From c83850291163e309cac7ac460ea8947e0e6dac00 Mon Sep 17 00:00:00 2001 From: Ben Parees Date: Mon, 25 Feb 2019 13:15:51 -0500 Subject: [PATCH] do not setup ownerrefs for clusterscoped/cross-namespace objects --- pkg/resource/caconfig.go | 9 ++++----- pkg/resource/clusterrole.go | 9 ++++----- pkg/resource/clusterrolebinding.go | 9 ++++----- pkg/resource/deployment.go | 7 ++++--- pkg/resource/generator.go | 3 +++ pkg/resource/imageconfig.go | 5 +++++ pkg/resource/nodecadaemon.go | 5 +++++ pkg/resource/resource.go | 3 +++ pkg/resource/route.go | 10 ++++------ pkg/resource/secret.go | 9 ++++----- pkg/resource/service.go | 9 ++++----- pkg/resource/serviceaccount.go | 9 ++++----- 12 files changed, 48 insertions(+), 39 deletions(-) diff --git a/pkg/resource/caconfig.go b/pkg/resource/caconfig.go index 990338ed48..5c4210d61b 100644 --- a/pkg/resource/caconfig.go +++ b/pkg/resource/caconfig.go @@ -11,7 +11,6 @@ import ( configlisters "github.com/openshift/client-go/config/listers/config/v1" imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorCAConfig{} @@ -24,7 +23,6 @@ type generatorCAConfig struct { imageConfigName string name string namespace string - owner metav1.OwnerReference } func newGeneratorCAConfig(lister corelisters.ConfigMapNamespaceLister, imageConfigLister configlisters.ImageLister, openshiftConfigLister corelisters.ConfigMapNamespaceLister, client coreset.CoreV1Interface, params *parameters.Globals, cr *imageregistryv1.Config) *generatorCAConfig { @@ -36,7 +34,6 @@ func newGeneratorCAConfig(lister corelisters.ConfigMapNamespaceLister, imageConf imageConfigName: params.ImageConfig.Name, name: params.CAConfig.Name, namespace: params.Deployment.Namespace, - owner: util.AsOwner(cr), } } @@ -82,8 +79,6 @@ func (gcac *generatorCAConfig) expected() (runtime.Object, error) { } } - util.AddOwnerRefToObject(cm, gcac.owner) - return cm, nil } @@ -106,3 +101,7 @@ func (gcac *generatorCAConfig) Update(o runtime.Object) (bool, error) { func (gcac *generatorCAConfig) Delete(opts *metav1.DeleteOptions) error { return gcac.client.ConfigMaps(gcac.GetNamespace()).Delete(gcac.GetName(), opts) } + +func (g *generatorCAConfig) Owned() bool { + return true +} diff --git a/pkg/resource/clusterrole.go b/pkg/resource/clusterrole.go index cf4f2ef3da..44c2d65d33 100644 --- a/pkg/resource/clusterrole.go +++ b/pkg/resource/clusterrole.go @@ -8,7 +8,6 @@ import ( rbaclisters "k8s.io/client-go/listers/rbac/v1" imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorClusterRole{} @@ -16,14 +15,12 @@ var _ Mutator = &generatorClusterRole{} type generatorClusterRole struct { lister rbaclisters.ClusterRoleLister client rbacset.RbacV1Interface - owner metav1.OwnerReference } func newGeneratorClusterRole(lister rbaclisters.ClusterRoleLister, client rbacset.RbacV1Interface, cr *imageregistryv1.Config) *generatorClusterRole { return &generatorClusterRole{ lister: lister, client: client, - owner: util.AsOwner(cr), } } @@ -94,8 +91,6 @@ func (gcr *generatorClusterRole) expected() (runtime.Object, error) { }, } - util.AddOwnerRefToObject(role, gcr.owner) - return role, nil } @@ -118,3 +113,7 @@ func (gcr *generatorClusterRole) Update(o runtime.Object) (bool, error) { func (gcr *generatorClusterRole) Delete(opts *metav1.DeleteOptions) error { return gcr.client.ClusterRoles().Delete(gcr.GetName(), opts) } + +func (g *generatorClusterRole) Owned() bool { + return true +} diff --git a/pkg/resource/clusterrolebinding.go b/pkg/resource/clusterrolebinding.go index 49c10a2b1f..1be149cb73 100644 --- a/pkg/resource/clusterrolebinding.go +++ b/pkg/resource/clusterrolebinding.go @@ -9,7 +9,6 @@ import ( imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorClusterRoleBinding{} @@ -19,7 +18,6 @@ type generatorClusterRoleBinding struct { client rbacset.RbacV1Interface saName string saNamespace string - owner metav1.OwnerReference } func newGeneratorClusterRoleBinding(lister rbaclisters.ClusterRoleBindingLister, client rbacset.RbacV1Interface, params *parameters.Globals, cr *imageregistryv1.Config) *generatorClusterRoleBinding { @@ -28,7 +26,6 @@ func newGeneratorClusterRoleBinding(lister rbaclisters.ClusterRoleBindingLister, client: client, saName: params.Pod.ServiceAccount, saNamespace: params.Deployment.Namespace, - owner: util.AsOwner(cr), } } @@ -66,8 +63,6 @@ func (gcrb *generatorClusterRoleBinding) expected() (runtime.Object, error) { }, } - util.AddOwnerRefToObject(crb, gcrb.owner) - return crb, nil } @@ -90,3 +85,7 @@ func (gcrb *generatorClusterRoleBinding) Update(o runtime.Object) (bool, error) func (gcrb *generatorClusterRoleBinding) Delete(opts *metav1.DeleteOptions) error { return gcrb.client.ClusterRoleBindings().Delete(gcrb.GetName(), opts) } + +func (g *generatorClusterRoleBinding) Owned() bool { + return true +} diff --git a/pkg/resource/deployment.go b/pkg/resource/deployment.go index 27b4f76ffe..c179c121f0 100644 --- a/pkg/resource/deployment.go +++ b/pkg/resource/deployment.go @@ -12,7 +12,6 @@ import ( imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" "github.com/openshift/cluster-image-registry-operator/pkg/storage" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorDeployment{} @@ -84,8 +83,6 @@ func (gd *generatorDeployment) expected() (runtime.Object, error) { }, } - util.AddOwnerRefToObject(deploy, util.AsOwner(gd.cr)) - return deploy, nil } @@ -108,3 +105,7 @@ func (gd *generatorDeployment) Update(o runtime.Object) (bool, error) { func (gd *generatorDeployment) Delete(opts *metav1.DeleteOptions) error { return gd.client.Deployments(gd.GetNamespace()).Delete(gd.GetName(), opts) } + +func (g *generatorDeployment) Owned() bool { + return true +} diff --git a/pkg/resource/generator.go b/pkg/resource/generator.go index 9efc9aadfd..d4fbfe95a3 100644 --- a/pkg/resource/generator.go +++ b/pkg/resource/generator.go @@ -235,6 +235,9 @@ func (g *Generator) Remove(cr *imageregistryv1.Config) error { PropagationPolicy: &propagationPolicy, } for _, gen := range generators { + if !gen.Owned() { + continue + } if err := gen.Delete(opts); err != nil { if errors.IsNotFound(err) { continue diff --git a/pkg/resource/imageconfig.go b/pkg/resource/imageconfig.go index 8b9db61401..6add9ec76e 100644 --- a/pkg/resource/imageconfig.go +++ b/pkg/resource/imageconfig.go @@ -133,6 +133,11 @@ func (gic *generatorImageConfig) Delete(opts *metav1.DeleteOptions) error { return gic.configClient.Images().Delete(gic.GetName(), opts) } +func (g *generatorImageConfig) Owned() bool { + // the registry operator can create and contribute to the imageconfig, but it doesn't own it. + return false +} + func (gic *generatorImageConfig) getRouteHostnames() ([]string, error) { var