Fix sync when selector includes orig namespace

zdata-inc · Mar 30, 2022 · 0a1b8f7 · 0a1b8f7
2 parents 7d7167a + 64316ef
commit 0a1b8f7
Show file tree

Hide file tree

Showing 5 changed files with 131 additions and 2 deletions.
diff --git a/src/manager.rs b/src/manager.rs
@@ -164,11 +164,16 @@ async fn destination_namespaces<T>(client: Client, resource: &T) -> Result<Vec<N
     }
 
     let result = api.list(&params).await?;
-    if result.items.len() == 0 {
+    let mut namespaces = Vec::<Namespace>::from_iter(result);
+
+    // Remove namespace resource is currently in
+    namespaces.retain(|x| x.name() != namespace);
+
+    if namespaces.len() == 0 {
         warn!("Given label selector {} for resource {}/{} matched no namespaces", selector, namespace, name);
     }
 
-    Ok(Vec::<Namespace>::from_iter(result))
+    Ok(namespaces)
 }
 
 async fn sync_resource<T>(client: Client, source_resource: &T) -> Result<()>

diff --git a/tests/e2e/default/01-assert.yaml b/tests/e2e/default/01-assert.yaml
@@ -17,6 +17,30 @@ data:
 ---
 apiVersion: v1
 kind: Secret
+metadata:
+  name: kustd-sync-all-test
+  namespace: kustd-test-a
+  annotations:
+    kustd.zdatainc.com/sync: ""
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kustd-sync-all-test
+  namespace: kustd-test-b
+data:
+  data: YmxhaA==
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kustd-sync-all-test
+  namespace: kustd-test-c
+data:
+  data: YmxhaA==
+---
+apiVersion: v1
+kind: Secret
 type: kubernetes.io/dockerconfigjson
 metadata:
   name: kustd-sync-registry-test

diff --git a/tests/e2e/default/01-create.yaml b/tests/e2e/default/01-create.yaml
@@ -22,6 +22,16 @@ data:
 ---
 apiVersion: v1
 kind: Secret
+metadata:
+  name: kustd-sync-all-test
+  namespace: kustd-test-a
+  annotations:
+    kustd.zdatainc.com/sync: ""
+data:
+  data: YmxhaA==
+---
+apiVersion: v1
+kind: Secret
 type: kubernetes.io/dockerconfigjson
 metadata:
   name: kustd-sync-registry-test

diff --git a/tests/e2e/default/01-errors.yaml b/tests/e2e/default/01-errors.yaml
@@ -14,3 +14,11 @@ metadata:
   namespace: kustd-test-c
 data:
   data: YmxhaA==
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: kustd-sync-all-test
+  namespace: kustd-test-a
+  annotations:
+    kustd.zdatainc.com/origin.name: "kustd-sync-all-test"
diff --git a/tests/manager_test.rs b/tests/manager_test.rs
@@ -18,6 +18,7 @@ use kube::{
 };
 use k8s_openapi::{
     ByteString,
+    Metadata,
     api::core::v1::{Namespace, Secret, ConfigMap}
 };
 use tokio::time;
@@ -164,6 +165,87 @@ async fn test_sync_dockerconfig_secret(ctx: &mut K8sContext) {
     ));
 }
 
+#[test_context(K8sContext)]
+#[tokio::test]
+#[serial]
+async fn test_sync_secret_all_ns(ctx: &mut K8sContext) {
+    let ns1 = ctx.create_namespace("test1", "loc=a").await;
+    let ns2 = ctx.create_namespace("test2", "loc=b").await;
+
+    let ns1_secrets: Api<Secret> = Api::namespaced(ctx.client(), &ns1.name());
+    let ns2_secrets: Api<Secret> = Api::namespaced(ctx.client(), &ns2.name());
+
+    // Test creating secret
+    let secret = &ctx.secret("test-sync-all")
+        .sync_selector("")
+        .data(&json!({ "data": "data" }))
+        .create(&ns1_secrets).await.unwrap();
+    time::sleep(Duration::from_millis(100)).await;
+
+    let orig_secret = ns1_secrets.get(&secret.name()).await.unwrap();
+    // Ensure original secret doesn't get overwritten during sync
+    assert_eq!(orig_secret.metadata().annotations, secret.metadata().annotations);
+
+    let synced_secret = ns2_secrets.get(&secret.name()).await.unwrap();
+    assert_eq!(
+        synced_secret.data.clone().and_then(|x| { x.get("data").cloned() }),
+        Some(ByteString("data".as_bytes().to_vec())));
+
+    // Test updating secret change data
+    ns1_secrets.patch(&secret.name(), &PatchParams::apply("kustd").force(), &Patch::Apply(json!({
+        "apiVersion": "v1",
+        "kind": "Secret",
+        "stringData": {
+            "data": "data2"
+        }
+    }))).await.unwrap();
+    time::sleep(Duration::from_millis(100)).await;
+    let synced_secret = ns2_secrets.get(&secret.name()).await.unwrap();
+    assert_eq!(
+        synced_secret.data.and_then(|x| { x.get("data").cloned() }),
+        Some(ByteString("data2".as_bytes().to_vec())));
+
+    // Test updating secret to delete from NS
+    ns1_secrets.patch(&secret.name(), &PatchParams::apply("kustd").force(), &Patch::Apply(json!({
+        "apiVersion": "v1",
+        "kind": "Secret",
+        "metadata": {
+            "annotations": {
+                "kustd.zdatainc.com/sync": "loc=c"
+            }
+        }
+    }))).await.unwrap();
+    time::sleep(Duration::from_millis(100)).await;
+    assert!(matches!(
+        ns2_secrets.get(&secret.name()).await,
+        Err(kube::Error::Api(kube::core::ErrorResponse { code: 404, .. }))
+    ));
+
+    // Test updating secret to create in NS
+    ns1_secrets.patch(&secret.name(), &PatchParams::apply("kustd").force(), &Patch::Apply(json!({
+        "apiVersion": "v1",
+        "kind": "Secret",
+        "metadata": {
+            "annotations": {
+                "kustd.zdatainc.com/sync": ""
+            }
+        }
+    }))).await.unwrap();
+    time::sleep(Duration::from_millis(100)).await;
+    assert!(matches!(
+        ns2_secrets.get(&secret.name()).await,
+        Ok(_)
+    ));
+
+    // Test deleting secret
+    ns1_secrets.delete(&secret.name(), &DeleteParams::default()).await.unwrap();
+    time::sleep(Duration::from_millis(100)).await;
+    assert!(matches!(
+        ns2_secrets.get(&secret.name()).await,
+        Err(kube::Error::Api(kube::core::ErrorResponse { code: 404, .. }))
+    ));
+}
+
 
 #[test_context(K8sContext)]
 #[tokio::test]