Skip to content

Commit 1bb638a

Browse files
committed
feat(cas-backends): When updating CAS Backends events are sent
Signed-off-by: Javier Rodriguez <javier@chainloop.dev>
1 parent 73dcf7a commit 1bb638a

2 files changed

Lines changed: 40 additions & 10 deletions

File tree

app/controlplane/pkg/auditor/events/casbackend.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ type CASBackendBase struct {
4747
CASBackendName string `json:"cas_backend_name,omitempty"`
4848
Provider string `json:"provider,omitempty"`
4949
Location string `json:"location,omitempty"`
50-
Default bool `json:"default,omitempty"`
50+
Default bool `json:"default"`
5151
}
5252

5353
func (c *CASBackendBase) RequiresActor() bool {
@@ -100,8 +100,8 @@ func (c *CASBackendCreated) Description() string {
100100
type CASBackendUpdated struct {
101101
*CASBackendBase
102102
NewDescription *string `json:"new_description,omitempty"`
103-
CredentialsChanged bool `json:"credentials_changed,omitempty"`
104-
PreviousDefault bool `json:"previous_default,omitempty"`
103+
CredentialsChanged bool `json:"credentials_changed"`
104+
PreviousDefault bool `json:"previous_default"`
105105
}
106106

107107
func (c *CASBackendUpdated) ActionType() string {
@@ -184,7 +184,7 @@ type CASBackendStatusChanged struct {
184184
PreviousStatus string `json:"previous_status,omitempty"`
185185
NewStatus string `json:"new_status,omitempty"`
186186
StatusError string `json:"status_error,omitempty"`
187-
IsRecovery bool `json:"is_recovery,omitempty"`
187+
IsRecovery bool `json:"is_recovery"`
188188
}
189189

190190
func (c *CASBackendStatusChanged) ActionType() string {

app/controlplane/pkg/biz/casbackend.go

Lines changed: 36 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -336,26 +336,56 @@ func (uc *CASBackendUseCase) Update(ctx context.Context, orgID, id, description
336336
}
337337

338338
var secretName string
339+
credentialsUpdated := false
339340
// We want to rotate credentials
340341
if creds != nil {
341342
secretName, err = uc.credsRW.SaveCredentials(ctx, orgID, creds)
342343
if err != nil {
343344
return nil, fmt.Errorf("storing the credentials: %w", err)
344345
}
346+
credentialsUpdated = true
345347
}
346348

347-
after, err := uc.repo.Update(ctx, &CASBackendUpdateOpts{
349+
// Update the backend without modifying validation status directly
350+
// The validation status will be updated through PerformValidation if needed
351+
// Don't set validation status here - let PerformValidation handle it
352+
updateOpts := &CASBackendUpdateOpts{
348353
ID: uuid,
349354
CASBackendOpts: &CASBackendOpts{
350-
SecretName: secretName, Default: defaultB, Description: description, OrgID: orgUUID,
351-
ValidationStatus: CASBackendValidationOK,
352-
ValidationError: ToPtr(""),
355+
SecretName: secretName,
356+
Default: defaultB,
357+
Description: description,
358+
OrgID: orgUUID,
353359
},
354-
})
360+
}
361+
362+
// If we're not updating credentials, preserve the current validation status
363+
if !credentialsUpdated {
364+
updateOpts.CASBackendOpts.ValidationStatus = before.ValidationStatus
365+
updateOpts.CASBackendOpts.ValidationError = before.ValidationError
366+
}
367+
368+
after, err := uc.repo.Update(ctx, updateOpts)
355369
if err != nil {
356370
return nil, err
357371
}
358372

373+
// If credentials were updated, perform validation to check if they work
374+
// This will properly update validation status and send events
375+
if credentialsUpdated {
376+
if err := uc.PerformValidation(ctx, id); err != nil {
377+
// Log the validation error but don't fail the update operation
378+
// The validation status will be updated by PerformValidation
379+
uc.logger.Warnw("msg", "validation failed after credential update", "ID", id, "error", err)
380+
}
381+
382+
// Reload the backend to get the updated validation status
383+
after, err = uc.repo.FindByIDInOrg(ctx, orgUUID, uuid)
384+
if err != nil {
385+
return nil, fmt.Errorf("reloading backend after validation: %w", err)
386+
}
387+
}
388+
359389
// If we just updated the backend from default=true => default=false, we need to set up the fallback as default
360390
if before.Default && !after.Default {
361391
if _, err := uc.defaultFallbackBackend(ctx, orgID); err != nil {
@@ -374,7 +404,7 @@ func (uc *CASBackendUseCase) Update(ctx context.Context, orgID, id, description
374404
Default: after.Default,
375405
},
376406
NewDescription: &description,
377-
CredentialsChanged: creds != nil,
407+
CredentialsChanged: credentialsUpdated,
378408
PreviousDefault: before.Default,
379409
}, &orgUUID)
380410
}

0 commit comments

Comments
 (0)