What would you like to be added:
Enhance the openmcp-operator lib to easily get AccessRequest based on current reconcile request (Crossplane CR, ManagedControlPlane CR, etc.).
It could look something like this:
func (r *reconcilerImpl) GetAccessRequest(ctx context.Context, request reconcile.Request) (*v1alpha1.AccessRequest, error) {
...
}Why is this needed:
In openmcp-project/service-provider-crossplane#23, I have implemented a function that needs to get the AccessRequest based on the current reconcile request.
To easily get the AccessRequest based on the reconciled Crossplane instance, I have looked at the library how it ensures the AccessRequest being created in the first place:
|
func (r *reconcilerImpl) Reconcile(ctx context.Context, request reconcile.Request) (reconcile.Result, error) { |
|
log := logging.FromContextOrPanic(ctx).WithName(controllerName) |
|
|
|
platformNamespace, err := libutils.StableMCPNamespace(request.Name, request.Namespace) |
|
if err != nil { |
|
return reconcile.Result{}, err |
|
} |
|
requestNamespace := platformNamespace |
|
requestNameMCP := StableRequestName(r.controllerName, request) + requestSuffixMCP |
|
requestNameWorkload := StableRequestName(r.controllerName, request) + requestSuffixWorkload |
|
|
|
metadata := requestMetadata(r.controllerName, request) |
|
|
|
// Check if the request namespace already exists. |
|
// If it does not exist, wait until it is created. |
|
|
|
log.Debug("Wait for request namespace to exist", "requestNamespace", requestNamespace) |
|
|
|
requestNamespaceExists, err := namespaceExists(ctx, r.platformClusterClient, requestNamespace) |
|
if err != nil { |
|
return reconcile.Result{}, fmt.Errorf("failed to check if request namespace exists: %w", err) |
|
} |
|
|
|
if !requestNamespaceExists { |
|
log.Debug("Request namespace does not exist", "requestNamespace", requestNamespace) |
|
return reconcile.Result{RequeueAfter: r.retryInterval}, nil |
|
} |
|
|
|
// Create or update the MCP AccessRequest and wait until the MCP cluster is ready. |
|
// This also prevents creating the Workload AccessRequest before there is even a MCP created on the onboarding cluster. |
|
|
|
log.Debug("Create and wait for MCP cluster access request", "accessRequestName", requestNameMCP, "accessRequestNamespace", requestNamespace) |
|
|
|
mcpAccessRequest, err := ensureAccessRequest(ctx, r.platformClusterClient, |
|
requestNameMCP, requestNamespace, &commonapi.ObjectReference{ |
|
Name: request.Name, |
|
Namespace: requestNamespace, |
|
}, nil, r.mcpPermissions, r.mcpRoleRefs, metadata) |
The implementation for now is ok, but as @Diaphteiros mentioned:
Having to reverse-engineer the library function to figure out the AccessRequest is somewhat ugly, though (and can easily break if we change the library). Maybe we can add a function or additional return value or something like this to the library that returns the AccessRequest?
Originally posted by @Diaphteiros in openmcp-project/service-provider-crossplane#23 (comment)
