feat: sync Secrets, ConfigMaps and PersistentVolumesClaims to users n… (

#1799)

* feat: sync Secrets, ConfigMaps and PersistentVolumesClaims to users namespaces

Signed-off-by: Anatolii Bazko <abazko@redhat.com>

Makefile

@@ -336,7 +336,9 @@ genenerate-env:
 	      | select(.name=="che-operator")
 	      | .env[]
 	      | select(has("value"))
-	      | "export \(.name)=\"\(.value)\""' \
+	      | "export \(.name)=\(.value)"' \
+	      | sed 's|"|\\"|g' \
+	      | sed -E 's|(.*)=(.*)|\1="\2"|g' \
 	  > $(BASH_ENV_FILE)
 	echo "export WATCH_NAMESPACE=$(ECLIPSE_CHE_NAMESPACE)" >> $(BASH_ENV_FILE)
 	echo "[INFO] Created $(BASH_ENV_FILE)"
@@ -348,6 +350,8 @@ genenerate-env:
 	      | .env[]
 	      | select(has("value"))
 	      | "\(.name)=\"\(.value)\""' \
+	      | sed 's|"|\\"|g' \
+	      | sed -E 's|(.*)=(.*)|\1="\2"|g' \
 	  > $(VSCODE_ENV_FILE)
 	echo "WATCH_NAMESPACE=$(ECLIPSE_CHE_NAMESPACE)" >> $(VSCODE_ENV_FILE)
 	echo "[INFO] Created $(VSCODE_ENV_FILE)"

bundle/next/eclipse-che/manifests/che-operator.clusterserviceversion.yaml

@@ -77,7 +77,7 @@ metadata:
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
     repository: https://github.com/eclipse-che/che-operator
     support: Eclipse Foundation
-  name: eclipse-che.v7.81.0-829.next
+  name: eclipse-che.v7.81.0-830.next
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -1240,7 +1240,7 @@ spec:
   minKubeVersion: 1.19.0
   provider:
     name: Eclipse Foundation
-  version: 7.81.0-829.next
+  version: 7.81.0-830.next
   webhookdefinitions:
     - admissionReviewVersions:
         - v1

controllers/che/checluster_controller.go

@@ -54,7 +54,6 @@ import (
 
 	chev2 "github.com/eclipse-che/che-operator/api/v2"
 	networking "k8s.io/api/networking/v1"
-	"k8s.io/apimachinery/pkg/api/errors"
 )
 
 // CheClusterReconciler reconciles a CheCluster object
@@ -150,15 +149,15 @@ func (r *CheClusterReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	}
 
 	var toTrustedBundleConfigMapRequestMapper handler.MapFunc = func(obj client.Object) []ctrl.Request {
-		isTrusted, reconcileRequest := IsTrustedBundleConfigMap(r.nonCachedClient, r.namespace, obj)
+		isTrusted, reconcileRequest := IsTrustedBundleConfigMap(r.client, r.namespace, obj)
 		if isTrusted {
 			return []ctrl.Request{reconcileRequest}
 		}
 		return []ctrl.Request{}
 	}
 
 	var toEclipseCheRelatedObjRequestMapper handler.MapFunc = func(obj client.Object) []ctrl.Request {
-		isEclipseCheRelatedObj, reconcileRequest := IsEclipseCheRelatedObj(r.nonCachedClient, r.namespace, obj)
+		isEclipseCheRelatedObj, reconcileRequest := IsEclipseCheRelatedObj(r.client, r.namespace, obj)
 		if isEclipseCheRelatedObj {
 			return []ctrl.Request{reconcileRequest}
 		}
@@ -197,10 +196,6 @@ func (r *CheClusterReconciler) SetupWithManager(mgr ctrl.Manager) error {
 			IsController: true,
 			OwnerType:    &chev2.CheCluster{},
 		}).
-		Watches(&source.Kind{Type: &corev1.PersistentVolumeClaim{}}, &handler.EnqueueRequestForOwner{
-			IsController: true,
-			OwnerType:    &chev2.CheCluster{},
-		}).
 		Watches(&source.Kind{Type: &corev1.ConfigMap{}},
 			handler.EnqueueRequestsFromMapFunc(toTrustedBundleConfigMapRequestMapper),
 			builder.WithPredicates(onAllExceptGenericEventsPredicate),
@@ -251,16 +246,11 @@ func (r *CheClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	}
 
 	// Fetch the CheCluster instance
-	checluster, err := r.GetCR(req)
-
-	if err != nil {
-		if errors.IsNotFound(err) {
-			r.Log.Info("CheCluster Custom Resource not found.")
-			// Request object not found, could have been deleted after reconcile request.
-			// Owned objects are automatically garbage collected. For additional cleanup logic use finalizers.
-			// Return and don't requeue
-			return ctrl.Result{}, nil
-		}
+	checluster, err := deploy.FindCheClusterCRInNamespace(r.client, req.NamespacedName.Namespace)
+	if checluster == nil {
+		r.Log.Info("CheCluster Custom Resource not found.")
+		return ctrl.Result{}, nil
+	} else if err != nil {
 		// Error reading the object - requeue the request.
 		return ctrl.Result{}, err
 	}
@@ -305,9 +295,3 @@ func (r *CheClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		return ctrl.Result{Requeue: !done}, nil
 	}
 }
-
-func (r *CheClusterReconciler) GetCR(request ctrl.Request) (*chev2.CheCluster, error) {
-	checluster := &chev2.CheCluster{}
-	err := r.client.Get(context.TODO(), request.NamespacedName, checluster)
-	return checluster, err
-}

controllers/che/cheobj_verifier.go

@@ -16,7 +16,6 @@ import (
 	"github.com/eclipse-che/che-operator/pkg/common/constants"
 	"github.com/eclipse-che/che-operator/pkg/deploy"
 	"github.com/eclipse-che/che-operator/pkg/deploy/tls"
-	"github.com/sirupsen/logrus"
 	"k8s.io/apimachinery/pkg/types"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -29,11 +28,8 @@ func IsTrustedBundleConfigMap(cl client.Client, watchNamespace string, obj clien
 		return false, ctrl.Request{}
 	}
 
-	checluster, num, _ := deploy.FindCheClusterCRInNamespace(cl, watchNamespace)
-	if num != 1 {
-		if num > 1 {
-			logrus.Warn("More than one checluster Custom Resource found.")
-		}
+	checluster, _ := deploy.FindCheClusterCRInNamespace(cl, watchNamespace)
+	if checluster == nil {
 		return false, ctrl.Request{}
 	}
 
@@ -71,11 +67,8 @@ func IsEclipseCheRelatedObj(cl client.Client, watchNamespace string, obj client.
 		return false, ctrl.Request{}
 	}
 
-	checluster, num, _ := deploy.FindCheClusterCRInNamespace(cl, watchNamespace)
-	if num != 1 {
-		if num > 1 {
-			logrus.Warn("More than one checluster Custom Resource found.")
-		}
+	checluster, _ := deploy.FindCheClusterCRInNamespace(cl, watchNamespace)
+	if checluster == nil {
 		return false, ctrl.Request{}
 	}
 

controllers/che/cheobj_verifier_test.go

@@ -123,7 +123,7 @@ func TestIsTrustedBundleConfigMap(t *testing.T) {
 				newTestObject.ObjectMeta.Labels = testCase.objLabels
 			}
 
-			isEclipseCheObj, req := IsTrustedBundleConfigMap(deployContext.ClusterAPI.NonCachingClient, testCase.watchNamespace, newTestObject)
+			isEclipseCheObj, req := IsTrustedBundleConfigMap(deployContext.ClusterAPI.Client, testCase.watchNamespace, newTestObject)
 
 			assert.Equal(t, testCase.expectedIsEclipseCheObj, isEclipseCheObj)
 			if isEclipseCheObj {
@@ -217,7 +217,7 @@ func TestIsEclipseCheRelatedObj(t *testing.T) {
 			deployContext := test.GetDeployContext(nil, testCase.initObjects)
 
 			testObject.ObjectMeta.Namespace = testCase.objNamespace
-			isEclipseCheObj, req := IsEclipseCheRelatedObj(deployContext.ClusterAPI.NonCachingClient, testCase.watchNamespace, testObject)
+			isEclipseCheObj, req := IsEclipseCheRelatedObj(deployContext.ClusterAPI.Client, testCase.watchNamespace, testObject)
 
 			assert.Equal(t, testCase.expectedIsEclipseCheObj, isEclipseCheObj)
 			if isEclipseCheObj {

controllers/usernamespace/namespacecache.go

@@ -48,8 +48,9 @@ type namespaceInfo struct {
 	CheCluster           *types.NamespacedName
 }
 
-func NewNamespaceCache() *namespaceCache {
+func NewNamespaceCache(client client.Client) *namespaceCache {
 	return &namespaceCache{
+		client:          client,
 		knownNamespaces: map[string]namespaceInfo{},
 		lock:            sync.Mutex{},
 	}

controllers/usernamespace/controller.go → controllers/usernamespace/usernamespace_controller.go

