refactor: migrate configuration controller harbor client to goharbor …

…go-client (#821)

Signed-off-by: chlins <chenyuzh@vmware.com>

apis/goharbor.io/v1beta1/harbor_configuration.go

@@ -2,7 +2,6 @@ package v1beta1
 
 import (
 	goyaml "gopkg.in/yaml.v2"
-	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	k8syaml "sigs.k8s.io/yaml"
 )
@@ -40,9 +39,6 @@ type HarborConfigurationSpec struct {
 
 // HarborConfigurationModel defines the spec of HarborConfiguration.
 type HarborConfigurationModel struct {
-	// AdditionalProperties provides workaround for those unknown configuration fields in the future.
-	// +kubebuilder:validation:Optional
-	Extension *apiextensionsv1.JSON `json:"extension,omitempty" yaml:"extension,omitempty"`
 	// The auth mode of current system, such as "db_auth", "ldap_auth", "oidc_auth".
 	// +kubebuilder:validation:Optional
 	AuthMode string `json:"authMode,omitempty" yaml:"auth_mode,omitempty"`

charts/harbor-operator/templates/crds.yaml

@@ -8583,9 +8583,6 @@ spec:
                   emailUsername:
                     description: The username for authenticate against SMTP server.
                     type: string
-                  extension:
-                    description: AdditionalProperties provides workaround for those unknown configuration fields in the future.
-                    x-kubernetes-preserve-unknown-fields: true
                   httpAuthproxyAdminGroups:
                     description: The group which has the harbor admin privileges.
                     type: string
@@ -8769,9 +8766,6 @@ spec:
                       emailUsername:
                         description: The username for authenticate against SMTP server.
                         type: string
-                      extension:
-                        description: AdditionalProperties provides workaround for those unknown configuration fields in the future.
-                        x-kubernetes-preserve-unknown-fields: true
                       httpAuthproxyAdminGroups:
                         description: The group which has the harbor admin privileges.
                         type: string

controllers/goharbor/configuration/reconciler.go

@@ -2,12 +2,14 @@ package configuration
 
 import (
 	"context"
-	"fmt"
+	"encoding/json"
 
+	"github.com/goharbor/go-client/pkg/harbor"
+	"github.com/goharbor/go-client/pkg/sdk/v2.0/client/configure"
+	"github.com/goharbor/go-client/pkg/sdk/v2.0/models"
 	goharborv1 "github.com/goharbor/harbor-operator/apis/goharbor.io/v1beta1"
 	"github.com/goharbor/harbor-operator/controllers"
 	commonCtrl "github.com/goharbor/harbor-operator/pkg/controller"
-	pkgharbor "github.com/goharbor/harbor-operator/pkg/harbor"
 	"github.com/goharbor/harbor-operator/pkg/utils/strings"
 	"github.com/ovh/configstore"
 	"github.com/pkg/errors"
@@ -66,7 +68,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.
 			return ctrl.Result{}, nil
 		}
 
-		return ctrl.Result{}, fmt.Errorf("error get harbor configuration: %w", err)
+		return ctrl.Result{}, errors.Wrapf(err, "error get harbor configuration %v", req)
 	}
 
 	hcCopy := hc.DeepCopy()
@@ -92,30 +94,31 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.
 	// get harbor cr
 	harborCluster := &goharborv1.HarborCluster{}
 	if err = r.Client.Get(ctx, types.NamespacedName{Namespace: req.Namespace, Name: hc.Spec.HarborClusterRef}, harborCluster); err != nil {
-		err = fmt.Errorf("error get harborCluster: %w", err)
+		err = errors.Wrapf(err, "error get harborCluster %s", hc.Spec.HarborClusterRef)
 		hc.Status.Reason = "HarborClusterError"
 
 		return
 	}
 	// get harbor client
 	harborClient, err := r.getHarborClient(ctx, harborCluster)
 	if err != nil {
-		err = fmt.Errorf("error get harbor client: %w", err)
+		err = errors.Wrapf(err, "error get harbor client")
 		hc.Status.Reason = "HarborClientError"
 
