From cc7a5cdd96981c285669ea912148b1be75b622b3 Mon Sep 17 00:00:00 2001 From: Ohki Nozomu <114966641+aii-nozomu-oki@users.noreply.github.com> Date: Tue, 14 Feb 2023 22:40:55 +0900 Subject: [PATCH] Remove anonymous check from managedClusterCreatingController sync (#299) Signed-off-by: aii-nozomu-oki --- pkg/spoke/managedcluster/creating_controller.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/pkg/spoke/managedcluster/creating_controller.go b/pkg/spoke/managedcluster/creating_controller.go index a6d79661f..29010907d 100644 --- a/pkg/spoke/managedcluster/creating_controller.go +++ b/pkg/spoke/managedcluster/creating_controller.go @@ -3,7 +3,6 @@ package managedcluster import ( "context" "fmt" - "strings" "time" clientset "open-cluster-management.io/api/client/cluster/clientset/versioned" @@ -17,9 +16,6 @@ import ( "k8s.io/klog/v2" ) -// well-known anonymous user -const anonymous = "system:anonymous" - var ( // CreatingControllerSyncInterval is exposed so that integration tests can crank up the controller sync speed. CreatingControllerSyncInterval = 60 * time.Minute @@ -54,7 +50,8 @@ func NewManagedClusterCreatingController( func (c *managedClusterCreatingController) sync(ctx context.Context, syncCtx factory.SyncContext) error { existingCluster, err := c.hubClusterClient.ClusterV1().ManagedClusters().Get(ctx, c.clusterName, metav1.GetOptions{}) - if err != nil && skipUnauthorizedError(err) == nil && strings.Contains(err.Error(), anonymous) { + // ManagedCluster is only allowed created during bootstrap. After bootstrap secret expired, an unauthorized error will be got, output log at the debug level + if err != nil && skipUnauthorizedError(err) == nil { klog.V(4).Infof("unable to get the managed cluster %q from hub: %v", c.clusterName, err) return nil }