Bumped deps, added ctx

Author: lsierant

cmd/readiness/main.go

@@ -161,7 +161,7 @@ func isWaitStep(status *health.StepStatus) bool {
 
 func isInGoalState(health health.Status, conf config.Config) (bool, error) {
 	if isHeadlessMode() {
-		return headless.PerformCheckHeadlessMode(health, conf)
+		return headless.PerformCheckHeadlessMode(ctx, health, conf)
 	}
 	return performCheckOMMode(health), nil
 }

cmd/readiness/readiness_test.go

@@ -260,7 +260,7 @@ func TestHeadlessAgentHasntReachedGoal(t *testing.T) {
 	ready, err := isPodReady(c)
 	assert.False(t, ready)
 	assert.NoError(t, err)
-	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(context.TODO(), c.Hostname, metav1.GetOptions{})
+	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(ctx, c.Hostname, metav1.GetOptions{})
 	assert.Equal(t, map[string]string{"agent.mongodb.com/version": "5"}, thePod.Annotations)
 }
 
@@ -273,7 +273,7 @@ func TestHeadlessAgentReachedGoal(t *testing.T) {
 	ready, err := isPodReady(c)
 	assert.True(t, ready)
 	assert.NoError(t, err)
-	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(context.TODO(), c.Hostname, metav1.GetOptions{})
+	thePod, _ := c.ClientSet.CoreV1().Pods(c.Namespace).Get(ctx, c.Hostname, metav1.GetOptions{})
 	assert.Equal(t, map[string]string{"agent.mongodb.com/version": "5"}, thePod.Annotations)
 }
 

cmd/versionhook/main.go

@@ -192,7 +192,7 @@ func deletePod() error {
 		return fmt.Errorf("could not get client: %s", err)
 	}
 
-	if err := k8sClient.Delete(context.TODO(), &thisPod); err != nil {
+	if err := k8sClient.Delete(ctx, &thisPod); err != nil {
 		return fmt.Errorf("could not delete pod: %s", err)
 	}
 	return nil

config/crd/bases/mongodbcommunity.mongodb.com_mongodbcommunity.yaml

@@ -1,15 +1,10 @@
+
 ---
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.11.3
-    service.binding: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret
-    service.binding/connectionString: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=connectionString.standardSrv
-    service.binding/password: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=password
-    service.binding/provider: community
-    service.binding/type: mongodb
-    service.binding/username: path={.metadata.name}-{.spec.users[0].db}-{.spec.users[0].name},objectType=Secret,sourceKey=username
+    controller-gen.kubebuilder.io/version: v0.4.1
   creationTimestamp: null
   name: mongodbcommunity.mongodbcommunity.mongodb.com
 spec:
@@ -290,7 +285,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       agentMode:
                         description: AgentMode contains the authentication mode used
                           by the automation agent.
@@ -419,7 +413,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       caConfigMapRef:
                         description: CaConfigMap is a reference to a ConfigMap containing
                           the certificate for the CA which signed the server certificates
@@ -432,7 +425,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       certificateKeySecretRef:
                         description: CertificateKeySecret is a reference to a Secret
                           containing a private key and certificate to use for TLS.
@@ -450,7 +442,6 @@ spec:
                               TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
                         type: object
-                        x-kubernetes-map-type: atomic
                       enabled:
                         type: boolean
                       optional:
@@ -602,3 +593,9 @@ spec:
     storage: true
     subresources:
       status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: []
+  storedVersions: []

controllers/mongodb_cleanup.go

@@ -1,6 +1,7 @@
 package controllers
 
 import (
+	"context"
 	apiErrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/types"
 
@@ -9,14 +10,14 @@ import (
 )
 
