This is an automated email from the ASF dual-hosted git repository. astefanutti pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/camel-k.git
commit 67d653da789b1590984817707ff973bf3f139b78 Author: Antonin Stefanutti <anto...@stefanutti.fr> AuthorDate: Thu Oct 7 17:55:18 2021 +0200 chore: Watch for Knative Services conditionally --- .../integration/integration_controller.go | 35 ++++++++++++++++------ pkg/util/kubernetes/discovery.go | 5 ++-- pkg/util/kubernetes/permission.go | 5 ++-- 3 files changed, 30 insertions(+), 15 deletions(-) diff --git a/pkg/controller/integration/integration_controller.go b/pkg/controller/integration/integration_controller.go index 3872828..2501740 100644 --- a/pkg/controller/integration/integration_controller.go +++ b/pkg/controller/integration/integration_controller.go @@ -19,6 +19,8 @@ package integration import ( "context" + "reflect" + "time" appsv1 "k8s.io/api/apps/v1" batchv1beta1 "k8s.io/api/batch/v1beta1" @@ -38,6 +40,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/reconcile" "sigs.k8s.io/controller-runtime/pkg/source" + "knative.dev/serving/pkg/apis/serving" servingv1 "knative.dev/serving/pkg/apis/serving/v1" v1 "github.com/apache/camel-k/pkg/apis/camel/v1" @@ -45,6 +48,7 @@ import ( camelevent "github.com/apache/camel-k/pkg/event" "github.com/apache/camel-k/pkg/platform" "github.com/apache/camel-k/pkg/util/digest" + "github.com/apache/camel-k/pkg/util/kubernetes" "github.com/apache/camel-k/pkg/util/log" "github.com/apache/camel-k/pkg/util/monitoring" ) @@ -54,7 +58,7 @@ func Add(mgr manager.Manager) error { if err != nil { return err } - return add(mgr, newReconciler(mgr, c)) + return add(mgr, c, newReconciler(mgr, c)) } func newReconciler(mgr manager.Manager, c client.Client) reconcile.Reconciler { @@ -72,8 +76,8 @@ func newReconciler(mgr manager.Manager, c client.Client) reconcile.Reconciler { ) } -func add(mgr manager.Manager, r reconcile.Reconciler) error { - return builder.ControllerManagedBy(mgr). +func add(mgr manager.Manager, c client.Client, r reconcile.Reconciler) error { + b := builder.ControllerManagedBy(mgr). Named("integration-controller"). // Watch for changes to primary resource Integration For(&v1.Integration{}, builder.WithPredicates( @@ -110,7 +114,7 @@ func add(mgr manager.Manager, r reconcile.Reconciler) error { if !platform.IsCurrentOperatorGlobal() { opts = append(opts, ctrl.InNamespace(kit.Namespace)) } - if err := mgr.GetClient().List(context.Background(), list, opts...); err != nil { + if err := c.List(context.Background(), list, opts...); err != nil { log.Error(err, "Failed to retrieve integration list") return requests } @@ -152,7 +156,7 @@ func add(mgr manager.Manager, r reconcile.Reconciler) error { opts = append(opts, ctrl.InNamespace(p.Namespace)) } - if err := mgr.GetClient().List(context.Background(), list, opts...); err != nil { + if err := c.List(context.Background(), list, opts...); err != nil { log.Error(err, "Failed to list integrations") return requests } @@ -174,8 +178,6 @@ func add(mgr manager.Manager, r reconcile.Reconciler) error { })). // Watch for the owned Deployments Owns(&appsv1.Deployment{}). - // Watch for the owned Knative Services - Owns(&servingv1.Service{}). // Watch for the owned CronJobs Owns(&batchv1beta1.CronJob{}). // Watch for the Integration Pods @@ -190,8 +192,23 @@ func add(mgr manager.Manager, r reconcile.Reconciler) error { }, }, } - })). - Complete(r) + })) + + // Watch for the owned Knative Services conditionally + if ok, err := kubernetes.IsAPIResourceInstalled(c, servingv1.SchemeGroupVersion.String(), reflect.TypeOf(servingv1.Service{}).Name()); err != nil { + return err + } else if ok { + // Check for permission to watch the ConsoleCLIDownload resource + ctx, cancel := context.WithTimeout(context.Background(), time.Minute) + defer cancel() + if ok, err = kubernetes.CheckPermission(ctx, c, serving.GroupName, "services", platform.GetOperatorWatchNamespace(), "", "watch"); err != nil { + return err + } else if ok { + b.Owns(&servingv1.Service{}) + } + } + + return b.Complete(r) } var _ reconcile.Reconciler = &reconcileIntegration{} diff --git a/pkg/util/kubernetes/discovery.go b/pkg/util/kubernetes/discovery.go index 4f90696..ab24ad2 100644 --- a/pkg/util/kubernetes/discovery.go +++ b/pkg/util/kubernetes/discovery.go @@ -19,10 +19,9 @@ package kubernetes import ( "k8s.io/apimachinery/pkg/api/errors" - - "github.com/apache/camel-k/pkg/client" + "k8s.io/client-go/kubernetes" ) -func IsAPIResourceInstalled(c client.Client, groupVersion string, kind string) (bool, error) { +func IsAPIResourceInstalled(c kubernetes.Interface, groupVersion string, kind string) (bool, error) { resources, err := c.Discovery().ServerResourcesForGroupVersion(groupVersion) if err != nil { if errors.IsNotFound(err) { diff --git a/pkg/util/kubernetes/permission.go b/pkg/util/kubernetes/permission.go index 3208ead..9c0bccf 100644 --- a/pkg/util/kubernetes/permission.go +++ b/pkg/util/kubernetes/permission.go @@ -23,8 +23,7 @@ import ( authorizationv1 "k8s.io/api/authorization/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - - "github.com/apache/camel-k/pkg/client" + "k8s.io/client-go/kubernetes" ) // CheckPermission can be used to check if the current user/service-account is allowed to execute a given operation @@ -32,7 +31,7 @@ import ( // E.g. checkPermission(client, olmv1alpha1.GroupName, "clusterserviceversions", namespace, "camel-k", "get") // // nolint:unparam -func CheckPermission(ctx context.Context, client client.Client, group, resource, namespace, name, verb string) (bool, error) { +func CheckPermission(ctx context.Context, client kubernetes.Interface, group, resource, namespace, name, verb string) (bool, error) { sarReview := &authorizationv1.SelfSubjectAccessReview{ Spec: authorizationv1.SelfSubjectAccessReviewSpec{ ResourceAttributes: &authorizationv1.ResourceAttributes{