Cherry pick #312 and #310 (#316)

* Trigger adc reconciliation if credentials is updated in ADC (#310)

Signed-off-by: Lubron Zhan <lubronzhan@gmail.com>

* Change the logger (#312)

Signed-off-by: Lubron Zhan <lubronzhan@gmail.com>

---------

Signed-off-by: Lubron Zhan <lubronzhan@gmail.com>

controllers/akodeploymentconfig/akodeploymentconfig_controller.go

@@ -182,9 +182,12 @@ func (r *AKODeploymentConfigReconciler) secretToAKODeploymentConfig(c client.Cli
 		}
 
 		var requests []ctrl.Request
+		// enqueue if credentials or certificate of akoo is updated
 		for _, akoDeploymentConfig := range akoDeploymentConfigs.Items {
 			if akoDeploymentConfig.Spec.CertificateAuthorityRef.Name == secret.Name &&
-				akoDeploymentConfig.Spec.CertificateAuthorityRef.Namespace == secret.Namespace {
+				akoDeploymentConfig.Spec.CertificateAuthorityRef.Namespace == secret.Namespace ||
+				akoDeploymentConfig.Spec.AdminCredentialRef.Name == secret.Name &&
+					akoDeploymentConfig.Spec.AdminCredentialRef.Namespace == secret.Namespace {
 				requests = append(requests, ctrl.Request{
 					NamespacedName: types.NamespacedName{
 						Namespace: akoDeploymentConfig.Namespace,

controllers/akodeploymentconfig/akodeploymentconfig_controller_intg_test.go

@@ -26,7 +26,6 @@ import (
 	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/ako"
 	ako_operator "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/ako-operator"
 	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/test/builder"
-	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/test/util"
 	testutil "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/test/util"
 )
 
@@ -352,7 +351,7 @@ func intgTestAkoDeploymentConfigController() {
 			err := os.Setenv(ako_operator.IsControlPlaneHAProvider, "False")
 			Expect(err).ShouldNot(HaveOccurred())
 		})
-		It("shouldn't wait AIS if controlplane and dataplane has the same CIDR", func() {
+		It("shouldn't wait for AIS if controlplane and dataplane has the same CIDR", func() {
 			akoDeploymentConfig.Spec.ControlPlaneNetwork.CIDR = akoDeploymentConfig.Spec.DataNetwork.CIDR
 			createObjects(akoDeploymentConfig, cluster, controllerCredentials, controllerCA)
 			aviInfraSettingName = akoDeploymentConfig.Name + "-ais"
@@ -369,7 +368,7 @@ func intgTestAkoDeploymentConfigController() {
 			Expect(service.Annotations[akoov1alpha1.HAAVIInfraSettingAnnotationsKey]).To(BeEmpty())
 
 		})
-		It("should wait AIS before adding annotation to service", func() {
+		It("should wait for AIS before adding annotation to service", func() {
 			createObjects(akoDeploymentConfig, cluster, controllerCredentials, controllerCA)
 			aviInfraSettingName = akoDeploymentConfig.Name + "-ais"
 			ensureRuntimeObjectMatchExpectation(client.ObjectKey{
@@ -756,7 +755,7 @@ func intgTestAkoDeploymentConfigController() {
 						}, &akoov1alpha1.AKODeploymentConfig{}, true)
 
 						ensureRuntimeObjectMatchExpectation(client.ObjectKey{
-							Name: util.CustomADCName,
+							Name: testutil.CustomADCName,
 						}, &akoov1alpha1.AKODeploymentConfig{}, true)
 					})
 
@@ -775,7 +774,7 @@ func intgTestAkoDeploymentConfigController() {
 						ensureClusterAviLabelValueMatchExpectation(client.ObjectKey{
 							Name:      cluster.Name,
 							Namespace: cluster.Namespace,
-						}, akoov1alpha1.AviClusterLabel, util.CustomADCName, true)
+						}, akoov1alpha1.AviClusterLabel, testutil.CustomADCName, true)
 
