CLOUDP-85517: no connection secrets in db user status (#184)

Anton · web-flow · commit 5a012ed40c2e · 2021-03-25T16:08:05.000Z
diff --git a/config/crd/bases/atlas.mongodb.com_atlasdatabaseusers.yaml b/config/crd/bases/atlas.mongodb.com_atlasdatabaseusers.yaml
@@ -185,13 +185,6 @@ spec:
                   - type
                   type: object
                 type: array
-              connectionSecrets:
-                additionalProperties:
-                  type: string
-                description: ConnectionSecrets defines all the Secrets for the current
-                  database user that were created by the Atlas Operator and which
-                  provide the Atlas clusters connectivity information
-                type: object
               name:
                 description: UserName is the current name of database user.
                 type: string
diff --git a/pkg/api/v1/status/atlasdatabaseuser.go b/pkg/api/v1/status/atlasdatabaseuser.go
@@ -5,12 +5,6 @@ package status
 // AtlasDatabaseUserStatusOption is the option that is applied to Atlas Project Status
 type AtlasDatabaseUserStatusOption func(s *AtlasDatabaseUserStatus)
 
-func AtlasDatabaseUserSecretsOption(clusters2Secrets map[string]string) AtlasDatabaseUserStatusOption {
-	return func(s *AtlasDatabaseUserStatus) {
-		s.ConnectionSecrets = clusters2Secrets
-	}
-}
-
 func AtlasDatabaseUserPasswordVersion(passwordVersion string) AtlasDatabaseUserStatusOption {
 	return func(s *AtlasDatabaseUserStatus) {
 		s.PasswordVersion = passwordVersion
@@ -26,10 +20,6 @@ func AtlasDatabaseUserNameOption(name string) AtlasDatabaseUserStatusOption {
 type AtlasDatabaseUserStatus struct {
 	Common `json:",inline"`
 
-	// ConnectionSecrets defines all the Secrets for the current database user that were created by the Atlas Operator
-	// and which provide the Atlas clusters connectivity information
-	ConnectionSecrets map[string]string `json:"connectionSecrets,omitempty"`
-
 	// PasswordVersion is the 'ResourceVersion' of the password Secret that the Atlas Operator is aware of
 	PasswordVersion string `json:"passwordVersion,omitempty"`
 
diff --git a/pkg/controller/atlasdatabaseuser/connectionsecrets.go b/pkg/controller/atlasdatabaseuser/connectionsecrets.go
@@ -7,7 +7,6 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	mdbv1 "github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/v1"
-	"github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/v1/status"
 	"github.com/mongodb/mongodb-atlas-kubernetes/pkg/controller/connectionsecret"
 	"github.com/mongodb/mongodb-atlas-kubernetes/pkg/controller/workflow"
 	"github.com/mongodb/mongodb-atlas-kubernetes/pkg/util/stringutil"
@@ -20,7 +19,6 @@ func createOrUpdateConnectionSecrets(ctx *workflow.Context, k8sClient client.Cli
 		return workflow.Terminate(workflow.DatabaseUserConnectionSecretsNotCreated, err.Error())
 	}
 
-	secretNames := make(map[string]string)
 	requeue := false
 	for _, cluster := range clusters {
 		scopes := dbUser.GetScopes(mdbv1.ClusterScopeType)
@@ -56,14 +54,12 @@ func createOrUpdateConnectionSecrets(ctx *workflow.Context, k8sClient client.Cli
 			return workflow.Terminate(workflow.DatabaseUserConnectionSecretsNotCreated, err.Error())
 		}
 		ctx.Log.Debugw("Ensured connection Secret up-to-date", "secretname", secretName)
-		secretNames[cluster.Name] = secretName
 	}
 
 	if err := cleanupStaleSecrets(ctx, k8sClient, project.ID(), dbUser); err != nil {
 		return workflow.Terminate(workflow.DatabaseUserStaleConnectionSecrets, err.Error())
 	}
 
-	ctx.EnsureStatusOption(status.AtlasDatabaseUserSecretsOption(secretNames))
 	if requeue {
 		return workflow.InProgress(workflow.DatabaseUserConnectionSecretsNotCreated, "Waiting for clusters to get created/updated")
 	}
diff --git a/test/int/dbuser_test.go b/test/int/dbuser_test.go
@@ -185,12 +185,6 @@ var _ = Describe("AtlasDatabaseUser", func() {
 					validateSecret(k8sClient, *createdProject, *createdClusterGCP, *createdDBUser)
 					validateSecret(k8sClient, *createdProject, *createdClusterAWS, *createdDBUser)
 					checkNumberOfConnectionSecrets(k8sClient, *createdProject, 2)
-
-					expectedSecretsInStatus := map[string]string{
-						"test-cluster-aws": connSecretname("-test-cluster-aws-test-db-user"),
-						"test-cluster-gcp": connSecretname("-test-cluster-gcp-test-db-user"),
-					}
-					Expect(createdDBUser.Status.ConnectionSecrets).To(Equal(expectedSecretsInStatus))
 				})
 				By("Checking connectivity to Clusters", func() {
 					// The user created lacks read/write roles
@@ -218,12 +212,6 @@ var _ = Describe("AtlasDatabaseUser", func() {
 					validateSecret(k8sClient, *createdProject, *createdClusterGCP, *createdDBUser)
 					validateSecret(k8sClient, *createdProject, *createdClusterAWS, *createdDBUser)
 					checkNumberOfConnectionSecrets(k8sClient, *createdProject, 2)
-
-					expectedSecretsInStatus := map[string]string{
-						"test-cluster-aws": connSecretname("-test-cluster-aws-test-db-user"),
-						"test-cluster-gcp": connSecretname("-test-cluster-gcp-test-db-user"),
-					}
-					Expect(createdDBUser.Status.ConnectionSecrets).To(Equal(expectedSecretsInStatus))
 				})
 
