Cherry-pick PR #354, #355, #360, and #398 to release-v1.2 (#418)

* fix: improve error handling for Prism Client (#354)

* fix: use wrapper errors to clearly denote issues in client building

* fix: adds a function to properly sanitize the address

* fix: adds tests for ip address case given

* fix: uses a defined type for port error

* fix: clean up variable naming

* fix: remove validation here to be moved into prism-client

* refactor: task status file (#355)

* test: add unit tests for pkg/client/state

* refactor: use wait.Poll function waiting for task state

* refactor: use consistent task status names

* fixup! test: add unit tests for pkg/client/state

* fix: revert to previous behaviod polling forever

The ctx passed into WaitForTaskToSucceed is only used to cancel HTTP reqests and not to cancel the wait.

* chore: add license headers

* fix: better function name

* refactor: client.go file helper methods (#360)

* refactor: client.go file helper methods

Refactored the existing methods and functions to be unit testable.
Also made some methods that do not use the struct as generic functions.
The changes were primarily an effort to add unit test coverage.

* refactor: more testable read file function

* test: new nutanixcluster types unit tests

* test: additional test cases for errors

* fixup! refactor: client.go file helper methods

* fixup! refactor: client.go file helper methods

* fixup! refactor: more testable read file function

* fixup! refactor: client.go file helper methods

* Switch Nutanix Client to using Session Auth (#398)

This will ensure we make fewer basic auth requests to Prism Central
IAM Services.

---------

Co-authored-by: Faiq <faiq.raza@nutanix.com>
Co-authored-by: Dimitri Koshkin <dimitri.koshkin@nutanix.com>

api/v1beta1/nutanixcluster_types.go

@@ -17,6 +17,8 @@ limitations under the License.
 package v1beta1
 
 import (
+	"fmt"
+
 	credentialTypes "github.com/nutanix-cloud-native/prism-go-client/environment/credentials"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	capiv1 "sigs.k8s.io/cluster-api/api/v1beta1"
@@ -75,12 +77,12 @@ type NutanixClusterStatus struct {
 	FailureMessage *string `json:"failureMessage,omitempty"`
 }
 
-//+kubebuilder:object:root=true
-//+kubebuilder:resource:path=nutanixclusters,shortName=ncl,scope=Namespaced,categories=cluster-api
-//+kubebuilder:subresource:status
-//+kubebuilder:storageversion
-//+kubebuilder:printcolumn:name="ControlplaneEndpoint",type="string",JSONPath=".spec.controlPlaneEndpoint.host",description="ControlplaneEndpoint"
-//+kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.ready",description="in ready status"
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:path=nutanixclusters,shortName=ncl,scope=Namespaced,categories=cluster-api
+// +kubebuilder:subresource:status
+// +kubebuilder:storageversion
+// +kubebuilder:printcolumn:name="ControlplaneEndpoint",type="string",JSONPath=".spec.controlPlaneEndpoint.host",description="ControlplaneEndpoint"
+// +kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.ready",description="in ready status"
 
 // NutanixCluster is the Schema for the nutanixclusters API
 type NutanixCluster struct {
@@ -101,7 +103,22 @@ func (ncl *NutanixCluster) SetConditions(conditions capiv1.Conditions) {
 	ncl.Status.Conditions = conditions
 }
 
-//+kubebuilder:object:root=true
+func (ncl *NutanixCluster) GetPrismCentralCredentialRef() (*credentialTypes.NutanixCredentialReference, error) {
+	prismCentralInfo := ncl.Spec.PrismCentral
+	if prismCentralInfo == nil {
+		return nil, nil
+	}
+	if prismCentralInfo.CredentialRef == nil {
+		return nil, fmt.Errorf("credentialRef must be set on prismCentral attribute for cluster %s in namespace %s", ncl.Name, ncl.Namespace)
+	}
+	if prismCentralInfo.CredentialRef.Kind != credentialTypes.SecretKind {
+		return nil, nil
+	}
+
+	return prismCentralInfo.CredentialRef, nil
+}
+
+// +kubebuilder:object:root=true
 
