Bump k8s apis to 1.27, refactor to support contexts (#1523)

Author: lsierant

.gitignore

@@ -100,3 +100,4 @@ diagnostics
 Pipfile
 Pipfile.lock
 .community-operator-dev
+*.iml

cmd/readiness/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -42,7 +43,7 @@ func init() {
 // - If MongoDB: then just the 'statuses[0].IsInGoalState` field is used to learn if the Agent has reached the goal
 // - if AppDB: the 'mmsStatus[0].lastGoalVersionAchieved' field is compared with the one from mounted automation config
 // Additionally if the previous check hasn't returned 'true' an additional check for wait steps is being performed
-func isPodReady(conf config.Config) (bool, error) {
+func isPodReady(ctx context.Context, conf config.Config) (bool, error) {
 	healthStatus, err := parseHealthStatus(conf.HealthStatusReader)
 	if err != nil {
 		logger.Errorf("There was problem parsing health status file: %s", err)
@@ -56,7 +57,7 @@ func isPodReady(conf config.Config) (bool, error) {
 	}
 
 	// If the agent has reached the goal state
-	inGoalState, err := isInGoalState(healthStatus, conf)
+	inGoalState, err := isInGoalState(ctx, healthStatus, conf)
 	if err != nil {
 		logger.Errorf("There was problem checking the health status: %s", err)
 		return false, err
@@ -159,9 +160,9 @@ func isWaitStep(status *health.StepStatus) bool {
 	return false
 }
 
-func isInGoalState(health health.Status, conf config.Config) (bool, error) {
+func isInGoalState(ctx context.Context, health health.Status, conf config.Config) (bool, error) {
 	if isHeadlessMode() {
-		return headless.PerformCheckHeadlessMode(health, conf)
+		return headless.PerformCheckHeadlessMode(ctx, health, conf)
 	}
 	return performCheckOMMode(health), nil
 }
@@ -216,6 +217,7 @@ func initLogger(l *lumberjack.Logger) {
 }
 
 func main() {
+	ctx := context.Background()
 	clientSet, err := kubernetesClientset()
 	if err != nil {
 		panic(err)
@@ -238,7 +240,7 @@ func main() {
 		panic(err)
 	}
 
-	ready, err := isPodReady(cfg)
+	ready, err := isPodReady(ctx, cfg)
 	if err != nil {
 		panic(err)
 	}

cmd/readiness/readiness_test.go

@@ -22,6 +22,7 @@ import (
 // TestDeadlockDetection verifies that if the agent is stuck in "WaitAllRsMembersUp" phase (started > 15 seconds ago)
 // then the function returns "ready"
 func TestDeadlockDetection(t *testing.T) {
+	ctx := context.Background()
 	type TestConfig struct {
 		conf            config.Config
 		isErrorExpected bool
@@ -108,7 +109,7 @@ func TestDeadlockDetection(t *testing.T) {
 	for testName, _ := range tests {
 		testConfig := tests[testName]
 		t.Run(testName, func(t *testing.T) {
-			ready, err := isPodReady(testConfig.conf)
+			ready, err := isPodReady(ctx, testConfig.conf)
 			if testConfig.isErrorExpected {
 				assert.Error(t, err)
 			} else {
@@ -241,8 +242,9 @@ func TestObtainingCurrentStep(t *testing.T) {
 // In this case, the Readiness Probe needs to return Ready and let the StatefulSet Controller to proceed
 // with the Pod rollout.
 func TestReadyWithWaitForCorrectBinaries(t *testing.T) {
+	ctx := context.Background()
 	c := testConfigWithMongoUp("testdata/health-status-ok-with-WaitForCorrectBinaries.json", time.Second*30)
-	ready, err := isPodReady(c)
+	ready, err := isPodReady(ctx, c)
 
