ROX-21701: add PATCH for Central name (#1569)

* ROX-21701: add PATCH for Central name

* address review comments

* add warning comment

.secrets.baseline

@@ -376,21 +376,21 @@
         "filename": "pkg/client/fleetmanager/api_moq.go",
         "hashed_secret": "44e17306b837162269a410204daaa5ecee4ec22c",
         "is_verified": false,
-        "line_number": 567
+        "line_number": 583
       },
       {
         "type": "Secret Keyword",
         "filename": "pkg/client/fleetmanager/api_moq.go",
         "hashed_secret": "0ff50155b4f57adeccae93f27dc23efe2a8b7824",
         "is_verified": false,
-        "line_number": 568
+        "line_number": 584
       },
       {
         "type": "Secret Keyword",
         "filename": "pkg/client/fleetmanager/api_moq.go",
         "hashed_secret": "5ce1b8d4fb9dae5c02b2017e39e7267a21cea37f",
         "is_verified": false,
-        "line_number": 577
+        "line_number": 593
       }
     ],
     "pkg/client/iam/client_moq.go": [

e2e/e2e_suite_test.go

@@ -143,6 +143,19 @@ func isDNSEnabled(routesEnabled bool) (bool, string, string) {
 	return dnsEnabled, accessKey, secretKey
 }
 
+func assertCentralRequestName(ctx context.Context, client *fleetmanager.Client, id string, name string) func() error {
+	return func() error {
+		centralRequest, _, err := client.PublicAPI().GetCentralById(ctx, id)
+		if err != nil {
+			return err
+		}
+		if centralRequest.Name != name {
+			return fmt.Errorf("expected centralRequest name %q, got %q", name, centralRequest.Name)
+		}
+		return nil
+	}
+}
+
 func assertCentralRequestStatus(ctx context.Context, client *fleetmanager.Client, id string, status string) func() error {
 	return func() error {
 		centralRequest, _, err := client.PublicAPI().GetCentralById(ctx, id)

e2e/e2e_test.go

@@ -389,6 +389,24 @@ var _ = Describe("Central", Ordered, func() {
 				Should(Succeed())
 		})
 
+		It("should patch the Central name", func() {
+			centralRequestName = newCentralName()
+			_, _, err := adminAPI.UpdateCentralNameById(ctx,
+				centralRequestID,
+				private.CentralUpdateNameRequest{
+					Name: centralRequestName, Reason: "e2e test",
+				},
+			)
+			Expect(err).To(BeNil())
+		})
+
+		It("should transition to central's new name", func() {
+			Eventually(assertCentralRequestName(ctx, client, centralRequestID, centralRequestName)).
+				WithTimeout(waitTimeout).
+				WithPolling(defaultPolling).
+				Should(Succeed())
+		})
+
 		It("should transition central to deprovisioning state when deleting", func() {
 			Expect(deleteCentralByID(ctx, client, centralRequestID)).
 				To(Succeed())
@@ -423,7 +441,6 @@ var _ = Describe("Central", Ordered, func() {
 				WithPolling(defaultPolling).
 				Should(BeEmpty(), "Started at %s", time.Now())
 		})
-
 	})
 