 		return
 	}
 	// assemble hc
-	payload, err := r.assembleHarborConfiguration(ctx, hc)
+	configurationModel, err := r.assembleHarborConfiguration(ctx, hc)
 	if err != nil {
-		err = fmt.Errorf("error assemble harbor configuration: %w", err)
+		err = errors.Wrapf(err, "error assemble harbor configuration")
 		hc.Status.Reason = "AssembleConfigurationError"
 
 		return
 	}
 	// apply configuration
-	if err = harborClient.ApplyConfiguration(ctx, payload); err != nil {
-		err = fmt.Errorf("apply harbor configuration error: %w", err)
+	params := configure.NewUpdateConfigurationsParams().WithConfigurations(configurationModel)
+	if _, err = harborClient.V2().Configure.UpdateConfigurations(ctx, params); err != nil {
+		err = errors.Wrapf(err, "error apply harbor configuration")
 		hc.Status.Reason = "ApplyConfigurationError"
 
 		return
@@ -125,31 +128,34 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.
 }
 
 // getHarborClient gets harbor client.
-func (r *Reconciler) getHarborClient(ctx context.Context, harbor *goharborv1.HarborCluster) (pkgharbor.Client, error) {
-	url := harbor.Spec.ExternalURL
-	if len(url) == 0 {
-		return nil, errors.Errorf("harbor url is invalid")
-	}
-
-	var opts []pkgharbor.ClientOption
+func (r *Reconciler) getHarborClient(ctx context.Context, hc *goharborv1.HarborCluster) (*harbor.ClientSet, error) {
+	var (
+		username = "admin"
+		password = ""
+	)
 
-	adminSecretRef := harbor.Spec.HarborAdminPasswordRef
+	adminSecretRef := hc.Spec.HarborAdminPasswordRef
 	if len(adminSecretRef) > 0 {
 		// fetch admin password
 		secret := &corev1.Secret{}
-		if err := r.Client.Get(ctx, types.NamespacedName{Namespace: harbor.Namespace, Name: adminSecretRef}, secret); err != nil {
-			return nil, fmt.Errorf("error get harbor admin secret: %w", err)
+		if err := r.Client.Get(ctx, types.NamespacedName{Namespace: hc.Namespace, Name: adminSecretRef}, secret); err != nil {
+			return nil, errors.Wrapf(err, "failed to get harbor admin secret: %s", adminSecretRef)
 		}
 
-		password := string(secret.Data["secret"])
-		opts = append(opts, pkgharbor.WithCredential("admin", password))
+		password = string(secret.Data["secret"])
+	}
+
+	config := harbor.ClientSetConfig{
+		URL:      hc.Spec.ExternalURL,
+		Username: username,
+		Password: password,
 	}
 
-	return pkgharbor.NewClient(url, opts...), nil
+	return harbor.NewClientSet(&config)
 }
 
 // assembleConfig assembles password filed from secret.
-func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharborv1.HarborConfiguration) (payload []byte, err error) { // nolint:funlen
+func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharborv1.HarborConfiguration) (model *models.Configurations, err error) { // nolint:funlen
 	secretValueGetter := func(secretName, secretNamespace, key string) (string, error) {
 		secret := &corev1.Secret{}
 		if err := r.Client.Get(ctx, types.NamespacedName{Namespace: secretNamespace, Name: secretName}, secret); err != nil {
@@ -169,7 +175,7 @@ func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharb
 	if len(hc.Spec.Configuration.EmailPassword) != 0 {
 		password, err := secretValueGetter(hc.Spec.Configuration.EmailPassword, hc.Namespace, "email_password")
 		if err != nil {
-			return nil, fmt.Errorf("error extract email_password from secret %s: %w", hc.Spec.Configuration.EmailPassword, err)
+			return nil, errors.Wrapf(err, "error extract email_password from secret %s", hc.Spec.Configuration.EmailPassword)
 		}
 