 	assert.True(t, ready)
 	assert.NoError(t, err)
@@ -254,26 +256,28 @@ func TestReadyWithWaitForCorrectBinaries(t *testing.T) {
 // (as Agent doesn't marks all the step statuses finished when it reaches the goal) but this doesn't affect the result
 // as the whole plan is complete already
 func TestHeadlessAgentHasntReachedGoal(t *testing.T) {
+	ctx := context.Background()
 	t.Setenv(headlessAgent, "true")
 	c := testConfig("testdata/health-status-ok.json")
 	c.ClientSet = fake.NewSimpleClientset(testdata.TestPod(c.Namespace, c.Hostname), testdata.TestSecret(c.Namespace, c.AutomationConfigSecretName, 6))
-	ready, err := isPodReady(c)
+	ready, err := isPodReady(ctx, c)
 	assert.False(t, ready)
 	assert.NoError(t, err)
-	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(context.TODO(), c.Hostname, metav1.GetOptions{})
+	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(ctx, c.Hostname, metav1.GetOptions{})
 	assert.Equal(t, map[string]string{"agent.mongodb.com/version": "5"}, thePod.Annotations)
 }
 
 // TestHeadlessAgentReachedGoal verifies that the probe reports "true" if the config version is equal to the
 // last achieved version of the Agent
 func TestHeadlessAgentReachedGoal(t *testing.T) {
+	ctx := context.Background()
 	t.Setenv(headlessAgent, "true")
 	c := testConfig("testdata/health-status-ok.json")
 	c.ClientSet = fake.NewSimpleClientset(testdata.TestPod(c.Namespace, c.Hostname), testdata.TestSecret(c.Namespace, c.AutomationConfigSecretName, 5))
-	ready, err := isPodReady(c)
+	ready, err := isPodReady(ctx, c)
 	assert.True(t, ready)
 	assert.NoError(t, err)
-	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(context.TODO(), c.Hostname, metav1.GetOptions{})
+	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(ctx, c.Hostname, metav1.GetOptions{})
 	assert.Equal(t, map[string]string{"agent.mongodb.com/version": "5"}, thePod.Annotations)
 }
 

cmd/versionhook/main.go

@@ -27,6 +27,7 @@ const (
 )
 
 func main() {
+	ctx := context.Background()
 	logger := setupLogger()
 
 	logger.Info("Running version change post-start hook")
@@ -57,7 +58,7 @@ func main() {
 
 	if shouldDelete {
 		logger.Infof("Pod should be deleted")
-		if err := deletePod(); err != nil {
+		if err := deletePod(ctx); err != nil {
 			// We should not raise an error if the Pod could not be deleted. It can have even
 			// worse consequences: Pod being restarted with the same version, and the agent
 			// killing it immediately after.
@@ -182,7 +183,7 @@ func isWaitingToBeDeleted(healthStatus agent.MmsDirectorStatus) bool {
 }
 
 // deletePod attempts to delete the pod this mongod is running in
-func deletePod() error {
+func deletePod(ctx context.Context) error {
 	thisPod, err := getThisPod()
 	if err != nil {
 		return fmt.Errorf("could not get pod: %s", err)
@@ -192,7 +193,7 @@ func deletePod() error {
 		return fmt.Errorf("could not get client: %s", err)
 	}
 
-	if err := k8sClient.Delete(context.TODO(), &thisPod); err != nil {
+	if err := k8sClient.Delete(ctx, &thisPod); err != nil {
 		return fmt.Errorf("could not delete pod: %s", err)
 	}
 	return nil

config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml

@@ -1,15 +1,10 @@
+
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.11.3
-    service.binding: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret
-    service.binding/connectionString: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=connectionString.standardSrv
-    service.binding/password: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=password
-    service.binding/provider: community
-    service.binding/type: mongodb
-    service.binding/username: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=username
+    controller-gen.kubebuilder.io/version: v0.4.1
   creationTimestamp: null
   name: mongodbcommunity.mongodbcommunity.mongodb.com
 spec:
@@ -290,7 +285,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       agentMode:
                         description: AgentMode contains the authentication mode used
                           by the automation agent.
@@ -419,7 +413,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       caConfigMapRef:
                         description: CaConfigMap is a reference to a ConfigMap containing
                           the certificate for the CA which signed the server certificates
@@ -432,7 +425,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       certificateKeySecretRef:
                         description: CertificateKeySecret is a reference to a Secret
                           containing a private key and certificate to use for TLS.
@@ -450,7 +442,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       enabled:
                         type: boolean
                       optional:
@@ -602,3 +593,9 @@ spec:
     storage: true
     subresources:
       status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

controllers/mongodb_cleanup.go

@@ -1,6 +1,7 @@
 package controllers
 
 import (
+	"context"
 	apiErrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/types"
 
