diff --git a/api/v1alpha1/nats_account_types.go b/api/v1alpha1/nats_account_types.go index 82c368f..f3a104f 100644 --- a/api/v1alpha1/nats_account_types.go +++ b/api/v1alpha1/nats_account_types.go @@ -18,6 +18,14 @@ const ( AccountPhaseFailed AccountPhase = "Failed" ) +// NatsAccountReference is a reference to a NatsAccount +type NatsAccountReference struct { + // Name is the name of the account. + Name string `json:"name"` + // Namespace is the namespace of the account. + Namespace string `json:"namespace,omitempty"` +} + // ExportType defines the type of import/export. type ExportType int diff --git a/api/v1alpha1/nats_config_types.go b/api/v1alpha1/nats_config_types.go index 3c5237e..a2f4463 100644 --- a/api/v1alpha1/nats_config_types.go +++ b/api/v1alpha1/nats_config_types.go @@ -7,14 +7,20 @@ import ( type ConfigPhase string const ( - ConfigPhaseNone ConfigPhase = "" - ConfigPhaseCreating ConfigPhase = "Creating" - ConfigPhaseActive ConfigPhase = "Active" - ConfigPhaseFailed ConfigPhase = "Failed" + ConfigPhaseNone ConfigPhase = "" + ConfigPhasePending ConfigPhase = "Pending" + ConfigPhaseCreating ConfigPhase = "Creating" + ConfigPhaseSynchronized ConfigPhase = "Synchronized" + ConfigPhaseFailed ConfigPhase = "Failed" ) // NatsConfigSpec defines the desired state of NatsConfig -type NatsConfigSpec struct{} +type NatsConfigSpec struct { + // OperatorRef is a reference to the operator that is managing the config. + OperatorRef NatsOperatorReference `json:"operatorRef,omitempty"` + // SystemAccountRef is a reference to the system account. + SystemAccountRef NatsAccountReference `json:"systemAccountRef,omitempty"` +} // NatsConfigStatus defines the observed state of NatsConfig type NatsConfigStatus struct { diff --git a/api/v1alpha1/nats_operator_types.go b/api/v1alpha1/nats_operator_types.go index 6bb9b21..efba8e7 100644 --- a/api/v1alpha1/nats_operator_types.go +++ b/api/v1alpha1/nats_operator_types.go @@ -18,6 +18,13 @@ const ( OperatorPhaseFailed OperatorPhase = "Failed" ) +// OperatorReference is a reference to an operator. +type NatsOperatorReference struct { + // Name is the name of the operator. + Name string `json:"name"` + // Namespace is the namespace of the operator. + Namespace string `json:"namespace,omitempty"` +} type NatsOperatorSpec struct { // PrivateKey is a reference to a secret that contains the private key PrivateKey NatsPrivateKeyReference `json:"privateKey,omitempty"` diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index dafd934..c79af2f 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -131,6 +131,21 @@ func (in *NatsAccountList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NatsAccountReference) DeepCopyInto(out *NatsAccountReference) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NatsAccountReference. +func (in *NatsAccountReference) DeepCopy() *NatsAccountReference { + if in == nil { + return nil + } + out := new(NatsAccountReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NatsAccountSpec) DeepCopyInto(out *NatsAccountSpec) { *out = *in @@ -269,6 +284,8 @@ func (in *NatsConfigList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NatsConfigSpec) DeepCopyInto(out *NatsConfigSpec) { *out = *in + out.OperatorRef = in.OperatorRef + out.SystemAccountRef = in.SystemAccountRef } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NatsConfigSpec. @@ -453,6 +470,21 @@ func (in *NatsOperatorList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NatsOperatorReference) DeepCopyInto(out *NatsOperatorReference) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NatsOperatorReference. +func (in *NatsOperatorReference) DeepCopy() *NatsOperatorReference { + if in == nil { + return nil + } + out := new(NatsOperatorReference) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NatsOperatorSpec) DeepCopyInto(out *NatsOperatorSpec) { *out = *in diff --git a/cmd/operator/main.go b/cmd/operator/main.go index b2e92de..1fb7ef3 100644 --- a/cmd/operator/main.go +++ b/cmd/operator/main.go @@ -143,6 +143,11 @@ func setupControllers(mgr ctrl.Manager) error { return err } + err = controllers.NewNatsConfigReconciler(mgr).SetupWithManager(mgr) + if err != nil { + return err + } + return nil } diff --git a/controllers/natsaccount_controller.go b/controllers/natsaccount_controller.go index 1af828e..444b809 100644 --- a/controllers/natsaccount_controller.go +++ b/controllers/natsaccount_controller.go @@ -182,6 +182,7 @@ func (r *NatsAccountReconciler) reconcileAccount(ctx context.Context, account *n return err } account.Status.JWT = jwt + account.Status.PublicKey = public if !controllerutil.ContainsFinalizer(account, natsv1alpha1.FinalizerName) { controllerutil.AddFinalizer(account, natsv1alpha1.FinalizerName) diff --git a/controllers/natsconfig_controller.go b/controllers/natsconfig_controller.go index 9a47d02..c908dc8 100644 --- a/controllers/natsconfig_controller.go +++ b/controllers/natsconfig_controller.go @@ -2,6 +2,7 @@ package controllers import ( "context" + "fmt" "math" "time" @@ -86,33 +87,61 @@ func (r *NatsConfigReconciler) reconcileDelete(ctx context.Context, obj *natsv1a } func (r *NatsConfigReconciler) reconcileResources(ctx context.Context, config *natsv1alpha1.NatsConfig) (ctrl.Result, error) { - if err := r.reconcileStatus(ctx, config); err != nil { + if err := r.reconcileConfig(ctx, config); err != nil { return r.ManageError(ctx, config, err) } - // if err := r.reconcileconfig(ctx, config); err != nil { - // return r.ManageError(ctx, config, err) - // } - return r.ManageSuccess(ctx, config) } func (r *NatsConfigReconciler) reconcileConfig(ctx context.Context, config *natsv1alpha1.NatsConfig) error { - // if !controllerutil.ContainsFinalizer(config, natsv1alpha1.FinalizerName) { - // controllerutil.AddFinalizer(config, natsv1alpha1.FinalizerName) - // } + cfg := &corev1.ConfigMap{} + cfgName := client.ObjectKey{ + Namespace: config.Namespace, + Name: config.Name, + } - // if !controllerutil.HasControllerReference(config) { - // if err := controllerutil.SetControllerReference(config, pk, r.Scheme); err != nil { - // return err - // } - // } + if err := r.Get(ctx, cfgName, cfg); !errors.IsNotFound(err) { + return err + } - return nil -} + operator := &natsv1alpha1.NatsOperator{} + operatorName := client.ObjectKey{ + Namespace: config.Namespace, + Name: config.Spec.OperatorRef.Name, + } + + if err := r.Get(ctx, operatorName, operator); err != nil { + return err + } + + systemAccount := &natsv1alpha1.NatsAccount{} + systemAccountName := client.ObjectKey{ + Namespace: config.Namespace, + Name: config.Spec.SystemAccountRef.Name, + } + + if err := r.Get(ctx, systemAccountName, systemAccount); err != nil { + return err + } + + cfg.Namespace = config.Namespace + cfg.Name = config.Name + cfg.Data = map[string]string{ + "auth.conf": fmt.Sprintf(AUTH_CONFIG_TEMPLATE, operator.Status.JWT, systemAccount.Status.PublicKey, systemAccount.Status.PublicKey, systemAccount.Status.JWT), + } + + _, err := controllerutil.CreateOrUpdate(ctx, r.Client, cfg, func() error { + if !controllerutil.HasControllerReference(cfg) { + if err := controllerutil.SetControllerReference(config, cfg, r.Scheme); err != nil { + return err + } + } + + return nil + }) -func (r *NatsConfigReconciler) reconcileStatus(ctx context.Context, config *natsv1alpha1.NatsConfig) error { - return nil + return err } // IsCreating ... @@ -122,14 +151,15 @@ func (r *NatsConfigReconciler) IsCreating(obj *natsv1alpha1.NatsConfig) bool { // IsSynchronized ... func (r *NatsConfigReconciler) IsSynchronized(obj *natsv1alpha1.NatsConfig) bool { - return obj.Status.Phase == natsv1alpha1.ConfigPhaseActive + return obj.Status.Phase == natsv1alpha1.ConfigPhaseSynchronized } // ManageError ... func (r *NatsConfigReconciler) ManageError(ctx context.Context, obj *natsv1alpha1.NatsConfig, err error) (ctrl.Result, error) { logger := log.FromContext(ctx) + logger.Error(err, "error reconciling config", "config", obj.Name) - logger.Error(err, "reconciliation failed", "config", obj) + obj.Status.Phase = natsv1alpha1.ConfigPhaseFailed status.SetNatzConfigCondition(obj, status.NewNatzConfigFailedCondition(obj, err)) @@ -153,6 +183,7 @@ func (r *NatsConfigReconciler) ManageSuccess(ctx context.Context, obj *natsv1alp return ctrl.Result{}, nil } + obj.Status.Phase = natsv1alpha1.ConfigPhaseSynchronized