Assert ocm.Client for exported functions. So we dont create public AP…

…I changes
kubernetes-sigs · Dec 16, 2024 · 55d1d29 · 55d1d29
1 parent adac640
commit 55d1d29
Show file tree

Hide file tree

Showing 5 changed files with 31 additions and 12 deletions.
diff --git a/controlplane/rosa/controllers/rosacontrolplane_controller.go b/controlplane/rosa/controllers/rosacontrolplane_controller.go
@@ -99,7 +99,7 @@ type ROSAControlPlaneReconciler struct {
 // SetupWithManager is used to setup the controller.
 func (r *ROSAControlPlaneReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error {
 	log := logger.FromContext(ctx)
-	r.NewOCMClient = rosa.NewOCMClient
+	r.NewOCMClient = rosa.NewOCMClient2
 	r.NewStsClient = scope.NewSTSClient
 
 	rosaControlPlane := &rosacontrolplanev1.ROSAControlPlane{}
@@ -432,14 +432,16 @@ func (r *ROSAControlPlaneReconciler) reconcileClusterVersion(rosaScope *scope.RO
 		return nil
 	}
 
-	scheduledUpgrade, err := rosa.CheckExistingScheduledUpgrade(ocmClient, cluster)
+	c := ocmClient.(*ocm.Client)
+	scheduledUpgrade, err := rosa.CheckExistingScheduledUpgrade(c, cluster)
 	if err != nil {
 		return fmt.Errorf("failed to get existing scheduled upgrades: %w", err)
 	}
 
 	if scheduledUpgrade == nil {
 		ack := (rosaScope.ControlPlane.Spec.VersionGate == rosacontrolplanev1.Acknowledge || rosaScope.ControlPlane.Spec.VersionGate == rosacontrolplanev1.AlwaysAcknowledge)
-		scheduledUpgrade, err = rosa.ScheduleControlPlaneUpgrade(ocmClient, cluster, version, time.Now(), ack)
+		c := ocmClient.(*ocm.Client)
+		scheduledUpgrade, err = rosa.ScheduleControlPlaneUpgrade(c, cluster, version, time.Now(), ack)
 		if err != nil {
 			condition := &clusterv1.Condition{
 				Type:    rosacontrolplanev1.ROSAControlPlaneUpgradingCondition,
@@ -787,8 +789,9 @@ func (r *ROSAControlPlaneReconciler) reconcileKubeconfig(ctx context.Context, ro
 	userName := fmt.Sprintf("%s-capi-admin", clusterName)
 	apiServerURL := cluster.API().URL()
 
+	c := ocmClient.(*ocm.Client)
 	// create new user with admin privileges in the ROSA cluster if 'userName' doesn't already exist.
-	err = rosa.CreateAdminUserIfNotExist(ocmClient, cluster.ID(), userName, password)
+	err = rosa.CreateAdminUserIfNotExist(c, cluster.ID(), userName, password)
 	if err != nil {
 		return err
 	}

diff --git a/exp/controllers/rosamachinepool_controller.go b/exp/controllers/rosamachinepool_controller.go
@@ -58,7 +58,7 @@ type ROSAMachinePoolReconciler struct {
 // SetupWithManager is used to setup the controller.
 func (r *ROSAMachinePoolReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, options controller.Options) error {
 	log := logger.FromContext(ctx)
-	r.NewOCMClient = rosa.NewOCMClient
+	r.NewOCMClient = rosa.NewOCMClient2
 	r.NewStsClient = scope.NewSTSClient
 
 	gvk, err := apiutil.GVKForObject(new(expinfrav1.ROSAMachinePool), mgr.GetScheme())
@@ -340,7 +340,8 @@ func (r *ROSAMachinePoolReconciler) reconcileMachinePoolVersion(machinePoolScope
 	}
 
 	if scheduledUpgrade == nil {
-		scheduledUpgrade, err = rosa.ScheduleNodePoolUpgrade(ocmClient, clusterID, nodePool, version, time.Now())
+		c := ocmClient.(*ocm.Client)
+		scheduledUpgrade, err = rosa.ScheduleNodePoolUpgrade(c, clusterID, nodePool, version, time.Now())
 		if err != nil {
 			return fmt.Errorf("failed to schedule nodePool upgrade to version %s: %w", version, err)
 		}

diff --git a/pkg/rosa/client.go b/pkg/rosa/client.go
@@ -21,7 +21,20 @@ const (
 )
 
