Refactor to move tenant related logic into tennacy package

Author: cemakd

pkg/gce-cloud-provider/compute/gce.go

@@ -29,7 +29,6 @@ import (
 	"golang.org/x/time/rate"
 	"google.golang.org/api/option"
 	"gopkg.in/gcfg.v1"
-	"k8s.io/client-go/tools/cache"
 	"sigs.k8s.io/gcp-compute-persistent-disk-csi-driver/pkg/common"
 	"sigs.k8s.io/gcp-compute-persistent-disk-csi-driver/pkg/gce-cloud-provider/compute/tenancy"
 
@@ -38,6 +37,7 @@ import (
 	"golang.org/x/oauth2"
 	computebeta "google.golang.org/api/compute/v0.beta"
 	"google.golang.org/api/compute/v1"
+	computev1 "google.golang.org/api/compute/v1"
 	"google.golang.org/api/googleapi"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/klog/v2"
@@ -156,6 +156,13 @@ func CreateCloudProvider(ctx context.Context, vendorVersion string, configPath s
 		return nil, err
 	}
 
+	// token, err := tokenSource.Token()
+	// if err != nil {
+	// 	klog.Errorf("error getting initial token.: %v", err)
+	// } else {
+	// 	klog.Infof("test token success: %+v", token)
+	// }
+
 	svc, err := createCloudService(ctx, vendorVersion, tokenSource, computeEndpoint, computeEnvironment)
 	if err != nil {
 		return nil, err
@@ -184,65 +191,55 @@ func CreateCloudProvider(ctx context.Context, vendorVersion string, configPath s
 		listInstancesConfig: listInstancesConfig,
 		// GCP has a rate limit of 600 requests per minute, restricting
 		// here to 8 requests per second.
-		tagsRateLimiter: common.NewLimiter(gcpTagsRequestRateLimit, gcpTagsRequestTokenBucketSize, true),
+		tagsRateLimiter:  common.NewLimiter(gcpTagsRequestRateLimit, gcpTagsRequestTokenBucketSize, true),
+		tenantServiceMap: make(map[string]*compute.Service),
 	}
 
