From 058c4b043803bc93a6b7d2d6fe6046a8679f9b74 Mon Sep 17 00:00:00 2001 From: tengu-alt Date: Fri, 2 Feb 2024 10:53:41 +0200 Subject: [PATCH] tags immutability was implemented for redis and postgres & zookeper external changes handling was added --- .secrets.baseline | 8 ++++++-- apis/clusters/v1beta1/postgresql_webhook.go | 7 ++++++- apis/clusters/v1beta1/redis_webhook.go | 7 ++++++- apis/clusters/v1beta1/zookeeper_types.go | 2 +- apis/clusters/v1beta1/zookeeper_webhook.go | 20 +++++++++++++++---- .../samples/clusters_v1beta1_postgresql.yaml | 3 +++ config/samples/clusters_v1beta1_redis.yaml | 15 ++++++++------ .../samples/clusters_v1beta1_zookeeper.yaml | 7 ++++--- 8 files changed, 51 insertions(+), 18 deletions(-) diff --git a/.secrets.baseline b/.secrets.baseline index 13b3bc64f..de4dd6a77 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -75,6 +75,10 @@ { "path": "detect_secrets.filters.allowlist.is_line_allowlisted" }, + { + "path": "detect_secrets.filters.common.is_baseline_file", + "filename": ".secrets.baseline" + }, { "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies", "min_level": 2 @@ -377,7 +381,7 @@ "filename": "apis/clusters/v1beta1/redis_webhook.go", "hashed_secret": "bc1c5ae5fd4a238d86261f422e62c489de408c22", "is_verified": false, - "line_number": 340 + "line_number": 345 } ], "apis/clusters/v1beta1/zookeeper_types.go": [ @@ -1170,5 +1174,5 @@ } ] }, - "generated_at": "2024-01-31T10:27:15Z" + "generated_at": "2024-02-02T08:53:13Z" } diff --git a/apis/clusters/v1beta1/postgresql_webhook.go b/apis/clusters/v1beta1/postgresql_webhook.go index 82a3de23d..0fdab47ac 100644 --- a/apis/clusters/v1beta1/postgresql_webhook.go +++ b/apis/clusters/v1beta1/postgresql_webhook.go @@ -368,7 +368,12 @@ func (pgs *PgSpec) validateImmutableDCsFieldsUpdate(oldSpec PgSpec) error { return fmt.Errorf("cannot update immutable data centre fields: new spec: %v: old spec: %v", newDCImmutableFields, oldDCImmutableFields) } - err := newDC.validateImmutableCloudProviderSettingsUpdate(oldDC.CloudProviderSettings) + err := validateTagsUpdate(newDC.Tags, oldDC.Tags) + if err != nil { + return err + } + + err = newDC.validateImmutableCloudProviderSettingsUpdate(oldDC.CloudProviderSettings) if err != nil { return err } diff --git a/apis/clusters/v1beta1/redis_webhook.go b/apis/clusters/v1beta1/redis_webhook.go index d2984038d..fa9aec8a5 100644 --- a/apis/clusters/v1beta1/redis_webhook.go +++ b/apis/clusters/v1beta1/redis_webhook.go @@ -303,7 +303,12 @@ func (rs *RedisSpec) validateDCsUpdate(oldSpec RedisSpec) error { return fmt.Errorf("cannot update immutable data centre fields: new spec: %v: old spec: %v", newDCImmutableFields, oldDCImmutableFields) } - err := newDC.validateImmutableCloudProviderSettingsUpdate(oldDC.CloudProviderSettings) + err := validateTagsUpdate(newDC.Tags, oldDC.Tags) + if err != nil { + return err + } + + err = newDC.validateImmutableCloudProviderSettingsUpdate(oldDC.CloudProviderSettings) if err != nil { return err } diff --git a/apis/clusters/v1beta1/zookeeper_types.go b/apis/clusters/v1beta1/zookeeper_types.go index bef770ea4..c4bda24f2 100644 --- a/apis/clusters/v1beta1/zookeeper_types.go +++ b/apis/clusters/v1beta1/zookeeper_types.go @@ -123,7 +123,7 @@ func (zs *ZookeeperSpec) FromInstAPI(iZook *models.ZookeeperCluster) ZookeeperSp Cluster: Cluster{ Name: iZook.Name, Version: iZook.ZookeeperVersion, - Description: zs.Description, + Description: iZook.Description, PrivateNetworkCluster: iZook.PrivateNetworkCluster, SLATier: iZook.SLATier, TwoFactorDelete: zs.Cluster.TwoFactorDeleteFromInstAPI(iZook.TwoFactorDelete), diff --git a/apis/clusters/v1beta1/zookeeper_webhook.go b/apis/clusters/v1beta1/zookeeper_webhook.go index ad81d22e5..f2c64712b 100644 --- a/apis/clusters/v1beta1/zookeeper_webhook.go +++ b/apis/clusters/v1beta1/zookeeper_webhook.go @@ -112,15 +112,27 @@ func (zv *zookeeperValidator) ValidateCreate(ctx context.Context, obj runtime.Ob // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type func (zv *zookeeperValidator) ValidateUpdate(ctx context.Context, old runtime.Object, new runtime.Object) error { - z, ok := new.