From 6a610a9d5197b7502e5aa7f7cf1d0493ade1b7ad Mon Sep 17 00:00:00 2001 From: Ashish Amarnath Date: Tue, 9 Jul 2024 14:20:52 -0700 Subject: [PATCH] add namespace to jwt authenticator controller Signed-off-by: Ashish Amarnath --- .../authenticator/jwtcachefiller/jwtcachefiller.go | 5 ++++- .../authenticator/jwtcachefiller/jwtcachefiller_test.go | 1 + internal/controllermanager/prepare_controllers.go | 1 + 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller.go b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller.go index fb68efc38..952d539bd 100644 --- a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller.go +++ b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller.go @@ -131,6 +131,7 @@ var _ tokenAuthenticatorCloser = (*cachedJWTAuthenticator)(nil) // New instantiates a new controllerlib.Controller which will populate the provided authncache.Cache. func New( + namespace string, cache *authncache.Cache, client conciergeclientset.Interface, jwtAuthenticators authinformers.JWTAuthenticatorInformer, @@ -148,6 +149,7 @@ func New( jwtAuthenticators: jwtAuthenticators, secretInformer: secretInformer, configMapInformer: configMapInformer, + namespace: namespace, clock: clock, log: log.WithName(controllerName), }, @@ -166,6 +168,7 @@ type jwtCacheFillerController struct { secretInformer corev1informers.SecretInformer configMapInformer corev1informers.ConfigMapInformer client conciergeclientset.Interface + namespace string clock clock.Clock log plog.Logger } @@ -210,7 +213,7 @@ func (c *jwtCacheFillerController) Sync(ctx controllerlib.Context) error { conditions := make([]*metav1.Condition, 0) var errs []error - rootCAs, conditions, tlsOk := c.validateTLSBundle(obj.Spec.TLS, obj.Namespace, conditions) + rootCAs, conditions, tlsOk := c.validateTLSBundle(obj.Spec.TLS, c.namespace, conditions) _, conditions, issuerOk := c.validateIssuer(obj.Spec.Issuer, conditions) okSoFar := tlsOk && issuerOk diff --git a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go index 3e5b9729e..0d1a3872a 100644 --- a/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go +++ b/internal/controller/authenticator/jwtcachefiller/jwtcachefiller_test.go @@ -1855,6 +1855,7 @@ func TestController(t *testing.T) { } controller := New( + "concierge", // namespace for the controller cache, pinnipedAPIClient, pinnipedInformers.Authentication().V1alpha1().JWTAuthenticators(), diff --git a/internal/controllermanager/prepare_controllers.go b/internal/controllermanager/prepare_controllers.go index 31c8b81bb..7bb059edc 100644 --- a/internal/controllermanager/prepare_controllers.go +++ b/internal/controllermanager/prepare_controllers.go @@ -247,6 +247,7 @@ func PrepareControllers(c *Config) (controllerinit.RunnerBuilder, error) { //nol ). WithController( jwtcachefiller.New( + c.ServerInstallationInfo.Namespace, c.AuthenticatorCache, client.PinnipedConcierge, informers.pinniped.Authentication().V1alpha1().JWTAuthenticators(),