From 21a21ab98905930cd2202eb42b9568781a9cd4bc Mon Sep 17 00:00:00 2001
From: Kaustav Majumder <kaustav.majumder@ibm.com>
Date: Tue, 2 Jul 2024 10:45:13 +0530
Subject: [PATCH] api: Fetch Noobaa remote info and create the join secret

Signed-off-by: Kaustav Majumder <kaustav.majumder@ibm.com>
---
 config/rbac/role.yaml                   | 11 ++++
 controllers/storageclient_controller.go | 75 ++++++++++++++++++++++++-
 main.go                                 |  4 ++
 3 files changed, 89 insertions(+), 1 deletion(-)

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index cc5837f8..2483f527 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -142,6 +142,17 @@ rules:
   - list
   - update
   - watch
+- apiGroups:
+  - noobaa.io
+  resources:
+  - noobaas
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - update
+  - watch
 - apiGroups:
   - ocs.openshift.io
   resources:
diff --git a/controllers/storageclient_controller.go b/controllers/storageclient_controller.go
index f06b171b..0aa3dbe0 100644
--- a/controllers/storageclient_controller.go
+++ b/controllers/storageclient_controller.go
@@ -28,6 +28,7 @@ import (
 	"github.com/red-hat-storage/ocs-client-operator/api/v1alpha1"
 	"github.com/red-hat-storage/ocs-client-operator/pkg/utils"
 
+	nbv1 "github.com/noobaa/noobaa-operator/v5/pkg/apis/noobaa/v1alpha1"
 	configv1 "github.com/openshift/api/config/v1"
 	opv1a1 "github.com/operator-framework/api/pkg/operators/v1alpha1"
 	providerClient "github.com/red-hat-storage/ocs-operator/v4/services/provider/client"
@@ -64,6 +65,8 @@ const (
 	ownerIndexName = "index:ownerUID"
 
 	csvPrefix = "ocs-client-operator"
+
+	joinSecretName = "noobaa-remote-join-secret"
 )
 
 // StorageClientReconciler reconciles a StorageClient object
@@ -98,6 +101,8 @@ func (r *StorageClientReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		Owns(&v1alpha1.StorageClaim{}).
 		Owns(&batchv1.CronJob{}).
 		Owns(&quotav1.ClusterResourceQuota{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})).
+		Owns(&nbv1.NooBaa{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})).
+		Owns(&corev1.Secret{}).
 		Complete(r)
 }
 
@@ -108,6 +113,8 @@ func (r *StorageClientReconciler) SetupWithManager(mgr ctrl.Manager) error {
 //+kubebuilder:rbac:groups=config.openshift.io,resources=clusterversions,verbs=get;list;watch
 //+kubebuilder:rbac:groups=batch,resources=cronjobs,verbs=get;list;create;update;watch;delete
 //+kubebuilder:rbac:groups=operators.coreos.com,resources=clusterserviceversions,verbs=get;list;watch
+//+kubebuilder:rbac:groups=noobaa.io,resources=noobaas,verbs=get;list;watch;create;update;delete
+//+kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;delete
 
 func (r *StorageClientReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	var err error
@@ -210,9 +217,25 @@ func (r *StorageClientReconciler) reconcilePhases() (ctrl.Result, error) {
 			if err := r.reconcileClusterResourceQuota(clusterResourceQuotaSpec); err != nil {
 				return reconcile.Result{}, err
 			}
+		case "Secret":
+			if eResource.Name == fmt.Sprintf("noobaa-remote-join-secret-%s", r.storageClient.Status.ConsumerID) {
+				data := map[string]string{}
+				if err := json.Unmarshal(eResource.Data, &data); err != nil {
+					return reconcile.Result{}, fmt.Errorf("failed to unmarshall noobaa join secret data: %v", err)
+				}
+
+				if err := r.reconcileNoobaaJoinSecret(data); err != nil {
+					return reconcile.Result{}, err
+				}
+			}
+		}
+	}
+	// reconcile  remote noobaa only if it is not a local client
+	if _, exists := r.storageClient.GetAnnotations()["is-local-client"]; !exists {
+		if err := r.reconcileRemoteNoobaa(); err != nil {
+			return reconcile.Result{}, err
 		}
 	}
-
 	if r.storageClient.GetAnnotations()[storageClaimProcessedAnnotationKey] != "true" {
 		if err := r.reconcileBlockStorageClaim(); err != nil {
 			return reconcile.Result{}, err
@@ -549,6 +572,56 @@ func (r *StorageClientReconciler) reconcileSharedfileStorageClaim() error {
 	return nil
 }
 