 	if multiTenancyEnabled {
 		klog.Info("Setting up multitenancy")
-		// Setup informant for tenant CR to automatically create tenant specific clients with tenant identities
 		ti, err := tenancy.NewTenantsInformer(multiTenancyEnabled)
 		if err != nil {
 			return nil, fmt.Errorf("failed initializing tenant informer: %w", err)
 		}
 		cp.TenantInformer = ti
-		cp.tenantServiceMap = map[string]*compute.Service{}
-		cp.TenantInformer.AddEventHandler(cache.ResourceEventHandlerFuncs{
-			AddFunc: func(obj any) {
-				// Handle tenant creation
-				klog.Infof("Tenant %s created", obj)
-
-				tenantMeta, err := tenancy.GetMetadataFromTenantCR(obj)
-				if err != nil {
-					klog.Errorf("error while extracting tenant metadata: %v", err)
-				}
-
-				tenantServiceMutex.Lock()
-				defer tenantServiceMutex.Unlock()
-
-				if _, ok := cp.tenantServiceMap[tenantMeta.ProjectNumber]; ok {
-					klog.Infof("Tenant GCE client already exists, skipping GCE client instantiation for tenant(%s) with project number(%s)", tenantMeta.TenantName, tenantMeta.ProjectNumber)
-					return
-				}
-
-				region, err := common.GetRegionFromZones([]string{zone})
-				if err != nil {
-					klog.Errorf("error getting region from zone(%s): %v", zone, err)
-					return
-				}
-				tokenSource, err := NewTenantTokenSource(tenantMeta, region, configFile.Global.TokenURL, configFile.Global.TokenBody)
-				if err != nil {
-					klog.Errorf("error during tenant token generation: %v", err.Error())
-				}
-
-				svc, err := createCloudService(ctx, vendorVersion, tokenSource, computeEndpoint, computeEnvironment)
-				if err != nil {
-					klog.Errorf("error while creating compute service with tenant identity: %v", err)
-					return
-				}
-				cp.tenantServiceMap[tenantMeta.ProjectNumber] = svc
-			},
-			UpdateFunc: func(oldObj, newObj any) {},
-			DeleteFunc: func(obj any) {
-				klog.Infof("Tenant %s deleted", obj)
-				tenantMeta, err := tenancy.GetMetadataFromTenantCR(obj)
-				if err != nil {
-					klog.Errorf("error while extracting teantn metadata: %v", err)
-				}
-				tenantServiceMutex.Lock()
-				defer tenantServiceMutex.Unlock()
-				delete(cp.tenantServiceMap, tenantMeta.ProjectNumber)
-			},
-		})
+		addTenantCallback := func(tenantMeta *tenancy.Metadata, projectZone string) (*computev1.Service, error) {
+			klog.Infof("Executing AddFunc callback for tenant: %s (Project: %s)", tenantMeta.TenantName, tenantMeta.ProjectNumber)
+
+			region, err := common.GetRegionFromZones([]string{zone})
+			if err != nil {
+				klog.Errorf("Error getting region from zone(%s) for tenant %s: %v", zone, tenantMeta.TenantName, err)
+				return nil, fmt.Errorf("error getting region from zone(%s): %w", zone, err)
+			}
+
+			tenantTokenSource, err := NewTenantTokenSource(tenantMeta, region, configFile.Global.TokenURL, configFile.Global.TokenBody)
+			if err != nil {
+				klog.Errorf("Error during tenant token source generation for %s: %v", tenantMeta.TenantName, err.Error())
+				return nil, fmt.Errorf("error during tenant token source generation: %w", err)
+			}
+
+			tenantComputeService, err := createCloudService(ctx, vendorVersion, tenantTokenSource, computeEndpoint, computeEnvironment)
+			if err != nil {
+				klog.Errorf("Error while creating compute service with tenant identity for %s: %v", tenantMeta.TenantName, err)
+				return nil, fmt.Errorf("error while creating compute service with tenant identity: %w", err)
+			}
+			klog.Infof("Successfully created compute service for tenant %s (Project: %s)", tenantMeta.TenantName, tenantMeta.ProjectNumber)
+			return tenantComputeService, nil
+		}
+
+		lifecycleHandler := tenancy.TenantLifecycleHandler{
+			AddFunc: addTenantCallback,
+		}
+
+		err = tenancy.RegisterTenantEventHandlers(
+			cp.TenantInformer,
+			lifecycleHandler,
+			zone,
+			cp.tenantServiceMap,
+			&tenantServiceMutex,
+		)
+		if err != nil {
+			return nil, fmt.Errorf("failed to register tenant event handlers: %w", err)
+		}
 	}
 
 	return cp, nil

pkg/gce-cloud-provider/compute/tenancy/informer.go

@@ -2,13 +2,16 @@ package tenancy
 
 import (
 	"fmt"
+	"sync"
 	"time"
 
+	computev1 "google.golang.org/api/compute/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/dynamic/dynamicinformer"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/cache"
+	"k8s.io/klog/v2"
 )
 
 // TenantsInformer is an interface that wraps a cache.SharedIndexInformer
@@ -19,6 +22,13 @@ type TenantsInformer interface {
 	HasSynced() bool
 }
 
+// TenantLifecycleHandler defines callbacks for tenant lifecycle events.
+// TenantMetadata should be the struct returned by GetMetadataFromTenantCR.
+type TenantLifecycleHandler struct {
+	AddFunc    func(tenantMeta *Metadata, zone string) (*computev1.Service, error)
+	DeleteFunc func(tenantMeta *Metadata)
+}
+
 // newDynamicClientForConfig creates a new dynamic client for the given
 // configuration.
 //
@@ -51,6 +61,67 @@ func NewTenantsInformer(isMultiTenantCluster bool) (TenantsInformer, error) {
 	return dynamicFactory.ForResource(gvr).Informer(), nil
 }
 
