Removing galera and rabbitmq from CR after their oscp removal

Adds tests to verify galera and rabiitmq cleanup by ownership
Adds tests for cert verification and cleanup

Resolves: #OSPRH-8059
Resolves: #OSPRH-8061

Author: auniyal61

pkg/openstack/common.go

@@ -795,3 +795,23 @@ func hasCertInOverrideSpec(overrideSpec route.OverrideSpec) bool {
 		overrideSpec.Spec.TLS.Certificate != "" &&
 		overrideSpec.Spec.TLS.Key != ""
 }
+
+func DeleteCertificate(
+	ctx context.Context,
+	helper *helper.Helper,
+	namespace string,
+	certName string) error {
+
+	cert := certmanager.NewCertificate(
+		&certmgrv1.Certificate{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      certName,
+				Namespace: namespace,
+			},
+		},
+		5*time.Second,
+	)
+
+	helper.GetLogger().Info(fmt.Sprintf("Deleting cert %s", certName))
+	return cert.Delete(ctx, helper)
+}

pkg/openstack/galera.go

@@ -2,6 +2,7 @@ package openstack
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -10,8 +11,10 @@ import (
 	"github.com/openstack-k8s-operators/lib-common/modules/common/clusterdns"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/condition"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/helper"
+	"github.com/openstack-k8s-operators/lib-common/modules/common/object"
 	mariadbv1 "github.com/openstack-k8s-operators/mariadb-operator/api/v1beta1"
 
+	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
 	corev1beta1 "github.com/openstack-k8s-operators/openstack-operator/apis/core/v1beta1"
@@ -28,14 +31,61 @@ const (
 	galeraReady    galeraStatus = iota
 )
 
+func deleteUndefinedGaleras(
+	ctx context.Context,
+	instance *corev1beta1.OpenStackControlPlane,
+	helper *helper.Helper,
+) (ctrl.Result, error) {
+
+	log := GetLogger(ctx)
+	// Fetch the list of Galera objects
+	galeraList := &mariadbv1.GaleraList{}
+	listOpts := []client.ListOption{
+		client.InNamespace(instance.GetNamespace()),
+	}
+	err := helper.GetClient().List(ctx, galeraList, listOpts...)
+	if err != nil {
+		return ctrl.Result{}, fmt.Errorf("could not get galeras %w", err)
+	}
+
+	var delErrs []error
+	for _, galeraObj := range galeraList.Items {
+		// if it is not defined in the OpenStackControlPlane then delete it from k8s.
+		if _, exists := (*instance.Spec.Galera.Templates)[galeraObj.Name]; !exists {
+			if object.CheckOwnerRefExist(instance.GetUID(), galeraObj.OwnerReferences) {
+				log.Info("Deleting Galera", "", galeraObj.Name)
+
+				certName := fmt.Sprintf("galera-%s-svc", galeraObj.Name)
+				err = DeleteCertificate(ctx, helper, instance.Namespace, certName)
+				if err != nil {
+					delErrs = append(delErrs, fmt.Errorf("galera cert deletion for '%s' failed, because: %w", certName, err))
+					continue
+				}
+
+				if _, err := EnsureDeleted(ctx, helper, &galeraObj); err != nil {
+					delErrs = append(delErrs, fmt.Errorf("galera deletion for '%s' failed, because: %w", galeraObj.Name, err))
+				}
+
+			}
+		}
+	}
+
+	if len(delErrs) > 0 {
+		delErrs := errors.Join(delErrs...)
+		return ctrl.Result{}, delErrs
+	}
+
+	return ctrl.Result{}, nil
+}
+
 // ReconcileGaleras -
 func ReconcileGaleras(
 	ctx context.Context,
 	instance *corev1beta1.OpenStackControlPlane,
 	version *corev1beta1.OpenStackVersion,
 	helper *helper.Helper,
 ) (ctrl.Result, error) {
-	Log := GetLogger(ctx)
+	log := GetLogger(ctx)
 	if !instance.Spec.Galera.Enabled {
 		return ctrl.Result{}, nil
 	}
@@ -127,20 +177,31 @@ func ReconcileGaleras(
 		return ctrl.Result{}, fmt.Errorf(errors)
 
