workaround for bug?

Change leader election
Change an ID in Delete firewallgroup
2025-06-04 22:02:48 +02:00 · 2025-06-04 20:56:52 +02:00 · 2025-06-04 20:56:37 +02:00 · 2025-06-04 19:10:03 +02:00 · 2025-06-04 18:29:26 +02:00 · 2025-04-22 07:34:48 +02:00
3 changed files with 35 additions and 21 deletions
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -21,11 +21,13 @@ import (
 	"flag"
 	"os"
 	"path/filepath"
 	"time"
 	// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
 	// to ensure that exec-entrypoint and run can make use of them.
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
        "k8s.io/utils/pointer"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
@@ -187,6 +189,10 @@ func main() {
 		HealthProbeBindAddress: probeAddr,
 		LeaderElection:         enableLeaderElection,
 		LeaderElectionID:       "f05533b6.engen.priv.no",
 		LeaseDuration:    pointer.Duration(30 * time.Second),
                RenewDeadline:    pointer.Duration(20 * time.Second),
                RetryPeriod:      pointer.Duration(5 * time.Second),
 		// LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily
 		// when the Manager ends. This requires the binary to immediately end when the
 		// Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
--- a/internal/controller/firewallgroup_controller.go
+++ b/internal/controller/firewallgroup_controller.go
@@ -372,12 +372,12 @@ func (r *FirewallGroupReconciler) Reconcile(ctx context.Context, req reconcile.R
 	for _, firewall_group := range firewall_groups {
 		if firewall_group.Name == ipv4_name {
 			if len(ipv4) == 0 {
-				log.Info(fmt.Sprintf("Delete %s", ipv4_name))
+				log.Info(fmt.Sprintf("Delete %s: %s", ipv4_name, firewallGroup.Status.ResourcesManaged.IPV4Object.ID))
-				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewall_group.ID)
+				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewallGroup.Status.ResourcesManaged.IPV4Object.ID)
 				if err != nil {
 					msg := strings.ToLower(err.Error())
 					log.Info(msg)
-					if strings.Contains(msg, "api.err.objectreferredby") {
+					if strings.Contains(msg, "api.err.objectreferredby") || strings.Contains(msg,"invalid character") {
 						log.Info("Firewall group is in use. Invoking workaround...!")
 						firewall_group.GroupMembers = []string{"127.0.0.1"}
 						firewall_group.Name = firewall_group.Name + "-deleted"
@@ -413,11 +413,11 @@ func (r *FirewallGroupReconciler) Reconcile(ctx context.Context, req reconcile.R
 		if firewall_group.Name == ipv6_name {
 			if len(ipv6) == 0 {
 				log.Info(fmt.Sprintf("Delete %s", ipv6_name))
-				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewall_group.ID)
+				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewallGroup.Status.ResourcesManaged.IPV6Object.ID)
 				if err != nil {
 					msg := strings.ToLower(err.Error())
 					log.Info(msg)
-					if strings.Contains(msg, "api.err.objectreferredby") {
+					if strings.Contains(msg, "api.err.objectreferredby") || strings.Contains(msg,"invalid character") {
 						log.Info("Firewall group is in use. Invoking workaround...!")
 						firewall_group.GroupMembers = []string{"::1"}
 						firewall_group.Name = firewall_group.Name + "-deleted"
@@ -453,11 +453,11 @@ func (r *FirewallGroupReconciler) Reconcile(ctx context.Context, req reconcile.R
 		if firewall_group.Name == tcpports_name {
 			if len(tcpports) == 0 {
 				log.Info(fmt.Sprintf("Delete %s", tcpports_name))
-				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewall_group.ID)
+				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewallGroup.Status.ResourcesManaged.TCPPortsObject.ID)
 				if err != nil {
 					msg := strings.ToLower(err.Error())
 					log.Info(msg)
-					if strings.Contains(msg, "api.err.objectreferredby") {
+					if strings.Contains(msg, "api.err.objectreferredby") || strings.Contains(msg,"invalid character") {
 						log.Info("Firewall group is in use. Invoking workaround...!")