(*Zookeeper) + newZookeeper, ok := new.(*Zookeeper) if !ok { return fmt.Errorf("cannot assert object %v to zookeeper", new.GetObjectKind()) } + oldZookeeper, ok := old.(*Zookeeper) + if !ok { + return fmt.Errorf("cannot assert object %v to zookeeper", new.GetObjectKind()) + } + + zookeeperlog.Info("validate update", "name", newZookeeper.Name) - zookeeperlog.Info("validate update", "name", z.Name) + if newZookeeper.Status.ID == "" { + return zv.ValidateCreate(ctx, newZookeeper) + } + + if newZookeeper.Annotations[models.ExternalChangesAnnotation] == models.True { + return nil + } - if z.Status.ID == "" { - return zv.ValidateCreate(ctx, z) + if newZookeeper.Generation != oldZookeeper.Generation && !oldZookeeper.Spec.ClusterSettingsNeedUpdate(newZookeeper.Spec.Cluster) { + return fmt.Errorf("update is not allowed") } return nil diff --git a/config/samples/clusters_v1beta1_postgresql.yaml b/config/samples/clusters_v1beta1_postgresql.yaml index 6088616fa..4b78bdc61 100644 --- a/config/samples/clusters_v1beta1_postgresql.yaml +++ b/config/samples/clusters_v1beta1_postgresql.yaml @@ -21,6 +21,9 @@ spec: - replicationMode: "SYNCHRONOUS" interDataCentreReplication: - isPrimaryDataCentre: true +# tags: +# tag: "oneTag" +# tag2: "twoTags" # - region: "US_WEST_2" # network: "10.2.0.0/16" # cloudProvider: "AWS_VPC" diff --git a/config/samples/clusters_v1beta1_redis.yaml b/config/samples/clusters_v1beta1_redis.yaml index 811e06c3f..aeb40bab6 100644 --- a/config/samples/clusters_v1beta1_redis.yaml +++ b/config/samples/clusters_v1beta1_redis.yaml @@ -16,12 +16,12 @@ spec: passwordAndUserAuth: true privateNetworkCluster: false userRefs: - - name: redisuser-sample-1 - namespace: default - - name: redisuser-sample-2 - namespace: default - - name: redisuser-sample-3 - namespace: default +# - name: redisuser-sample-1 +# namespace: default +# - name: redisuser-sample-2 +# namespace: default +# - name: redisuser-sample-3 +# namespace: default # twoFactorDelete: # - email: "rostyslp@netapp.com" dataCentres: @@ -35,6 +35,9 @@ spec: masterNodes: 3 nodesNumber: 0 replicationFactor: 0 +# tags: +# tag: "oneTag" +# tag2: "twoTags" # privateLink: # - advertisedHostname: redis-sample-test.com # - region: "US_WEST_2" diff --git a/config/samples/clusters_v1beta1_zookeeper.yaml b/config/samples/clusters_v1beta1_zookeeper.yaml index 9e434cdc7..570d4582e 100644 --- a/config/samples/clusters_v1beta1_zookeeper.yaml +++ b/config/samples/clusters_v1beta1_zookeeper.yaml @@ -3,16 +3,17 @@ kind: Zookeeper metadata: name: zookeeper-sample spec: + name: "username-zookeeper" +# description: "some description" dataCentres: - clientToServerEncryption: false cloudProvider: "AWS_VPC" name: "MyTestDataCentre1" network: "10.0.0.0/16" -# nodeSize: "zookeeper-developer-t3.small-20" - nodeSize: "zookeeper-production-m5.large-60" + nodeSize: "zookeeper-developer-t3.small-20" +# nodeSize: "zookeeper-production-m5.large-60" nodesNumber: 3 region: "US_EAST_1" - name: "Username-zookeeper" privateNetworkCluster: false slaTier: "NON_PRODUCTION" version: "3.8.2"