removing vault part / splitting users into their own crd

Author: raffis

api/v1beta1/database_types.go

@@ -0,0 +1,80 @@
+package v1beta1
+
+import (
+	apimeta "k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// Status conditions
+const (
+	ProvisionedCondition = "Provisioned"
+)
+
+// Status reasons
+const (
+	SecretNotFoundReason                = "SecretNotFoundFailed"
+	ConnectionFailedReason              = "ConnectionFailed"
+	DatabaseProvisioningFailedReason    = "DatabaseProvisioningFailed"
+	DatabaseProvisiningSuccessfulReason = "DatabaseProvisiningSuccessful"
+	DatabaseNotFoundReason              = "DatabaseNotFoundReason"
+	UserNotProvisionedReason            = "UserNotProvisioned"
+	UserProvisioningSuccessfulReason    = "UserProvisioningSuccessful"
+	CredentialsNotFoundReason           = "CredentialsNotFound"
+)
+
+// DatabaseSpec defines the desired state of MongoDBDatabase
+type DatabaseSpec struct {
+	// The name of the database, if not set the name is taken from metadata.name
+	// +optional
+	DatabaseName string `json:"databaseName"`
+
+	// The MongoDB URI
+	// +required
+	Address string `json:"address"`
+
+	// +required
+	RootSecret *SecretReference `json:"rootSecret"`
+}
+
+type DatabaseReference struct {
+	Name string `json:"name"`
+}
+
+type SecretReference struct {
+	// +required
+	Name string `json:"name"`
+
+	// +optional
+	UserField string `json:"userField"`
+
+	// +required
+	PasswordField string `json:"passwordField"`
+}
+
+// ConditionalResource is a resource with conditions
+type conditionalResource interface {
+	GetStatusConditions() *[]metav1.Condition
+}
+
+func NotProvisioned(in conditionalResource, reason, message string) {
+	setResourceCondition(in, ProvisionedCondition, metav1.ConditionFalse, reason, message)
+}
+
+func Provisioned(in conditionalResource, reason, message string) {
+	setResourceCondition(in, ProvisionedCondition, metav1.ConditionTrue, reason, message)
+}
+
+// setResourceCondition sets the given condition with the given status,
+// reason and message on a resource.
+func setResourceCondition(resource conditionalResource, condition string, status metav1.ConditionStatus, reason, message string) {
+	conditions := resource.GetStatusConditions()
+
+	newCondition := metav1.Condition{
+		Type:    condition,
+		Status:  status,
+		Reason:  reason,
+		Message: message,
+	}
+
+	apimeta.SetStatusCondition(conditions, newCondition)
+}

api/v1beta1/mongodbdatabase_types.go

@@ -17,7 +17,6 @@ limitations under the License.
 package v1beta1
 
 import (
-	"errors"
 	"github.com/doodlescheduling/kubedb/common/stringutils"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -33,37 +32,22 @@ const (
 	MongoSQLDatabaseControllerFinalizer = "infra.finalizers.doodle.com"
 )
 
-type MongoDBDatabaseRootSecretLookup struct {
-	Name      string `json:"name"`
-	Namespace string `json:"namespace"`
-	Field     string `json:"field"`
-}
-
-type MongoDBDatabaseCredentials []MongoDBDatabaseCredential
-type MongoDBDatabaseCredential struct {
-	UserName string `json:"username"`
-	Vault    Vault  `json:"vault"`
-}
-
 // MongoDBDatabaseSpec defines the desired state of MongoDBDatabase
-// IMPORTANT: Run "make" to regenerate code after modifying this file
 type MongoDBDatabaseSpec struct {
-	DatabaseName string `json:"databaseName"`
-	HostName     string `json:"hostName"`
-	// +optional
-	RootUsername string `json:"rootUsername"`
-	// +optional
-	RootAuthenticationDatabase string                          `json:"rootAuthDatabase"`
-	RootSecretLookup           MongoDBDatabaseRootSecretLookup `json:"rootSecretLookup"`
-	Credentials                MongoDBDatabaseCredentials      `json:"credentials"`
+	*DatabaseSpec `json:",inline"`
+}
+
+// GetStatusConditions returns a pointer to the Status.Conditions slice
+func (in *MongoDBDatabase) GetStatusConditions() *[]metav1.Condition {
+	return &in.Status.Conditions
 }
 
 // MongoDBDatabaseStatus defines the observed state of MongoDBDatabase
 // IMPORTANT: Run "make" to regenerate code after modifying this file
 type MongoDBDatabaseStatus struct {
-	DatabaseStatus    DatabaseStatus    `json:"database"`
-	CredentialsStatus CredentialsStatus `json:"credentials"`
-	LastUpdateTime    *metav1.Time      `json:"lastUpdateTime"`
+	// Conditions holds the conditions for the VaultBinding.
+	// +optional
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }
 
 // +kubebuilder:object:root=true
@@ -87,34 +71,6 @@ type MongoDBDatabaseList struct {
 	Items           []MongoDBDatabase `json:"items"`
 }
 
-/*
-	Alignes credentials status with spec by removing unneeded statuses. Mutates the original.
-	Returns removed statuses.
-*/
-func (d *MongoDBDatabase) RemoveUnneededCredentialsStatus() *CredentialsStatus {
-	removedStatuses := make(CredentialsStatus, 0)
-	statuses := &d.Status.CredentialsStatus
-	for i := 0; i < len(*statuses); i++ {
-		status := (*statuses)[i]
-		found := false
-		if status != nil {
-			for _, credential := range d.Spec.Credentials {
-				if credential.UserName == status.Username {
-					found = true
-				}
-			}
-		}
-		if !found {
-			removedStatuses = append(removedStatuses, status)
-			s := append((*statuses)[:i], (*statuses)[i+1:]...)
-			statuses = &s
-			i--
-		}
-	}
-	d.Status.CredentialsStatus = *statuses
-	return &removedStatuses
-}
-
 /*
 	If object doesn't contain finalizer, set it and call update function 'updateF'.
 	Only do this if object is not being deleted (judged by DeletionTimestamp being zero)
@@ -147,7 +103,7 @@ func (d *MongoDBDatabase) Finalize(updateF func() error, finalizeF func() error)
 	return true, nil
 }
 
-func (d *MongoDBDatabase) SetDefaults() error {
+/*func (d *MongoDBDatabase) SetDefaults() error {
 	if d.Spec.RootUsername == "" {
 		d.Spec.RootUsername = DEFAULT_MONGODB_ROOT_USER
 	}
@@ -167,7 +123,7 @@ func (d *MongoDBDatabase) SetDefaults() error {
 		d.Status.CredentialsStatus = make([]*CredentialStatus, 0)
 	}
 	return nil
-}
+}*/
 
 func init() {
 	SchemeBuilder.Register(&MongoDBDatabase{}, &MongoDBDatabaseList{})

api/v1beta1/mongodbuser_type.go

@@ -0,0 +1,97 @@
+/*
+
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	"github.com/doodlescheduling/kubedb/common/stringutils"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+type MongoDBUserSpec struct {
+	Database    *DatabaseReference `json:"database"`
+	Credentials *SecretReference   `json:"credentials"`
+}
+
+// GetStatusConditions returns a pointer to the Status.Conditions slice
+func (in *MongoDBUser) GetStatusConditions() *[]metav1.Condition {
+	return &in.Status.Conditions
+}
+
+// MongoDBUserStatus defines the observed state of MongoDBUser
+// IMPORTANT: Run "make" to regenerate code after modifying this file
+type MongoDBUserStatus struct {
+	// Conditions holds the conditions for the VaultBinding.
+	// +optional
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+
+// MongoDBUser is the Schema for the mongodbs API
+type MongoDBUser struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   MongoDBUserSpec   `json:"spec,omitempty"`
+	Status MongoDBUserStatus `json:"status,omitempty"`
+}
+
+// +kubebuilder:object:root=true
+
+// MongoDBUserList contains a list of MongoDBUser
+type MongoDBUserList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []MongoDBUser `json:"items"`
+}
+
+/*
+	If object doesn't contain finalizer, set it and call update function 'updateF'.
+	Only do this if object is not being deleted (judged by DeletionTimestamp being zero)
+*/
+func (d *MongoDBUser) SetFinalizer(updateF func() error) error {
+	if !d.ObjectMeta.DeletionTimestamp.IsZero() {
+		return nil
+	}
+	if !stringutils.ContainsString(d.ObjectMeta.Finalizers, MongoSQLDatabaseControllerFinalizer) {
+		d.ObjectMeta.Finalizers = append(d.ObjectMeta.Finalizers, MongoSQLDatabaseControllerFinalizer)
+		return updateF()
+	}
+	return nil
+}
+
+/*
+	Finalize object if deletion timestamp is not zero (i.e. object is being deleted).
+	Call finalize function 'finalizeF', which should handle finalization logic.
+	Remove finalizer from the object (so that object can be deleted), and update by calling update function 'updateF'.
+*/
+func (d *MongoDBUser) Finalize(updateF func() error, finalizeF func() error) (bool, error) {
+	if d.ObjectMeta.DeletionTimestamp.IsZero() {
+		return false, nil
+	}
+	if stringutils.ContainsString(d.ObjectMeta.Finalizers, MongoSQLDatabaseControllerFinalizer) {
+		_ = finalizeF()
+		d.ObjectMeta.Finalizers = stringutils.RemoveString(d.ObjectMeta.Finalizers, MongoSQLDatabaseControllerFinalizer)
+		return true, updateF()
+	}
+	return true, nil
+}
+
+func init() {
+	SchemeBuilder.Register(&MongoDBUser{}, &MongoDBUserList{})
+}

api/v1beta1/postgresqldatabase_types.go

@@ -17,7 +17,6 @@ limitations under the License.
 package v1beta1
 
 import (
-	"errors"
 	"github.com/doodlescheduling/kubedb/common/stringutils"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -33,37 +32,22 @@ const (
 	PostgreSQLDatabaseControllerFinalizer = "infra.finalizers.doodle.com"
 )
 
-type PostgreSQLDatabaseRootSecretLookup struct {
-	Name      string `json:"name"`
-	Namespace string `json:"namespace"`
-	Field     string `json:"field"`
-}
-
-type PostgreSQLDatabaseCredentials []PostgreSQLDatabaseCredential
-type PostgreSQLDatabaseCredential struct {
-	UserName string `json:"username"`
-	Vault    Vault  `json:"vault"`
-}
-
 // PostgreSQLDatabaseSpec defines the desired state of PostgreSQLDatabase
-// IMPORTANT: Run "make" to regenerate code after modifying this file
 type PostgreSQLDatabaseSpec struct {
-	DatabaseName string `json:"databaseName"`
-	HostName     string `json:"hostName"`
-	// +optional
-	RootUsername string `json:"rootUsername"`
-	// +optional
-	RootAuthenticationDatabase string                             `json:"rootAuthDatabase"`
-	RootSecretLookup           PostgreSQLDatabaseRootSecretLookup `json:"rootSecretLookup"`
-	Credentials                PostgreSQLDatabaseCredentials      `json:"credentials"`
+	*DatabaseSpec `json:",inline"`
+}
+
+// GetStatusConditions returns a pointer to the Status.Conditions slice
+func (in *PostgreSQLDatabase) GetStatusConditions() *[]metav1.Condition {
+	return &in.Status.Conditions
 }
 
 // PostgreSQLDatabaseStatus defines the observed state of PostgreSQLDatabase
 // IMPORTANT: Run "make" to regenerate code after modifying this file
 type PostgreSQLDatabaseStatus struct {
-	DatabaseStatus    DatabaseStatus    `json:"database"`
-	CredentialsStatus CredentialsStatus `json:"credentials"`
-	LastUpdateTime    *metav1.Time      `json:"lastUpdateTime"`
+	// Conditions holds the conditions for the VaultBinding.
+	// +optional
+	Conditions []metav1.Condition `json:"conditions,omitempty"`
 }
 
 // +kubebuilder:object:root=true
@@ -87,34 +71,6 @@ type PostgreSQLDatabaseList struct {
 	Items           []PostgreSQLDatabase `json:"items"`
 }
 
-/*
-	Alignes credentials status with spec by removing unneeded statuses. Mutates the original.
-	Returns removed statuses.
-*/
-func (d *PostgreSQLDatabase) RemoveUnneededCredentialsStatus() *CredentialsStatus {
-	removedStatuses := make(CredentialsStatus, 0)
-	statuses := &d.Status.CredentialsStatus
-	for i := 0; i < len(*statuses); i++ {
-		status := (*statuses)[i]
-		found := false
-		if status != nil {
-			for _, credential := range d.Spec.Credentials {
-				if credential.UserName == status.Username {
-					found = true
-				}
-			}
-		}
-		if !found {
-			removedStatuses = append(removedStatuses, status)
-			s := append((*statuses)[:i], (*statuses)[i+1:]...)
-			statuses = &s
-			i--
-		}
-	}
-	d.Status.CredentialsStatus = *statuses
-	return &removedStatuses
-}
-
 /*
 	If object doesn't contain finalizer, set it and call update function 'updateF'.
 	Only do this if object is not being deleted (judged by DeletionTimestamp being zero)
@@ -147,7 +103,7 @@ func (d *PostgreSQLDatabase) Finalize(updateF func() error, finalizeF func() err
 	return true, nil
 }
 
-func (d *PostgreSQLDatabase) SetDefaults() error {
+/*func (d *PostgreSQLDatabase) SetDefaults() error {
 	if d.Spec.RootUsername == "" {
 		d.Spec.RootUsername = DEFAULT_POSTGRESQL_ROOT_USER
 	}
@@ -167,7 +123,7 @@ func (d *PostgreSQLDatabase) SetDefaults() error {
 		d.Status.CredentialsStatus = make([]*CredentialStatus, 0)
 	}
 	return nil
-}
+}*/
 
 func init() {
 	SchemeBuilder.Register(&PostgreSQLDatabase{}, &PostgreSQLDatabaseList{})