crossplane-contrib
diff --git a/‎pkg/controller/namespaced/errors/errors.go‎
Lines changed: 57 additions & 0 deletions b/‎pkg/controller/namespaced/errors/errors.go‎
Lines changed: 57 additions & 0 deletions
diff --git a/‎pkg/controller/namespaced/mssql/database/reconciler.go‎
Lines changed: 7 additions & 26 deletions b/‎pkg/controller/namespaced/mssql/database/reconciler.go‎
Lines changed: 7 additions & 26 deletions
diff --git a/‎pkg/controller/namespaced/mssql/database/reconciler_test.go‎
Lines changed: 64 additions & 7 deletions b/‎pkg/controller/namespaced/mssql/database/reconciler_test.go‎
Lines changed: 64 additions & 7 deletions
diff --git a/‎pkg/controller/namespaced/mssql/grant/reconciler.go‎
Lines changed: 5 additions & 22 deletions b/‎pkg/controller/namespaced/mssql/grant/reconciler.go‎
Lines changed: 5 additions & 22 deletions
@@ -0,0 +1,57 @@
+package errors
+
+import (
+	"fmt"
+)
+
+const (
+	errGetProviderConfig         = "cannot get ProviderConfig: %s"
+	errGetClusterProviderConfig  = "cannot get ClusterProviderConfig: %s"
+	errGetSecret                 = "cannot get credentials Secret: %s"
+	errInvalidProviderConfigKind = "invalid ProviderConfig kind: %s"
+	errNoSecretRef               = "providerConfig does not reference a credentials Secret"
+)
+
+func GetProviderConfigError(err error) error { return ErrGetProviderConfig{err} }
+
+type ErrGetProviderConfig struct{ error }
+
+func (e ErrGetProviderConfig) Error() string {
+	return fmt.Sprintf(errGetProviderConfig, e.error)
+}
+
+func (e ErrGetProviderConfig) Unwrap() error { return e.error }
+
+func GetClusterProviderConfigError(err error) error { return ErrGetClusterProviderConfig{err} }
+
+type ErrGetClusterProviderConfig struct{ error }
+
+func (e ErrGetClusterProviderConfig) Error() string {
+	return fmt.Sprintf(errGetClusterProviderConfig, e.error)
+}
+
+func (e ErrGetClusterProviderConfig) Unwrap() error { return e.error }
+
+func GetSecretError(err error) error { return ErrGetSecret{err} }
+
+type ErrGetSecret struct{ error }
+
+func (e ErrGetSecret) Error() string {
+	return fmt.Sprintf(errGetSecret, e.error)
+}
+
+func (e ErrGetSecret) Unwrap() error { return e.error }
+
+func InvalidProviderConfigKindError(kind string) error { return ErrInvalidProviderConfigKind{kind} }
+
+type ErrInvalidProviderConfigKind struct{ kind string }
+
+func (e ErrInvalidProviderConfigKind) Error() string {
+	return fmt.Sprintf(errInvalidProviderConfigKind, e.kind)
+}
+
+func MissingSecretRefError() error { return ErrNoSecretRef{} }
+
+type ErrNoSecretRef struct{}
+
+func (e ErrNoSecretRef) Error() string { return errNoSecretRef }
@@ -20,8 +20,6 @@ import (
 	"context"
 
 	"github.com/pkg/errors"
-	corev1 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/types"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller"
@@ -37,16 +35,12 @@ import (
 	namespacedv1alpha1 "github.com/crossplane-contrib/provider-sql/apis/namespaced/mssql/v1alpha1"
 	"github.com/crossplane-contrib/provider-sql/pkg/clients/mssql"
 	"github.com/crossplane-contrib/provider-sql/pkg/clients/xsql"
+	"github.com/crossplane-contrib/provider-sql/pkg/controller/namespaced/mssql/provider"
 )
 
 const (
-	errNoProviderConfig  = "no providerConfigRef provided"
-	errGetProviderConfig = "cannot get referenced ProviderConfig"
-	errTrackUsage        = "cannot track ProviderConfig usage"
-	errTrackPCUsage      = "cannot track ProviderConfig usage"
-	errGetPC             = "cannot get ProviderConfig"
-	errNoSecretRef       = "ProviderConfig does not reference a credentials Secret"
-	errGetSecret         = "cannot get credentials Secret"
+	errTrackUsage   = "cannot track ProviderConfig usage"
+	errTrackPCUsage = "cannot track ProviderConfig usage"
 
 	errNotDatabase = "managed resource is not a Database custom resource"
 	errSelectDB    = "cannot select database"
@@ -116,25 +110,12 @@ func (c *connector) Connect(ctx context.Context, mg resource.Managed) (managed.T
 
