зеркало из https://github.com/Azure/ARO-RP.git
Removes dependency on a versioned security client
This commit is contained in:
Mikalai Radchuk
Родитель
52758a3410
Коммит
c08a532146
|
|
@ -8,7 +8,6 @@ import (
|
|||
"flag"
|
||||
"fmt"
|
||||
|
||||
securityclient "github.com/openshift/client-go/security/clientset/versioned"
|
||||
mcoclient "github.com/openshift/machine-config-operator/pkg/generated/clientset/versioned"
|
||||
"github.com/sirupsen/logrus"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
|
|
@ -85,10 +84,6 @@ func operator(ctx context.Context, log *logrus.Entry) error {
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
securitycli, err := securityclient.NewForConfig(restConfig)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// TODO (NE): dh is sometimes passed, sometimes created later. Can we standardize?
|
||||
dh, err := dynamichelper.New(log, restConfig)
|
||||
if err != nil {
|
||||
|
|
@ -98,7 +93,7 @@ func operator(ctx context.Context, log *logrus.Entry) error {
|
|||
if role == pkgoperator.RoleMaster {
|
||||
if err = (genevalogging.NewReconciler(
|
||||
log.WithField("controller", genevalogging.ControllerName),
|
||||
client, kubernetescli, securitycli, restConfig)).SetupWithManager(mgr); err != nil {
|
||||
client, kubernetescli, restConfig)).SetupWithManager(mgr); err != nil {
|
||||
return fmt.Errorf("unable to create controller %s: %v", genevalogging.ControllerName, err)
|
||||
}
|
||||
if err = (clusteroperatoraro.NewReconciler(
|
||||
|
|
@ -123,7 +118,7 @@ func operator(ctx context.Context, log *logrus.Entry) error {
|
|||
}
|
||||
if err = (routefix.NewReconciler(
|
||||
log.WithField("controller", routefix.ControllerName),
|
||||
client, kubernetescli, securitycli, restConfig)).SetupWithManager(mgr); err != nil {
|
||||
client, kubernetescli, restConfig)).SetupWithManager(mgr); err != nil {
|
||||
return fmt.Errorf("unable to create controller %s: %v", routefix.ControllerName, err)
|
||||
}
|
||||
if err = (monitoring.NewReconciler(
|
||||
|
|
|
|||
|
|
@ -16,13 +16,15 @@ import (
|
|||
"k8s.io/apimachinery/pkg/api/resource"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
kruntime "k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
|
||||
arov1alpha1 "github.com/Azure/ARO-RP/pkg/operator/apis/aro.openshift.io/v1alpha1"
|
||||
"github.com/Azure/ARO-RP/pkg/util/version"
|
||||
)
|
||||
|
||||
func (r *Reconciler) securityContextConstraints(ctx context.Context, name, serviceAccountName string) (*securityv1.SecurityContextConstraints, error) {
|
||||
scc, err := r.securitycli.SecurityV1().SecurityContextConstraints().Get(ctx, "privileged", metav1.GetOptions{})
|
||||
scc := &securityv1.SecurityContextConstraints{}
|
||||
err := r.client.Get(ctx, types.NamespacedName{Name: "privileged"}, scc)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ import (
|
|||
"context"
|
||||
|
||||
securityv1 "github.com/openshift/api/security/v1"
|
||||
securityclient "github.com/openshift/client-go/security/clientset/versioned"
|
||||
"github.com/sirupsen/logrus"
|
||||
appsv1 "k8s.io/api/apps/v1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
|
@ -41,17 +40,15 @@ type Reconciler struct {
|
|||
log *logrus.Entry
|
||||
|
||||
kubernetescli kubernetes.Interface
|
||||
securitycli securityclient.Interface
|
||||
|
||||
restConfig *rest.Config
|
||||
|
||||
client client.Client
|
||||
}
|
||||
|
||||
func NewReconciler(log *logrus.Entry, client client.Client, kubernetescli kubernetes.Interface, securitycli securityclient.Interface, restConfig *rest.Config) *Reconciler {
|
||||
func NewReconciler(log *logrus.Entry, client client.Client, kubernetescli kubernetes.Interface, restConfig *rest.Config) *Reconciler {
|
||||
return &Reconciler{
|
||||
log: log,
|
||||
securitycli: securitycli,
|
||||
kubernetescli: kubernetescli,
|
||||
restConfig: restConfig,
|
||||
client: client,
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ import (
|
|||
"k8s.io/apimachinery/pkg/api/resource"
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
kruntime "k8s.io/apimachinery/pkg/runtime"
|
||||
"k8s.io/apimachinery/pkg/types"
|
||||
|
||||
arov1alpha1 "github.com/Azure/ARO-RP/pkg/operator/apis/aro.openshift.io/v1alpha1"
|
||||
)
|
||||
|
|
@ -69,7 +70,8 @@ fi
|
|||
)
|
||||
|
||||
func (r *Reconciler) securityContextConstraints(ctx context.Context, name, serviceAccountName string) (*securityv1.SecurityContextConstraints, error) {
|
||||
scc, err := r.securitycli.SecurityV1().SecurityContextConstraints().Get(ctx, "privileged", metav1.GetOptions{})
|
||||
scc := &securityv1.SecurityContextConstraints{}
|
||||
err := r.client.Get(ctx, types.NamespacedName{Name: "privileged"}, scc)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,7 +8,6 @@ import (
|
|||
|
||||
configv1 "github.com/openshift/api/config/v1"
|
||||
securityv1 "github.com/openshift/api/security/v1"
|
||||
securityclient "github.com/openshift/client-go/security/clientset/versioned"
|
||||
"github.com/sirupsen/logrus"
|
||||
appsv1 "k8s.io/api/apps/v1"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
|
|
@ -39,7 +38,6 @@ type Reconciler struct {
|
|||
log *logrus.Entry
|
||||
|
||||
kubernetescli kubernetes.Interface
|
||||
securitycli securityclient.Interface
|
||||
|
||||
client client.Client
|
||||
|
||||
|
|
@ -54,11 +52,10 @@ var (
|
|||
)
|
||||
|
||||
// NewReconciler creates a new Reconciler
|
||||
func NewReconciler(log *logrus.Entry, client client.Client, kubernetescli kubernetes.Interface, securitycli securityclient.Interface, restConfig *rest.Config) *Reconciler {
|
||||
func NewReconciler(log *logrus.Entry, client client.Client, kubernetescli kubernetes.Interface, restConfig *rest.Config) *Reconciler {
|
||||
return &Reconciler{
|
||||
log: log,
|
||||
kubernetescli: kubernetescli,
|
||||
securitycli: securitycli,
|
||||
client: client,
|
||||
restConfig: restConfig,
|
||||
verFixed46: verFixed46,
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче