Postgresql garbage collector implementation.

Author: Tyrion85

api/v1beta1/status.go

@@ -48,13 +48,22 @@ func (s *CredentialStatus) SetCredentialsStatus(code StatusCode, message string)
 }
 
 type DatabaseStatus struct {
-	Status  StatusCode `json:"status"`
-	Message string     `json:"message"`
-	Name    string     `json:"name"`
-	Host    string     `json:"host"`
+	Status                     StatusCode             `json:"status"`
+	Message                    string                 `json:"message"`
+	Name                       string                 `json:"name"`
+	Host                       string                 `json:"host"`
+	RootUsername               string                 `json:"rootUsername"`
+	RootAuthenticationDatabase string                 `json:"rootAuthDatabase"`
+	RootSecretLookup           StatusRootSecretLookup `json:"rootSecretLookup"`
 }
 
-func (s *DatabaseStatus) SetDatabaseStatus(code StatusCode, message string, name string, host string) {
+type StatusRootSecretLookup struct {
+	Name      string `json:"name"`
+	Namespace string `json:"namespace"`
+	Field     string `json:"field"`
+}
+
+func (s *DatabaseStatus) SetDatabaseStatus(code StatusCode, message string, name string, host string) *DatabaseStatus {
 	s.Status = code
 	s.Message = message
 	if name != "" {
@@ -63,4 +72,24 @@ func (s *DatabaseStatus) SetDatabaseStatus(code StatusCode, message string, name
 	if host != "" {
 		s.Host = host
 	}
+	return s
+}
+
+func (s *DatabaseStatus) WithUsername(rootUsername string) *DatabaseStatus {
+	s.RootUsername = rootUsername
+	return s
+}
+
+func (s *DatabaseStatus) WithAuthDatabase(rootAuthenticationDatabase string) *DatabaseStatus {
+	s.RootAuthenticationDatabase = rootAuthenticationDatabase
+	return s
+}
+
+func (s *DatabaseStatus) WithRootSecretLookup(name string, namespace string, field string) *DatabaseStatus {
+	s.RootSecretLookup = StatusRootSecretLookup{
+		Name:      name,
+		Namespace: namespace,
+		Field:     field,
+	}
+	return s
 }

config/crd/bases/infra.doodle.com_mongodbs.yaml

@@ -120,12 +120,32 @@ spec:
                   type: string
                 name:
                   type: string
+                rootAuthDatabase:
+                  type: string
+                rootSecretLookup:
+                  properties:
+                    field:
+                      type: string
+                    name:
+                      type: string
+                    namespace:
+                      type: string
+                  required:
+                  - field
+                  - name
+                  - namespace
+                  type: object
+                rootUsername:
+                  type: string
                 status:
                   type: string
               required:
               - host
               - message
               - name
+              - rootAuthDatabase
+              - rootSecretLookup
+              - rootUsername
               - status
               type: object
             lastUpdateTime:

config/crd/bases/infra.doodle.com_postgresqls.yaml

@@ -120,12 +120,32 @@ spec:
                   type: string
                 name:
                   type: string
+                rootAuthDatabase:
+                  type: string
+                rootSecretLookup:
+                  properties:
+                    field:
+                      type: string
+                    name:
+                      type: string
+                    namespace:
+                      type: string
+                  required:
+                  - field
+                  - name
+                  - namespace
+                  type: object
+                rootUsername:
+                  type: string
                 status:
                   type: string
               required:
               - host
               - message
               - name
+              - rootAuthDatabase
+              - rootSecretLookup
+              - rootUsername
               - status
               type: object
             lastUpdateTime:

controllers/ControllerWrapper.go renamed to controllers/controller_wrapper.go

@@ -59,8 +59,6 @@ func (r *MongoDBReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
 		return ctrl.Result{}, errors.Wrap(err, "unable to fetch Mongodb")
 	}
 
-	log.Info("updating Mongodb status...")
-
 	s := make(infrav1beta1.CredentialsStatus, 0)
 	mongodb.Status.CredentialsStatus = s
 

controllers/mongodb_controller.go

@@ -48,6 +48,8 @@ func (r *PostgreSQLReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error)
 
 	// common controller functions
 	cw := NewControllerWrapper(*r, &ctx)
+	// garbage collector
+	gc := NewPostgreSQLGarbageCollector(r, cw, &log)
 
 	// get postgresql resource by namespaced name
 	var postgresql infrav1beta1.PostgreSQL
@@ -67,6 +69,11 @@ func (r *PostgreSQLReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error)
 		return r.updateAndReturn(&ctx, &postgresql, &log)
 	}
 
+	// Garbage Collection. If errors occur, log and proceed with reconciliation.
+	if err := gc.Clean(&postgresql); err != nil {
+		log.Info("Error while cleaning garbage", "error", err)
+	}
+
 	// get root database password from k8s secret
 	rootPassword, err := cw.GetRootPassword(postgresql.Spec.RootSecretLookup.Name, postgresql.Spec.RootSecretLookup.Namespace, postgresql.Spec.RootSecretLookup.Field)
 	if err != nil {
@@ -75,63 +82,41 @@ func (r *PostgreSQLReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error)
 		return r.updateAndReturn(&ctx, &postgresql, &log)
 	}
 