 // cleanupPemSecret cleans up the old pem secret generated for the agent certificate.
-func (r *ReplicaSetReconciler) cleanupPemSecret(currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
+func (r *ReplicaSetReconciler) cleanupPemSecret(ctx context.Context, currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
 	if currentMDB.GetAgentAuthMode() == lastAppliedMDBSpec.GetAgentAuthMode() {
 		return
 	}
 
 	if !currentMDB.IsAgentX509() && lastAppliedMDBSpec.IsAgentX509() {
 		agentCertSecret := lastAppliedMDBSpec.GetAgentCertificateRef()
-		if err := r.client.DeleteSecret(types.NamespacedName{
+		if err := r.client.DeleteSecret(ctx, types.NamespacedName{
 			Namespace: namespace,
 			Name:      agentCertSecret + "-pem",
 		}); err != nil {
@@ -30,11 +31,11 @@ func (r *ReplicaSetReconciler) cleanupPemSecret(currentMDB mdbv1.MongoDBCommunit
 }
 
 // cleanupScramSecrets cleans up old scram secrets based on the last successful applied mongodb spec.
-func (r *ReplicaSetReconciler) cleanupScramSecrets(currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
+func (r *ReplicaSetReconciler) cleanupScramSecrets(ctx context.Context, currentMDB mdbv1.MongoDBCommunitySpec, lastAppliedMDBSpec mdbv1.MongoDBCommunitySpec, namespace string) {
 	secretsToDelete := getScramSecretsToDelete(currentMDB, lastAppliedMDBSpec)
 
 	for _, s := range secretsToDelete {
-		if err := r.client.DeleteSecret(types.NamespacedName{
+		if err := r.client.DeleteSecret(ctx, types.NamespacedName{
 			Name:      s,
 			Namespace: namespace,
 		}); err != nil {

controllers/mongodb_cleanup_test.go

@@ -134,21 +134,21 @@ func TestReplicaSetReconcilerCleanupPemSecret(t *testing.T) {
 		},
 	}
 
-	mgr := kubeClient.NewManager(&mdb)
+	mgr := kubeClient.NewManager(ctx, &mdb)
 
 	client := kubeClient.NewClient(mgr.GetClient())
 	err := createAgentCertPemSecret(client, mdb, "CERT", "KEY", "")
 	assert.NoError(t, err)
 
 	r := NewReconciler(mgr)
 
-	secret, err := r.client.GetSecret(mdb.AgentCertificatePemSecretNamespacedName())
+	secret, err := r.client.GetSecret(ctx, mdb.AgentCertificatePemSecretNamespacedName())
 	assert.NoError(t, err)
 	assert.Equal(t, "CERT", string(secret.Data["tls.crt"]))
 	assert.Equal(t, "KEY", string(secret.Data["tls.key"]))
 
-	r.cleanupPemSecret(mdb.Spec, lastAppliedSpec, "my-ns")
+	r.cleanupPemSecret(ctx, mdb.Spec, lastAppliedSpec, "my-ns")
 
-	_, err = r.client.GetSecret(mdb.AgentCertificatePemSecretNamespacedName())
+	_, err = r.client.GetSecret(ctx, mdb.AgentCertificatePemSecretNamespacedName())
 	assert.Error(t, err)
 }

controllers/mongodb_tls.go

@@ -1,6 +1,7 @@
 package controllers
 
 import (
+	"context"
 	"crypto/sha256"
 	"fmt"
 	"strings"
@@ -35,15 +36,15 @@ const (
 )
 
 // validateTLSConfig will check that the configured ConfigMap and Secret exist and that they have the correct fields.
-func (r *ReplicaSetReconciler) validateTLSConfig(mdb mdbv1.MongoDBCommunity) (bool, error) {
+func (r *ReplicaSetReconciler) validateTLSConfig(ctx context.Context, mdb mdbv1.MongoDBCommunity) (bool, error) {
 	if !mdb.Spec.Security.TLS.Enabled {
 		return true, nil
 	}
 
 	r.log.Info("Ensuring TLS is correctly configured")
 