 // NutanixClusterList contains a list of NutanixCluster
 type NutanixClusterList struct {

api/v1beta1/nutanixcluster_types_test.go

@@ -0,0 +1,114 @@
+/*
+Copyright 2024 Nutanix
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+	"github.com/nutanix-cloud-native/prism-go-client/environment/credentials"
+)
+
+func TestGetCredentialRefForCluster(t *testing.T) {
+	t.Parallel()
+	tests := []struct {
+		name                   string
+		nutanixCluster         *NutanixCluster
+		expectedCredentialsRef *credentials.NutanixCredentialReference
+		expectedErr            error
+	}{
+		{
+			name: "all info is set",
+			nutanixCluster: &NutanixCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test",
+					Namespace: corev1.NamespaceDefault,
+				},
+				Spec: NutanixClusterSpec{
+					PrismCentral: &credentials.NutanixPrismEndpoint{
+						Address: "address",
+						Port:    9440,
+						CredentialRef: &credentials.NutanixCredentialReference{
+							Kind:      credentials.SecretKind,
+							Name:      "creds",
+							Namespace: corev1.NamespaceDefault,
+						},
+					},
+				},
+			},
+			expectedCredentialsRef: &credentials.NutanixCredentialReference{
+				Kind:      credentials.SecretKind,
+				Name:      "creds",
+				Namespace: corev1.NamespaceDefault,
+			},
+		},
+		{
+			name: "prismCentralInfo is nil, should not fail",
+			nutanixCluster: &NutanixCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test",
+					Namespace: corev1.NamespaceDefault,
+				},
+				Spec: NutanixClusterSpec{},
+			},
+		},
+		{
+			name: "CredentialRef kind is not kind Secret, should not fail",
+			nutanixCluster: &NutanixCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test",
+					Namespace: corev1.NamespaceDefault,
+				},
+				Spec: NutanixClusterSpec{
+					PrismCentral: &credentials.NutanixPrismEndpoint{
+						CredentialRef: &credentials.NutanixCredentialReference{
+							Kind: "unknown",
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "prismCentralInfo is not nil but CredentialRef is nil, should fail",
+			nutanixCluster: &NutanixCluster{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      "test",
+					Namespace: corev1.NamespaceDefault,
+				},
+				Spec: NutanixClusterSpec{
+					PrismCentral: &credentials.NutanixPrismEndpoint{
+						Address: "address",
+					},
+				},
+			},
+			expectedErr: fmt.Errorf("credentialRef must be set on prismCentral attribute for cluster test in namespace default"),
+		},
+	}
+	for _, tt := range tests {
+		tt := tt // Capture range variable.
+		t.Run(tt.name, func(t *testing.T) {
+			t.Parallel()
+			ref, err := tt.nutanixCluster.GetPrismCentralCredentialRef()
+			assert.Equal(t, tt.expectedCredentialsRef, ref)
+			assert.Equal(t, tt.expectedErr, err)
+		})
+	}
+}

controllers/helpers.go

@@ -23,13 +23,14 @@ import (
 	"strings"
 
 	"github.com/google/uuid"
-	infrav1 "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/api/v1beta1"
-	nutanixClientHelper "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/pkg/client"
 	"github.com/nutanix-cloud-native/prism-go-client/utils"
 	nutanixClientV3 "github.com/nutanix-cloud-native/prism-go-client/v3"
 	"k8s.io/apimachinery/pkg/api/resource"
 	coreinformers "k8s.io/client-go/informers/core/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
+
+	infrav1 "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/api/v1beta1"
+	nutanixClient "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/pkg/client"
 )
 
 const (
@@ -47,12 +48,8 @@ const (
 func CreateNutanixClient(ctx context.Context, secretInformer coreinformers.SecretInformer, cmInformer coreinformers.ConfigMapInformer, nutanixCluster *infrav1.NutanixCluster) (*nutanixClientV3.Client, error) {
 	log := ctrl.LoggerFrom(ctx)
 	log.V(1).Info("creating nutanix client")
-	helper, err := nutanixClientHelper.NewNutanixClientHelper(secretInformer, cmInformer)
-	if err != nil {
-		log.Error(err, "error creating nutanix client helper")
-		return nil, err
-	}
-	return helper.GetClientFromEnvironment(ctx, nutanixCluster)
+	helper := nutanixClient.NewHelper(secretInformer, cmInformer)
+	return helper.BuildClientForNutanixClusterWithFallback(ctx, nutanixCluster)
 }
 
 // DeleteVM deletes a VM and is invoked by the NutanixMachineReconciler
@@ -343,7 +340,7 @@ func GetImageUUID(ctx context.Context, client *nutanixClientV3.Client, imageName
 // HasTaskInProgress returns true if the given task is in progress
 func HasTaskInProgress(ctx context.Context, client *nutanixClientV3.Client, taskUUID string) (bool, error) {
 	log := ctrl.LoggerFrom(ctx)
-	taskStatus, err := nutanixClientHelper.GetTaskState(ctx, client, taskUUID)
+	taskStatus, err := nutanixClient.GetTaskStatus(ctx, client, taskUUID)
 	if err != nil {
 		return false, err
 	}

controllers/nutanixcluster_controller.go

@@ -21,6 +21,7 @@ import (
 	"fmt"
 	"time"
 
