From 14972d4c407e9760a60a39761d5e61cf01ae02da Mon Sep 17 00:00:00 2001 From: Michael Tewoldemedhin <98621731+michaelhtm@users.noreply.github.com> Date: Tue, 17 Dec 2024 14:23:50 -0800 Subject: [PATCH] Exclude default/empty values from spec during a read operation (#143) Issue [#2230](https://github.com/aws-controllers-k8s/community/issues/2230) Description of changes: This PR is ensuring the controller does not assign default empty values to the resource during a read operation By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. --- pkg/resource/bucket/hook.go | 195 +++++++++++++++++++++++------------- 1 file changed, 123 insertions(+), 72 deletions(-) diff --git a/pkg/resource/bucket/hook.go b/pkg/resource/bucket/hook.go index 1424982..d2e86b6 100644 --- a/pkg/resource/bucket/hook.go +++ b/pkg/resource/bucket/hook.go @@ -317,21 +317,27 @@ func (rm *resourceManager) addPutFieldsToSpec( // This method is not supported in every region, ignore any errors if // we attempt to describe this property in a region in which it's not // supported. - if awsErr, ok := ackerr.AWSError(err); ok && (awsErr.Code() == "MethodNotAllowed" || awsErr.Code() == "UnsupportedArgument") { - getAccelerateResponse = &svcsdk.GetBucketAccelerateConfigurationOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || (awsErr.Code() != "MethodNotAllowed" && awsErr.Code() != "UnsupportedArgument") { return err } } - ko.Spec.Accelerate = rm.setResourceAccelerate(r, getAccelerateResponse) + if getAccelerateResponse.Status != nil && *getAccelerateResponse.Status != "" { + ko.Spec.Accelerate = rm.setResourceAccelerate(r, getAccelerateResponse) + } else if (getAccelerateResponse.Status == nil || *getAccelerateResponse.Status == "") && ko.Spec.Accelerate != nil { + ko.Spec.Accelerate = &svcapitypes.AccelerateConfiguration{} + } listAnalyticsResponse, err := rm.sdkapi.ListBucketAnalyticsConfigurationsWithContext(ctx, rm.newListBucketAnalyticsPayload(r)) if err != nil { return err } - ko.Spec.Analytics = make([]*svcapitypes.AnalyticsConfiguration, len(listAnalyticsResponse.AnalyticsConfigurationList)) - for i, analyticsConfiguration := range listAnalyticsResponse.AnalyticsConfigurationList { - ko.Spec.Analytics[i] = rm.setResourceAnalyticsConfiguration(r, analyticsConfiguration) + if listAnalyticsResponse != nil && len(listAnalyticsResponse.AnalyticsConfigurationList) > 0 { + ko.Spec.Analytics = make([]*svcapitypes.AnalyticsConfiguration, len(listAnalyticsResponse.AnalyticsConfigurationList)) + for i, analyticsConfiguration := range listAnalyticsResponse.AnalyticsConfigurationList { + ko.Spec.Analytics[i] = rm.setResourceAnalyticsConfiguration(r, analyticsConfiguration) + } + } else if (listAnalyticsResponse == nil || len(listAnalyticsResponse.AnalyticsConfigurationList) == 0) && ko.Spec.Analytics != nil { + ko.Spec.Analytics = []*svcapitypes.AnalyticsConfiguration{} } getACLResponse, err := rm.sdkapi.GetBucketAclWithContext(ctx, rm.newGetBucketACLPayload(r)) @@ -342,160 +348,193 @@ func (rm *resourceManager) addPutFieldsToSpec( getCORSResponse, err := rm.sdkapi.GetBucketCorsWithContext(ctx, rm.newGetBucketCORSPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "NoSuchCORSConfiguration" { - getCORSResponse = &svcsdk.GetBucketCorsOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "NoSuchCORSConfiguration" { return err } } - ko.Spec.CORS = rm.setResourceCORS(r, getCORSResponse) + if getCORSResponse.CORSRules != nil { + ko.Spec.CORS = rm.setResourceCORS(r, getCORSResponse) + } else if getCORSResponse.CORSRules == nil && ko.Spec.CORS != nil { + ko.Spec.CORS = &svcapitypes.CORSConfiguration{} + } getEncryptionResponse, err := rm.sdkapi.GetBucketEncryptionWithContext(ctx, rm.newGetBucketEncryptionPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "ServerSideEncryptionConfigurationNotFoundError" { - getEncryptionResponse = &svcsdk.GetBucketEncryptionOutput{ - ServerSideEncryptionConfiguration: &svcsdk.ServerSideEncryptionConfiguration{}, - } - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "ServerSideEncryptionConfigurationNotFoundError" { return err } + } + if getEncryptionResponse.ServerSideEncryptionConfiguration.Rules != nil { + ko.Spec.Encryption = rm.setResourceEncryption(r, getEncryptionResponse) + } else if getEncryptionResponse.ServerSideEncryptionConfiguration.Rules == nil && ko.Spec.Encryption != nil { + ko.Spec.Encryption = &svcapitypes.ServerSideEncryptionConfiguration{} } - ko.Spec.Encryption = rm.setResourceEncryption(r, getEncryptionResponse) listIntelligentTieringResponse, err := rm.sdkapi.ListBucketIntelligentTieringConfigurationsWithContext(ctx, rm.newListBucketIntelligentTieringPayload(r)) if err != nil { return err - } - ko.Spec.IntelligentTiering = make([]*svcapitypes.IntelligentTieringConfiguration, len(listIntelligentTieringResponse.IntelligentTieringConfigurationList)) - for i, intelligentTieringConfiguration := range listIntelligentTieringResponse.IntelligentTieringConfigurationList { - ko.Spec.IntelligentTiering[i] = rm.setResourceIntelligentTieringConfiguration(r, intelligentTieringConfiguration) + } + if len(listIntelligentTieringResponse.IntelligentTieringConfigurationList) > 0 { + ko.Spec.IntelligentTiering = make([]*svcapitypes.IntelligentTieringConfiguration, len(listIntelligentTieringResponse.IntelligentTieringConfigurationList)) + for i, intelligentTieringConfiguration := range listIntelligentTieringResponse.IntelligentTieringConfigurationList { + ko.Spec.IntelligentTiering[i] = rm.setResourceIntelligentTieringConfiguration(r, intelligentTieringConfiguration) + } + } else if len(listIntelligentTieringResponse.IntelligentTieringConfigurationList) == 0 && len(ko.Spec.IntelligentTiering) > 0 { + ko.Spec.IntelligentTiering = []*svcapitypes.IntelligentTieringConfiguration{} } listInventoryResponse, err := rm.sdkapi.ListBucketInventoryConfigurationsWithContext(ctx, rm.newListBucketInventoryPayload(r)) if err != nil { return err - } - ko.Spec.Inventory = make([]*svcapitypes.InventoryConfiguration, len(listInventoryResponse.InventoryConfigurationList)) - for i, inventoryConfiguration := range listInventoryResponse.InventoryConfigurationList { - ko.Spec.Inventory[i] = rm.setResourceInventoryConfiguration(r, inventoryConfiguration) + } else { + ko.Spec.Inventory = make([]*svcapitypes.InventoryConfiguration, len(listInventoryResponse.InventoryConfigurationList)) + for i, inventoryConfiguration := range listInventoryResponse.InventoryConfigurationList { + ko.Spec.Inventory[i] = rm.setResourceInventoryConfiguration(r, inventoryConfiguration) + } } getLifecycleResponse, err := rm.sdkapi.GetBucketLifecycleConfigurationWithContext(ctx, rm.newGetBucketLifecyclePayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "NoSuchLifecycleConfiguration" { - getLifecycleResponse = &svcsdk.GetBucketLifecycleConfigurationOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "NoSuchLifecycleConfiguration" { return err } + } + if getLifecycleResponse.Rules != nil { + ko.Spec.Lifecycle = rm.setResourceLifecycle(r, getLifecycleResponse) + } else if getLifecycleResponse.Rules == nil && ko.Spec.Lifecycle != nil { + ko.Spec.Lifecycle = &svcapitypes.BucketLifecycleConfiguration{} } - ko.Spec.Lifecycle = rm.setResourceLifecycle(r, getLifecycleResponse) getLoggingResponse, err := rm.sdkapi.GetBucketLoggingWithContext(ctx, rm.newGetBucketLoggingPayload(r)) if err != nil { return err } - ko.Spec.Logging = rm.setResourceLogging(r, getLoggingResponse) + if getLoggingResponse.LoggingEnabled != nil { + ko.Spec.Logging = rm.setResourceLogging(r, getLoggingResponse) + } else if getLoggingResponse.LoggingEnabled == nil && ko.Spec.Logging != nil { + ko.Spec.Logging = &svcapitypes.BucketLoggingStatus{} + } listMetricsResponse, err := rm.sdkapi.ListBucketMetricsConfigurationsWithContext(ctx, rm.newListBucketMetricsPayload(r)) if