remove identity provider code in cluster managers

stackrox · Nov 21, 2023 · 7436e13 · 7436e13
1 parent aeec553
commit 7436e13
Show file tree

Hide file tree

Showing 8 changed files with 24 additions and 424 deletions.
diff --git a/internal/dinosaur/pkg/clusters/ocm_provider.go b/internal/dinosaur/pkg/clusters/ocm_provider.go
@@ -102,19 +102,6 @@ func (o *OCMProvider) GetClusterDNS(clusterSpec *types.ClusterSpec) (string, err
 	return clusterDNS, nil
 }
 
-// AddIdentityProvider ...
-func (o *OCMProvider) AddIdentityProvider(clusterSpec *types.ClusterSpec, identityProviderInfo types.IdentityProviderInfo) (*types.IdentityProviderInfo, error) {
-	if identityProviderInfo.OpenID != nil {
-		idpID, err := o.addOpenIDIdentityProvider(clusterSpec, *identityProviderInfo.OpenID)
-		if err != nil {
-			return nil, errors.Wrapf(err, "failed to add identity provider for cluster %s", clusterSpec.InternalID)
-		}
-		identityProviderInfo.OpenID.ID = idpID
-		return &identityProviderInfo, nil
-	}
-	return nil, nil
-}
-
 // ScaleUp ...
 func (o *OCMProvider) ScaleUp(clusterSpec *types.ClusterSpec, increment int) (*types.ClusterSpec, error) {
 	_, err := o.ocmClient.ScaleUpComputeNodes(clusterSpec.InternalID, increment)

diff --git a/internal/dinosaur/pkg/clusters/ocm_provider_test.go b/internal/dinosaur/pkg/clusters/ocm_provider_test.go
@@ -351,132 +351,6 @@ func TestOCMProvider_GetClusterDNS(t *testing.T) {
 	}
 }
 
-func TestOCMProvider_AddIdentityProvider(t *testing.T) {
-	type fields struct {
-		ocmClient ocm.Client
-	}
-	type args struct {
-		clusterSpec          *types.ClusterSpec
-		identityProviderInfo types.IdentityProviderInfo
-	}
-
-	internalID := "test-internal-id"
-
-	spec := &types.ClusterSpec{
-		InternalID:     internalID,
-		ExternalID:     "",
-		Status:         "",
-		AdditionalInfo: nil,
-	}
-
-	testIdpID := "test-idp-ocm-id"
-	testIdpName := "test-idp-name"
-	testIdpClientID := "test-client-id"
-	testIdpClientSecret := "test-client-secret" // pragma: allowlist secret
-	testIdpIssuer := "test-issuer"
-	idpInfo := types.IdentityProviderInfo{OpenID: &types.OpenIDIdentityProviderInfo{
-		Name:         testIdpName,
-		ClientID:     testIdpClientID,
-		ClientSecret: testIdpClientSecret, // pragma: allowlist secret
-		Issuer:       testIdpIssuer,
-	}}
-
-	tests := []struct {
-		name    string
-		fields  fields
-		args    args
-		want    *types.IdentityProviderInfo
-		wantErr bool
-	}{
-		{
-			name: "should create IDP",
-			fields: fields{
-				ocmClient: &ocm.ClientMock{
-					CreateIdentityProviderFunc: func(clusterID string, identityProvider *clustersmgmtv1.IdentityProvider) (*clustersmgmtv1.IdentityProvider, error) {
-						return clustersmgmtv1.NewIdentityProvider().ID(testIdpID).Build()
-					},
-					GetIdentityProviderListFunc: func(clusterID string) (*clustersmgmtv1.IdentityProviderList, error) {
-						return nil, errors.Errorf("this should not be called")
-					},
-				},
-			},
-			args: args{
-				clusterSpec:          spec,
-				identityProviderInfo: idpInfo,
-			},
-			want: &types.IdentityProviderInfo{
-				OpenID: &types.OpenIDIdentityProviderInfo{
-					ID:           testIdpID,
-					Name:         testIdpName,
-					ClientID:     testIdpClientID,
-					ClientSecret: testIdpClientSecret, // pragma: allowlist secret
-					Issuer:       testIdpIssuer,
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "should not return error if IDP already exists",
-			fields: fields{
-				ocmClient: &ocm.ClientMock{
-					CreateIdentityProviderFunc: func(clusterID string, identityProvider *clustersmgmtv1.IdentityProvider) (*clustersmgmtv1.IdentityProvider, error) {
-						return nil, errors.Errorf("idp already exists")
-					},
-					GetIdentityProviderListFunc: func(clusterID string) (*clustersmgmtv1.IdentityProviderList, error) {
-						idp := clustersmgmtv1.NewIdentityProvider().ID(testIdpID).Name(testIdpName)
-						return clustersmgmtv1.NewIdentityProviderList().Items(idp).Build()
-					},
-				},
-			},
-			args: args{
-				clusterSpec:          spec,
-				identityProviderInfo: idpInfo,
-			},
-			want: &types.IdentityProviderInfo{
-				OpenID: &types.OpenIDIdentityProviderInfo{
-					ID:           testIdpID,
-					Name:         testIdpName,
-					ClientID:     testIdpClientID,
-					ClientSecret: testIdpClientSecret, // pragma: allowlist secret
-					Issuer:       testIdpIssuer,
-				},
-			},
-			wantErr: false,
-		},
-		{
-			name: "should return error",
-			fields: fields{
-				ocmClient: &ocm.ClientMock{
-					CreateIdentityProviderFunc: func(clusterID string, identityProvider *clustersmgmtv1.IdentityProvider) (*clustersmgmtv1.IdentityProvider, error) {
-						return nil, errors.Errorf("unexepcted error")
-					},
-					GetIdentityProviderListFunc: func(clusterID string) (*clustersmgmtv1.IdentityProviderList, error) {
-						return nil, errors.Errorf("this should not be called")
-					},
-				},
-			},
-			args: args{
-				clusterSpec:          spec,
-				identityProviderInfo: idpInfo,
-			},
-			want:    nil,
-			wantErr: true,
-		},
-	}
-
-	for _, test := range tests {
-		t.Run(test.name, func(t *testing.T) {
-			RegisterTestingT(t)
-			p := newOCMProvider(test.fields.ocmClient, nil, &ocm.OCMConfig{})
-			resp, err := p.AddIdentityProvider(test.args.clusterSpec, test.args.identityProviderInfo)
-			Expect(resp).To(Equal(test.want))
-			if test.wantErr {
-				Expect(err).NotTo(BeNil())
-			}
-		})
-	}
-}
-
 func TestOCMProvider_ScaleUp(t *testing.T) {
 	type fields struct {
 		ocmClient ocm.Client

