From 694658d5843711a00e26cda9ba2f0649185c782f Mon Sep 17 00:00:00 2001 From: Saman Mahdanian Date: Wed, 12 Jun 2024 18:06:36 +0330 Subject: [PATCH 1/5] fix broken logging lines --- controllers/namespace_controller.go | 34 ++++++++++------------------- 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/controllers/namespace_controller.go b/controllers/namespace_controller.go index f0cd672..e2273b0 100644 --- a/controllers/namespace_controller.go +++ b/controllers/namespace_controller.go @@ -146,7 +146,7 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( defer r.mu.Unlock() logger := log.FromContext(ctx) - logger.Info("Reconciling Namespace: ", fmt.Sprint(req.NamespacedName)) + logger.Info("Reconciling Namespace", "Namespace", fmt.Sprint(req.NamespacedName)) err := safeNsCache.InitOrPass(r, ctx) if err != nil { @@ -158,16 +158,16 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( err = r.Get(ctx, req.NamespacedName, ns) if err != nil { if errors.IsNotFound(err) { - logger.Info("Namespace not found. Ignoring since object must be deleted") + logger.Info("Namespace not found. Ignoring since object must be deleted", "Namespace", fmt.Sprint(req.NamespacedName)) oldTeams := safeNsCache.GetProjects(req.Name) if len(oldTeams) > 0 { for t := range oldTeams { err := r.reconcileAppProject(ctx, logger, t) if err != nil { - logger.Info("Failed to reconcile AppProject [", t, "] for not found resource error recovery: ", err.Error()) + logger.Error(err, "Failed to reconcile AppProject for not found resource error recovery", "AppProj.Name", fmt.Sprint(t)) } else { - logger.Info("Successfully reconciled AppProject [", t, "] for not found resource error recovery") + logger.Info("Successfully reconciled AppProject for not found resource error recovery", "AppProj.Name", fmt.Sprint(t)) } } } @@ -177,7 +177,7 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( return ctrl.Result{}, nil } // Error reading the object - requeue the request. - logger.Error(err, "Failed to get Namespace Resource, Requeuing the request") + logger.Error(err, "Failed to get Namespace Resource, Requeuing the request", "Namespace", fmt.Sprint(req.NamespacedName)) return ctrl.Result{}, err } @@ -190,23 +190,23 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( for t := range oldProjects { if _, ok := projectsToAdd[t]; !ok { projectsToRemove = append(projectsToRemove, t) - logger.Info("Updating Cache: Removing NS:", req.Name, " to AppProject:", t) + logger.Info("Updating Cache: Removing NS from AppProject", "Namespace", req.Name, "AppProj.Name", t) safeNsCache.LeaveProject(req.Name, t) } else { delete(projectsToAdd, t) - logger.Info("Updating Cache: Adding NS:", req.Name, " to AppProject:", t) + logger.Info("Updating Cache: Adding NS to AppProject:", "Namespace", req.Name, "AppProj.Name", t) safeNsCache.JoinProject(req.Name, t) } } var reconciliationErrors *multierror.Error // add ns to new app-projects - logger.Info("Reconciling New Teams") + logger.Info("Reconciling New Teams", "len", len(projectsToAdd)) for t := range projectsToAdd { - logger.Info("Reconciling AppProject: ", t) + logger.Info("Reconciling AppProject to add new namespaces", "AppProj.Name", t) err = r.reconcileAppProject(ctx, logger, t) if err != nil { - logger.Info("Error while Reconciling AppProject ", t, " : ", err.Error()) + logger.Error(err, "Error while Reconciling AppProject", "AppProj.Name", t) reconciliationErrors = multierror.Append(reconciliationErrors, err) } } @@ -214,10 +214,10 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( // removing ns from old projects logger.Info("Reconciling Old