func generateSolrSetupInitContainers()

in controllers/util/solr_util.go [696:796]

• 82 lines of code
• 18 McCabe index (conditional complexity)

func generateSolrSetupInitContainers(solrCloud *solr.SolrCloud, solrCloudStatus *solr.SolrCloudStatus, solrDataVolumeName string, security *SecurityConfig) (containers []corev1.Container) {
	// The setup of the solr.xml will always be necessary
	volumeMounts := []corev1.VolumeMount{
		{
			Name:      "solr-xml",
			MountPath: "/tmp",
		},
		{
			Name:      solrDataVolumeName,
			MountPath: "/tmp-config",
		},
	}
	setupCommands := []string{"cp /tmp/solr.xml /tmp-config/solr.xml"}

	// Figure out the solrUser and solrGroup to use
	solrUser := DefaultSolrUser
	solrFSGroup := DefaultSolrGroup

	// Only add a user to the initContainer if one isn't provided in the podSecurityContext
	// This is so that we can check if the backupDir is writable given the default user (since no user is provided)
	addUserToInitContainer := true
	if solrCloud.Spec.CustomSolrKubeOptions.PodOptions != nil {
		solrPodSecurityContext := solrCloud.Spec.CustomSolrKubeOptions.PodOptions.PodSecurityContext

		if solrPodSecurityContext != nil {
			if solrPodSecurityContext.RunAsUser != nil {
				solrUser = int(*solrPodSecurityContext.RunAsUser)
				addUserToInitContainer = false
			} else if solrPodSecurityContext.RunAsNonRoot != nil && *solrPodSecurityContext.RunAsNonRoot {
				// we can't add users to the initContainer, even if we want to, since we cannot run as root.
				addUserToInitContainer = false
			}
			if solrPodSecurityContext.FSGroup != nil {
				solrFSGroup = int(*solrPodSecurityContext.FSGroup)
			}
		}
	}

	// Add prep for backup-restore Repositories
	// This entails setting the correct permissions for the directory
	solrUserAdded := false
	for _, repo := range solrCloud.Spec.BackupRepositories {
		if IsRepoVolume(&repo) {
			if _, volumeMount := RepoVolumeSourceAndMount(&repo, solrCloud.Name); volumeMount != nil {
				volumeMounts = append(volumeMounts, *volumeMount)

				if addUserToInitContainer && !solrUserAdded {
					setupCommands = append(setupCommands, fmt.Sprintf("addgroup -g %d solr", solrFSGroup))
					setupCommands = append(setupCommands, fmt.Sprintf("adduser -u %d -G solr -H -D solr", DefaultSolrUser))
					// Only add users once even if there are many backup repos
					solrUserAdded = true
				}
				testDirCommand := "test -w " + volumeMount.MountPath
				if addUserToInitContainer {
					testDirCommand = fmt.Sprintf("su solr -c '%s'", testDirCommand)
				}
				setupCommands = append(setupCommands, fmt.Sprintf(
					"(%s || chown -R %d:%d %s)",
					testDirCommand,
					solrUser,
					solrFSGroup,
					volumeMount.MountPath))
			}
		}
	}

	volumePrepResources := corev1.ResourceList{
		corev1.ResourceCPU:    *DefaultSolrVolumePrepInitContainerCPU,
		corev1.ResourceMemory: *DefaultSolrVolumePrepInitContainerMemory,
	}
	volumePrepInitContainer := corev1.Container{
		Name:            "cp-solr-xml",
		Image:           solrCloud.Spec.BusyBoxImage.ToImageName(),
		ImagePullPolicy: solrCloud.Spec.BusyBoxImage.PullPolicy,
		Command:         []string{"sh", "-c", strings.Join(setupCommands, " && ")},
		VolumeMounts:    volumeMounts,
		Resources: corev1.ResourceRequirements{
			Requests: volumePrepResources,
			Limits:   volumePrepResources,
		},
	}

	containers = append(containers, volumePrepInitContainer)

	if hasZKSetupContainer, zkSetupContainer := generateZKInteractionInitContainer(solrCloud, solrCloudStatus, security); hasZKSetupContainer {
		containers = append(containers, zkSetupContainer)
	}

	// If the user has provided custom resources for the default init containers, use them
	customPodOptions := solrCloud.Spec.CustomSolrKubeOptions.PodOptions
	if nil != customPodOptions {
		resources := customPodOptions.DefaultInitContainerResources
		if resources.Limits != nil || resources.Requests != nil {
			for i := range containers {
				containers[i].Resources = resources
			}
		}
	}

	return containers
}