Merge pull request #293 from stone-payments/feature/add-public-access-in-postgresql

ulucinar · web-flow · commit 1c0702110ed4 · 2021-09-24T15:21:04.000+03:00
Implement spec.publicNetworkAccess for PostgreSQL
diff --git a/apis/database/v1beta1/sql_types.go b/apis/database/v1beta1/sql_types.go
@@ -164,7 +164,12 @@ type SQLServerParameters struct {
 
 	// TODO(hasheddan): support InfrastructureEncryption
 
-	// TODO(hasheddan): support PublicNetworkAccess
+	// PublicNetworkAccess - Whether or not public network access is allowed for
+	// this server. Value is optional but if passed in,
+	// must be 'Enabled' or 'Disabled'.
+	// +kubebuilder:validation:Enum=Enabled;Disabled
+	// +optional
+	PublicNetworkAccess *string `json:"publicNetworkAccess,omitempty"`
 
 	// CreateMode - Possible values include: 'CreateModeDefault', 'CreateModePointInTimeRestore', 'CreateModeGeoRestore', 'CreateModeReplica'
 	// +optional
@@ -194,7 +199,7 @@ type SQLServerParameters struct {
 }
 
 // CreateMode controls the creation behaviour
-// Keep synced with "github.com/Azure/azure-sdk-for-go/services/postgresql/mgmt/2017-12-01/postgresql".MinimalTLSVersionEnum
+// Keep synced with "github.com/Azure/azure-sdk-for-go/services/postgresql/mgmt/2017-12-01/postgresql".CreateMode
 // +kubebuilder:validation:Enum=Default;GeoRestore;PointInTimeRestore;Replica
 type CreateMode string
 
diff --git a/apis/database/v1beta1/zz_generated.deepcopy.go b/apis/database/v1beta1/zz_generated.deepcopy.go
diff --git a/package/crds/database.azure.crossplane.io_mysqlservers.yaml b/package/crds/database.azure.crossplane.io_mysqlservers.yaml
@@ -74,6 +74,12 @@ spec:
                   minimalTlsVersion:
                     description: MinimalTLSVersion - control TLS connection policy
                     type: string
+                  publicNetworkAccess:
+                    description: PublicNetworkAccess - Whether or not public network access is allowed for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
+                    enum:
+                    - Enabled
+                    - Disabled
+                    type: string
                   resourceGroupName:
                     description: ResourceGroupName specifies the name of the resource group that should contain this SQLServer.
                     type: string
diff --git a/package/crds/database.azure.crossplane.io_postgresqlservers.yaml b/package/crds/database.azure.crossplane.io_postgresqlservers.yaml
@@ -74,6 +74,12 @@ spec:
                   minimalTlsVersion:
                     description: MinimalTLSVersion - control TLS connection policy
                     type: string
+                  publicNetworkAccess:
+                    description: PublicNetworkAccess - Whether or not public network access is allowed for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
+                    enum:
+                    - Enabled
+                    - Disabled
+                    type: string
                   resourceGroupName:
                     description: ResourceGroupName specifies the name of the resource group that should contain this SQLServer.
                     type: string
diff --git a/pkg/clients/database/postgresql.go b/pkg/clients/database/postgresql.go
@@ -75,18 +75,19 @@ func (c *PostgreSQLServerClient) GetServer(ctx context.Context, cr *azuredbv1bet
 	return c.ServersClient.Get(ctx, cr.Spec.ForProvider.ResourceGroupName, meta.GetExternalName(cr))
 }
 