diff --git a/internal/dinosaur/pkg/clusters/provider.go b/internal/dinosaur/pkg/clusters/provider.go
@@ -21,8 +21,6 @@ type Provider interface {
 	// It should set the status in the returned `ClusterSpec` to either `provisioning`, `ready` or `failed`.
 	// If there is additional data that needs to be preserved and passed between checks, add it to the returned `ClusterSpec` and it will be saved to the database and passed into this function again next time it is called.
 	CheckClusterStatus(spec *types.ClusterSpec) (*types.ClusterSpec, error)
-	// AddIdentityProvider add an identity provider to the cluster
-	AddIdentityProvider(clusterSpec *types.ClusterSpec, identityProvider types.IdentityProviderInfo) (*types.IdentityProviderInfo, error)
 	// ScaleUp scale the cluster up with the number of additional nodes specified
 	ScaleUp(clusterSpec *types.ClusterSpec, increment int) (*types.ClusterSpec, error)
 	// ScaleDown scale the cluster down with the number of nodes specified

diff --git a/internal/dinosaur/pkg/clusters/provider_moq.go b/internal/dinosaur/pkg/clusters/provider_moq.go
diff --git a/internal/dinosaur/pkg/clusters/standalone_provider.go b/internal/dinosaur/pkg/clusters/standalone_provider.go
@@ -71,19 +71,6 @@ func (s *StandaloneProvider) GetClusterDNS(clusterSpec *types.ClusterSpec) (stri
 	return "", nil // NOOP for now
 }
 
-// AddIdentityProvider ...
-func (s *StandaloneProvider) AddIdentityProvider(clusterSpec *types.ClusterSpec, identityProvider types.IdentityProviderInfo) (*types.IdentityProviderInfo, error) {
-	// setup identity provider
-	_, err := s.ApplyResources(clusterSpec, types.ResourceSet{
-		Resources: []interface{}{
-			s.buildOpenIDPClientSecret(identityProvider),
-			s.buildIdentityProviderResource(identityProvider),
-		},
-	})
-
-	return &identityProvider, err
-}
-
 // buildOpenIDPClientSecret builds the k8s secret which holds OpenIDP clientSecret value
 // The clientSecret as indicated in https://docs.openshift.com/container-platform/4.7/authentication/identity_providers/configuring-oidc-identity-provider.html#identity-provider-creating-secret_configuring-oidc-identity-provider
 func (s *StandaloneProvider) buildOpenIDPClientSecret(identityProvider types.IdentityProviderInfo) *v1.Secret {

diff --git a/internal/dinosaur/pkg/services/clusters.go b/internal/dinosaur/pkg/services/clusters.go
@@ -64,7 +64,6 @@ type ClusterService interface {
 	CheckClusterStatus(cluster *api.Cluster) (*api.Cluster, *apiErrors.ServiceError)
 	// Delete will delete the cluster from the provider
 	Delete(cluster *api.Cluster) (bool, *apiErrors.ServiceError)
-	ConfigureAndSaveIdentityProvider(cluster *api.Cluster, identityProviderInfo types.IdentityProviderInfo) (*api.Cluster, *apiErrors.ServiceError)
 }
 
 type clusterService struct {
@@ -667,27 +666,6 @@ func (c clusterService) Delete(cluster *api.Cluster) (bool, *apiErrors.ServiceEr
 	return removed, nil
 }
 
-// ConfigureAndSaveIdentityProvider ...
-func (c clusterService) ConfigureAndSaveIdentityProvider(cluster *api.Cluster, identityProviderInfo types.IdentityProviderInfo) (*api.Cluster, *apiErrors.ServiceError) {
-	if cluster.IdentityProviderID != "" {
-		return cluster, nil
-	}
-	p, err := c.providerFactory.GetProvider(cluster.ProviderType)
-	if err != nil {
-		return nil, apiErrors.NewWithCause(apiErrors.ErrorGeneral, err, "failed to get provider implementation")
-	}
-	providerInfo, err := p.AddIdentityProvider(buildClusterSpec(cluster), identityProviderInfo)
-	if err != nil {
-		return nil, apiErrors.NewWithCause(apiErrors.ErrorGeneral, err, "failed to add identity provider")
-	}
-	// need to review this if multiple identity providers are supported
-	cluster.IdentityProviderID = providerInfo.OpenID.ID
-	if err := c.Update(*cluster); err != nil {
-		return nil, apiErrors.NewWithCause(apiErrors.ErrorGeneral, err, "failed to update cluster")
-	}
-	return cluster, nil
-}
-
 func buildClusterSpec(cluster *api.Cluster) *types.ClusterSpec {
 	return &types.ClusterSpec{
 		InternalID:     cluster.ClusterID,