@@ -29,7 +29,6 @@ import (
 	"github.com/devfile/devworkspace-operator/pkg/infrastructure"
 	chev2 "github.com/eclipse-che/che-operator/api/v2"
 	"github.com/eclipse-che/che-operator/controllers/che"
-	"github.com/eclipse-che/che-operator/controllers/devworkspace"
 	"github.com/eclipse-che/che-operator/controllers/devworkspace/defaults"
 	"github.com/eclipse-che/che-operator/pkg/deploy"
 	projectv1 "github.com/openshift/api/project/v1"
@@ -55,27 +54,28 @@ const (
 )
 
 type CheUserNamespaceReconciler struct {
-	client         client.Client
-	scheme         *runtime.Scheme
-	namespaceCache namespaceCache
-}
-
-type eventRule struct {
-	check      func(metav1.Object) bool
-	namespaces func(metav1.Object) []string
+	scheme          *runtime.Scheme
+	client          client.Client
+	nonCachedClient client.Client
+	namespaceCache  *namespaceCache
 }
 
 var _ reconcile.Reconciler = (*CheUserNamespaceReconciler)(nil)
 
-func NewReconciler() *CheUserNamespaceReconciler {
-	return &CheUserNamespaceReconciler{namespaceCache: *NewNamespaceCache()}
+func NewCheUserNamespaceReconciler(
+	client client.Client,
+	noncachedClient client.Client,
+	scheme *runtime.Scheme,
+	namespaceCache *namespaceCache) *CheUserNamespaceReconciler {
+
+	return &CheUserNamespaceReconciler{
+		scheme:          scheme,
+		client:          client,
+		nonCachedClient: noncachedClient,
+		namespaceCache:  namespaceCache}
 }
 
 func (r *CheUserNamespaceReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	r.scheme = mgr.GetScheme()
-	r.client = mgr.GetClient()
-	r.namespaceCache.client = r.client
-
 	var obj client.Object
 	if infrastructure.IsOpenShift() {
 		obj = &projectv1.Project{}
@@ -101,26 +101,6 @@ func (r *CheUserNamespaceReconciler) watchRulesForSecrets(ctx context.Context) h
 		}))
 }
 
-func asReconcileRequestsForNamespaces(obj metav1.Object, rules []eventRule) []reconcile.Request {
-	for _, r := range rules {
-		if r.check(obj) {
-			nss := r.namespaces(obj)
-			ret := make([]reconcile.Request, len(nss))
-			for i, n := range nss {
-				ret[i] = reconcile.Request{
-					NamespacedName: types.NamespacedName{
-						Name: n,
-					},
-				}
-			}
-
-			return ret
-		}
-	}
-
-	return []reconcile.Request{}
-}
-
 func (r *CheUserNamespaceReconciler) commonRules(ctx context.Context, namesInCheClusterNamespace ...string) []eventRule {
 	return []eventRule{
 		{
@@ -192,6 +172,10 @@ func (r *CheUserNamespaceReconciler) hasCheCluster(ctx context.Context, namespac
 }
 
 func (r *CheUserNamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+	if req.Name == "" {
+		return ctrl.Result{}, nil
+	}
+
 	info, err := r.namespaceCache.ExamineNamespace(ctx, req.Name)
 	if err != nil {
 		logrus.Errorf("Failed to examine namespace %s for presence of Che user info labels: %v", req.Name, err)
@@ -203,18 +187,18 @@ func (r *CheUserNamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Req
 		return ctrl.Result{}, nil
 	}
 
-	checluster := findManagingCheCluster(*info.CheCluster)
-	if checluster == nil {
-		return ctrl.Result{Requeue: true}, nil
+	checluster, err := deploy.FindCheClusterCRInNamespace(r.client, "")
+	if checluster == nil || err != nil {
+		// CheCluster is not found or error occurred, requeue the request
+		return ctrl.Result{}, err
 	}
 
 	// let's construct the deployContext to be able to use methods from v1 operator
 	deployContext := &chetypes.DeployContext{
 		CheCluster: checluster,
 		ClusterAPI: chetypes.ClusterAPI{
 			Client:           r.client,
-			NonCachingClient: r.client,
-			DiscoveryClient:  nil,
+			NonCachingClient: r.nonCachedClient,
 			Scheme:           r.scheme,
 		},
 	}
@@ -257,30 +241,6 @@ func (r *CheUserNamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Req
 	return ctrl.Result{}, nil
 }
 
-func findManagingCheCluster(key types.NamespacedName) *chev2.CheCluster {
-	instances := devworkspace.GetCurrentCheClusterInstances()
-	if len(instances) == 0 {
-		return nil
-	}
-
-	if len(instances) == 1 {
-		for k, v := range instances {
-			if key.Name == "" || (key.Name == k.Name && key.Namespace == k.Namespace) {
-				return &v
-			}
-			return nil
-		}
-	}
-
-	ret, ok := instances[key]
-
-	if ok {
-		return &ret
-	} else {
-		return nil
-	}
-}
-
 func (r *CheUserNamespaceReconciler) reconcileSelfSignedCert(ctx context.Context, deployContext *chetypes.DeployContext, targetNs string, checluster *chev2.CheCluster) error {
 	if err := deleteLegacyObject("server-cert", &corev1.Secret{}, targetNs, checluster, deployContext); err != nil {
 		return err