-// toMySQLProperties converts the CrossPlane ForProvider object to a PostgreSQL Azure properties object
+// toPGSQLProperties converts the CrossPlane ForProvider object to a PostgreSQL Azure properties object
 func toPGSQLProperties(s v1beta1.SQLServerParameters, adminPassword string) postgresql.BasicServerPropertiesForCreate {
 	createMode := pointerToCreateMode(s.CreateMode)
 	switch createMode {
 	case azuredbv1beta1.CreateModePointInTimeRestore:
 		return &postgresql.ServerPropertiesForRestore{
-			MinimalTLSVersion:  postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
-			Version:            postgresql.ServerVersion(s.Version),
-			SslEnforcement:     postgresql.SslEnforcementEnum(s.SSLEnforcement),
-			CreateMode:         postgresql.CreateModePointInTimeRestore,
-			RestorePointInTime: safeDate(s.RestorePointInTime),
-			SourceServerID:     s.SourceServerID,
+			MinimalTLSVersion:   postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
+			Version:             postgresql.ServerVersion(s.Version),
+			SslEnforcement:      postgresql.SslEnforcementEnum(s.SSLEnforcement),
+			PublicNetworkAccess: postgresql.PublicNetworkAccessEnum(azure.ToString(s.PublicNetworkAccess)),
+			CreateMode:          postgresql.CreateModePointInTimeRestore,
+			RestorePointInTime:  safeDate(s.RestorePointInTime),
+			SourceServerID:      s.SourceServerID,
 			StorageProfile: &postgresql.StorageProfile{
 				BackupRetentionDays: azure.ToInt32PtrFromIntPtr(s.StorageProfile.BackupRetentionDays),
 				GeoRedundantBackup:  postgresql.GeoRedundantBackup(azure.ToString(s.StorageProfile.GeoRedundantBackup)),
@@ -96,11 +97,12 @@ func toPGSQLProperties(s v1beta1.SQLServerParameters, adminPassword string) post
 		}
 	case azuredbv1beta1.CreateModeGeoRestore:
 		return &postgresql.ServerPropertiesForGeoRestore{
-			MinimalTLSVersion: postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
-			Version:           postgresql.ServerVersion(s.Version),
-			SslEnforcement:    postgresql.SslEnforcementEnum(s.SSLEnforcement),
-			SourceServerID:    s.SourceServerID,
-			CreateMode:        postgresql.CreateModeGeoRestore,
+			MinimalTLSVersion:   postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
+			Version:             postgresql.ServerVersion(s.Version),
+			SslEnforcement:      postgresql.SslEnforcementEnum(s.SSLEnforcement),
+			SourceServerID:      s.SourceServerID,
+			PublicNetworkAccess: postgresql.PublicNetworkAccessEnum(azure.ToString(s.PublicNetworkAccess)),
+			CreateMode:          postgresql.CreateModeGeoRestore,
 			StorageProfile: &postgresql.StorageProfile{
 				BackupRetentionDays: azure.ToInt32PtrFromIntPtr(s.StorageProfile.BackupRetentionDays),
 				GeoRedundantBackup:  postgresql.GeoRedundantBackup(azure.ToString(s.StorageProfile.GeoRedundantBackup)),
@@ -110,11 +112,12 @@ func toPGSQLProperties(s v1beta1.SQLServerParameters, adminPassword string) post
 		}
 	case azuredbv1beta1.CreateModeReplica:
