fixup! feat: Nutanix VM image preflight check

* Refactor nutanixChecker to allow unit tests of all checks.
* Add unit tests.
* Fix field reported when spec init for worker spec fails.
* Fix handling of credentials "Insecure" option.
* Use lowercase 'v' in errors that refers to the Nutanix client

Author: dlipovetsky

pkg/webhook/preflight/nutanix/checker.go

@@ -24,6 +24,11 @@ func New(kclient ctrlclient.Client, cluster *clusterv1.Cluster) preflight.Checke
 
 		v3clientFactory: newV3Client,
 		v4clientFactory: newV4Client,
+
+		vmImageCheckFunc:             vmImageCheck,
+		initNutanixConfigurationFunc: initNutanixConfiguration,
+		initCredentialsCheckFunc:     initCredentialsCheck,
+		initVMImageChecksFunc:        initVMImageChecks,
 	}
 }
 
@@ -42,6 +47,25 @@ type nutanixChecker struct {
 	v4client        v4client
 	v4clientFactory func(prismgoclient.Credentials) (v4client, error)
 
+	vmImageCheckFunc func(
+		n *nutanixChecker,
+		machineDetails *carenv1.NutanixMachineDetails,
+		field string,
+	) preflight.Check
+
+	initNutanixConfigurationFunc func(
+		n *nutanixChecker,
+	) preflight.Check
+
+	initCredentialsCheckFunc func(
+		ctx context.Context,
+		n *nutanixChecker,
+	) preflight.Check
+
+	initVMImageChecksFunc func(
+		n *nutanixChecker,
+	) []preflight.Check
+
 	log logr.Logger
 }
 
@@ -53,11 +77,11 @@ func (n *nutanixChecker) Init(
 	checks := []preflight.Check{
 		// The configuration check must run first, because it initializes data used by all other checks,
 		// and the credentials check second, because it initializes the Nutanix clients used by other checks.
-		n.initNutanixConfiguration(),
-		n.initCredentialsCheck(ctx),
+		n.initNutanixConfigurationFunc(n),
+		n.initCredentialsCheckFunc(ctx, n),
 	}
 
-	checks = append(checks, n.initVMImageChecks()...)
+	checks = append(checks, n.initVMImageChecksFunc(n)...)
 
 	// Add more checks here as needed.
 

