Feat/create user invite (#125)

* feat: added invite resource creation

On-behalf-of: SAP [email protected]

* chore: fixed formatting and added comments

On-behalf-of: SAP [email protected]

* chore: fixed typo

On-behalf-of: SAP [email protected]

* feat: added waiting for Ready state functionality

On-behalf-of: SAP [email protected]

* chore: refactored message styling

On-behalf-of: SAP [email protected]

* feat: added tests

On-behalf-of: SAP [email protected]

* feat: added exponential backoff and org type check

On-behalf-of: SAP [email protected]

* added protection from going out of array boundaries

On-behalf-of: SAP [email protected]

* fix: fixed tests

On-behalf-of: SAP [email protected]

* added more tests

On-behalf-of: SAP [email protected]

* fix: fixed potential bugs

On-behalf-of: SAP [email protected]

* chore: removed e-mail address from logging

On-behalf-of: SAP [email protected]

* chore: fixed typo

On-behalf-of: SAP [email protected]

* chore: some minor improvements

* chore: refactored tests

On-behalf-of: SAP [email protected]

---------

Co-authored-by: aaronschweig <[email protected]>

Author: OlegErshov

internal/controller/initializer_controller.go

@@ -33,6 +33,7 @@ func NewLogicalClusterReconciler(log *logger.Logger, orgClient client.Client, cf
 			subroutine.NewWorkspaceInitializer(orgClient, cfg, mgr),
 			subroutine.NewWorkspaceAuthConfigurationSubroutine(orgClient, inClusterClient, cfg),
 			subroutine.NewRealmSubroutine(inClusterClient, &cfg, cfg.BaseDomain),
+			subroutine.NewInviteSubroutine(orgClient, mgr),
 			subroutine.NewRemoveInitializer(mgr, cfg.InitializerName),
 		}, log).
 			WithReadOnly().

internal/subroutine/invite.go

@@ -0,0 +1,109 @@
+package subroutine
+
+import (
+	"context"
+	"fmt"
+
+	kcpv1alpha1 "github.com/kcp-dev/kcp/sdk/apis/core/v1alpha1"
+	accountv1alpha1 "github.com/platform-mesh/account-operator/api/v1alpha1"
+	"github.com/platform-mesh/golang-commons/controller/lifecycle/runtimeobject"
+	lifecyclesubroutine "github.com/platform-mesh/golang-commons/controller/lifecycle/subroutine"
+	"github.com/rs/zerolog/log"
+
+	"k8s.io/apimachinery/pkg/api/meta"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/wait"
+
+	"github.com/platform-mesh/golang-commons/errors"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+	mcmanager "sigs.k8s.io/multicluster-runtime/pkg/manager"
+
+	"k8s.io/client-go/util/retry"
+
+	"github.com/platform-mesh/security-operator/api/v1alpha1"
+)
+
+func NewInviteSubroutine(orgsClient client.Client, mgr mcmanager.Manager) *inviteSubroutine {
+	return &inviteSubroutine{
+		orgsClient: orgsClient,
+		mgr:        mgr,
+	}
+}
+
+var _ lifecyclesubroutine.Subroutine = &inviteSubroutine{}
+
+type inviteSubroutine struct {
+	orgsClient client.Client
+	mgr        mcmanager.Manager
+}
+
+func (w *inviteSubroutine) Finalize(ctx context.Context, instance runtimeobject.RuntimeObject) (ctrl.Result, errors.OperatorError) {
+	return ctrl.Result{}, nil
+}
+
+func (w *inviteSubroutine) Finalizers(_ runtimeobject.RuntimeObject) []string {
+	return nil
+}
+
+func (w *inviteSubroutine) GetName() string { return "InviteInitilizationSubroutine" }
+
+func (w *inviteSubroutine) Process(ctx context.Context, instance runtimeobject.RuntimeObject) (ctrl.Result, errors.OperatorError) {
+	lc := instance.(*kcpv1alpha1.LogicalCluster)
+
+	wsName := getWorkspaceName(lc)
+	if wsName == "" {
+		return ctrl.Result{}, errors.NewOperatorError(fmt.Errorf("failed to get workspace name"), true, false)
+	}
+
+	cl, err := w.mgr.ClusterFromContext(ctx)
+	if err != nil {
+		return ctrl.Result{}, errors.NewOperatorError(fmt.Errorf("failed to get cluster from context %w", err), true, true)
+	}
+
+	var account accountv1alpha1.Account
+	err = w.orgsClient.Get(ctx, types.NamespacedName{Name: wsName}, &account)
+	if err != nil {
+		return ctrl.Result{}, errors.NewOperatorError(fmt.Errorf("failed to get account resource %w", err), true, true)
+	}
+
+	if account.Spec.Type != accountv1alpha1.AccountTypeOrg {
+		log.Info().Str("workspace", wsName).Msg("account is not of type organization, skipping invite creation")
+		return ctrl.Result{}, nil
+	}
+
+	if account.Spec.Creator == nil {
+		return ctrl.Result{}, errors.NewOperatorError(fmt.Errorf("account.Spec.Creator is nil for account %s", wsName), true, true)
+	}
+
+	// the Invite resource is created in :root:orgs:<new org> workspace
+	invite := &v1alpha1.Invite{ObjectMeta: metav1.ObjectMeta{Name: wsName}}
+	_, err = controllerutil.CreateOrUpdate(ctx, cl.GetClient(), invite, func() error {
+		invite.Spec.Email = *account.Spec.Creator
+
+		return nil
+	})
+	if err != nil {
+		return ctrl.Result{}, errors.NewOperatorError(fmt.Errorf("failed to create invite resource %w", err), true, true)
+	}
+
+	log.Info().Str("workspace", wsName).Msg("invite resource created")
+
+	err = wait.ExponentialBackoffWithContext(ctx, retry.DefaultBackoff,
+		func(ctx context.Context) (bool, error) {
+			if err := cl.GetClient().Get(ctx, types.NamespacedName{Name: wsName}, invite); err != nil {
+				return false, err
+			}
+
+			return meta.IsStatusConditionTrue(invite.GetConditions(), "Ready"), nil
+		})
+	if err != nil {
+		log.Info().Str("workspace", wsName).Msg("invite resource not ready yet")
+		return ctrl.Result{}, errors.NewOperatorError(fmt.Errorf("invite resource is not ready yet"), true, false)
+	}
+
+	log.Info().Str("workspace", wsName).Msg("invite resource ready")
+	return ctrl.Result{}, nil
+}