 	Describe("should be deployed and can be force-deleted", Ordered, func() {

internal/dinosaur/pkg/api/admin/private/api/openapi.yaml

@@ -378,6 +378,57 @@ paths:
       security:
       - Bearer: []
       summary: Update `expired_at` central property
+  /api/rhacs/v1/admin/centrals/{id}/name:
+    patch:
+      operationId: updateCentralNameById
+      parameters:
+      - description: The ID of record
+        in: path
+        name: id
+        required: true
+        schema:
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/CentralUpdateNameRequest'
+        description: Options for patch operation
+        required: true
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Central'
+          description: Central updated by ID
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Error'
+          description: Auth token is invalid
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Error'
+          description: User is not authorised to access the service
+        "404":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Error'
+          description: No Central found with the specified ID
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/Error'
+          description: Unexpected error occurred
+      security:
+      - Bearer: []
+      summary: Update `name` central property
   /api/rhacs/v1/admin/centrals/{id}/rotate-secrets:
     post:
       operationId: centralRotateSecrets
@@ -531,6 +582,19 @@ components:
         reset_secret_backup:
           type: boolean
       type: object
+    CentralUpdateNameRequest:
+      example:
+        reason: reason
+        name: name
+      properties:
+        name:
+          type: string
+        reason:
+          type: string
+      required:
+      - name
+      - reason
+      type: object
     Error:
       allOf:
       - $ref: '#/components/schemas/ObjectReference'

internal/dinosaur/pkg/handlers/admin_dinosaur.go

@@ -40,6 +40,10 @@ type AdminCentralHandler interface {
 	RotateSecrets(w http.ResponseWriter, r *http.Request)
 	// PatchExpiredAt sets the expired_at central property
 	PatchExpiredAt(w http.ResponseWriter, r *http.Request)
+	// PatchName sets the name central property. Tread carefully when renaming
+	// a tenant. In particular, avoid two Central CRs appearing in the same
+	// tenant namespace. This may cause conflicts due to mixed resource ownership.
+	PatchName(w http.ResponseWriter, r *http.Request)
 }
 
 type adminCentralHandler struct {
@@ -272,3 +276,25 @@ func (h adminCentralHandler) PatchExpiredAt(w http.ResponseWriter, r *http.Reque
 	}
 	handlers.Handle(w, r, cfg, http.StatusOK)
 }
+
+func (h adminCentralHandler) PatchName(w http.ResponseWriter, r *http.Request) {
+	updateNameRequest := private.CentralUpdateNameRequest{}
+	cfg := &handlers.HandlerConfig{
+		MarshalInto: &updateNameRequest,
+		Validate: []handlers.Validate{
+			handlers.ValidateLength(&updateNameRequest.Name, "name", &handlers.MinRequiredFieldLength, &MaxCentralNameLength),
+			ValidDinosaurClusterName(&updateNameRequest.Name, "name"),
+			ValidateDinosaurClusterNameIsUnique(r.Context(), &updateNameRequest.Name, h.service),
+			handlers.ValidateLength(&updateNameRequest.Reason, "reason", &handlers.MinRequiredFieldLength, &handlers.MaxServiceAccountDescLength),
+		},
+		Action: func() (i interface{}, serviceError *errors.ServiceError) {
+			id := mux.Vars(r)["id"]
+			glog.Infof("Setting name to %q for central %q: %s", updateNameRequest.Name, id, updateNameRequest.Reason)
+			central := &dbapi.CentralRequest{Meta: api.Meta{ID: id}}
+			return nil, h.service.Updates(central, map[string]interface{}{
+				"name": &updateNameRequest.Name,
+			})
+		},
+	}
+	handlers.Handle(w, r, cfg, http.StatusOK)
+}

internal/dinosaur/pkg/routes/route_loader.go

@@ -258,6 +258,9 @@ func (s *options) buildAPIBaseRouter(mainRouter *mux.Router, basePath string, op
 	adminCentralsRouter.HandleFunc("/{id}/expired-at", adminCentralHandler.PatchExpiredAt).
 		Name(logger.NewLogEvent("admin-expired-at", "[admin] set `expired_at` central property").ToString()).
 		Methods(http.MethodPatch)
+	adminCentralsRouter.HandleFunc("/{id}/name", adminCentralHandler.PatchName).
+		Name(logger.NewLogEvent("admin-name", "[admin] set `name` central property").ToString()).
+		Methods(http.MethodPatch)
 
 	adminCreateRouter := adminCentralsRouter.NewRoute().Subrouter()
 	adminCreateRouter.HandleFunc("", adminCentralHandler.Create).Methods(http.MethodPost)