pkg/webhook/preflight/nutanix/checker_test.go

@@ -0,0 +1,154 @@
+// Copyright 2024 Nutanix. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package nutanix
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
+
+	carenv1 "github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/api/v1alpha1"
+	"github.com/nutanix-cloud-native/cluster-api-runtime-extensions-nutanix/pkg/webhook/preflight"
+)
+
+func TestNutanixChecker_Init(t *testing.T) {
+	tests := []struct {
+		name                    string
+		nutanixConfig           *carenv1.NutanixClusterConfigSpec
+		workerNodeConfigs       map[string]*carenv1.NutanixWorkerNodeConfigSpec
+		expectedCheckCount      int
+		expectedFirstCheckName  string
+		expectedSecondCheckName string
+		vmImageCheckCount       int
+	}{
+		{
+			name:                    "basic initialization with no configs",
+			nutanixConfig:           nil,
+			workerNodeConfigs:       nil,
+			expectedCheckCount:      2, // config check and credentials check
+			expectedFirstCheckName:  "NutanixConfiguration",
+			expectedSecondCheckName: "NutanixCredentials",
+			vmImageCheckCount:       0,
+		},
+		{
+			name: "initialization with control plane config",
+			nutanixConfig: &carenv1.NutanixClusterConfigSpec{
+				ControlPlane: &carenv1.NutanixControlPlaneSpec{
+					Nutanix: &carenv1.NutanixNodeSpec{},
+				},
+			},
+			workerNodeConfigs:       nil,
+			expectedCheckCount:      3, // config check, credentials check, 1 VM image check
+			expectedFirstCheckName:  "NutanixConfiguration",
+			expectedSecondCheckName: "NutanixCredentials",
+			vmImageCheckCount:       1,
+		},
+		{
+			name:          "initialization with worker node configs",
+			nutanixConfig: nil,
+			workerNodeConfigs: map[string]*carenv1.NutanixWorkerNodeConfigSpec{
+				"worker-1": {
+					Nutanix: &carenv1.NutanixNodeSpec{},
+				},
+				"worker-2": {
+					Nutanix: &carenv1.NutanixNodeSpec{},
+				},
+			},
+			expectedCheckCount:      4, // config check, credentials check, 2 VM image checks
+			expectedFirstCheckName:  "NutanixConfiguration",
+			expectedSecondCheckName: "NutanixCredentials",
+			vmImageCheckCount:       2,
+		},
+		{
+			name: "initialization with both control plane and worker node configs",
+			nutanixConfig: &carenv1.NutanixClusterConfigSpec{
+				ControlPlane: &carenv1.NutanixControlPlaneSpec{
+					Nutanix: &carenv1.NutanixNodeSpec{},
+				},
+			},
+			workerNodeConfigs: map[string]*carenv1.NutanixWorkerNodeConfigSpec{
+				"worker-1": {
+					Nutanix: &carenv1.NutanixNodeSpec{},
+				},
+			},
+			expectedCheckCount:      4, // config check, credentials check, 2 VM image checks (1 CP + 1 worker)
+			expectedFirstCheckName:  "NutanixConfiguration",
+			expectedSecondCheckName: "NutanixCredentials",
+			vmImageCheckCount:       2,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Create the checker
+			checker := &nutanixChecker{
+				cluster:                  &clusterv1.Cluster{},
+				nutanixClusterConfigSpec: tt.nutanixConfig,
+				nutanixWorkerNodeConfigSpecByMachineDeploymentName: tt.workerNodeConfigs,
+			}
+
+			// Mock the sub-check functions to track their calls
+			configCheckCalled := false
+			credsCheckCalled := false
+			vmImageCheckCount := 0
+
+			checker.initNutanixConfigurationFunc = func(n *nutanixChecker) preflight.Check {
+				configCheckCalled = true
+				return func(ctx context.Context) preflight.CheckResult {
+					return preflight.CheckResult{
+						Name: tt.expectedFirstCheckName,
+					}
+				}
+			}
+
+			checker.initCredentialsCheckFunc = func(ctx context.Context, n *nutanixChecker) preflight.Check {
+				credsCheckCalled = true
+				return func(ctx context.Context) preflight.CheckResult {
+					return preflight.CheckResult{
+						Name: tt.expectedSecondCheckName,
+					}
+				}
+			}
+
+			checker.initVMImageChecksFunc = func(n *nutanixChecker) []preflight.Check {
+				checks := []preflight.Check{}
+				for i := 0; i < tt.vmImageCheckCount; i++ {
+					vmImageCheckCount++
+					checks = append(checks, func(ctx context.Context) preflight.CheckResult {
+						return preflight.CheckResult{
+							Name: fmt.Sprintf("VMImageCheck-%d", i),
+						}
+					})
+				}
+				return checks
+			}
+
+			// Call Init
+			ctx := context.Background()
+			checks := checker.Init(ctx)
+
+			// Verify the logger was set
+			assert.NotNil(t, checker.log)
+
+			// Verify correct number of checks
+			assert.Len(t, checks, tt.expectedCheckCount)
+
+			// Verify the sub-functions were called
+			assert.True(t, configCheckCalled, "initNutanixConfiguration should have been called")
+			assert.True(t, credsCheckCalled, "initCredentialsCheck should have been called")
+			assert.Equal(t, tt.vmImageCheckCount, vmImageCheckCount, "Wrong number of VM image checks")
+
+			// Verify the first two checks when we have results
+			if len(checks) >= 2 {
+				result1 := checks[0](ctx)
+				result2 := checks[1](ctx)
+				assert.Equal(t, tt.expectedFirstCheckName, result1.Name)
+				assert.Equal(t, tt.expectedSecondCheckName, result2.Name)
+			}
+		})
+	}
+}

pkg/webhook/preflight/nutanix/clients.go

@@ -1,3 +1,6 @@
+// Copyright 2024 Nutanix. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
 package nutanix
 
 import (

pkg/webhook/preflight/nutanix/credentials.go

@@ -18,7 +18,10 @@ import (
 
 const credentialsSecretDataKey = "credentials"
 
-func (n *nutanixChecker) initCredentialsCheck(ctx context.Context) preflight.Check {
+func initCredentialsCheck(
+	ctx context.Context,
+	n *nutanixChecker,
+) preflight.Check {
 	n.log.V(5).Info("Initializing Nutanix credentials check")
 
 	result := preflight.CheckResult{
@@ -142,23 +145,13 @@ func (n *nutanixChecker) initCredentialsCheck(ctx context.Context) preflight.Che
 		}
 	}
 
-	if !result.Allowed || result.Error {
-		// If any error has happened, we should not try to initialize the credentials or clients, so we return early.
-		return func(ctx context.Context) preflight.CheckResult {
-			return result
-		}
-	}
-
 	// Initialize the credentials.
 	n.credentials = prismgoclient.Credentials{
 		Endpoint: fmt.Sprintf("%s:%d", host, port),
 		URL:      fmt.Sprintf("https://%s:%d", host, port),
 		Username: usernamePassword.Username,
 		Password: usernamePassword.Password,
-	}
-	if prismCentralEndpointSpec.Insecure {
-		n.credentials.Insecure = true
-		n.credentials.URL = fmt.Sprintf("http://%s:%d", host, port)
+		Insecure: prismCentralEndpointSpec.Insecure,
 	}
 
 	// Initialize the clients.
@@ -168,7 +161,7 @@ func (n *nutanixChecker) initCredentialsCheck(ctx context.Context) preflight.Che
 		result.Error = true
 		result.Causes = append(result.Causes,
 			preflight.Cause{
-				Message: fmt.Sprintf("failed to initialize Nutanix V4 client: %s", err),
+				Message: fmt.Sprintf("failed to initialize Nutanix v4 client: %s", err),
 				Field:   "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint.credentials",
 			},
 		)
@@ -180,21 +173,23 @@ func (n *nutanixChecker) initCredentialsCheck(ctx context.Context) preflight.Che
 		result.Error = true
 		result.Causes = append(result.Causes,
 			preflight.Cause{
-				Message: fmt.Sprintf("failed to initialize Nutanix V3 client: %s", err),
-				Field:   "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint.credentials",
-			},
-		)
-	}
-	_, err = n.v3client.GetCurrentLoggedInUser(ctx)
-	if err != nil {
-		result.Allowed = false
-		result.Error = true
-		result.Causes = append(result.Causes,
-			preflight.Cause{
-				Message: fmt.Sprintf("failed to validate credentials using the v3 API client: %s", err),
+				Message: fmt.Sprintf("failed to initialize Nutanix v3 client: %s", err),
 				Field:   "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint.credentials",
 			},
 		)
+	} else {
+		// Validate the credentials using an API call.
+		_, err = n.v3client.GetCurrentLoggedInUser(ctx)
+		if err != nil {
+			result.Allowed = false
+			result.Error = true
+			result.Causes = append(result.Causes,
+				preflight.Cause{
+					Message: fmt.Sprintf("failed to validate credentials using the v3 API client: %s", err),
+					Field:   "cluster.spec.topology.variables[.name=clusterConfig].nutanix.prismCentralEndpoint.credentials",
+				},
+			)
+		}
 	}
 
 	return func(ctx context.Context) preflight.CheckResult {