From 62d521341c6c10310eecc96be9291327e66ec9b2 Mon Sep 17 00:00:00 2001 From: Mateus Oliveira Date: Tue, 9 Apr 2024 10:01:56 -0300 Subject: [PATCH] feat: Add Non Admin Restore controller Signed-off-by: Mateus Oliveira --- PROJECT | 9 ++ README.md | 6 ++ api/v1alpha1/nonadminrestore_types.go | 64 +++++++++++++ api/v1alpha1/zz_generated.deepcopy.go | 89 +++++++++++++++++++ cmd/main.go | 8 ++ config/crd/kustomization.yaml | 3 + config/rbac/nonadminrestore_editor_role.yaml | 31 +++++++ config/rbac/nonadminrestore_viewer_role.yaml | 27 ++++++ config/samples/kustomization.yaml | 1 + .../samples/nac_v1alpha1_nonadminrestore.yaml | 12 +++ .../controller/nonadminrestore_controller.go | 62 +++++++++++++ .../nonadminrestore_controller_test.go | 84 +++++++++++++++++ internal/controller/suite_test.go | 3 + 13 files changed, 399 insertions(+) create mode 100644 api/v1alpha1/nonadminrestore_types.go create mode 100644 config/rbac/nonadminrestore_editor_role.yaml create mode 100644 config/rbac/nonadminrestore_viewer_role.yaml create mode 100644 config/samples/nac_v1alpha1_nonadminrestore.yaml create mode 100644 internal/controller/nonadminrestore_controller.go create mode 100644 internal/controller/nonadminrestore_controller_test.go diff --git a/PROJECT b/PROJECT index b10e3ba..3f6ef52 100644 --- a/PROJECT +++ b/PROJECT @@ -17,4 +17,13 @@ resources: kind: NonAdminBackup path: github.com/migtools/oadp-non-admin/api/v1alpha1 version: v1alpha1 +- api: + crdVersion: v1 + namespaced: true + controller: true + domain: oadp.openshift.io + group: nac + kind: NonAdminRestore + path: github.com/migtools/oadp-non-admin/api/v1alpha1 + version: v1alpha1 version: "3" diff --git a/README.md b/README.md index 6aa28eb..0b8c93d 100644 --- a/README.md +++ b/README.md @@ -232,6 +232,12 @@ kubebuilder create api \ --version v1alpha1 \ --kind NonAdminBackup \ --resource --controller +kubebuilder create api \ + --plugins go.kubebuilder.io/v4 \ + --group nac \ + --version v1alpha1 \ + --kind NonAdminRestore \ + --resource --controller make manifests ``` > **NOTE:** The information about plugin and project version, as well as project name, repo and domain, is stored in [PROJECT](PROJECT) file diff --git a/api/v1alpha1/nonadminrestore_types.go b/api/v1alpha1/nonadminrestore_types.go new file mode 100644 index 0000000..3542775 --- /dev/null +++ b/api/v1alpha1/nonadminrestore_types.go @@ -0,0 +1,64 @@ +/* +Copyright 2024. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + +// NonAdminRestoreSpec defines the desired state of NonAdminRestore +type NonAdminRestoreSpec struct { + // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + // Important: Run "make" to regenerate code after modifying this file + + // Foo is an example field of NonAdminRestore. Edit nonadminrestore_types.go to remove/update + Foo string `json:"foo,omitempty"` +} + +// NonAdminRestoreStatus defines the observed state of NonAdminRestore +type NonAdminRestoreStatus struct { + // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + // Important: Run "make" to regenerate code after modifying this file +} + +//+kubebuilder:object:root=true +//+kubebuilder:subresource:status + +// NonAdminRestore is the Schema for the nonadminrestores API +type NonAdminRestore struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec NonAdminRestoreSpec `json:"spec,omitempty"` + Status NonAdminRestoreStatus `json:"status,omitempty"` +} + +//+kubebuilder:object:root=true + +// NonAdminRestoreList contains a list of NonAdminRestore +type NonAdminRestoreList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []NonAdminRestore `json:"items"` +} + +func init() { + SchemeBuilder.Register(&NonAdminRestore{}, &NonAdminRestoreList{}) +} diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 80b7114..32349b2 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -131,3 +131,92 @@ func (in *NonAdminBackupStatus) DeepCopy() *NonAdminBackupStatus { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NonAdminRestore) DeepCopyInto(out *NonAdminRestore) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + out.Status = in.Status +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonAdminRestore. +func (in *NonAdminRestore) DeepCopy() *NonAdminRestore { + if in == nil { + return nil + } + out := new(NonAdminRestore) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NonAdminRestore) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NonAdminRestoreList) DeepCopyInto(out *NonAdminRestoreList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NonAdminRestore, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonAdminRestoreList. +func (in *NonAdminRestoreList) DeepCopy() *NonAdminRestoreList { + if in == nil { + return nil + } + out := new(NonAdminRestoreList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NonAdminRestoreList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NonAdminRestoreSpec) DeepCopyInto(out *NonAdminRestoreSpec) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonAdminRestoreSpec. +func (in *NonAdminRestoreSpec) DeepCopy() *NonAdminRestoreSpec { + if in == nil { + return nil + } + out := new(NonAdminRestoreSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NonAdminRestoreStatus) DeepCopyInto(out *NonAdminRestoreStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonAdminRestoreStatus. +func (in *NonAdminRestoreStatus) DeepCopy() *NonAdminRestoreStatus { + if in == nil { + return nil + } + out := new(NonAdminRestoreStatus) + in.DeepCopyInto(out) + return out +} diff --git a/cmd/main.go b/cmd/main.go index 218bb22..a87dbe6 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -26,6 +26,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" + // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) // to ensure that exec-entrypoint and run can make use of them. _ "k8s.io/client-go/plugin/pkg/client/auth" @@ -131,6 +132,13 @@ func main() { setupLog.Error(err, "unable to create controller", "controller", "NonAdminBackup") os.Exit(1) } + if err = (&controller.NonAdminRestoreReconciler{ + Client: mgr.GetClient(), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NonAdminRestore") + os.Exit(1) + } // +kubebuilder:scaffold:builder if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil { diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 2665502..a0ae6c7 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -3,17 +3,20 @@ # It should be run by config/default resources: - bases/nac.oadp.openshift.io_nonadminbackups.yaml +- bases/nac.oadp.openshift.io_nonadminrestores.yaml #+kubebuilder:scaffold:crdkustomizeresource patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD #- path: patches/webhook_in_nonadminbackups.yaml +#- path: patches/webhook_in_nonadminrestores.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. # patches here are for enabling the CA injection for each CRD #- path: patches/cainjection_in_nonadminbackups.yaml +#- path: patches/cainjection_in_nonadminrestores.yaml #+kubebuilder:scaffold:crdkustomizecainjectionpatch # [WEBHOOK] To enable webhook, uncomment the following section diff --git a/config/rbac/nonadminrestore_editor_role.yaml b/config/rbac/nonadminrestore_editor_role.yaml new file mode 100644 index 0000000..9390a97 --- /dev/null +++ b/config/rbac/nonadminrestore_editor_role.yaml @@ -0,0 +1,31 @@ +# permissions for end users to edit nonadminrestores. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: nonadminrestore-editor-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: oadp-nac + app.kubernetes.io/part-of: oadp-nac + app.kubernetes.io/managed-by: kustomize + name: nonadminrestore-editor-role +rules: +- apiGroups: + - nac.oadp.openshift.io + resources: + - nonadminrestores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nac.oadp.openshift.io + resources: + - nonadminrestores/status + verbs: + - get diff --git a/config/rbac/nonadminrestore_viewer_role.yaml b/config/rbac/nonadminrestore_viewer_role.yaml new file mode 100644 index 0000000..55b2b6c --- /dev/null +++ b/config/rbac/nonadminrestore_viewer_role.yaml @@ -0,0 +1,27 @@ +# permissions for end users to view nonadminrestores. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app.kubernetes.io/name: clusterrole + app.kubernetes.io/instance: nonadminrestore-viewer-role + app.kubernetes.io/component: rbac + app.kubernetes.io/created-by: oadp-nac + app.kubernetes.io/part-of: oadp-nac + app.kubernetes.io/managed-by: kustomize + name: nonadminrestore-viewer-role +rules: +- apiGroups: + - nac.oadp.openshift.io + resources: + - nonadminrestores + verbs: + - get + - list + - watch +- apiGroups: + - nac.oadp.openshift.io + resources: + - nonadminrestores/status + verbs: + - get diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml index 7b31120..f5148bf 100644 --- a/config/samples/kustomization.yaml +++ b/config/samples/kustomization.yaml @@ -1,4 +1,5 @@ ## Append samples of your project ## resources: - nac_v1alpha1_nonadminbackup.yaml +- nac_v1alpha1_nonadminrestore.yaml #+kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/samples/nac_v1alpha1_nonadminrestore.yaml b/config/samples/nac_v1alpha1_nonadminrestore.yaml