feat: Support context for all Nutanix client calls (#1234)

**What problem does this PR solve?**:
This allows us to handle context cancellation when using the Nutanix v4
go client, which itself does not support context. That, together with
#1235, allows us to return check results before the API server webhook
timeout. This means the client sees results, instead of an uninformative
(and misleading) "failed to call webhook" error.

## Before

Notice that no results are returned.

```
│ kubectl apply --dry-run=server -f invalid-bad-prismcentral-url.yaml -v=4
I0723 12:12:17.523594 2625398 envvar.go:172] "Feature gate default state" feature="ClientsPreferCBOR" enabled=false
I0723 12:12:17.523624 2625398 envvar.go:172] "Feature gate default state" feature="InformerResourceVersion" enabled=false
I0723 12:12:17.523627 2625398 envvar.go:172] "Feature gate default state" feature="InOrderInformers" enabled=true
I0723 12:12:17.523630 2625398 envvar.go:172] "Feature gate default state" feature="WatchListClient" enabled=false
I0723 12:12:17.523633 2625398 envvar.go:172] "Feature gate default state" feature="ClientsAllowCBOR" enabled=false
I0723 12:12:27.582271 2625398 helpers.go:246] server response object: %s[{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "error when creating \"invalid-bad-prismcentral-url.yaml\": Internal error occurred: failed calling webhook \"preflight.cluster.caren.nutanix.com\": failed to call webhook: Post \"https://cluster-api-runtime-extensions-nutanix-admission.default.svc:443/preflight-v1beta1-cluster?timeout=10s\": context deadline exceeded",
  "reason": "InternalError",
  "details": {
    "causes": [
      {
        "message": "failed calling webhook \"preflight.cluster.caren.nutanix.com\": failed to call webhook: Post \"https://cluster-api-runtime-extensions-nutanix-admission.default.svc:443/preflight-v1beta1-cluster?timeout=10s\": context deadline exceeded"
      }
    ]
  },
  "code": 500
}]
Error from server (InternalError): error when creating "invalid-bad-prismcentral-url.yaml": Internal error occurred: failed calling webhook "preflight.cluster.caren.nutanix.com": failed to call webhook: Post "https://cluster-api-runtime-extensions-nutanix-admission.default.svc:443/preflight-v1beta1-cluster?timeout=10s": context deadline exceeded
```

## After

Notice that the results are returned.

```
│ kubectl apply --dry-run=server -f invalid-bad-prismcentral-url.yaml -v=4
I0723 12:06:59.458667 2603987 envvar.go:172] "Feature gate default state" feature="ClientsAllowCBOR" enabled=false
I0723 12:06:59.458703 2603987 envvar.go:172] "Feature gate default state" feature="ClientsPreferCBOR" enabled=false
I0723 12:06:59.458706 2603987 envvar.go:172] "Feature gate default state" feature="InformerResourceVersion" enabled=false
I0723 12:06:59.458709 2603987 envvar.go:172] "Feature gate default state" feature="InOrderInformers" enabled=true
I0723 12:06:59.458711 2603987 envvar.go:172] "Feature gate default state" feature="WatchListClient" enabled=false
I0723 12:07:07.583019 2603987 helpers.go:246] server response object: %s[{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "error when creating \"invalid-bad-prismcentral-url.yaml\": admission webhook \"preflight.cluster.caren.nutanix.com\" denied the request: preflight checks failed due to an internal error",
  "reason": "InternalError",
  "details": {
    "causes": [
      {
        "reason": "NutanixCredentials",
        "message": "Failed to validate credentials: Get \"https://example.com:9441/api/nutanix/v3/users/me\": context deadline exceeded. This is usually a temporary error. Please retry.",
        "field": "$.spec.topology.variables[?@.name==\"clusterConfig\"].value.nutanix.prismCentralEndpoint"
      }
    ]
  },
  "code": 500
}]
Error from server (InternalError): error when creating "invalid-bad-prismcentral-url.yaml": admission webhook "preflight.cluster.caren.nutanix.com" denied the request: preflight checks failed due to an internal error
```
 
**Which issue(s) this PR fixes**:
Fixes #

**How Has This Been Tested?**:
<!--
Please describe the tests that you ran to verify your changes.
Provide output from the tests and any manual steps needed to replicate
the tests.
-->

**Special notes for your reviewer**:
<!--
Use this to provide any additional information to the reviewers.
This may include:
- Best way to review the PR.
- Where the author wants the most review attention on.
- etc.
-->

