remove API reader

Author: limak9182

cmd/main.go

@@ -348,7 +348,6 @@ func main() {
 			ReadTimeout:  readTimeout,
 			WriteTimeout: writeTimeout,
 			Client:       mgr.GetClient(),
-			Reader:       mgr.GetAPIReader(),
 		})
 
 		if err := mgr.Add(manager.RunnableFunc(func(ctx context.Context) error {

pkg/postgresql/cluster/adapter/webhook/postgres_webhook_integration_test.go

@@ -29,6 +29,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/utils/ptr"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 
 	enterpriseApi "github.com/splunk/splunk-operator/api/v4"
@@ -574,15 +575,6 @@ func TestPostgresClusterClassPgHBAUpdateIntegration(t *testing.T) {
 	})
 }
 
-func ptrBool(b bool) *bool       { return &b }
-func ptrString(s string) *string { return &s }
-func ptrInt32(i int32) *int32    { return &i }
-
-func ptrQuantity(s string) *resource.Quantity {
-	q := resource.MustParse(s)
-	return &q
-}
-
 func newFakeReader(objects ...runtime.Object) *fake.ClientBuilder {
 	s := runtime.NewScheme()
 	enterpriseApi.AddToScheme(s)
@@ -599,20 +591,20 @@ func TestCrossResourceValidationIntegration(t *testing.T) {
 		Spec: enterpriseApi.PostgresClusterClassSpec{
 			Provisioner: "postgresql.cnpg.io",
 			Config: &enterpriseApi.PostgresClusterClassConfig{
-				Instances:               ptrInt32(3),
-				Storage:                 ptrQuantity("50Gi"),
-				PostgresVersion:         ptrString("17"),
-				ConnectionPoolerEnabled: ptrBool(false),
+				Instances:               ptr.To(int32(3)),
+				Storage:                 ptr.To(resource.MustParse("50Gi")),
+				PostgresVersion:         ptr.To("17"),
+				ConnectionPoolerEnabled: ptr.To(false),
 			},
 		},
 	}
 
-	reader := newFakeReader(prodClass).Build()
+	fakeClient := newFakeReader(prodClass).Build()
 
 	server := validation.NewWebhookServer(validation.WebhookServerOptions{
 		Port:       9443,
 		Validators: validation.DefaultValidators,
-		Reader:     reader,
+		Client:     fakeClient,
 	})
 
 	tests := []struct {
@@ -640,56 +632,31 @@ func TestCrossResourceValidationIntegration(t *testing.T) {
 			wantAllowed: false,
 			wantMessage: "PostgresClusterClass not found",
 		},
-		{
-			name: "rejected - storage below class floor",
-			obj: &enterpriseApi.PostgresCluster{
-				TypeMeta:   metav1.TypeMeta{APIVersion: "enterprise.splunk.com/v4", Kind: "PostgresCluster"},
-				ObjectMeta: metav1.ObjectMeta{Name: "test", Namespace: "default"},
-				Spec: enterpriseApi.PostgresClusterSpec{
-					Class:   "prod",
-					Storage: ptrQuantity("10Gi"),
-				},
-			},
-			wantAllowed: false,
-			wantMessage: "storage cannot be lower than class default",
-		},
 		{
 			name: "rejected - version below class floor",
 			obj: &enterpriseApi.PostgresCluster{
 				TypeMeta:   metav1.TypeMeta{APIVersion: "enterprise.splunk.com/v4", Kind: "PostgresCluster"},
 				ObjectMeta: metav1.ObjectMeta{Name: "test", Namespace: "default"},
 				Spec: enterpriseApi.PostgresClusterSpec{
 					Class:           "prod",
-					PostgresVersion: ptrString("16"),
+					PostgresVersion: ptr.To("16"),
 				},
 			},
 			wantAllowed: false,
 			wantMessage: "postgresVersion cannot be lower than class default",
 		},
 		{
-			name: "rejected - pooler enabled when class disables",
+			name: "rejected - pooler enabled but class has no cnpg.connectionPooler",
 			obj: &enterpriseApi.PostgresCluster{
 				TypeMeta:   metav1.TypeMeta{APIVersion: "enterprise.splunk.com/v4", Kind: "PostgresCluster"},
 				ObjectMeta: metav1.ObjectMeta{Name: "test", Namespace: "default"},
 				Spec: enterpriseApi.PostgresClusterSpec{
 					Class:                   "prod",
-					ConnectionPoolerEnabled: ptrBool(true),
+					ConnectionPoolerEnabled: ptr.To(true),
 				},
 			},
 			wantAllowed: false,
-			wantMessage: "connectionPoolerEnabled cannot be enabled",
-		},
-		{
-			name: "allowed - storage equal to class",
-			obj: &enterpriseApi.PostgresCluster{
-				TypeMeta:   metav1.TypeMeta{APIVersion: "enterprise.splunk.com/v4", Kind: "PostgresCluster"},
-				ObjectMeta: metav1.ObjectMeta{Name: "test", Namespace: "default"},
-				Spec: enterpriseApi.PostgresClusterSpec{
-					Class:   "prod",
-					Storage: ptrQuantity("50Gi"),
-				},
-			},
-			wantAllowed: true,
+			wantMessage: "connection pooler requires cnpg.connectionPooler configuration",
 		},
 		{
 			name: "allowed - higher version",
@@ -698,7 +665,7 @@ func TestCrossResourceValidationIntegration(t *testing.T) {
 				ObjectMeta: metav1.ObjectMeta{Name: "test", Namespace: "default"},
 				Spec: enterpriseApi.PostgresClusterSpec{
 					Class:           "prod",
-					PostgresVersion: ptrString("18"),
+					PostgresVersion: ptr.To("18"),
 				},
 			},
 			wantAllowed: true,
@@ -719,7 +686,7 @@ func TestCrossResourceValidationIntegration(t *testing.T) {
 	}
 }
 