err != nil { return err - } - ko.Spec.Metrics = make([]*svcapitypes.MetricsConfiguration, len(listMetricsResponse.MetricsConfigurationList)) - for i, metricsConfiguration := range listMetricsResponse.MetricsConfigurationList { - ko.Spec.Metrics[i] = rm.setResourceMetricsConfiguration(r, metricsConfiguration) + } + if len(listMetricsResponse.MetricsConfigurationList) > 0 { + ko.Spec.Metrics = make([]*svcapitypes.MetricsConfiguration, len(listMetricsResponse.MetricsConfigurationList)) + for i, metricsConfiguration := range listMetricsResponse.MetricsConfigurationList { + ko.Spec.Metrics[i] = rm.setResourceMetricsConfiguration(r, metricsConfiguration) + } + } else if len(listMetricsResponse.MetricsConfigurationList) == 0 && len(ko.Spec.Metrics) > 0 { + ko.Spec.Metrics = []*svcapitypes.MetricsConfiguration{} } getNotificationResponse, err := rm.sdkapi.GetBucketNotificationConfigurationWithContext(ctx, rm.newGetBucketNotificationPayload(r)) if err != nil { return err } - ko.Spec.Notification = rm.setResourceNotification(r, getNotificationResponse) + if getNotificationResponse.LambdaFunctionConfigurations != nil || + getNotificationResponse.QueueConfigurations != nil || + getNotificationResponse.TopicConfigurations != nil { + + ko.Spec.Notification = rm.setResourceNotification(r, getNotificationResponse) + } else if (getNotificationResponse.LambdaFunctionConfigurations == nil || + getNotificationResponse.QueueConfigurations == nil || + getNotificationResponse.TopicConfigurations == nil) && ko.Spec.Notification != nil { + ko.Spec.Notification = &svcapitypes.NotificationConfiguration{} + } getOwnershipControlsResponse, err := rm.sdkapi.GetBucketOwnershipControlsWithContext(ctx, rm.newGetBucketOwnershipControlsPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "OwnershipControlsNotFoundError" { - getOwnershipControlsResponse = &svcsdk.GetBucketOwnershipControlsOutput{ - OwnershipControls: &svcsdk.OwnershipControls{}, - } - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "OwnershipControlsNotFoundError" { return err } } if getOwnershipControlsResponse.OwnershipControls != nil { ko.Spec.OwnershipControls = rm.setResourceOwnershipControls(r, getOwnershipControlsResponse) - } else { - ko.Spec.OwnershipControls = nil + } else if getOwnershipControlsResponse.OwnershipControls == nil && ko.Spec.OwnershipControls != nil { + ko.Spec.OwnershipControls = &svcapitypes.OwnershipControls{} } getPolicyResponse, err := rm.sdkapi.GetBucketPolicyWithContext(ctx, rm.newGetBucketPolicyPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "NoSuchBucketPolicy" { - getPolicyResponse = &svcsdk.GetBucketPolicyOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "NoSuchBucketPolicy" { return err } } - ko.Spec.Policy = getPolicyResponse.Policy + if getPolicyResponse.Policy != nil { + ko.Spec.Policy = getPolicyResponse.Policy + } else if getPolicyResponse.Policy == nil && ko.Spec.Policy != nil { + ko.Spec.Policy = (&svcsdk.GetBucketPolicyOutput{}).Policy + } getPublicAccessBlockResponse, err := rm.sdkapi.GetPublicAccessBlockWithContext(ctx, rm.newGetPublicAccessBlockPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "NoSuchPublicAccessBlockConfiguration" { - getPublicAccessBlockResponse = &svcsdk.GetPublicAccessBlockOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "NoSuchPublicAccessBlockConfiguration" { return err } } if getPublicAccessBlockResponse.PublicAccessBlockConfiguration != nil { ko.Spec.PublicAccessBlock = rm.setResourcePublicAccessBlock(r, getPublicAccessBlockResponse) - } else { - ko.Spec.PublicAccessBlock = nil + } else if getPublicAccessBlockResponse.PublicAccessBlockConfiguration == nil && ko.Spec.PublicAccessBlock != nil { + ko.Spec.PublicAccessBlock = &svcapitypes.PublicAccessBlockConfiguration{} } getReplicationResponse, err := rm.sdkapi.GetBucketReplicationWithContext(ctx, rm.newGetBucketReplicationPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "ReplicationConfigurationNotFoundError" { - getReplicationResponse = &svcsdk.GetBucketReplicationOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "ReplicationConfigurationNotFoundError" { return err } } if getReplicationResponse.ReplicationConfiguration != nil { ko.Spec.Replication = rm.setResourceReplication(r, getReplicationResponse) - } else { - ko.Spec.Replication = nil + } else if getReplicationResponse.ReplicationConfiguration == nil && ko.Spec.Replication != nil { + ko.Spec.Replication = &svcapitypes.ReplicationConfiguration{} } getRequestPaymentResponse, err := rm.sdkapi.GetBucketRequestPaymentWithContext(ctx, rm.newGetBucketRequestPaymentPayload(r)) if err != nil { return nil + } + if getRequestPaymentResponse.Payer != nil { + ko.Spec.RequestPayment = rm.setResourceRequestPayment(r, getRequestPaymentResponse) + } else if getRequestPaymentResponse.Payer == nil && ko.Spec.RequestPayment != nil { + ko.Spec.RequestPayment = &svcapitypes.RequestPaymentConfiguration{} } - ko.Spec.RequestPayment = rm.setResourceRequestPayment(r, getRequestPaymentResponse) getTaggingResponse, err := rm.sdkapi.GetBucketTaggingWithContext(ctx, rm.newGetBucketTaggingPayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "NoSuchTagSet" { - getTaggingResponse = &svcsdk.GetBucketTaggingOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "NoSuchTagSet" { return err } + } + if getTaggingResponse.TagSet != nil { + ko.Spec.Tagging = rm.setResourceTagging(r, getTaggingResponse) + } else if getTaggingResponse.TagSet == nil && ko.Spec.Tagging != nil { + ko.Spec.Tagging = &svcapitypes.Tagging{} } - ko.Spec.Tagging = rm.setResourceTagging(r, getTaggingResponse) getVersioningResponse, err := rm.sdkapi.GetBucketVersioningWithContext(ctx, rm.newGetBucketVersioningPayload(r)) if err != nil { return err + } + if getVersioningResponse.Status != nil { + ko.Spec.Versioning = rm.setResourceVersioning(r, getVersioningResponse) + } else if getVersioningResponse.Status == nil && ko.Spec.Versioning != nil { + ko.Spec.Versioning = &svcapitypes.VersioningConfiguration{} } - ko.Spec.Versioning = rm.setResourceVersioning(r, getVersioningResponse) getWebsiteResponse, err := rm.sdkapi.GetBucketWebsiteWithContext(ctx, rm.newGetBucketWebsitePayload(r)) if err != nil { - if awsErr, ok := ackerr.AWSError(err); ok && awsErr.Code() == "NoSuchWebsiteConfiguration" { - getWebsiteResponse = &svcsdk.GetBucketWebsiteOutput{} - } else { + if awsErr, ok := ackerr.AWSError(err); !ok || awsErr.Code() != "NoSuchWebsiteConfiguration" { return err } + } + if getWebsiteResponse != nil { + ko.Spec.Website = rm.setResourceWebsite(r, getWebsiteResponse) + }else if getWebsiteResponse == nil && ko.Spec.Website != nil { + ko.Spec.Website = &svcapitypes.WebsiteConfiguration{} } - ko.Spec.Website = rm.setResourceWebsite(r, getWebsiteResponse) + return nil } @@ -688,16 +727,28 @@ func (rm *resourceManager) setResourceACL( resp *svcsdk.GetBucketAclOutput, ) { grants := GetHeadersFromGrants(resp) - ko.Spec.GrantFullControl = &grants.FullControl - ko.Spec.GrantRead = &grants.Read - ko.Spec.GrantReadACP = &grants.ReadACP - ko.Spec.GrantWrite = &grants.Write - ko.Spec.GrantWriteACP = &grants.WriteACP + if grants.FullControl != "" { + ko.Spec.GrantFullControl = &grants.FullControl + } + if grants.Read != "" { + ko.Spec.GrantRead = &grants.Read + } + if grants.ReadACP != "" { + ko.Spec.GrantReadACP = &grants.ReadACP + } + if grants.Write != "" { + ko.Spec.GrantWrite = &grants.Write + } + if grants.WriteACP != "" { + ko.Spec.GrantWriteACP = &grants.WriteACP + } // Join possible ACLs into a single string, delimited by bar cannedACLs := GetPossibleCannedACLsFromGrants(resp) joinedACLs := strings.Join(cannedACLs, CannedACLJoinDelimiter) - ko.Spec.ACL = &joinedACLs + if joinedACLs != "" { + ko.Spec.ACL = &joinedACLs + } } func (rm *resourceManager) newGetBucketACLPayload(