Skip to content

Share projects with groups#277

Open
infkf wants to merge 2 commits intocrossplane-contrib:masterfrom
infkf:issue/share-project-with-group
Open

Share projects with groups#277
infkf wants to merge 2 commits intocrossplane-contrib:masterfrom
infkf:issue/share-project-with-group

Conversation

@infkf
Copy link

@infkf infkf commented Feb 10, 2026
edited
Loading

Description of your changes

Fixes #270
Adds ProjectShareGroup instance to work with projects and groups

I have:

  • Read and followed Crossplane's contribution process.
  • Run make reviewable test to ensure this PR is ready for review.

How has this code been tested

  • Unit test has been added
  • CRUD operations working locally

@henrysachs
Copy link
Collaborator

henrysachs commented Feb 17, 2026

@infkf is this ready for review?

henrysachs
henrysachs requested changes Feb 18, 2026
View reviewed changes
Copy link
Collaborator

@henrysachs henrysachs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

H1: Update() should delete+create atomically

Update() only calls Delete() and relies on the next reconcile to re-create. This leaves the share removed for up to one poll interval. Existing controllers (ldapgrouplinks, protectedbranches) do delete+create within Update():

func (e *external) Update(ctx context.Context, mg resource.Managed) (managed.ExternalUpdate, error) {
    if _, err := e.Delete(ctx, mg); err != nil {
        return managed.ExternalUpdate{}, err
    }
    _, err := e.Create(ctx, mg)
    return managed.ExternalUpdate{}, err
}

H2: Nil pointer dereference in Create() and Delete()

ProjectID and GroupID are *string + +optional. Observe() guards against nil, but Create() and Delete() dereference them directly (*cr.Spec.ForProvider.GroupID). If reference resolution fails, this panics. Other controllers (members, badges) guard these — please add nil checks.

H3: Observe() doesn't handle 404 from GetProject

Response is discarded (_), so 404 can't be distinguished from auth/network errors. If the referenced project is deleted externally, this causes an infinite retry loop instead of gracefully reporting the resource as absent. Every other controller captures the response and checks clients.IsResponseNotFound(res):

p, res, err := e.client.GetProject(...)
if err != nil {
    if clients.IsResponseNotFound(res) {
        return managed.ExternalObservation{ResourceExists: false}, nil
    }
    return managed.ExternalObservation{}, errors.Wrap(err, errGetProject)
}

@infkf
Copy link
Author

infkf commented Mar 3, 2026

@henrysachs Please take another look

@infkf infkf requested a review from henrysachs March 3, 2026 12:42
@henrysachs
Copy link
Collaborator

henrysachs commented Mar 3, 2026

@infkf could you please sign the dco so i can also compare it in ci?

@infkf infkf force-pushed the issue/share-project-with-group branch from cc2f92e to f4308a6 Compare March 3, 2026 13:39
@infkf
Copy link
Author

infkf commented Mar 3, 2026

@infkf could you please sign the dco so i can also compare it in ci?

done

Share projects with groups
da00fac 
Signed-off-by: Ihor Novikov <ihor.novikov@assurance.com>
@infkf infkf force-pushed the issue/share-project-with-group branch from f4308a6 to a7ff7b0 Compare March 5, 2026 10:21
Review fixes (share projects with groups)
355b9ac 
Signed-off-by: Ihor Novikov <ihor.novikov@assurance.com>
@infkf infkf force-pushed the issue/share-project-with-group branch from a7ff7b0 to 355b9ac Compare March 5, 2026 13:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@henrysachs henrysachs Awaiting requested review from henrysachs

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Managed resource for sharing projects with groups

2 participants

@infkf @henrysachs