 				By("Checking write permissions for Clusters", func() {
@@ -271,8 +259,6 @@ var _ = Describe("AtlasDatabaseUser", func() {
 					validateSecret(k8sClient, *createdProject, *createdClusterAWS, *createdDBUser)
 					validateSecret(k8sClient, *createdProject, *createdClusterGCP, *secondDBUser)
 					checkNumberOfConnectionSecrets(k8sClient, *createdProject, 3)
-					expectedSecretsInStatus := map[string]string{"test-cluster-gcp": connSecretname("-test-cluster-gcp-second-db-user")}
-					Expect(secondDBUser.Status.ConnectionSecrets).To(Equal(expectedSecretsInStatus))
 				})
 
 				By("Checking write permissions for Clusters", func() {
@@ -323,7 +309,6 @@ var _ = Describe("AtlasDatabaseUser", func() {
 
 				checkUserInAtlas(*createdDBUser)
 				checkNumberOfConnectionSecrets(k8sClient, *createdProject, 0)
-				Expect(createdDBUser.Status.ConnectionSecrets).To(BeEmpty())
 			})
 			By("Creating cluster", func() {
 				createdClusterAWS = mdbv1.DefaultAWSCluster(namespace.Name, createdProject.Name)
@@ -346,8 +331,6 @@ var _ = Describe("AtlasDatabaseUser", func() {
 				By("Checking connection Secrets", func() {
 					validateSecret(k8sClient, *createdProject, *createdClusterAWS, *createdDBUser)
 					checkNumberOfConnectionSecrets(k8sClient, *createdProject, 1)
-					expectedSecretsInStatus := map[string]string{"test-cluster-aws": connSecretname("-test-cluster-aws-test-db-user")}
-					Expect(createdDBUser.Status.ConnectionSecrets).To(Equal(expectedSecretsInStatus))
 				})
 			})
 		})

Original file line number	Diff line number	Diff line change
`@@ -7,7 +7,6 @@ import (`
`7`	`7`	`"sigs.k8s.io/controller-runtime/pkg/client"`
`8`	`8`
`9`	`9`	`mdbv1 "github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/v1"`
`10`		`- "github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/v1/status"`
`11`	`10`	`"github.com/mongodb/mongodb-atlas-kubernetes/pkg/controller/connectionsecret"`
`12`	`11`	`"github.com/mongodb/mongodb-atlas-kubernetes/pkg/controller/workflow"`
`13`	`12`	`"github.com/mongodb/mongodb-atlas-kubernetes/pkg/util/stringutil"`
`@@ -20,7 +19,6 @@ func createOrUpdateConnectionSecrets(ctx *workflow.Context, k8sClient client.Cli`
`20`	`19`	`return workflow.Terminate(workflow.DatabaseUserConnectionSecretsNotCreated, err.Error())`
`21`	`20`	`}`
`22`	`21`
`23`		`- secretNames := make(map[string]string)`
`24`	`22`	`requeue := false`
`25`	`23`	`for _, cluster := range clusters {`
`26`	`24`	`scopes := dbUser.GetScopes(mdbv1.ClusterScopeType)`
`@@ -56,14 +54,12 @@ func createOrUpdateConnectionSecrets(ctx *workflow.Context, k8sClient client.Cli`
`56`	`54`	`return workflow.Terminate(workflow.DatabaseUserConnectionSecretsNotCreated, err.Error())`
`57`	`55`	`}`
`58`	`56`	`ctx.Log.Debugw("Ensured connection Secret up-to-date", "secretname", secretName)`
`59`		`- secretNames[cluster.Name] = secretName`
`60`	`57`	`}`
`61`	`58`
`62`	`59`	`if err := cleanupStaleSecrets(ctx, k8sClient, project.ID(), dbUser); err != nil {`
`63`	`60`	`return workflow.Terminate(workflow.DatabaseUserStaleConnectionSecrets, err.Error())`
`64`	`61`	`}`
`65`	`62`
`66`		`- ctx.EnsureStatusOption(status.AtlasDatabaseUserSecretsOption(secretNames))`
`67`	`63`	`if requeue {`
`68`	`64`	`return workflow.InProgress(workflow.DatabaseUserConnectionSecretsNotCreated, "Waiting for clusters to get created/updated")`
`69`	`65`	`}`