feat(GCPVpcPeering) Delete VPC Peering

kyma-project · Aug 1, 2024 · 11bfbdf · 11bfbdf
1 parent b394223
commit 11bfbdf
Show file tree

Hide file tree

Showing 20 changed files with 558 additions and 252 deletions.
diff --git a/api/cloud-resources/v1beta1/gcpvpcpeering_types.go b/api/cloud-resources/v1beta1/gcpvpcpeering_types.go
@@ -9,10 +9,18 @@ import (
 // Important: Run "make" to regenerate code after modifying this file
 
 type GcpVpcPeeringSpec struct {
-	ImportCustomRoutes bool   `json:"importCustomRoutes,omitempty"`
-	PeeringName        string `json:"peeringName,omitempty"`
-	RemoteVpc          string `json:"remoteVpc,omitempty"`
-	RemoteProject      string `json:"remoteProject,omitempty"`
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:XValidation:rule=(self == oldSelf), message="ImportCustomRoutes is immutable."
+	ImportCustomRoutes bool `json:"importCustomRoutes,omitempty"`
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:XValidation:rule=(self == oldSelf), message="PeeringName is immutable."
+	PeeringName string `json:"peeringName,omitempty"`
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:XValidation:rule=(self == oldSelf), message="RemoteVpc is immutable."
+	RemoteVpc string `json:"remoteVpc,omitempty"`
+	// +kubebuilder:validation:Required
+	// +kubebuilder:validation:XValidation:rule=(self == oldSelf), message="RemoteNetwork is immutable."
+	RemoteProject string `json:"remoteProject,omitempty"`
 }
 
 type GcpVpcPeeringStatus struct {

diff --git a/config/crd/bases/cloud-resources.kyma-project.io_gcpvpcpeerings.yaml b/config/crd/bases/cloud-resources.kyma-project.io_gcpvpcpeerings.yaml
@@ -34,12 +34,24 @@ spec:
             properties:
               importCustomRoutes:
                 type: boolean
+                x-kubernetes-validations:
+                - message: ImportCustomRoutes is immutable.
+                  rule: (self == oldSelf)
               peeringName:
                 type: string
+                x-kubernetes-validations:
+                - message: PeeringName is immutable.
+                  rule: (self == oldSelf)
               remoteProject:
                 type: string
+                x-kubernetes-validations:
+                - message: RemoteNetwork is immutable.
+                  rule: (self == oldSelf)
               remoteVpc:
                 type: string
+                x-kubernetes-validations:
+                - message: RemoteVpc is immutable.
+                  rule: (self == oldSelf)
             type: object
           status:
             properties:

diff --git a/config/dist/skr/crd/bases/providers/gcp/cloud-resources.kyma-project.io_gcpvpcpeerings.yaml b/config/dist/skr/crd/bases/providers/gcp/cloud-resources.kyma-project.io_gcpvpcpeerings.yaml
@@ -34,12 +34,24 @@ spec:
             properties:
               importCustomRoutes:
                 type: boolean
+                x-kubernetes-validations:
+                  - message: ImportCustomRoutes is immutable.
+                    rule: (self == oldSelf)
               peeringName:
                 type: string
+                x-kubernetes-validations:
+                  - message: PeeringName is immutable.
+                    rule: (self == oldSelf)
               remoteProject:
                 type: string
+                x-kubernetes-validations:
+                  - message: RemoteProject is immutable.
+                    rule: (self == oldSelf)
               remoteVpc:
                 type: string
+                x-kubernetes-validations:
+                  - message: RemoteVpc is immutable.
+                    rule: (self == oldSelf)
             type: object
           status:
             properties:

diff --git a/internal/controller/cloud-control/vpcpeering_gcp_test.go b/internal/controller/cloud-control/vpcpeering_gcp_test.go
@@ -4,9 +4,9 @@ import (
 	cloudcontrolv1beta1 "github.com/kyma-project/cloud-manager/api/cloud-control/v1beta1"
 	scopePkg "github.com/kyma-project/cloud-manager/pkg/kcp/scope"
 	. "github.com/kyma-project/cloud-manager/pkg/testinfra/dsl"
+	"github.com/kyma-project/cloud-manager/pkg/util"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
-	"time"
 )
 
 var _ = Describe("Feature: KCP VpcPeering", func() {
@@ -63,7 +63,7 @@ var _ = Describe("Feature: KCP VpcPeering", func() {
 		})
 
 		By("Then VpcPeering does not exist", func() {
-			Eventually(IsDeleted, 5*time.Second).
+			Eventually(IsDeleted, 5*util.Timing.T1000ms()).
 				WithArguments(infra.Ctx(), infra.KCP().Client(), vpcpeering).
 				Should(Succeed(), "expected VpcPeering does not to exist (being deleted), but it still exists")
 		})

diff --git a/pkg/kcp/provider/gcp/mock/vpcPeeringStore.go b/pkg/kcp/provider/gcp/mock/vpcPeeringStore.go
@@ -4,7 +4,7 @@ import (
 	compute "cloud.google.com/go/compute/apiv1"
 	pb "cloud.google.com/go/compute/apiv1/computepb"
 	"context"
-	"github.com/elliotchance/pie/v2"
+	"fmt"
 	"k8s.io/utils/ptr"
 	"sync"
 )
@@ -14,41 +14,103 @@ type vpcPeeringEntry struct {
 }
 type vpcPeeringStore struct {
 	m     sync.Mutex
-	items []*vpcPeeringEntry
+	items map[string]*vpcPeeringEntry
 }
 
