fix: Correct the CSI handler logic (#603)

**What problem does this PR solve?**:
- Return an error when the CSI variable is defined, but the
  Providers list is empty.
- Return an error when the CSI provider is defined, but its
  StorageClassConfig list is empty.
- Return an error when any CSI provider is unknown.
- Return an error when DefaultStorage is empty.
- Return an error when the DefaultStorage Provider Name does not match a
set provider.
- Return an error when the DefaultStorage StorageClassConfig Name does
not match the name of a StorageClassConfig for the default provider.

Adds unit tests to verify this logic, and more. Covers the majority of
the generic CSI handler `AfterControlPlaneInitialized` hook.

**Which issue(s) this PR fixes**:
Fixes #

**How Has This Been Tested?**:
<!--
Please describe the tests that you ran to verify your changes.
Provide output from the tests and any manual steps needed to replicate
the tests.
-->
Adds a unit test; I think this is the first unit test in CAREN to
exercise a handler request-response flow.
 
**Special notes for your reviewer**:
<!--
Use this to provide any additional information to the reviewers.
This may include:
- Best way to review the PR.
- Where the author wants the most review attention on.
- etc.
-->
I noticed these issues as I was studying the CSI handler in order to
write the ServiceLoadbalancer handler. I'll be adding a unit test to
#592 as well.

---------

Co-authored-by: Dimitri Koshkin <[email protected]>
Co-authored-by: Jimmi Dyson <[email protected]>

Author: 3 people

api/v1alpha1/addon_types.go

@@ -120,11 +120,12 @@ type DefaultStorage struct {
 }
 
 type CSI struct {
-	// +kubebuilder:validation:Optional
-	Providers []CSIProvider `json:"providers,omitempty"`
+	// +kubebuilder:validation:MinItems=1
+	// +kubebuilder:validation:Required
+	Providers []CSIProvider `json:"providers"`
 
-	// +kubebuilder:validation:Optional
-	DefaultStorage *DefaultStorage `json:"defaultStorage,omitempty"`
+	// +kubebuilder:validation:Required
+	DefaultStorage DefaultStorage `json:"defaultStorage"`
 }
 
 type CSIProvider struct {
@@ -133,8 +134,9 @@ type CSIProvider struct {
 	// +kubebuilder:validation:Enum=aws-ebs;nutanix
 	Name string `json:"name"`
 
+	// StorageClassConfig is a list of storage class configurations for this CSI provider.
 	// +kubebuilder:validation:Optional
-	StorageClassConfig []StorageClassConfig `json:"storageClassConfig,omitempty"`
+	StorageClassConfig []StorageClassConfig `json:"storageClassConfig"`
 
 	// Addon strategy used to deploy the CSI provider to the workload cluster.
 	// +kubebuilder:validation:Required

api/v1alpha1/crds/caren.nutanix.com_awsclusterconfigs.yaml

@@ -139,6 +139,8 @@ spec:
                               - nutanix
                               type: string
                             storageClassConfig:
+                              description: StorageClassConfig is a list of storage
+                                class configurations for this CSI provider.
                               items:
                                 properties:
                                   allowExpansion:
@@ -189,7 +191,11 @@ spec:
                           - name
                           - strategy
                           type: object
+                        minItems: 1
                         type: array
+                    required:
+                    - defaultStorage
+                    - providers
                     type: object
                   nfd:
                     description: NFD tells us to enable or disable the node feature

api/v1alpha1/crds/caren.nutanix.com_dockerclusterconfigs.yaml

@@ -140,6 +140,8 @@ spec:
                               - nutanix
                               type: string
                             storageClassConfig:
+                              description: StorageClassConfig is a list of storage
+                                class configurations for this CSI provider.
                               items:
                                 properties:
                                   allowExpansion:
@@ -190,7 +192,11 @@ spec:
                           - name
                           - strategy
                           type: object
+                        minItems: 1
                         type: array
+                    required:
+                    - defaultStorage
+                    - providers
                     type: object
                   nfd:
                     description: NFD tells us to enable or disable the node feature

