Return "namespace not found" error to allow future reconciliation if …

…namespace is created later (#30) Signed-off-by: Rokibul Hasan <[email protected]>
kluster-manager · Nov 18, 2024 · e434066 · e434066
1 parent f1f2f6f
commit e434066
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 14 deletions.
diff --git a/pkg/agent/controller/managedclusterrolebinding_controller.go b/pkg/agent/controller/managedclusterrolebinding_controller.go
@@ -115,13 +115,10 @@ func (r *ManagedClusterRoleBindingReconciler) Reconcile(ctx context.Context, req
 		}
 	} else {
 		for _, ns := range managedCRB.RoleRef.Namespaces {
-			exist, err := utils.IsNamespaceExist(r.SpokeClient, ns)
+			_, err := utils.IsNamespaceExist(r.SpokeClient, ns)
 			if err != nil {
 				return reconcile.Result{}, err
 			}
-			if !exist {
-				continue
-			}
 
 			givenRolebinding := &rbac.RoleBinding{
 				TypeMeta: metav1.TypeMeta{

diff --git a/pkg/manager/controller/authentication/account_controller.go b/pkg/manager/controller/authentication/account_controller.go
@@ -146,7 +146,7 @@ func (r *AccountReconciler) createGatewayClusterRoleBindingForUser(ctx context.C
 
 	crb := rbac.ClusterRoleBinding{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: fmt.Sprintf("ace.%s.proxy", acc.Spec.UID),
+			Name: fmt.Sprintf("%s.proxy", acc.Name),
 			OwnerReferences: []metav1.OwnerReference{
 				*metav1.NewControllerRef(acc, authenticationv1alpha1.GroupVersion.WithKind("Account")),
 			},
@@ -214,7 +214,7 @@ func (r *AccountReconciler) createImpersonateClusterRoleAndRoleBinding(ctx conte
 	}
 	crb := rbac.ClusterRoleBinding{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: fmt.Sprintf("ace.%s.impersonate", acc.Spec.UID),
+			Name: fmt.Sprintf("%s.impersonate", acc.Name),
 			OwnerReferences: []metav1.OwnerReference{
 				*metav1.NewControllerRef(acc, authenticationv1alpha1.GroupVersion.WithKind("Account")),
 			},
@@ -227,10 +227,6 @@ func (r *AccountReconciler) createImpersonateClusterRoleAndRoleBinding(ctx conte
 		},
 	}
 
-	if strings.Contains(acc.Spec.Username, common.ServiceAccountPrefix) {
-		crb.Name = fmt.Sprintf("ace.%s.impersonate", acc.Name)
-	}
-
 	_, err = cu.CreateOrPatch(context.Background(), r.Client, &crb, func(obj client.Object, createOp bool) client.Object {
 		in := obj.(*rbac.ClusterRoleBinding)
 		in.ObjectMeta = crb.ObjectMeta

diff --git a/pkg/utils/util.go b/pkg/utils/util.go
@@ -24,7 +24,6 @@ import (
 	authorizationv1alpha1 "github.com/kluster-manager/cluster-auth/apis/authorization/v1alpha1"
 
 	corev1 "k8s.io/api/core/v1"
-	kerr "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
@@ -59,9 +58,7 @@ func ExtractServiceAccountNameAndNamespace(s string) (name, namespace string, er
 func IsNamespaceExist(kc client.Client, name string) (bool, error) {
 	var ns corev1.Namespace
 	err := kc.Get(context.Background(), types.NamespacedName{Name: name}, &ns)
-	if err != nil && kerr.IsNotFound(err) {
-		return false, nil
-	} else if err != nil {
+	if err != nil {
 		return false, err
 	}
 	return true, nil