Add management policy to managed

Signed-off-by: Hasan Turken <turkenh@gmail.com>
2022-11-29 18:00:55 +03:00 · 2022-11-29 18:00:55 +03:00 · 79cb4c8ac1
parent 2bc6c4e5ee
commit 79cb4c8ac1
5 changed files with 54 additions and 3 deletions
--- a/apis/common/v1/policies.go
+++ b/apis/common/v1/policies.go
@ -16,14 +16,33 @@ limitations under the License.

 package v1

+// A ManagementPolicy determines how should Crossplane controllers manage an
+// external resource.
+// +kubebuilder:validation:Enum=FullControl;ObserveOnly;OrphanOnDelete
+type ManagementPolicy string
+
+const (
+	// ManagementFullControl means the external resource is fully controlled
+	// by Crossplane controllers, including its deletion.
+	ManagementFullControl ManagementPolicy = "FullControl"
+
+	// ManagementObserveOnly means the external resource will only be observed
+	// by Crossplane controllers, but not modified or deleted.
+	ManagementObserveOnly ManagementPolicy = "ObserveOnly"
+
+	// ManagementOrphanOnDelete means the external resource will be orphaned
+	// when its managed resource is deleted.
+	ManagementOrphanOnDelete ManagementPolicy = "OrphanOnDelete"
+)
+
 // A DeletionPolicy determines what should happen to the underlying external
 // resource when a managed resource is deleted.
 // +kubebuilder:validation:Enum=Orphan;Delete
 type DeletionPolicy string

 const (
-	// DeletionOrphan means the external resource will orphaned when its managed
-	// resource is deleted.
+	// DeletionOrphan means the external resource will be orphaned when its
+	// managed resource is deleted.
 	DeletionOrphan DeletionPolicy = "Orphan"

 	// DeletionDelete means both the  external resource will be deleted when its
--- a/apis/common/v1/resource.go
+++ b/apis/common/v1/resource.go
@ -203,6 +203,11 @@ type ResourceSpec struct {
 	// Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`
 	ProviderReference *Reference `json:"providerRef,omitempty"`

+	// ManagementPolicy specifies how this managed resource should be managed.
+	// +optional
+	// +kubebuilder:default=FullControl
+	ManagementPolicy ManagementPolicy `json:"managementPolicy,omitempty"`
+
 	// DeletionPolicy specifies what will happen to the underlying external
 	// when this managed resource is deleted - either "Delete" or "Orphan" the
 	// external resource.
--- a/pkg/reconciler/managed/reconciler.go
+++ b/pkg/reconciler/managed/reconciler.go
@ -678,7 +678,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req reconcile.Request) (reco
 	// If managed resource has a deletion timestamp and and a deletion policy of
 	// Orphan, we do not need to observe the external resource before attempting
 	// to unpublish connection details and remove finalizer.
-	if meta.WasDeleted(managed) && managed.GetDeletionPolicy() == xpv1.DeletionOrphan {
+	if meta.WasDeleted(managed) && managed.GetDeletionPolicy() == xpv1.DeletionOrphan && managed.GetManagementPolicy() == xpv1.ManagementFullControl {
 		log = log.WithValues("deletion-timestamp", managed.GetDeletionTimestamp())

 		// Empty ConnectionDetails are passed to UnpublishConnection because we
@ -791,6 +791,16 @@ func (r *Reconciler) Reconcile(ctx context.Context, req reconcile.Request) (reco
 		return reconcile.Result{Requeue: true}, errors.Wrap(r.client.Status().Update(ctx, managed), errUpdateManagedStatus)
 	}

+	if managed.GetManagementPolicy() == xpv1.ManagementObserveOnly {
+		if !observation.ResourceExists {
+			record.Event(managed, event.Warning(reasonCannotObserve, errors.New("resource does not exist")))
+			managed.SetConditions(xpv1.ReconcileError(errors.Wrap(errors.New("resource does not exist"), errReconcileObserve)))
+			return reconcile.Result{Requeue: true}, errors.Wrap(r.client.Status().Update(ctx, managed), errUpdateManagedStatus)
+		}
+		log.Debug("Observed the resource and this is all we're allowed to do", "requeue-after", time.Now().Add(r.pollInterval))
+		managed.SetConditions(xpv1.ReconcileSuccess())
+		return reconcile.Result{RequeueAfter: r.pollInterval}, errors.Wrap(r.client.Status().Update(ctx, managed), errUpdateManagedStatus)
+	}
 	// If this resource has a non-zero creation grace period we want to wait
 	// for that period to expire before we trust that the resource really
 	// doesn't exist. This is because some external APIs are eventually
--- a/pkg/resource/fake/mocks.go
+++ b/pkg/resource/fake/mocks.go
@ -151,6 +151,15 @@ func (m *ConnectionDetailsPublisherTo) GetPublishConnectionDetailsTo() *xpv1.Pub
 	return m.To
 }

+// Manageable implements the Manageable interface.
+type Manageable struct{ Policy xpv1.ManagementPolicy }
+
+// SetManagementPolicy sets the ManagementPolicy.
+func (m *Manageable) SetManagementPolicy(p xpv1.ManagementPolicy) { m.Policy = p }
+
+// GetManagementPolicy gets the ManagementPolicy.
+func (m *Manageable) GetManagementPolicy() xpv1.ManagementPolicy { return m.Policy }
+
 // Orphanable implements the Orphanable interface.
 type Orphanable struct{ Policy xpv1.DeletionPolicy }

@ -325,6 +334,7 @@ type Managed struct {
 	ProviderConfigReferencer
 	ConnectionSecretWriterTo
 	ConnectionDetailsPublisherTo
+	Manageable
 	Orphanable
 	xpv1.ConditionedStatus
 }
--- a/pkg/resource/interfaces.go
+++ b/pkg/resource/interfaces.go
@ -67,6 +67,12 @@ type ConnectionDetailsPublisherTo interface {
 	GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
 }

+// A Manageable resource may specify a ManagementPolicy.
+type Manageable interface {
+	SetManagementPolicy(p xpv1.ManagementPolicy)
+	GetManagementPolicy() xpv1.ManagementPolicy
+}
+
 // An Orphanable resource may specify a DeletionPolicy.
 type Orphanable interface {
 	SetDeletionPolicy(p xpv1.DeletionPolicy)
@ -190,6 +196,7 @@ type Managed interface {
 	ProviderConfigReferencer
 	ConnectionSecretWriterTo
 	ConnectionDetailsPublisherTo
+	Manageable
 	Orphanable

 	Conditioned