@@ -9,14 +10,14 @@ import (
 )
 
 // cleanupPemSecret cleans up the old pem secret generated for the agent certificate.
-func (r *ReplicaSetReconciler) cleanupPemSecret(currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
+func (r *ReplicaSetReconciler) cleanupPemSecret(ctx context.Context, currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
 	if currentMDB.GetAgentAuthMode() == lastAppliedMDBSpec.GetAgentAuthMode() {
 		return
 	}
 
 	if !currentMDB.IsAgentX509() && lastAppliedMDBSpec.IsAgentX509() {
 		agentCertSecret := lastAppliedMDBSpec.GetAgentCertificateRef()
-		if err := r.client.DeleteSecret(types.NamespacedName{
+		if err := r.client.DeleteSecret(ctx, types.NamespacedName{
 			Namespace: namespace,
 			Name:      agentCertSecret + "-pem",
 		}); err != nil {
@@ -30,11 +31,11 @@ func (r *ReplicaSetReconciler) cleanupPemSecret(currentMDB mdbv1.MongoDBCommunit
 }
 
 // cleanupScramSecrets cleans up old scram secrets based on the last successful applied mongodb spec.
-func (r *ReplicaSetReconciler) cleanupScramSecrets(currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
+func (r *ReplicaSetReconciler) cleanupScramSecrets(ctx context.Context, currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
 	secretsToDelete := getScramSecretsToDelete(currentMDB, lastAppliedMDBSpec)
 
 	for _, s := range secretsToDelete {
-		if err := r.client.DeleteSecret(types.NamespacedName{
+		if err := r.client.DeleteSecret(ctx, types.NamespacedName{
 			Name:      s,
 			Namespace: namespace,
 		}); err != nil {

controllers/mongodb_cleanup_test.go

@@ -1,6 +1,7 @@
 package controllers
 
 import (
+	"context"
 	mdbv1 "github.com/mongodb/mongodb-kubernetes-operator/api/v1"
 	kubeClient "github.com/mongodb/mongodb-kubernetes-operator/pkg/kube/client"
 	"github.com/stretchr/testify/assert"
@@ -98,6 +99,7 @@ func TestReplicaSetReconcilerCleanupScramSecrets(t *testing.T) {
 
 }
 func TestReplicaSetReconcilerCleanupPemSecret(t *testing.T) {
+	ctx := context.Background()
 	lastAppliedSpec := mdbv1.MongoDBCommunitySpec{
 		Security: mdbv1.Security{
 			Authentication: mdbv1.Authentication{
@@ -134,21 +136,21 @@ func TestReplicaSetReconcilerCleanupPemSecret(t *testing.T) {
 		},
 	}
 
-	mgr := kubeClient.NewManager(&mdb)
+	mgr := kubeClient.NewManager(ctx, &mdb)
 
 	client := kubeClient.NewClient(mgr.GetClient())
-	err := createAgentCertPemSecret(client, mdb, "CERT", "KEY", "")
+	err := createAgentCertPemSecret(ctx, client, mdb, "CERT", "KEY", "")
 	assert.NoError(t, err)
 
 	r := NewReconciler(mgr)
 
-	secret, err := r.client.GetSecret(mdb.AgentCertificatePemSecretNamespacedName())
+	secret, err := r.client.GetSecret(ctx, mdb.AgentCertificatePemSecretNamespacedName())
 	assert.NoError(t, err)
 	assert.Equal(t, "CERT", string(secret.Data["tls.crt"]))
 	assert.Equal(t, "KEY", string(secret.Data["tls.key"]))
 
-	r.cleanupPemSecret(mdb.Spec, lastAppliedSpec, "my-ns")
+	r.cleanupPemSecret(ctx, mdb.Spec, lastAppliedSpec, "my-ns")
 
-	_, err = r.client.GetSecret(mdb.AgentCertificatePemSecretNamespacedName())
+	_, err = r.client.GetSecret(ctx, mdb.AgentCertificatePemSecretNamespacedName())
 	assert.Error(t, err)
 }