CLOUDP-202214 Error on MDB 7 (#1396)

slaskawi · web-flow · commit c1fd94a9254d · 2023-09-29T09:18:14.000+02:00
* CLOUDP-202214 Error on MDB 7

* Updated the error message

* Release notes

* Added unit test

* Updated release notes
diff --git a/controllers/replica_set_controller.go b/controllers/replica_set_controller.go
@@ -4,6 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/blang/semver"
+	"github.com/mongodb/mongodb-kubernetes-operator/pkg/util/envvar"
 	"os"
 	"strconv"
 	"strings"
@@ -52,6 +54,8 @@ const (
 
 	lastSuccessfulConfiguration = "mongodb.com/v1.lastSuccessfulConfiguration"
 	lastAppliedMongoDBVersion   = "mongodb.com/v1.lastAppliedMongoDBVersion"
+
+	ignoreMdb7ErrorEnvVar = "IGNORE_MDB_7_ERROR"
 )
 
 func init() {
@@ -622,7 +626,16 @@ func (r *ReplicaSetReconciler) buildService(mdb mdbv1.MongoDBCommunity, portMana
 // it checks that the attempted Spec is valid in relation to the Spec that resulted from that last successful configuration.
 // The validation also returns the lastSuccessFulConfiguration Spec as mdbv1.MongoDBCommunitySpec.
 func (r ReplicaSetReconciler) validateSpec(mdb mdbv1.MongoDBCommunity) (error, *mdbv1.MongoDBCommunitySpec) {
-
+	if !envvar.ReadBool(ignoreMdb7ErrorEnvVar) {
+		semverVersion, err := semver.Make(mdb.Spec.Version)
+		if err != nil {
+			r.log.Warnf("could not parse version %v", mdb.Spec.Version)
+		} else {
+			if semverVersion.Major >= 7 {
+				return fmt.Errorf("mongodb >= 7.0.0 is not supported"), nil
+			}
+		}
+	}
 	lastSuccessfulConfigurationSaved, ok := mdb.Annotations[lastSuccessfulConfiguration]
 	if !ok {
 		// First version of Spec
diff --git a/controllers/replicaset_controller_test.go b/controllers/replicaset_controller_test.go
@@ -171,6 +171,20 @@ func TestKubernetesResources_AreCreated(t *testing.T) {
 	assert.NotEmpty(t, s.Data[automationconfig.ConfigKey])
 }
 
+func TestKubernetesResources_MongoDB7IsRejected(t *testing.T) {
+	mdb := newTestReplicaSet()
+	mdb.Spec.Version = "7.0.0"
+
+	mgr := client.NewManager(&mdb)
+	r := NewReconciler(mgr)
+
+	res, err := r.Reconcile(context.TODO(), reconcile.Request{NamespacedName: types.NamespacedName{Namespace: mdb.Namespace, Name: mdb.Name}})
+
+	assert.NoError(t, err)
+	assert.Equal(t, true, res.Requeue)
+	assert.Equal(t, time.Duration(0), res.RequeueAfter)
+}
+
 func TestStatefulSet_IsCorrectlyConfigured(t *testing.T) {
 	t.Setenv(construct.MongodbRepoUrl, "docker.io/mongodb")
 	t.Setenv(construct.MongodbImageEnv, "mongodb-community-server")
diff --git a/docs/RELEASE_NOTES.md b/docs/RELEASE_NOTES.md
@@ -1,34 +1,6 @@
-# MongoDB Kubernetes Operator 0.X.X
+# MongoDB Kubernetes Operator 0.8.3
 
 ## MongoDBCommunity Resource
 
 - Changes
-  - Introduced support for X.509 authentication for client and agent
-    - `spec.security.authentication.modes` now supports value `X509`
-    - The agent authentication mode will default to the value in `spec.security.authentication.modes` if there is only one specified. 
-    - Otherwise, agent authentication will need to be specified through `spec.security.authentication.agentMode`.
-    - When agent authentication is set to `X509`, the field `spec.security.authentication.agentCertificateSecretRef` can be set (default is `agent-certs`).
-    - The secret that `agentCertificateSecretRef` points to should contain a signed X.509 certificate (under the `tls.crt` key) and a private key (under `tls.key`) for the agent.
-    - X.509 users can be added the same way as before under `spec.users`. The `db` field must be set to `$external` for X.509 authentication.
-    - For these users, `scramCredentialsSecretName` and `passwordSecretRef` should **not** be set.
-    - Sample resource [yaml](config/samples/mongodb.com_v1_mongodbcommunity_x509.yaml)
-    - Sample agent certificate [yaml](config/samples/external_access/agent-certificate.yaml)
-  - Add support for configuring [logRotate](https://www.mongodb.com/docs/ops-manager/current/reference/cluster-configuration/#mongodb-instances) on the automation-agent. The settings can be found under `processes[n].logRotate.<setting>`.
-  - Additionally, [systemLog](https://www.mongodb.com/docs/manual/reference/configuration-options/#systemlog-options) can now be configured. In particular the settings: `path`, `destination` and `logAppend`.
-
-# MongoDB Kubernetes Operator 0.8.2
-
-## Kubernetes Operator
-
-- Changes
-  - Fix a bug when overriding tolerations causing an endless reconciliation loop ([1344](https://github.com/mongodb/mongodb-kubernetes-operator/issues/1344)).
-
-## Updated Image Tags
-
-- mongodb-kubernetes-operator:0.8.2
-- mongodb-agent:12.0.25.7724-1
-
-_All the images can be found in:_
-
-https://quay.io/mongodb
-https://hub.docker.com/r/mongodb/mongodb-community-server
+  - MongoDB 7.0.0 and onwards is not supported. Supporting it requires a newer Automation Agent version. Until a new version is available, the Operator will fail all deployments with this version. To ignore this error and force the Operator to reconcile these resources, use `IGNORE_MDB_7_ERROR` environment variable and set it to `true`. 