api/v1alpha1/crds/caren.nutanix.com_nutanixclusterconfigs.yaml

@@ -140,6 +140,8 @@ spec:
                               - nutanix
                               type: string
                             storageClassConfig:
+                              description: StorageClassConfig is a list of storage
+                                class configurations for this CSI provider.
                               items:
                                 properties:
                                   allowExpansion:
@@ -190,7 +192,11 @@ spec:
                           - name
                           - strategy
                           type: object
+                        minItems: 1
                         type: array
+                    required:
+                    - defaultStorage
+                    - providers
                     type: object
                   nfd:
                     description: NFD tells us to enable or disable the node feature

api/v1alpha1/zz_generated.deepcopy.go

@@ -0,0 +1,32 @@
+// Copyright 2024 D2iQ, Inc. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package variables
+
+import (
+	"encoding/json"
+	"fmt"
+
+	v1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
+)
+
+func MarshalToClusterVariable[T any](name string, obj T) (*clusterv1.ClusterVariable, error) {
+	marshaled, err := json.Marshal(obj)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal variable value %q: %w", name, err)
+	}
+	return &clusterv1.ClusterVariable{
+		Name:  name,
+		Value: v1.JSON{Raw: marshaled},
+	}, nil
+}
+
+func UnmarshalClusterVariable[T any](clusterVariable *clusterv1.ClusterVariable, obj *T) error {
+	err := json.Unmarshal(clusterVariable.Value.Raw, obj)
+	if err != nil {
+		return fmt.Errorf("error unmarshalling variable: %w", err)
+	}
+
+	return nil
+}

common/pkg/capi/clustertopology/variables/json.go

@@ -58,7 +58,7 @@ func New(
 func (a *AWSEBS) Apply(
 	ctx context.Context,
 	provider v1alpha1.CSIProvider,
-	defaultStorageConfig *v1alpha1.DefaultStorage,
+	defaultStorageConfig v1alpha1.DefaultStorage,
 	req *runtimehooksv1.AfterControlPlaneInitializedRequest,
 	_ logr.Logger,
 ) error {

pkg/handlers/generic/lifecycle/csi/aws-ebs/handler.go

@@ -27,7 +27,7 @@ type CSIProvider interface {
 	Apply(
 		context.Context,
 		v1alpha1.CSIProvider,
-		*v1alpha1.DefaultStorage,
+		v1alpha1.DefaultStorage,
 		*runtimehooksv1.AfterControlPlaneInitializedRequest,
 		logr.Logger,
 	) error
@@ -74,68 +74,67 @@ func (c *CSIHandler) AfterControlPlaneInitialized(
 	)
 	varMap := variables.ClusterVariablesToVariablesMap(req.Cluster.Spec.Topology.Variables)
 	resp.SetStatus(runtimehooksv1.ResponseStatusSuccess)
-	csiProviders, err := variables.Get[v1alpha1.CSI](
+	csi, err := variables.Get[v1alpha1.CSI](
 		varMap,
 		c.variableName,
 		c.variablePath...)
 	if err != nil {
-		if variables.IsNotFoundError(err) ||
-			csiProviders.Providers == nil ||
-			len(csiProviders.Providers) == 0 {
-			log.V(4).Info(
-				fmt.Sprintf(
-					"Skipping CSI handler, no providers given in %v",
-					csiProviders,
-				),
-			)
+		if variables.IsNotFoundError(err) {
+			log.Info("Skipping CSI handler, the cluster does not define the CSI variable")
 			return
 		}
-		log.Error(
-			err,
-			"failed to read CSI provider from cluster definition",
-		)
+		msg := "failed to read the CSI variable from the cluster"
+		log.Error(err, msg)
 		resp.SetStatus(runtimehooksv1.ResponseStatusFailure)
-		resp.SetMessage(
-			fmt.Sprintf("failed to read CSI provider from cluster definition: %v",
-				err,
-			),
-		)
+		resp.SetMessage(fmt.Sprintf("%s: %v", msg, err))
 		return
 	}
-	if len(csiProviders.Providers) == 1 &&
-		len(csiProviders.Providers[0].StorageClassConfig) == 1 &&
-		csiProviders.DefaultStorage == nil {
-		csiProviders.DefaultStorage = &v1alpha1.DefaultStorage{
-			ProviderName:           csiProviders.Providers[0].Name,
-			StorageClassConfigName: csiProviders.Providers[0].StorageClassConfig[0].Name,
-		}
+
+	// This is defensive, because the API validation requires at least one provider.
+	if len(csi.Providers) == 0 {
+		msg := "The list of CSI providers must include at least one provider"
+		log.Error(nil, msg)
+		resp.SetStatus(runtimehooksv1.ResponseStatusFailure)
+		resp.SetMessage(msg)
+		return
 	}
 
