Reconcile to NooBaa for secret creation

Signed-off-by: Anisur Rahman <[email protected]>

Author: anisurrahman75

.gitignore

@@ -16,3 +16,4 @@ build-releases/
 noobaa.cfg.yaml
 
 *.IGNORE
+.idea/

pkg/controller/noobaa/noobaa_controller.go

@@ -135,6 +135,17 @@ func Add(mgr manager.Manager) error {
 		return err
 	}
 
+	secretsHandler := handler.EnqueueRequestsFromMapFunc(func(ctx context.Context, obj client.Object) []reconcile.Request {
+		return system.MapSecretToNooBaa(types.NamespacedName{
+			Name:      obj.GetName(),
+			Namespace: obj.GetNamespace(),
+		})
+	})
+	err = c.Watch(source.Kind[client.Object](mgr.GetCache(), &corev1.Secret{}, secretsHandler, logEventsPredicate))
+	if err != nil {
+		return err
+	}
+
 	// handler for global RPC message and ,simply trigger a reconcile on every message
 	nb.GlobalRPC.Handler = func(req *nb.RPCMessage) (interface{}, error) {
 		logrus.Infof("RPC Handle: {Op: %s, API: %s, Method: %s, Error: %s, Params: %+v}", req.Op, req.API, req.Method, req.Error, req.Params)

pkg/system/system.go

@@ -1294,6 +1294,36 @@ func LoadConfigMapFromFlags() {
 	}
 }
 
+// MapSecretToBackingStores returns a list of backingstores that uses the secret in their secretReference
+// used by backingstore_controller to watch secrets changes
+func MapSecretToNooBaa(secret types.NamespacedName) []reconcile.Request {
+	log := util.Logger()
+	log.Infof("checking which nooBaas to reconcile. mapping secret %v to nooBaas external postgres secret", secret)
+	nbList := &nbv1.NooBaaList{
+		TypeMeta: metav1.TypeMeta{Kind: "NooBaaList"},
+	}
+	if !util.KubeList(nbList, &client.ListOptions{Namespace: secret.Namespace}) {
+		log.Infof("Could not found NooBaa in namespace %q, while trying to find NooBaa that uses %s secret", secret.Namespace, secret.Name)
+		return nil
+	}
+
+	reqs := []reconcile.Request{}
+
+	for _, nb := range nbList.Items {
+		nbSecret := util.GetNooBaaExternalPgSecret(&nb)
+		if nbSecret != nil && nbSecret.Name == secret.Name {
+			reqs = append(reqs, reconcile.Request{
+				NamespacedName: types.NamespacedName{
+					Name:      nb.Name,
+					Namespace: nb.Namespace,
+				},
+			})
+		}
+	}
+
+	return reqs
+}
+
 // SetAllowNoobaaDeletion sets AllowNoobaaDeletion Noobaa CR field to true so the webhook won't block the deletion
 func SetAllowNoobaaDeletion(noobaa *nbv1.NooBaa) error {
 	// Explicitly allow deletion of NooBaa CR

pkg/util/util.go

@@ -1862,6 +1862,21 @@ func NooBaaCondition(noobaa *nbv1.NooBaa, t conditionsv1.ConditionType, s corev1
 	return found
 }
 
+// GetNooBaaExternalPgSecret returns the secret and adding the namespace if it is missing
+func GetNooBaaExternalPgSecret(nb *nbv1.NooBaa) *corev1.SecretReference {
+	var secretRef *corev1.SecretReference
+	if nb.Spec.ExternalPgSecret != nil {
+		secretRef = &corev1.SecretReference{
+			Name:      nb.Spec.ExternalPgSecret.Name,
+			Namespace: nb.Spec.ExternalPgSecret.Namespace,
+		}
+		if secretRef.Namespace == "" {
+			secretRef.Namespace = nb.Namespace
+		}
+	}
+	return secretRef
+}
+
 // GetAvailabeKubeCli will check which k8s cli command is availabe in the system: oc or kubectl
 // returns one of: "oc" or "kubectl"
 func GetAvailabeKubeCli() string {