-func (s *vpcPeeringStore) CreateVpcPeering(ctx context.Context, name *string, remoteVpc *string, remoteProject *string, importCustomRoutes *bool, kymaProject *string, kymaVpc *string) (*pb.NetworkPeering, error) {
+func getFullNetworkUrl(project, vpc string) string {
+	return fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", project, vpc)
+}
+
+func (s *vpcPeeringStore) CreateRemoteVpcPeering(ctx context.Context, name *string, remoteVpc *string, remoteProject *string, importCustomRoutes *bool, kymaProject *string, kymaVpc *string) (*compute.Operation, error) {
 	s.m.Lock()
 	defer s.m.Unlock()
+	remoteNetwork := getFullNetworkUrl(*remoteProject, *remoteVpc)
+	kymaNetwork := getFullNetworkUrl(*kymaProject, *kymaVpc)
+
+	_, peeringExists := s.items[remoteNetwork]
+	if peeringExists {
+		return new(compute.Operation), nil
+	}
+
+	state := pb.NetworkPeering_ACTIVE.String()
 
 	item := &vpcPeeringEntry{
 		peering: &pb.NetworkPeering{
 			Name:                 name,
-			Network:              remoteVpc,
+			Network:              &kymaNetwork,
 			ImportCustomRoutes:   importCustomRoutes,
 			ExchangeSubnetRoutes: ptr.To(true),
 		},
 	}
+	item.peering.State = &state
+	s.items[remoteNetwork] = item
+
+	return new(compute.Operation), nil
+}
+
+func (s *vpcPeeringStore) CreateKymaVpcPeering(ctx context.Context, name *string, remoteVpc *string, remoteProject *string, importCustomRoutes *bool, kymaProject *string, kymaVpc *string) (*compute.Operation, error) {
+	s.m.Lock()
+	defer s.m.Unlock()
 
-	s.items = append(s.items, item)
+	remoteNetwork := getFullNetworkUrl(*remoteProject, *remoteVpc)
+	kymaNetwork := getFullNetworkUrl(*kymaProject, *kymaVpc)
 
-	return item.peering, nil
+	_, peeringExists := s.items[kymaNetwork]
+	if peeringExists {
+		return new(compute.Operation), nil
+	}
+
+	state := pb.NetworkPeering_ACTIVE.String()
+
+	item := &vpcPeeringEntry{
+		peering: &pb.NetworkPeering{
+			Name:                 name,
+			Network:              &remoteNetwork,
+			ImportCustomRoutes:   importCustomRoutes,
+			ExchangeSubnetRoutes: ptr.To(true),
+		},
+	}
+	item.peering.State = &state
+
+	s.items[kymaNetwork] = item
+
+	return new(compute.Operation), nil
 }
 
-func (s *vpcPeeringStore) DeleteVpcPeering(ctx context.Context, name *string, kymaProject *string, kymaVpc *string) (*compute.Operation, error) {
+func (s *vpcPeeringStore) CheckRemoteNetworkTags(context context.Context, remoteVpc *string, remoteProject *string, desiredTag string) (bool, error) {
+	s.m.Lock()
+	defer s.m.Unlock()
+
+	return true, nil
+}
+
+func (s *vpcPeeringStore) GetVpcPeering(ctx context.Context, name *string, project *string, vpc *string) (*pb.NetworkPeering, error) {
 	s.m.Lock()
 	defer s.m.Unlock()
-	s.items = pie.Filter(s.items, func(vpe *vpcPeeringEntry) bool {
-		return !(vpe.peering.Name == name && *vpe.peering.Network == "https://www.googleapis.com/compute/v1/projects/"+*kymaProject+"/global/networks/"+*kymaVpc)
-	})
-	return nil, nil
+
+	if s.items == nil {
+		s.items = make(map[string]*vpcPeeringEntry)
+	}
+
+	network := getFullNetworkUrl(*project, *vpc)
+
+	_, peeringExists := s.items[network]
+	if !peeringExists {
+		return nil, nil
+	}
+
+	return s.items[network].peering, nil
 }
 
-func (s *vpcPeeringStore) DescribeVpcPeeringConnections(ctx context.Context) ([]*pb.NetworkPeering, error) {
+func (s *vpcPeeringStore) DeleteVpcPeering(ctx context.Context, name *string, kymaProject *string, kymaVpc *string) (*compute.Operation, error) {
 	s.m.Lock()
 	defer s.m.Unlock()
 
-	return pie.Map(s.items, func(e *vpcPeeringEntry) *pb.NetworkPeering {
-		return e.peering
-	}), nil
+	kymaNetwork := getFullNetworkUrl(*kymaProject, *kymaVpc)
+
+	if s.items[kymaNetwork] == nil {
+		return nil, nil
+	}
+	s.items[kymaNetwork] = nil
+	return new(compute.Operation), nil
 }
diff --git a/pkg/kcp/provider/gcp/vpcpeering/addFinalizer.go b/pkg/kcp/provider/gcp/vpcpeering/addFinalizer.go