-	// There's a 1:N mapping of infra to CSI providers. The user chooses the provider.
-	for _, provider := range csiProviders.Providers {
+	if err := validateDefaultStorage(csi); err != nil {
+		log.Error(err, "")
+		resp.SetStatus(runtimehooksv1.ResponseStatusFailure)
+		resp.SetMessage(err.Error())
+		return
+	}
+
+	// There's a 1:N mapping of infra to CSI providers. The user chooses the providers.
+	for _, provider := range csi.Providers {
 		handler, ok := c.ProviderHandler[provider.Name]
 		if !ok {
-			log.V(4).Info(
-				fmt.Sprintf(
-					"Skipping CSI handler, for provider given in %s. Provider handler not given.",
-					provider.Name,
-				),
+			log.Error(
+				nil,
+				"CSI provider is unknown",
+				"name",
+				provider.Name,
+			)
+			resp.SetStatus(runtimehooksv1.ResponseStatusFailure)
+			resp.SetMessage(
+				fmt.Sprintf("CSI provider %q is unknown", provider.Name),
 			)
-			continue
+			return
 		}
 		log.Info(fmt.Sprintf("Creating CSI provider %s", provider.Name))
 		err = handler.Apply(
 			ctx,
 			provider,
-			csiProviders.DefaultStorage,
+			csi.DefaultStorage,
 			req,
 			log,
 		)
 		if err != nil {
 			log.Error(
 				err,
 				fmt.Sprintf(
-					"failed to delpoy %s CSI driver",
+					"failed to deploy %s CSI driver",
 					provider.Name,
 				),
 			)
@@ -149,3 +148,30 @@ func (c *CSIHandler) AfterControlPlaneInitialized(
 		}
 	}
 }
+
+func validateDefaultStorage(csi v1alpha1.CSI) error {
+	// Verify that the default storage references a defined provider, and one of the
+	// storage class configs for that provider.
+	{
+		storageClassConfigsByProviderName := map[string][]v1alpha1.StorageClassConfig{}
+		for _, provider := range csi.Providers {
+			storageClassConfigsByProviderName[provider.Name] = provider.StorageClassConfig
+		}
+		configs, ok := storageClassConfigsByProviderName[csi.DefaultStorage.ProviderName]
+		if !ok {
+			return fmt.Errorf("the DefaultStorage Provider name must be the name of a configured provider")
+		}
+		defaultStorageClassConfigNameInProvider := false
+		for _, config := range configs {
+			if csi.DefaultStorage.StorageClassConfigName == config.Name {
+				defaultStorageClassConfigNameInProvider = true
+				break
+			}
+		}
+		if !defaultStorageClassConfigNameInProvider {
+			//nolint:lll // Long message.
+			return fmt.Errorf("the DefaultStorage StorageClassConfig name must be the name of a StorageClassConfig for the default provider")
+		}
+	}
+	return nil
+}