ import (
 )
 
 const (
-	ocsProviderServerName                    = "ocs-provider-server"
-	providerAPIServerImage                   = "PROVIDER_API_SERVER_IMAGE"
-	onboardingValidationKeysGeneratorImage   = "ONBOARDING_VALIDATION_KEYS_GENERATOR_IMAGE"
-	onboardingValidationKeysGeneratorJobName = "onboarding-validation-keys-generator"
-	onboardingValidationPublicKeySecretName  = "onboarding-ticket-key"
+	providerAPIServerImage = "PROVIDER_API_SERVER_IMAGE"
+	ocsProviderServerName  = "ocs-provider-server"
 
 	ocsProviderServicePort     = int32(50051)
 	ocsProviderServiceNodePort = int32(31659)
@@ -70,12 +64,6 @@ func (o *ocsProviderServer) ensureCreated(r *StorageClusterReconciler, instance
 		return res, nil
 	}
 
-	if res, err := o.createJob(r, instance); err != nil {
-		return reconcile.Result{}, err
-	} else if !res.IsZero() {
-		return res, nil
-	}
-
 	return reconcile.Result{}, nil
 }
 
@@ -448,63 +436,3 @@ func RandomString(l int) string {
 
 	return string(bytes)
 }
-
-func getOnboardingJobObject(instance *ocsv1.StorageCluster) *batchv1.Job {
-
-	return &batchv1.Job{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      onboardingValidationKeysGeneratorJobName,
-			Namespace: instance.Namespace,
-		},
-		Spec: batchv1.JobSpec{
-			// Eligible to delete automatically when job finishes
-			TTLSecondsAfterFinished: ptr.To(int32(0)),
-			Template: corev1.PodTemplateSpec{
-				Spec: corev1.PodSpec{
-					RestartPolicy:      corev1.RestartPolicyOnFailure,
-					ServiceAccountName: onboardingValidationKeysGeneratorJobName,
-					Containers: []corev1.Container{
-						{
-							Name:    onboardingValidationKeysGeneratorJobName,
-							Image:   os.Getenv(onboardingValidationKeysGeneratorImage),
-							Command: []string{"/usr/local/bin/onboarding-validation-keys-gen"},
-							Env: []corev1.EnvVar{
-								{
-									Name:  util.OperatorNamespaceEnvVar,
-									Value: os.Getenv(util.OperatorNamespaceEnvVar),
-								},
-							},
-						},
-					},
-				},
-			},
-		},
-	}
-}
-
-func (o *ocsProviderServer) createJob(r *StorageClusterReconciler, instance *ocsv1.StorageCluster) (reconcile.Result, error) {
-	var err error
-	if os.Getenv(onboardingValidationKeysGeneratorImage) == "" {
-		err = fmt.Errorf("OnboardingSecretGeneratorImage env var is not set")
-		r.Log.Error(err, "No value set for env variable")
-
-		return reconcile.Result{}, err
-	}
-
-	actualSecret := &corev1.Secret{}
-	// Creating the job only if public is not found
-	err = r.Client.Get(context.Background(), types.NamespacedName{Name: onboardingValidationPublicKeySecretName,
-		Namespace: instance.Namespace}, actualSecret)
-
-	if errors.IsNotFound(err) {
-		onboardingSecretGeneratorJob := getOnboardingJobObject(instance)
-		err = r.Client.Create(context.Background(), onboardingSecretGeneratorJob)
-	}
-	if err != nil {
-		r.Log.Error(err, "failed to create/ensure secret")
-		return reconcile.Result{}, err
-	}
-
-	r.Log.Info("Job is running as desired")
-	return reconcile.Result{}, nil
-}
diff --git a/controllers/storagecluster/provider_server_test.go b/controllers/storagecluster/provider_server_test.go
@@ -322,7 +322,6 @@ func createSetupForOcsProviderTest(t *testing.T, allowRemoteStorageConsumers boo
 	}
 
 	os.Setenv(providerAPIServerImage, "fake-image")
-	os.Setenv(onboardingValidationKeysGeneratorImage, "fake-image")
 	os.Setenv(util.WatchNamespaceEnvVar, "openshift-storage")
 
 	return r, instance

diff --git a/controllers/storagecluster/reconcile.go b/controllers/storagecluster/reconcile.go
@@ -391,6 +391,7 @@ func (r *StorageClusterReconciler) reconcilePhases(
 			// preserve list order
 			objs = []resourceManager{
 				&ocsProviderServer{},
+				&onboardingValidationKeysGeneratorJob{},
 				&backingStorageClasses{},
 				&ocsTopologyMap{},
 				&ocsStorageQuota{},

diff --git a/controllers/storagecluster/uninstall_reconciler.go b/controllers/storagecluster/uninstall_reconciler.go
@@ -327,6 +327,7 @@ func (r *StorageClusterReconciler) deleteResources(sc *ocsv1.StorageCluster) (re
 	objs := []resourceManager{
 		&ocsExternalResources{},
 		&ocsProviderServer{},
+		&onboardingValidationKeysGeneratorJob{},
 		&ocsNoobaaSystem{},
 		&ocsCephRGWRoutes{},
 		&ocsCephObjectStoreUsers{},