implement the Schema CRD

Author: ThoSap

operator/src/main/java/it/aboutbits/postgresql/crd/database/DatabaseReconciler.java

@@ -31,7 +31,10 @@ public class DatabaseReconciler
     private final PostgreSQLContextFactory contextFactory;
 
     @Override
-    public UpdateControl<Database> reconcile(Database resource, Context<Database> context) {
+    public UpdateControl<Database> reconcile(
+            Database resource,
+            Context<Database> context
+    ) {
         var spec = resource.getSpec();
         var status = initializeStatus(resource);
 

operator/src/main/java/it/aboutbits/postgresql/crd/schema/Schema.java

@@ -0,0 +1,47 @@
+package it.aboutbits.postgresql.crd.schema;
+
+import io.fabric8.crd.generator.annotation.AdditionalPrinterColumn;
+import io.fabric8.kubernetes.api.model.Namespaced;
+import io.fabric8.kubernetes.client.CustomResource;
+import io.fabric8.kubernetes.model.annotation.Group;
+import io.fabric8.kubernetes.model.annotation.Version;
+import it.aboutbits.postgresql.core.CRStatus;
+import it.aboutbits.postgresql.core.Named;
+import org.jspecify.annotations.NullMarked;
+
+@NullMarked
+@Version("v1")
+@Group("postgresql.aboutbits.it")
+@AdditionalPrinterColumn(
+        name = "Name",
+        jsonPath = ".status.name",
+        type = AdditionalPrinterColumn.Type.STRING
+)
+@AdditionalPrinterColumn(
+        name = "Phase",
+        jsonPath = ".status.phase",
+        type = AdditionalPrinterColumn.Type.STRING
+)
+@AdditionalPrinterColumn(
+        name = "Message",
+        jsonPath = ".status.message",
+        type = AdditionalPrinterColumn.Type.STRING
+)
+@AdditionalPrinterColumn(
+        name = "Since",
+        jsonPath = ".status.lastPhaseTransitionTime",
+        type = AdditionalPrinterColumn.Type.DATE
+)
+@AdditionalPrinterColumn(
+        name = "Age",
+        jsonPath = ".metadata.creationTimestamp",
+        type = AdditionalPrinterColumn.Type.DATE
+)
+public class Schema
+        extends CustomResource<SchemaSpec, CRStatus>
+        implements Namespaced, Named {
+    @Override
+    public String getName() {
+        return getSpec().getName();
+    }
+}