 	// ProviderConfigReference could theoretically be nil, but in practice the
 	// DefaultProviderConfig initializer will set it before we get here.
-	pc := &namespacedv1alpha1.ProviderConfig{}
-	if err := c.kube.Get(ctx, types.NamespacedName{Name: cr.GetProviderConfigReference().Name}, pc); err != nil {
-		return nil, errors.Wrap(err, errGetPC)
-	}
-
-	// We don't need to check the credentials source because we currently only
-	// support one source (MySQLConnectionSecret), which is required and
-	// enforced by the ProviderConfig schema.
-	ref := pc.Spec.Credentials.ConnectionSecretRef
-	if ref == nil {
-		return nil, errors.New(errNoSecretRef)
-	}
-
-	s := &corev1.Secret{}
-	if err := c.kube.Get(ctx, types.NamespacedName{Namespace: mg.GetNamespace(), Name: ref.Name}, s); err != nil {
-		return nil, errors.Wrap(err, errGetSecret)
+	providerInfo, err := provider.GetProviderConfig(ctx, c.kube, cr)
+	if err != nil {
+		return nil, err
 	}
 
-	return &external{db: c.newClient(s.Data, "")}, nil
+	return &external{db: c.newClient(providerInfo.SecretData, "")}, nil
 }
 
 type external struct{ db xsql.DB }
 
@@ -25,6 +25,7 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/pkg/errors"
 	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
 	"github.com/crossplane/crossplane-runtime/v2/apis/common"
@@ -34,6 +35,7 @@ import (
 	"github.com/crossplane/crossplane-runtime/v2/pkg/test"
 
 	"github.com/crossplane-contrib/provider-sql/pkg/clients/xsql"
+	provErrors "github.com/crossplane-contrib/provider-sql/pkg/controller/namespaced/errors"
 )
 
 type mockDB struct {
@@ -95,6 +97,24 @@ func TestConnect(t *testing.T) {
 			},
 			want: errors.Wrap(errBoom, errTrackPCUsage),
 		},
+		"InvalidProviderConfigKind": {
+			reason: "An error should be returned if our ProviderConfig has an invalid kind",
+			fields: fields{
+				usage: resource.TrackerFn(func(ctx context.Context, mg resource.Managed) error { return nil }),
+			},
+			args: args{
+				mg: &v1alpha1.Database{
+					Spec: v1alpha1.DatabaseSpec{
+						ManagedResourceSpec: xpv2.ManagedResourceSpec{
+							ProviderConfigReference: &common.ProviderConfigReference{
+								Kind: "Invalid",
+							},
+						},
+					},
+				},
+			},
+			want: provErrors.InvalidProviderConfigKindError("Invalid"),
+		},
 		"ErrGetProviderConfig": {
 			reason: "An error should be returned if we can't get our ProviderConfig",
 			fields: fields{
@@ -107,12 +127,37 @@ func TestConnect(t *testing.T) {
 				mg: &v1alpha1.Database{
 					Spec: v1alpha1.DatabaseSpec{
 						ManagedResourceSpec: xpv2.ManagedResourceSpec{
-							ProviderConfigReference: &common.ProviderConfigReference{},
+							ProviderConfigReference: &common.ProviderConfigReference{
+								Kind: v1alpha1.ProviderConfigKind,
+								Name: "example",
+							},
 						},
 					},
 				},
 			},
-			want: errors.Wrap(errBoom, errGetPC),
+			want: provErrors.GetProviderConfigError(errBoom),
+		},
+		"ErrGetClusterProviderConfig": {
+			reason: "An error should be returned if we can't get our ClusterProviderConfig",
+			fields: fields{
+				kube: &test.MockClient{
+					MockGet: test.NewMockGetFn(errBoom),
+				},
+				usage: resource.TrackerFn(func(ctx context.Context, mg resource.Managed) error { return nil }),
+			},
+			args: args{
+				mg: &v1alpha1.Database{
+					Spec: v1alpha1.DatabaseSpec{
+						ManagedResourceSpec: xpv2.ManagedResourceSpec{
+							ProviderConfigReference: &common.ProviderConfigReference{
+								Kind: v1alpha1.ClusterProviderConfigKind,
+								Name: "example",
+							},
+						},
+					},
+				},
+			},
+			want: provErrors.GetClusterProviderConfigError(errBoom),
 		},
 		"ErrMissingConnectionSecret": {
 			reason: "An error should be returned if our ProviderConfig doesn't specify a connection secret",
@@ -127,14 +172,20 @@ func TestConnect(t *testing.T) {
 			},
 			args: args{
 				mg: &v1alpha1.Database{
+					ObjectMeta: metav1.ObjectMeta{
+						Namespace: "default",
+					},
 					Spec: v1alpha1.DatabaseSpec{
 						ManagedResourceSpec: xpv2.ManagedResourceSpec{
-							ProviderConfigReference: &common.ProviderConfigReference{},
+							ProviderConfigReference: &common.ProviderConfigReference{
+								Kind: v1alpha1.ProviderConfigKind,
+								Name: "example",
+							},
 						},
 					},
 				},
 			},
-			want: errors.New(errNoSecretRef),
+			want: provErrors.MissingSecretRefError(),
 		},
 		"ErrGetConnectionSecret": {
 			reason: "An error should be returned if we can't get our ProviderConfig's connection secret",
@@ -143,7 +194,7 @@ func TestConnect(t *testing.T) {
 					MockGet: test.NewMockGetFn(nil, func(obj client.Object) error {
 						switch o := obj.(type) {
 						case *v1alpha1.ProviderConfig:
-							o.Spec.Credentials.ConnectionSecretRef = &common.LocalSecretReference{}
+							o.Spec.Credentials.ConnectionSecretRef = common.LocalSecretReference{Name: "example"}
 						case *corev1.Secret:
 							return errBoom
 						}
@@ -154,14 +205,20 @@ func TestConnect(t *testing.T) {
 			},
 			args: args{
 				mg: &v1alpha1.Database{
+					ObjectMeta: metav1.ObjectMeta{
+						Namespace: "default",
+					},
 					Spec: v1alpha1.DatabaseSpec{
 						ManagedResourceSpec: xpv2.ManagedResourceSpec{
-							ProviderConfigReference: &common.ProviderConfigReference{},
+							ProviderConfigReference: &common.ProviderConfigReference{
+								Kind: v1alpha1.ProviderConfigKind,
+								Name: "example",
+							},
 						},
 					},
 				},
 			},
-			want: errors.Wrap(errBoom, errGetSecret),
+			want: provErrors.GetSecretError(errBoom),
 		},
 	}
 
