Skip to content

Commit

Permalink
ROX-12344: Add org-id label and org-name annotation
Browse files Browse the repository at this point in the history
  • Loading branch information
stehessel committed Dec 17, 2022
1 parent f27847c commit 2b8955c
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 6 deletions.
21 changes: 15 additions & 6 deletions fleetshard/pkg/central/reconciler/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,8 @@ const (
helmReleaseName = "tenant-resources"

managedServicesAnnotation = "platform.stackrox.io/managed-services"
orgNameAnnotationKey = "rhacs.redhat.com/org-name"
orgIDLabelKey = "rhacs.redhat.com/org-id"
tenantIDLabelKey = "rhacs.redhat.com/tenant"

centralDbSecretName = "central-db-password" // pragma: allowlist secret
Expand Down Expand Up @@ -165,7 +167,11 @@ func (r *CentralReconciler) Reconcile(ctx context.Context, remoteCentral private
},
Customize: &v1alpha1.CustomizeSpec{
EnvVars: envVars,
Annotations: map[string]string{
orgNameAnnotationKey: remoteCentral.Spec.Auth.OwnerOrgName,
},
Labels: map[string]string{
orgIDLabelKey: remoteCentral.Spec.Auth.OwnerOrgId,
tenantIDLabelKey: remoteCentral.Id,
},
},
Expand Down Expand Up @@ -201,7 +207,11 @@ func (r *CentralReconciler) Reconcile(ctx context.Context, remoteCentral private
return nil, ErrDeletionInProgress
}

if err := r.ensureNamespaceExists(remoteCentralNamespace, remoteCentral.Id); err != nil {
namespaceLabels := map[string]string{
orgIDLabelKey: remoteCentral.Spec.Auth.OwnerOrgId,
tenantIDLabelKey: remoteCentral.Id,
}
if err := r.ensureNamespaceExists(remoteCentralNamespace, namespaceLabels); err != nil {
return nil, errors.Wrapf(err, "unable to ensure that namespace %s exists", remoteCentralNamespace)
}

Expand Down Expand Up @@ -447,21 +457,20 @@ func (r *CentralReconciler) getNamespace(name string) (*corev1.Namespace, error)
return namespace, nil
}

func (r *CentralReconciler) createTenantNamespace(ctx context.Context, namespace *corev1.Namespace, tenantID string) error {
namespace.Labels = make(map[string]string)
namespace.Labels[tenantIDLabelKey] = tenantID
func (r *CentralReconciler) createTenantNamespace(ctx context.Context, namespace *corev1.Namespace, labels map[string]string) error {
namespace.Labels = labels
err := r.client.Create(ctx, namespace)
if err != nil {
return fmt.Errorf("creating namespace %q: %w", namespace.ObjectMeta.Name, err)
}
return nil
}

func (r *CentralReconciler) ensureNamespaceExists(name string, tenantID string) error {
func (r *CentralReconciler) ensureNamespaceExists(name string, labels map[string]string) error {
namespace, err := r.getNamespace(name)
if err != nil {
if apiErrors.IsNotFound(err) {
return r.createTenantNamespace(context.Background(), namespace, tenantID)
return r.createTenantNamespace(context.Background(), namespace, labels)
}
return fmt.Errorf("getting namespace %s: %w", name, err)
}
Expand Down
6 changes: 6 additions & 0 deletions fleetshard/pkg/central/reconciler/reconciler_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,10 @@ var simpleManagedCentral = private.ManagedCentral{
Namespace: centralNamespace,
},
Spec: private.ManagedCentralAllOfSpec{
Auth: private.ManagedCentralAllOfSpecAuth{
OwnerOrgId: "12345",
OwnerOrgName: "org-name",
},
UiEndpoint: private.ManagedCentralAllOfSpecUiEndpoint{
Host: fmt.Sprintf("acs-%s.acs.rhcloud.test", centralID),
},
Expand Down Expand Up @@ -90,6 +94,8 @@ func TestReconcileCreate(t *testing.T) {
assert.Equal(t, centralName, central.GetName())
assert.Equal(t, simpleManagedCentral.Id, central.GetLabels()[tenantIDLabelKey])
assert.Equal(t, simpleManagedCentral.Id, central.Spec.Customize.Labels[tenantIDLabelKey])
assert.Equal(t, simpleManagedCentral.Spec.Auth.OwnerOrgName, central.Spec.Customize.Annotations[orgNameAnnotationKey])
assert.Equal(t, simpleManagedCentral.Spec.Auth.OwnerOrgId, central.Spec.Customize.Labels[orgIDLabelKey])
assert.Equal(t, "1", central.GetAnnotations()[revisionAnnotationKey])
assert.Equal(t, "true", central.GetAnnotations()[managedServicesAnnotation])
assert.Equal(t, true, *central.Spec.Central.Exposure.Route.Enabled)
Expand Down

0 comments on commit 2b8955c

Please sign in to comment.