-func TestCrossResourceValidationDisabledWithoutReader(t *testing.T) {
+func TestCrossResourceValidationDisabledWithoutClient(t *testing.T) {
 	server := validation.NewWebhookServer(validation.WebhookServerOptions{
 		Port:       9443,
 		Validators: validation.DefaultValidators,
@@ -731,8 +698,8 @@ func TestCrossResourceValidationDisabledWithoutReader(t *testing.T) {
 		Spec:       enterpriseApi.PostgresClusterSpec{Class: "nonexistent"},
 	}
 
-	ar := newPostgresClusterAdmissionReview(t, "uid-no-reader", admissionv1.Create, obj, nil)
+	ar := newPostgresClusterAdmissionReview(t, "uid-no-client", admissionv1.Create, obj, nil)
 	resp := sendAdmissionReview(t, server, ar)
 
-	assert.True(t, resp.Allowed, "without a reader, cross-resource validation should be skipped")
+	assert.True(t, resp.Allowed, "without a client, cross-resource validation should be skipped")
 }

pkg/postgresql/cluster/adapter/webhook/postgrescluster_validation.go

@@ -18,13 +18,15 @@ package webhook
 
 import (
 	"context"
+	"fmt"
 	"strconv"
 
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	enterpriseApi "github.com/splunk/splunk-operator/api/v4"
-	hba "github.com/splunk/splunk-operator/pkg/postgresql/cluster/core"
+	core "github.com/splunk/splunk-operator/pkg/postgresql/cluster/core"
 )
 
 // ValidatePostgresClusterCreate validates a PostgresCluster on CREATE.
@@ -33,7 +35,7 @@ func ValidatePostgresClusterCreate(obj *enterpriseApi.PostgresCluster, reader cl
 
 	if len(obj.Spec.PgHBA) > 0 {
 		pgHBAPath := field.NewPath("spec").Child("pgHBA")
-		for _, re := range hba.ValidateRules(obj.Spec.PgHBA) {
+		for _, re := range core.ValidateRules(obj.Spec.PgHBA) {
 			allErrs = append(allErrs, field.Invalid(
 				pgHBAPath.Index(re.Index),
 				obj.Spec.PgHBA[re.Index],
@@ -58,81 +60,62 @@ func validateAgainstClass(obj *enterpriseApi.PostgresCluster, reader client.Read
 
 	class := &enterpriseApi.PostgresClusterClass{}
 	if err := reader.Get(context.Background(), client.ObjectKey{Name: obj.Spec.Class}, class); err != nil {
-		allErrs = append(allErrs, field.Invalid(
-			field.NewPath("spec").Child("class"),
-			obj.Spec.Class,
-			"referenced PostgresClusterClass not found"))
+		classPath := field.NewPath("spec").Child("class")
+		if apierrors.IsNotFound(err) {
+			allErrs = append(allErrs, field.Invalid(classPath, obj.Spec.Class,
+				"referenced PostgresClusterClass not found"))
+		} else {
+			allErrs = append(allErrs, field.InternalError(classPath,
+				fmt.Errorf("failed to look up PostgresClusterClass %q: %w", obj.Spec.Class, err)))
+		}
 		return allErrs
 	}
 
-	classConfig := class.Spec.Config
-
-	mergedInstances := obj.Spec.Instances
-	mergedVersion := obj.Spec.PostgresVersion
-	mergedStorage := obj.Spec.Storage
-	if classConfig != nil {
-		if mergedInstances == nil {
-			mergedInstances = classConfig.Instances
+	merged, err := core.GetMergedConfig(class, obj)
+	if err != nil {
+		specPath := field.NewPath("spec")
+		if merged == nil || merged.Spec.Instances == nil {
+			allErrs = append(allErrs, field.Required(specPath.Child("instances"),
+				"must be set in PostgresCluster or PostgresClusterClass"))
 		}
-		if mergedVersion == nil {
-			mergedVersion = classConfig.PostgresVersion
+		if merged == nil || merged.Spec.PostgresVersion == nil {
+			allErrs = append(allErrs, field.Required(specPath.Child("postgresVersion"),
+				"must be set in PostgresCluster or PostgresClusterClass"))
 		}
-		if mergedStorage == nil {
-			mergedStorage = classConfig.Storage
+		if merged == nil || merged.Spec.Storage == nil {
+			allErrs = append(allErrs, field.Required(specPath.Child("storage"),
+				"must be set in PostgresCluster or PostgresClusterClass"))
 		}
-	}
-	specPath := field.NewPath("spec")
-	if mergedInstances == nil {
-		allErrs = append(allErrs, field.Required(specPath.Child("instances"),
-			"must be set in PostgresCluster or PostgresClusterClass"))
-	}
-	if mergedVersion == nil {
-		allErrs = append(allErrs, field.Required(specPath.Child("postgresVersion"),
-			"must be set in PostgresCluster or PostgresClusterClass"))
-	}
-	if mergedStorage == nil {
-		allErrs = append(allErrs, field.Required(specPath.Child("storage"),
-			"must be set in PostgresCluster or PostgresClusterClass"))
-	}
-
-	if classConfig == nil {
 		return allErrs
 	}
 
-	if obj.Spec.Storage != nil && classConfig.Storage != nil {
-		if obj.Spec.Storage.Cmp(*classConfig.Storage) < 0 {
-			allErrs = append(allErrs, field.Invalid(
-				field.NewPath("spec").Child("storage"),
-				obj.Spec.Storage.String(),
-				"storage cannot be lower than class default ("+classConfig.Storage.String()+")"))
-		}
-	}
-
-	if obj.Spec.PostgresVersion != nil && classConfig.PostgresVersion != nil {
-		clusterMajor, clusterMinor := parseVersion(*obj.Spec.PostgresVersion)
-		classMajor, classMinor := parseVersion(*classConfig.PostgresVersion)
-		if clusterMajor > 0 && classMajor > 0 {
-			versionTooLow := clusterMajor < classMajor ||
-				(clusterMajor == classMajor && classMinor >= 0 && clusterMinor >= 0 && clusterMinor < classMinor)
-			if versionTooLow {
-				allErrs = append(allErrs, field.Invalid(
-					field.NewPath("spec").Child("postgresVersion"),
-					*obj.Spec.PostgresVersion,
-					"postgresVersion cannot be lower than class default ("+*classConfig.PostgresVersion+")"))
+	if classConfig := class.Spec.Config; classConfig != nil {
+		if obj.Spec.PostgresVersion != nil && classConfig.PostgresVersion != nil {
+			clusterMajor, clusterMinor := parseVersion(*obj.Spec.PostgresVersion)
+			classMajor, classMinor := parseVersion(*classConfig.PostgresVersion)
+			if clusterMajor > 0 && classMajor > 0 {
+				versionTooLow := clusterMajor < classMajor ||
+					(clusterMajor == classMajor && classMinor >= 0 && clusterMinor >= 0 && clusterMinor < classMinor)
+				if versionTooLow {
+					allErrs = append(allErrs, field.Invalid(
+						field.NewPath("spec").Child("postgresVersion"),
+						*obj.Spec.PostgresVersion,
+						"postgresVersion cannot be lower than class default ("+*classConfig.PostgresVersion+")"))
+				}
 			}
 		}
-	}
 
-	if obj.Spec.ConnectionPoolerEnabled != nil && *obj.Spec.ConnectionPoolerEnabled {
-		classDisabled := classConfig.ConnectionPoolerEnabled == nil || !*classConfig.ConnectionPoolerEnabled
-		if classDisabled {
+		poolerEnabled := (obj.Spec.ConnectionPoolerEnabled != nil && *obj.Spec.ConnectionPoolerEnabled) ||
+			(obj.Spec.ConnectionPoolerEnabled == nil && classConfig.ConnectionPoolerEnabled != nil && *classConfig.ConnectionPoolerEnabled)
+		if poolerEnabled && (class.Spec.CNPG == nil || class.Spec.CNPG.ConnectionPooler == nil) {
 			allErrs = append(allErrs, field.Invalid(
 				field.NewPath("spec").Child("connectionPoolerEnabled"),
 				true,
-				"connectionPoolerEnabled cannot be enabled when disabled in PostgresClusterClass"))
+				"connection pooler requires cnpg.connectionPooler configuration in PostgresClusterClass"))
 		}
 	}
 
+	_ = merged
 	return allErrs
 }