keycloak-operator/controllers/keycloakrealm_controller.go

/*
Copyright 2021.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package controllers

import (
	"context"

	"github.com/Nerzal/gocloak/v7"
	"github.com/go-logr/logr"
	apierrs "k8s.io/apimachinery/pkg/api/errors"
	"k8s.io/apimachinery/pkg/runtime"
	ctrl "sigs.k8s.io/controller-runtime"
	"sigs.k8s.io/controller-runtime/pkg/client"

	keycloakv1alpha1 "git.zom.bi/images/keycloak-operator/api/v1alpha1"
	"git.zom.bi/images/keycloak-operator/controllers/keycloak"
)

const (
	// FinalizerName is the Name of our finalizer used by this package
	FinalizerName = "finalizer.keycloak.bitmask.me"
)

// KeycloakRealmReconciler reconciles a KeycloakRealm object
type KeycloakRealmReconciler struct {
	client.Client
	Keycloak *keycloak.Keycloak
	Log      logr.Logger
	Scheme   *runtime.Scheme
}

// +kubebuilder:rbac:groups=keycloak.bitmask.me,resources=keycloakrealms,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=keycloak.bitmask.me,resources=keycloakrealms/status,verbs=get;update;patch
// +kubebuilder:rbac:groups=keycloak.bitmask.me,resources=keycloakrealms/finalizers,verbs=update

// Reconcile is part of the main kubernetes reconciliation loop which aims to
// move the current state of the cluster closer to the desired state.
// For more details, check Reconcile and its Result here:
// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile
func (r *KeycloakRealmReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
	log := r.Log.WithValues("keycloakrealm", req.NamespacedName)

	log.Info("reconciling")

	// We get the information from the CRD
	var realm keycloakv1alpha1.KeycloakRealm
	if err := r.Get(ctx, req.NamespacedName, &realm); err != nil {
		if apierrs.IsNotFound(err) {
			// Realm is already deleted via finalizer.
			return ctrl.Result{}, nil
		}
	}

	if !realm.ObjectMeta.DeletionTimestamp.IsZero() {
		// is in the process of being deleted
		if containsString(realm.ObjectMeta.Finalizers, FinalizerName) {
			// our finalizer is present, so lets handle any external dependency

			// We do not want to delete anything, so we just disable the realm.
			disabled := gocloak.RealmRepresentation{Realm: &realm.Spec.RealmName, Enabled: gocloak.BoolP(false)}
			err := r.Keycloak.UpdateRealm(ctx, disabled)
			if err != nil {
				// if fail to delete the external dependency here, return with error
				// so that it can be retried
				return ctrl.Result{}, err
			}

			// remove our finalizer from the list and update it.
			realm.ObjectMeta.Finalizers = removeString(realm.ObjectMeta.Finalizers, FinalizerName)
			if err := r.Update(ctx, &realm); err != nil {
				return ctrl.Result{}, err
			}
			log.Info("Deleted the realm")
		}

		// done
		return ctrl.Result{}, nil
	}

	// Its not being deleted, so we seize the moment to take ownership.
	if !containsString(realm.ObjectMeta.Finalizers, FinalizerName) {
		typeMeta := realm.TypeMeta
		realm.ObjectMeta.Finalizers = append(realm.ObjectMeta.Finalizers, FinalizerName)
		if err := r.Update(ctx, &realm); err != nil {
			return ctrl.Result{}, err
		}
		// restore the TypeMeta object as it is removed during Update, but need to be accessed later
		realm.TypeMeta = typeMeta
	}

	// Convert Realm
	keycloakRealm, err := ConvertToRealm(realm)
	if err != nil {
		log.Error(err, "Could not convert realm")
		return ctrl.Result{}, err
	}

	err = r.Keycloak.CreateRealm(ctx, keycloakRealm)
	if err != nil {
		// try updating instead
		err := r.Keycloak.UpdateRealm(ctx, keycloakRealm)
		if err != nil {
			log.Error(err, "Could not create/update realm")
			return ctrl.Result{}, err
		}

		log.Info("Updated the realm")
		return ctrl.Result{}, nil
	}

	realm.Status.Available = true
	r.Status().Update(ctx, &realm)
	log.Info("Successfully created realm")

	return ctrl.Result{}, nil
}

// SetupWithManager sets up the controller with the Manager.
func (r *KeycloakRealmReconciler) SetupWithManager(mgr ctrl.Manager) error {
	return ctrl.NewControllerManagedBy(mgr).
		For(&keycloakv1alpha1.KeycloakRealm{}).
		Complete(r)
}
Add Realm ressource 2021-01-10 17:06:01 +01:00			`/*`
			`Copyright 2021.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package controllers`

			`import (`
			`"context"`

Working client and Realm controller 2021-01-11 06:32:28 +01:00			`"github.com/Nerzal/gocloak/v7"`
Add Realm ressource 2021-01-10 17:06:01 +01:00			`"github.com/go-logr/logr"`
Make runnable binary 2021-01-10 23:49:22 +01:00			`apierrs "k8s.io/apimachinery/pkg/api/errors"`
Add Realm ressource 2021-01-10 17:06:01 +01:00			`"k8s.io/apimachinery/pkg/runtime"`
			`ctrl "sigs.k8s.io/controller-runtime"`
			`"sigs.k8s.io/controller-runtime/pkg/client"`

			`keycloakv1alpha1 "git.zom.bi/images/keycloak-operator/api/v1alpha1"`
Make runnable binary 2021-01-10 23:49:22 +01:00			`"git.zom.bi/images/keycloak-operator/controllers/keycloak"`
			`)`

