Merge pull request #29 from menglingwei/bugfix/query-resourcegroup-by…

…-name

Bug 2037209: [Alibaba] refactor for getResourceGroup ID from name

go.mod

@@ -3,7 +3,7 @@ module github.com/openshift/cluster-api-provider-alibaba
 go 1.17
 
 require (
-	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1449
+	github.com/aliyun/alibaba-cloud-sdk-go v1.61.1458
 	github.com/blang/semver v3.5.1+incompatible
 	github.com/go-logr/logr v1.2.2
 	github.com/golang/mock v1.6.0

go.sum

@@ -79,8 +79,8 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
-github.com/aliyun/alibaba-cloud-sdk-go v1.61.1449 h1:STduQCvl8GA4BiCD1eVSA7ctbHQZP1XyR5ueSNQMkik=
-github.com/aliyun/alibaba-cloud-sdk-go v1.61.1449/go.mod h1:RcDobYh8k5VP6TNybz9m++gL3ijVI5wueVr0EM10VsU=
+github.com/aliyun/alibaba-cloud-sdk-go v1.61.1458 h1:pMdm+s6k9yeAYJNqgZIpZcDBuh2SNR3Q137G9rpxDZc=
+github.com/aliyun/alibaba-cloud-sdk-go v1.61.1458/go.mod h1:RcDobYh8k5VP6TNybz9m++gL3ijVI5wueVr0EM10VsU=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
 github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
 github.com/antlr/antlr4/runtime/Go/antlr v0.0.0-20210826220005-b48c857c3a0e/go.mod h1:F7bn7fEU90QkQ3tnmaTx3LTKLEDqnwWODIYppRQ5hnY=

pkg/actuators/machine/instances.go

@@ -25,6 +25,8 @@ import (
 	"strings"
 	"time"
 
+	"github.com/aliyun/alibaba-cloud-sdk-go/services/resourcemanager"
+
 	"github.com/aliyun/alibaba-cloud-sdk-go/services/vpc"
 
 	"k8s.io/klog"
@@ -44,17 +46,6 @@ const (
 	// EcsImageStatusAvailable Image status
 	EcsImageStatusAvailable = "Available"
 
-	// MaxInstanceOfSecurityGroupTypeNormal A basic security group can contain a maximum of 2,000 instances.
-	MaxInstanceOfSecurityGroupTypeNormal = 2000
-
-	// MaxInstanceOfSecurityGroupTypeEnterprise An advanced security group can contain a maximum of 65,536 instances.
-	MaxInstanceOfSecurityGroupTypeEnterprise = 65536
-
-	// SecurityGroupTypeNormal SecurityGroup type normal
-	SecurityGroupTypeNormal = "normal"
-	// SecurityGroupTypeEnterprise SecurityGroup type enterprise
-	SecurityGroupTypeEnterprise = "enterprise"
-
 	// InstanceDefaultTimeout default timeout
 	InstanceDefaultTimeout = 900
 	// DefaultWaitForInterval default interval
@@ -115,7 +106,7 @@ func runInstances(machine *machinev1beta1.Machine, machineProviderConfig *machin
 	runInstancesRequest.RegionId = machineProviderConfig.RegionID
 
 	// ResourceGroupID
-	if groupId, err := getResourceGroupId(machineProviderConfig); err != nil {
+	if groupId, err := getResourceGroupId(machineKey, machineProviderConfig, client); err != nil {
 		klog.Errorf("Unable to determine resource group ID for machine %q, err %q", machine.Name, err)
 		return nil, mapierrors.InvalidMachineConfiguration("Unable to determine resource group ID for machine: %q", machine.Name)
 	} else {
@@ -399,7 +390,7 @@ func getSecurityGroupIDByTags(machine runtimeclient.ObjectKey, machineProviderCo
 	}
 	request := ecs.CreateDescribeSecurityGroupsRequest()
 	request.VpcId = machineProviderConfig.VpcID
-	if groupId, err := getResourceGroupId(machineProviderConfig); err != nil {
+	if groupId, err := getResourceGroupId(machine, machineProviderConfig, client); err != nil {
 		klog.Errorf("Unable to determine resource group ID for machine %q, err %q", machine.Name, err)
 		return nil, mapierrors.InvalidMachineConfiguration("Unable to determine resource group ID for machine: %q", machine.Name)
 	} else {
@@ -430,17 +421,6 @@ func getSecurityGroupIDByTags(machine runtimeclient.ObjectKey, machineProviderCo
 	return securityGroupIDs, nil
 }
 