operator/src/main/java/it/aboutbits/postgresql/crd/schema/SchemaReconciler.java

@@ -0,0 +1,230 @@
+package it.aboutbits.postgresql.crd.schema;
+
+import io.fabric8.kubernetes.client.KubernetesClient;
+import io.javaoperatorsdk.operator.api.reconciler.Cleaner;
+import io.javaoperatorsdk.operator.api.reconciler.Context;
+import io.javaoperatorsdk.operator.api.reconciler.DeleteControl;
+import io.javaoperatorsdk.operator.api.reconciler.Reconciler;
+import io.javaoperatorsdk.operator.api.reconciler.UpdateControl;
+import it.aboutbits.postgresql.core.BaseReconciler;
+import it.aboutbits.postgresql.core.CRPhase;
+import it.aboutbits.postgresql.core.CRStatus;
+import it.aboutbits.postgresql.core.PostgreSQLContextFactory;
+import it.aboutbits.postgresql.core.ReclaimPolicy;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.jooq.DSLContext;
+import org.jspecify.annotations.NullMarked;
+
+import java.util.Objects;
+import java.util.concurrent.TimeUnit;
+
+@NullMarked
+@Slf4j
+@RequiredArgsConstructor
+public class SchemaReconciler
+        extends BaseReconciler<Schema, CRStatus>
+        implements Reconciler<Schema>, Cleaner<Schema> {
+    private final SchemaService schemaService;
+
+    private final KubernetesClient kubernetesClient;
+    private final PostgreSQLContextFactory contextFactory;
+
+    @Override
+    public UpdateControl<Schema> reconcile(
+            Schema resource,
+            Context<Schema> context
+    ) {
+        var spec = resource.getSpec();
+        var status = initializeStatus(resource);
+
+        var name = resource.getMetadata().getName();
+        var namespace = resource.getMetadata().getNamespace();
+
+        log.info(
+                "Reconciling Schema [resource={}/{}, status.phase={}]",
+                namespace,
+                name,
+                status.getPhase()
+        );
+
+        var clusterRef = spec.getClusterRef();
+
+        var clusterConnectionOptional = getReferencedClusterConnection(
+                kubernetesClient,
+                resource,
+                clusterRef
+        );
+
+        if (clusterConnectionOptional.isEmpty()) {
+            status.setPhase(CRPhase.PENDING)
+                    .setMessage("The specified ClusterConnection does not exist or is not ready yet [resource=%s/%s]".formatted(
+                            getResourceNamespaceOrOwn(resource, clusterRef.getNamespace()),
+                            clusterRef.getName()
+                    ));
+
+            return UpdateControl.patchStatus(resource)
+                    .rescheduleAfter(60, TimeUnit.SECONDS);
+        }
+
+        var clusterConnection = clusterConnectionOptional.get();
+
+        UpdateControl<Schema> updateControl;
+
+        try (var dsl = contextFactory.getDSLContext(clusterConnection)) {
+            // Run everything in a single transaction
+            updateControl = dsl.transactionResult(
+                    cfg -> reconcileInTransaction(
+                            cfg.dsl(),
+                            resource,
+                            status
+                    )
+            );
+        } catch (Exception e) {
+            return handleError(
+                    resource,
+                    status,
+                    e
+            );
+        }
+
+        return updateControl;
+    }
+
+    @Override
+    public DeleteControl cleanup(
+            Schema resource,
+            Context<Schema> context
+    ) {
+        var spec = resource.getSpec();
+        var status = initializeStatus(resource);
+
+        var name = resource.getMetadata().getName();
+        var namespace = resource.getMetadata().getNamespace();
+
+        log.info(
+                "{}ing Schema [resource={}/{}, spec.name={}, status.phase={}]",
+                spec.getReclaimPolicy().toValue(),
+                namespace,
+                name,
+                spec.getName(),
+                status.getPhase()
+        );
+
+        if (status.getPhase() != CRPhase.DELETING) {
+            status.setPhase(CRPhase.DELETING);
+
+            if (spec.getReclaimPolicy() == ReclaimPolicy.DELETE) {
+                status.setMessage("Schema deletion in progress");
+            }
+        }
+
+        // We do not actually delete the schema if the reclaimPolicy is set to RETAIN, we only delete the CR instance
+        if (spec.getReclaimPolicy() == ReclaimPolicy.RETAIN) {
+            return DeleteControl.defaultDelete();
+        }
+
+        var clusterRef = spec.getClusterRef();
+
+        var clusterConnectionOptional = getReferencedClusterConnection(
+                kubernetesClient,
+                resource,
+                clusterRef
+        );
+
+        if (clusterConnectionOptional.isEmpty()) {
+            status.setMessage("The specified ClusterConnection no longer exists or is not ready yet [resource=%s/%s]".formatted(
+                    getResourceNamespaceOrOwn(resource, clusterRef.getNamespace()),
+                    clusterRef.getName()
+            ));
+
+            return DeleteControl.noFinalizerRemoval()
+                    .rescheduleAfter(60, TimeUnit.SECONDS);
+        }
+
+        var clusterConnection = clusterConnectionOptional.get();
+
+        try (var dsl = contextFactory.getDSLContext(clusterConnection)) {
+            schemaService.dropSchema(dsl, spec);
+
+            return DeleteControl.defaultDelete();
+        } catch (Exception e) {
+            log.error(
+                    "Failed to delete Schema [resource={}/{}, spec.name={}, status.phase={}]",
+                    namespace,
+                    name,
+                    spec.getName(),
+                    status.getPhase()
+            );
+
+            status.setMessage("Deletion failed: %s".formatted(e.getMessage()));
+
+            return DeleteControl.noFinalizerRemoval()
+                    .rescheduleAfter(60, TimeUnit.SECONDS);
+        }
+    }
+
+    @Override
+    protected CRStatus newStatus() {
+        return new CRStatus();
+    }
+
+    private UpdateControl<Schema> reconcileInTransaction(
+            DSLContext tx,
+            Schema resource,
+            CRStatus status
+    ) {
+        var name = resource.getMetadata().getName();
+        var namespace = resource.getMetadata().getNamespace();
+
+        var spec = resource.getSpec();
+
+        // Create and return the role if it doesn't exist yet
+        if (!schemaService.schemaExists(tx, spec)) {
+            log.info(
+                    "Creating Schema [resource={}/{}]",
+                    namespace,
+                    name
+            );
+
+            schemaService.createSchema(
+                    tx,
+                    spec
+            );
+
+            status.setPhase(CRPhase.READY)
+                    .setMessage(null);
+
+            return UpdateControl.patchStatus(resource);
+        }
+
+        var currentOwner = schemaService.fetchSchemaOwner(tx, spec);
+        var expectedOwner = spec.getOwner();
+
+        if (Objects.equals(currentOwner, expectedOwner)) {
+            log.info(
+                    "Schema up-to-date [resource={}/{}]",
+                    namespace,
+                    name
+            );
+
+            return UpdateControl.noUpdate();
+        }
+
+        log.info(
+                "Changing Schema owner [resource={}/{}]",
+                namespace,
+                name
+        );
+
+        schemaService.changeSchemaOwner(tx, spec);
+
+        status.setPhase(CRPhase.READY)
+                .setMessage("Schema owner changed [previousOwner=%s, newOwner=%s]".formatted(
+                        currentOwner,
+                        expectedOwner
+                ));
+
+        return UpdateControl.patchStatus(resource);
+    }
+}