 	// Ensure CA cert is configured
-	_, err := getCaCrt(r.client, r.client, mdb)
+	_, err := getCaCrt(ctx, r.client, r.client, mdb)
 
 	if err != nil {
 		if apiErrors.IsNotFound(err) {
@@ -55,7 +56,7 @@ func (r *ReplicaSetReconciler) validateTLSConfig(mdb mdbv1.MongoDBCommunity) (bo
 	}
 
 	// Ensure Secret exists
-	_, err = secret.ReadStringData(r.client, mdb.TLSSecretNamespacedName())
+	_, err = secret.ReadStringData(ctx, r.client, mdb.TLSSecretNamespacedName())
 	if err != nil {
 		if apiErrors.IsNotFound(err) {
 			r.log.Warnf(`Secret "%s" not found`, mdb.TLSSecretNamespacedName())
@@ -67,20 +68,20 @@ func (r *ReplicaSetReconciler) validateTLSConfig(mdb mdbv1.MongoDBCommunity) (bo
 
 	// validate whether the secret contains "tls.crt" and "tls.key", or it contains "tls.pem"
 	// if it contains all three, then the pem entry should be equal to the concatenation of crt and key
-	_, err = getPemOrConcatenatedCrtAndKey(r.client, mdb, mdb.TLSSecretNamespacedName())
+	_, err = getPemOrConcatenatedCrtAndKey(ctx, r.client, mdb, mdb.TLSSecretNamespacedName())
 	if err != nil {
 		r.log.Warnf(err.Error())
 		return false, nil
 	}
 
 	// Watch certificate-key secret to handle rotations
-	r.secretWatcher.Watch(mdb.TLSSecretNamespacedName(), mdb.NamespacedName())
+	r.secretWatcher.Watch(ctx, mdb.TLSSecretNamespacedName(), mdb.NamespacedName())
 
 	// Watch CA certificate changes
 	if mdb.Spec.Security.TLS.CaCertificateSecret != nil {
-		r.secretWatcher.Watch(mdb.TLSCaCertificateSecretNamespacedName(), mdb.NamespacedName())
+		r.secretWatcher.Watch(ctx, mdb.TLSCaCertificateSecretNamespacedName(), mdb.NamespacedName())
 	} else {
-		r.configMapWatcher.Watch(mdb.TLSConfigMapNamespacedName(), mdb.NamespacedName())
+		r.configMapWatcher.Watch(ctx, mdb.TLSConfigMapNamespacedName(), mdb.NamespacedName())
 	}
 
 	r.log.Infof("Successfully validated TLS config")
@@ -89,17 +90,17 @@ func (r *ReplicaSetReconciler) validateTLSConfig(mdb mdbv1.MongoDBCommunity) (bo
 
 // getTLSConfigModification creates a modification function which enables TLS in the automation config.
 // It will also ensure that the combined cert-key secret is created.
-func getTLSConfigModification(cmGetter configmap.Getter, secretGetter secret.Getter, mdb mdbv1.MongoDBCommunity) (automationconfig.Modification, error) {
+func getTLSConfigModification(ctx context.Context, cmGetter configmap.Getter, secretGetter secret.Getter, mdb mdbv1.MongoDBCommunity) (automationconfig.Modification, error) {
 	if !mdb.Spec.Security.TLS.Enabled {
 		return automationconfig.NOOP(), nil
 	}
 
-	caCert, err := getCaCrt(cmGetter, secretGetter, mdb)
+	caCert, err := getCaCrt(ctx, cmGetter, secretGetter, mdb)
 	if err != nil {
 		return automationconfig.NOOP(), err
 	}
 
-	certKey, err := getPemOrConcatenatedCrtAndKey(secretGetter, mdb, mdb.TLSSecretNamespacedName())
+	certKey, err := getPemOrConcatenatedCrtAndKey(ctx, secretGetter, mdb, mdb.TLSSecretNamespacedName())
 	if err != nil {
 		return automationconfig.NOOP(), err
 	}
@@ -108,13 +109,13 @@ func getTLSConfigModification(cmGetter configmap.Getter, secretGetter secret.Get
 }
 