 	} else if len(inprogress) > 0 {
-		Log.Info("Galera in progress")
+		log.Info("Galera in progress")
 		instance.Status.Conditions.Set(condition.FalseCondition(
 			corev1beta1.OpenStackControlPlaneMariaDBReadyCondition,
 			condition.RequestedReason,
 			condition.SeverityInfo,
 			corev1beta1.OpenStackControlPlaneMariaDBReadyRunningMessage))
 	} else {
-		Log.Info("Galera ready condition is true")
+		log.Info("Galera ready condition is true")
 		instance.Status.Conditions.MarkTrue(
 			corev1beta1.OpenStackControlPlaneMariaDBReadyCondition,
 			corev1beta1.OpenStackControlPlaneMariaDBReadyMessage,
 		)
 	}
 
+	_, errs := deleteUndefinedGaleras(ctx, instance, helper)
+	if errs != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			corev1beta1.OpenStackControlPlaneMariaDBReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			corev1beta1.OpenStackControlPlaneMariaDBReadyErrorMessage,
+			errs))
+		return ctrl.Result{}, errs
+	}
+
 	return ctrl.Result{}, nil
 }
 
@@ -159,7 +220,7 @@ func reconcileGalera(
 			Namespace: instance.Namespace,
 		},
 	}
-	Log := GetLogger(ctx)
+	log := GetLogger(ctx)
 
 	if !instance.Spec.Galera.Enabled {
 		if _, err := EnsureDeleted(ctx, helper, galera); err != nil {
@@ -182,7 +243,7 @@ func reconcileGalera(
 		spec.TopologyRef = instance.Spec.TopologyRef
 	}
 
-	Log.Info("Reconciling Galera", "Galera.Namespace", instance.Namespace, "Galera.Name", name)
+	log.Info("Reconciling Galera", "Galera.Namespace", instance.Namespace, "Galera.Name", name)
 	op, err := controllerutil.CreateOrPatch(ctx, helper.GetClient(), galera, func() error {
 		spec.DeepCopyInto(&galera.Spec.GaleraSpecCore)
 		galera.Spec.ContainerImage = *version.Status.ContainerImages.MariadbImage
@@ -198,7 +259,7 @@ func reconcileGalera(
 		return galeraFailed, err
 	}
 	if op != controllerutil.OperationResultNone {
-		Log.Info(fmt.Sprintf("Galera %s - %s", galera.Name, op))
+		log.Info(fmt.Sprintf("Galera %s - %s", galera.Name, op))
 	}
 
 	if galera.Status.ObservedGeneration == galera.Generation && galera.IsReady() {
@@ -211,10 +272,10 @@ func reconcileGalera(
 
 // GaleraImageMatch - return true if the Galera images match on the ControlPlane and Version, or if Galera is not enabled
 func GaleraImageMatch(ctx context.Context, controlPlane *corev1beta1.OpenStackControlPlane, version *corev1beta1.OpenStackVersion) bool {
-	Log := GetLogger(ctx)
+	log := GetLogger(ctx)
 	if controlPlane.Spec.Galera.Enabled {
 		if !stringPointersEqual(controlPlane.Status.ContainerImages.MariadbImage, version.Status.ContainerImages.MariadbImage) {
-			Log.Info("Galera images do not match", "controlPlane.Status.ContainerImages.MariadbImage", controlPlane.Status.ContainerImages.MariadbImage, "version.Status.ContainerImages.MariadbImage", version.Status.ContainerImages.MariadbImage)
+			log.Info("Galera images do not match", "controlPlane.Status.ContainerImages.MariadbImage", controlPlane.Status.ContainerImages.MariadbImage, "version.Status.ContainerImages.MariadbImage", version.Status.ContainerImages.MariadbImage)
 			return false
 		}
 	}

pkg/openstack/rabbitmq.go

@@ -2,6 +2,7 @@ package openstack
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"strings"
 
@@ -11,11 +12,13 @@ import (
 	"github.com/openstack-k8s-operators/lib-common/modules/common/clusterdns"
 	condition "github.com/openstack-k8s-operators/lib-common/modules/common/condition"
 	"github.com/openstack-k8s-operators/lib-common/modules/common/helper"
+	"github.com/openstack-k8s-operators/lib-common/modules/common/object"
 