 // NewOCMClient creates a new OCM client.
-func NewOCMClient(ctx context.Context, rosaScope *scope.ROSAControlPlaneScope) (OCMClient, error) {
+func NewOCMClient(ctx context.Context, rosaScope *scope.ROSAControlPlaneScope) (*ocm.Client, error) {
+	token, url, err := ocmCredentials(ctx, rosaScope)
+	if err != nil {
+		return nil, err
+	}
+	return ocm.NewClient().Logger(logrus.New()).Config(&ocmcfg.Config{
+		AccessToken: token,
+		URL:         url,
+	}).Build()
+}
+
+// NewOCMClient2 creates a new OCM client.
+
+func NewOCMClient2(ctx context.Context, rosaScope *scope.ROSAControlPlaneScope) (OCMClient, error) {
 	token, url, err := ocmCredentials(ctx, rosaScope)
 	if err != nil {
 		return nil, err
@@ -36,6 +49,7 @@ func NewOCMClient(ctx context.Context, rosaScope *scope.ROSAControlPlaneScope) (
 	}
 	return &c, err
 }
+
 func newOCMRawConnection(ctx context.Context, rosaScope *scope.ROSAControlPlaneScope) (*sdk.Connection, error) {
 	logger, err := sdk.NewGoLoggerBuilder().
 		Debug(false).

diff --git a/pkg/rosa/idps.go b/pkg/rosa/idps.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 
 	cmv1 "github.com/openshift-online/ocm-sdk-go/clustersmgmt/v1"
+	"github.com/openshift/rosa/pkg/ocm"
 )
 
 const (
@@ -13,7 +14,7 @@ const (
 
 // CreateAdminUserIfNotExist creates a new admin user withe username/password in the cluster if username doesn't already exist.
 // the user is granted admin privileges by being added to a special IDP called `cluster-admin` which will be created if it doesn't already exist.
-func CreateAdminUserIfNotExist(client OCMClient, clusterID, username, password string) error {
+func CreateAdminUserIfNotExist(client *ocm.Client, clusterID, username, password string) error {
 	existingClusterAdminIDP, userList, err := findExistingClusterAdminIDP(client, clusterID)
 	if err != nil {
 		return fmt.Errorf("failed to find existing cluster admin IDP: %w", err)
@@ -74,7 +75,7 @@ func CreateAdminUserIfNotExist(client OCMClient, clusterID, username, password s
 }
 
 // CreateUserIfNotExist creates a new user with `username` and adds it to the group if it doesn't already exist.
-func CreateUserIfNotExist(client OCMClient, clusterID string, group, username string) (*cmv1.User, error) {
+func CreateUserIfNotExist(client *ocm.Client, clusterID string, group, username string) (*cmv1.User, error) {
 	user, err := client.GetUser(clusterID, group, username)
 	if user != nil || err != nil {
 		return user, err

diff --git a/pkg/rosa/versions.go b/pkg/rosa/versions.go
@@ -13,7 +13,7 @@ import (
 var MinSupportedVersion = semver.MustParse("4.14.0")
 
 // CheckExistingScheduledUpgrade checks and returns the current upgrade schedule if any.
-func CheckExistingScheduledUpgrade(client OCMClient, cluster *cmv1.Cluster) (*cmv1.ControlPlaneUpgradePolicy, error) {
+func CheckExistingScheduledUpgrade(client *ocm.Client, cluster *cmv1.Cluster) (*cmv1.ControlPlaneUpgradePolicy, error) {
 	upgradePolicies, err := client.GetControlPlaneUpgradePolicies(cluster.ID())
 	if err != nil {
 		return nil, err
@@ -27,7 +27,7 @@ func CheckExistingScheduledUpgrade(client OCMClient, cluster *cmv1.Cluster) (*cm
 }
 
 // ScheduleControlPlaneUpgrade schedules a new control plane upgrade to the specified version at the specified time.
-func ScheduleControlPlaneUpgrade(client OCMClient, cluster *cmv1.Cluster, version string, nextRun time.Time, ack bool) (*cmv1.ControlPlaneUpgradePolicy, error) {
+func ScheduleControlPlaneUpgrade(client *ocm.Client, cluster *cmv1.Cluster, version string, nextRun time.Time, ack bool) (*cmv1.ControlPlaneUpgradePolicy, error) {
 	// earliestNextRun is set to at least 5 min from now by the OCM API.
 	// Set our next run request to something slightly longer than 5min to make sure we account for the latency between when we send this
 	// request and when the server processes it.
@@ -71,7 +71,7 @@ func ScheduleControlPlaneUpgrade(client OCMClient, cluster *cmv1.Cluster, versio
 }
 
 // ScheduleNodePoolUpgrade schedules a new nodePool upgrade to the specified version at the specified time.
-func ScheduleNodePoolUpgrade(client OCMClient, clusterID string, nodePool *cmv1.NodePool, version string, nextRun time.Time) (*cmv1.NodePoolUpgradePolicy, error) {
+func ScheduleNodePoolUpgrade(client *ocm.Client, clusterID string, nodePool *cmv1.NodePool, version string, nextRun time.Time) (*cmv1.NodePoolUpgradePolicy, error) {
 	// earliestNextRun is set to at least 5 min from now by the OCM API.
 	// Set our next run request to something slightly longer than 5min to make sure we account for the latency between when we send this
 	// request and when the server processes it.