Merge pull request #14 from DoodleScheduling/DK-2230

Some performance improvements DK-2230

Author: raffis

api/v1beta1/database_types.go

@@ -38,8 +38,8 @@ type DatabaseSpec struct {
 	DatabaseName string `json:"databaseName"`
 
 	// The connect URI
-	// +required
-	Address string `json:"address"`
+	// +optional
+	Address string `json:"address,omitempty"`
 
 	// Contains a credentials set of a user with enough permission to manage databases and user accounts
 	// +required
@@ -74,6 +74,9 @@ type SecretReference struct {
 
 type Role struct {
 	Name string `json:"name"`
+
+	// +optional
+	DB string `json:"db,omitempty"`
 }
 
 // Extension is a resource representing database extension

api/v1beta1/mongodbdatabase_types.go

@@ -24,6 +24,7 @@ import (
 // MongoDBDatabaseSpec defines the desired state of MongoDBDatabase
 type MongoDBDatabaseSpec struct {
 	*DatabaseSpec `json:",inline"`
+	AtlasGroupId  string `json:"atlasGroupId,omitempty"`
 }
 
 // GetStatusConditions returns a pointer to the Status.Conditions slice
@@ -57,6 +58,10 @@ type MongoDBDatabase struct {
 	Status MongoDBDatabaseStatus `json:"status,omitempty"`
 }
 
+func (in *MongoDBDatabase) GetAtlasGroupId() string {
+	return in.Spec.AtlasGroupId
+}
+
 func (in *MongoDBDatabase) GetAddress() string {
 	return in.Spec.Address
 }

api/v1beta1/mongodbuser_type.go

@@ -76,8 +76,12 @@ func (in *MongoDBUser) GetCredentials() *SecretReference {
 	return in.Spec.Credentials
 }
 
-func (in *MongoDBUser) GetRoles() *[]Role {
-	return in.Spec.Roles
+func (in *MongoDBUser) GetRoles() []Role {
+	if in.Spec.Roles == nil {
+		return []Role{}
+	}
+
+	return *in.Spec.Roles
 }
 
 // +kubebuilder:object:root=true

api/v1beta1/postgresqldatabase_types.go

@@ -57,6 +57,10 @@ type PostgreSQLDatabase struct {
 	Status PostgreSQLDatabaseStatus `json:"status,omitempty"`
 }
 
+func (in *PostgreSQLDatabase) GetAtlasGroupId() string {
+	return ""
+}
+
 func (in *PostgreSQLDatabase) GetAddress() string {
 	return in.Spec.Address
 }

api/v1beta1/postgresqluser_type.go

@@ -68,9 +68,9 @@ func (in *PostgreSQLUser) GetCredentials() *SecretReference {
 	return in.Spec.Credentials
 }
 
-func (in *PostgreSQLUser) GetRoles() *[]Role {
+func (in *PostgreSQLUser) GetRoles() []Role {
 	// NOOP
-	return nil
+	return []Role{}
 }
 