 // getCertAndKey will fetch the certificate and key from the user-provided Secret.
-func getCertAndKey(getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName types.NamespacedName) string {
-	cert, err := secret.ReadKey(getter, tlsSecretCertName, secretName)
+func getCertAndKey(ctx context.Context, getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName types.NamespacedName) string {
+	cert, err := secret.ReadKey(ctx, getter, tlsSecretCertName, secretName)
 	if err != nil {
 		return ""
 	}
 
-	key, err := secret.ReadKey(getter, tlsSecretKeyName, secretName)
+	key, err := secret.ReadKey(ctx, getter, tlsSecretKeyName, secretName)
 	if err != nil {
 		return ""
 	}
@@ -123,8 +124,8 @@ func getCertAndKey(getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName
 }
 
 // getPem will fetch the pem from the user-provided secret
-func getPem(getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName types.NamespacedName) string {
-	pem, err := secret.ReadKey(getter, tlsSecretPemName, secretName)
+func getPem(ctx context.Context, getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName types.NamespacedName) string {
+	pem, err := secret.ReadKey(ctx, getter, tlsSecretPemName, secretName)
 	if err != nil {
 		return ""
 	}
@@ -141,9 +142,9 @@ func combineCertificateAndKey(cert, key string) string {
 // This is either the tls.pem entry in the given secret, or the concatenation
 // of tls.crt and tls.key
 // It performs a basic validation on the entries.
-func getPemOrConcatenatedCrtAndKey(getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName types.NamespacedName) (string, error) {
-	certKey := getCertAndKey(getter, mdb, secretName)
-	pem := getPem(getter, mdb, secretName)
+func getPemOrConcatenatedCrtAndKey(ctx context.Context, getter secret.Getter, mdb mdbv1.MongoDBCommunity, secretName types.NamespacedName) (string, error) {
+	certKey := getCertAndKey(ctx, getter, mdb, secretName)
+	pem := getPem(ctx, getter, mdb, secretName)
 	if certKey == "" && pem == "" {
 		return "", fmt.Errorf(`neither "%s" nor the pair "%s"/"%s" were present in the TLS secret`, tlsSecretPemName, tlsSecretCertName, tlsSecretKeyName)
 	}
@@ -159,16 +160,16 @@ func getPemOrConcatenatedCrtAndKey(getter secret.Getter, mdb mdbv1.MongoDBCommun
 	return certKey, nil
 }
 
-func getCaCrt(cmGetter configmap.Getter, secretGetter secret.Getter, mdb mdbv1.MongoDBCommunity) (string, error) {
+func getCaCrt(ctx context.Context, cmGetter configmap.Getter, secretGetter secret.Getter, mdb mdbv1.MongoDBCommunity) (string, error) {
 	var caResourceName types.NamespacedName
 	var caData map[string]string
 	var err error
 	if mdb.Spec.Security.TLS.CaCertificateSecret != nil {
 		caResourceName = mdb.TLSCaCertificateSecretNamespacedName()
-		caData, err = secret.ReadStringData(secretGetter, caResourceName)
+		caData, err = secret.ReadStringData(ctx, secretGetter, caResourceName)
 	} else if mdb.Spec.Security.TLS.CaConfigMap != nil {
 		caResourceName = mdb.TLSConfigMapNamespacedName()
-		caData, err = configmap.ReadData(cmGetter, caResourceName)
+		caData, err = configmap.ReadData(ctx, cmGetter, caResourceName)
 	}
 
 	if err != nil {
@@ -188,8 +189,8 @@ func getCaCrt(cmGetter configmap.Getter, secretGetter secret.Getter, mdb mdbv1.M
 