-func getMaxInstancesBySecurityGroupType(securityGroupType string) int {
-	switch securityGroupType {
-	case SecurityGroupTypeNormal:
-		return MaxInstanceOfSecurityGroupTypeNormal
-	case SecurityGroupTypeEnterprise:
-		return MaxInstanceOfSecurityGroupTypeEnterprise
-	default:
-		return MaxInstanceOfSecurityGroupTypeNormal
-	}
-}
-
 func buildDescribeSecurityGroupsTag(tags []machinev1.Tag) *[]ecs.DescribeSecurityGroupsTag {
 	describeSecurityGroupsTag := make([]ecs.DescribeSecurityGroupsTag, len(tags))
 
@@ -824,16 +804,44 @@ func correctExistingTags(machine *machinev1beta1.Machine, regionID string, insta
 // resource group id if available, or determine the group id by using the search tags.
 // An error will be returned if no group id can be found, or if multiple groups are
 // found from the search tags.
-func getResourceGroupId(machineProviderConfig *machinev1.AlibabaCloudMachineProviderConfig) (string, error) {
+func getResourceGroupId(machine runtimeclient.ObjectKey, machineProviderConfig *machinev1.AlibabaCloudMachineProviderConfig, client alibabacloudClient.Client) (string, error) {
 	switch machineProviderConfig.ResourceGroup.Type {
 	case machinev1.AlibabaResourceReferenceTypeID:
 		if machineProviderConfig.ResourceGroup.ID != nil && *machineProviderConfig.ResourceGroup.ID != "" {
 			return *machineProviderConfig.ResourceGroup.ID, nil
 		} else {
 			return "", mapierrors.InvalidMachineConfiguration("No resource group ID provided")
 		}
-		// TODO add name search lookup case here
+	case machinev1.AlibabaResourceReferenceTypeName:
+		return getResourceGroupIdFromName(machine, machineProviderConfig, client)
 	default:
 		return "", mapierrors.InvalidMachineConfiguration("unknown resource group reference type: %s", machineProviderConfig.ResourceGroup.Type)
 	}
 }
+
+func getResourceGroupIdFromName(machine runtimeclient.ObjectKey, machineProviderConfig *machinev1.AlibabaCloudMachineProviderConfig, client alibabacloudClient.Client) (string, error) {
+	if machineProviderConfig.ResourceGroup.Name == nil || *machineProviderConfig.ResourceGroup.Name == "" {
+		return "", mapierrors.InvalidMachineConfiguration("No name provided for resource Group ID search for machine: %q", machine.Name)
+	}
+	request := resourcemanager.CreateListResourceGroupsRequest()
+	request.Name = *machineProviderConfig.ResourceGroup.Name
+	request.RegionId = machineProviderConfig.RegionID
+	request.Scheme = "https"
+
+	response, err := client.ListResourceGroups(request)
+	if err != nil {
+		metrics.RegisterFailedInstanceCreate(&metrics.MachineLabels{
+			Name:      machine.Name,
+			Namespace: machine.Namespace,
+			Reason:    err.Error(),
+		})
+		klog.Errorf("error list resourcegroups: %v", err)
+		return "", fmt.Errorf("error list resourcegroups: %v", err)
+	}
+	if len(response.ResourceGroups.ResourceGroup) < 1 {
+		klog.Errorf("no resourcegroups for given name  found")
+		return "", fmt.Errorf("no resourcegroups for given name  found")
+	}
+
+	return response.ResourceGroups.ResourceGroup[0].Id, nil
+}

