-
Notifications
You must be signed in to change notification settings - Fork 226
/
handler.go
127 lines (108 loc) · 3.74 KB
/
handler.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
// Package cleanup provides a controller that cleans up resources that are no longer needed.
package cleanup
import (
"context"
fleet "github.com/rancher/fleet/pkg/apis/fleet.cattle.io/v1alpha1"
fleetcontrollers "github.com/rancher/fleet/pkg/generated/controllers/fleet.cattle.io/v1alpha1"
"github.com/sirupsen/logrus"
"github.com/rancher/wrangler/pkg/apply"
corecontrollers "github.com/rancher/wrangler/pkg/generated/controllers/core/v1"
rbaccontrollers "github.com/rancher/wrangler/pkg/generated/controllers/rbac/v1"
corev1 "k8s.io/api/core/v1"
rbacv1 "k8s.io/api/rbac/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/runtime"
)
type handler struct {
apply apply.Apply
clusters fleetcontrollers.ClusterCache
namespaces corecontrollers.NamespaceClient
}
func Register(ctx context.Context, apply apply.Apply,
secrets corecontrollers.SecretController,
serviceAccount corecontrollers.ServiceAccountController,
bundledeployment fleetcontrollers.BundleDeploymentController,
role rbaccontrollers.RoleController,
roleBinding rbaccontrollers.RoleBindingController,
clusterRole rbaccontrollers.ClusterRoleController,
clusterRoleBinding rbaccontrollers.ClusterRoleBindingController,
namespaces corecontrollers.NamespaceController,
clusterCache fleetcontrollers.ClusterCache) {
h := &handler{
apply: apply,
clusters: clusterCache,
namespaces: namespaces,
}
bundledeployment.OnChange(ctx, "managed-cleanup", func(_ string, obj *fleet.BundleDeployment) (*fleet.BundleDeployment, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
clusterRole.OnChange(ctx, "managed-cleanup", func(_ string, obj *rbacv1.ClusterRole) (*rbacv1.ClusterRole, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
clusterRoleBinding.OnChange(ctx, "managed-cleanup", func(_ string, obj *rbacv1.ClusterRoleBinding) (*rbacv1.ClusterRoleBinding, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
role.OnChange(ctx, "managed-cleanup", func(_ string, obj *rbacv1.Role) (*rbacv1.Role, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
roleBinding.OnChange(ctx, "managed-cleanup", func(_ string, obj *rbacv1.RoleBinding) (*rbacv1.RoleBinding, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
serviceAccount.OnChange(ctx, "managed-cleanup", func(_ string, obj *corev1.ServiceAccount) (*corev1.ServiceAccount, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
secrets.OnChange(ctx, "managed-cleanup", func(_ string, obj *corev1.Secret) (*corev1.Secret, error) {
if obj == nil {
return nil, nil
}
return obj, h.cleanup(obj)
})
namespaces.OnChange(ctx, "managed-namespace-cleanup", h.cleanupNamespace)
}
func (h *handler) cleanupNamespace(key string, obj *corev1.Namespace) (*corev1.Namespace, error) {
if obj == nil || obj.Labels[fleet.ManagedLabel] != "true" {
return obj, nil
}
// check if the cluster for this cluster namespace still exists, otherwise clean up the namespace
_, err := h.clusters.Get(obj.Annotations[fleet.ClusterNamespaceAnnotation], obj.Annotations[fleet.ClusterAnnotation])
if apierrors.IsNotFound(err) {
logrus.Infof("Cleaning up fleet-managed namespace %s", obj.Name)
err = h.namespaces.Delete(key, nil)
return obj, err
}
return obj, err
}
func (h *handler) cleanup(obj runtime.Object) error {
meta, err := meta.Accessor(obj)
if err != nil {
return err
}
if meta.GetLabels()[fleet.ManagedLabel] != "true" {
return nil
}
// If orphaned, purge the fleet-managed resource, this is often a no-op
err = h.apply.PurgeOrphan(obj)
if apierrors.IsNotFound(err) {
return nil
}
return err
}