 // +kubebuilder:object:root=true

common/db/atlas.go

@@ -0,0 +1,136 @@
+package db
+
+import (
+	"context"
+	"errors"
+
+	"github.com/mongodb-forks/digest"
+	"go.mongodb.org/atlas/mongodbatlas"
+)
+
+type AtlasRepository struct {
+	atlas   *mongodbatlas.Client
+	groupId string
+}
+
+func NewAtlasRepository(ctx context.Context, groupId, publicKey, privateKey string) (Handler, error) {
+	t := digest.NewTransport(publicKey, privateKey)
+	tc, err := t.Client()
+	if err != nil {
+		return nil, err
+	}
+
+	return &AtlasRepository{
+		groupId: groupId,
+		atlas:   mongodbatlas.NewClient(tc),
+	}, nil
+}
+
+func (m *AtlasRepository) Close(ctx context.Context) error {
+	return nil
+}
+
+// CreateDatabaseIfNotExists is a dummy to apply to fulfill the contract,
+// we don't need to create the database on Atlas
+func (m *AtlasRepository) CreateDatabaseIfNotExists(ctx context.Context, database string) error {
+	return nil
+}
+
+func (m *AtlasRepository) SetupUser(ctx context.Context, database string, username string, password string, roles Roles) error {
+	doesUserExist, err := m.doesUserExist(ctx, database, username)
+	if err != nil {
+		return err
+	}
+
+	if !doesUserExist {
+		if err := m.createUser(context.Background(), database, username, password, roles); err != nil {
+			return err
+		}
+		if doesUserExistNow, err := m.doesUserExist(ctx, database, username); err != nil {
+			return err
+		} else if !doesUserExistNow {
+			return errors.New("user doesn't exist after create")
+		}
+	} else {
+		if err := m.updateUserPasswordAndRoles(ctx, database, username, password, roles); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (m *AtlasRepository) DropUser(ctx context.Context, database string, username string) error {
+	//not implemented
+	return errors.New("not yet supported")
+}
+
+func (m *AtlasRepository) EnableExtension(ctx context.Context, name string) error {
+	// NOOP
+	return nil
+}
+
+func (m *AtlasRepository) doesUserExist(ctx context.Context, database string, username string) (bool, error) {
+	_, _, err := m.atlas.DatabaseUsers.Get(ctx, database, m.groupId, username)
+	if err != nil {
+		return false, nil
+	}
+
+	return true, err
+}
+
+func (m *AtlasRepository) getRoles(database string, roles Roles) []mongodbatlas.Role {
+	// by default, assign readWrite role (backward compatibility)
+	if len(roles) == 0 {
+		return []mongodbatlas.Role{{
+			RoleName:     "readWrite",
+			DatabaseName: database,
+		}}
+	}
+
+	rs := make([]mongodbatlas.Role, 0)
+	for _, r := range roles {
+		db := r.DB
+		if db == "" {
+			db = database
+		}
+
+		rs = append(rs, mongodbatlas.Role{
+			RoleName:     r.Name,
+			DatabaseName: db,
+		})
+	}
+
+	return rs
+}
+
+func (m *AtlasRepository) createUser(ctx context.Context, database string, username string, password string, roles Roles) error {
+	user := &mongodbatlas.DatabaseUser{
+		Username:     username,
+		Password:     password,
+		DatabaseName: database,
+		Roles:        m.getRoles(database, roles),
+	}
+
+	_, _, err := m.atlas.DatabaseUsers.Create(ctx, m.groupId, user)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (m *AtlasRepository) updateUserPasswordAndRoles(ctx context.Context, database string, username string, password string, roles Roles) error {
+	user := &mongodbatlas.DatabaseUser{
+		Username: username,
+		Password: password,
+		Roles:    m.getRoles(database, roles),
+	}
+
+	_, _, err := m.atlas.DatabaseUsers.Update(ctx, m.groupId, username, user)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

common/db/db.go

@@ -0,0 +1,30 @@
+package db
+
+import (
+	"context"
+)
+
+type Roles []Role
+type Role struct {
+	Name string `json:"role" bson:"role"`
+	DB   string `json:"db" bson:"db"`
+}
+
+type Users []User
+type User struct {
+	User  string `json:"user" bson:"user"`
+	DB    string `json:"db" bson:"db"`
+	Roles Roles  `json:"roles" bson:"roles"`
+}
+
+// Invoke a database handler
+type Invoke func(ctx context.Context, uri, database, username, password string) (Handler, error)
+
+// Handler is a wrapper arround a certain database client
+type Handler interface {
+	Close(ctx context.Context) error
+	SetupUser(ctx context.Context, database string, username string, password string, roles Roles) error
+	DropUser(ctx context.Context, database string, username string) error
+	CreateDatabaseIfNotExists(ctx context.Context, database string) error
+	EnableExtension(ctx context.Context, name string) error
+}