Author: dlipovetsky

pkg/webhook/preflight/nutanix/clients.go

@@ -5,74 +5,13 @@ package nutanix
 
 import (
 	"context"
+	"errors"
+	"testing"
+	"time"
 
-	clustermgmtv4 "github.com/nutanix/ntnx-api-golang-clients/clustermgmt-go-client/v4/models/clustermgmt/v4/config"
-	netv4 "github.com/nutanix/ntnx-api-golang-clients/networking-go-client/v4/models/networking/v4/config"
-	vmmv4 "github.com/nutanix/ntnx-api-golang-clients/vmm-go-client/v4/models/vmm/v4/content"
 	ctrlclient "sigs.k8s.io/controller-runtime/pkg/client"
-
-	prismv3 "github.com/nutanix-cloud-native/prism-go-client/v3"
 )
 
-var _ = client(&mocknclient{})
-
-// mocknclient is a mock implementation of the client interface for testing purposes.
-type mocknclient struct {
-	user *prismv3.UserIntentResponse
-	err  error
-
-	getImageByIdFunc func(
-		uuid *string,
-	) (
-		*vmmv4.GetImageApiResponse, error,
-	)
-
-	listImagesFunc func(
-		page,
-		limit *int,
-		filter,
-		orderby,
-		select_ *string,
-		args ...map[string]interface{},
-	) (
-		*vmmv4.ListImagesApiResponse,
-		error,
-	)
-
-	getClusterByIdFunc func(id *string) (*clustermgmtv4.GetClusterApiResponse, error)
-
-	listClustersFunc func(
-		page,
-		limit *int,
-		filter,
-		orderby,
-		apply,
-		select_ *string,
-		args ...map[string]interface{},
-	) (*clustermgmtv4.ListClustersApiResponse, error)
-
-	listStorageContainersFunc func(
-		page,
-		limit *int,
-		filter,
-		orderby,
-		select_ *string,
-		args ...map[string]interface{},
-	) (*clustermgmtv4.ListStorageContainersApiResponse, error)
-
-	GetSubnetByIdFunc func(id *string) (*netv4.GetSubnetApiResponse, error)
-
-	ListSubnetsFunc func(
-		page_ *int,
-		limit_ *int,
-		filter_ *string,
-		orderby_ *string,
-		expand_ *string,
-		select_ *string,
-		args ...map[string]interface{},
-	) (*netv4.ListSubnetsApiResponse, error)
-}
-
 type mockKubeClient struct {
 	ctrlclient.Client
 	SubResourceClient ctrlclient.SubResourceClient
@@ -97,54 +36,89 @@ func (m *mockKubeClient) SubResource(subResource string) ctrlclient.SubResourceC
 	return m.SubResourceClient
 }
 
