Merge pull request #1310 from wansir/iam

fix: delete propagation policy
2019-11-02 23:16:58 +08:00
parent cae0911d46 228ce54f4f
commit d7a73c003f
3 changed files with 10 additions and 15 deletions
--- a/pkg/models/iam/am.go
+++ b/pkg/models/iam/am.go
@@ -38,7 +38,6 @@ import (
 	"kubesphere.io/kubesphere/pkg/utils/sliceutil"
 	"sort"
 	"strings"
-	"time"
 )

 const (
@@ -668,24 +667,20 @@ func CreateClusterRoleBinding(username string, clusterRoleName string) error {

 	// cluster role changed
 	if found.RoleRef.Name != clusterRoleName {
-		deletePolicy := metav1.DeletePropagationForeground
+		deletePolicy := metav1.DeletePropagationBackground
 		gracePeriodSeconds := int64(0)
 		deleteOption := &metav1.DeleteOptions{PropagationPolicy: &deletePolicy, GracePeriodSeconds: &gracePeriodSeconds}
 		err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Delete(found.Name, deleteOption)
 		if err != nil {
-			klog.Errorln("delete cluster role binding", err)
+			klog.Errorln(err)
 			return err
 		}
-		maxRetries := 3
-		for i := 0; i < maxRetries; i++ {
-			_, err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Create(clusterRoleBinding)
-			if err == nil {
-				return nil
-			}
-			time.Sleep(300 * time.Millisecond)
+		_, err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Create(clusterRoleBinding)
+		if err != nil {
+			klog.Errorln(err)
+			return err
 		}
-		klog.Errorln("create cluster role binding", err)
-		return err
+		return nil
 	}

 	if !k8sutil.ContainsUser(found.Subjects, username) {
--- a/pkg/models/iam/im.go
+++ b/pkg/models/iam/im.go
@@ -855,7 +855,7 @@ func deleteRoleBindings(username string) error {
 		length2 := len(roleBinding.Subjects)

 		if length2 == 0 {
-			deletePolicy := metav1.DeletePropagationForeground
+			deletePolicy := metav1.DeletePropagationBackground
 			err = clientset.ClientSets().K8s().Kubernetes().RbacV1().RoleBindings(roleBinding.Namespace).Delete(roleBinding.Name, &metav1.DeleteOptions{PropagationPolicy: &deletePolicy})

 			if err != nil {
@@ -890,7 +890,7 @@ func deleteRoleBindings(username string) error {
 			if isWorkspaceRoleBinding(clusterRoleBinding) {
 				_, err = clientset.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Update(clusterRoleBinding)
 			} else {
-				deletePolicy := metav1.DeletePropagationForeground
+				deletePolicy := metav1.DeletePropagationBackground
 				err = clientset.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Delete(clusterRoleBinding.Name, &metav1.DeleteOptions{PropagationPolicy: &deletePolicy})
 			}
 			if err != nil {
--- a/pkg/models/workspaces/workspaces.go
+++ b/pkg/models/workspaces/workspaces.go
@@ -70,7 +70,7 @@ func DeleteNamespace(workspace string, namespaceName string) error {
 		return err
 	}
 	if namespace.Labels[constants.WorkspaceLabelKey] == workspace {
-		deletePolicy := metav1.DeletePropagationForeground
+		deletePolicy := metav1.DeletePropagationBackground
 		return clientset.ClientSets().K8s().Kubernetes().CoreV1().Namespaces().Delete(namespaceName, &metav1.DeleteOptions{PropagationPolicy: &deletePolicy})
 	} else {
 		return errors.New("resource not found")