+func RegisterTenantEventHandlers(ti TenantsInformer, handler TenantLifecycleHandler, zone string, tenantServiceMap map[string]*computev1.Service, mutex *sync.Mutex) error {
+	if ti == nil {
+		return fmt.Errorf("TenantsInformer cannot be nil")
+	}
+
+	_, err := ti.AddEventHandler(cache.ResourceEventHandlerFuncs{
+		AddFunc: func(obj any) {
+			klog.Infof("Tenant CR created: %v", obj)
+			tenantMeta, err := GetMetadataFromTenantCR(obj)
+			if err != nil {
+				klog.Errorf("Error extracting tenant metadata from CR: %v", err)
+				return
+			}
+
+			mutex.Lock()
+			defer mutex.Unlock()
+			if _, ok := tenantServiceMap[tenantMeta.ProjectNumber]; ok {
+				klog.Infof("Tenant GCE client already exists for tenant project number %s, skipping GCE client instantiation.", tenantMeta.ProjectNumber)
+				mutex.Unlock()
+				return
+			}
+
+			svc, err := handler.AddFunc(&tenantMeta, zone)
+			if err != nil {
+				klog.Errorf("Error in AddFunc callback for tenant %s (project %s): %v", tenantMeta.TenantName, tenantMeta.ProjectNumber, err)
+				return
+			}
+
+			if svc != nil {
+				tenantServiceMap[tenantMeta.ProjectNumber] = svc
+				klog.Infof("Successfully processed AddFunc for tenant %s (project %s) and updated service map.", tenantMeta.TenantName, tenantMeta.ProjectNumber)
+			}
+		},
+		DeleteFunc: func(obj any) {
+			klog.Infof("Tenant CR deleted: %v", obj)
+			tenantMeta, err := GetMetadataFromTenantCR(obj)
+			if err != nil {
+				klog.Errorf("Error while extracting tenant metadata on delete: %v", err)
+				return
+			}
+
+			mutex.Lock()
+			defer mutex.Unlock()
+			if _, ok := tenantServiceMap[tenantMeta.ProjectNumber]; ok {
+				delete(tenantServiceMap, tenantMeta.ProjectNumber)
+				klog.Infof("Deleted GCE client for tenant project number %s from map.", tenantMeta.ProjectNumber)
+			} else {
+				klog.Warningf("Attempted to delete GCE client for tenant project %s, but it was not found in the map.", tenantMeta.ProjectNumber)
+			}
+
+			if handler.DeleteFunc != nil {
+				handler.DeleteFunc(&tenantMeta)
+			}
+		},
+	})
+	if err != nil {
+		return fmt.Errorf("failed to add event handler to tenant informer: %w", err)
+	}
+	return nil
+}
+
 // noopTenantsInformer is a TenantsInformer that does nothing and
 // always returns true for HasSynced.
 // This should only be used when GKE multi-tenancy is disabled or in tests.

pkg/gce-cloud-provider/compute/token_source.go

@@ -93,7 +93,7 @@ func NewAltTokenSource(tokenURL, tokenBody string) oauth2.TokenSource {
 	return oauth2.ReuseTokenSource(nil, a)
 }
 
-func NewTenantTokenSource(tenantMeta tenancy.Metadata, region, existingTokenURL, existingTokenBody string) (oauth2.TokenSource, error) {
+func NewTenantTokenSource(tenantMeta *tenancy.Metadata, region, existingTokenURL, existingTokenBody string) (oauth2.TokenSource, error) {
 	tenantTokenUrl, err := getTenantTokenURL(tenantMeta, existingTokenURL)
 	if err != nil {
 		return nil, err
@@ -105,7 +105,7 @@ func NewTenantTokenSource(tenantMeta tenancy.Metadata, region, existingTokenURL,
 	return NewAltTokenSource(tenantTokenUrl, tenantTokenBody), nil
 }
 
-func getTenantTokenURL(tenantMeta tenancy.Metadata, existingTokenURL string) (string, error) {
+func getTenantTokenURL(tenantMeta *tenancy.Metadata, existingTokenURL string) (string, error) {
 	location := extractLocationFromTokenURL(existingTokenURL)
 	if location == "" {
 		return "", fmt.Errorf("could not extract location from existing token URL: %s", existingTokenURL)
@@ -136,7 +136,7 @@ func extractLocationFromTokenURL(tokenURL string) string {
 	return ""
 }
 
-func getTenantTokenBody(tenantMeta tenancy.Metadata, existingTokenBody string) (string, error) {
+func getTenantTokenBody(tenantMeta *tenancy.Metadata, existingTokenBody string) (string, error) {
 	// Check if the token body is a quoted JSON string
 	// Quoted example: "{\"projectNumber\":12345,\"clusterId\":\"example-cluster\"}"
 	// Non-quoted example: {"projectNumber":12345,"clusterId":"example-cluster"}