From d7e7249debb89b07231cb5975304c2a392189498 Mon Sep 17 00:00:00 2001
From: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Date: Wed, 18 Aug 2021 20:39:52 +0300
Subject: [PATCH 1/2] Read PostgreSQL admin password from connection secret

- Fixes #230

Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
---
 .../database/postgresqlserver/managed.go      | 27 ++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/pkg/controller/database/postgresqlserver/managed.go b/pkg/controller/database/postgresqlserver/managed.go
index ac330b1d..48c08185 100644
--- a/pkg/controller/database/postgresqlserver/managed.go
+++ b/pkg/controller/database/postgresqlserver/managed.go
@@ -21,6 +21,8 @@ import (
 	"fmt"
 
 	"github.com/Azure/azure-sdk-for-go/services/postgresql/mgmt/2017-12-01/postgresql"
+	v1 "k8s.io/api/core/v1"
+	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/client-go/util/workqueue"
 	"sigs.k8s.io/controller-runtime/pkg/controller"
 
@@ -52,6 +54,7 @@ const (
 	errGetPostgreSQLServer    = "cannot get PostgreSQLServer"
 	errDeletePostgreSQLServer = "cannot delete PostgreSQLServer"
 	errFetchLastOperation     = "cannot fetch last operation"
+	errGetConnSecret          = "cannot get connection secret"
 )
 
 // Setup adds a controller that reconciles PostgreSQLInstances.
@@ -146,6 +149,22 @@ func (e *external) Observe(ctx context.Context, mg resource.Managed) (managed.Ex
 	return o, nil
 }
 
+func (e *external) getPassword(ctx context.Context, cr *v1beta1.PostgreSQLServer) (string, error) {
+	if cr == nil || cr.Spec.WriteConnectionSecretToReference.Name == "" || cr.Spec.WriteConnectionSecretToReference.Namespace == "" {
+		return "", nil
+	}
+
+	s := &v1.Secret{}
+	if err := e.kube.Get(ctx, types.NamespacedName{
+		Namespace: cr.Spec.WriteConnectionSecretToReference.Namespace,
+		Name:      cr.Spec.WriteConnectionSecretToReference.Name,
+	}, s); err != nil {
+		return "", errors.Wrap(err, errGetConnSecret)
+	}
+
+	return string(s.Data[xpv1.ResourceCredentialsSecretPasswordKey]), nil
+}
+
 func (e *external) Create(ctx context.Context, mg resource.Managed) (managed.ExternalCreation, error) {
 	cr, ok := mg.(*v1beta1.PostgreSQLServer)
 	if !ok {
@@ -154,7 +173,13 @@ func (e *external) Create(ctx context.Context, mg resource.Managed) (managed.Ext
 
 	cr.SetConditions(xpv1.Creating())
 
-	pw, err := e.newPasswordFn()
+	pw, err := e.getPassword(ctx, cr)
+	if err != nil {
+		return managed.ExternalCreation{}, err
+	}
+	if pw == "" {
+		pw, err = e.newPasswordFn()
+	}
 	if err != nil {
 		return managed.ExternalCreation{}, errors.Wrap(err, errGenPassword)
 	}

From 031156b9e479e1245333177a1b2bad3a2f4230f9 Mon Sep 17 00:00:00 2001
From: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Date: Thu, 19 Aug 2021 12:19:40 +0300
Subject: [PATCH 2/2] Bump CI Go version to 1.16

- Make kind version used in e2e tests configurable
- Update kind version to 0.11.1
- Update kind node image version to 1.19.11
- These are needed to get e2e tests running. Please see:
  https://github.com/crossplane/provider-aws/pull/782#issuecomment-888612043

Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
---
 .github/workflows/ci.yml                            |  2 +-
 Makefile                                            | 12 +++++++++---
 cluster/local/integration_tests.sh                  |  5 +++--
 pkg/controller/database/postgresqlserver/managed.go |  9 +++++----
 4 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ccf168c9..b3922bb4 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -10,7 +10,7 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.14'
+  GO_VERSION: '1.16'
   GOLANGCI_VERSION: 'v1.31'
   DOCKER_BUILDX_VERSION: 'v0.4.2'
 
diff --git a/Makefile b/Makefile
index 975eec8f..eb1779c0 100644
--- a/Makefile
+++ b/Makefile
@@ -5,6 +5,10 @@ PROJECT_NAME := provider-azure
 PROJECT_REPO := github.com/crossplane/$(PROJECT_NAME)
 
 PLATFORMS ?= linux_amd64 linux_arm64
+
+# kind-related versions
+KIND_VERSION ?= v0.11.1
+KIND_NODE_IMAGE_TAG ?= v1.19.11
 # -include will silently skip missing files, which allows us
 # to load those files with a target in the Makefile. If only
 # "include" was used, the make command would fail and refuse
@@ -92,7 +96,7 @@ e2e.run: test-integration
 # Run integration tests.
 test-integration: $(KIND) $(KUBECTL) $(HELM3)
 	@$(INFO) running integration tests using kind $(KIND_VERSION)
-	@$(ROOT_DIR)/cluster/local/integration_tests.sh || $(FAIL)
+	@KIND_NODE_IMAGE_TAG=${KIND_NODE_IMAGE_TAG} KIND_VERSION=${KIND_VERSION} $(ROOT_DIR)/cluster/local/integration_tests.sh || $(FAIL)
 	@$(OK) integration tests passed
 
 # Update the submodules, such as the common build scripts.
@@ -115,6 +119,8 @@ manifests:
 # using unit tests.
 KUBEBUILDER_VERSION ?= 1.0.8
 KUBEBUILDER := $(TOOLS_HOST_DIR)/kubebuilder-$(KUBEBUILDER_VERSION)
+KUBEBUILDER_OS ?= $(GOHOSTOS)
+KUBEBUILDER_ARCH ?= $(GOHOSTARCH)
 TEST_ASSET_KUBE_APISERVER := $(KUBEBUILDER)/kube-apiserver
 TEST_ASSET_ETCD := $(KUBEBUILDER)/etcd
 export TEST_ASSET_KUBE_APISERVER TEST_ASSET_ETCD
@@ -150,7 +156,7 @@ help-special: crossplane.help
 $(KUBEBUILDER):
 	@$(INFO) installing kubebuilder $(KUBEBUILDER_VERSION)
 	@mkdir -p $(TOOLS_HOST_DIR)/tmp || $(FAIL)
-	@curl -fsSL https://github.com/kubernetes-sigs/kubebuilder/releases/download/v$(KUBEBUILDER_VERSION)/kubebuilder_$(KUBEBUILDER_VERSION)_$(GOHOSTOS)_$(GOHOSTARCH).tar.gz | tar -xz -C $(TOOLS_HOST_DIR)/tmp  || $(FAIL)
-	@mv $(TOOLS_HOST_DIR)/tmp/kubebuilder_$(KUBEBUILDER_VERSION)_$(GOHOSTOS)_$(GOHOSTARCH)/bin $(KUBEBUILDER) || $(FAIL)
+	@curl -fsSL https://github.com/kubernetes-sigs/kubebuilder/releases/download/v$(KUBEBUILDER_VERSION)/kubebuilder_$(KUBEBUILDER_VERSION)_$(KUBEBUILDER_OS)_$(KUBEBUILDER_ARCH).tar.gz | tar -xz -C $(TOOLS_HOST_DIR)/tmp  || $(FAIL)
+	@mv $(TOOLS_HOST_DIR)/tmp/kubebuilder_$(KUBEBUILDER_VERSION)_$(KUBEBUILDER_OS)_$(KUBEBUILDER_ARCH)/bin $(KUBEBUILDER) || $(FAIL)
 	@rm -fr $(TOOLS_HOST_DIR)/tmp
 	@$(OK) installing kubebuilder $(KUBEBUILDER_VERSION)
diff --git a/cluster/local/integration_tests.sh b/cluster/local/integration_tests.sh
index a85c0391..0ecea536 100755
--- a/cluster/local/integration_tests.sh
+++ b/cluster/local/integration_tests.sh
@@ -71,7 +71,8 @@ echo "created cache dir at ${CACHE_PATH}"
 docker save "${BUILD_IMAGE}" -o "${CACHE_PATH}/${PACKAGE_NAME}.xpkg" && chmod 644 "${CACHE_PATH}/${PACKAGE_NAME}.xpkg"
 
 # create kind cluster with extra mounts
-echo_step "creating k8s cluster using kind"
+KIND_NODE_IMAGE="kindest/node:${KIND_NODE_IMAGE_TAG}"
+echo_step "creating k8s cluster using kind ${KIND_VERSION} and node image ${KIND_NODE_IMAGE}"
 KIND_CONFIG="$( cat <<EOF
 kind: Cluster
 apiVersion: kind.x-k8s.io/v1alpha4
@@ -82,7 +83,7 @@ nodes:
     containerPath: /cache
 EOF
 )"
-echo "${KIND_CONFIG}" | "${KIND}" create cluster --name="${K8S_CLUSTER}" --wait=5m --config=-
+echo "${KIND_CONFIG}" | "${KIND}" create cluster --name="${K8S_CLUSTER}" --wait=5m --image="${KIND_NODE_IMAGE}" --config=-
 
 # tag controller image and load it into kind cluster
 docker tag "${CONTROLLER_IMAGE}" "${PACKAGE_CONTROLLER_IMAGE}"
diff --git a/pkg/controller/database/postgresqlserver/managed.go b/pkg/controller/database/postgresqlserver/managed.go
index 48c08185..3204455d 100644
--- a/pkg/controller/database/postgresqlserver/managed.go
+++ b/pkg/controller/database/postgresqlserver/managed.go
@@ -150,7 +150,8 @@ func (e *external) Observe(ctx context.Context, mg resource.Managed) (managed.Ex
 }
 
 func (e *external) getPassword(ctx context.Context, cr *v1beta1.PostgreSQLServer) (string, error) {
-	if cr == nil || cr.Spec.WriteConnectionSecretToReference.Name == "" || cr.Spec.WriteConnectionSecretToReference.Namespace == "" {
+	if cr.Spec.WriteConnectionSecretToReference == nil ||
+		cr.Spec.WriteConnectionSecretToReference.Name == "" || cr.Spec.WriteConnectionSecretToReference.Namespace == "" {
 		return "", nil
 	}
 
@@ -179,9 +180,9 @@ func (e *external) Create(ctx context.Context, mg resource.Managed) (managed.Ext
 	}
 	if pw == "" {
 		pw, err = e.newPasswordFn()
-	}
-	if err != nil {
-		return managed.ExternalCreation{}, errors.Wrap(err, errGenPassword)
+		if err != nil {
+			return managed.ExternalCreation{}, errors.Wrap(err, errGenPassword)
+		}
 	}
 	if err := e.client.CreateServer(ctx, cr, pw); err != nil {
 		return managed.ExternalCreation{}, errors.Wrap(err, errCreatePostgreSQLServer)