 		return &postgresql.ServerPropertiesForReplica{
-			MinimalTLSVersion: postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
-			Version:           postgresql.ServerVersion(s.Version),
-			SslEnforcement:    postgresql.SslEnforcementEnum(s.SSLEnforcement),
-			CreateMode:        postgresql.CreateModeReplica,
-			SourceServerID:    s.SourceServerID,
+			MinimalTLSVersion:   postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
+			Version:             postgresql.ServerVersion(s.Version),
+			SslEnforcement:      postgresql.SslEnforcementEnum(s.SSLEnforcement),
+			PublicNetworkAccess: postgresql.PublicNetworkAccessEnum(azure.ToString(s.PublicNetworkAccess)),
+			CreateMode:          postgresql.CreateModeReplica,
+			SourceServerID:      s.SourceServerID,
 			StorageProfile: &postgresql.StorageProfile{
 				BackupRetentionDays: azure.ToInt32PtrFromIntPtr(s.StorageProfile.BackupRetentionDays),
 				GeoRedundantBackup:  postgresql.GeoRedundantBackup(azure.ToString(s.StorageProfile.GeoRedundantBackup)),
@@ -131,6 +134,7 @@ func toPGSQLProperties(s v1beta1.SQLServerParameters, adminPassword string) post
 			AdministratorLoginPassword: &adminPassword,
 			Version:                    postgresql.ServerVersion(s.Version),
 			SslEnforcement:             postgresql.SslEnforcementEnum(s.SSLEnforcement),
+			PublicNetworkAccess:        postgresql.PublicNetworkAccessEnum(azure.ToString(s.PublicNetworkAccess)),
 			CreateMode:                 postgresql.CreateModeDefault,
 			StorageProfile: &postgresql.StorageProfile{
 				BackupRetentionDays: azure.ToInt32PtrFromIntPtr(s.StorageProfile.BackupRetentionDays),
@@ -172,9 +176,10 @@ func (c *PostgreSQLServerClient) UpdateServer(ctx context.Context, cr *azuredbv1
 	// we don't support that.
 	s := cr.Spec.ForProvider
 	properties := &postgresql.ServerUpdateParametersProperties{
-		Version:           postgresql.ServerVersion(s.Version),
-		MinimalTLSVersion: postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
-		SslEnforcement:    postgresql.SslEnforcementEnum(s.SSLEnforcement),
+		Version:             postgresql.ServerVersion(s.Version),
+		MinimalTLSVersion:   postgresql.MinimalTLSVersionEnum(s.MinimalTLSVersion),
+		SslEnforcement:      postgresql.SslEnforcementEnum(s.SSLEnforcement),
+		PublicNetworkAccess: postgresql.PublicNetworkAccessEnum(azure.ToString(s.PublicNetworkAccess)),
 		StorageProfile: &postgresql.StorageProfile{
 			BackupRetentionDays: azure.ToInt32PtrFromIntPtr(s.StorageProfile.BackupRetentionDays),
 			GeoRedundantBackup:  postgresql.GeoRedundantBackup(azure.ToString(s.StorageProfile.GeoRedundantBackup)),
@@ -313,6 +318,10 @@ func LateInitializePostgreSQL(p *azuredbv1beta1.SQLServerParameters, in postgres
 	if p.SSLEnforcement == "" {
 		p.SSLEnforcement = string(in.SslEnforcement)
 	}
+
+	if p.PublicNetworkAccess == nil {
+		p.PublicNetworkAccess = azure.ToStringPtr(string(in.PublicNetworkAccess))
+	}
 }
 
