fix-sbj-upgrade-issue

securesign · Jul 11, 2024 · 1e257e7 · 1e257e7
1 parent a9940b4
commit 1e257e7
Show file tree

Hide file tree

Showing 2 changed files with 62 additions and 6 deletions.
diff --git a/internal/controller/common/utils/kubernetes/job.go b/internal/controller/common/utils/kubernetes/job.go
@@ -1,17 +1,26 @@
 package kubernetes
 
 import (
+	"context"
+	"fmt"
+
 	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+const (
+	jobNameTemplate = "%s-"
 )
 
 func CreateJob(namespace string, name string, labels map[string]string, image string, serviceAccountName string, parallelism int32, completions int32, activeDeadlineSeconds int64, backoffLimit int32, command []string, env []corev1.EnvVar) *batchv1.Job {
 	return &batchv1.Job{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      name,
-			Namespace: namespace,
-			Labels:    labels,
+			GenerateName: fmt.Sprintf(jobNameTemplate, name),
+			Namespace:    namespace,
+			Labels:       labels,
 		},
 		Spec: batchv1.JobSpec{
 			Parallelism:           &parallelism,
@@ -35,3 +44,15 @@ func CreateJob(namespace string, name string, labels map[string]string, image st
 		},
 	}
 }
+
+func GetJob(ctx context.Context, c client.Client, namespace, jobName string) (*batchv1.Job, error) {
+	job := &batchv1.Job{}
+	err := c.Get(ctx, client.ObjectKey{Namespace: namespace, Name: jobName}, job)
+	if err == nil {
+		return job, nil
+	} else if errors.IsNotFound(err) {
+		return nil, nil
+	} else {
+		return nil, err
+	}
+}
diff --git a/internal/controller/securesign/actions/segment_backup_job.go b/internal/controller/securesign/actions/segment_backup_job.go
@@ -12,11 +12,15 @@ import (
 	"github.com/securesign/operator/internal/controller/common/utils/kubernetes"
 	"github.com/securesign/operator/internal/controller/constants"
 	corev1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
 
 	rhtasv1alpha1 "github.com/securesign/operator/api/v1alpha1"
 
 	"github.com/operator-framework/operator-lib/proxy"
+	ctrllog "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 func NewSegmentBackupJobAction() action.Action[*rhtasv1alpha1.Securesign] {
@@ -30,7 +34,12 @@ type segmentBackupJob struct {
 func (i segmentBackupJob) Name() string {
 	return "segment-backup-installation"
 }
+
 func (i segmentBackupJob) CanHandle(_ context.Context, instance *rhtasv1alpha1.Securesign) bool {
+	if c := meta.FindStatusCondition(instance.Status.Conditions, SegmentBackupJobName); c != nil {
+		return c.Reason != constants.Ready
+	}
+
 	val, found := instance.Annotations[annotations.Metrics]
 	if !found {
 		return true
@@ -42,13 +51,20 @@ func (i segmentBackupJob) CanHandle(_ context.Context, instance *rhtasv1alpha1.S
 }
 
 func (i segmentBackupJob) Handle(ctx context.Context, instance *rhtasv1alpha1.Securesign) *action.Result {
-
 	var (
 		err error
 	)
 
-	labels := constants.LabelsFor(SegmentBackupJobName, SegmentBackupJobName, instance.Name)
+	if c := meta.FindStatusCondition(instance.Status.Conditions, SegmentBackupJobName); c == nil {
+		instance.SetCondition(v1.Condition{
+			Type:    SegmentBackupJobName,
+			Status:  v1.ConditionFalse,
+			Reason:  constants.Creating,
+			Message: "Creating Segment Backup Job",
+		})
+	}
 
+	labels := constants.LabelsFor(SegmentBackupJobName, SegmentBackupJobName, instance.Name)
 	parallelism := int32(1)
 	completions := int32(1)
 	activeDeadlineSeconds := int64(600)
@@ -68,13 +84,32 @@ func (i segmentBackupJob) Handle(ctx context.Context, instance *rhtasv1alpha1.Se
 	// Adding proxy variables to operand
 	env = append(env, proxy.ReadProxyVarsFromEnv()...)
 
+	// Logic to delete old SBJ to avoid SECURESIGN-1207, can be removed after next release
+	log := ctrllog.FromContext(ctx)
+	if sbj, err := kubernetes.GetJob(ctx, i.Client, instance.Namespace, SegmentBackupJobName); sbj != nil {
+		if err := i.Client.Delete(ctx, sbj); err != nil {
+			log.Error(err, "problem with removing SBJ resources in %s", instance.Namespace)
+		}
+	} else if err != nil {
+		log.Error(err, "unable to retrieve SBJ resource in %s", instance.Namespace)
+	}
+
 	job := kubernetes.CreateJob(instance.Namespace, SegmentBackupJobName, labels, constants.SegmentBackupImage, SegmentRBACName, parallelism, completions, activeDeadlineSeconds, backoffLimit, command, env)
 	if err = ctrl.SetControllerReference(instance, job, i.Client.Scheme()); err != nil {
-		return i.Failed(fmt.Errorf("could not set controll reference for Job: %w", err))
+		return i.Failed(fmt.Errorf("could not set controller reference for Job: %w", err))
 	}
+
 	_, err = i.Ensure(ctx, job)
 	if err != nil {
 		return i.Failed(fmt.Errorf("failed to Ensure the job: %w", err))
 	}
+
+	meta.SetStatusCondition(&instance.Status.Conditions, metav1.Condition{
+		Type:    SegmentBackupJobName,
+		Status:  metav1.ConditionTrue,
+		Reason:  constants.Ready,
+		Message: "Segment Backup Job Created",
+	})
+
 	return i.Continue()
 }