externalHostnames []string diff --git a/pkg/resource/nodecadaemon.go b/pkg/resource/nodecadaemon.go index 055c3befdf..cf9c527577 100644 --- a/pkg/resource/nodecadaemon.go +++ b/pkg/resource/nodecadaemon.go @@ -211,3 +211,8 @@ func (ds *generatorNodeCADaemonSet) Update(o runtime.Object) (bool, error) { func (ds *generatorNodeCADaemonSet) Delete(opts *metav1.DeleteOptions) error { return ds.client.DaemonSets(ds.GetNamespace()).Delete(ds.GetName(), opts) } + +func (ds *generatorNodeCADaemonSet) Owned() bool { + // the nodeca daemon's lifecycle is not tied to the lifecycle of the registry + return false +} diff --git a/pkg/resource/resource.go b/pkg/resource/resource.go index c8055ba1ee..4a461c43e4 100644 --- a/pkg/resource/resource.go +++ b/pkg/resource/resource.go @@ -21,6 +21,9 @@ type Mutator interface { Create() error Update(o runtime.Object) (bool, error) Delete(opts *metaapi.DeleteOptions) error + // Owned indicates whether this resource is explicitly owned by the registry operator + // and therefore should be removed when the registry config resource is removed. + Owned() bool } func Name(o Getter) string { diff --git a/pkg/resource/route.go b/pkg/resource/route.go index ff8fbb2362..8d3ce6f9c7 100644 --- a/pkg/resource/route.go +++ b/pkg/resource/route.go @@ -11,7 +11,6 @@ import ( imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorRoute{} @@ -22,7 +21,6 @@ type generatorRoute struct { client routeset.RouteV1Interface namespace string serviceName string - owner metav1.OwnerReference route imageregistryv1.ImageRegistryConfigRoute } @@ -33,7 +31,6 @@ func newGeneratorRoute(lister routelisters.RouteNamespaceLister, secretLister co client: client, namespace: params.Deployment.Namespace, serviceName: params.Service.Name, - owner: util.AsOwner(cr), route: route, } } @@ -83,9 +80,6 @@ func (gr *generatorRoute) expected() (runtime.Object, error) { r.Spec.TLS.CACertificate = v } } - - util.AddOwnerRefToObject(r, gr.owner) - return r, nil } @@ -108,3 +102,7 @@ func (gr *generatorRoute) Update(o runtime.Object) (bool, error) { func (gr *generatorRoute) Delete(opts *metav1.DeleteOptions) error { return gr.client.Routes(gr.GetNamespace()).Delete(gr.GetName(), opts) } + +func (g *generatorRoute) Owned() bool { + return true +} diff --git a/pkg/resource/secret.go b/pkg/resource/secret.go index d687ecb4ba..65d58866c1 100644 --- a/pkg/resource/secret.go +++ b/pkg/resource/secret.go @@ -10,7 +10,6 @@ import ( imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" "github.com/openshift/cluster-image-registry-operator/pkg/storage" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorSecret{} @@ -21,7 +20,6 @@ type generatorSecret struct { driver storage.Driver name string namespace string - owner metav1.OwnerReference } func newGeneratorSecret(lister corelisters.SecretNamespaceLister, client coreset.CoreV1Interface, driver storage.Driver, params *parameters.Globals, cr *imageregistryv1.Config) *generatorSecret { @@ -31,7 +29,6 @@ func newGeneratorSecret(lister corelisters.SecretNamespaceLister, client coreset driver: driver, name: imageregistryv1.ImageRegistryPrivateConfiguration, namespace: params.Deployment.Namespace, - owner: util.AsOwner(cr), } } @@ -62,8 +59,6 @@ func (gs *generatorSecret) expected() (runtime.Object, error) { sec.StringData = data - util.AddOwnerRefToObject(sec, gs.owner) - return sec, nil } @@ -86,3 +81,7 @@ func (gs *generatorSecret) Update(o runtime.Object) (bool, error) { func (gs *generatorSecret) Delete(opts *metav1.DeleteOptions) error { return gs.client.Secrets(gs.GetNamespace()).Delete(gs.GetName(), opts) } + +func (g *generatorSecret) Owned() bool { + return true +} diff --git a/pkg/resource/service.go b/pkg/resource/service.go index 4e74d62326..c8be712acb 100644 --- a/pkg/resource/service.go +++ b/pkg/resource/service.go @@ -13,7 +13,6 @@ import ( imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" "github.com/openshift/cluster-image-registry-operator/pkg/resource/strategy" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorService{} @@ -26,7 +25,6 @@ type generatorService struct { labels map[string]string port int secretName string - owner metav1.OwnerReference } func newGeneratorService(lister corelisters.ServiceNamespaceLister, client coreset.CoreV1Interface, params *parameters.Globals, cr *imageregistryv1.Config) *generatorService { @@ -38,7 +36,6 @@ func newGeneratorService(lister corelisters.ServiceNamespaceLister, client cores labels: params.Deployment.Labels, port: params.Container.Port, secretName: imageregistryv1.ImageRegistryName + "-tls", - owner: util.AsOwner(cr), } } @@ -78,8 +75,6 @@ func (gs *generatorService) expected() *corev1.Service { "service.alpha.openshift.io/serving-cert-secret-name": gs.secretName, } - util.AddOwnerRefToObject(svc, gs.owner) - return svc } @@ -116,3 +111,7 @@ func (gs *generatorService) Update(o runtime.Object) (bool, error) { func (gs *generatorService) Delete(opts *metav1.DeleteOptions) error { return gs.client.Services(gs.GetNamespace()).Delete(gs.GetName(), opts) } + +func (g *generatorService) Owned() bool { + return true +} diff --git a/pkg/resource/serviceaccount.go b/pkg/resource/serviceaccount.go index aad40308ef..863df3c5e3 100644 --- a/pkg/resource/serviceaccount.go +++ b/pkg/resource/serviceaccount.go @@ -9,7 +9,6 @@ import ( imageregistryv1 "github.com/openshift/cluster-image-registry-operator/pkg/apis/imageregistry/v1" "github.com/openshift/cluster-image-registry-operator/pkg/parameters" - "github.com/openshift/cluster-image-registry-operator/pkg/util" ) var _ Mutator = &generatorServiceAccount{} @@ -19,7 +18,6 @@ type generatorServiceAccount struct { client coreset.CoreV1Interface name string namespace string - owner metav1.OwnerReference } func newGeneratorServiceAccount(lister corelisters.ServiceAccountNamespaceLister, client coreset.CoreV1Interface, params *parameters.Globals, cr *imageregistryv1.Config) *generatorServiceAccount { @@ -28,7 +26,6 @@ func newGeneratorServiceAccount(lister corelisters.ServiceAccountNamespaceLister client: client, name: params.Pod.ServiceAccount, namespace: params.Deployment.Namespace, - owner: util.AsOwner(cr), } } @@ -52,8 +49,6 @@ func (gsa *generatorServiceAccount) expected() (runtime.Object, error) { }, } - util.AddOwnerRefToObject(sa, gsa.owner) - return sa, nil } @@ -76,3 +71,7 @@ func (gsa *generatorServiceAccount) Update(o runtime.Object) (bool, error) { func (gsa *generatorServiceAccount) Delete(opts *metav1.DeleteOptions) error { return gsa.client.ServiceAccounts(gsa.GetNamespace()).Delete(gsa.GetName(), opts) } + +func (g *generatorServiceAccount) Owned() bool { + return true +}