			`const (`
			`// FinalizerName is the Name of our finalizer used by this package`
			`FinalizerName = "finalizer.keycloak.bitmask.me"`
Add Realm ressource 2021-01-10 17:06:01 +01:00			`)`

			`// KeycloakRealmReconciler reconciles a KeycloakRealm object`
			`type KeycloakRealmReconciler struct {`
			`client.Client`
Make runnable binary 2021-01-10 23:49:22 +01:00			`Keycloak *keycloak.Keycloak`
			`Log logr.Logger`
			`Scheme *runtime.Scheme`
Add Realm ressource 2021-01-10 17:06:01 +01:00			`}`

			`// +kubebuilder:rbac:groups=keycloak.bitmask.me,resources=keycloakrealms,verbs=get;list;watch;create;update;patch;delete`
			`// +kubebuilder:rbac:groups=keycloak.bitmask.me,resources=keycloakrealms/status,verbs=get;update;patch`
			`// +kubebuilder:rbac:groups=keycloak.bitmask.me,resources=keycloakrealms/finalizers,verbs=update`

			`// Reconcile is part of the main kubernetes reconciliation loop which aims to`
			`// move the current state of the cluster closer to the desired state.`
			`// For more details, check Reconcile and its Result here:`
			`// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile`
			`func (r *KeycloakRealmReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {`
Make runnable binary 2021-01-10 23:49:22 +01:00			`log := r.Log.WithValues("keycloakrealm", req.NamespacedName)`

			`log.Info("reconciling")`

Working client and Realm controller 2021-01-11 06:32:28 +01:00			`// We get the information from the CRD`
Make runnable binary 2021-01-10 23:49:22 +01:00			`var realm keycloakv1alpha1.KeycloakRealm`
			`if err := r.Get(ctx, req.NamespacedName, &realm); err != nil {`
			`if apierrs.IsNotFound(err) {`
Working client and Realm controller 2021-01-11 06:32:28 +01:00			`// Realm is already deleted via finalizer.`
Make runnable binary 2021-01-10 23:49:22 +01:00			`return ctrl.Result{}, nil`
			`}`
			`}`

Working client and Realm controller 2021-01-11 06:32:28 +01:00			`if !realm.ObjectMeta.DeletionTimestamp.IsZero() {`
			`// is in the process of being deleted`
			`if containsString(realm.ObjectMeta.Finalizers, FinalizerName) {`
			`// our finalizer is present, so lets handle any external dependency`

			`// We do not want to delete anything, so we just disable the realm.`
			`disabled := gocloak.RealmRepresentation{Realm: &realm.Spec.RealmName, Enabled: gocloak.BoolP(false)}`
			`err := r.Keycloak.UpdateRealm(ctx, disabled)`
			`if err != nil {`
			`// if fail to delete the external dependency here, return with error`
			`// so that it can be retried`
			`return ctrl.Result{}, err`
			`}`

			`// remove our finalizer from the list and update it.`
			`realm.ObjectMeta.Finalizers = removeString(realm.ObjectMeta.Finalizers, FinalizerName)`
			`if err := r.Update(ctx, &realm); err != nil {`
			`return ctrl.Result{}, err`
			`}`
			`log.Info("Deleted the realm")`
			`}`

			`// done`
Make runnable binary 2021-01-10 23:49:22 +01:00			`return ctrl.Result{}, nil`
			`}`

Working client and Realm controller 2021-01-11 06:32:28 +01:00			`// Its not being deleted, so we seize the moment to take ownership.`
			`if !containsString(realm.ObjectMeta.Finalizers, FinalizerName) {`
			`typeMeta := realm.TypeMeta`
			`realm.ObjectMeta.Finalizers = append(realm.ObjectMeta.Finalizers, FinalizerName)`
			`if err := r.Update(ctx, &realm); err != nil {`
			`return ctrl.Result{}, err`
			`}`
			`// restore the TypeMeta object as it is removed during Update, but need to be accessed later`
			`realm.TypeMeta = typeMeta`
			`}`

			`// Convert Realm`
			`keycloakRealm, err := ConvertToRealm(realm)`
			`if err != nil {`
			`log.Error(err, "Could not convert realm")`
			`return ctrl.Result{}, err`
			`}`

			`err = r.Keycloak.CreateRealm(ctx, keycloakRealm)`
			`if err != nil {`
			`// try updating instead`
			`err := r.Keycloak.UpdateRealm(ctx, keycloakRealm)`
			`if err != nil {`
			`log.Error(err, "Could not create/update realm")`
			`return ctrl.Result{}, err`
			`}`

			`log.Info("Updated the realm")`
			`return ctrl.Result{}, nil`
			`}`
Add Realm ressource 2021-01-10 17:06:01 +01:00
Make runnable binary 2021-01-10 23:49:22 +01:00			`realm.Status.Available = true`
			`r.Status().Update(ctx, &realm)`
Working client and Realm controller 2021-01-11 06:32:28 +01:00			`log.Info("Successfully created realm")`
Add Realm ressource 2021-01-10 17:06:01 +01:00
			`return ctrl.Result{}, nil`
			`}`

			`// SetupWithManager sets up the controller with the Manager.`
			`func (r *KeycloakRealmReconciler) SetupWithManager(mgr ctrl.Manager) error {`
			`return ctrl.NewControllerManagedBy(mgr).`
			`For(&keycloakv1alpha1.KeycloakRealm{}).`
			`Complete(r)`
			`}`