 // IsPostgreSQLUpToDate is used to report whether given postgresql.Server is in
@@ -344,6 +353,8 @@ func IsPostgreSQLUpToDate(p azuredbv1beta1.SQLServerParameters, in postgresql.Se
 		return false
 	case azure.ToString(p.StorageProfile.StorageAutogrow) != string(in.StorageProfile.StorageAutogrow):
 		return false
+	case azure.ToString(p.PublicNetworkAccess) != string(in.PublicNetworkAccess):
+		return false
 	}
 	return true
 }
diff --git a/pkg/clients/database/postgresql_test.go b/pkg/clients/database/postgresql_test.go
@@ -431,3 +431,143 @@ func TestPostgreSQLServerFirewallRuleIsUpToDate(t *testing.T) {
 		})
 	}
 }
+
+func TestIsPostgreSQLUpToDate(t *testing.T) {
+	type args struct {
+		p  v1beta1.SQLServerParameters
+		in postgresql.Server
+	}
+	cases := map[string]struct {
+		args
+		want bool
+	}{
+		"IsUpToDateWithAllDefault": {
+			args: args{
+				p: v1beta1.SQLServerParameters{},
+				in: postgresql.Server{
+					Sku: &postgresql.Sku{},
+					ServerProperties: &postgresql.ServerProperties{
+						StorageProfile: &postgresql.StorageProfile{},
+					},
+				},
+			},
+			want: true,
+		},
+		"IsUpToDate": {
+			args: args{
+				p: v1beta1.SQLServerParameters{
+					MinimalTLSVersion: "TLS1_2",
+					SSLEnforcement:    "Enabled",
+					Version:           "9.6",
+					Tags: map[string]string{
+						"created_by": "crossplane",
+					},
+					SKU: v1beta1.SKU{
+						Tier:     "GeneralPurpose",
+						Capacity: 2,
+						Family:   "Gen5",
+					},
+					PublicNetworkAccess: azure.ToStringPtr("Enabled"),
+					StorageProfile: v1beta1.StorageProfile{
+						StorageMB:           20480,
+						StorageAutogrow:     azure.ToStringPtr("Enabled"),
+						BackupRetentionDays: to.IntPtr(5),
+						GeoRedundantBackup:  azure.ToStringPtr("Disabled"),
+					},
+				},
+				in: postgresql.Server{
+					Tags: map[string]*string{
+						"created_by": azure.ToStringPtr("crossplane"),
+					},
+					Sku: &postgresql.Sku{
+						Tier:     postgresql.GeneralPurpose,
+						Capacity: azure.ToInt32Ptr(2),
+						Family:   azure.ToStringPtr("Gen5"),
+					},
+					ServerProperties: &postgresql.ServerProperties{
+						Version: "9.6",
+						StorageProfile: &postgresql.StorageProfile{
+							StorageMB:           azure.ToInt32Ptr(20480),
+							StorageAutogrow:     postgresql.StorageAutogrowEnabled,
+							BackupRetentionDays: azure.ToInt32Ptr(5),
+							GeoRedundantBackup:  postgresql.Disabled,
+						},
+						SslEnforcement:      postgresql.SslEnforcementEnumEnabled,
+						MinimalTLSVersion:   postgresql.TLS12,
+						PublicNetworkAccess: postgresql.PublicNetworkAccessEnumEnabled,
+					},
+				},
+			},
+			want: true,
+		},
+		"IsNotUpToDate": {
+			args: args{
+				p: v1beta1.SQLServerParameters{
+					PublicNetworkAccess: azure.ToStringPtr("Disabled"),
+				},
+				in: postgresql.Server{
+					Sku: &postgresql.Sku{},
+					ServerProperties: &postgresql.ServerProperties{
+						StorageProfile:      &postgresql.StorageProfile{},
+						PublicNetworkAccess: postgresql.PublicNetworkAccessEnumEnabled,
+					},
+				},
+			},
+			want: false,
+		},
+		"IsNotUpToDateWithServerWithoutSku": {
+			args: args{
+				p: v1beta1.SQLServerParameters{},
+				in: postgresql.Server{
+					ServerProperties: &postgresql.ServerProperties{
+						StorageProfile: &postgresql.StorageProfile{},
+					},
+				},
+			},
+			want: false,
+		},
+	}
+
+	for name, tc := range cases {
+		t.Run(name, func(t *testing.T) {
+			got := IsPostgreSQLUpToDate(tc.args.p, tc.args.in)
+			if diff := cmp.Diff(tc.want, got); diff != "" {
+				t.Errorf("IsPostgreSQLUpToDate(...): -want, +got\n%s", diff)
+			}
+		})
+	}
+}
+
+func TestLateInitializePostgreSQL(t *testing.T) {
+	type args struct {
+		p  *v1beta1.SQLServerParameters
+		in postgresql.Server
+	}
+	cases := map[string]struct {
+		args
+		want *v1beta1.SQLServerParameters
+	}{
+		"PublicNetworkAccessLateInitialize": {
+			args: args{
+				p: &v1beta1.SQLServerParameters{},
+				in: postgresql.Server{
+					Sku: &postgresql.Sku{},
+					ServerProperties: &postgresql.ServerProperties{
+						PublicNetworkAccess: postgresql.PublicNetworkAccessEnumEnabled,
+					},
+				},
+			},
+			want: &v1beta1.SQLServerParameters{
+				PublicNetworkAccess: azure.ToStringPtr("Enabled"),
+			},
+		},
+	}
+	for name, tc := range cases {
+		t.Run(name, func(t *testing.T) {
+			LateInitializePostgreSQL(tc.args.p, tc.args.in)
+			if diff := cmp.Diff(tc.want, tc.args.p); diff != "" {
+				t.Errorf("LateInitializePostgreSQL(...): -want, +got\n%s", diff)
+			}
+		})
+	}
+}
