feat: ✨ new postgres-direct driver

the new driver use sql template for each operation Signed-off-by: Bourdelas Pablo <[email protected]>
criscola · Feb 8, 2022 · d2eeb9c · d2eeb9c
1 parent e32daea
commit d2eeb9c
Show file tree

Hide file tree

Showing 29 changed files with 573 additions and 595 deletions.
diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
@@ -22,7 +22,7 @@ jobs:
         id: meta
         uses: docker/metadata-action@v3
         with:
-          images: bedag/kubernetes-dbaas
+          images: basolur/kubernetes-dbaas
           flavor: latest=false
           tags: |
             latest
@@ -48,7 +48,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
         with:
-          image-ref: 'docker.io/bedag/kubernetes-dbaas:latest'
+          image-ref: 'docker.io/basolur/kubernetes-dbaas:latest'
           format: 'template'
           template: '@/contrib/sarif.tpl'
           output: 'trivy-results.sarif'

diff --git a/.gitignore b/.gitignore
@@ -39,4 +39,6 @@ myvalues.yaml
 *sensible*
 
 # Binary
-kubernetes-dbaas
+kubernetes-dbaas
+.env
+.secrets
diff --git a/apis/config/v1/zz_generated.deepcopy.go b/apis/config/v1/zz_generated.deepcopy.go
diff --git a/apis/database/v1/database_webhook.go b/apis/database/v1/database_webhook.go
@@ -17,11 +17,12 @@ limitations under the License.
 package v1
 
 import (
+	"reflect"
+
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/validation/field"
-	"reflect"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
@@ -64,6 +65,9 @@ func (r *Database) ValidateUpdate(old runtime.Object) error {
 
 	rOld := old.(*Database)
 
+	databaselog.Info("validate update", "oldSpec", rOld.Spec)
+	databaselog.Info("validate update", "newSpec", r.Spec)
+
 	if !reflect.DeepEqual(r.Spec, rOld.Spec) {
 		allErrs = append(allErrs, field.Invalid(field.NewPath("spec"), r.Spec, "update operations not allowed, please explicitly "+
 			"delete the resource in order to recreate it."))

diff --git a/apis/database/v1/zz_generated.deepcopy.go b/apis/database/v1/zz_generated.deepcopy.go
diff --git a/apis/databaseclass/v1/zz_generated.deepcopy.go b/apis/databaseclass/v1/zz_generated.deepcopy.go
diff --git a/charts/kubernetes-dbaas/.helmignore b/charts/kubernetes-dbaas/.helmignore
@@ -20,4 +20,4 @@
 .project
 .idea/
 *.tmproj
-.vscode/
+.vscode/
diff --git a/charts/kubernetes-dbaas/crds/databaseclass.dbaas.bedag.ch_databaseclasses.yaml b/charts/kubernetes-dbaas/crds/databaseclass.dbaas.bedag.ch_databaseclasses.yaml
@@ -4,7 +4,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.4.1
+    controller-gen.kubebuilder.io/version: v0.6.1
   creationTimestamp: null
   name: databaseclasses.databaseclass.dbaas.bedag.ch
 spec:
@@ -14,56 +14,60 @@ spec:
     listKind: DatabaseClassList
     plural: databaseclasses
     shortNames:
-      - dbc
+    - dbc
     singular: databaseclass
   scope: Cluster
   versions:
-    - name: v1
-      schema:
-        openAPIV3Schema:
-          description: DatabaseClass is the Schema for the databaseclasses API
-          properties:
-            apiVersion:
-              description: 'APIVersion defines the versioned schema of this representation
+  - name: v1
+    schema:
+      openAPIV3Schema:
+        description: DatabaseClass is the Schema for the databaseclasses API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
               of an object. Servers should convert recognized schemas to the latest
               internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-              type: string
-            kind:
-              description: 'Kind is a string value representing the REST resource this
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
               object represents. Servers may infer this from the endpoint the client
               submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-              type: string
-            metadata:
-              type: object
-            spec:
-              description: DatabaseClassSpec defines the desired state of DatabaseClass
-              properties:
-                driver:
-                  type: string
-                operations:
-                  additionalProperties:
-                    description: Operation represents an operation performed on a DBMS
-                      identified by name and containing a map of inputs and a map of
-                      outputs.
-                    properties:
-                      inputs:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      name:
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: DatabaseClassSpec defines the desired state of DatabaseClass
+            properties:
+              driver:
+                type: string
+              operations:
+                additionalProperties:
+                  description: Operation represents an operation performed on a DBMS
+                    identified by name and containing a map of inputs and a map of
+                    outputs.
+                  properties:
+                    dsn:
+                      type: string
+                    inputs:
+                      additionalProperties:
                         type: string
-                    type: object
-                  type: object
-                secretFormat:
-                  additionalProperties:
-                    type: string
+                      type: object
+                    name:
+                      type: string
+                    sqlTemplate:
+                      type: string
                   type: object
-              type: object
-          type: object
-      served: true
-      storage: true
-      subresources:
-        status: {}
+                type: object
+              secretFormat:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
 status:
   acceptedNames:
     kind: ""