status.SetNatzConfigCondition(obj, status.NewNatzConfigSynchronizedCondition(obj)) if r.IsCreating(obj) { @@ -176,6 +207,6 @@ func (r *NatsConfigReconciler) ManageSuccess(ctx context.Context, obj *natsv1alp func (r *NatsConfigReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). For(&natsv1alpha1.NatsConfig{}). - Owns(&corev1.Secret{}). + Owns(&corev1.ConfigMap{}). Complete(r) } diff --git a/controllers/natsgateway_controller.go b/controllers/natsgateway_controller.go index f1ed888..e723391 100644 --- a/controllers/natsgateway_controller.go +++ b/controllers/natsgateway_controller.go @@ -10,7 +10,6 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" - "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/reconcile" natsv1alpha1 "github.com/zeiss/natz-operator/api/v1alpha1" @@ -45,8 +44,6 @@ func NewNatsGatewayReconciler(mgr ctrl.Manager) *NatsGatewayReconciler { // Reconcile ... func (r *NatsGatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - log := log.FromContext(ctx) - gateway := &natsv1alpha1.NatsGateway{} if err := r.Get(ctx, req.NamespacedName, gateway); err != nil { if errors.IsNotFound(err) { @@ -57,8 +54,6 @@ func (r *NatsGatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) } if !gateway.ObjectMeta.DeletionTimestamp.IsZero() { - log.Info("processing deletion of gateway") - if finalizers.HasFinalizer(gateway, natsv1alpha1.FinalizerName) { err := r.reconcileDelete(ctx, gateway) if err != nil { @@ -72,8 +67,6 @@ func (r *NatsGatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) // get latest version of the gateway if err := r.Get(ctx, req.NamespacedName, gateway); err != nil { - log.Error(err, "gateway not found", "gateway", req.NamespacedName) - return reconcile.Result{}, err } @@ -88,22 +81,15 @@ func (r *NatsGatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) } func (r *NatsGatewayReconciler) reconcileResources(ctx context.Context, req ctrl.Request, gateway *natsv1alpha1.NatsGateway) error { - log := log.FromContext(ctx) - - log.Info("reconcile resources", "name", gateway.Name, "namespace", gateway.Namespace) - if err := r.reconcileStatus(ctx, gateway); err != nil { - log.Error(err, "failed to reconcile status", "name", gateway.Name, "namespace", gateway.Namespace) return err } if err := r.reconcileGateway(ctx, req, gateway); err != nil { - log.Error(err, "failed to reconcile gateway", "name", gateway.Name, "namespace", gateway.Namespace) return err } if err := r.reconcileSecret(ctx, gateway); err != nil { - log.Error(err, "failed to reconcile secret", "name", gateway.Name, "namespace", gateway.Namespace) return err } @@ -111,11 +97,7 @@ func (r *NatsGatewayReconciler) reconcileResources(ctx context.Context, req ctrl } func (r *NatsGatewayReconciler) reconcileGateway(ctx context.Context, _ ctrl.Request, gateway *natsv1alpha1.NatsGateway) error { - log := log.FromContext(ctx) - - log.Info("reconcile status", "name", gateway.Name, "namespace", gateway.Namespace) - - op, err := controllerutil.CreateOrUpdate(ctx, r.Client, gateway, func() error { + _, err := controllerutil.CreateOrUpdate(ctx, r.Client, gateway, func() error { controllerutil.AddFinalizer(gateway, natsv1alpha1.FinalizerName) return nil @@ -124,18 +106,10 @@ func (r *NatsGatewayReconciler) reconcileGateway(ctx context.Context, _ ctrl.Req return err } - if op == controllerutil.OperationResultCreated || op == controllerutil.OperationResultUpdated { - log.Info("account created or updated", "operation", op) - } - return nil } func (r *NatsGatewayReconciler) reconcileSecret(ctx context.Context, gateway *natsv1alpha1.NatsGateway) error { - log := log.FromContext(ctx) - - log.Info("reconcile secret", "name", gateway.Name, "namespace", gateway.Namespace) - gatewaySecret := &corev1.Secret{} gatewaySecretName := client.ObjectKey{ Namespace: gateway.Namespace, @@ -147,25 +121,17 @@ func (r *NatsGatewayReconciler) reconcileSecret(ctx context.Context, gateway *na return err } - op, err := controllerutil.CreateOrUpdate(ctx, r.Client, gatewaySecret, func() error { + _, err := controllerutil.CreateOrUpdate(ctx, r.Client, gatewaySecret, func() error { return controllerutil.SetControllerReference(gateway, gatewaySecret, r.Scheme) }) if err != nil { return err } - if op == controllerutil.OperationResultCreated || op == controllerutil.OperationResultUpdated { - log.Info("secret created or updated", "operation", op) - } - return nil } func (r *NatsGatewayReconciler) reconcileStatus(ctx context.Context, gateway *natsv1alpha1.NatsGateway) error { - log := log.FromContext(ctx) - - log.Info("reconcile status", "name", gateway.Name, "namespace", gateway.Namespace) - phase := natsv1alpha1.GatewayPhaseNone if gateway.Status.Phase != phase { @@ -178,10 +144,6 @@ func (r *NatsGatewayReconciler) reconcileStatus(ctx context.Context, gateway *na } func (r *NatsGatewayReconciler) reconcileDelete(ctx context.Context, gateway *natsv1alpha1.NatsGateway) error { - log := log.FromContext(ctx) - - log.Info("reconcile delete gateway", "name", gateway.Name, "namespace", gateway.Namespace) - gateway.SetFinalizers(finalizers.RemoveFinalizer(gateway, natsv1alpha1.FinalizerName)) err := r.Update(ctx, gateway) if err != nil && !errors.IsNotFound(err) { diff --git a/controllers/natsoperator_controller.go b/controllers/natsoperator_controller.go index 6737323..d61a5e2 100644 --- a/controllers/natsoperator_controller.go +++ b/controllers/natsoperator_controller.go @@ -12,7 +12,6 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" - "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/predicate" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -66,10 +65,6 @@ func NewNatsOperatorReconciler(mgr ctrl.Manager) *NatsOperatorReconciler { // Reconcile ... // nolint:gocyclo func (r *NatsOperatorReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { - log := log.FromContext(ctx) - - log.Info("reconcile operator", "name", req.Name, "namespace", req.Namespace) - operator := &natsv1alpha1.NatsOperator{} if err := r.Get(ctx, req.NamespacedName, operator); err != nil { // Request object not found, could have been deleted after reconcile request. diff --git a/examples/config.yaml b/examples/config.yaml index eef7dd0..15e5e6a 100644 --- a/examples/config.yaml +++ b/examples/config.yaml @@ -3,3 +3,7 @@ kind: NatsConfig metadata: name: nats-default-config spec: + operatorRef: + name: natsoperator-sample + systemAccountRef: + name: natsoperator-system diff --git a/examples/values.yaml b/examples/values.yaml index cb2dc73..370c160 100644 --- a/examples/values.yaml +++ b/examples/values.yaml @@ -1,5 +1,3 @@ -namespaceOverride: "knative-eventing" - config: jetstream: enabled: true @@ -17,17 +15,16 @@ config: debug: true container: patch: - - op: add - path: "/volumeMounts/-" - value: - name: auth-config - mountPath: "/etc/custom-auth" + - op: add + path: "/volumeMounts/-" + value: + name: auth-config + mountPath: "/etc/custom-auth" statefulSet: patch: - - op: add - path: /spec/template/spec/volumes/- - value: - name: "auth-config" - secret: - defaultMode: 420 - secretName: "natsoperator-sample-server-config" \ No newline at end of file + - op: add + path: /spec/template/spec/volumes/- + value: + name: auth-config + configMap: + name: nats-default-config diff --git a/manifests/crd/bases/natz.zeiss.com_natsconfigs.yaml b/manifests/crd/bases/natz.zeiss.com_natsconfigs.yaml index c8f332c..6b3a5cd 100644 --- a/manifests/crd/bases/natz.zeiss.com_natsconfigs.yaml +++ b/manifests/crd/bases/natz.zeiss.com_natsconfigs.yaml @@ -37,6 +37,32 @@ spec: type: object spec: description: NatsConfigSpec defines the desired state of NatsConfig + properties: + operatorRef: + description: OperatorRef is a reference to the operator that is managing + the config. + properties: + name: + description: Name is the name of the operator. + type: string + namespace: + description: Namespace is the namespace of the operator. + type: string + required: + - name + type: object + systemAccountRef: + description: SystemAccountRef is a reference to the system account. + properties: + name: + description: Name is the name of the account. + type: string + namespace: + description: Namespace is the namespace of the account. + type: string + required: + - name + type: object type: object status: description: NatsConfigStatus defines the observed state of NatsConfig