 						firewall_group.GroupMembers = []string{"0"}
 						firewall_group.Name = firewall_group.Name + "-deleted"
@@ -493,11 +493,11 @@ func (r *FirewallGroupReconciler) Reconcile(ctx context.Context, req reconcile.R
 		if firewall_group.Name == udpports_name {
 			if len(udpports) == 0 {
 				log.Info(fmt.Sprintf("Delete %s", udpports_name))
-				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewall_group.ID)
+				err := r.UnifiClient.Client.DeleteFirewallGroup(context.Background(), r.UnifiClient.SiteID, firewallGroup.Status.ResourcesManaged.UDPPortsObject.ID)
 				if err != nil {
 					msg := strings.ToLower(err.Error())
 					log.Info(msg)
-					if strings.Contains(msg, "api.err.objectreferredby") {
+					if strings.Contains(msg, "api.err.objectreferredby") || strings.Contains(msg,"invalid character") {
 						log.Info("Firewall group is in use. Invoking workaround...!")
 						firewall_group.GroupMembers = []string{"127.0.0.1"}
 						firewall_group.Name = firewall_group.Name + "-deleted"
--- a/internal/controller/networkconfiguration_controller.go
+++ b/internal/controller/networkconfiguration_controller.go
@@ -19,6 +19,7 @@ package controller
 import (
 	"context"
 	"fmt"
 	"reflect"
 	"time"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -111,6 +112,7 @@ func (r *NetworkconfigurationReconciler) Reconcile(ctx context.Context, req ctrl
 					Vlan:                      int64(unifinetwork.VLAN),
 					VlanEnabled:               unifinetwork.VLANEnabled,
 				}
 				if !reflect.DeepEqual(networkObj.Spec, networkSpec) {
 					networkObj.Spec = networkSpec
 					err := r.Update(ctx, &networkObj)
 					if err != nil {
@@ -118,6 +120,7 @@ func (r *NetworkconfigurationReconciler) Reconcile(ctx context.Context, req ctrl
 					}
 				}
 			}
 		}
 		if !found {
 			err := r.Delete(ctx, &networkObj)
 			if err != nil {
@@ -210,12 +213,15 @@ func (r *NetworkconfigurationReconciler) Reconcile(ctx context.Context, req ctrl
 			} else {
 				for _, networkCRD := range networkCRDs.Items {
 					if networkCRD.Spec.Name == unifinetwork.Name {
 						if !reflect.DeepEqual(networkCRD.Spec, networkSpec) {
 							networkCRD.Spec = networkSpec
 					}
 							err := r.Update(ctx, &networkCRD)
 							if err != nil {
 								return ctrl.Result{RequeueAfter: 10 * time.Minute}, err
 							}
 						}
 						if !reflect.DeepEqual(networkCRD.Status, networkStatus) {
 							networkCRD.Status = networkStatus
 							if err = r.Status().Update(ctx, &networkCRD); err != nil {
 								return ctrl.Result{RequeueAfter: 10 * time.Minute}, err
 							}
@@ -223,6 +229,8 @@ func (r *NetworkconfigurationReconciler) Reconcile(ctx context.Context, req ctrl
 					}
 				}
 			}
 		}
 	}
 	return ctrl.Result{RequeueAfter: 10 * time.Minute}, nil
 }
Author	SHA1	Message	Date
Vegard Engen	c80473d9e8	workaround for bug?	2025-06-04 22:02:48 +02:00
Vegard Engen	bcffdfede7	Change leader election	2025-06-04 20:56:52 +02:00
Vegard Engen	d7a444c8d7	Change an ID in Delete firewallgroup	2025-06-04 20:56:37 +02:00
Vegard Engen	df9926e3da	Small fix on updating firewall group/deleting component of it in Unifi	2025-06-04 19:10:03 +02:00
Vegard Engen	c2ffce2d4d	Do a few less updates	2025-06-04 18:29:26 +02:00
vegardengen	fc0bda1e7b	Merge pull request #36 from vegardengen/35-fix-portforward-logic Check if portfoward already exists, and update if needed	2025-04-22 07:34:48 +02:00