 
@@ -23,8 +23,6 @@ import (
 	"strings"
 
 	"github.com/pkg/errors"
-	corev1 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/utils/ptr"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -40,13 +38,11 @@ import (
 	namespacedv1alpha1 "github.com/crossplane-contrib/provider-sql/apis/namespaced/mssql/v1alpha1"
 	"github.com/crossplane-contrib/provider-sql/pkg/clients/mssql"
 	"github.com/crossplane-contrib/provider-sql/pkg/clients/xsql"
+	"github.com/crossplane-contrib/provider-sql/pkg/controller/namespaced/mssql/provider"
 )
 
 const (
 	errTrackPCUsage = "cannot track ProviderConfig usage"
-	errGetPC        = "cannot get ProviderConfig"
-	errNoSecretRef  = "ProviderConfig does not reference a credentials Secret"
-	errGetSecret    = "cannot get credentials Secret"
 
 	errNotGrant        = "managed resource is not a Grant custom resource"
 	errGrant           = "cannot grant"
@@ -117,25 +113,12 @@ func (c *connector) Connect(ctx context.Context, mg resource.Managed) (managed.T
 
 	// ProviderConfigReference could theoretically be nil, but in practice the
 	// DefaultProviderConfig initializer will set it before we get here.
-	pc := &namespacedv1alpha1.ProviderConfig{}
-	if err := c.kube.Get(ctx, types.NamespacedName{Name: cr.GetProviderConfigReference().Name}, pc); err != nil {
-		return nil, errors.Wrap(err, errGetPC)
-	}
-
-	// We don't need to check the credentials source because we currently only
-	// support one source (MSSQLConnectionSecret), which is required and
-	// enforced by the ProviderConfig schema.
-	ref := pc.Spec.Credentials.ConnectionSecretRef
-	if ref == nil {
-		return nil, errors.New(errNoSecretRef)
-	}
-
-	s := &corev1.Secret{}
-	if err := c.kube.Get(ctx, types.NamespacedName{Namespace: mg.GetNamespace(), Name: ref.Name}, s); err != nil {
-		return nil, errors.Wrap(err, errGetSecret)
+	providerInfo, err := provider.GetProviderConfig(ctx, c.kube, cr)
+	if err != nil {
+		return nil, err
 	}
 
-	return &external{db: c.newClient(s.Data, ptr.Deref(cr.Spec.ForProvider.Database, ""))}, nil
+	return &external{db: c.newClient(providerInfo.SecretData, ptr.Deref(cr.Spec.ForProvider.Database, ""))}, nil
 }
 
 type external struct{ db xsql.DB }