 	// Cannot use the following import due to linting error:
 	// Error: 	pkg/openstack/rabbitmq.go:10:2: use of internal package github.com/rabbitmq/cluster-operator/internal/status not allowed
 	//rabbitstatus "github.com/rabbitmq/cluster-operator/internal/status"
 
+	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
 	corev1beta1 "github.com/openstack-k8s-operators/openstack-operator/apis/core/v1beta1"
@@ -38,6 +41,52 @@ const (
 	mqReady    mqStatus = iota
 )
 
+func deleteUndefinedRabbitMQs(
+	ctx context.Context,
+	instance *corev1beta1.OpenStackControlPlane,
+	helper *helper.Helper,
+) (ctrl.Result, error) {
+
+	log := GetLogger(ctx)
+	// Fetch the list of RabbitMQ objects
+	rabbitList := &rabbitmqv1.RabbitMqList{}
+	listOpts := []client.ListOption{
+		client.InNamespace(instance.GetNamespace()),
+	}
+	err := helper.GetClient().List(ctx, rabbitList, listOpts...)
+	if err != nil {
+		return ctrl.Result{}, fmt.Errorf("could not list rabbitmqs %w", err)
+	}
+
+	var delErrs []error
+	for _, rabbitObj := range rabbitList.Items {
+		// if it is not defined in the OpenStackControlPlane then delete it from k8s.
+		if _, exists := (*instance.Spec.Rabbitmq.Templates)[rabbitObj.Name]; !exists {
+			if object.CheckOwnerRefExist(instance.GetUID(), rabbitObj.OwnerReferences) {
+				log.Info("Deleting Rabbitmq", "", rabbitObj.Name)
+
+				certName := fmt.Sprintf("%s-svc", rabbitObj.Name)
+				err = DeleteCertificate(ctx, helper, instance.Namespace, certName)
+				if err != nil {
+					delErrs = append(delErrs, fmt.Errorf("rabbit cert deletion for '%s' failed, because: %w", certName, err))
+					continue
+				}
+
+				if _, err := EnsureDeleted(ctx, helper, &rabbitObj); err != nil {
+					delErrs = append(delErrs, fmt.Errorf("rabbitmq deletion for '%s' failed, because: %w", rabbitObj.Name, err))
+				}
+			}
+		}
+	}
+
+	if len(delErrs) > 0 {
+		delErrs := errors.Join(delErrs...)
+		return ctrl.Result{}, delErrs
+	}
+
+	return ctrl.Result{}, nil
+}
+
 // ReconcileRabbitMQs -
 func ReconcileRabbitMQs(
 	ctx context.Context,
@@ -94,6 +143,17 @@ func ReconcileRabbitMQs(
 		)
 	}
 
+	_, errs := deleteUndefinedRabbitMQs(ctx, instance, helper)
+	if errs != nil {
+		instance.Status.Conditions.Set(condition.FalseCondition(
+			corev1beta1.OpenStackControlPlaneRabbitMQReadyCondition,
+			condition.ErrorReason,
+			condition.SeverityWarning,
+			corev1beta1.OpenStackControlPlaneRabbitMQReadyErrorMessage,
+			errs))
+		return ctrl.Result{}, errs
+	}
+
 	return ctrlResult, nil
 }
 
@@ -111,9 +171,9 @@ func reconcileRabbitMQ(
 			Namespace: instance.Namespace,
 		},
 	}
-	Log := GetLogger(ctx)
+	log := GetLogger(ctx)
 
-	Log.Info("Reconciling RabbitMQ", "RabbitMQ.Namespace", instance.Namespace, "RabbitMQ.Name", name)
+	log.Info("Reconciling RabbitMQ", "RabbitMQ.Namespace", instance.Namespace, "RabbitMQ.Name", name)
 	if !instance.Spec.Rabbitmq.Enabled {
 		if _, err := EnsureDeleted(ctx, helper, rabbitmq); err != nil {
 			return mqFailed, ctrl.Result{}, err
@@ -199,7 +259,7 @@ func reconcileRabbitMQ(
 	op, err := controllerutil.CreateOrPatch(ctx, helper.GetClient(), rabbitmq, func() error {
 		spec.DeepCopyInto(&rabbitmq.Spec.RabbitMqSpecCore)
 		if rabbitmq.Spec.Persistence.StorageClassName == nil {
-			Log.Info(fmt.Sprintf("Setting StorageClassName: " + instance.Spec.StorageClass))
+			log.Info(fmt.Sprintf("Setting StorageClassName: " + instance.Spec.StorageClass))
 			rabbitmq.Spec.Persistence.StorageClassName = &instance.Spec.StorageClass
 		}
 		if tlsCert != "" {
@@ -221,7 +281,7 @@ func reconcileRabbitMQ(
 		return mqFailed, ctrl.Result{}, err
 	}
 	if op != controllerutil.OperationResultNone {
-		Log.Info(fmt.Sprintf("RabbitMQ %s - %s", rabbitmq.Name, op))
+		log.Info(fmt.Sprintf("RabbitMQ %s - %s", rabbitmq.Name, op))
 	}
 