-func (m *mocknclient) GetCurrentLoggedInUser(ctx context.Context) (*prismv3.UserIntentResponse, error) {
-	return m.user, m.err
-}
-
-func (m *mocknclient) GetImageById(uuid *string) (*vmmv4.GetImageApiResponse, error) {
-	return m.getImageByIdFunc(uuid)
-}
-
-func (m *mocknclient) ListImages(
-	page, limit *int,
-	filter, orderby, select_ *string,
-	args ...map[string]interface{},
-) (*vmmv4.ListImagesApiResponse, error) {
-	return m.listImagesFunc(page, limit, filter, orderby, select_)
-}
-
-func (m *mocknclient) GetClusterById(id *string) (*clustermgmtv4.GetClusterApiResponse, error) {
-	return m.getClusterByIdFunc(id)
-}
-
-func (m *mocknclient) ListClusters(
-	page, limit *int,
-	filter, orderby, apply, select_ *string,
-	args ...map[string]interface{},
-) (*clustermgmtv4.ListClustersApiResponse, error) {
-	return m.listClustersFunc(page, limit, filter, orderby, apply, select_, args...)
-}
-
-func (m *mocknclient) ListStorageContainers(
-	page, limit *int,
-	filter, orderby, select_ *string,
-	args ...map[string]interface{},
-) (*clustermgmtv4.ListStorageContainersApiResponse, error) {
-	return m.listStorageContainersFunc(page, limit, filter, orderby, select_, args...)
-}
-
-func (m *mocknclient) GetSubnetById(id *string) (*netv4.GetSubnetApiResponse, error) {
-	return m.GetSubnetByIdFunc(id)
-}
-
-func (m *mocknclient) ListSubnets(
-	page_ *int,
-	limit_ *int,
-	filter_ *string,
-	orderby_ *string,
-	expand_ *string,
-	select_ *string,
-	args ...map[string]interface{},
-) (*netv4.ListSubnetsApiResponse, error) {
-	return m.ListSubnetsFunc(page_, limit_, filter_, orderby_, expand_, select_, args...)
+func TestCallWithContext(t *testing.T) {
+	t.Parallel()
+	testSuccessValue := "success"
+	testError := errors.New("test error")
+
+	tests := []struct {
+		name        string
+		ctx         func() (context.Context, context.CancelFunc)
+		f           func() (string, error)
+		wantVal     string
+		wantErr     error
+		cancelAfter time.Duration
+	}{
+		{
+			name: "should return value on success",
+			ctx: func() (context.Context, context.CancelFunc) {
+				return context.Background(), func() {}
+			},
+			f: func() (string, error) {
+				return testSuccessValue, nil
+			},
+			wantVal: testSuccessValue,
+			wantErr: nil,
+		},
+		{
+			name: "should return error when function fails",
+			ctx: func() (context.Context, context.CancelFunc) {
+				return context.Background(), func() {}
+			},
+			f: func() (string, error) {
+				return "", testError
+			},
+			wantErr: testError,
+		},
+		{
+			name: "should return context error when context is cancelled during execution",
+			ctx: func() (context.Context, context.CancelFunc) {
+				return context.WithCancel(context.Background())
+			},
+			f: func() (string, error) {
+				time.Sleep(100 * time.Millisecond)
+				return testSuccessValue, nil
+			},
+			wantErr:     context.Canceled,
+			cancelAfter: 10 * time.Millisecond,
+		},
+		{
+			name: "should return context error when context is already cancelled",
+			ctx: func() (context.Context, context.CancelFunc) {
+				ctx, cancel := context.WithCancel(context.Background())
+				cancel()
+				return ctx, func() {}
+			},
+			f: func() (string, error) {
+				t.Log("this function should not have its result returned")
+				return testSuccessValue, nil
+			},
+			wantErr: context.Canceled,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			ctx, cancel := tt.ctx()
+			defer cancel()
+
+			if tt.cancelAfter > 0 {
+				go func() {
+					time.Sleep(tt.cancelAfter)
+					cancel()
+				}()
+			}
+
+			gotVal, gotErr := callWithContext(ctx, tt.f)
+
+			if !errors.Is(gotErr, tt.wantErr) {
+				t.Errorf("callWithContext() error = %v, wantErr %v", gotErr, tt.wantErr)
+			}
+
+			if gotVal != tt.wantVal {
+				t.Errorf("callWithContext() gotVal = %s, wantVal %s", gotVal, tt.wantVal)
+			}
+		})
+	}
 }

pkg/webhook/preflight/nutanix/clients_test.go

@@ -17,14 +17,19 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 
 	prismgoclient "github.com/nutanix-cloud-native/prism-go-client"
+	prismv3 "github.com/nutanix-cloud-native/prism-go-client/v3"
 
 	carenv1 "github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/api/v1alpha1"
 )
 
