feat(resourcemanager): Unify organization model and onboarding gate#675
feat(resourcemanager): Unify organization model and onboarding gate#675mattdjenkinson wants to merge 14 commits into
Conversation
Collapse Personal/Standard into a single org with contactInfo and an OnboardingComplete status condition reconciled from billing readiness.
🤖 Automatically added newlines to 6 file(s) Co-Authored-By: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
The onboarding controller imports go.miloapis.com/billing but go.sum was not updated when the module was added, breaking CI builds.
The info and created-timestamp generators were accidentally merged into one YAML object, duplicating resource/families keys and failing kustomize validation.
Remove leftover spec.type from e2e org fixtures, drop empty spec from grant-creation assert, and treat missing BillingAccount API as no billing account in test clusters without billing CRDs.
The organization controller registered a BillingAccount informer even in test clusters without the billing API, contributing to controller-manager restarts and webhook connection refused failures during parallel chainsaw runs. Also extend owner-protection namespace cleanup timeout for CI load.
|
The tight coupling this introduces between the billing service and milo's core system seems rigid. Wonder if we can consider a more dynamic model where services can register onboarding gates with an organization that they're responsible for providing status for? |
|
@scotwells we could do something like introduce an |
…feature flag Keep deprecated spec.type in the schema and switch webhook, onboarding, and membership behavior based on the feature gate so environments can roll out gradually without divergent CRD bundles.
Fix compile error in organization_defaults.go so webhook tests and CI builds succeed again.
The deployment passes --feature-gates=$(FEATURE_GATES) but the controller-manager command did not expose the flag, causing the pod to crash on startup during test-environment-validation.
E2E tests run with UnifiedOrganizations disabled, so organization creates must include spec.type until the test environment enables the unified gate.
🤖 Automatically added newlines to 21 file(s) Co-Authored-By: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
|
🤖 I automatically added missing newlines at the end of 21 file(s) in this PR. All files should now end with a newline character as per coding standards. |
Summary
Personal and Standard org types split the same resource into two code paths and locked people into workspaces they could not grow out of. This change removes
spec.type, adds org-levelcontactInfo, and introduces a single onboarding gate the API can enforce.Portal clients create orgs with
generateName: org-and a display name only. The mutating webhook defaults that prefix for non-admin callers; the validating webhook rejects user-chosen slugs. An org is onboarding-complete when contact info (email and name), a billing account in the org namespace, andDefaultPaymentMethodReadyon that account are all present. The organization controller writes that outcome tostatus.conditions[OnboardingComplete].Related enhancement: datum-cloud/enhancements#770. Portal UI work is tracked separately and is not in this PR.
Supersedes #673 (reopened after branch restore).
Test plan
go build ./...go test ./internal/controllers/resourcemanager/... ./internal/webhooks/resourcemanager/...spec.typegenerateName: org-assigns an opaque name and owner membershipOnboardingCompleteflips to True when contact info and billing payment method are readyBreaking changes
Organization.spec.typeis removed. Clients must stop sending or reading it.OrganizationMembership.status.organization.typeis removed;contactEmailis cached instead.metadata.generateNamewith prefixorg-.Notes for reviewers
go.miloapis.com/billingfor typed reads in the onboarding reconciler.docs/runbooks/unified-organizations-migration.md.Related to #636