Teams") for _, t := range projectsToRemove { - logger.Info("Reconciling AppProject:", t) + logger.Info("Reconciling AppProject as on old member", "AppProj.Name", t) err = r.reconcileAppProject(ctx, logger, t) if err != nil { - logger.Info("Error while Reconciling AppProject ", t, " : ", err.Error()) + logger.Error(err, "Error while Reconciling AppProject", "AppProj.Name", t) reconciliationErrors = multierror.Append(reconciliationErrors, err) } } @@ -260,16 +260,6 @@ func (r *NamespaceReconciler) reconcileAppProject(ctx context.Context, logger lo func (r *NamespaceReconciler) createAppProj(team string) (*argov1alpha1.AppProject, error) { fmt.Println("run reconcile on ", team) - // listOpts := []client.ListOption{ - // client.MatchingLabels(map[string]string{ - // teamLabel: team, - // }), - // } - // nsList := &corev1.NamespaceList{} - // err := r.List(ctx, nsList, listOpts...) - // if err != nil { - // return nil, err - // } desiredNamespaces := safeNsCache.GetNamespaces(team) destList := []argov1alpha1.ApplicationDestination{} From f995a3b025fdd5c5acf2cfec6efaddf75cac7cec Mon Sep 17 00:00:00 2001 From: Saman Mahdanian Date: Wed, 12 Jun 2024 18:20:00 +0330 Subject: [PATCH 2/5] fix nil issue in Join function --- controllers/namespace_controller.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/controllers/namespace_controller.go b/controllers/namespace_controller.go index e2273b0..a3dba9b 100644 --- a/controllers/namespace_controller.go +++ b/controllers/namespace_controller.go @@ -67,6 +67,12 @@ type SafeNsCache struct { func (c *SafeNsCache) JoinProject(ns, proj string) { c.mu.Lock() defer c.mu.Unlock() + if _, ok := c.projects[ns]; !ok { + c.projects[ns] = make(AppProjectNameset) + } + if _, ok := c.namespaces[proj]; !ok { + c.namespaces[proj] = make(NamespaceNameset) + } c.projects[ns][proj] = struct{}{} c.namespaces[proj][ns] = struct{}{} } From dcbca61d78e46a29f8cd0b9878c7e4c3200a8f5a Mon Sep 17 00:00:00 2001 From: Saman Mahdanian Date: Wed, 12 Jun 2024 19:02:28 +0330 Subject: [PATCH 3/5] creating cache based on appProjects --- controllers/namespace_controller.go | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/controllers/namespace_controller.go b/controllers/namespace_controller.go index a3dba9b..c393f30 100644 --- a/controllers/namespace_controller.go +++ b/controllers/namespace_controller.go @@ -113,8 +113,10 @@ func (c *SafeNsCache) InitOrPass(r *NamespaceReconciler, ctx context.Context) er return nil } - nsList := &corev1.NamespaceList{} - err := r.List(ctx, nsList) + appProjList := &argov1alpha1.AppProjectList{} + err := r.List(ctx, appProjList, + &client.ListOptions{Namespace: baseNs}, + ) if err != nil { return err } @@ -122,14 +124,12 @@ func (c *SafeNsCache) InitOrPass(r *NamespaceReconciler, ctx context.Context) er c.namespaces = make(map[string]NamespaceNameset) c.projects = make(map[string]AppProjectNameset) - for _, nsItem := range nsList.Items { - projects := convertLabelToAppProjectNameset( - nsItem.GetLabels()[projectsLabel], - ) - for project := range projects { - c.JoinProject(nsItem.Name, project) + for _, apItem := range appProjList.Items { + for _, dest := range apItem.Spec.Destinations { + c.JoinProject(dest.Namespace, apItem.Name) } } + return nil } @@ -218,7 +218,7 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( } // removing ns from old projects - logger.Info("Reconciling Old Teams") + logger.Info("Reconciling Old Teams", "len", len(projectsToAdd)) for _, t := range projectsToRemove { logger.Info("Reconciling AppProject as on old member", "AppProj.Name", t) err = r.reconcileAppProject(ctx, logger, t) From 