fixup! feat: Nutanix VM image preflight check

Run VM Image check only if Nutanix clients are initialized. This avoids returning errors that are not actionable. The user will see an error from the credentials check only.

Author: dlipovetsky

pkg/webhook/preflight/nutanix/checker.go

@@ -39,8 +39,6 @@ type nutanixChecker struct {
 	nutanixClusterConfigSpec                           *carenv1.NutanixClusterConfigSpec
 	nutanixWorkerNodeConfigSpecByMachineDeploymentName map[string]*carenv1.NutanixWorkerNodeConfigSpec
 
-	credentials prismgoclient.Credentials
-
 	v3client        v3client
 	v3clientFactory func(prismgoclient.Credentials) (v3client, error)
 

pkg/webhook/preflight/nutanix/credentials.go

@@ -146,7 +146,7 @@ func initCredentialsCheck(
 	}
 
 	// Initialize the credentials.
-	n.credentials = prismgoclient.Credentials{
+	credentials := prismgoclient.Credentials{
 		Endpoint: fmt.Sprintf("%s:%d", host, port),
 		URL:      fmt.Sprintf("https://%s:%d", host, port),
 		Username: usernamePassword.Username,
@@ -155,7 +155,7 @@ func initCredentialsCheck(
 	}
 
 	// Initialize the clients.
-	n.v4client, err = n.v4clientFactory(n.credentials)
+	v4client, err := n.v4clientFactory(credentials)
 	if err != nil {
 		result.Allowed = false
 		result.Error = true
@@ -167,7 +167,7 @@ func initCredentialsCheck(
 		)
 	}
 
-	n.v3client, err = n.v3clientFactory(n.credentials)
+	v3client, err := n.v3clientFactory(credentials)
 	if err != nil {
 		result.Allowed = false
 		result.Error = true
@@ -177,21 +177,35 @@ func initCredentialsCheck(
 				Field:   "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint.credentials",
 			},
 		)
-	} else {
-		// Validate the credentials using an API call.
-		_, err = n.v3client.GetCurrentLoggedInUser(ctx)
-		if err != nil {
-			result.Allowed = false
-			result.Error = true
-			result.Causes = append(result.Causes,
-				preflight.Cause{
-					Message: fmt.Sprintf("failed to validate credentials using the v3 API client: %s", err),
-					Field:   "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint.credentials",
-				},
-			)
+	}
+
+	if v3client == nil || v4client == nil {
+		return func(ctx context.Context) preflight.CheckResult {
+			return result
 		}
 	}
 
+	// Validate the credentials using an API call.
+	_, err = v3client.GetCurrentLoggedInUser(ctx)
+	if err != nil {
+		result.Allowed = false
+		result.Error = true
+		result.Causes = append(result.Causes,
+			preflight.Cause{
+				Message: fmt.Sprintf("Failed to validate credentials using the v3 API client. "+
+					"The URL and/or credentials may be incorrect. (Error: %q)", err),
+				Field: "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint",
+			},
+		)
+		return func(ctx context.Context) preflight.CheckResult {
+			return result
+		}
+	}
+
+	// We initialized both clients, and verified the credentials using the v3 client.
+	n.v3client = v3client
+	n.v4client = v4client
+
 	return func(ctx context.Context) preflight.CheckResult {
 		return result
 	}

pkg/webhook/preflight/nutanix/credentials_test.go

@@ -174,7 +174,7 @@ func TestInitCredentialsCheck_FailedToGetCurrentLoggedInUser(t *testing.T) {
 	result := check(context.Background())
 	assert.False(t, result.Allowed)
 	assert.True(t, result.Error)
-	assert.Contains(t, result.Causes[0].Message, "failed to validate credentials using the v3 API client")
+	assert.Contains(t, result.Causes[0].Message, "Failed to validate credentials using the v3 API client.")
 }
 
 func validNutanixChecker() *nutanixChecker {

pkg/webhook/preflight/nutanix/image.go

@@ -19,6 +19,10 @@ func initVMImageChecks(
 ) []preflight.Check {
 	checks := []preflight.Check{}
 
+	if n.v4client == nil {
+		return checks
+	}
+
 	if n.nutanixClusterConfigSpec != nil && n.nutanixClusterConfigSpec.ControlPlane != nil &&
 		n.nutanixClusterConfigSpec.ControlPlane.Nutanix != nil {
 		checks = append(checks,
@@ -62,19 +66,6 @@ func vmImageCheck(
 			Allowed: false,
 		}
 
