Add EnqueueRequestForAnnotation enqueues Requests based on the presence of an annotation to watch resources

camilamacedo86 · camilamacedo86 · commit 29abc88207ac · 2020-04-08T13:16:28.000+01:00
diff --git a/examples/builtins/main.go b/examples/builtins/main.go
@@ -17,10 +17,12 @@ limitations under the License.
 package main
 
 import (
+	"fmt"
 	"os"
 
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
+	rbacv1 "k8s.io/api/rbac/v1"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
 	"sigs.k8s.io/controller-runtime/pkg/controller"
@@ -70,6 +72,38 @@ func main() {
 		os.Exit(1)
 	}
 
+	// Watch Pods that has the following annotations:
+	// ...
+	// annotations:
+	//    sigs.k8s.io/primary-resource-namespace: "my-namespace"
+	//    sigs.k8s.io/primary-resource-name: "my-pod"
+	//    sigs.k8s.io/primary-resource-type: "Pods.core"
+	// ...
+	podAnnotationType := fmt.Sprintf("%v.%v", "Pods", "core")
+	if err := c.Watch(&source.Kind{Type: &corev1.Pod{}}, &handler.EnqueueRequestForAnnotation{podAnnotationType}); err != nil {
+		entryLog.Error(err, "unable to watch Pods")
+		os.Exit(1)
+	}
+
+	// Watch ClusterRoles that has the following annotations:
+	// ...
+	// annotations:
+	//    sigs.k8s.io/primary-resource-namespace: "my-namespace"
+	//    sigs.k8s.io/primary-resource-name: "my-replicaset"
+	//    sigs.k8s.io/primary-resource-type: "ReplicaSet.apps"
+	// ...
+	if err := c.Watch(&source.Kind{
+		// Watch cluster roles
+		Type: &rbacv1.ClusterRole{}},
+
+		// Enqueue ReplicaSet reconcile requests using the
+		// namespacedName annotation value in the request.
+		&handler.EnqueueRequestForAnnotation{"ReplicaSet.apps"}); err != nil {
+		entryLog.Error(err, "unable to watch Nodes")
+		os.Exit(1)
+	}
+
+
 	// Setup webhooks
 	entryLog.Info("setting up webhook server")
 	hookServer := mgr.GetWebhookServer()
diff --git a/pkg/handler/enqueue_annotation.go b/pkg/handler/enqueue_annotation.go
@@ -0,0 +1,110 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package handler
+
+import (
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/client-go/util/workqueue"
+	"sigs.k8s.io/controller-runtime/pkg/event"
+	"sigs.k8s.io/controller-runtime/pkg/reconcile"
+)
+
+var _ EventHandler = &EnqueueRequestForAnnotation{}
+
+const (
+	// NamespaceAnnotation - annotation that will be used to get the primary resource namespace. (E.g my-namespace)
+	NamespaceAnnotation = "sigs.k8s.io/primary-resource-namespace"
+
+	// NameAnnotation - annotation that will be used to get the primary resource name. (E.g my-resource-name)
+	NameAnnotation = "sigs.k8s.io/primary-resource-name"
+
+	// TypeAnnotation - annotation that will be used to verify that the primary resource is the primary resource to use. (E.g Pods.core)
+	TypeAnnotation = "sigs.k8s.io/primary-resource-type"
+)
+
+// EnqueueRequestForAnnotation enqueues Requests based on the presence of annotations that contain the type and
+// namespaced name of the primary resource. The purpose of this handler is to support cross-scope ownership
+// relationships that are not supported by native owner references.
+//
+// This handler should ALWAYS be paired with a finalizer on the primary resource. While the
+// annotation-based watch handler does not have the same scope restrictions that owner references
+// do, they also do not have the garbage collection guarantees that owner references do. Therefore,
+// if the reconciler of a primary resource creates a child resource across scopes not supported by
+// owner references, it is up to the reconciler to clean up that child resource.
+//
+// The primary use case for this, is to have a controller enqueue requests for the following scenarios
+// 1. namespaced primary object and dependent cluster scoped resource
+// 2. cluster scoped primary object.
+// 3. namespaced primary object and dependent namespaced scoped but in a different namespace object.
+type EnqueueRequestForAnnotation struct {
+	Type string
+}
+
+// Create implements EventHandler
+func (e *EnqueueRequestForAnnotation) Create(evt event.CreateEvent, q workqueue.RateLimitingInterface) {
+	if ok, req := e.getAnnotationRequests(evt.Meta); ok {
+		q.Add(req)
+	}
+}
+
+// Update implements EventHandler
+func (e *EnqueueRequestForAnnotation) Update(evt event.UpdateEvent, q workqueue.RateLimitingInterface) {
+	if ok, req := e.getAnnotationRequests(evt.MetaOld); ok {
+		q.Add(req)
+	} else if ok, req := e.getAnnotationRequests(evt.MetaNew); ok {
+		q.Add(req)
+	}
+}
+
+// Delete implements EventHandler
+func (e *EnqueueRequestForAnnotation) Delete(evt event.DeleteEvent, q workqueue.RateLimitingInterface) {
+	if ok, req := e.getAnnotationRequests(evt.Meta); ok {
+		q.Add(req)
+	}
+}
+
+// Generic implements EventHandler
+func (e *EnqueueRequestForAnnotation) Generic(evt event.GenericEvent, q workqueue.RateLimitingInterface) {
+	if ok, req := e.getAnnotationRequests(evt.Meta); ok {
+		q.Add(req)
+	}
+}
+
+// getAnnotationRequests will check if the object has the annotations for the watch handler and requeue
+func (e *EnqueueRequestForAnnotation) getAnnotationRequests(object metav1.Object) (bool, reconcile.Request) {
+	if typeString, ok := object.GetAnnotations()[TypeAnnotation]; ok && typeString == e.Type {
+		name, ok := object.GetAnnotations()[NameAnnotation]
+		if !ok {
+			log.Info("Unable to find the annotation for handle watch annotation",
+				"resource", object, "annotation", NameAnnotation)
+		}
+		if len(name) < 1 {
+			return false, reconcile.Request{}
+		}
+		ns, ok := object.GetAnnotations()[NamespaceAnnotation]
+		if !ok {
+			log.Info("Unable to find the annotation for handle watch annotation",
+				"resource", object, "annotation", NamespaceAnnotation)
+		}
+		return true, reconcile.Request{NamespacedName: types.NamespacedName{
+			Name:      name,
+			Namespace: ns,
+		}}
+	}
+	return false, reconcile.Request{}
+}
diff --git a/pkg/handler/eventhandler_test.go b/pkg/handler/eventhandler_test.go
@@ -17,6 +17,8 @@ limitations under the License.
 package handler_test
 
