github/open-cluster-management
1
0
Fork 0
mirror of https://github.com/open-cluster-management-io/ocm.git synced 2026-02-14 10:00:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

🐛 Fix work rolebinding cleanup when hubAcceptsClient is set to false (#1318)
Some checks failed
Scorecard supply-chain security / Scorecard analysis (push) Failing after 13s
Post / images (amd64, addon-manager) (push) Failing after 48s
Post / images (amd64, placement) (push) Failing after 1m22s
Post / images (amd64, registration) (push) Failing after 42s
Post / images (amd64, work) (push) Failing after 41s
Post / images (arm64, addon-manager) (push) Failing after 42s
Post / images (arm64, placement) (push) Failing after 41s
Post / images (arm64, registration) (push) Failing after 41s
Post / images (arm64, registration-operator) (push) Failing after 41s
Post / images (arm64, work) (push) Failing after 42s
Post / images (amd64, registration-operator) (push) Failing after 21m14s
Post / image manifest (addon-manager) (push) Has been skipped
Post / image manifest (placement) (push) Has been skipped
Post / image manifest (registration) (push) Has been skipped
Post / image manifest (registration-operator) (push) Has been skipped
Post / image manifest (work) (push) Has been skipped
Post / trigger clusteradm e2e (push) Has been skipped
Post / coverage (push) Failing after 39m11s
Close stale issues and PRs / stale (push) Successful in 50s

Browse Source 
* Fix work rolebinding cleanup when hubAcceptsClient is set to false
Signed-off-by: Erico G. Rimoli <erico.rimoli@totvs.com.br>

* Adds error handling to the removeClusterRbac call within the controller synchronization function
Signed-off-by: Erico G. Rimoli <erico.rimoli@totvs.com.br>
This commit is contained in:
Érico GR
2026-01-08 10:46:13 -03:00
committed by GitHub
parent 8e401c34a9
commit ad89f05351
2 changed files with 24 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
pkg/registration/hub/managedcluster/controller.go
View File

@@ -181,6 +181,17 @@ func (c *managedClusterController) sync(ctx context.Context, syncCtx factory.Syn
} }
} }
// Remove the cluster role binding files for registration-agent and work-agent.
err := c.removeClusterRbac(ctx, syncCtx, managedClusterName, managedCluster.Spec.HubAcceptsClient)
if errors.Is(err, requeueError) {
syncCtx.Queue().AddAfter(managedClusterName, requeueError.RequeueTime)
return nil
}
if err != nil {
errs = append(errs, err)
}
if err = c.hubDriver.Cleanup(ctx, managedCluster); err != nil { if err = c.hubDriver.Cleanup(ctx, managedCluster); err != nil {
errs = append(errs, err) errs = append(errs, err)
} }
@@ -200,13 +211,7 @@ func (c *managedClusterController) sync(ctx context.Context, syncCtx factory.Syn
return err return err
} }
// Remove the cluster role binding files for registration-agent and work-agent. return nil
err = c.removeClusterRbac(ctx, syncCtx, managedClusterName, managedCluster.Spec.HubAcceptsClient)
if errors.Is(err, requeueError) {
syncCtx.Queue().AddAfter(managedClusterName, requeueError.RequeueTime)
return nil
}
return err
} }
// TODO consider to add the managedcluster-namespace.yaml back to staticFiles, // TODO consider to add the managedcluster-namespace.yaml back to staticFiles,

26
test/integration/registration/managedcluster_accept_test.go
View File

@@ -16,6 +16,7 @@ import (
clusterv1 "open-cluster-management.io/api/cluster/v1" clusterv1 "open-cluster-management.io/api/cluster/v1"
v1 "open-cluster-management.io/api/cluster/v1" v1 "open-cluster-management.io/api/cluster/v1"
testinghelpers "open-cluster-management.io/ocm/pkg/registration/helpers/testing"
"open-cluster-management.io/ocm/pkg/registration/hub" "open-cluster-management.io/ocm/pkg/registration/hub"
) )
@@ -146,6 +147,9 @@ var _ = Describe("ManagedCluster set hubAcceptsClient from true to false", Order
return nil return nil
}, eventuallyTimeout, eventuallyInterval).Should(Succeed()) }, eventuallyTimeout, eventuallyInterval).Should(Succeed())
manifestWork := testinghelpers.NewManifestWork(managedCluster.Name, "test-work-1", []string{}, nil, nil, nil)
_, err = workClient.WorkV1().ManifestWorks(managedCluster.Name).Create(context.Background(), manifestWork, metav1.CreateOptions{})
Expect(err).NotTo(HaveOccurred())
}) })
It("should set hubAcceptsClient to false", func() { It("should set hubAcceptsClient to false", func() {
Eventually(func() error { Eventually(func() error {
@@ -219,21 +223,15 @@ var _ = Describe("ManagedCluster set hubAcceptsClient from true to false", Order
return nil return nil
}, eventuallyTimeout, eventuallyInterval).Should(Succeed()) }, eventuallyTimeout, eventuallyInterval).Should(Succeed())
Eventually(func() error { // Work rolebinding should be deleted after manifestworks are removed
err := workClient.WorkV1().ManifestWorks(managedCluster.Name).Delete(context.Background(), "test-work-1", metav1.DeleteOptions{})
Expect(err).NotTo(HaveOccurred())
Eventually(func() bool {
// Work rolebinding should be deleted // Work rolebinding should be deleted
wrb, err := kubeClient.RbacV1().RoleBindings(managedCluster.Name).Get(context.Background(), workRoleBindingName(managedCluster.Name), metav1.GetOptions{}) _, err := kubeClient.RbacV1().RoleBindings(managedCluster.Name).Get(context.Background(), workRoleBindingName(managedCluster.Name), metav1.GetOptions{})
if err == nil { return errors.IsNotFound(err)
// Here we check DeletionTimestamp because there is finalizer "cluster.open-cluster-management.io/manifest-work-cleanup" on the rolebinding. }, 3*eventuallyTimeout, eventuallyInterval).Should(BeTrue())
if wrb.DeletionTimestamp.IsZero() {
return fmt.Errorf("work rolebinding should be deleted")
}
return nil
}
if !errors.IsNotFound(err) {
return err
}
return nil
}, eventuallyTimeout, eventuallyInterval).Should(Succeed())
}) })
}) })