 // ensureCASecret will create or update the operator managed Secret containing
 // the CA certficate from the user provided Secret or ConfigMap.
-func ensureCASecret(cmGetter configmap.Getter, secretGetter secret.Getter, getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
-	cert, err := getCaCrt(cmGetter, secretGetter, mdb)
+func ensureCASecret(ctx context.Context, cmGetter configmap.Getter, secretGetter secret.Getter, getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
+	cert, err := getCaCrt(ctx, cmGetter, secretGetter, mdb)
 	if err != nil {
 		return err
 	}
@@ -203,13 +204,13 @@ func ensureCASecret(cmGetter configmap.Getter, secretGetter secret.Getter, getUp
 		SetOwnerReferences(mdb.GetOwnerReferences()).
 		Build()
 
-	return secret.CreateOrUpdate(getUpdateCreator, operatorSecret)
+	return secret.CreateOrUpdate(ctx, getUpdateCreator, operatorSecret)
 }
 
 // ensureTLSSecret will create or update the operator-managed Secret containing
 // the concatenated certificate and key from the user-provided Secret.
-func ensureTLSSecret(getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
-	certKey, err := getPemOrConcatenatedCrtAndKey(getUpdateCreator, mdb, mdb.TLSSecretNamespacedName())
+func ensureTLSSecret(ctx context.Context, getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
+	certKey, err := getPemOrConcatenatedCrtAndKey(ctx, getUpdateCreator, mdb, mdb.TLSSecretNamespacedName())
 	if err != nil {
 		return err
 	}
@@ -223,15 +224,15 @@ func ensureTLSSecret(getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDB
 		SetOwnerReferences(mdb.GetOwnerReferences()).
 		Build()
 
-	return secret.CreateOrUpdate(getUpdateCreator, operatorSecret)
+	return secret.CreateOrUpdate(ctx, getUpdateCreator, operatorSecret)
 }
 
-func ensureAgentCertSecret(getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
+func ensureAgentCertSecret(ctx context.Context, getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
 	if mdb.Spec.GetAgentAuthMode() != "X509" {
 		return nil
 	}
 
-	certKey, err := getPemOrConcatenatedCrtAndKey(getUpdateCreator, mdb, mdb.AgentCertificateSecretNamespacedName())
+	certKey, err := getPemOrConcatenatedCrtAndKey(ctx, getUpdateCreator, mdb, mdb.AgentCertificateSecretNamespacedName())
 	if err != nil {
 		return err
 	}
@@ -243,13 +244,13 @@ func ensureAgentCertSecret(getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.M
 		SetOwnerReferences(mdb.GetOwnerReferences()).
 		Build()
 
-	return secret.CreateOrUpdate(getUpdateCreator, agentCertSecret)
+	return secret.CreateOrUpdate(ctx, getUpdateCreator, agentCertSecret)
 }
 
 // ensurePrometheusTLSSecret will create or update the operator-managed Secret containing
 // the concatenated certificate and key from the user-provided Secret.
-func ensurePrometheusTLSSecret(getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
-	certKey, err := getPemOrConcatenatedCrtAndKey(getUpdateCreator, mdb, mdb.DeepCopy().PrometheusTLSSecretNamespacedName())
+func ensurePrometheusTLSSecret(ctx context.Context, getUpdateCreator secret.GetUpdateCreator, mdb mdbv1.MongoDBCommunity) error {
+	certKey, err := getPemOrConcatenatedCrtAndKey(ctx, getUpdateCreator, mdb, mdb.DeepCopy().PrometheusTLSSecretNamespacedName())
 	if err != nil {
 		return err
 	}
@@ -263,7 +264,7 @@ func ensurePrometheusTLSSecret(getUpdateCreator secret.GetUpdateCreator, mdb mdb
 		SetOwnerReferences(mdb.GetOwnerReferences()).
 		Build()
 
-	return secret.CreateOrUpdate(getUpdateCreator, operatorSecret)
+	return secret.CreateOrUpdate(ctx, getUpdateCreator, operatorSecret)
 }
 
 // tlsOperatorSecretFileName calculates the file name to use for the mounted