 func TestNewCredentialsCheck_Success(t *testing.T) {
 	cd := validCheckDependencies()
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{
+			GetCurrentLoggedInUserFunc: func(ctx context.Context) (*prismv3.UserIntentResponse, error) {
+				return &prismv3.UserIntentResponse{}, nil
+			},
+		}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -37,7 +42,7 @@ func TestNewCredentialsCheck_NoNutanixConfig(t *testing.T) {
 	cd := validCheckDependencies()
 	cd.nutanixClusterConfigSpec = nil
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -50,7 +55,7 @@ func TestNewCredentialsCheck_MissingNutanixField(t *testing.T) {
 	cd := validCheckDependencies()
 	cd.nutanixClusterConfigSpec.Nutanix = nil
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -68,7 +73,7 @@ func TestNewCredentialsCheck_InvalidURL(t *testing.T) {
 	cd := validCheckDependencies()
 	cd.nutanixClusterConfigSpec.Nutanix.PrismCentralEndpoint.URL = "not-a-url"
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -85,7 +90,7 @@ func TestNewCredentialsCheck_SecretNotFound(t *testing.T) {
 	cd := validCheckDependencies()
 	cd.kclient = fake.NewClientBuilder().Build() // no secret
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -123,7 +128,7 @@ func TestNewCredentialsCheck_SecretGetError(t *testing.T) {
 		},
 	}
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -147,7 +152,7 @@ func TestNewCredentialsCheck_SecretEmpty(t *testing.T) {
 	cd := validCheckDependencies()
 	cd.kclient = fake.NewClientBuilder().WithObjects(secret).Build()
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -188,7 +193,7 @@ func TestNewCredentialsCheck_InvalidCredentialsFormat(t *testing.T) {
 	cd := validCheckDependencies()
 	cd.kclient = fake.NewClientBuilder().WithObjects(secret).Build()
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{}, nil
+		return &clientWrapper{}, nil
 	}
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
 	result := check.Run(context.Background())
@@ -217,7 +222,11 @@ func TestNewCredentialsCheck_FailedToCreateClient(t *testing.T) {
 func TestNewCredentialsCheck_FailedToGetCurrentLoggedInUser(t *testing.T) {
 	// Simulate a failure in getting the current logged-in user
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{err: assert.AnError}, nil
+		return &clientWrapper{
+			GetCurrentLoggedInUserFunc: func(ctx context.Context) (*prismv3.UserIntentResponse, error) {
+				return nil, assert.AnError
+			},
+		}, nil
 	}
 	cd := validCheckDependencies()
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)
@@ -230,7 +239,11 @@ func TestNewCredentialsCheck_FailedToGetCurrentLoggedInUser(t *testing.T) {
 
 func TestNewCredentialsCheck_GetCurrentLoggedInUserInvalidCredentials(t *testing.T) {
 	nclientFactory := func(_ prismgoclient.Credentials) (client, error) {
-		return &mocknclient{err: fmt.Errorf("invalid Nutanix credentials")}, nil
+		return &clientWrapper{
+			GetCurrentLoggedInUserFunc: func(ctx context.Context) (*prismv3.UserIntentResponse, error) {
+				return nil, fmt.Errorf("invalid Nutanix credentials")
+			},
+		}, nil
 	}
 	cd := validCheckDependencies()
 	check := newCredentialsCheck(context.Background(), nclientFactory, cd)

pkg/webhook/preflight/nutanix/credentials_test.go

@@ -112,7 +112,7 @@ func (fdc *failureDomainCheck) Run(ctx context.Context) preflight.CheckResult {
 	// Validate the failure domain configuration
 	// Validate spec.prismElementCluster configuration
 	peIdentifier := fdObj.Spec.PrismElementCluster
-	peClusters, err := getClusters(fdc.nclient, &peIdentifier)
+	peClusters, err := getClusters(ctx, fdc.nclient, &peIdentifier)
 	if err != nil {
 		result.Allowed = false
 		result.InternalError = true
@@ -143,7 +143,7 @@ func (fdc *failureDomainCheck) Run(ctx context.Context) preflight.CheckResult {
 
 	// Validate spec.subnets configuration
 	for _, id := range fdObj.Spec.Subnets {
-		subnets, err := getSubnets(fdc.nclient, &id)
+		subnets, err := getSubnets(ctx, fdc.nclient, &id)
 		if err != nil {
 			result.Allowed = false
 			result.InternalError = true
@@ -186,10 +186,17 @@ func (fdc *failureDomainCheck) Run(ctx context.Context) preflight.CheckResult {
 }
 
 // getSubnets returns the subnets found in PC with the input identifier.
-func getSubnets(client client, subnetId *capxv1.NutanixResourceIdentifier) ([]netv4.Subnet, error) {
+func getSubnets(
+	ctx context.Context,
+	client client,
+	subnetId *capxv1.NutanixResourceIdentifier,
+) (
+	[]netv4.Subnet,
+	error,
+) {
 	switch {
 	case subnetId.IsUUID():
-		resp, err := client.GetSubnetById(subnetId.UUID)
+		resp, err := client.GetSubnetById(ctx, subnetId.UUID)
 		if err != nil {
 			return nil, err
 		}
@@ -204,7 +211,7 @@ func getSubnets(client client, subnetId *capxv1.NutanixResourceIdentifier) ([]ne
 		return []netv4.Subnet{subnet}, nil
 	case subnetId.IsName():
 		filter_ := fmt.Sprintf("name eq '%s'", *subnetId.Name)
-		resp, err := client.ListSubnets(nil, nil, &filter_, nil, nil, nil)
+		resp, err := client.ListSubnets(ctx, nil, nil, &filter_, nil, nil, nil)
 		if err != nil {
 			return nil, err
 		}