operator/src/main/java/it/aboutbits/postgresql/crd/schema/SchemaService.java

@@ -0,0 +1,74 @@
+package it.aboutbits.postgresql.crd.schema;
+
+import it.aboutbits.postgresql.core.infrastructure.persistence.Routines;
+import jakarta.inject.Singleton;
+import org.jooq.DSLContext;
+import org.jspecify.annotations.NullMarked;
+
+import static it.aboutbits.postgresql.core.infrastructure.persistence.Tables.PG_NAMESPACE;
+import static org.jooq.impl.DSL.query;
+import static org.jooq.impl.DSL.quotedName;
+import static org.jooq.impl.DSL.role;
+import static org.jooq.impl.DSL.selectOne;
+
+@NullMarked
+@Singleton
+public class SchemaService {
+    public boolean schemaExists(
+            DSLContext tx,
+            SchemaSpec spec
+    ) {
+        return tx.fetchExists(selectOne()
+                .from(PG_NAMESPACE)
+                .where(PG_NAMESPACE.NSPNAME.eq(spec.getName()))
+        );
+    }
+
+    public void createSchema(
+            DSLContext dsl,
+            SchemaSpec spec
+    ) {
+        var name = quotedName(spec.getName());
+
+        dsl.createSchema(name).execute();
+
+        if (spec.getOwner() != null) {
+            changeSchemaOwner(dsl, spec);
+        }
+    }
+
+    public String fetchSchemaOwner(
+            DSLContext tx,
+            SchemaSpec spec
+    ) {
+        return tx
+                .select(Routines.pgGetUserbyid(
+                        PG_NAMESPACE.NSPOWNER
+                ))
+                .from(PG_NAMESPACE)
+                .where(PG_NAMESPACE.NSPNAME.eq(spec.getName()))
+                .fetchSingleInto(String.class);
+    }
+
+    public void changeSchemaOwner(
+            DSLContext tx,
+            SchemaSpec spec
+    ) {
+        var name = quotedName(spec.getName());
+
+        tx.execute(query(
+                "alter schema {0} owner to {1}",
+                name,
+                role(spec.getOwner())
+        ));
+    }
+
+    public void dropSchema(
+            DSLContext dsl,
+            SchemaSpec spec
+    ) {
+        dsl.dropSchemaIfExists(
+                quotedName(spec.getName())
+        ).execute();
+    }
+}