Skip to content

Commit

Permalink
operator: Fix delete ClusterRule name (#694)
Browse files Browse the repository at this point in the history 
Fix the name of clusterrole and clusterrolebindings (same name for deletion and creation).
Signed-off-by: Kfir Toledo <[email protected]>
  • Loading branch information
@kfirtoledo
kfirtoledo authored Sep 22, 2024
1 parent 392e274 commit 493ba60
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 6 deletions.
13 changes: 8 additions & 5 deletions pkg/operator/controller/instance_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ const (
StatusModeNotExist = "NotExist"
StatusModeProgressing = "ProgressingMode"
StatusModeReady = "Ready"
ClusterRoleName = InstanceNamespace + ":" + cpapi.Name
)

// InstanceReconciler reconciles a ClusterLink instance object.
Expand Down Expand Up @@ -431,7 +432,7 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name
// Create the ClusterRole for the controlplane.
clusterRole := &rbacv1.ClusterRole{
ObjectMeta: metav1.ObjectMeta{
Name: name + namespace,
Name: ClusterRoleName,
},
Rules: []rbacv1.PolicyRule{
{
Expand Down Expand Up @@ -499,12 +500,12 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name
// Create ClusterRoleBinding for the controlplane.
clusterRoleBinding := &rbacv1.ClusterRoleBinding{
ObjectMeta: metav1.ObjectMeta{
Name: name + namespace,
Name: ClusterRoleName,
},
RoleRef: rbacv1.RoleRef{
APIGroup: "rbac.authorization.k8s.io",
Kind: "ClusterRole",
Name: name + namespace,
Name: ClusterRoleName,
},
Subjects: []rbacv1.Subject{
{
Expand Down Expand Up @@ -615,6 +616,8 @@ func (r *InstanceReconciler) createResource(ctx context.Context, object client.O
func (r *InstanceReconciler) deleteClusterLink(ctx context.Context, namespace string) error {
// Delete controlPlane Resources
cpObj := metav1.ObjectMeta{Name: cpapi.Name, Namespace: namespace}
cprRuleObj := metav1.ObjectMeta{Name: ClusterRoleName, Namespace: namespace}

if err := r.deleteResource(ctx, &appsv1.Deployment{ObjectMeta: cpObj}); err != nil {
return err
}
Expand All @@ -623,11 +626,11 @@ func (r *InstanceReconciler) deleteClusterLink(ctx context.Context, namespace st
return err
}

if err := r.deleteResource(ctx, &rbacv1.ClusterRole{ObjectMeta: cpObj}); err != nil {
if err := r.deleteResource(ctx, &rbacv1.ClusterRole{ObjectMeta: cprRuleObj}); err != nil {
return err
}

if err := r.deleteResource(ctx, &rbacv1.ClusterRoleBinding{ObjectMeta: cpObj}); err != nil {
if err := r.deleteResource(ctx, &rbacv1.ClusterRoleBinding{ObjectMeta: cprRuleObj}); err != nil {
return err
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/operator/controller/instance_controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ func TestClusterLinkController(t *testing.T) {
cpID := types.NamespacedName{Name: cpapi.Name, Namespace: controller.InstanceNamespace}
cpResource := []client.Object{&appsv1.Deployment{}, &corev1.Service{}}
roleID := types.NamespacedName{
Name: cpapi.Name + controller.InstanceNamespace,
Name: controller.ClusterRoleName,
Namespace: controller.InstanceNamespace,
}
roleResource := []client.Object{&rbacv1.ClusterRole{}, &rbacv1.ClusterRoleBinding{}}
Expand Down

0 comments on commit 493ba60

Please sign in to comment.