Merge pull request #1836 from wansir/namespace_controller
fix: remove owner reference when unbind workspace
This commit is contained in:
KubeSphere CI Bot
@@ -170,9 +170,15 @@ func (r *ReconcileNamespace) Reconcile(request reconcile.Request) (reconcile.Res
|
||||
|
||||
if !controlledByWorkspace {
|
||||
|
||||
err = r.deleteRoleBindings(instance)
|
||||
if err = r.unbindWorkspace(instance); err != nil {
|
||||
return reconcile.Result{}, err
|
||||
}
|
||||
|
||||
return reconcile.Result{}, err
|
||||
if err = r.deleteRoleBindings(instance); err != nil {
|
||||
return reconcile.Result{}, err
|
||||
}
|
||||
|
||||
return reconcile.Result{}, nil
|
||||
}
|
||||
|
||||
if err = r.checkAndBindWorkspace(instance); err != nil {
|
||||
@@ -220,6 +226,7 @@ func (r *ReconcileNamespace) checkAndCreateRoles(namespace *corev1.Namespace) er
|
||||
klog.Error(err)
|
||||
return err
|
||||
}
|
||||
found = role
|
||||
} else {
|
||||
klog.Error(err)
|
||||
return err
|
||||
@@ -451,6 +458,21 @@ func (r *ReconcileNamespace) deleteRuntime(namespace *corev1.Namespace) error {
|
||||
|
||||
return nil
|
||||
}
|
||||
func (r *ReconcileNamespace) unbindWorkspace(instance *corev1.Namespace) error {
|
||||
ownerReferences := make([]metav1.OwnerReference, 0)
|
||||
|
||||
for _, ref := range instance.OwnerReferences {
|
||||
if ref.Kind != v1alpha1.ResourceKindWorkspace {
|
||||
ownerReferences = append(ownerReferences, ref)
|
||||
}
|
||||
}
|
||||
|
||||
if len(ownerReferences) != len(instance.OwnerReferences) {
|
||||
instance.OwnerReferences = ownerReferences
|
||||
return r.Update(context.TODO(), instance)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// Create openpitrix runtime
|
||||
func (r *ReconcileNamespace) checkAndBindWorkspace(namespace *corev1.Namespace) error {
|
||||
|
||||
@@ -156,16 +156,26 @@ func DeleteWorkspaceRoleBinding(workspace, username string, role string) error {
|
||||
}
|
||||
workspaceRoleBinding = workspaceRoleBinding.DeepCopy()
|
||||
|
||||
for i, v := range workspaceRoleBinding.Subjects {
|
||||
if v.Kind == v1.UserKind && v.Name == username {
|
||||
workspaceRoleBinding.Subjects = append(workspaceRoleBinding.Subjects[:i], workspaceRoleBinding.Subjects[i+1:]...)
|
||||
i--
|
||||
subjects := make([]v1.Subject, 0)
|
||||
|
||||
for _, subject := range workspaceRoleBinding.Subjects {
|
||||
if subject.Kind != v1.UserKind || subject.Name != username {
|
||||
subjects = append(subjects, subject)
|
||||
}
|
||||
}
|
||||
|
||||
workspaceRoleBinding, err = clientset.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Update(workspaceRoleBinding)
|
||||
if len(subjects) != len(workspaceRoleBinding.Subjects) {
|
||||
workspaceRoleBinding.Subjects = subjects
|
||||
|
||||
return err
|
||||
_, err = clientset.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Update(workspaceRoleBinding)
|
||||
|
||||
if err != nil {
|
||||
klog.Errorln(err)
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func GetDevOpsProjectsCount(workspaceName string) (int, error) {
|
||||
|
||||
Reference in New Issue
Block a user