+func (r *StorageClientReconciler) reconcileRemoteNoobaa() error {
+	// Create noobaa CR referencing the join secret
+	nb := &nbv1.NooBaa{}
+	nb.Name = "noobaa-remote"
+	nb.Namespace = r.OperatorNamespace
+	nb.Spec.JoinSecret = &corev1.SecretReference{
+		Name:      joinSecretName,
+		Namespace: r.OperatorNamespace,
+	}
+	_, err := controllerutil.CreateOrUpdate(r.ctx, r.Client, nb, func() error {
+		utils.AddAnnotation(nb, "remote-client-noobaa", "true")
+		if err := r.own(nb); err != nil {
+			return err
+		}
+		return nil
+	})
+	if err != nil {
+		return fmt.Errorf("failed to create remote noobaa: %v", err)
+	}
+	return nil
+}
+
+func (r *StorageClientReconciler) reconcileNoobaaJoinSecret(noobaaData map[string]string) error {
+	noobaaAuthToken, ok := noobaaData["auth_token"]
+	if !ok {
+		return fmt.Errorf("noobaa auth token not found")
+	}
+	noobaaMgmtAddress, ok := noobaaData["mgmt_addr"]
+	if !ok {
+		return fmt.Errorf("noobaa mgmt address not found")
+	}
+	joinSecret := &corev1.Secret{}
+	joinSecret.Name = joinSecretName
+	joinSecret.Namespace = r.OperatorNamespace
+	joinSecret.Data = map[string][]byte{
+		"auth_token": []byte(noobaaAuthToken),
+		"mgmt_addr":  []byte(noobaaMgmtAddress),
+	}
+	_, err := controllerutil.CreateOrUpdate(r.ctx, r.Client, joinSecret, func() error {
+		if err := r.own(joinSecret); err != nil {
+			return err
+		}
+		return nil
+	})
+	if err != nil {
+		return fmt.Errorf("failed to create or update noobaa-remote-join-secret %v", err)
+	}
+	return nil
+}
+
 func (r *StorageClientReconciler) get(obj client.Object, opts ...client.GetOption) error {
 	key := client.ObjectKeyFromObject(obj)
 	return r.Get(r.ctx, key, obj, opts...)
diff --git a/main.go b/main.go
index cddfb8ae..dfacb25a 100644
--- a/main.go
+++ b/main.go
@@ -29,6 +29,7 @@ import (
 	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
 	// to ensure that exec-entrypoint and run can make use of them.
 	snapapi "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1"
+	nbapis "github.com/noobaa/noobaa-operator/v5/pkg/apis"
 	configv1 "github.com/openshift/api/config/v1"
 	consolev1 "github.com/openshift/api/console/v1"
 	quotav1 "github.com/openshift/api/quota/v1"
@@ -37,6 +38,7 @@ import (
 	monitoringv1 "github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring/v1"
 	admrv1 "k8s.io/api/admissionregistration/v1"
 	appsv1 "k8s.io/api/apps/v1"
+	corev1 "k8s.io/api/core/v1"
 	extv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	"k8s.io/apimachinery/pkg/fields"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -71,6 +73,8 @@ func init() {
 	utilruntime.Must(opv1a1.AddToScheme(scheme))
 	utilruntime.Must(extv1.AddToScheme(scheme))
 	utilruntime.Must(quotav1.AddToScheme(scheme))
+	utilruntime.Must(nbapis.AddToScheme(scheme))
+	utilruntime.Must(corev1.AddToScheme(scheme))
 	//+kubebuilder:scaffold:scheme
 }