Merge pull request #23 from kloeckner-i/METAL-1847_compatible_admin_s…

…ecret_key

METAL-1847 support compatible key with stable helm for admin secret

docs/creatinginstances.md

@@ -19,11 +19,13 @@ Using existing database server
 #### Prerequisite
 * running database server accessible by ip or hostname
 
-Create secret containing admin username and password of an instance.
+Create a new secret containing admin username and password of an instance.
 ```
 kubectl create secret generic example-generic-admin-secret --from-literal=user=<admin user name> --from-literal=password='<admin user password>'
 ```
 
+Or use existing secret created by stable mysql/postgres helm chart.
+
 Create **DbInstance** custom resource.
 ```YAML
 apiVersion: kci.rocks/v1alpha1

go.mod

@@ -19,6 +19,7 @@ require (
 	github.com/stretchr/testify v1.4.0
 	golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45
 	google.golang.org/api v0.9.0
+	google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55
 	gopkg.in/yaml.v2 v2.2.4
 	k8s.io/api v0.0.0
 	k8s.io/apimachinery v0.0.0

helm/db-instances/.gitignore

@@ -0,0 +1 @@
+*-local.yaml

helm/db-instances/Chart.yaml

@@ -2,4 +2,4 @@ apiVersion: v1
 appVersion: "1.0"
 description: Database Instances for db operator
 name: db-instances
-version: 0.3.0
+version: 0.3.1

helm/db-instances/templates/dbinstance.yaml

@@ -1,7 +1,6 @@
 {{- $release := .Release }}
 {{- $heritage := .Release.Service }}
 {{- $chart := .Chart.Name }}
-{{- $test := .Values.test }}
 {{- $operatorNs := include "db-instances.name" . -}}
 {{- if .Values.dbinstances }}
 {{- range $name, $value := .Values.dbinstances }}
@@ -20,9 +19,15 @@ metadata:
     heritage: {{ $heritage }}
 spec:
   engine: {{ $value.engine }}
+  {{- if $value.existingAdminSecret }}
+  adminSecretRef: 
+    Namespace: {{ $value.existingAdminSecret.namespace }}
+    Name: {{ $value.existingAdminSecret.name }}
+  {{- else }}
   adminSecretRef: 
     Namespace: {{ $operatorNs }}
-    Name: {{ $value.adminUserSecretName }}
+    Name: {{ $name }}-admin-secret
+  {{- end }}
   {{- if $value.backup }}
   backup:
 {{ toYaml $value.backup | indent 4 }}
@@ -47,11 +52,12 @@ spec:
     backupHost: {{ $value.generic.backupHost }}
   {{- end }}
   {{- end }}
+{{- if not $value.existingAdminSecret }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
-  name: {{ $value.adminUserSecretName }}
+  name: {{ $name }}-admin-secret
   namespace: {{ $operatorNs }}
   labels:
     chart: {{ $chart }}
@@ -61,6 +67,7 @@ type: Opaque
 data:
   user: {{ $value.secrets.adminUser | b64enc }}
   password: {{ $value.secrets.adminPassword | b64enc }}
+{{- end }}
 ---
 {{- if $value.google }}
 apiVersion: v1

helm/index.yaml

@@ -3,7 +3,16 @@ entries:
   db-instances:
   - apiVersion: v1
     appVersion: "1.0"
-    created: "2020-04-21T08:58:29.160433+02:00"
+    created: "2020-05-04T13:32:38.190474+02:00"
+    description: Database Instances for db operator
+    digest: 3593c0f28606ed4ee028d779ce70b23e257f85d8c96f93449ed4deb25bcea208
+    name: db-instances
+    urls:
+    - https://kloeckner-i.github.io/db-operator/helm/db-instances-0.3.1.tgz
+    version: 0.3.1
+  - apiVersion: v1
+    appVersion: "1.0"
+    created: "2020-05-04T13:32:38.189679+02:00"
     description: Database Instances for db operator
     digest: 6abeb95a030681041d41bb416624846819a7fb284a1f9b8cd8ef00d4517343e4
     name: db-instances
@@ -12,7 +21,7 @@ entries:
     version: 0.3.0
   - apiVersion: v1
     appVersion: "1.0"
-    created: "2020-04-21T08:58:29.16018+02:00"
+    created: "2020-05-04T13:32:38.189208+02:00"
     description: Database Instances for db operator
     digest: ba545b09123c5cf0276da24cf16fcaeae1d51a92e253731768b35478fb0294f4
     name: db-instances
@@ -21,7 +30,7 @@ entries:
     version: 0.2.0
   - apiVersion: v1
     appVersion: "1.0"
-    created: "2020-04-21T08:58:29.159687+02:00"
+    created: "2020-05-04T13:32:38.188659+02:00"
     description: Database Instances for db operator
     digest: 0a9f5c620c9ee8d8e33ea96f797be989efab296fbeeca24e26c84fdb2136d704
     name: db-instances
@@ -31,7 +40,7 @@ entries:
   db-operator:
   - apiVersion: v1
     appVersion: "1.0"
-    created: "2020-04-21T08:58:29.164421+02:00"
+    created: "2020-05-04T13:32:38.193207+02:00"
     description: A Database Operator
     digest: a00294defa1914f326b363c1cb0d36b22297fefd71e72a83510c70a1a8020d31
     name: db-operator
@@ -40,7 +49,7 @@ entries:
     version: 0.2.0
   - apiVersion: v1
     appVersion: "1.0"
-    created: "2020-04-21T08:58:29.163131+02:00"
+    created: "2020-05-04T13:32:38.192471+02:00"
     description: A Database Operator
     digest: d2d2a7f6b7913585283d72cea95770067e6c9625479e349c2e18b7dc3fbd3a52
     name: db-operator
@@ -49,11 +58,11 @@ entries:
     version: 0.1.1
   - apiVersion: v1
     appVersion: "1.0"
-    created: "2020-04-21T08:58:29.162304+02:00"
+    created: "2020-05-04T13:32:38.191438+02:00"
     description: A Database Operator
     digest: 6f41f18fe10b74edaec021defdcca99e2c65b5ed60b3c53b3d7ee7b124ccfeb0
     name: db-operator
     urls:
     - https://kloeckner-i.github.io/db-operator/helm/db-operator-0.1.0.tgz
     version: 0.1.0
-generated: "2020-04-21T08:58:29.158975+02:00"
+generated: "2020-05-04T13:32:38.187967+02:00"

pkg/controller/database/databaseHelper.go

@@ -132,24 +132,6 @@ func parseDatabaseSecretData(dbcr *kciv1alpha1.Database, data map[string][]byte)
 	}
 }
 
-func parseDatabaseAdminSecretData(dbcr *kciv1alpha1.Database, data map[string][]byte) (database.AdminCredentials, error) {
-	cred := database.AdminCredentials{}
-
-	_, ok := data["user"]
-	if !ok {
-		return cred, errors.New("can not find user in admin secret data")
-	}
-	_, ok = data["password"]
-	if !ok {
-		return cred, errors.New("can not find password in admin secret data")
-	}
-
-	cred.Username = string(data["user"])
-	cred.Password = string(data["password"])
-
-	return cred, nil
-}
-
 func generateDatabaseSecretData(dbcr *kciv1alpha1.Database) (map[string][]byte, error) {
 	engine, err := dbcr.GetEngineType()
 	if err != nil {

pkg/controller/database/databaseHelper_test.go

@@ -68,24 +68,6 @@ func TestParseMysqlSecretData(t *testing.T) {
 	assert.Equal(t, string(validData["PASSWORD"]), cred.Password, "expect same values")
 }
 
-func TestParseAdminSecretData(t *testing.T) {
-	postgresDbCr := newPostgresTestDbCr(newPostgresTestDbInstanceCr())
-	invalidData := make(map[string][]byte)
-	invalidData["unknownkey"] = []byte("wrong")
-
-	_, err := parseDatabaseAdminSecretData(postgresDbCr, invalidData)
-	assert.Errorf(t, err, "should get error %v", err)
-
-	validData := make(map[string][]byte)
-	validData["user"] = []byte("admin")
-	validData["password"] = []byte("admin")
-
-	cred, err := parseDatabaseAdminSecretData(postgresDbCr, validData)
-	assert.NoErrorf(t, err, "expected no error %v", err)
-	assert.Equal(t, string(validData["user"]), cred.Username, "expect same values")