 import (
+	"fmt"
+
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	appsv1 "k8s.io/api/apps/v1"
@@ -39,12 +41,22 @@ var _ = Describe("Eventhandler", func() {
 	var instance handler.EnqueueRequestForObject
 	var pod *corev1.Pod
 	var mapper meta.RESTMapper
+	podTypeAnnotations := fmt.Sprintf("%v.%v", "Pods", "core")
 	t := true
 	BeforeEach(func() {
 		q = controllertest.Queue{Interface: workqueue.New()}
 		pod = &corev1.Pod{
-			ObjectMeta: metav1.ObjectMeta{Namespace: "biz", Name: "baz"},
+			ObjectMeta: metav1.ObjectMeta{
+				Namespace: "biz",
+				Name:      "baz",
+				Annotations: map[string]string{
+					handler.NamespaceAnnotation: "biz",
+					handler.NameAnnotation:      "baz",
+					handler.TypeAnnotation:      podTypeAnnotations,
+				},
+			},
 		}
+
 		Expect(cfg).NotTo(BeNil())
 
 		var err error
@@ -950,4 +962,192 @@ var _ = Describe("Eventhandler", func() {
 			close(done)
 		})
 	})
+
+	Describe("EnqueueRequestForAnnotation", func() {
+		It("should enqueue a Request with the Annotation of the object in the CreateEvent.", func() {
+			instance := handler.EnqueueRequestForAnnotation{Type: podTypeAnnotations}
+
+			evt := event.CreateEvent{
+				Object: pod,
+				Meta:   pod.GetObjectMeta(),
+			}
+			instance.Create(evt, q)
+			Expect(q.Len()).To(Equal(1))
+
+			i, _ := q.Get()
+			Expect(i).To(Equal(reconcile.Request{
+				NamespacedName: types.NamespacedName{Namespace: "biz", Name: "baz"}}))
+		})
+
+		It("should enqueue a Request with the annotation of the object in the DeleteEvent.", func() {
+			instance := handler.EnqueueRequestForAnnotation{Type: podTypeAnnotations}
+
+			evt := event.DeleteEvent{
+				Object: pod,
+				Meta:   pod.GetObjectMeta(),
+			}
+			instance.Delete(evt, q)
+			Expect(q.Len()).To(Equal(1))
+
+			i, _ := q.Get()
+			Expect(i).To(Equal(reconcile.Request{
+				NamespacedName: types.NamespacedName{Namespace: "biz", Name: "baz"}}))
+		})
+
+		It("should enqueue a Request with the Annotations  of the object in the UpdateEvent.", func() {
+			newPod := pod.DeepCopy()
+			newPod.Name = pod.Name + "2"
+			newPod.Namespace = pod.Namespace + "2"
+
+			instance := handler.EnqueueRequestForAnnotation{Type: podTypeAnnotations}
+
+			evt := event.UpdateEvent{
+				ObjectOld: pod,
+				MetaOld:   pod.GetObjectMeta(),
+				ObjectNew: newPod,
+				MetaNew:   newPod.GetObjectMeta(),
+			}
+			instance.Update(evt, q)
+			Expect(q.Len()).To(Equal(1))
+
+			i, _ := q.Get()
+			Expect(i).To(Equal(reconcile.Request{
+				NamespacedName: types.NamespacedName{Namespace: "biz", Name: "baz"}}))
+		})
+
+		It("should enqueue a Request with the Annotation of the object in the GenericEvent.", func() {
+			instance := handler.EnqueueRequestForAnnotation{Type: podTypeAnnotations}
+
+			evt := event.GenericEvent{
+				Object: pod,
+				Meta:   pod.GetObjectMeta(),
+			}
+			instance.Generic(evt, q)
+			Expect(q.Len()).To(Equal(1))
+
+			i, _ := q.Get()
+			Expect(i).To(Equal(reconcile.Request{
+				NamespacedName: types.NamespacedName{Namespace: "biz", Name: "baz"}}))
+		})
+
