Protect Metal3Data and Metal3DataClaim with Finalizers

Signed-off-by: Lennart Jern <[email protected]> Co-authored-by: Max Rantil <[email protected]>
metal3-io · May 20, 2024 · fe486bb · fe486bb
1 parent 96c0814
commit fe486bb
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 14 deletions.
diff --git a/baremetal/metal3datatemplate_manager.go b/baremetal/metal3datatemplate_manager.go
@@ -18,7 +18,6 @@ package baremetal
 
 import (
 	"context"
-	"fmt"
 	"strconv"
 
 	"github.com/go-logr/logr"
@@ -306,16 +305,17 @@ func (m *DataTemplateManager) createData(ctx context.Context,
 	m.Log.Info("Index", "Claim", dataClaim.Name, "index", claimIndex)
 
 	// Create the Metal3Data object, with an Owner ref to the Metal3Machine
-	// (curOwnerRef) and to the Metal3DataTemplate
+	// (curOwnerRef) and to the Metal3DataTemplate. Also add a finalizer.
 	dataObject := &infrav1.Metal3Data{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       "Metal3Data",
 			APIVersion: infrav1.GroupVersion.String(),
 		},
 		ObjectMeta: metav1.ObjectMeta{
-			Name:      dataName,
-			Namespace: m.DataTemplate.Namespace,
-			Labels:    dataClaim.Labels,
+			Name:       dataName,
+			Namespace:  m.DataTemplate.Namespace,
+			Finalizers: []string{infrav1.DataClaimFinalizer},
+			Labels:     dataClaim.Labels,
 			OwnerReferences: []metav1.OwnerReference{
 				{
 					Controller: ptr.To(true),
@@ -374,18 +374,18 @@ func (m *DataTemplateManager) createData(ctx context.Context,
 	return indexes, nil
 }
 
-// DeleteDatas deletes old secrets.
+// deleteData deletes the Metal3DataClaim and marks the Metal3Data for deletion.
 func (m *DataTemplateManager) deleteData(ctx context.Context,
 	dataClaim *infrav1.Metal3DataClaim, indexes map[int]string,
 ) (map[int]string, error) {
-	var dataName string
-	m.Log.Info("Deleting Claim", "Metal3DataClaim", dataClaim.Name)
+	m.Log.Info("Deleting Metal3DataClaim", "Metal3DataClaim", dataClaim.Name)
 
 	dataClaimIndex, ok := m.DataTemplate.Status.Indexes[dataClaim.Name]
 	if ok {
 		// Try to get the Metal3Data. if it succeeds, delete it
 		tmpM3Data := &infrav1.Metal3Data{}
 
+		var dataName string
 		if m.DataTemplate.Spec.TemplateReference != "" {
 			dataName = m.DataTemplate.Spec.TemplateReference + "-" + strconv.Itoa(dataClaimIndex)
 		} else {
@@ -401,26 +401,36 @@ func (m *DataTemplateManager) deleteData(ctx context.Context,
 			dataClaim.Status.ErrorMessage = ptr.To("Failed to get associated Metal3Data object")
 			return indexes, err
 		} else if err == nil {
-			// Delete the secret with metadata
-			fmt.Println(tmpM3Data.Name)
-			err = m.client.Delete(ctx, tmpM3Data)
+			// Remove the finalizer
+			tmpM3Data.Finalizers = Filter(tmpM3Data.Finalizers,
+				infrav1.DataClaimFinalizer,
+			)
+			err = updateObject(ctx, m.client, tmpM3Data)
+			if err != nil && !apierrors.IsNotFound(err) {
+				m.Log.Info("Unable to remove finalizer from Metal3Data", "Metal3Data", tmpM3Data.Name)
+				return indexes, err
+			}
+			// Delete the Metal3Data
+			err = deleteObject(ctx, m.client, tmpM3Data)
 			if err != nil && !apierrors.IsNotFound(err) {
 				dataClaim.Status.ErrorMessage = ptr.To("Failed to delete associated Metal3Data object")
 				return indexes, err
 			}
+			m.Log.Info("Deleted Metal3Data", "Metal3Data", tmpM3Data.Name)
 		}
 	}
+
 	dataClaim.Status.RenderedData = nil
 	dataClaim.Finalizers = Filter(dataClaim.Finalizers,
 		infrav1.DataClaimFinalizer,
 	)
 
-	m.Log.Info("Deleted Claim", "Metal3DataClaim", dataClaim.Name)
-
 	if ok {
 		delete(m.DataTemplate.Status.Indexes, dataClaim.Name)
 		delete(indexes, dataClaimIndex)
 	}
+
+	m.Log.Info("Deleted Metal3DataClaim", "Metal3DataClaim", dataClaim.Name)
 	m.updateStatusTimestamp()
 	return indexes, nil
 }
diff --git a/baremetal/metal3machine_manager.go b/baremetal/metal3machine_manager.go
@@ -1523,6 +1523,9 @@ func (m *MachineManager) AssociateM3Metadata(ctx context.Context) error {
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      m.Metal3Machine.Name,
 			Namespace: m.Metal3Machine.Namespace,
+			Finalizers: []string{
+				infrav1.MachineFinalizer,
+			},
 			OwnerReferences: []metav1.OwnerReference{
 				{
 					APIVersion: m.Metal3Machine.APIVersion,
@@ -1652,6 +1655,15 @@ func (m *MachineManager) DissociateM3Metadata(ctx context.Context) error {
 		return nil
 	}
 
+	metal3DataClaim.Finalizers = Filter(metal3DataClaim.Finalizers,
+		infrav1.MachineFinalizer,
+	)
+	err = updateObject(ctx, m.client, metal3DataClaim)
+	if err != nil && !apierrors.IsNotFound(err) {
+		m.Log.Info("Unable to remove finalizers from Metal3DataClaim", "Metal3DataClaim", metal3DataClaim.Name)
+		return err
+	}
+
 	return deleteObject(ctx, m.client, metal3DataClaim)
 }
 

diff --git a/baremetal/utils.go b/baremetal/utils.go
@@ -40,7 +40,7 @@ const (
 	metal3SecretType corev1.SecretType = "infrastructure.cluster.x-k8s.io/secret"
 )
 
-// Filter filters a list for a string.
+// Filter filters out occurrences of strToFilter from list and returns the new list.
 func Filter(list []string, strToFilter string) (newList []string) {
 	for _, item := range list {
 		if item != strToFilter {