new file mode 100644 index 0000000..5a103d6 --- /dev/null +++ b/config/samples/nac_v1alpha1_nonadminrestore.yaml @@ -0,0 +1,12 @@ +apiVersion: nac.oadp.openshift.io/v1alpha1 +kind: NonAdminRestore +metadata: + labels: + app.kubernetes.io/name: nonadminrestore + app.kubernetes.io/instance: nonadminrestore-sample + app.kubernetes.io/part-of: oadp-nac + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: oadp-nac + name: nonadminrestore-sample +spec: + # TODO(user): Add fields here diff --git a/internal/controller/nonadminrestore_controller.go b/internal/controller/nonadminrestore_controller.go new file mode 100644 index 0000000..979faa3 --- /dev/null +++ b/internal/controller/nonadminrestore_controller.go @@ -0,0 +1,62 @@ +/* +Copyright 2024. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" + + nacv1alpha1 "github.com/migtools/oadp-non-admin/api/v1alpha1" +) + +// NonAdminRestoreReconciler reconciles a NonAdminRestore object +type NonAdminRestoreReconciler struct { + client.Client + Scheme *runtime.Scheme +} + +//+kubebuilder:rbac:groups=nac.oadp.openshift.io,resources=nonadminrestores,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=nac.oadp.openshift.io,resources=nonadminrestores/status,verbs=get;update;patch +//+kubebuilder:rbac:groups=nac.oadp.openshift.io,resources=nonadminrestores/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NonAdminRestore object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.17.0/pkg/reconcile +func (r *NonAdminRestoreReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = log.FromContext(ctx) + + // TODO(user): your logic here + + return ctrl.Result{}, nil +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NonAdminRestoreReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&nacv1alpha1.NonAdminRestore{}). + Complete(r) +} diff --git a/internal/controller/nonadminrestore_controller_test.go b/internal/controller/nonadminrestore_controller_test.go new file mode 100644 index 0000000..7037554 --- /dev/null +++ b/internal/controller/nonadminrestore_controller_test.go @@ -0,0 +1,84 @@ +/* +Copyright 2024. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controller + +import ( + "context" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + nacv1alpha1 "github.com/migtools/oadp-non-admin/api/v1alpha1" +) + +var _ = Describe("NonAdminRestore Controller", func() { + Context("When reconciling a resource", func() { + const resourceName = "test-resource" + + ctx := context.Background() + + typeNamespacedName := types.NamespacedName{ + Name: resourceName, + Namespace: "default", // TODO(user):Modify as needed + } + nonadminrestore := &nacv1alpha1.NonAdminRestore{} + + BeforeEach(func() { + By("creating the custom resource for the Kind NonAdminRestore") + err := k8sClient.Get(ctx, typeNamespacedName, nonadminrestore) + if err != nil && errors.IsNotFound(err) { + resource := &nacv1alpha1.NonAdminRestore{ + ObjectMeta: metav1.ObjectMeta{ + Name: resourceName, + Namespace: "default", + }, + // TODO(user): Specify other spec details if needed. + } + Expect(k8sClient.Create(ctx, resource)).To(Succeed()) + } + }) + + AfterEach(func() { + // TODO(user): Cleanup logic after each test, like removing the resource instance. + resource := &nacv1alpha1.NonAdminRestore{} + err := k8sClient.Get(ctx, typeNamespacedName, resource) + Expect(err).NotTo(HaveOccurred()) + + By("Cleanup the specific resource instance NonAdminRestore") + Expect(k8sClient.Delete(ctx, resource)).To(Succeed()) + }) + It("should successfully reconcile the resource", func() { + By("Reconciling the created resource") + controllerReconciler := &NonAdminRestoreReconciler{ + Client: k8sClient, + Scheme: k8sClient.Scheme(), + } + + _, err := controllerReconciler.Reconcile(ctx, reconcile.Request{ + NamespacedName: typeNamespacedName, + }) + Expect(err).NotTo(HaveOccurred()) + // TODO(user): Add more specific assertions depending on your controller's reconciliation logic. + // Example: If you expect a certain status condition after reconciliation, verify it here. + }) + }) +}) diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go index e1510ba..ff5f04a 100644 --- a/internal/controller/suite_test.go +++ b/internal/controller/suite_test.go @@ -73,6 +73,9 @@ var _ = ginkgov2.BeforeSuite(func() { err = nacv1alpha1.AddToScheme(scheme.Scheme) gomega.Expect(err).NotTo(gomega.HaveOccurred()) + err = nacv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + // +kubebuilder:scaffold:scheme k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme})