ceph: get the s3 user first instead of create

The Rados Gateway Admin OPS API has changed its behavior from Nautilus
to Pacific. Calling user create on an existing user wil generate
additional keys to the user on Nautilus. Where in Pacific it will report
an error with UserAlreadyExists.
So to handle both scenarios, let's first get the user, and if the user
does not exist (NoSuchUser) we then create it.

Signed-off-by: Sébastien Han <seb@redhat.com>

pkg/operator/ceph/object/bucket/rgw-handlers.go

@@ -49,9 +49,16 @@ func (p *Provisioner) createCephUser(username string) (accKey string, secKey str
 		DisplayName: p.cephUserName,
 	}
 
-	u, err := p.adminOpsClient.CreateUser(context.TODO(), userConfig)
+	var u admin.User
+	u, err = p.adminOpsClient.GetUser(context.TODO(), userConfig)
 	if err != nil {
-		return "", "", errors.Wrapf(err, "failed to create ceph user %q: %v", username, err)
+		if errors.Is(err, admin.ErrNoSuchUser) {
+			u, err = p.adminOpsClient.CreateUser(context.TODO(), userConfig)
+			if err != nil {
+				return "", "", errors.Wrapf(err, "failed to create from ceph object user %v", userConfig.ID)
+			}
+		}
+		return "", "", errors.Wrapf(err, "failed to get ceph user %q: %v", username, err)
 	}
 
 	logger.Infof("successfully created Ceph user %q with access keys", username)

pkg/operator/ceph/object/health.go

@@ -146,15 +146,15 @@ func (c *bucketChecker) checkObjectStoreHealth() error {
 	// Create checker user
 	logger.Debugf("creating s3 user object %q for object store %q health check", userConfig.ID, c.namespacedName.Name)
 	var user admin.User
-	user, err := c.objContext.AdminOpsClient.CreateUser(context.TODO(), userConfig)
+	user, err := c.objContext.AdminOpsClient.GetUser(context.TODO(), userConfig)
 	if err != nil {
-		if errors.Is(err, admin.ErrUserExists) {
-			user, err = c.objContext.AdminOpsClient.GetUser(context.TODO(), userConfig)
+		if errors.Is(err, admin.ErrNoSuchUser) {
+			user, err = c.objContext.AdminOpsClient.CreateUser(context.TODO(), userConfig)
 			if err != nil {
-				return errors.Wrapf(err, "failed to get details from ceph object user %q", userConfig.ID)
+				return errors.Wrapf(err, "failed to create from ceph object user %v", userConfig.ID)
 			}
 		} else {
-			return errors.Wrapf(err, "failed to create ceph object user %q", userConfig.ID)
+			return errors.Wrapf(err, "failed to get details from ceph object user %q", userConfig.ID)
 		}
 	}
 

pkg/operator/ceph/object/user/controller.go

@@ -270,19 +270,19 @@ func (r *ReconcileObjectStoreUser) reconcileCephUser(cephObjectStoreUser *cephv1
 func (r *ReconcileObjectStoreUser) createorUpdateCephUser(u *cephv1.CephObjectStoreUser) error {
 	logger.Infof("creating ceph object user %q in namespace %q", u.Name, u.Namespace)
 
-	logCreateOrUpdate := fmt.Sprintf("created ceph object user %q", u.Name)
+	logCreateOrUpdate := fmt.Sprintf("retrieved existing ceph object user %q", u.Name)
 	var user admin.User
 	var err error
-	user, err = r.objContext.AdminOpsClient.CreateUser(context.TODO(), *r.userConfig)
+	user, err = r.objContext.AdminOpsClient.GetUser(context.TODO(), *r.userConfig)
 	if err != nil {
-		if errors.Is(err, admin.ErrUserExists) {
-			user, err = r.objContext.AdminOpsClient.GetUser(context.TODO(), *r.userConfig)
+		if errors.Is(err, admin.ErrNoSuchUser) {
+			user, err = r.objContext.AdminOpsClient.CreateUser(context.TODO(), *r.userConfig)
 			if err != nil {
-				return errors.Wrapf(err, "failed to get details from ceph object user %v", &r.userConfig.ID)
+				return errors.Wrapf(err, "failed to create from ceph object user %v", &r.userConfig.ID)
 			}
-			logCreateOrUpdate = fmt.Sprintf("retrieved existing ceph object user %q", u.Name)
+			logCreateOrUpdate = fmt.Sprintf("created ceph object user %q", u.Name)
 		} else {
-			return errors.Wrapf(err, "failed to create ceph object user %q", u.Name)
+			return errors.Wrapf(err, "failed to get details from ceph object user %q", u.Name)
 		}
 	}