Skip to content

Commit

Permalink
adds build & deployer controller
Browse files Browse the repository at this point in the history
  • Loading branch information
@apoorvajagtap
apoorvajagtap committed Feb 15, 2024
1 parent 3369227 commit b7d47db
Show file tree
Hide file tree
Showing 5 changed files with 53 additions and 21 deletions.
30 changes: 15 additions & 15 deletions pkg/authorization/defaultrolebindings/defaultrolebindings.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ import (
"k8s.io/klog/v2"
)

var defaultRoleBindingNames = GetBootstrapServiceAccountProjectRoleBindingNames()
var roleBindingNames = GetBootstrapServiceAccountProjectRoleBindingNames()

// DefaultRoleBindingController is a controller to combine cluster roles
type DefaultRoleBindingController struct {
// RoleBindingController is a controller to combine cluster roles
type RoleBindingController struct {
roleBindingClient rbacclient.RoleBindingsGetter

roleBindingLister rbaclisters.RoleBindingLister
Expand All @@ -37,17 +37,17 @@ type DefaultRoleBindingController struct {
queue workqueue.RateLimitingInterface
}

// NewDefaultRoleBinding creates a new controller
func NewDefaultRoleBindingsController(roleBindingInformer rbacinformers.RoleBindingInformer, namespaceInformer coreinformers.NamespaceInformer, roleBindingClient rbacclient.RoleBindingsGetter) *DefaultRoleBindingController {
c := &DefaultRoleBindingController{
// NewRoleBinding creates a new controller
func NewRoleBindingsController(roleBindingInformer rbacinformers.RoleBindingInformer, namespaceInformer coreinformers.NamespaceInformer, roleBindingClient rbacclient.RoleBindingsGetter, controller string) *RoleBindingController {
c := &RoleBindingController{
roleBindingClient: roleBindingClient,

roleBindingLister: roleBindingInformer.Lister(),
roleBindingSynced: roleBindingInformer.Informer().HasSynced,
namespaceLister: namespaceInformer.Lister(),
namespaceSynced: namespaceInformer.Informer().HasSynced,

queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), "DefaultRoleBindingsController"),
queue: workqueue.NewNamedRateLimitingQueue(workqueue.DefaultControllerRateLimiter(), controller),
}
c.syncHandler = c.syncNamespace

Expand All @@ -57,7 +57,7 @@ func NewDefaultRoleBindingsController(roleBindingInformer rbacinformers.RoleBind
if err != nil {
return false
}
return defaultRoleBindingNames.Has(metadata.GetName())
return roleBindingNames.Has(metadata.GetName())
},
Handler: cache.ResourceEventHandlerFuncs{
DeleteFunc: func(uncast interface{}) {
Expand Down Expand Up @@ -94,7 +94,7 @@ func NewDefaultRoleBindingsController(roleBindingInformer rbacinformers.RoleBind
return c
}

func (c *DefaultRoleBindingController) syncNamespace(namespaceName string) error {
func (c *RoleBindingController) syncNamespace(namespaceName string) error {
namespace, err := c.namespaceLister.Get(namespaceName)
if errors.IsNotFound(err) {
return nil
Expand Down Expand Up @@ -142,14 +142,14 @@ func (c *DefaultRoleBindingController) syncNamespace(namespaceName string) error
}

// Run starts the controller and blocks until stopCh is closed.
func (c *DefaultRoleBindingController) Run(workers int, stopCh <-chan struct{}) {
func (c *RoleBindingController) Run(workers int, stopCh <-chan struct{}, controller string) {
defer utilruntime.HandleCrash()
defer c.queue.ShutDown()

klog.Infof("Starting DefaultRoleBindingController")
defer klog.Infof("Shutting down DefaultRoleBindingController")
klog.Infof("Starting %v", controller)
defer klog.Infof("Shutting down %v", controller)

if !cache.WaitForNamedCacheSync("DefaultRoleBindingController", stopCh, c.roleBindingSynced, c.namespaceSynced) {
if !cache.WaitForNamedCacheSync(controller, stopCh, c.roleBindingSynced, c.namespaceSynced) {
return
}