 						By("removing cluster's label")
 						latestCluster := &clusterv1.Cluster{
@@ -814,7 +813,7 @@ func intgTestAkoDeploymentConfigController() {
 						}, &akoov1alpha1.AKODeploymentConfig{}, true)
 
 						ensureRuntimeObjectMatchExpectation(client.ObjectKey{
-							Name: util.CustomADCName,
+							Name: testutil.CustomADCName,
 						}, &akoov1alpha1.AKODeploymentConfig{}, true)
 					})
 
@@ -833,7 +832,7 @@ func intgTestAkoDeploymentConfigController() {
 						ensureClusterAviLabelValueMatchExpectation(client.ObjectKey{
 							Name:      cluster.Name,
 							Namespace: cluster.Namespace,
-						}, akoov1alpha1.AviClusterLabel, util.CustomADCName, true)
+						}, akoov1alpha1.AviClusterLabel, testutil.CustomADCName, true)
 
 						By("removing cluster's label")
 						latestCluster := &clusterv1.Cluster{

controllers/akodeploymentconfig/cluster/cluster_controller.go

@@ -8,24 +8,24 @@ import (
 	"fmt"
 	"time"
 
-	"k8s.io/client-go/kubernetes/scheme"
-
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
-	akoov1alpha1 "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/api/v1alpha1"
 	corev1 "k8s.io/api/core/v1"
-	"sigs.k8s.io/controller-runtime/pkg/client/fake"
-	ctrlutil "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
-
-	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/ako"
-	akoo "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/ako-operator"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/client-go/kubernetes/scheme"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 	"sigs.k8s.io/cluster-api/controllers/remote"
 	"sigs.k8s.io/cluster-api/util/conditions"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/client/fake"
+	ctrlutil "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+
+	akoov1alpha1 "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/api/v1alpha1"
+	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/ako"
+	akoo "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/ako-operator"
+	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/utils"
 )
 
 const (
@@ -122,7 +122,7 @@ func (r *ClusterReconciler) cleanup(
 	//   - secret is <cluster-name>-load-balancer-and-ingress-service-data-values
 	secretName := r.akoAddonDataValueName()
 	if akoo.IsClusterClassBasedCluster(obj) {
-		secretName = r.akoAddonSecretNameForClusterClass(obj)
+		secretName = utils.AKOAddonSecretNameForClusterClass(obj)
 	}
 	if err := remoteClient.Get(ctx, client.ObjectKey{
 		Name:      secretName,

controllers/akodeploymentconfig/cluster/cluster_controller_addon_secret.go

@@ -87,7 +87,7 @@ func (r *ClusterReconciler) ReconcileAddonSecret(
 	}
 	secret := &corev1.Secret{}
 	if err = r.Get(ctx, client.ObjectKey{
-		Name:      r.akoAddonSecretName(cluster),
+		Name:      utils.AKOAddonSecretName(cluster),
 		Namespace: cluster.Namespace,
 	}, secret); err != nil {
 		if apierrors.IsNotFound(err) {
@@ -125,7 +125,7 @@ func (r *ClusterReconciler) ReconcileAddonSecretDelete(
 
 	secret := &corev1.Secret{}
 	if err := r.Get(ctx, client.ObjectKey{
-		Name:      r.akoAddonSecretName(cluster),
+		Name:      utils.AKOAddonSecretName(cluster),
 		Namespace: cluster.Namespace,
 	}, secret); err != nil {
 		if apierrors.IsNotFound(err) {
@@ -153,26 +153,14 @@ func (r *ClusterReconciler) ReconcileAddonSecretDelete(
 	return res, nil
 }
 
