44 "fmt"
55 "net/http"
66 "net/url"
7+ "reflect"
78
89 "go.mongodb.org/atlas/mongodbatlas"
910
@@ -81,11 +82,11 @@ func (r *AtlasProjectReconciler) updateIntegrationsAtlas(ctx *workflow.Context,
8182 ctx .Log .Warnw ("Update Integrations" , "Can not convert kube integration" , err )
8283 return workflow .Terminate (workflow .ProjectIntegrationInternal , "Update Integrations: Can not convert kube integration" )
8384 }
84- specIntegration := ( * aliasThirdPartyIntegration )( kubeIntegration )
85- if ! areIntegrationsEqual ( specIntegration , & atlasIntegration ) {
85+ t := mongodbatlas . ThirdPartyIntegration ( atlasIntegration )
86+ if & t != kubeIntegration {
8687 ctx .Log .Debugf ("Try to update integration: %s" , kubeIntegration .Type )
8788 if _ , _ , err := ctx .Client .Integrations .Replace (ctx .Context , projectID , kubeIntegration .Type , kubeIntegration ); err != nil {
88- return workflow .Terminate (workflow .ProjectIntegrationRequest , fmt . Sprintf ( "Can not apply integration: %v" , err ) )
89+ return workflow .Terminate (workflow .ProjectIntegrationRequest , "Can not convert integration" )
8990 }
9091 }
9192 }
@@ -135,7 +136,7 @@ func (r *AtlasProjectReconciler) checkIntegrationsReady(ctx *workflow.Context, n
135136 } else {
136137 specAsAtlas , _ := spec .ToAtlas (ctx .Context , r .Client , namespace )
137138 specAlias := aliasThirdPartyIntegration (* specAsAtlas )
138- areEqual = integrationsApplied (& atlas , & specAlias )
139+ areEqual = AreIntegrationsEqual (& atlas , & specAlias )
139140 }
140141 ctx .Log .Debugw ("checkIntegrationsReady" , "atlas" , atlas , "spec" , spec , "areEqual" , areEqual )
141142
@@ -147,21 +148,41 @@ func (r *AtlasProjectReconciler) checkIntegrationsReady(ctx *workflow.Context, n
147148 return true
148149}
149150
150- func integrationsApplied (_ , _ * aliasThirdPartyIntegration ) bool {
151- // As integration secrets are redacted from Alas, we cannot properly compare them,
152- // so as a simple fix here we assume changes were applied correctly as we would
153- // have otherwise errored out as are always needed
154- // TODO: remove and replace calls to this with areIntegrationsEqual when
155- // that code is properly comparing fields
156- return true
151+ func AreIntegrationsEqual (atlas , specAsAtlas * aliasThirdPartyIntegration ) bool {
152+ return reflect .DeepEqual (cleanCopyToCompare (atlas ), cleanCopyToCompare (specAsAtlas ))
153+ }
154+
155+ func cleanCopyToCompare (input * aliasThirdPartyIntegration ) * aliasThirdPartyIntegration {
156+ if input == nil {
157+ return input
158+ }
159+
160+ result := * input
161+ keepLastFourChars (& result .APIKey )
162+ keepLastFourChars (& result .APIToken )
163+ keepLastFourChars (& result .LicenseKey )
164+ keepLastFourChars (& result .Password )
165+ keepLastFourChars (& result .ReadToken )
166+ keepLastFourChars (& result .RoutingKey )
167+ keepLastFourChars (& result .Secret )
168+ keepLastFourChars (& result .ServiceKey )
169+ keepLastFourChars (& result .WriteToken )
170+
171+ return & result
157172}
158173
159- func areIntegrationsEqual (_ , _ * aliasThirdPartyIntegration ) bool {
160- // As integration secrets are redacted from Alas, we cannot properly compare them,
161- // so as a simple fix we assume changes are always needed
162- // TODO: Compare using Atlas redacted fields with checksums if accepted OR
163- // move to implicit state checks if Atlas cannot help with this.
164- return false
174+ func keepLastFourChars (strPtr * string ) {
175+ if strPtr == nil {
176+ return
177+ }
178+
179+ charCount := 4
180+ str := * strPtr
181+ if len (str ) <= charCount {
182+ return
183+ }
184+
185+ * strPtr = str [len (str )- charCount :]
165186}
166187
167188type aliasThirdPartyIntegration mongodbatlas.ThirdPartyIntegration
0 commit comments