Expand All @@ -160,12 +160,12 @@ func (c *DefaultRoleBindingController) Run(workers int, stopCh <-chan struct{})
<-stopCh
}

func (c *DefaultRoleBindingController) runWorker() {
func (c *RoleBindingController) runWorker() {
for c.processNextWorkItem() {
}
}

func (c *DefaultRoleBindingController) processNextWorkItem() bool {
func (c *RoleBindingController) processNextWorkItem() bool {
dsKey, quit := c.queue.Get()
if quit {
return false
Expand Down
2 changes: 1 addition & 1 deletion pkg/authorization/defaultrolebindings/defaultrolebindings_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func TestSync(t *testing.T) {
namespaceIndexer.Add(obj)
}
fakeClient := kubeclientfake.NewSimpleClientset(objs...)
c := DefaultRoleBindingController{
c := RoleBindingController{
roleBindingClient: fakeClient.RbacV1(),
roleBindingLister: rbaclisters.NewRoleBindingLister(roleBindingIndexer),
namespaceLister: corelisters.NewNamespaceLister(namespaceIndexer),
Expand Down
36 changes: 31 additions & 5 deletions pkg/cmd/controller/authorization.go
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,44 @@
package controller

import "github.com/openshift/openshift-controller-manager/pkg/authorization/defaultrolebindings"
import (
"github.com/openshift/openshift-controller-manager/pkg/authorization/defaultrolebindings"
"k8s.io/client-go/kubernetes"
)

func RunDefaultRoleBindingController(ctx *ControllerContext) (bool, error) {
kubeClient, err := ctx.ClientBuilder.Client(infraDefaultRoleBindingsControllerServiceAccountName)
if err != nil {
return true, err
}

go defaultrolebindings.NewDefaultRoleBindingsController(
ctx.KubernetesInformers.Rbac().V1().RoleBindings(),
ctx.KubernetesInformers.Core().V1().Namespaces(),
return runRoleBindingController(ctx, kubeClient, "DefaultRoleBindingController")
}

func RunBuilderRoleBindingController(ctx *ControllerContext) (bool, error) {
kubeClient, err := ctx.ClientBuilder.Client(infraBuilderRoleBindingsControllerServiceAccountName)
if err != nil {
return true, err
}

return runRoleBindingController(ctx, kubeClient, "BuilderRoleBindingController")
}

func RunDeployerRoleBindingController(ctx *ControllerContext) (bool, error) {
kubeClient, err := ctx.ClientBuilder.Client(infraDeployerRoleBindingsControllerServiceAccountName)
if err != nil {
return true, err
}

return runRoleBindingController(ctx, kubeClient, "DeployerRoleBindingController")
}

func runRoleBindingController(cctx *ControllerContext, kubeClient kubernetes.Interface, controllerName string) (bool, error) {
go defaultrolebindings.NewRoleBindingsController(
cctx.KubernetesInformers.Rbac().V1().RoleBindings(),
cctx.KubernetesInformers.Core().V1().Namespaces(),
kubeClient.RbacV1(),
).Run(5, ctx.Stop)
controllerName,
).Run(5, cctx.Stop, controllerName)

return true, nil
}
4 changes: 4 additions & 0 deletions pkg/cmd/controller/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,11 @@ var ControllerInitializers = map[openshiftcontrolplanev1.OpenShiftControllerName
openshiftcontrolplanev1.OpenShiftBuilderServiceAccountController: RunBuilderServiceAccountController,
openshiftcontrolplanev1.OpenShiftBuildController: RunBuildController,
openshiftcontrolplanev1.OpenShiftBuildConfigChangeController: RunBuildConfigChangeController,
openshiftcontrolplanev1.OpenShiftBuilderRoleBindingsController: RunBuilderRoleBindingController,

openshiftcontrolplanev1.OpenShiftDeployerServiceAccountController: RunDeployerServiceAccountController,
openshiftcontrolplanev1.OpenShiftDeployerController: RunDeployerController,
openshiftcontrolplanev1.OpenShiftDeployerRoleBindingsController: RunDeployerRoleBindingController,
openshiftcontrolplanev1.OpenShiftDeploymentConfigController: RunDeploymentConfigController,

openshiftcontrolplanev1.OpenShiftImageTriggerController: RunImageTriggerController,
Expand All @@ -35,9 +37,11 @@ const (
infraServiceAccountControllerServiceAccountName = "serviceaccount-controller"
iInfraServiceAccountPullSecretsControllerServiceAccountName = "serviceaccount-pull-secrets-controller"
infraBuildControllerServiceAccountName = "build-controller"
infraBuilderRoleBindingsControllerServiceAccountName = "builder-rolebindings-controller"
infraBuildConfigChangeControllerServiceAccountName = "build-config-change-controller"
infraDeploymentConfigControllerServiceAccountName = "deploymentconfig-controller"
infraDeployerControllerServiceAccountName = "deployer-controller"
infraDeployerRoleBindingsControllerServiceAccountName = "deployer-rolebindings-controller"
infraImageTriggerControllerServiceAccountName = "image-trigger-controller"
infraImageImportControllerServiceAccountName = "image-import-controller"
infraUnidlingControllerServiceAccountName = "unidling-controller"
Expand Down
2 changes: 2 additions & 0 deletions vendor/github.com/openshift/api/openshiftcontrolplane/v1/types.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit b7d47db

Please sign in to comment.