CLOUDP-142596: Add serverless PE support (#779)

Co-authored-by: Helder Santana <contato@heldersantana.net>

Author: Sugar-pack

.github/workflows/test-e2e.yml

@@ -90,6 +90,7 @@ jobs:
             "networkpeering",
             "privatelink",
             "project-settings",
+            "serverless-pe",
             "x509auth",
             "custom-roles",
           ]

config/crd/bases/atlas.mongodb.com_atlasdeployments.yaml

@@ -553,6 +553,24 @@ spec:
                       its name. Can only contain ASCII letters, numbers, and hyphens.
                     pattern: ^[a-zA-Z0-9][a-zA-Z0-9-]*$
                     type: string
+                  privateEndpoints:
+                    items:
+                      properties:
+                        cloudProviderEndpointID:
+                          description: CloudProviderEndpointID is the identifier of
+                            the cloud provider endpoint.
+                          type: string
+                        name:
+                          description: Name is the name of the Serverless PrivateLink
+                            Service. Should be unique.
+                          type: string
+                        privateEndpointIpAddress:
+                          description: PrivateEndpointIPAddress is the IPv4 address
+                            of the private endpoint in your Azure VNet that someone
+                            added to this private endpoint service.
+                          type: string
+                      type: object
+                    type: array
                   providerSettings:
                     description: Configuration for the provisioned hosts on which
                       MongoDB runs. The available options are specific to the cloud
@@ -787,6 +805,50 @@ spec:
                   reconciliation of the resource.
                 format: int64
                 type: integer
+              serverlessPrivateEndpoints:
+                items:
+                  properties:
+                    _id:
+                      description: ID is the identifier of the Serverless PrivateLink
+                        Service.
+                      type: string
+                    cloudProviderEndpointId:
+                      description: CloudProviderEndpointID is the identifier of the
+                        cloud provider endpoint.
+                      type: string
+                    endpointServiceName:
+                      description: EndpointServiceName is the name of the PrivateLink
+                        endpoint service in AWS. Returns null while the endpoint service
+                        is being created.
+                      type: string
+                    errorMessage:
+                      description: ErrorMessage is the error message if the Serverless
+                        PrivateLink Service failed to create or connect.
+                      type: string
+                    name:
+                      description: Name is the name of the Serverless PrivateLink
+                        Service. Should be unique.
+                      type: string
+                    privateEndpointIpAddress:
+                      description: PrivateEndpointIPAddress is the IPv4 address of
+                        the private endpoint in your Azure VNet that someone added
+                        to this private endpoint service.
+                      type: string
+                    privateLinkServiceResourceId:
+                      description: PrivateLinkServiceResourceID is the root-relative
+                        path that identifies the Azure Private Link Service that MongoDB
+                        Cloud manages. MongoDB Cloud returns null while it creates
+                        the endpoint service.
+                      type: string
+                    providerName:
+                      description: ProviderName is human-readable label that identifies
+                        the cloud provider. Values include AWS or AZURE.
+                      type: string
+                    status:
+                      description: Status of the AWS Serverless PrivateLink connection.
+                      type: string
+                  type: object
+                type: array
               stateName:
                 description: 'StateName is the current state of the cluster. The possible
                   states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING'

pkg/api/v1/atlasdeployment_types.go

@@ -179,6 +179,8 @@ type ServerlessSpec struct {
 	Name string `json:"name"`
 	// Configuration for the provisioned hosts on which MongoDB runs. The available options are specific to the cloud service provider.
 	ProviderSettings *ProviderSettingsSpec `json:"providerSettings"`
+
+	PrivateEndpoints []ServerlessPrivateEndpoint `json:"privateEndpoints,omitempty"`
 }
 
 // BiConnector specifies BI Connector for Atlas configuration on this deployment.
@@ -706,11 +708,14 @@ func NewDefaultAWSServerlessInstance(namespace, projectName string) *AtlasDeploy
 }
 
 func (c *AtlasDeployment) AtlasName() string {
-	if c.Spec.DeploymentSpec.Name != "" {
+	if c.Spec.DeploymentSpec != nil {
 		return c.Spec.DeploymentSpec.Name
 	}
-	if c.Spec.AdvancedDeploymentSpec.Name != "" {
+	if c.Spec.AdvancedDeploymentSpec != nil {
 		return c.Spec.AdvancedDeploymentSpec.Name
 	}
-	return c.Spec.ServerlessSpec.Name
+	if c.Spec.ServerlessSpec != nil {
+		return c.Spec.ServerlessSpec.Name
+	}
+	return ""
 }