20fa420cbea519e9b38fe485c6e10af339fe4301 Mon Sep 17 00:00:00 2001 From: Saman Mahdanian Date: Sat, 15 Jun 2024 18:05:02 +0330 Subject: [PATCH 4/5] fix issues with cache and update caches --- controllers/namespace_controller.go | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/controllers/namespace_controller.go b/controllers/namespace_controller.go index c393f30..021986f 100644 --- a/controllers/namespace_controller.go +++ b/controllers/namespace_controller.go @@ -112,6 +112,9 @@ func (c *SafeNsCache) InitOrPass(r *NamespaceReconciler, ctx context.Context) er if c.initialized { return nil } + defer func() { + c.initialized = true + }() appProjList := &argov1alpha1.AppProjectList{} err := r.List(ctx, appProjList, @@ -126,6 +129,9 @@ func (c *SafeNsCache) InitOrPass(r *NamespaceReconciler, ctx context.Context) er for _, apItem := range appProjList.Items { for _, dest := range apItem.Spec.Destinations { + if apItem.Name == "default" { + continue + } c.JoinProject(dest.Namespace, apItem.Name) } } @@ -205,6 +211,11 @@ func (r *NamespaceReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( } } + // update cache: adding new team to cache + for t := range projectsToAdd { + safeNsCache.JoinProject(req.Name, t) + } + var reconciliationErrors *multierror.Error // add ns to new app-projects logger.Info("Reconciling New Teams", "len", len(projectsToAdd)) @@ -265,7 +276,6 @@ func (r *NamespaceReconciler) reconcileAppProject(ctx context.Context, logger lo } func (r *NamespaceReconciler) createAppProj(team string) (*argov1alpha1.AppProject, error) { - fmt.Println("run reconcile on ", team) desiredNamespaces := safeNsCache.GetNamespaces(team) destList := []argov1alpha1.ApplicationDestination{} @@ -351,8 +361,13 @@ func appendRepos(repo_list []string, found_repos []string) []string { // ConvertLabelToAppProjectNameset will convert comma separated label value to actual nameset func convertLabelToAppProjectNameset(l string) AppProjectNameset { result := make(AppProjectNameset) - for _, s := range strings.Split(l, ",") { - result[s] = struct{}{} + if l == "" { + return result + } + for _, s := range strings.Split(l, ".") { + if s != "" { + result[s] = struct{}{} + } } return result } From e4db82ee40bfc60702c70edd144f3596b3f5fd77 Mon Sep 17 00:00:00 2001 From: Saman Mahdanian Date: Sat, 15 Jun 2024 18:08:34 +0330 Subject: [PATCH 5/5] removing delete access from manager RBAC configs --- config/rbac/role.yaml | 1 - controllers/namespace_controller.go | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 3343c3f..6aed14d 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -35,7 +35,6 @@ rules: - appprojects verbs: - create - - delete - get - list - patch diff --git a/controllers/namespace_controller.go b/controllers/namespace_controller.go index 021986f..759069c 100644 --- a/controllers/namespace_controller.go +++ b/controllers/namespace_controller.go @@ -142,7 +142,7 @@ func (c *SafeNsCache) InitOrPass(r *NamespaceReconciler, ctx context.Context) er //+kubebuilder:rbac:groups=core,resources=namespaces,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=core,resources=namespaces/status,verbs=get;update;patch //+kubebuilder:rbac:groups=core,resources=namespaces/finalizers,verbs=update -//+kubebuilder:rbac:groups=argoproj.io,resources=appprojects,verbs=get;list;watch;create;update;patch;delete +//+kubebuilder:rbac:groups=argoproj.io,resources=appprojects,verbs=get;list;watch;create;update;patch // Reconcile is part of the main kubernetes reconciliation loop which aims to // move the current state of the cluster closer to the desired state.