Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] create scope with default credentials for all resources #507

Merged
merged 11 commits into from
Sep 23, 2024

Conversation

unnatiagg
Copy link
Contributor

@unnatiagg unnatiagg commented Sep 9, 2024

What this PR does / why we need it:
For all reconciliation requests, the scope was previously created with the Resource.Spec.credentialsRef details (if present).
The scope creation failed if the secret disappears on deletion due to any race conditions.

With this change, the scope for all resources is set from the default credentials always. And later the token is updated using the SetToken method provided with LinodeGo API.

To further avoid any race conditions on the secret deletion, CredentialRefFinalizers are added onto secret using LinodeCluster, LinodeFirewall, LinodeVPC controllers.
With all these finalizers set on the secret from various resources, the deletion of the secret does not happen as quickly as it did before.

If in future we want to explicitly add a finalizer on the secret itself, I believe VPC controller would be best way to handle this.

Resources whose scope creation is changed:
LinodeCluster
LinodeMachine
LinodeVPC
LinodeFirewall
LinodePlacementGroup
LinodeOBJKey

TODOs:

  • squashed commits
  • includes documentation
  • [⟢] adds unit tests
  • adds or updates e2e tests

Copy link

codecov bot commented Sep 9, 2024

Codecov Report

Attention: Patch coverage is 70.00000% with 24 lines in your changes missing coverage. Please review.

Project coverage is 65.24%. Comparing base (17568b5) to head (6fb60e2).
Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
controller/linodemachine_controller.go 0.00% 3 Missing and 1 partial ⚠️
controller/linodecluster_controller.go 0.00% 2 Missing and 1 partial ⚠️
controller/linodefirewall_controller.go 0.00% 2 Missing and 1 partial ⚠️
controller/linodeobjectstoragekey_controller.go 0.00% 2 Missing and 1 partial ⚠️
controller/linodeplacementgroup_controller.go 0.00% 2 Missing and 1 partial ⚠️
controller/linodevpc_controller.go 0.00% 2 Missing and 1 partial ⚠️
cloud/scope/cluster.go 91.66% 1 Missing ⚠️
cloud/scope/firewall.go 87.50% 1 Missing ⚠️
cloud/scope/object_storage_key.go 87.50% 1 Missing ⚠️
cloud/scope/placement_group.go 87.50% 1 Missing ⚠️
... and 1 more
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #507      +/-   ##
==========================================
- Coverage   65.55%   65.24%   -0.31%     
==========================================
  Files          77       77              
  Lines        4003     4037      +34     
==========================================
+ Hits         2624     2634      +10     
- Misses       1143     1161      +18     
- Partials      236      242       +6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@unnatiagg unnatiagg changed the title Updating scope to create scope with default credentials for all resources [fix] create scope with default credentials for all resources Sep 10, 2024
@unnatiagg unnatiagg merged commit 21b8cf2 into main Sep 23, 2024
13 of 14 checks passed
rahulait added a commit that referenced this pull request Sep 26, 2024
rahulait added a commit that referenced this pull request Sep 26, 2024
* add global lock and token map for counting POST requests per token

* set default limits in defaults.go and use them in controller

* move rate-limits related functions to separate file and simplify logic

* add unittests for ratelimits.go file

* fix go.mod file

* address review comments

* fix updating token after rebasing from PR #507
@eljohnson92 eljohnson92 deleted the updating-scope branch October 3, 2024 21:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants