diff --git a/pkg/models/iam/am.go b/pkg/models/iam/am.go index 29a264634..6081df9ed 100644 --- a/pkg/models/iam/am.go +++ b/pkg/models/iam/am.go @@ -38,7 +38,6 @@ import ( "kubesphere.io/kubesphere/pkg/utils/sliceutil" "sort" "strings" - "time" ) const ( @@ -668,24 +667,20 @@ func CreateClusterRoleBinding(username string, clusterRoleName string) error { // cluster role changed if found.RoleRef.Name != clusterRoleName { - deletePolicy := metav1.DeletePropagationForeground + deletePolicy := metav1.DeletePropagationBackground gracePeriodSeconds := int64(0) deleteOption := &metav1.DeleteOptions{PropagationPolicy: &deletePolicy, GracePeriodSeconds: &gracePeriodSeconds} err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Delete(found.Name, deleteOption) if err != nil { - klog.Errorln("delete cluster role binding", err) + klog.Errorln(err) return err } - maxRetries := 3 - for i := 0; i < maxRetries; i++ { - _, err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Create(clusterRoleBinding) - if err == nil { - return nil - } - time.Sleep(300 * time.Millisecond) + _, err = client.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Create(clusterRoleBinding) + if err != nil { + klog.Errorln(err) + return err } - klog.Errorln("create cluster role binding", err) - return err + return nil } if !k8sutil.ContainsUser(found.Subjects, username) { diff --git a/pkg/models/iam/im.go b/pkg/models/iam/im.go index cef5b10b3..5ab351032 100644 --- a/pkg/models/iam/im.go +++ b/pkg/models/iam/im.go @@ -855,7 +855,7 @@ func deleteRoleBindings(username string) error { length2 := len(roleBinding.Subjects) if length2 == 0 { - deletePolicy := metav1.DeletePropagationForeground + deletePolicy := metav1.DeletePropagationBackground err = clientset.ClientSets().K8s().Kubernetes().RbacV1().RoleBindings(roleBinding.Namespace).Delete(roleBinding.Name, &metav1.DeleteOptions{PropagationPolicy: &deletePolicy}) if err != nil { @@ -890,7 +890,7 @@ func deleteRoleBindings(username string) error { if isWorkspaceRoleBinding(clusterRoleBinding) { _, err = clientset.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Update(clusterRoleBinding) } else { - deletePolicy := metav1.DeletePropagationForeground + deletePolicy := metav1.DeletePropagationBackground err = clientset.ClientSets().K8s().Kubernetes().RbacV1().ClusterRoleBindings().Delete(clusterRoleBinding.Name, &metav1.DeleteOptions{PropagationPolicy: &deletePolicy}) } if err != nil { diff --git a/pkg/models/workspaces/workspaces.go b/pkg/models/workspaces/workspaces.go index e9bf2f219..47df460f0 100644 --- a/pkg/models/workspaces/workspaces.go +++ b/pkg/models/workspaces/workspaces.go @@ -70,7 +70,7 @@ func DeleteNamespace(workspace string, namespaceName string) error { return err } if namespace.Labels[constants.WorkspaceLabelKey] == workspace { - deletePolicy := metav1.DeletePropagationForeground + deletePolicy := metav1.DeletePropagationBackground return clientset.ClientSets().K8s().Kubernetes().CoreV1().Namespaces().Delete(namespaceName, &metav1.DeleteOptions{PropagationPolicy: &deletePolicy}) } else { return errors.New("resource not found")