-func (r *ClusterReconciler) aviUserSecretName(cluster *clusterv1.Cluster) string {
-	return cluster.Name + "-avi-credentials"
-}
-
-func (r *ClusterReconciler) akoAddonSecretName(cluster *clusterv1.Cluster) string {
-	return cluster.Name + "-load-balancer-and-ingress-service-addon"
-}
-
-func (r *ClusterReconciler) akoAddonSecretNameForClusterClass(cluster *clusterv1.Cluster) string {
-	return cluster.Name + "-load-balancer-and-ingress-service-data-values"
-}
-
 func (r *ClusterReconciler) createAKOAddonSecret(cluster *clusterv1.Cluster, obj *akoov1alpha1.AKODeploymentConfig, aviUsersecret *corev1.Secret) (*corev1.Secret, error) {
 	secretStringData, err := AkoAddonSecretDataYaml(cluster, obj, aviUsersecret)
 	if err != nil {
 		return nil, err
 	}
 	secret := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      r.akoAddonSecretName(cluster),
+			Name:      utils.AKOAddonSecretName(cluster),
 			Namespace: cluster.Namespace,
 			Annotations: map[string]string{
 				akoov1alpha1.TKGAddonAnnotationKey: "networking/load-balancer-and-ingress-service",
@@ -223,7 +211,7 @@ func AkoAddonSecretDataYaml(cluster *clusterv1.Cluster, obj *akoov1alpha1.AKODep
 func (r *ClusterReconciler) getClusterAviUserSecret(cluster *clusterv1.Cluster, ctx context.Context) (*corev1.Secret, error) {
 	secret := &corev1.Secret{}
 	if err := r.Get(ctx, client.ObjectKey{
-		Name:      r.aviUserSecretName(cluster),
+		Name:      utils.AVIUserSecretName(cluster),
 		Namespace: cluster.Namespace,
 	}, secret); err != nil {
 		return secret, err
@@ -264,7 +252,7 @@ func (r *ClusterReconciler) patchAkoPackageRefToClusterBootstrap(ctx context.Con
 	expectedAKOClusterBootstrapPackage := &runv1alpha3.ClusterBootstrapPackage{
 		RefName: akoPackageRefName,
 		ValuesFrom: &runv1alpha3.ValuesFrom{
-			SecretRef: r.akoAddonSecretName(cluster),
+			SecretRef: utils.AKOAddonSecretName(cluster),
 		},
 	}
 
@@ -390,7 +378,7 @@ func ValidateClusterIpFamily(cluster *clusterv1.Cluster, adc *akoov1alpha1.AKODe
 	// When enable avi as control plane ha, backend server shouldn't use secondary ip type
 	// TODO:(chenlin) Remove validation after AKO supports configurable ip pool
 	if isVIPProvider && adcIpFamily == IPv6IpFamily && clusterIpFamily == DualStackIPv4Primary {
-		return errors.New("When enabling avi as control plane HA, AKO with IP family V6 can not work together with ipv4 primary dual-stack cluster")
+		return errors.New("when enabling avi as control plane HA, AKO with IP family V6 can not work together with ipv4 primary dual-stack cluster")
 	}
 	return nil
 }

controllers/akodeploymentconfig/user/user_controller.go

@@ -8,9 +8,6 @@ import (
 
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
-	akoov1alpha1 "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/api/v1alpha1"
-	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/aviclient"
-	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/utils"
 	"github.com/vmware/alb-sdk/go/models"
 	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -22,6 +19,10 @@ import (
 	"sigs.k8s.io/cluster-api/util/conditions"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+
+	akoov1alpha1 "github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/api/v1alpha1"
+	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/aviclient"
+	"github.com/vmware-tanzu/load-balancer-operator-for-kubernetes/pkg/utils"
 )
 
