hongming
@@ -254,6 +254,12 @@ func (c *Controller) syncHandler(key string) error {
|
||||
ns := c.generateNewNamespace(project)
|
||||
ns, err := c.client.CoreV1().Namespaces().Create(ns)
|
||||
if err != nil {
|
||||
// devops project name is conflict, cannot create admin namespace
|
||||
if errors.IsAlreadyExists(err) {
|
||||
klog.Errorf("Failed to create admin namespace for devopsproject %s, error %v", project.Name, err)
|
||||
c.eventRecorder.Event(project, v1.EventTypeWarning, "CreateAdminNamespaceFailed", err.Error())
|
||||
return err
|
||||
}
|
||||
klog.V(8).Info(err, fmt.Sprintf("failed to create ns %s ", key))
|
||||
return err
|
||||
}
|
||||
@@ -369,13 +375,15 @@ func (c *Controller) deleteDevOpsProjectInDevOps(project *devopsv1alpha3.DevOpsP
|
||||
}
|
||||
|
||||
func (c *Controller) generateNewNamespace(project *devopsv1alpha3.DevOpsProject) *v1.Namespace {
|
||||
// devops project name and admin namespace name should be the same
|
||||
// solve the access control problem of devops API v1alpha2 and v1alpha3
|
||||
ns := &v1.Namespace{
|
||||
TypeMeta: metav1.TypeMeta{
|
||||
Kind: "Namespace",
|
||||
APIVersion: v1.SchemeGroupVersion.String(),
|
||||
},
|
||||
ObjectMeta: metav1.ObjectMeta{
|
||||
GenerateName: project.Name,
|
||||
Name: project.Name,
|
||||
Labels: map[string]string{
|
||||
constants.DevOpsProjectLabelKey: project.Name,
|
||||
},
|
||||
|
||||
@@ -371,13 +371,13 @@ func TestUpdateNsOwnerReference(t *testing.T) {
|
||||
func TestCreateDevOpsProjects(t *testing.T) {
|
||||
f := newFixture(t)
|
||||
project := newDevOpsProject("test", "", true, false)
|
||||
ns := newNamespace("test-123", "test", true, true)
|
||||
ns := newNamespace("test", "test", false, true)
|
||||
f.devopsProjectLister = append(f.devopsProjectLister, project)
|
||||
f.objects = append(f.objects, project)
|
||||
f.expectDevOpsProject = []string{""}
|
||||
|
||||
// because generateName not work in fakeClient, so DevOpsProject would not be update
|
||||
// f.expectUpdateDevOpsProjectAction(project)
|
||||
expect := project.DeepCopy()
|
||||
expect.Status.AdminNamespace = "test"
|
||||
f.expectUpdateDevOpsProjectAction(expect)
|
||||
f.expectCreateNamespaceAction(ns)
|
||||
f.run(getKey(project, t))
|
||||
}
|
||||
|
||||
@@ -103,6 +103,9 @@ func (h *devopsHandler) CreateDevOpsProject(request *restful.Request, response *
|
||||
if errors.IsNotFound(err) {
|
||||
api.HandleNotFound(response, request, err)
|
||||
return
|
||||
} else if errors.IsConflict(err) {
|
||||
api.HandleConflict(response, request, err)
|
||||
return
|
||||
}
|
||||
api.HandleBadRequest(response, request, err)
|
||||
return
|
||||
|
||||
@@ -1222,7 +1222,7 @@ func (h *iamHandler) ListUserLoginRecords(request *restful.Request, response *re
|
||||
}
|
||||
|
||||
func handleError(request *restful.Request, response *restful.Response, err error) {
|
||||
if errors.IsBadRequest(err) {
|
||||
if errors.IsBadRequest(err) || errors.IsInvalid(err) {
|
||||
api.HandleBadRequest(response, request, err)
|
||||
} else if errors.IsNotFound(err) {
|
||||
api.HandleNotFound(response, request, err)
|
||||
|
||||
@@ -23,13 +23,16 @@ import (
|
||||
"io"
|
||||
"io/ioutil"
|
||||
v1 "k8s.io/api/core/v1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
"k8s.io/apimachinery/pkg/labels"
|
||||
"k8s.io/apimachinery/pkg/util/validation/field"
|
||||
"k8s.io/client-go/informers"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
"k8s.io/klog"
|
||||
"kubesphere.io/kubesphere/pkg/api"
|
||||
"kubesphere.io/kubesphere/pkg/apis/devops/v1alpha3"
|
||||
devopsv1alpha3 "kubesphere.io/kubesphere/pkg/apis/devops/v1alpha3"
|
||||
tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1"
|
||||
kubesphere "kubesphere.io/kubesphere/pkg/client/clientset/versioned"
|
||||
"kubesphere.io/kubesphere/pkg/client/informers/externalversions"
|
||||
@@ -143,7 +146,30 @@ func convertToHttpParameters(req *http.Request) *devops.HttpParameters {
|
||||
}
|
||||
|
||||
func (d devopsOperator) CreateDevOpsProject(workspace string, project *v1alpha3.DevOpsProject) (*v1alpha3.DevOpsProject, error) {
|
||||
project.Annotations[tenantv1alpha1.WorkspaceLabel] = workspace
|
||||
// All resources of devops project belongs to the namespace of the same name
|
||||
// The devops project name is used as the name of the admin namespace, using generateName to avoid conflicts
|
||||
if project.GenerateName == "" {
|
||||
err := errors.NewInvalid(devopsv1alpha3.SchemeGroupVersion.WithKind(devopsv1alpha3.ResourceKindDevOpsProject).GroupKind(),
|
||||
"", []*field.Error{field.Required(field.NewPath("metadata.generateName"), "generateName is required")})
|
||||
klog.Error(err)
|
||||
return nil, err
|
||||
}
|
||||
// generateName is used as displayName
|
||||
// ensure generateName is unique in workspace scope
|
||||
if unique, err := d.isGenerateNameUnique(workspace, project.GenerateName); err != nil {
|
||||
return nil, err
|
||||
} else if !unique {
|
||||
err = errors.NewConflict(devopsv1alpha3.Resource(devopsv1alpha3.ResourceSingularDevOpsProject),
|
||||
project.GenerateName, fmt.Errorf(project.GenerateName, fmt.Errorf("a devops project named %s already exists in the workspace", project.GenerateName)))
|
||||
klog.Error(err)
|
||||
return nil, err
|
||||
}
|
||||
// metadata override
|
||||
if project.Labels == nil {
|
||||
project.Labels = make(map[string]string, 0)
|
||||
}
|
||||
project.Name = ""
|
||||
project.Labels[tenantv1alpha1.WorkspaceLabel] = workspace
|
||||
return d.ksclient.DevopsV1alpha3().DevOpsProjects().Create(project)
|
||||
}
|
||||
|
||||
@@ -156,7 +182,10 @@ func (d devopsOperator) DeleteDevOpsProject(workspace string, projectName string
|
||||
}
|
||||
|
||||
func (d devopsOperator) UpdateDevOpsProject(workspace string, project *v1alpha3.DevOpsProject) (*v1alpha3.DevOpsProject, error) {
|
||||
project.Annotations[tenantv1alpha1.WorkspaceLabel] = workspace
|
||||
if project.Labels == nil {
|
||||
project.Labels = make(map[string]string, 0)
|
||||
}
|
||||
project.Labels[tenantv1alpha1.WorkspaceLabel] = workspace
|
||||
return d.ksclient.DevopsV1alpha3().DevOpsProjects().Update(project)
|
||||
}
|
||||
|
||||
@@ -866,6 +895,21 @@ func (d devopsOperator) ToJson(req *http.Request) (*devops.ResJson, error) {
|
||||
return res, err
|
||||
}
|
||||
|
||||
func (d devopsOperator) isGenerateNameUnique(workspace, generateName string) (bool, error) {
|
||||
selector := labels.Set{tenantv1alpha1.WorkspaceLabel: workspace}
|
||||
projects, err := d.ksInformers.Devops().V1alpha3().DevOpsProjects().Lister().List(labels.SelectorFromSet(selector))
|
||||
if err != nil {
|
||||
klog.Error(err)
|
||||
return false, err
|
||||
}
|
||||
for _, p := range projects {
|
||||
if p.GenerateName == generateName {
|
||||
return false, err
|
||||
}
|
||||
}
|
||||
return true, nil
|
||||
}
|
||||
|
||||
func getInputReqBody(reqBody io.ReadCloser) (newReqBody io.ReadCloser, err error) {
|
||||
var checkBody devops.CheckPlayload
|
||||
var jsonBody []byte
|
||||
|
||||
Reference in New Issue
Block a user