+		It("should not enqueue a Request if there are no annotations matching with the object.", func() {
+			var repl *appsv1.ReplicaSet
+
+			repl = &appsv1.ReplicaSet{
+				ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "faz"},
+			}
+
+			instance := handler.EnqueueRequestForAnnotation{Type: "ReplicaSet.apps"}
+
+			evt := event.CreateEvent{
+				Object: repl,
+				Meta:   repl.GetObjectMeta(),
+			}
+
+			instance.Create(evt, q)
+			Expect(q.Len()).To(Equal(0))
+
+		})
+
+		It("should not enqueue a Request if there are no NamespacedNameAnnotation matching Namespace and Name.", func() {
+			var repl *appsv1.ReplicaSet
+
+			repl = &appsv1.ReplicaSet{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "foo",
+					Name:      "faz",
+					Annotations: map[string]string{
+						handler.TypeAnnotation: "ReplicaSet.apps",
+					},
+				},
+			}
+
+			instance := handler.EnqueueRequestForAnnotation{Type: "ReplicaSet.apps"}
+			evt := event.CreateEvent{
+				Object: repl,
+				Meta:   repl.GetObjectMeta(),
+			}
+
+			instance.Create(evt, q)
+			Expect(q.Len()).To(Equal(0))
+
+		})
+
+		It("should not enqueue a Request if there are no TypeAnnotation matching Group and Kind.", func() {
+			var repl *appsv1.ReplicaSet
+
+			repl = &appsv1.ReplicaSet{
+				ObjectMeta: metav1.ObjectMeta{
+					Namespace: "foo",
+					Name:      "faz",
+
+					Annotations: map[string]string{
+						handler.NamespaceAnnotation: "foo",
+						handler.NameAnnotation:      "faz",
+					},
+				},
+			}
+
+			instance := handler.EnqueueRequestForAnnotation{Type: "ReplicaSet.apps"}
+			evt := event.CreateEvent{
+				Object: repl,
+				Meta:   repl.GetObjectMeta(),
+			}
+
+			instance.Create(evt, q)
+			Expect(q.Len()).To(Equal(0))
+
+		})
+
+		It("should enqueue a Request for a object that is cluster scoped which has the annotations", func() {
+
+			var nd *corev1.Node
+
+			nd = &corev1.Node{
+				ObjectMeta: metav1.ObjectMeta{
+					Name: "node-1",
+					Annotations: map[string]string{
+						handler.NameAnnotation: "node-1",
+						handler.TypeAnnotation: "Node.core",
+					},
+				},
+			}
+
+			instance := handler.EnqueueRequestForAnnotation{Type: "Node.core"}
+			evt := event.CreateEvent{
+				Object: nd,
+				Meta:   nd.GetObjectMeta(),
+			}
+			instance.Create(evt, q)
+			Expect(q.Len()).To(Equal(1))
+
+			i, _ := q.Get()
+			Expect(i).To(Equal(reconcile.Request{
+				NamespacedName: types.NamespacedName{Namespace: "", Name: "node-1"}}))
+
+		})
+
+		It("should not enqueue a Request for a object that is cluster scoped which has not the annotations", func() {
+
+			var nd *corev1.Node
+
+			nd = &corev1.Node{
+				ObjectMeta: metav1.ObjectMeta{Name: "node-1"},
+			}
+
+			instance := handler.EnqueueRequestForAnnotation{Type: "Node.core"}
+			evt := event.CreateEvent{
+				Object: nd,
+				Meta:   nd.GetObjectMeta(),
+			}
+			instance.Create(evt, q)
+			Expect(q.Len()).To(Equal(0))
+
+		})
+
+		// TODO:Do we need to test the cases where:
+		// the old pod has the annotations and the new pod does not
+		// the new pod has the annotations and the old pod does not
+	})
+
 })
