From 3d40b1905defdd2c7be04677f06df45e6c36e490 Mon Sep 17 00:00:00 2001
From: hongming <coder.scala@gmail.com>
Date: Thu, 26 Dec 2024 15:45:34 +0800
Subject: [PATCH] fix: the problem of conflicting controller output logs caused
 by duplicate initialization of roles and workspace roles when the controller
 is started (#2139)

Signed-off-by: peng wu <2030047311@qq.com>
Signed-off-by: hongming <coder.scala@gmail.com>
---
 pkg/controller/namespace/namespace_controller.go |  9 ++++-----
 pkg/controller/role/role_controller.go           | 16 ++++++----------
 .../workspacetemplate_controller.go              | 12 ++++++------
 3 files changed, 16 insertions(+), 21 deletions(-)

diff --git a/pkg/controller/namespace/namespace_controller.go b/pkg/controller/namespace/namespace_controller.go
index 4fba446d9..ad2549fda 100644
--- a/pkg/controller/namespace/namespace_controller.go
+++ b/pkg/controller/namespace/namespace_controller.go
@@ -89,6 +89,9 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu
 	// The object is not being deleted, so if it does not have our finalizer,
 	// then lets add the finalizer and update the object.
 	if workspaceLabelExists && !controllerutil.ContainsFinalizer(namespace, constants.CascadingDeletionFinalizer) {
+		if err := r.initRoles(ctx, namespace); err != nil {
+			return ctrl.Result{}, errors.Wrapf(err, "failed to init roles in namespace %s", namespace.Name)
+		}
 		if err := r.initCreatorRoleBinding(ctx, namespace); err != nil {
 			return ctrl.Result{}, errors.Wrapf(err, "failed to init creator role binding")
 		}
@@ -104,11 +107,7 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu
 		return ctrl.Result{}, nil
 	}
 
-	if workspaceLabelExists {
-		if err := r.initRoles(ctx, namespace); err != nil {
-			return ctrl.Result{}, errors.Wrapf(err, "failed to init roles in namespace %s", namespace.Name)
-		}
-	} else {
+	if !workspaceLabelExists {
 		if err := r.cleanUp(ctx, namespace); err != nil {
 			return ctrl.Result{}, errors.Wrapf(err, "failed to clean up namespace %s", namespace.Name)
 		}
diff --git a/pkg/controller/role/role_controller.go b/pkg/controller/role/role_controller.go
index 4e60573fd..0f1eb3164 100644
--- a/pkg/controller/role/role_controller.go
+++ b/pkg/controller/role/role_controller.go
@@ -9,23 +9,18 @@ import (
 	"context"
 	"fmt"
 
-	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
-
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-
-	rbacutils "kubesphere.io/kubesphere/pkg/utils/rbac"
-
-	rbacv1 "k8s.io/api/rbac/v1"
-
-	kscontroller "kubesphere.io/kubesphere/pkg/controller"
-
 	"github.com/go-logr/logr"
+	rbacv1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/tools/record"
 	iamv1beta1 "kubesphere.io/api/iam/v1beta1"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
 	rbachelper "kubesphere.io/kubesphere/pkg/componenthelper/auth/rbac"
+	kscontroller "kubesphere.io/kubesphere/pkg/controller"
+	rbacutils "kubesphere.io/kubesphere/pkg/utils/rbac"
 )
 
 const (
@@ -97,6 +92,7 @@ func (r *Reconciler) syncToKubernetes(ctx context.Context, role *iamv1beta1.Role
 
 	if err != nil {
 		r.logger.Error(err, "sync role failed", "namespace", role.Namespace, "role", role.Name)
+		return err
 	}
 
 	r.logger.V(4).Info("sync role to K8s", "namespace", role.Namespace, "role", role.Name, "op", op)
diff --git a/pkg/controller/workspacetemplate/workspacetemplate_controller.go b/pkg/controller/workspacetemplate/workspacetemplate_controller.go
index 36232cb4a..03c5578d0 100644
--- a/pkg/controller/workspacetemplate/workspacetemplate_controller.go
+++ b/pkg/controller/workspacetemplate/workspacetemplate_controller.go
@@ -115,6 +115,12 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu
 		// The object is not being deleted, so if it does not have our finalizer,
 		// then lets add the finalizer and update the object.
 		if !controllerutil.ContainsFinalizer(workspaceTemplate, constants.CascadingDeletionFinalizer) {
+			if err := r.initWorkspaceRoles(ctx, workspaceTemplate); err != nil {
+				return ctrl.Result{}, err
+			}
+			if err := r.initManagerRoleBinding(ctx, workspaceTemplate); err != nil {
+				return ctrl.Result{}, err
+			}
 			updated := workspaceTemplate.DeepCopy()
 			// Remove legacy finalizer
 			controllerutil.RemoveFinalizer(updated, "finalizers.workspacetemplate.kubesphere.io")
@@ -140,12 +146,6 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Resu
 		return ctrl.Result{}, nil
 	}
 
-	if err := r.initWorkspaceRoles(ctx, workspaceTemplate); err != nil {
-		return ctrl.Result{}, err
-	}
-	if err := r.initManagerRoleBinding(ctx, workspaceTemplate); err != nil {
-		return ctrl.Result{}, err
-	}
 	if err := r.multiClusterSync(ctx, workspaceTemplate); err != nil {
 		return ctrl.Result{}, err
 	}