Added getMechanismByName() func and removed global variables

Author: MaciejKaras

controllers/operator/authentication/authentication_mechanism.go

@@ -52,9 +52,9 @@ func (m MechanismList) String() string {
 	return strings.Join(names, ", ")
 }
 
-func (m MechanismList) Contains(mechanism Mechanism) bool {
+func (m MechanismList) Contains(mechanismName MechanismName) bool {
 	for _, m := range m {
-		if m.GetName() == mechanism.GetName() {
+		if m.GetName() == mechanismName {
 			return true
 		}
 	}
@@ -64,15 +64,15 @@ func (m MechanismList) Contains(mechanism Mechanism) bool {
 
 // supportedMechanisms returns a list of all supported authentication mechanisms
 // that can be configured by the Operator
-var supportedMechanisms = []Mechanism{ScramSha256Mechanism, MongoDBCRMechanism, MongoDBX509Mechanism, LDAPPlainMechanism}
+var supportedMechanisms = []MechanismName{ScramSha256, MongoDBCR, MongoDBX509, LDAPPlain}
 
 // mechanismsToDisable returns mechanisms which need to be disabled
 // based on the currently supported authentication mechanisms and the desiredMechanisms
 func mechanismsToDisable(desiredMechanisms MechanismList) MechanismList {
 	toDisable := make([]Mechanism, 0)
-	for _, mechanism := range supportedMechanisms {
-		if !desiredMechanisms.Contains(mechanism) {
-			toDisable = append(toDisable, mechanism)
+	for _, mechanismName := range supportedMechanisms {
+		if !desiredMechanisms.Contains(mechanismName) {
+			toDisable = append(toDisable, getMechanismByName(mechanismName))
 		}
 	}
 
@@ -92,27 +92,44 @@ func convertToMechanismList(mechanismModesInCR []string, ac *om.AutomationConfig
 func convertToMechanism(mechanismModeInCR string, ac *om.AutomationConfig) Mechanism {
 	switch mechanismModeInCR {
 	case util.X509:
-		return MongoDBX509Mechanism
+		return getMechanismByName(MongoDBX509)
 	case util.LDAP:
-		return LDAPPlainMechanism
+		return getMechanismByName(LDAPPlain)
 	case util.SCRAMSHA1:
-		return ScramSha1Mechanism
+		return getMechanismByName(ScramSha1)
 	case util.MONGODBCR:
-		return MongoDBCRMechanism
+		return getMechanismByName(MongoDBCR)
 	case util.SCRAMSHA256:
-		return ScramSha256Mechanism
+		return getMechanismByName(ScramSha256)
 	case util.SCRAM:
 		// if we have already configured authentication, and it has been set to MONGODB-CR/SCRAM-SHA-1
 		// we can not transition. This needs to be done in the UI
 
 		// if no authentication has been configured, the default value for "AutoAuthMechanism" is "MONGODB-CR"
 		// even if authentication is disabled, so we need to ensure that auth has been enabled.
 		if ac.Auth.AutoAuthMechanism == string(MongoDBCR) && ac.Auth.IsEnabled() {
-			return MongoDBCRMechanism
+			return getMechanismByName(MongoDBCR)
 		}
-		return ScramSha256Mechanism
+		return getMechanismByName(ScramSha256)
 	}
 
 	// this should never be reached as validation of this string happens at the CR level
 	panic(xerrors.Errorf("unknown mechanism name %s", mechanismModeInCR))
 }
+
+func getMechanismByName(name MechanismName) Mechanism {
+	switch name {
+	case ScramSha1:
+		return &automationConfigScramSha{MechanismName: ScramSha1}
+	case ScramSha256:
+		return &automationConfigScramSha{MechanismName: ScramSha256}
+	case MongoDBCR:
+		return &automationConfigScramSha{MechanismName: MongoDBCR}
+	case MongoDBX509:
+		return &connectionX509{}
+	case LDAPPlain:
+		return &ldapAuthMechanism{}
+	}
+
+	panic(xerrors.Errorf("unknown mechanism name %s", name))
+}

controllers/operator/authentication/ldap.go

@@ -9,8 +9,6 @@ import (
 	"github.com/mongodb/mongodb-kubernetes/pkg/util/stringutil"
 )
 