diff --git a/charts/kubernetes-dbaas/templates/databaseclass-psql-direct.yaml b/charts/kubernetes-dbaas/templates/databaseclass-psql-direct.yaml
@@ -0,0 +1,24 @@
+apiVersion: databaseclass.dbaas.bedag.ch/v1
+kind: DatabaseClass
+metadata:
+  name: databaseclass-sample-psql
+spec:
+  driver: "postgres-direct"
+  operations:
+    create:
+      sqlTemplate: |- 
+        {{- .Files.Get "files/create.sql" | nindent 8}}
+      inputs:
+        {{- .Files.Get "files/inputs.yaml" | nindent 8}}
+    delete:
+      sqlTemplate: |-
+        {{- .Files.Get "files/delete.sql" | nindent 8}}
+      inputs:
+        {{- .Files.Get "files/inputs.yaml" | nindent 8}}
+    rotate:
+      sqlTemplate: |-
+        {{- .Files.Get "files/rotate.sql" | nindent 8}}
+      inputs:
+        {{- .Files.Get "files/inputs.yaml" | nindent 8}}
+  secretFormat:
+    {{- .Files.Get "files/secretFormat.yaml" | nindent 4}}
diff --git a/charts/kubernetes-dbaas/templates/databaseclass-sample-psql.yaml b/charts/kubernetes-dbaas/templates/databaseclass-sample-psql.yaml
diff --git a/charts/kubernetes-dbaas/values.yaml b/charts/kubernetes-dbaas/values.yaml
@@ -2,7 +2,7 @@ replicaCount: 1
 
 image:
   # -- Repository of the operator manager image.
-  repository: widmaster/kubernetes-dbaas
+  repository: basolur/kubernetes-dbaas
   pullPolicy: Always
   # -- Overrides the image tag whose default is the chart appVersion.
   tag: "debug"

diff --git a/config/crd/bases/databaseclass.dbaas.bedag.ch_databaseclasses.yaml b/config/crd/bases/databaseclass.dbaas.bedag.ch_databaseclasses.yaml
@@ -46,12 +46,20 @@ spec:
                     identified by name and containing a map of inputs and a map of
                     outputs.
                   properties:
+                    dsn:
+                      type: string
                     inputs:
                       additionalProperties:
                         type: string
                       type: object
                     name:
                       type: string
+                    secrets:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    sqlTemplate:
+                      type: string
                   type: object
                 type: object
               secretFormat:

diff --git a/controllers/database/database_controller.go b/controllers/database/database_controller.go
@@ -28,7 +28,6 @@ import (
 	"github.com/bedag/kubernetes-dbaas/pkg/pool"
 	. "github.com/bedag/kubernetes-dbaas/pkg/typeutil"
 	"github.com/go-logr/logr"
-	"github.com/xo/dburl"
 	corev1 "k8s.io/api/core/v1"
 	k8sError "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
@@ -259,6 +258,7 @@ func (r *DatabaseReconciler) createDb(obj *databasev1.Database) ReconcileError {
 	if err.IsNotEmpty() {
 		return err.With(loggingKv)
 	}
+
 	createOp, simpleErr := createOpTemplate.RenderOperation(opValues)
 	if simpleErr != nil {
 		return ReconcileError{
@@ -270,13 +270,17 @@ func (r *DatabaseReconciler) createDb(obj *databasev1.Database) ReconcileError {
 	}
 	loggingKv = append(loggingKv, EndpointName, obj.Spec.Endpoint)
 