-	// - garbage collection
-	// if host is changed, drop credentials for old host. Keep database & data for now, until we figure out what we'll do with it
-	// TODO refactor to have a general garbage collector mechanism, instead of code throughout controller
-	if postgresql.Spec.HostName != postgresql.Status.DatabaseStatus.Host {
-		// we might not be able to login with these old credentials anymore
-		postgreSQLServerOld, err := r.ServerCache.Get(postgresql.Status.DatabaseStatus.Host, postgresql.Spec.RootUsername, rootPassword, postgresql.Spec.RootAuthenticationDatabase)
-		if err != nil {
-			// ignore the error for now
-		} else {
-			postgresql.Status.CredentialsStatus.ForEach(func(status *infrav1beta1.CredentialStatus) {
-				_ = postgreSQLServerOld.DropUser(status.Username, postgresql.Status.DatabaseStatus.Name)
-			})
-		}
-	}
-
 	// postgresql connection to spec host, cached
 	postgreSQLServer, err := r.ServerCache.Get(postgresql.Spec.HostName, postgresql.Spec.RootUsername, rootPassword, postgresql.Spec.RootAuthenticationDatabase)
 	if err != nil {
-		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, err.Error(), "", postgresql.Spec.HostName)
+		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, err.Error(), "", postgresql.Spec.HostName).
+			WithUsername(postgresql.Spec.RootUsername).
+			WithAuthDatabase(postgresql.Spec.RootAuthenticationDatabase).
+			WithRootSecretLookup(postgresql.Spec.RootSecretLookup.Name, postgresql.Spec.RootSecretLookup.Namespace, postgresql.Spec.RootSecretLookup.Field)
 		postgresql.Status.CredentialsStatus = make(infrav1beta1.CredentialsStatus, 0)
 		return r.updateAndReturn(&ctx, &postgresql, &log)
 	}
 	// vault connection, cached
 	vault, err := r.VaultCache.Get(postgresql.Spec.RootSecretLookup.Name)
 	if err != nil {
-		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, err.Error(), "", postgresql.Spec.HostName)
+		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, err.Error(), "", postgresql.Spec.HostName).
+			WithUsername(postgresql.Spec.RootUsername).
+			WithAuthDatabase(postgresql.Spec.RootAuthenticationDatabase).
+			WithRootSecretLookup(postgresql.Spec.RootSecretLookup.Name, postgresql.Spec.RootSecretLookup.Namespace, postgresql.Spec.RootSecretLookup.Field)
 		postgresql.Status.CredentialsStatus = make(infrav1beta1.CredentialsStatus, 0)
 		return r.updateAndReturn(&ctx, &postgresql, &log)
 	}
 
-	// - garbage collection
-	// TODO for now, disallow database renaming
-	if postgresql.Spec.DatabaseName != postgresql.Status.DatabaseStatus.Name && postgresql.Status.DatabaseStatus.Name != "" {
-		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, "Cannot change the name of the database.", "", postgresql.Spec.HostName)
-		postgresql.Status.CredentialsStatus = make(infrav1beta1.CredentialsStatus, 0)
-		r.ServerCache.Remove(postgresql.Spec.HostName)
-		return r.updateAndReturn(&ctx, &postgresql, &log)
-	}
-
 	// Setup database
 	if err := postgreSQLServer.CreateDatabaseIfNotExists(postgresql.Spec.DatabaseName); err != nil {
-		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, err.Error(), "", postgresql.Spec.HostName)
+		postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Unavailable, err.Error(), "", postgresql.Spec.HostName).
+			WithUsername(postgresql.Spec.RootUsername).
+			WithAuthDatabase(postgresql.Spec.RootAuthenticationDatabase).
+			WithRootSecretLookup(postgresql.Spec.RootSecretLookup.Name, postgresql.Spec.RootSecretLookup.Namespace, postgresql.Spec.RootSecretLookup.Field)
 		postgresql.Status.CredentialsStatus = make(infrav1beta1.CredentialsStatus, 0)
 		r.ServerCache.Remove(postgresql.Spec.HostName)
 		return r.updateAndReturn(&ctx, &postgresql, &log)
 	}
-	postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Available, "Database up.", postgresql.Spec.DatabaseName, postgresql.Spec.HostName)
-
-	// - garbage collection
-	// Delete all credentials if they exist, and are no longer required by spec
-	if postgresql.Spec.Credentials == nil {
-		postgresql.Status.CredentialsStatus.ForEach(func(status *infrav1beta1.CredentialStatus) {
-			_ = postgreSQLServer.DropUser(status.Username, postgresql.Status.DatabaseStatus.Name)
-		})
-		postgresql.Status.CredentialsStatus = make([]*infrav1beta1.CredentialStatus, 0)
-		return r.updateAndReturn(&ctx, &postgresql, &log)
-	}
+	postgresql.Status.DatabaseStatus.SetDatabaseStatus(infrav1beta1.Available, "Database up.", postgresql.Spec.DatabaseName, postgresql.Spec.HostName).
+		WithUsername(postgresql.Spec.RootUsername).
+		WithAuthDatabase(postgresql.Spec.RootAuthenticationDatabase).
+		WithRootSecretLookup(postgresql.Spec.RootSecretLookup.Name, postgresql.Spec.RootSecretLookup.Namespace, postgresql.Spec.RootSecretLookup.Field)
 
