-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor cluster policy controller and NamespaceSCCAllocationController #65
Merged
openshift-merge-robot
merged 5 commits into
openshift:master
from
atiratree:move-controllers
Jul 23, 2021
Merged
Changes from 4 commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
bec485c
add idea to gitignore
atiratree f1fe7bf
modify code to be v0.21.2 compatible
atiratree 3881414
refactor cluster policy controller server to use generic library-go one
atiratree 6e37136
create NamespaceSCCAllocationController with factory methods
atiratree d4c6c84
update go to 1.16 and vendor folder
atiratree File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,119 +1,32 @@ | ||
package cluster_policy_controller | ||
|
||
import ( | ||
"fmt" | ||
"io" | ||
"io/ioutil" | ||
"context" | ||
"os" | ||
"path" | ||
|
||
configv1 "github.com/openshift/api/config/v1" | ||
openshiftcontrolplanev1 "github.com/openshift/api/openshiftcontrolplane/v1" | ||
"github.com/openshift/library-go/pkg/config/helpers" | ||
"github.com/openshift/library-go/pkg/serviceability" | ||
"github.com/spf13/cobra" | ||
kerrors "k8s.io/apimachinery/pkg/api/errors" | ||
"k8s.io/apimachinery/pkg/runtime" | ||
"k8s.io/apimachinery/pkg/runtime/serializer" | ||
utilruntime "k8s.io/apimachinery/pkg/util/runtime" | ||
"k8s.io/client-go/tools/clientcmd/api" | ||
"k8s.io/klog/v2" | ||
) | ||
|
||
const RecommendedStartControllerName = "cluster-policy-controller" | ||
|
||
type ClusterPolicyController struct { | ||
ConfigFilePath string | ||
// KubeConfigFile points to a kubeconfig file if you don't want to use the in cluster config | ||
KubeConfigFile string | ||
// TODO: remove - dummy variable to support config format update | ||
Namespace string | ||
|
||
Output io.Writer | ||
} | ||
corev1 "k8s.io/api/core/v1" | ||
|
||
func NewClusterPolicyControllerCommand(name string, out, errout io.Writer, stopCh <-chan struct{}) *cobra.Command { | ||
options := &ClusterPolicyController{Output: out} | ||
"github.com/openshift/library-go/pkg/controller/controllercmd" | ||
|
||
cmd := &cobra.Command{ | ||
Use: name, | ||
Short: "Start the cluster policy controller", | ||
Run: func(c *cobra.Command, args []string) { | ||
serviceability.StartProfiler() | ||
clusterpolicyversion "github.com/openshift/cluster-policy-controller/pkg/version" | ||
) | ||
|
||
if err := options.RunPolicyController(stopCh); err != nil { | ||
if kerrors.IsInvalid(err) { | ||
if details := err.(*kerrors.StatusError).ErrStatus.Details; details != nil { | ||
fmt.Fprintf(errout, "Invalid %s %s\n", details.Kind, details.Name) | ||
for _, cause := range details.Causes { | ||
fmt.Fprintf(errout, " %s: %s\n", cause.Field, cause.Message) | ||
} | ||
os.Exit(255) | ||
} | ||
} | ||
klog.Fatal(err) | ||
} | ||
}, | ||
} | ||
const ( | ||
podNameEnv = "POD_NAME" | ||
podNamespaceEnv = "POD_NAMESPACE" | ||
) | ||
|
||
flags := cmd.Flags() | ||
// This command only supports reading from config | ||
flags.StringVar(&options.ConfigFilePath, "config", options.ConfigFilePath, "Location of the master configuration file to run from.") | ||
cmd.MarkFlagFilename("config", "yaml", "yml") | ||
flags.StringVar(&options.KubeConfigFile, "kubeconfig", options.KubeConfigFile, "Location of the master configuration file to run from.") | ||
cmd.MarkFlagFilename("kubeconfig", "kubeconfig") | ||
// TODO: remove - dummy variable to support config format update | ||
flags.StringVar(&options.Namespace, "namespace", options.Namespace, "To be removed") | ||
func NewClusterPolicyControllerCommand(name string) *cobra.Command { | ||
cmd := controllercmd.NewControllerCommandConfig("cluster-policy-controller", clusterpolicyversion.Get(), RunClusterPolicyController). | ||
WithComponentOwnerReference(&corev1.ObjectReference{ | ||
Kind: "Pod", | ||
Name: os.Getenv(podNameEnv), | ||
Namespace: os.Getenv(podNamespaceEnv), | ||
}). | ||
NewCommandWithContext(context.Background()) | ||
cmd.Use = name | ||
cmd.Short = "Start the cluster policy controller" | ||
|
||
return cmd | ||
} | ||
|
||
// RunPolicyController takes the options and starts the controller. blocks until the process is finished or the leader lease is lost | ||
func (o *ClusterPolicyController) RunPolicyController(stopCh <-chan struct{}) error { | ||
|
||
config := &openshiftcontrolplanev1.OpenShiftControllerManagerConfig{ | ||
/// this isn't allowed to be nil when by itself. | ||
ServingInfo: &configv1.HTTPServingInfo{}, | ||
} | ||
|
||
if len(o.ConfigFilePath) != 0 { | ||
// try to decode into our new types first. right now there is no validation, no file path resolution. this unsticks the operator to start. | ||
// TODO add those things | ||
configContent, err := ioutil.ReadFile(o.ConfigFilePath) | ||
if err != nil { | ||
return err | ||
} | ||
scheme := runtime.NewScheme() | ||
utilruntime.Must(openshiftcontrolplanev1.Install(scheme)) | ||
codecs := serializer.NewCodecFactory(scheme) | ||
obj, err := runtime.Decode(codecs.UniversalDecoder(openshiftcontrolplanev1.GroupVersion, configv1.GroupVersion), configContent) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
// Resolve relative to CWD | ||
absoluteConfigFile, err := api.MakeAbs(o.ConfigFilePath, "") | ||
if err != nil { | ||
return err | ||
} | ||
configFileLocation := path.Dir(absoluteConfigFile) | ||
|
||
config = obj.(*openshiftcontrolplanev1.OpenShiftControllerManagerConfig) | ||
/// this isn't allowed to be nil when by itself. | ||
// TODO remove this when the old path is gone. | ||
if config.ServingInfo == nil { | ||
config.ServingInfo = &configv1.HTTPServingInfo{} | ||
} | ||
if err := helpers.ResolvePaths(getOpenShiftControllerConfigFileReferences(config), configFileLocation); err != nil { | ||
return err | ||
} | ||
} | ||
|
||
setRecommendedOpenShiftControllerConfigDefaults(config) | ||
|
||
clientConfig, err := helpers.GetKubeConfigOrInClusterConfig(config.KubeClientConfig.KubeConfig, config.KubeClientConfig.ConnectionOverrides) | ||
if err != nil { | ||
return err | ||
} | ||
return RunClusterPolicyController(config, clientConfig, stopCh) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Keep openshift imports in a single group above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To be clear: are we splitting openshift imports from this repo vs other repos into the groups or not? (am not sure if you are pointing out just the metrics)