-var LDAPPlainMechanism Mechanism = &ldapAuthMechanism{}
-
 type ldapAuthMechanism struct{}
 
 func (l *ldapAuthMechanism) GetName() MechanismName {

controllers/operator/authentication/ldap_test.go

@@ -11,6 +11,8 @@ import (
 	"github.com/mongodb/mongodb-kubernetes/controllers/operator/ldap"
 )
 
+var LDAPPlainMechanism = getMechanismByName(LDAPPlain)
+
 func TestLdapDeploymentMechanism(t *testing.T) {
 	conn := om.NewMockedOmConnection(om.NewDeployment())
 
@@ -77,5 +79,6 @@ func TestLDAP_DisableAgentAuthentication(t *testing.T) {
 			AutomationSubject: validSubject("automation"),
 		},
 	}
+
 	assertAgentAuthenticationDisabled(t, LDAPPlainMechanism, conn, opts)
 }

controllers/operator/authentication/scramsha.go

@@ -8,23 +8,17 @@ import (
 	"github.com/mongodb/mongodb-kubernetes/pkg/util/stringutil"
 )
 
-var (
-	MongoDBCRMechanism   Mechanism = AutomationConfigScramSha{MechanismName: MongoDBCR}
-	ScramSha1Mechanism   Mechanism = AutomationConfigScramSha{MechanismName: ScramSha1}
-	ScramSha256Mechanism Mechanism = AutomationConfigScramSha{MechanismName: ScramSha256}
-)
-
-// AutomationConfigScramSha applies all the changes required to configure SCRAM-SHA authentication
+// automationConfigScramSha applies all the changes required to configure SCRAM-SHA authentication
 // directly to an AutomationConfig struct. This implementation does not communicate with Ops Manager in any way.
-type AutomationConfigScramSha struct {
+type automationConfigScramSha struct {
 	MechanismName MechanismName
 }
 
-func (s AutomationConfigScramSha) GetName() MechanismName {
+func (s *automationConfigScramSha) GetName() MechanismName {
 	return s.MechanismName
 }
 
-func (s AutomationConfigScramSha) EnableAgentAuthentication(conn om.Connection, opts Options, log *zap.SugaredLogger) error {
+func (s *automationConfigScramSha) EnableAgentAuthentication(conn om.Connection, opts Options, log *zap.SugaredLogger) error {
 	return conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		if err := configureScramAgentUsers(ac, opts); err != nil {
 			return err
@@ -45,21 +39,21 @@ func (s AutomationConfigScramSha) EnableAgentAuthentication(conn om.Connection,
 	}, log)
 }
 
-func (s AutomationConfigScramSha) DisableAgentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
+func (s *automationConfigScramSha) DisableAgentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
 	return conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		ac.Auth.AutoAuthMechanisms = stringutil.Remove(ac.Auth.AutoAuthMechanisms, string(s.MechanismName))
 		return nil
 	}, log)
 }
 
-func (s AutomationConfigScramSha) DisableDeploymentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
+func (s *automationConfigScramSha) DisableDeploymentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
 	return conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		ac.Auth.DeploymentAuthMechanisms = stringutil.Remove(ac.Auth.DeploymentAuthMechanisms, string(s.MechanismName))
 		return nil
 	}, log)
 }
 
-func (s AutomationConfigScramSha) EnableDeploymentAuthentication(conn om.Connection, _ Options, log *zap.SugaredLogger) error {
+func (s *automationConfigScramSha) EnableDeploymentAuthentication(conn om.Connection, _ Options, log *zap.SugaredLogger) error {
 	return conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		if !stringutil.Contains(ac.Auth.DeploymentAuthMechanisms, string(s.MechanismName)) {
 			ac.Auth.DeploymentAuthMechanisms = append(ac.Auth.DeploymentAuthMechanisms, string(s.MechanismName))
@@ -68,7 +62,7 @@ func (s AutomationConfigScramSha) EnableDeploymentAuthentication(conn om.Connect
 	}, log)
 }
 
-func (s AutomationConfigScramSha) IsAgentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
+func (s *automationConfigScramSha) IsAgentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
 	if ac.Auth.Disabled {
 		return false
 	}
@@ -88,7 +82,7 @@ func (s AutomationConfigScramSha) IsAgentAuthenticationConfigured(ac *om.Automat
 	return true
 }
 
-func (s AutomationConfigScramSha) IsDeploymentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
+func (s *automationConfigScramSha) IsDeploymentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
 	return stringutil.Contains(ac.Auth.DeploymentAuthMechanisms, string(s.MechanismName))
 }
 

controllers/operator/authentication/scramsha_test.go

@@ -11,6 +11,12 @@ import (
 	"github.com/mongodb/mongodb-kubernetes/pkg/util"
 )
 
+var (
+	MongoDBCRMechanism   = getMechanismByName(MongoDBCR)
+	ScramSha1Mechanism   = getMechanismByName(ScramSha1)
+	ScramSha256Mechanism = getMechanismByName(ScramSha256)
+)
+
 func TestAgentsAuthentication(t *testing.T) {
 	type TestConfig struct {
 		mechanism Mechanism

controllers/operator/authentication/x509.go

@@ -10,15 +10,13 @@ import (
 	"github.com/mongodb/mongodb-kubernetes/pkg/util/stringutil"
 )
 
-var MongoDBX509Mechanism Mechanism = ConnectionX509{}
+type connectionX509 struct{}
 
-type ConnectionX509 struct{}
-
-func (x ConnectionX509) GetName() MechanismName {
+func (x *connectionX509) GetName() MechanismName {
 	return MongoDBX509
 }
 
-func (x ConnectionX509) EnableAgentAuthentication(conn om.Connection, opts Options, log *zap.SugaredLogger) error {
+func (x *connectionX509) EnableAgentAuthentication(conn om.Connection, opts Options, log *zap.SugaredLogger) error {
 	log.Info("Configuring x509 authentication")
 	err := conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		if err := ac.EnsureKeyFileContents(); err != nil {
@@ -64,7 +62,7 @@ func (x ConnectionX509) EnableAgentAuthentication(conn om.Connection, opts Optio
 	}, log)
 }
 
-func (x ConnectionX509) DisableAgentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
+func (x *connectionX509) DisableAgentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
 	err := conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		ac.AgentSSL = &om.AgentSSL{
 			AutoPEMKeyFilePath:    util.MergoDelete,
@@ -93,7 +91,7 @@ func (x ConnectionX509) DisableAgentAuthentication(conn om.Connection, log *zap.
 	}, log)
 }
 
-func (x ConnectionX509) EnableDeploymentAuthentication(conn om.Connection, opts Options, log *zap.SugaredLogger) error {
+func (x *connectionX509) EnableDeploymentAuthentication(conn om.Connection, opts Options, log *zap.SugaredLogger) error {
 	return conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		if !stringutil.Contains(ac.Auth.DeploymentAuthMechanisms, util.AutomationConfigX509Option) {
 			ac.Auth.DeploymentAuthMechanisms = append(ac.Auth.DeploymentAuthMechanisms, string(MongoDBX509))
@@ -105,14 +103,14 @@ func (x ConnectionX509) EnableDeploymentAuthentication(conn om.Connection, opts
 	}, log)
 }
 
-func (x ConnectionX509) DisableDeploymentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
+func (x *connectionX509) DisableDeploymentAuthentication(conn om.Connection, log *zap.SugaredLogger) error {
 	return conn.ReadUpdateAutomationConfig(func(ac *om.AutomationConfig) error {
 		ac.Auth.DeploymentAuthMechanisms = stringutil.Remove(ac.Auth.DeploymentAuthMechanisms, string(MongoDBX509))
 		return nil
 	}, log)
 }
 
-func (x ConnectionX509) IsAgentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
+func (x *connectionX509) IsAgentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
 	if ac.Auth.Disabled {
 		return false
 	}
@@ -132,7 +130,7 @@ func (x ConnectionX509) IsAgentAuthenticationConfigured(ac *om.AutomationConfig,
 	return true
 }
 
-func (x ConnectionX509) IsDeploymentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
+func (x *connectionX509) IsDeploymentAuthenticationConfigured(ac *om.AutomationConfig, _ Options) bool {
 	return stringutil.Contains(ac.Auth.DeploymentAuthMechanisms, string(MongoDBX509))
 }
 

controllers/operator/authentication/x509_test.go

@@ -12,6 +12,8 @@ import (
 	"github.com/mongodb/mongodb-kubernetes/pkg/util"
 )
 
+var MongoDBX509Mechanism = getMechanismByName(MongoDBX509)
+
 func TestX509EnableAgentAuthentication(t *testing.T) {
 	conn := om.NewMockedOmConnection(om.NewDeployment())