diff --git a/internal/jimm/model.go b/internal/jimm/model.go index 8fd46257b..ea6c16d7d 100644 --- a/internal/jimm/model.go +++ b/internal/jimm/model.go @@ -247,6 +247,7 @@ func (b *modelBuilder) WithCloudRegion(region string) *modelBuilder { continue } region = r.Name + break } } // loop through all cloud regions @@ -579,22 +580,6 @@ func (j *JIMM) AddModel(ctx context.Context, user *openfga.User, args *ModelCrea return nil, errors.E(op, err) } - // fetch cloud defaults - // TODO(SimoneDutto): we should get the implicit cloud and then get the defaults. - if args.Cloud != (names.CloudTag{}) { - cloudDefaults := dbmodel.CloudDefaults{ - IdentityName: user.Name, - Cloud: dbmodel.Cloud{ - Name: args.Cloud.Id(), - }, - } - err = j.Database.CloudDefaults(ctx, &cloudDefaults) - if err != nil && errors.ErrorCode(err) != errors.CodeNotFound { - return nil, errors.E(op, "failed to fetch cloud defaults") - } - builder = builder.WithConfig(cloudDefaults.Defaults) - } - builder = builder.WithCloud(user, args.Cloud) if err := builder.Error(); err != nil { return nil, errors.E(op, err) @@ -604,6 +589,28 @@ func (j *JIMM) AddModel(ctx context.Context, user *openfga.User, args *ModelCrea if err := builder.Error(); err != nil { return nil, errors.E(op, err) } + // fetch cloud defaults + cloudDefaults := dbmodel.CloudDefaults{ + IdentityName: user.Name, + Cloud: *builder.cloud, + } + err = j.Database.CloudDefaults(ctx, &cloudDefaults) + if err != nil && errors.ErrorCode(err) != errors.CodeNotFound { + return nil, errors.E(op, "failed to fetch cloud defaults") + } + builder = builder.WithConfig(cloudDefaults.Defaults) + + // fetch cloud region defaults + cloudRegionDefaults := dbmodel.CloudDefaults{ + IdentityName: user.Name, + Cloud: *builder.cloud, + Region: builder.cloudRegion, + } + err = j.Database.CloudDefaults(ctx, &cloudRegionDefaults) + if err != nil && errors.ErrorCode(err) != errors.CodeNotFound { + return nil, errors.E(op, "failed to fetch cloud defaults") + } + builder = builder.WithConfig(cloudRegionDefaults.Defaults) // at this point we know which cloud will host the model and // we must check the user has add-model permission on the cloud @@ -615,22 +622,6 @@ func (j *JIMM) AddModel(ctx context.Context, user *openfga.User, args *ModelCrea return nil, errors.E(op, errors.CodeUnauthorized, "unauthorized") } - // fetch cloud region defaults - if args.Cloud != (names.CloudTag{}) && builder.cloudRegion != "" { - cloudRegionDefaults := dbmodel.CloudDefaults{ - IdentityName: user.Name, - Cloud: dbmodel.Cloud{ - Name: args.Cloud.Id(), - }, - Region: builder.cloudRegion, - } - err = j.Database.CloudDefaults(ctx, &cloudRegionDefaults) - if err != nil && errors.ErrorCode(err) != errors.CodeNotFound { - return nil, errors.E(op, "failed to fetch cloud defaults") - } - builder = builder.WithConfig(cloudRegionDefaults.Defaults) - } - // last but not least, use the provided config values // overriding all defaults builder = builder.WithConfig(args.Config) diff --git a/internal/jimm/model_test.go b/internal/jimm/model_test.go index 4b70e4855..8a3bb835d 100644 --- a/internal/jimm/model_test.go +++ b/internal/jimm/model_test.go @@ -367,6 +367,17 @@ cloud-credentials: owner: alice@canonical.com cloud: test-cloud auth-type: empty +cloud-defaults: +- user: alice@canonical.com + cloud: test-cloud + region: test-region-1 + defaults: + key1: value1 + key2: value2 +- user: alice@canonical.com + cloud: test-cloud + defaults: + key3: value3 controllers: - name: controller-1 uuid: 00000000-0000-0000-0000-0000-0000000000001 @@ -391,7 +402,11 @@ controllers: grantJIMMModelAdmin: func(_ context.Context, _ names.ModelTag) error { return nil }, - createModel: createModel(` + createModel: assertConfig(map[string]interface{}{ + "key1": "value1", + "key2": "value2", + "key3": "value3", + }, createModel(` uuid: 00000001-0000-0000-0000-0000-000000000001 status: status: started @@ -402,7 +417,7 @@ users: access: admin - user: bob access: read -`[1:]), +`[1:])), username: "alice@canonical.com", jimmAdmin: true, args: jujuparams.ModelCreateArgs{ @@ -870,10 +885,12 @@ cloud-defaults: defaults: key1: value1 key2: value2 + key4: value4 - user: alice@canonical.com cloud: test-cloud defaults: key3: value3 + key4: val5 cloud-credentials: - name: test-credential-1 owner: alice@canonical.com @@ -903,7 +920,12 @@ controllers: grantJIMMModelAdmin: func(_ context.Context, _ names.ModelTag) error { return nil }, - createModel: createModel(` + createModel: assertConfig(map[string]interface{}{ + "key1": "value1", + "key2": "value2", + "key3": "value3", + "key4": "value4", + }, createModel(` uuid: 00000001-0000-0000-0000-0000-000000000001 status: status: started @@ -914,7 +936,7 @@ users: access: admin - user: bob access: read -`[1:]), +`[1:])), username: "alice@canonical.com", jimmAdmin: true, args: jujuparams.ModelCreateArgs{