pkg/client/client.go

@@ -14,6 +14,7 @@ import (
 	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth"
 	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials/provider"
 	"github.com/aliyun/alibaba-cloud-sdk-go/services/ecs"
+	"github.com/aliyun/alibaba-cloud-sdk-go/services/resourcemanager"
 	"github.com/aliyun/alibaba-cloud-sdk-go/services/slb"
 	"github.com/aliyun/alibaba-cloud-sdk-go/services/vpc"
 	"github.com/openshift/cluster-api-provider-alibaba/pkg/version"
@@ -34,19 +35,10 @@ var machineProviderUserAgent = fmt.Sprintf("openshift.io cluster-api-provider-al
 var mutex sync.Mutex
 
 const (
-	kubeAccessKeyID           = "access_key_id"
-	kubeAccessKeySecret       = "access_key_secret"
 	kubeCredentialCredentials = "credentials"
-	kubeAccessKeyStsToken     = "accessKeyStsToken"
-	kubeRoleArn               = "roleArn"
-	kubeRoleSessionName       = "roleSessionName"
-	kubeRoleSessionExpiration = "roleSessionExpiration"
-	kubeRoleName              = "roleName"
 
 	// KubeCloudConfigNamespace is the namespace where the kube cloud config ConfigMap is located
 	KubeCloudConfigNamespace = "openshift-config-managed"
-
-	kubeCloudConfigName = "kube-cloud-config"
 )
 
 // Client is a wrapper object for actual alibabacloud SDK clients to allow for easier testing.
@@ -170,12 +162,16 @@ type Client interface {
 	DeleteVServerGroup(*slb.DeleteVServerGroupRequest) (*slb.DeleteVServerGroupResponse, error)
 	DescribeVServerGroups(*slb.DescribeVServerGroupsRequest) (*slb.DescribeVServerGroupsResponse, error)
 	DescribeVServerGroupAttribute(*slb.DescribeVServerGroupAttributeRequest) (*slb.DescribeVServerGroupAttributeResponse, error)
+
+	// ResourceGroups
+	ListResourceGroups(*resourcemanager.ListResourceGroupsRequest) (*resourcemanager.ListResourceGroupsResponse, error)
 }
 
 type alibabacloudClient struct {
 	ecsClient *ecs.Client
 	vpcClient *vpc.Client
 	slbClient *slb.Client
+	rmClient  *resourcemanager.Client
 }
 
 func (client *alibabacloudClient) RunInstances(request *ecs.RunInstancesRequest) (*ecs.RunInstancesResponse, error) {
@@ -574,6 +570,10 @@ func (client *alibabacloudClient) DescribeVServerGroupAttribute(request *slb.Des
 	return client.slbClient.DescribeVServerGroupAttribute(request)
 }
 
+func (client *alibabacloudClient) ListResourceGroups(request *resourcemanager.ListResourceGroupsRequest) (*resourcemanager.ListResourceGroupsResponse, error) {
+	return client.rmClient.ListResourceGroups(request)
+}
+
 // NewClient creates our client wrapper object for the actual alibabacloud clients we use.
 func NewClient(ctrlRuntimeClient client.Client, secretName, namespace, regionID string, configManagedClient client.Client) (Client, error) {
 	credential, err := getCredentialFromSecret(ctrlRuntimeClient, secretName, namespace, configManagedClient)
@@ -606,10 +606,18 @@ func NewClient(ctrlRuntimeClient client.Client, secretName, namespace, regionID
 		return nil, err
 	}
 
+	//init rmClient
+	rmClient, err := resourcemanager.NewClientWithOptions(regionID, sdkConfig, credential)
+	if err != nil {
+		klog.Errorf("failed to init resourcemanager client %v", err)
+		return nil, err
+	}
+
 	return &alibabacloudClient{
 		ecsClient: ecsClient,
 		vpcClient: vpcClient,
 		slbClient: slbClient,
+		rmClient:  rmClient,
 	}, nil
 }