 	// setup credentials as per spec
 	for _, credential := range postgresql.Spec.Credentials {
@@ -155,12 +140,6 @@ func (r *PostgreSQLReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error)
 		}
 	}
 
-	// - garbage collection
-	// remove all statuses for credentials that are no longer required by spec, and delete users in database
-	postgresql.RemoveUnneededCredentialsStatus().ForEach(func(status *infrav1beta1.CredentialStatus) {
-		_ = postgreSQLServer.DropUser(status.Username, postgresql.Status.DatabaseStatus.Name)
-	})
-
 	return r.updateAndReturn(&ctx, &postgresql, &log)
 }
 

controllers/postgresql_controller.go

@@ -0,0 +1,70 @@
+package controllers
+
+import (
+	infrav1beta1 "github.com/doodlescheduling/kubedb/api/v1beta1"
+	postgresqlAPI "github.com/doodlescheduling/kubedb/common/db/postgresql"
+	"github.com/go-logr/logr"
+)
+
+type PostgreSQLGarbageCollector struct {
+	r   *PostgreSQLReconciler
+	cw  *ControllerWrapper
+	log *logr.Logger
+}
+
+func NewPostgreSQLGarbageCollector(r *PostgreSQLReconciler, cw *ControllerWrapper, log *logr.Logger) *PostgreSQLGarbageCollector {
+	return &PostgreSQLGarbageCollector{
+		r:   r,
+		cw:  cw,
+		log: log,
+	}
+}
+
+/*	For now, Garbage Collector does not drop databases, because we haven't decided if we want to delete all data.
+	Possible avenue to proceed is to have a separate option flag/struct (to be set in Spec), that will force deletion of all garbage, including data.
+*/
+func (g *PostgreSQLGarbageCollector) Clean(postgresql *infrav1beta1.PostgreSQL) error {
+	rootPassword, err := g.cw.GetRootPassword(postgresql.Status.DatabaseStatus.RootSecretLookup.Name, postgresql.Status.DatabaseStatus.RootSecretLookup.Namespace, postgresql.Status.DatabaseStatus.RootSecretLookup.Field)
+	if err != nil {
+		// no point in proceeding. In future could also try with Spec credential
+		return err
+	}
+	postgreSQLServer, err := g.r.ServerCache.Get(postgresql.Status.DatabaseStatus.Host, postgresql.Status.DatabaseStatus.RootUsername, rootPassword, postgresql.Status.DatabaseStatus.RootAuthenticationDatabase)
+	if err != nil {
+		// no point in proceeding. In future could also try with Spec credential
+		return err
+	}
+	// if an error happens, just collect it and try to clean as much as possible. Return it at the end. This is a pattern in for most of this Garbage Collector.
+	var errToReturn error
+	errToReturn = g.HandleHostOrDatabaseChange(postgreSQLServer, postgresql, rootPassword)
+	errToReturn = g.HandleUnneededCredentials(postgresql, postgreSQLServer)
+	return errToReturn
+}
+
+// if host or database changed in spec, try to clean on old host/database
+func (g *PostgreSQLGarbageCollector) HandleHostOrDatabaseChange(postgreSQLServer *postgresqlAPI.PostgreSQLServer, postgresql *infrav1beta1.PostgreSQL, rootPassword string) error {
+	var errToReturn error
+	if (postgresql.Status.DatabaseStatus.Host != "" && postgresql.Spec.HostName != postgresql.Status.DatabaseStatus.Host) ||
+		(postgresql.Status.DatabaseStatus.Name != "" && postgresql.Spec.DatabaseName != postgresql.Status.DatabaseStatus.Name) {
+		postgresql.Status.CredentialsStatus.ForEach(func(status *infrav1beta1.CredentialStatus) {
+			err := postgreSQLServer.DropUser(status.Username, postgresql.Status.DatabaseStatus.Name)
+			if err != nil {
+				errToReturn = err
+			} else {
+				(*g.log).Info("Deleted user on database", "user", status.Username, "database", postgresql.Status.DatabaseStatus.Name)
+			}
+		})
+
+	}
+	return errToReturn
+}
+
+func (g *PostgreSQLGarbageCollector) HandleUnneededCredentials(postgresql *infrav1beta1.PostgreSQL, postgreSQLServer *postgresqlAPI.PostgreSQLServer) error {
+	var errToReturn error
+	// - garbage collection
+	// remove all statuses for credentials that are no longer required by spec, and delete users in database
+	postgresql.RemoveUnneededCredentialsStatus().ForEach(func(status *infrav1beta1.CredentialStatus) {
+		errToReturn = postgreSQLServer.DropUser(status.Username, postgresql.Status.DatabaseStatus.Name)
+	})
+	return errToReturn
+}