 	if rabbitmq.Status.ObservedGeneration == rabbitmq.Generation && rabbitmq.IsReady() {
@@ -288,10 +348,10 @@ func removeConfigMapControllerReference(
 
 // RabbitmqImageMatch - return true if the rabbitmq images match on the ControlPlane and Version, or if Rabbitmq is not enabled
 func RabbitmqImageMatch(ctx context.Context, controlPlane *corev1beta1.OpenStackControlPlane, version *corev1beta1.OpenStackVersion) bool {
-	Log := GetLogger(ctx)
+	log := GetLogger(ctx)
 	if controlPlane.Spec.Rabbitmq.Enabled {
 		if !stringPointersEqual(controlPlane.Status.ContainerImages.RabbitmqImage, version.Status.ContainerImages.RabbitmqImage) {
-			Log.Info("RabbitMQ image mismatch", "controlPlane.Status.ContainerImages.RabbitmqImage", controlPlane.Status.ContainerImages.RabbitmqImage, "version.Status.ContainerImages.RabbitmqImage", version.Status.ContainerImages.RabbitmqImage)
+			log.Info("RabbitMQ image mismatch", "controlPlane.Status.ContainerImages.RabbitmqImage", controlPlane.Status.ContainerImages.RabbitmqImage, "version.Status.ContainerImages.RabbitmqImage", version.Status.ContainerImages.RabbitmqImage)
 			return false
 		}
 	}

tests/functional/ctlplane/base_test.go

@@ -20,6 +20,7 @@ import (
 	"context"
 	"encoding/base64"
 
+	"github.com/google/uuid"
 	. "github.com/onsi/gomega" //revive:disable:dot-imports
 
 	k8s_corev1 "k8s.io/api/core/v1"
@@ -420,6 +421,56 @@ func GetTLSeCustomIssuerSpec() map[string]interface{} {
 	}
 }
 
+func GetDefaultGaleraSpec() map[string]interface{} {
+	return map[string]interface{}{
+		"replicas":       1,
+		"logToDisk":      false,
+		"secret":         "osp-secret",
+		"storageClass":   "local-storage",
+		"storageRequest": "100M",
+		"containerImage": "",
+	}
+}
+
+func CreateGaleraConfig(namespace string, spec map[string]interface{}) client.Object {
+	name := uuid.New().String()
+
+	raw := map[string]interface{}{
+		"apiVersion": "mariadb.openstack.org/v1beta1",
+		"kind":       "Galera",
+		"metadata": map[string]interface{}{
+			"name":      name,
+			"namespace": namespace,
+		},
+		"spec": spec,
+	}
+
+	return th.CreateUnstructured(raw)
+}
+
+func GetDefaultRabbitMQSpec() map[string]interface{} {
+	return map[string]interface{}{
+		"replicas":       1,
+		"containerImage": "",
+	}
+}
+
+func CreateRabbitMQConfig(namespace string, spec map[string]interface{}) client.Object {
+	name := uuid.New().String()
+
+	raw := map[string]interface{}{
+		"apiVersion": "rabbitmq.openstack.org/v1beta1",
+		"kind":       "RabbitMq",
+		"metadata": map[string]interface{}{
+			"name":      name,
+			"namespace": namespace,
+		},
+		"spec": spec,
+	}
+
+	return th.CreateUnstructured(raw)
+}
+
 func GetDefaultOpenStackControlPlaneSpec() map[string]interface{} {
 	memcachedTemplate := map[string]interface{}{
 		"memcached": map[string]interface{}{