+	r.logInfoEvent(obj, fmt.Sprintf("createOp : %+v", createOp), "debug")
+
 	// Execute operation on DBMS
 	// Check preconditions
 	var conn database.Driver
 	if conn, err = r.getDbmsConnectionByEndpointName(obj.Spec.Endpoint); err.IsNotEmpty() {
 		return err.With(loggingKv)
 	}
-	createOp.DSN, _ = dburl.Parse(r.DbmsList.GetDatabaseDSNByEndpointName(obj.Spec.Endpoint))
+
+	createOp.DSN = r.DbmsList.GetDatabaseDSNByEndpointName(obj.Spec.Endpoint)
+
 	output := conn.CreateDb(createOp)
 	if output.Err != nil {
 		return ReconcileError{
@@ -300,6 +304,20 @@ func (r *DatabaseReconciler) createDb(obj *databasev1.Database) ReconcileError {
 	return ReconcileError{}
 }
 
+func injectSecretInOp(r *DatabaseReconciler, databaseObj *databasev1.Database, operation *database.Operation) error {
+	var secret corev1.Secret
+	secretObjKey := client.ObjectKey{Namespace: databaseObj.Namespace, Name: FormatSecretName(databaseObj)}
+	if err := r.Client.Get(context.Background(), secretObjKey, &secret); err != nil {
+		return err
+	}
+
+	for k, v := range secret.Data {
+		operation.Secrets[k] = string(v)
+	}
+
+	return nil
+}
+
 // deleteDb deletes the database instance on the external provisioner.
 func (r *DatabaseReconciler) deleteDb(obj *databasev1.Database) ReconcileError {
 	r.logInfoEvent(obj, RsnDbDeleteInProg, MsgDbDeleteInProg)
@@ -350,6 +368,16 @@ func (r *DatabaseReconciler) deleteDb(obj *databasev1.Database) ReconcileError {
 			AdditionalInfo: loggingKv,
 		}
 	}
+
+	if err = injectSecretInOp(r, obj, &deleteOp); err != nil {
+		return ReconcileError{
+			Reason:         RsnSecretGetFail,
+			Message:        MsgSecretGetFail,
+			Err:            err,
+			AdditionalInfo: loggingKv,
+		}
+	}
+
 	output := conn.DeleteDb(deleteOp)
 	if output.Err != nil {
 		return ReconcileError{
@@ -410,6 +438,9 @@ func (r *DatabaseReconciler) rotate(obj *databasev1.Database) ReconcileError {
 			AdditionalInfo: loggingKv,
 		}
 	}
+
+	rotateOp.DSN = r.DbmsList.GetDatabaseDSNByEndpointName(obj.Spec.Endpoint)
+
 	output := conn.Rotate(rotateOp)
 	if output.Err != nil {
 		return ReconcileError{
@@ -694,10 +725,12 @@ func (r *DatabaseReconciler) shouldRotate(obj *databasev1.Database) (bool, Recon
 				Err:     err.Err,
 			}
 		}
+		logger.V(TraceLevel).Info("No secret found, credentials should be rotated")
 		return true, ReconcileError{}
 	}
 	// secret is present, check if rotate annotation is present, if yes, rotate, else, just keep going
 	if isRotateAnnotationTrue(obj) {
+		logger.V(TraceLevel).Info("Rotate annotation is present, credentials should be rotated")
 		return true, ReconcileError{}
 	}
 	return false, ReconcileError{}
@@ -712,7 +745,16 @@ func (r *DatabaseReconciler) isSecretPresent(obj *databasev1.Database) (bool, Re
 
 	var secret corev1.Secret
 	secretObjKey := client.ObjectKey{Namespace: obj.Namespace, Name: FormatSecretName(obj)}
+
+	logger.V(TraceLevel).Info(
+		fmt.Sprintf("Secret Debug : %+v || secretName : %+v", secretObjKey, secretName),
+	)
+
 	if err := r.Client.Get(context.Background(), secretObjKey, &secret); err != nil {
+		logger.V(TraceLevel).Info(
+			fmt.Sprintf("Secret in  %+v", secret),
+		)
+
 		if k8sError.IsNotFound(err) {
 			// Secret for given object is not present
 			return false, ReconcileError{}
@@ -725,6 +767,10 @@ func (r *DatabaseReconciler) isSecretPresent(obj *databasev1.Database) (bool, Re
 			AdditionalInfo: loggingKv,
 		}
 	}
+
+	logger.V(TraceLevel).Info(
+		fmt.Sprintf("Secret out  %+v", secret),
+	)
 	return true, ReconcileError{}
 }