From e609611c4d1882f7df78f9ba8f68e7065f21a58f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomasz=20S=C4=99k?= Date: Wed, 16 Jan 2019 22:32:29 +0100 Subject: [PATCH] [WIP] AWS S3 backup - ensure backup credentials secret --- .../jenkins/configuration/base/reconcile.go | 39 ++++++++++++++++++- ...secret.go => backup_credentials_secret.go} | 9 ++++- .../configuration/base/resources/meta.go | 11 ++++++ .../resources/user_configuration_configmap.go | 9 +++-- 4 files changed, 62 insertions(+), 6 deletions(-) rename pkg/controller/jenkins/configuration/base/resources/{backup_secret.go => backup_credentials_secret.go} (73%) diff --git a/pkg/controller/jenkins/configuration/base/reconcile.go b/pkg/controller/jenkins/configuration/base/reconcile.go index 043053e1..b9dc4fe3 100644 --- a/pkg/controller/jenkins/configuration/base/reconcile.go +++ b/pkg/controller/jenkins/configuration/base/reconcile.go @@ -91,6 +91,11 @@ func (r *ReconcileJenkinsBaseConfiguration) Reconcile() (reconcile.Result, jenki } r.logger.V(log.VDebug).Info("Service is present") + if err := r.createBackupCredentialsSecret(metaObject); err != nil { + return reconcile.Result{}, nil, err + } + r.logger.V(log.VDebug).Info("Backup credentials secret is present") + result, err := r.createJenkinsMasterPod(metaObject) if err != nil { return reconcile.Result{}, nil, err @@ -225,7 +230,11 @@ func (r *ReconcileJenkinsBaseConfiguration) createUserConfigurationConfigMap(met } else if err != nil { return err } - //TODO make sure labels are fine + valid := r.verifyLabelsForWatchedResource(currentConfigMap) + if !valid { + currentConfigMap.ObjectMeta.Labels = resources.BuildLabelsForWatchedResources(r.jenkins) + return r.k8sClient.Update(context.TODO(), currentConfigMap) + } return nil } @@ -443,3 +452,31 @@ func (r *ReconcileJenkinsBaseConfiguration) baseConfiguration(jenkinsClient jenk return reconcile.Result{}, nil } + +func (r *ReconcileJenkinsBaseConfiguration) createBackupCredentialsSecret(meta metav1.ObjectMeta) error { + currentSecret := &corev1.Secret{} + err := r.k8sClient.Get(context.TODO(), types.NamespacedName{Name: resources.GetBackupCredentialsSecretName(r.jenkins), Namespace: r.jenkins.Namespace}, currentSecret) + if err != nil && errors.IsNotFound(err) { + return r.k8sClient.Create(context.TODO(), resources.NewBackupCredentialsSecret(r.jenkins)) + } else if err != nil { + return err + } + valid := r.verifyLabelsForWatchedResource(currentSecret) + if !valid { + currentSecret.ObjectMeta.Labels = resources.BuildLabelsForWatchedResources(r.jenkins) + return r.k8sClient.Update(context.TODO(), currentSecret) + } + + return nil +} + +func (r *ReconcileJenkinsBaseConfiguration) verifyLabelsForWatchedResource(object metav1.Object) bool { + requiredLabels := resources.BuildLabelsForWatchedResources(r.jenkins) + for key, value := range requiredLabels { + if object.GetLabels()[key] != value { + return false + } + } + + return true +} diff --git a/pkg/controller/jenkins/configuration/base/resources/backup_secret.go b/pkg/controller/jenkins/configuration/base/resources/backup_credentials_secret.go similarity index 73% rename from pkg/controller/jenkins/configuration/base/resources/backup_secret.go rename to pkg/controller/jenkins/configuration/base/resources/backup_credentials_secret.go index 740aa8bd..ea9e3ac3 100644 --- a/pkg/controller/jenkins/configuration/base/resources/backup_secret.go +++ b/pkg/controller/jenkins/configuration/base/resources/backup_credentials_secret.go @@ -16,8 +16,13 @@ func GetBackupCredentialsSecretName(jenkins *virtuslabv1alpha1.Jenkins) string { } // NewBackupCredentialsSecret builds the Kubernetes secret used to store backup credentials -func NewBackupCredentialsSecret(meta metav1.ObjectMeta, jenkins *virtuslabv1alpha1.Jenkins) *corev1.Secret { - meta.Name = GetBackupCredentialsSecretName(jenkins) +func NewBackupCredentialsSecret(jenkins *virtuslabv1alpha1.Jenkins) *corev1.Secret { + meta := metav1.ObjectMeta{ + Name: GetBackupCredentialsSecretName(jenkins), + Namespace: jenkins.ObjectMeta.Namespace, + Labels: BuildLabelsForWatchedResources(jenkins), + } + return &corev1.Secret{ TypeMeta: buildSecretTypeMeta(), ObjectMeta: meta, diff --git a/pkg/controller/jenkins/configuration/base/resources/meta.go b/pkg/controller/jenkins/configuration/base/resources/meta.go index 8cdcc164..27f1003d 100644 --- a/pkg/controller/jenkins/configuration/base/resources/meta.go +++ b/pkg/controller/jenkins/configuration/base/resources/meta.go @@ -26,6 +26,17 @@ func BuildResourceLabels(jenkins *virtuslabv1alpha1.Jenkins) map[string]string { } } +// BuildLabelsForWatchedResources returns labels for Kubernetes resources which operator want to watch +// resources with that labels should not be deleted after Jenkins CR deletion, to prevent this situation don't set +// any owner +func BuildLabelsForWatchedResources(jenkins *virtuslabv1alpha1.Jenkins) map[string]string { + return map[string]string{ + constants.LabelAppKey: constants.LabelAppValue, + constants.LabelJenkinsCRKey: jenkins.Name, + constants.LabelWatchKey: constants.LabelWatchValue, + } +} + // GetResourceName returns name of Kubernetes resource base on Jenkins CR func GetResourceName(jenkins *virtuslabv1alpha1.Jenkins) string { return fmt.Sprintf("%s-%s", constants.LabelAppValue, jenkins.ObjectMeta.Name) diff --git a/pkg/controller/jenkins/configuration/base/resources/user_configuration_configmap.go b/pkg/controller/jenkins/configuration/base/resources/user_configuration_configmap.go index fdf9be08..5b346bfe 100644 --- a/pkg/controller/jenkins/configuration/base/resources/user_configuration_configmap.go +++ b/pkg/controller/jenkins/configuration/base/resources/user_configuration_configmap.go @@ -7,6 +7,7 @@ import ( "github.com/VirtusLab/jenkins-operator/pkg/controller/jenkins/constants" corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) const configureTheme = ` @@ -38,9 +39,11 @@ func GetUserConfigurationConfigMapName(jenkins *virtuslabv1alpha1.Jenkins) strin // NewUserConfigurationConfigMap builds Kubernetes config map used to user configuration func NewUserConfigurationConfigMap(jenkins *virtuslabv1alpha1.Jenkins) *corev1.ConfigMap { - meta := NewResourceObjectMeta(jenkins) - meta.Name = GetUserConfigurationConfigMapName(jenkins) - meta.Labels[constants.LabelWatchKey] = constants.LabelWatchValue // add watch for resource + meta := metav1.ObjectMeta{ + Name: GetUserConfigurationConfigMapName(jenkins), + Namespace: jenkins.ObjectMeta.Namespace, + Labels: BuildLabelsForWatchedResources(jenkins), + } return &corev1.ConfigMap{ TypeMeta: buildConfigMapTypeMeta(),