+	credentialTypes "github.com/nutanix-cloud-native/prism-go-client/environment/credentials"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -43,7 +44,6 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/source"
 
 	infrav1 "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/api/v1beta1"
-	nutanixClient "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/pkg/client"
 	nctx "github.com/nutanix-cloud-native/cluster-api-provider-nutanix/pkg/context"
 )
 
@@ -101,11 +101,11 @@ func (r *NutanixClusterReconciler) SetupWithManager(ctx context.Context, mgr ctr
 	return nil
 }
 
-//+kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;update;delete
-//+kubebuilder:rbac:groups=cluster.x-k8s.io,resources=clusters;clusters/status,verbs=get;list;watch
-//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=nutanixclusters,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=nutanixclusters/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=nutanixclusters/finalizers,verbs=update
+// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;update;delete
+// +kubebuilder:rbac:groups=cluster.x-k8s.io,resources=clusters;clusters/status,verbs=get;list;watch
+// +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=nutanixclusters,verbs=get;list;watch;create;update;patch;delete
+// +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=nutanixclusters/status,verbs=get;update;patch
+// +kubebuilder:rbac:groups=infrastructure.cluster.x-k8s.io,resources=nutanixclusters/finalizers,verbs=update
 
 // Reconcile is part of the main kubernetes reconciliation loop which aims to
 // move the current state of the cluster closer to the desired state.
@@ -306,7 +306,7 @@ func (r *NutanixClusterReconciler) reconcileCategoriesDelete(rctx *nctx.ClusterC
 
 func (r *NutanixClusterReconciler) reconcileCredentialRefDelete(ctx context.Context, nutanixCluster *infrav1.NutanixCluster) error {
 	log := ctrl.LoggerFrom(ctx)
-	credentialRef, err := nutanixClient.GetCredentialRefForCluster(nutanixCluster)
+	credentialRef, err := getPrismCentralCredentialRefForCluster(nutanixCluster)
 	if err != nil {
 		return err
 	}
@@ -345,7 +345,7 @@ func (r *NutanixClusterReconciler) reconcileCredentialRefDelete(ctx context.Cont
 
 func (r *NutanixClusterReconciler) reconcileCredentialRef(ctx context.Context, nutanixCluster *infrav1.NutanixCluster) error {
 	log := ctrl.LoggerFrom(ctx)
-	credentialRef, err := nutanixClient.GetCredentialRefForCluster(nutanixCluster)
+	credentialRef, err := getPrismCentralCredentialRefForCluster(nutanixCluster)
 	if err != nil {
 		return err
 	}
@@ -386,3 +386,12 @@ func (r *NutanixClusterReconciler) reconcileCredentialRef(ctx context.Context, n
 	}
 	return nil
 }
+
+// getPrismCentralCredentialRefForCluster calls nutanixCluster.GetPrismCentralCredentialRef() function
+// and returns an error if nutanixCluster is nil
+func getPrismCentralCredentialRefForCluster(nutanixCluster *infrav1.NutanixCluster) (*credentialTypes.NutanixCredentialReference, error) {
+	if nutanixCluster == nil {
+		return nil, fmt.Errorf("cannot get credential reference if nutanix cluster object is nil")
+	}
+	return nutanixCluster.GetPrismCentralCredentialRef()
+}

controllers/nutanixmachine_controller.go

@@ -740,7 +740,7 @@ func (r *NutanixMachineReconciler) getOrCreateVM(rctx *nctx.MachineContext) (*nu
 		return nil, errorMsg
 	}
 	log.Info(fmt.Sprintf("Waiting for task %s to get completed for VM %s", lastTaskUUID, rctx.NutanixMachine.Name))
-	err = nutanixClient.WaitForTaskCompletion(ctx, nc, lastTaskUUID)
+	err = nutanixClient.WaitForTaskToSucceed(ctx, nc, lastTaskUUID)
 	if err != nil {
 		errorMsg := fmt.Errorf("error occurred while waiting for task %s to start: %v", lastTaskUUID, err)
 		rctx.SetFailureStatus(capierrors.CreateMachineError, errorMsg)