 		hc.Spec.Configuration.EmailPassword = password
@@ -178,7 +184,7 @@ func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharb
 	if len(hc.Spec.Configuration.LdapSearchPassword) != 0 {
 		password, err := secretValueGetter(hc.Spec.Configuration.LdapSearchPassword, hc.Namespace, "ldap_search_password")
 		if err != nil {
-			return nil, fmt.Errorf("error extract ldap_search_password from secret %s: %w", hc.Spec.Configuration.LdapSearchPassword, err)
+			return nil, errors.Wrapf(err, "error extract ldap_search_password from secret %s", hc.Spec.Configuration.LdapSearchPassword)
 		}
 
 		hc.Spec.Configuration.LdapSearchPassword = password
@@ -187,7 +193,7 @@ func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharb
 	if len(hc.Spec.Configuration.UaaClientSecret) != 0 {
 		secret, err := secretValueGetter(hc.Spec.Configuration.UaaClientSecret, hc.Namespace, "uaa_client_secret")
 		if err != nil {
-			return nil, fmt.Errorf("error extract uaa_client_secret from secret %s: %w", hc.Spec.Configuration.UaaClientSecret, err)
+			return nil, errors.Wrapf(err, "error extract uaa_client_secret from secret %s", hc.Spec.Configuration.UaaClientSecret)
 		}
 
 		hc.Spec.Configuration.UaaClientSecret = secret
@@ -196,7 +202,7 @@ func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharb
 	if len(hc.Spec.Configuration.OidcClientSecret) != 0 {
 		secret, err := secretValueGetter(hc.Spec.Configuration.OidcClientSecret, hc.Namespace, "oidc_client_secret")
 		if err != nil {
-			return nil, fmt.Errorf("error extract oidc_client_secret from secret %s: %w", hc.Spec.Configuration.UaaClientSecret, err)
+			return nil, errors.Wrapf(err, "error extract oidc_client_secret from secret %s", hc.Spec.Configuration.UaaClientSecret)
 		}
 
 		hc.Spec.Configuration.OidcClientSecret = secret
@@ -206,11 +212,11 @@ func (r *Reconciler) assembleHarborConfiguration(ctx context.Context, hc *goharb
 	if err != nil {
 		return nil, err
 	}
-	// from json payload to harbor configuration
-	c, err := pkgharbor.FromJSONToConfiguration(p)
-	if err != nil {
+
+	model = &models.Configurations{}
+	if err = json.Unmarshal(p, model); err != nil {
 		return nil, err
 	}
 
-	return c.Payload()
+	return model, nil
 }

docs/configurations/day2-config.md

@@ -62,16 +62,16 @@ data:
 ```
 
 ```yaml
-apiVersion: goharbor.io/v1alpha3
+apiVersion: goharbor.io/v1beta1
 kind: HarborConfiguration
 metadata:
   name: test-config
   namespace: cluster-sample-ns
 spec:
   # your harbor configuration
   configuration:
-    email_password: secret-sample
-    email_ssl: true
+    emailPassword: secret-sample
+    emailSsl: true
   harborClusterRef: harborcluster-sample
 ```
 
@@ -82,7 +82,7 @@ status:
   lastApplyTime: "2021-06-04T06:07:53Z"
   lastConfiguration:
     configuration:
-      email_password: secret-sample
-      email_ssl: true
+      emailPassword: secret-sample
+      emailSsl: true
   status: Success
 ```

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/go-kit/kit v0.10.0
 	github.com/go-logr/logr v0.4.0
 	github.com/go-redis/redis v6.15.9+incompatible
+	github.com/goharbor/go-client v0.24.3
 	github.com/goharbor/harbor/src v0.0.0-20211025104526-d4affc2eba6d
 	github.com/huandu/xstrings v1.3.2 // indirect
 	github.com/jaegertracing/jaeger-lib v2.2.0+incompatible