-	assert.Equal(t, string(validData["password"]), cred.Password, "expect same values")
-}
-
 func TestMonitoringNotEnabled(t *testing.T) {
 	instance := newPostgresTestDbInstanceCr()
 	instance.Spec.Monitoring.Enabled = false

pkg/controller/database/reconcileDatabase.go

@@ -102,7 +102,7 @@ func (r *ReconcileDatabase) createDatabase(dbcr *kciv1alpha1.Database) error {
 	}
 
 	// found admin secret. parse it to connect database
-	adminCred, err := parseDatabaseAdminSecretData(dbcr, adminSecretResource.Data)
+	adminCred, err := db.ParseAdminCredentials(adminSecretResource.Data)
 	if err != nil {
 		// failed to parse database admin secret
 		return err
@@ -182,7 +182,7 @@ func (r *ReconcileDatabase) deleteDatabase(dbcr *kciv1alpha1.Database) error {
 		return err
 	}
 	// found admin secret. parse it to connect database
-	adminCred, err := parseDatabaseAdminSecretData(dbcr, adminSecretResource.Data)
+	adminCred, err := db.ParseAdminCredentials(adminSecretResource.Data)
 	if err != nil {
 		// failed to parse database admin secret
 		return err

pkg/controller/dbinstance/reconcileDbInstance.go

@@ -4,6 +4,7 @@ import (
 	"errors"
 
 	kciv1alpha1 "github.com/kloeckner-i/db-operator/pkg/apis/kci/v1alpha1"
+	database "github.com/kloeckner-i/db-operator/pkg/utils/database"
 	"github.com/kloeckner-i/db-operator/pkg/utils/dbinstance"
 	"github.com/kloeckner-i/db-operator/pkg/utils/kci"
 	"github.com/sirupsen/logrus"
@@ -16,18 +17,18 @@ func (r *ReconcileDbInstance) create(dbin *kciv1alpha1.DbInstance) error {
 		return err
 	}
 
-	cred := &dbinstance.AdminCredentials{
-		Username: string(secret.Data["user"]),
-		Password: string(secret.Data["password"]),
+	db := database.New(dbin.Spec.Engine)
+	cred, err := db.ParseAdminCredentials(secret.Data)
+	if err != nil {
+		return err
 	}
 
-	var instance dbinstance.DbInstance
-
 	backend, err := dbin.GetBackendType()
 	if err != nil {
 		return err
 	}
 
+	var instance dbinstance.DbInstance
 	switch backend {
 	case "google":
 		configmap, err := kci.GetConfigResource(dbin.Spec.Google.ConfigmapName)

pkg/utils/database/handler.go

@@ -0,0 +1,42 @@
+package database
+
+// Create executes queries to create database and user
+func Create(db Database, admin AdminCredentials) error {
+	err := db.createDatabase(admin)
+	if err != nil {
+		return err
+	}
+
+	err = db.createUser(admin)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// Delete executes queries to delete database and user
+func Delete(db Database, admin AdminCredentials) error {
+	err := db.deleteDatabase(admin)
+	if err != nil {
+		return err
+	}
+
+	err = db.deleteUser(admin)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// New returns database interface according to engine type
+func New(engine string) Database {
+	switch engine {
+	case "postgres":
+		return &Postgres{}
+	case "mysql":
+		return &Mysql{}
+	}
+
+	return nil
+}

pkg/utils/database/create_test.go → pkg/utils/database/handler_test.go

@@ -43,3 +43,21 @@ func TestCreateMysql(t *testing.T) {
 	err = Create(m, admin)
 	assert.NoErrorf(t, err, "Unexpected error %v", err)
 }
+
+func TestDeletePostgres(t *testing.T) {
+	p := testPostgres()
+	admin := getPostgresAdmin()
+
+	p.Database = "testdb"
+	err := Delete(p, admin)
+	assert.NoErrorf(t, err, "Unexpected error %v", err)
+}
+
+func TestDeleteMysql(t *testing.T) {
+	m := testMysql()
+	admin := getMysqlAdmin()
+
+	m.Database = "testdb"
+	err := Delete(m, admin)
+	assert.NoErrorf(t, err, "Unexpected error %v", err)
+}