-		// If the v4 client is not initialized, we cannot perform VM image checks.
-		if n.v4client == nil {
-			result.Allowed = false
-			result.Error = true
-			result.Causes = append(result.Causes,
-				preflight.Cause{
-					Message: "Nutanix v4 client is not initialized, cannot perform VM image checks",
-					Field:   "",
-				},
-			)
-			return result
-		}
-
 		if machineDetails.ImageLookup != nil {
 			result.Allowed = true
 			result.Warnings = append(

pkg/webhook/preflight/nutanix/image_test.go

@@ -59,27 +59,6 @@ func TestVMImageCheck(t *testing.T) {
 		machineDetails *carenv1.NutanixMachineDetails
 		want           preflight.CheckResult
 	}{
-		{
-			name:     "Nutanix v4 client not initialized",
-			v4client: nil,
-			machineDetails: &carenv1.NutanixMachineDetails{
-				Image: &capxv1.NutanixResourceIdentifier{
-					Type: capxv1.NutanixIdentifierUUID,
-					UUID: ptr.To("test-uuid"),
-				},
-			},
-			want: preflight.CheckResult{
-				Name:    "NutanixVMImage",
-				Allowed: false,
-				Error:   true,
-				Causes: []preflight.Cause{
-					{
-						Message: "Nutanix v4 client is not initialized, cannot perform VM image checks",
-						Field:   "",
-					},
-				},
-			},
-		},
 		{
 			name:     "imageLookup not yet supported",
 			v4client: &mockV4Client{},
@@ -514,16 +493,27 @@ func TestInitVMImageChecks(t *testing.T) {
 		name                                      string
 		nutanixClusterConfigSpec                  *carenv1.NutanixClusterConfigSpec
 		nutanixWorkerNodeConfigSpecByMDName       map[string]*carenv1.NutanixWorkerNodeConfigSpec
+		v4client                                  v4client
 		expectedChecks                            int
 		expectedControlPlaneCheckFieldIncluded    bool
 		expectedWorkerNodeCheckFieldPatternExists bool
 	}{
 		{
-			name:                                      "no nutanix configuration",
-			nutanixClusterConfigSpec:                  nil,
-			nutanixWorkerNodeConfigSpecByMDName:       nil,
-			expectedChecks:                            0,
-			expectedControlPlaneCheckFieldIncluded:    false,
+			name:                                   "client not initialized",
+			nutanixClusterConfigSpec:               nil,
+			nutanixWorkerNodeConfigSpecByMDName:    nil,
+			v4client:                               nil,
+			expectedChecks:                         0,
+			expectedControlPlaneCheckFieldIncluded: false,
+			expectedWorkerNodeCheckFieldPatternExists: false,
+		},
+		{
+			name:                                   "no nutanix configuration",
+			nutanixClusterConfigSpec:               nil,
+			nutanixWorkerNodeConfigSpecByMDName:    nil,
+			v4client:                               &mockv4client{},
+			expectedChecks:                         0,
+			expectedControlPlaneCheckFieldIncluded: false,
 			expectedWorkerNodeCheckFieldPatternExists: false,
 		},
 		{
@@ -541,6 +531,7 @@ func TestInitVMImageChecks(t *testing.T) {
 				},
 			},
 			nutanixWorkerNodeConfigSpecByMDName:       nil,
+			v4client:                                  &mockv4client{},
 			expectedChecks:                            1,
 			expectedControlPlaneCheckFieldIncluded:    true,
 			expectedWorkerNodeCheckFieldPatternExists: false,
@@ -560,8 +551,9 @@ func TestInitVMImageChecks(t *testing.T) {
 					},
 				},
 			},
-			expectedChecks:                            1,
-			expectedControlPlaneCheckFieldIncluded:    false,
+			v4client:                               &mockv4client{},
+			expectedChecks:                         1,
+			expectedControlPlaneCheckFieldIncluded: false,
 			expectedWorkerNodeCheckFieldPatternExists: true,
 		},
 		{
@@ -600,8 +592,9 @@ func TestInitVMImageChecks(t *testing.T) {
 					},
 				},
 			},
-			expectedChecks:                            3, // 1 control plane + 2 workers
-			expectedControlPlaneCheckFieldIncluded:    true,
+			v4client:                               &mockv4client{},
+			expectedChecks:                         3, // 1 control plane + 2 workers
+			expectedControlPlaneCheckFieldIncluded: true,
 			expectedWorkerNodeCheckFieldPatternExists: true,
 		},
 		{
@@ -622,8 +615,9 @@ func TestInitVMImageChecks(t *testing.T) {
 					},
 				},
 			},
-			expectedChecks:                            1, // only worker-2
-			expectedControlPlaneCheckFieldIncluded:    false,
+			v4client:                               &mockv4client{},
+			expectedChecks:                         1, // only worker-2
+			expectedControlPlaneCheckFieldIncluded: false,
 			expectedWorkerNodeCheckFieldPatternExists: true,
 		},
 		{
@@ -644,6 +638,7 @@ func TestInitVMImageChecks(t *testing.T) {
 				ControlPlane: nil, // null control plane
 			},
 			nutanixWorkerNodeConfigSpecByMDName:       nil,
+			v4client:                                  &mockv4client{},
 			expectedChecks:                            0,
 			expectedControlPlaneCheckFieldIncluded:    false,
 			expectedWorkerNodeCheckFieldPatternExists: false,
@@ -657,6 +652,7 @@ func TestInitVMImageChecks(t *testing.T) {
 				log:                      logger,
 				nutanixClusterConfigSpec: tc.nutanixClusterConfigSpec,
 				nutanixWorkerNodeConfigSpecByMachineDeploymentName: tc.nutanixWorkerNodeConfigSpecByMDName,
+				v4client: tc.v4client,
 			}
 
 			// Trap the vmImageCheck calls to verify field paths