From a187b25975b66b7a409792fa1eae5e993382d3dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Santiago=20N=C3=BA=C3=B1ez-Cacho=20Solans?= Date: Mon, 23 Nov 2020 19:54:47 +0100 Subject: [PATCH] fix: role needs permissions to deployment list --- api/v1alpha1/ratelimit_types.go | 9 --------- .../crd/bases/networking.softonic.io_ratelimits.yaml | 6 ------ config/rbac/role.yaml | 12 ++++++++++++ controllers/envoyfilterobject.go | 3 +-- controllers/ratelimit_controller.go | 1 + 5 files changed, 14 insertions(+), 17 deletions(-) diff --git a/api/v1alpha1/ratelimit_types.go b/api/v1alpha1/ratelimit_types.go index 2dcf3cf..9ef3917 100644 --- a/api/v1alpha1/ratelimit_types.go +++ b/api/v1alpha1/ratelimit_types.go @@ -86,15 +86,6 @@ type Rate struct { // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. -// RateLimitSpec defines the desired state of RateLimit -/*type RateLimitSpec struct { - // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - // Important: Run "make" to regenerate code after modifying this file - TargetRef v1.ObjectReference `json:"targetRef"` - Dimensions DimensionsList `json:"dimensions"` - WorkloadSelector map[string]string `json:"workloadselector"` -} -*/ type RateLimitSpec struct { // INSERT ADDITIONAL SPEC FIELDS - desired state of cluster // Important: Run "make" to regenerate code after modifying this file diff --git a/config/crd/bases/networking.softonic.io_ratelimits.yaml b/config/crd/bases/networking.softonic.io_ratelimits.yaml index 5880575..5d166bb 100644 --- a/config/crd/bases/networking.softonic.io_ratelimits.yaml +++ b/config/crd/bases/networking.softonic.io_ratelimits.yaml @@ -34,12 +34,6 @@ spec: metadata: type: object spec: - description: "RateLimitSpec defines the desired state of RateLimit type - RateLimitSpec struct { \t// INSERT ADDITIONAL SPEC FIELDS - desired - state of cluster \t// Important: Run \"make\" to regenerate code after - modifying this file \tTargetRef v1.ObjectReference `json:\"targetRef\"` - \tDimensions DimensionsList `json:\"dimensions\"` \tWorkloadSelector - map[string]string `json:\"workloadselector\"` }" properties: destinationCluster: type: string diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 1c51169..3ab0345 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -30,6 +30,18 @@ rules: - patch - update - watch +- apiGroups: + - apps + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch - apiGroups: - batch resources: diff --git a/controllers/envoyfilterobject.go b/controllers/envoyfilterobject.go index 9ed13a9..9a9b568 100644 --- a/controllers/envoyfilterobject.go +++ b/controllers/envoyfilterobject.go @@ -25,11 +25,10 @@ type EnvoyFilterObject struct { func (r *RateLimitReconciler) prepareUpdateEnvoyFilterObjects(rateLimitInstance networkingv1alpha1.RateLimit, baseName string, controllerNamespace string) error { - // controllerNamespace := os.Getenv("ISTIO_NAMESPACE") - istioNamespace := os.Getenv("ISTIO_NAMESPACE") + jsonActions := retrieveJsonActions(rateLimitInstance, baseName) namespace := rateLimitInstance.Spec.TargetRef.Namespace diff --git a/controllers/ratelimit_controller.go b/controllers/ratelimit_controller.go index 563831b..907b95e 100644 --- a/controllers/ratelimit_controller.go +++ b/controllers/ratelimit_controller.go @@ -60,6 +60,7 @@ type K8sObject struct { // +kubebuilder:rbac:groups=batch,resources=envoyfilters/status,verbs=get // +kubebuilder:rbac:groups=*,resources=configmaps,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete func (r *RateLimitReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { _ = context.Background()