Skip to content

Commit 5d466b5

Browse files
author
Xin Li
authored
Enhance update rolebinding (#14)
1 parent d55afdb commit 5d466b5

File tree

3 files changed

+30
-14
lines changed

3 files changed

+30
-14
lines changed

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,7 @@ check: ## Check code lint error
105105
build: ## Build manager binary
106106
go build -o bin/manager main.go
107107

108-
run: generate code-fmt code-vet manifests ## Run against the configured Kubernetes cluster in ~/.kube/config
108+
run: generate code-fmt code-vet manifests check ## Run against the configured Kubernetes cluster in ~/.kube/config
109109
OPERATOR_NAMESPACE=ibm-common-services go run ./main.go
110110

111111
install: manifests ## Install CRDs into a cluster

config/manager/manager.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ spec:
4444
containers:
4545
- command:
4646
- /namespace-scope-operator-manager
47-
image: danielxlee/ibm-namespace-scope-operator:1.0.0
47+
image: ibm-namespace-scope-operator:1.0.0
4848
imagePullPolicy: Always
4949
name: ibm-namespace-scope-operator
5050
env:

controllers/namespacescope_controller.go

Lines changed: 28 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ func (r *NamespaceScopeReconciler) UpdateConfigMap(instance *operatorv1.Namespac
110110
cmKey := types.NamespacedName{Name: NamespaceScopeConfigmapName, Namespace: instance.Namespace}
111111
if err := r.Get(ctx, cmKey, cm); err != nil {
112112
if errors.IsNotFound(err) {
113-
klog.Infof("Not found ConfigMap %s in namespace %s", NamespaceScopeConfigmapName, instance.Namespace)
113+
klog.Infof("Not found ConfigMap %s", cmKey.String())
114114
return nil
115115
}
116116
return err
@@ -120,7 +120,7 @@ func (r *NamespaceScopeReconciler) UpdateConfigMap(instance *operatorv1.Namespac
120120
if strings.Join(instance.Spec.NamespaceMembers, ",") != cm.Data["namespaces"] {
121121
cm.Data["namespaces"] = strings.Join(instance.Spec.NamespaceMembers, ",")
122122
if err := r.Update(ctx, cm); err != nil {
123-
klog.Errorf("Failed to update ConfigMap %s in namespace %s: %v", "namespace-scope", instance.Namespace, err)
123+
klog.Errorf("Failed to update ConfigMap %s : %v", cmKey.String(), err)
124124
return err
125125
}
126126

@@ -153,6 +153,7 @@ func (r *NamespaceScopeReconciler) DeleteRbacFromUnmanagedNamespace(instance *op
153153
cm := &corev1.ConfigMap{}
154154
cmKey := types.NamespacedName{Name: NamespaceScopeConfigmapName, Namespace: instance.Namespace}
155155
if err := r.Get(ctx, cmKey, cm); err != nil {
156+
klog.Errorf("Not found ConfigMap %s", cmKey.String())
156157
return err
157158
}
158159

@@ -218,13 +219,13 @@ func (r *NamespaceScopeReconciler) CreateRole(fromNs, toNs string) error {
218219
},
219220
}
220221
if err := r.Create(ctx, role); err != nil {
221-
if !errors.IsAlreadyExists(err) {
222-
klog.Errorf("Failed to create role %s in namespace %s: %v", name, namespace, err)
223-
return err
222+
if errors.IsAlreadyExists(err) {
223+
return nil
224224
}
225-
return nil
225+
klog.Errorf("Failed to create role %s/%s: %v", namespace, name, err)
226+
return err
226227
}
227-
klog.Infof("Created role %s in namespace %s", name, namespace)
228+
klog.Infof("Created role %s/%s", namespace, name)
228229
return nil
229230
}
230231

@@ -271,17 +272,32 @@ func (r *NamespaceScopeReconciler) CreateUpdateRoleBinding(saNames []string, fro
271272

272273
if err := r.Create(ctx, roleBinding); err != nil {
273274
if errors.IsAlreadyExists(err) {
274-
if err := r.Update(ctx, roleBinding); err != nil {
275-
klog.Errorf("Failed to update rolebinding %s in namespace %s: %v", name, namespace, err)
275+
if err := r.UpdateRoleBinding(roleBinding); err != nil {
276276
return err
277277
}
278-
klog.Infof("Updated rolebinding %s in namespace %s", name, namespace)
279278
return nil
280279
}
281-
klog.Errorf("Failed to create rolebinding %s in namespace %s: %v", name, namespace, err)
280+
klog.Errorf("Failed to create rolebinding %s/%s: %v", namespace, name, err)
282281
return err
283282
}
284-
klog.Infof("Created rolebinding %s in namespace %s", name, namespace)
283+
klog.Infof("Created rolebinding %s/%s", namespace, name)
284+
return nil
285+
}
286+
287+
func (r *NamespaceScopeReconciler) UpdateRoleBinding(newRoleBinding *rbacv1.RoleBinding) error {
288+
currentRoleBinding := &rbacv1.RoleBinding{}
289+
currentRoleBindingKey := types.NamespacedName{Name: newRoleBinding.Name, Namespace: newRoleBinding.Namespace}
290+
if err := r.Get(ctx, currentRoleBindingKey, currentRoleBinding); err != nil {
291+
klog.Errorf("Cannot get rolebinding %s: %v", currentRoleBindingKey.String(), err)
292+
}
293+
if len(newRoleBinding.Subjects) != len(currentRoleBinding.Subjects) {
294+
if err := r.Update(ctx, newRoleBinding); err != nil {
295+
klog.Errorf("Failed to update rolebinding %s: %v", currentRoleBindingKey.String(), err)
296+
return err
297+
}
298+
klog.Infof("Updated rolebinding %s", currentRoleBindingKey.String())
299+
return nil
300+
}
285301
return nil
286302
}
287303

0 commit comments

Comments
 (0)