pkg/api/v1/serverless_private_endpoint.go

@@ -0,0 +1,47 @@
+package v1
+
+import (
+	"go.mongodb.org/atlas/mongodbatlas"
+
+	"github.com/mongodb/mongodb-atlas-kubernetes/pkg/api/v1/provider"
+)
+
+type ServerlessPrivateEndpoint struct {
+	// Name is the name of the Serverless PrivateLink Service. Should be unique.
+	Name string `json:"name,omitempty"`
+	// CloudProviderEndpointID is the identifier of the cloud provider endpoint.
+	CloudProviderEndpointID string `json:"cloudProviderEndpointID,omitempty"`
+	// PrivateEndpointIPAddress is the IPv4 address of the private endpoint in your Azure VNet that someone added to this private endpoint service.
+	PrivateEndpointIPAddress string `json:"privateEndpointIpAddress,omitempty"`
+}
+
+// IsInitialState pe initially should be empty except for comment
+func (in *ServerlessPrivateEndpoint) IsInitialState() bool {
+	return in.Name != "" && in.CloudProviderEndpointID == "" && in.PrivateEndpointIPAddress == ""
+}
+
+func (in *ServerlessPrivateEndpoint) ToAtlas(providerName provider.ProviderName) *mongodbatlas.ServerlessPrivateEndpointConnection {
+	if in.IsInitialState() {
+		return &mongodbatlas.ServerlessPrivateEndpointConnection{
+			Comment: in.Name,
+		}
+	}
+
+	switch providerName {
+	case provider.ProviderAWS:
+		return &mongodbatlas.ServerlessPrivateEndpointConnection{
+			Comment:                 in.Name,
+			CloudProviderEndpointID: in.CloudProviderEndpointID,
+			ProviderName:            string(providerName),
+		}
+	case provider.ProviderAzure:
+		return &mongodbatlas.ServerlessPrivateEndpointConnection{
+			Comment:                  in.Name,
+			CloudProviderEndpointID:  in.CloudProviderEndpointID,
+			PrivateEndpointIPAddress: in.PrivateEndpointIPAddress,
+			ProviderName:             string(providerName),
+		}
+	default:
+		return nil
+	}
+}

pkg/api/v1/status/atlasdeployment.go

@@ -20,6 +20,8 @@ type AtlasDeploymentStatus struct {
 	// ConnectionStrings is a set of connection strings that your applications use to connect to this cluster.
 	ConnectionStrings *ConnectionStrings `json:"connectionStrings,omitempty"`
 
+	ServerlessPrivateEndpoints []ServerlessPrivateEndpoint `json:"serverlessPrivateEndpoints,omitempty"`
+
 	// MongoURIUpdated is a timestamp in ISO 8601 date and time format in UTC when the connection string was last updated.
 	// The connection string changes if you update any of the other values.
 	MongoURIUpdated string `json:"mongoURIUpdated,omitempty"`
@@ -108,6 +110,12 @@ func AtlasDeploymentStateNameOption(stateName string) AtlasDeploymentStatusOptio
 	}
 }
 
+func AtlasDeploymentSPEOption(pe []ServerlessPrivateEndpoint) AtlasDeploymentStatusOption {
+	return func(s *AtlasDeploymentStatus) {
+		s.ServerlessPrivateEndpoints = pe
+	}
+}
+
 func AtlasDeploymentMongoDBVersionOption(mongoDBVersion string) AtlasDeploymentStatusOption {
 	return func(s *AtlasDeploymentStatus) {
 		s.MongoDBVersion = mongoDBVersion

pkg/api/v1/status/condition.go

@@ -51,7 +51,8 @@ const (
 
 // AtlasDeployment condition types
 const (
-	DeploymentReadyType ConditionType = "DeploymentReady"
+	DeploymentReadyType                ConditionType = "DeploymentReady"
+	ServerlessPrivateEndpointReadyType ConditionType = "ServerlessPrivateEndpointReady"
 )
 
