-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PWX-34118: Skip service accounts, roles and rolebindings as part of pruning of resources with ownerreferences. #1560
Conversation
…runing of resources with ownerreferences.
Can one of the admins verify this patch? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks ok
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #1560 +/- ##
==========================================
+ Coverage 66.47% 66.53% +0.05%
==========================================
Files 43 43
Lines 5453 5453
==========================================
+ Hits 3625 3628 +3
+ Misses 1493 1491 -2
+ Partials 335 334 -1 ☔ View full report in Codecov by Sentry. |
objectType.GetKind() != "StatefulSet" && | ||
objectType.GetKind() != "ReplicaSet" && | ||
objectType.GetKind() != "DeploymentConfig" && | ||
objectType.GetKind() != "ServiceAccount" && | ||
objectType.GetKind() != "Role" && | ||
objectType.GetKind() != "RoleBinding" && |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do all these checks have to be in the for loop? We should check it outside of for _, owner := range owners
loop. Am I missing anything?
I think we can update the logic here to make it cleaner.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a check for if a pod is an owner
is there before we are checking for if object is not one among these types (deploy, sts, service etc...). If we take the decision of collecting the object before the for loop, there can be scenario the owner might be a pod itself and the real intention was to skip it.
Anyway we will get rid of all these checks and make it generic for all resources not to be collected or something similar. So don't want to alter the logic now.
Signed-Off-By: Diptiranjan
What type of PR is this?
improvement
What this PR does / why we need it:
Some of the operators like postgres were not able to reconcile on the CR and create the pods if service account, roles and rolebindings were already created.
Does this PR change a user-facing CRD or CLI?:
Is a release note needed?:
Does this change need to be cherry-picked to a release branch?:
Test
Tested with crunchydata postgres operator 5.4.3 and details have been updated in the ticket.