From 01db8b2352da0f692547d04c18234991b8e14e3d Mon Sep 17 00:00:00 2001
From: hongming <talonwan@yunify.com>
Date: Fri, 23 Apr 2021 14:19:35 +0800
Subject: [PATCH] Fix SelectorFromSet ignore errors and select everything

Signed-off-by: hongming <talonwan@yunify.com>
---
 pkg/controller/group/group_controller.go | 15 ++++++++++++---
 pkg/controller/user/user_controller.go   |  8 +++++++-
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/pkg/controller/group/group_controller.go b/pkg/controller/group/group_controller.go
index bdd455987..9596c4405 100644
--- a/pkg/controller/group/group_controller.go
+++ b/pkg/controller/group/group_controller.go
@@ -21,6 +21,8 @@ import (
 	"fmt"
 	"reflect"
 
+	"k8s.io/apimachinery/pkg/util/validation"
+
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -237,10 +239,13 @@ func (c *Controller) reconcile(key string) error {
 }
 
 func (c *Controller) deleteGroupBindings(group *iam1alpha2.Group) error {
-
+	if len(group.Name) > validation.LabelValueMaxLength {
+		// ignore invalid label value error
+		return nil
+	}
 	// Groupbindings that created by kubesphere will be deleted directly.
 	listOptions := metav1.ListOptions{
-		LabelSelector: labels.SelectorFromSet(labels.Set{iam1alpha2.GroupReferenceLabel: group.Name}).String(),
+		LabelSelector: labels.SelectorFromValidatedSet(labels.Set{iam1alpha2.GroupReferenceLabel: group.Name}).String(),
 	}
 	if err := c.ksClient.IamV1alpha2().GroupBindings().
 		DeleteCollection(context.Background(), *metav1.NewDeleteOptions(0), listOptions); err != nil {
@@ -252,8 +257,12 @@ func (c *Controller) deleteGroupBindings(group *iam1alpha2.Group) error {
 
 // remove all RoleBindings.
 func (c *Controller) deleteRoleBindings(group *iam1alpha2.Group) error {
+	if len(group.Name) > validation.LabelValueMaxLength {
+		// ignore invalid label value error
+		return nil
+	}
 	listOptions := metav1.ListOptions{
-		LabelSelector: labels.SelectorFromSet(labels.Set{iam1alpha2.GroupReferenceLabel: group.Name}).String(),
+		LabelSelector: labels.SelectorFromValidatedSet(labels.Set{iam1alpha2.GroupReferenceLabel: group.Name}).String(),
 	}
 	deleteOptions := *metav1.NewDeleteOptions(0)
 
diff --git a/pkg/controller/user/user_controller.go b/pkg/controller/user/user_controller.go
index 9db760930..ad5907bca 100644
--- a/pkg/controller/user/user_controller.go
+++ b/pkg/controller/user/user_controller.go
@@ -23,6 +23,8 @@ import (
 	"reflect"
 	"time"
 
+	"k8s.io/apimachinery/pkg/util/validation"
+
 	utilwait "k8s.io/apimachinery/pkg/util/wait"
 
 	"kubesphere.io/kubesphere/pkg/controller/utils/controller"
@@ -486,8 +488,12 @@ func (c *userController) deleteGroupBindings(user *iamv1alpha2.User) error {
 }
 
 func (c *userController) deleteRoleBindings(user *iamv1alpha2.User) error {
+	if len(user.Name) > validation.LabelValueMaxLength {
+		// ignore invalid label value error
+		return nil
+	}
 	listOptions := metav1.ListOptions{
-		LabelSelector: labels.SelectorFromSet(labels.Set{iamv1alpha2.UserReferenceLabel: user.Name}).String(),
+		LabelSelector: labels.SelectorFromValidatedSet(labels.Set{iamv1alpha2.UserReferenceLabel: user.Name}).String(),
 	}
 	deleteOptions := *metav1.NewDeleteOptions(0)
 	if err := c.ksClient.IamV1alpha2().GlobalRoleBindings().