 // AtlasDatabaseUser condition types

pkg/api/v1/status/serverless_private_endpoint.go

@@ -0,0 +1,74 @@
+package status
+
+import (
+	"fmt"
+
+	"go.mongodb.org/atlas/mongodbatlas"
+)
+
+type ServerlessPrivateEndpoint struct {
+	// ID is the identifier of the Serverless PrivateLink Service.
+	ID string `json:"_id,omitempty"`
+	// CloudProviderEndpointID is the identifier of the cloud provider endpoint.
+	CloudProviderEndpointID string `json:"cloudProviderEndpointId,omitempty"`
+	// Name is the name of the Serverless PrivateLink Service. Should be unique.
+	Name string `json:"name,omitempty"`
+	// EndpointServiceName is the name of the PrivateLink endpoint service in AWS. Returns null while the endpoint service is being created.
+	EndpointServiceName string `json:"endpointServiceName,omitempty"`
+	// ErrorMessage is the error message if the Serverless PrivateLink Service failed to create or connect.
+	ErrorMessage string `json:"errorMessage,omitempty"`
+	// Status of the AWS Serverless PrivateLink connection.
+	Status string `json:"status,omitempty"`
+	// ProviderName is human-readable label that identifies the cloud provider. Values include AWS or AZURE.
+	ProviderName string `json:"providerName,omitempty"`
+	// PrivateEndpointIPAddress is the IPv4 address of the private endpoint in your Azure VNet that someone added to this private endpoint service.
+	PrivateEndpointIPAddress string `json:"privateEndpointIpAddress,omitempty"`
+	// PrivateLinkServiceResourceID is the root-relative path that identifies the Azure Private Link Service that MongoDB Cloud manages. MongoDB Cloud returns null while it creates the endpoint service.
+	PrivateLinkServiceResourceID string `json:"privateLinkServiceResourceId,omitempty"`
+}
+
+func SPEFromAtlas(in mongodbatlas.ServerlessPrivateEndpointConnection) ServerlessPrivateEndpoint {
+	return ServerlessPrivateEndpoint{
+		ID:                           in.ID,
+		CloudProviderEndpointID:      in.CloudProviderEndpointID,
+		Name:                         in.Comment,
+		EndpointServiceName:          in.EndpointServiceName,
+		ErrorMessage:                 in.ErrorMessage,
+		Status:                       in.Status,
+		ProviderName:                 in.ProviderName,
+		PrivateEndpointIPAddress:     in.PrivateEndpointIPAddress,
+		PrivateLinkServiceResourceID: in.PrivateLinkServiceResourceID,
+	}
+}
+
+func FailedToCreateSPE(comment, message string) ServerlessPrivateEndpoint {
+	return ServerlessPrivateEndpoint{
+		ErrorMessage: message,
+		Name:         comment,
+		Status:       StatusFailed,
+	}
+}
+
+func FailedDuplicationSPE(name, cloudProviderEndpointID, privateEndpointIPAddress string) ServerlessPrivateEndpoint {
+	return ServerlessPrivateEndpoint{
+		CloudProviderEndpointID:  cloudProviderEndpointID,
+		PrivateEndpointIPAddress: privateEndpointIPAddress,
+		ErrorMessage:             fmt.Sprintf("The SPE with same name exists: %s. Please use unique names", name),
+		Name:                     name,
+		Status:                   StatusFailed,
+	}
+}
+
+func FailedToConnectSPE(pe mongodbatlas.ServerlessPrivateEndpointConnection, message string) ServerlessPrivateEndpoint {
+	return ServerlessPrivateEndpoint{
+		ID:                           pe.ID,
+		CloudProviderEndpointID:      pe.CloudProviderEndpointID,
+		Name:                         pe.Comment,
+		EndpointServiceName:          pe.EndpointServiceName,
+		ErrorMessage:                 message,
+		Status:                       StatusFailed,
+		ProviderName:                 pe.ProviderName,
+		PrivateEndpointIPAddress:     pe.PrivateEndpointIPAddress,
+		PrivateLinkServiceResourceID: pe.PrivateLinkServiceResourceID,
+	}
+}

pkg/api/v1/status/zz_generated.deepcopy.go

@@ -240,10 +240,12 @@ func (r *AtlasDeploymentReconciler) ensureConnectionSecrets(ctx *workflow.Contex
 		}
 
 		data := connectionsecret.ConnectionData{
-			DBUserName: dbUser.Spec.Username,
-			ConnURL:    connectionStrings.Standard,
-			SrvConnURL: connectionStrings.StandardSrv,
-			Password:   password,
+			DBUserName:    dbUser.Spec.Username,
+			ConnURL:       connectionStrings.Standard,
+			SrvConnURL:    connectionStrings.StandardSrv,
+			Password:      password,
+			PvtConnURL:    connectionStrings.Private,
+			PvtSrvConnURL: connectionStrings.PrivateSrv,
 		}
 		connectionsecret.FillPrivateConnStrings(connectionStrings, &data)