From f7fac4497a78b36fa611c7cfe31a4c48ca910709 Mon Sep 17 00:00:00 2001 From: Bohdan Siryk Date: Mon, 23 Oct 2023 14:57:11 +0300 Subject: [PATCH] issue-599, deleting of the default secret of zookeeper and kafka connect resources was implemented --- controllers/clusters/helpers.go | 37 +++++++++++++++++++ .../clusters/kafkaconnect_controller.go | 9 +++++ controllers/clusters/zookeeper_controller.go | 9 +++++ 3 files changed, 55 insertions(+) diff --git a/controllers/clusters/helpers.go b/controllers/clusters/helpers.go index f3fabbf9d..01353baff 100644 --- a/controllers/clusters/helpers.go +++ b/controllers/clusters/helpers.go @@ -17,13 +17,18 @@ limitations under the License. package clusters import ( + "context" "encoding/json" "fmt" "sort" "github.com/hashicorp/go-version" + v1 "k8s.io/api/core/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" "k8s.io/utils/strings/slices" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/log" "github.com/instaclustr/operator/apis/clusters/v1beta1" "github.com/instaclustr/operator/pkg/models" @@ -179,3 +184,35 @@ var msgExternalChanges = "The k8s specification is different from Instaclustr Co "so that it would corresponds to the data from Instaclustr." var msgSpecStillNoMatch = "k8s resource specification still doesn't match with data on the Instaclustr Console. Double check the difference." + +// deleteDefaultUserSecret deletes the secret with default user credentials. +// It ignores NotFound error. +func deleteDefaultUserSecret( + ctx context.Context, + client client.Client, + clusterNamespacedName types.NamespacedName, +) error { + l := log.FromContext(ctx) + + l.Info("Deleting default user secret...", + "resource namespaced name", clusterNamespacedName, + ) + + secret := &v1.Secret{} + err := client.Get(ctx, types.NamespacedName{ + Name: fmt.Sprintf(models.DefaultUserSecretNameTemplate, models.DefaultUserSecretPrefix, clusterNamespacedName.Name), + Namespace: clusterNamespacedName.Namespace, + }, secret) + if err != nil { + if k8serrors.IsNotFound(err) { + l.Info("The secret for the given resource is not found, skipping...", + "resource namespaced name", clusterNamespacedName, + ) + return nil + } + + return err + } + + return client.Delete(ctx, secret) +} diff --git a/controllers/clusters/kafkaconnect_controller.go b/controllers/clusters/kafkaconnect_controller.go index b2dffc139..f6148994e 100644 --- a/controllers/clusters/kafkaconnect_controller.go +++ b/controllers/clusters/kafkaconnect_controller.go @@ -392,6 +392,15 @@ func (r *KafkaConnectReconciler) handleDeleteCluster(ctx context.Context, kc *v1 } } + err = deleteDefaultUserSecret(ctx, r.Client, client.ObjectKeyFromObject(kc)) + if err != nil { + l.Error(err, "Cannot delete default user secret") + r.EventRecorder.Eventf(kc, models.Warning, models.DeletionFailed, + "Deletion of the secret with default user credentials is failed. Reason: %w", err) + + return reconcile.Result{}, err + } + r.Scheduler.RemoveJob(kc.GetJobID(scheduler.StatusChecker)) controllerutil.RemoveFinalizer(kc, models.DeletionFinalizer) kc.Annotations[models.ResourceStateAnnotation] = models.DeletedEvent diff --git a/controllers/clusters/zookeeper_controller.go b/controllers/clusters/zookeeper_controller.go index a33f57857..e5b1f1df9 100644 --- a/controllers/clusters/zookeeper_controller.go +++ b/controllers/clusters/zookeeper_controller.go @@ -384,6 +384,15 @@ func (r *ZookeeperReconciler) handleDeleteCluster( } } + err = deleteDefaultUserSecret(ctx, r.Client, client.ObjectKeyFromObject(zook)) + if err != nil { + l.Error(err, "Cannot delete default user secret") + r.EventRecorder.Eventf(zook, models.Warning, models.DeletionFailed, + "Deletion of the secret with default user credentials is failed. Reason: %w", err) + + return reconcile.Result{}, err + } + r.Scheduler.RemoveJob(zook.GetJobID(scheduler.StatusChecker)) controllerutil.RemoveFinalizer(zook, models.DeletionFinalizer) zook.Annotations[models.ResourceStateAnnotation] = models.DeletedEvent