restart pods after updating configmap (#11)

Daniel-Fan · web-flow · commit 25e7b90a4188 · 2020-10-30T12:19:38.000+08:00
diff --git a/controllers/namespacescope_controller.go b/controllers/namespacescope_controller.go
@@ -113,13 +113,16 @@ func (r *NamespaceScopeReconciler) UpdateConfigMap(instance *operatorv1.Namespac
 		return err
 	}
 
-	// If NamespaceMembers changed, update ConfigMap
+	// If NamespaceMembers changed, update ConfigMap and restart Pods
 	if strings.Join(instance.Spec.NamespaceMembers, ",") != cm.Data["namespaces"] {
 		cm.Data["namespaces"] = strings.Join(instance.Spec.NamespaceMembers, ",")
 		if err := r.Update(ctx, cm); err != nil {
 			klog.Errorf("Failed to update ConfigMap %s in namespace %s: %v", "namespace-scope", instance.Namespace, err)
 			return err
 		}
+		if err := r.RestartPods(instance.Spec.RestartLabels, instance.Namespace); err != nil {
+			return err
+		}
 	}
 	return nil
 }
@@ -145,10 +148,6 @@ func (r *NamespaceScopeReconciler) DeleteRbacFromUnmanagedNamespace(instance *op
 			return err
 		}
 	}
-	// When role and rolebinding are deleted, restart all the pods
-	if err := r.RestartPods(instance.Spec.RestartLabels, instance.Namespace); err != nil {
-		return err
-	}
 
 	return nil
 }
@@ -159,25 +158,19 @@ func (r *NamespaceScopeReconciler) PushRbacToNamespace(instance *operatorv1.Name
 	if err != nil {
 		return err
 	}
-	restart := false
 	for _, toNs := range instance.Spec.NamespaceMembers {
-		if err := r.CreateRole(fromNs, toNs); err == nil {
-			restart = true
-		} else if !errors.IsAlreadyExists(err) {
-			return err
-		}
-		if err := r.CreateUpdateRoleBinding(saNames, fromNs, toNs); err == nil {
-			restart = true
-		} else if !errors.IsAlreadyExists(err) {
-			return err
+		if err := r.CreateRole(fromNs, toNs); err != nil {
+			if !errors.IsAlreadyExists(err) {
+				return err
+			}
 		}
-	}
-	// When have new role and rolebinding create or update, restart all the pods
-	if restart {
-		if err := r.RestartPods(instance.Spec.RestartLabels, fromNs); err != nil {
-			return err
+		if err := r.CreateUpdateRoleBinding(saNames, fromNs, toNs); err != nil {
+			if !errors.IsAlreadyExists(err) {
+				return err
+			}
 		}
 	}
+
 	return nil
 }
 

Original file line number	Diff line number	Diff line change
`@@ -113,13 +113,16 @@ func (r NamespaceScopeReconciler) UpdateConfigMap(instance operatorv1.Namespac`
`113`	`113`	`return err`
`114`	`114`	`}`
`115`	`115`
`116`		`- // If NamespaceMembers changed, update ConfigMap`
	`116`	`+ // If NamespaceMembers changed, update ConfigMap and restart Pods`
`117`	`117`	`if strings.Join(instance.Spec.NamespaceMembers, ",") != cm.Data["namespaces"] {`
`118`	`118`	`cm.Data["namespaces"] = strings.Join(instance.Spec.NamespaceMembers, ",")`
`119`	`119`	`if err := r.Update(ctx, cm); err != nil {`
`120`	`120`	`klog.Errorf("Failed to update ConfigMap %s in namespace %s: %v", "namespace-scope", instance.Namespace, err)`
`121`	`121`	`return err`
`122`	`122`	`}`
	`123`	`+ if err := r.RestartPods(instance.Spec.RestartLabels, instance.Namespace); err != nil {`
	`124`	`+ return err`
	`125`	`+ }`
`123`	`126`	`}`
`124`	`127`	`return nil`
`125`	`128`	`}`
`@@ -145,10 +148,6 @@ func (r NamespaceScopeReconciler) DeleteRbacFromUnmanagedNamespace(instance op`
`145`	`148`	`return err`
`146`	`149`	`}`
`147`	`150`	`}`
`148`		`- // When role and rolebinding are deleted, restart all the pods`
`149`		`- if err := r.RestartPods(instance.Spec.RestartLabels, instance.Namespace); err != nil {`
`150`		`- return err`
`151`		`- }`
`152`	`151`
`153`	`152`	`return nil`
`154`	`153`	`}`
`@@ -159,25 +158,19 @@ func (r NamespaceScopeReconciler) PushRbacToNamespace(instance operatorv1.Name`
`159`	`158`	`if err != nil {`
`160`	`159`	`return err`
`161`	`160`	`}`
`162`		`- restart := false`
`163`	`161`	`for _, toNs := range instance.Spec.NamespaceMembers {`
`164`		`- if err := r.CreateRole(fromNs, toNs); err == nil {`
`165`		`- restart = true`
`166`		`- } else if !errors.IsAlreadyExists(err) {`
`167`		`- return err`
`168`		`- }`
`169`		`- if err := r.CreateUpdateRoleBinding(saNames, fromNs, toNs); err == nil {`
`170`		`- restart = true`
`171`		`- } else if !errors.IsAlreadyExists(err) {`
`172`		`- return err`
	`162`	`+ if err := r.CreateRole(fromNs, toNs); err != nil {`
	`163`	`+ if !errors.IsAlreadyExists(err) {`
	`164`	`+ return err`
	`165`	`+ }`
`173`	`166`	`}`
`174`		`- }`
`175`		`- // When have new role and rolebinding create or update, restart all the pods`
`176`		`- if restart {`
`177`		`- if err := r.RestartPods(instance.Spec.RestartLabels, fromNs); err != nil {`
`178`		`- return err`
	`167`	`+ if err := r.CreateUpdateRoleBinding(saNames, fromNs, toNs); err != nil {`
	`168`	`+ if !errors.IsAlreadyExists(err) {`
	`169`	`+ return err`
	`170`	`+ }`
`179`	`171`	`}`
`180`	`172`	`}`
	`173`	`+`
`181`	`174`	`return nil`
`182`	`175`	`}`
`183`	`176`