 // AkoUserReconciler reconcile avi user related resources
@@ -431,12 +432,12 @@ func (r *AkoUserReconciler) deployManagementClusterSecret(
 		Name:      obj.Spec.AdminCredentialRef.Name,
 		Namespace: obj.Spec.AdminCredentialRef.Namespace,
 	}, adminCredential); err != nil {
-		log.Error(err, "Failed to find referenced AdminCredential Secret")
+		log.Error(err, "Failed to find referenced AdminCredential Secret", "secret namespace", obj.Spec.AdminCredentialRef.Namespace, "secret name", obj.Spec.AdminCredentialRef.Name)
 		return err
 	}
 	secret := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      cluster.Name + "-avi-credentials",
+			Name:      utils.AVIUserSecretName(cluster),
 			Namespace: cluster.Namespace,
 		},
 		Type: akoov1alpha1.AviClusterSecretType,
@@ -448,7 +449,7 @@ func (r *AkoUserReconciler) deployManagementClusterSecret(
 	}
 	err := r.Client.Create(ctx, secret)
 	if apierrors.IsAlreadyExists(err) {
-		log.Info("avi secret already exists, update avi-secret")
+		log.Info("avi secret already exists, update avi-secret", "secret namespace", secret.Namespace, "secret name", secret.Name)
 		return r.Client.Update(ctx, secret)
 	}
 	return err

go.mod

@@ -10,15 +10,16 @@ require (
 	github.com/onsi/gomega v1.33.1
 	github.com/pkg/errors v0.9.1
 	github.com/satori/go.uuid v1.2.0
+	github.com/spf13/pflag v1.0.5
 	github.com/vmware-tanzu/tanzu-framework/apis/run v0.0.0-20221104044415-a462bbe793b9
 	github.com/vmware/alb-sdk v0.0.0-20240502042605-947bfcf176dd
 	github.com/vmware/load-balancer-and-ingress-services-for-kubernetes v0.0.0-20231012053946-537d99c1eba2
-	go.uber.org/zap v1.27.0
 	gopkg.in/yaml.v3 v3.0.1
 	k8s.io/api v0.29.6
 	k8s.io/apiextensions-apiserver v0.29.6
 	k8s.io/apimachinery v0.29.6
 	k8s.io/client-go v0.29.6
+	k8s.io/component-base v0.29.6
 	k8s.io/klog/v2 v2.110.1
 	k8s.io/utils v0.0.0-20231127182322-b307cd553661
 	sigs.k8s.io/cluster-api v1.7.3
@@ -48,6 +49,7 @@ require (
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/uuid v1.4.0 // indirect
 	github.com/imdario/mergo v0.3.13 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
@@ -60,8 +62,9 @@ require (
 	github.com/prometheus/client_model v0.5.0 // indirect
 	github.com/prometheus/common v0.45.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
-	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/spf13/cobra v1.8.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
 	golang.org/x/net v0.24.0 // indirect
 	golang.org/x/oauth2 v0.18.0 // indirect
@@ -76,7 +79,6 @@ require (
 	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	k8s.io/cluster-bootstrap v0.29.3 // indirect
-	k8s.io/component-base v0.29.6 // indirect
 	k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect

go.sum

@@ -23,6 +23,7 @@ github.com/coredns/caddy v1.1.0 h1:ezvsPrT/tA/7pYDBZxu0cT0VmWk75AfIaf6GSYCNMf0=
 github.com/coredns/caddy v1.1.0/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4=
 github.com/coredns/corefile-migration v1.0.21 h1:W/DCETrHDiFo0Wj03EyMkaQ9fwsmSgqTCQDHpceaSsE=
 github.com/coredns/corefile-migration v1.0.21/go.mod h1:XnhgULOEouimnzgn0t4WPuFDN2/PJQcTxdWKC5eXNGE=
+github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -96,6 +97,8 @@ github.com/huandu/xstrings v1.3.3 h1:/Gcsuc1x8JVbJ9/rlye4xZnVAbEkGauT8lbebqcQws4
 github.com/huandu/xstrings v1.3.3/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
 github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
 github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
 github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
@@ -155,12 +158,15 @@ github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k
 github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
+github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/satori/go.uuid v1.2.0 h1:0uYX9dsZ2yD7q2RtLRtPSdGDWzjeM3TbMJP9utgA0ww=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8=
 github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
 github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0=
 github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
+github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
+github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU=