From ece9049836b01455e95dc0fd135668c270831d7c Mon Sep 17 00:00:00 2001 From: hongming Date: Thu, 25 Apr 2019 10:29:57 +0800 Subject: [PATCH] automatically create kubeconfig Signed-off-by: hongming --- config/crds/tenant_v1alpha1_workspace.yaml | 8 ------- pkg/apis/tenant/v1alpha1/workspace_types.go | 5 +--- .../tenant/v1alpha1/zz_generated.deepcopy.go | 8 +++---- pkg/apiserver/resources/application.go | 12 ++++++---- pkg/apiserver/resources/user.go | 10 +++++++- pkg/client/clientset/versioned/clientset.go | 6 ++--- .../clientset/versioned/fake/register.go | 8 +++---- .../clientset/versioned/scheme/register.go | 8 +++---- .../v1alpha1/fake/fake_tenant_client.go | 6 ++--- .../tenant/v1alpha1/fake/fake_workspace.go | 14 +++++------ .../typed/tenant/v1alpha1/tenant_client.go | 6 ++--- .../typed/tenant/v1alpha1/workspace.go | 12 +++++----- .../informers/externalversions/factory.go | 24 +++++++++---------- .../informers/externalversions/generic.go | 8 +++---- .../externalversions/tenant/interface.go | 4 ++-- .../tenant/v1alpha1/interface.go | 2 +- .../tenant/v1alpha1/workspace.go | 16 ++++++------- .../listers/tenant/v1alpha1/workspace.go | 2 +- pkg/models/applications/applications.go | 1 + pkg/models/iam/am.go | 23 +++++++++--------- pkg/models/iam/im.go | 24 +++++++++++++++---- pkg/models/resources/jobs.go | 9 +++++++ pkg/models/resources/resources.go | 4 ++++ 23 files changed, 124 insertions(+), 96 deletions(-) diff --git a/config/crds/tenant_v1alpha1_workspace.yaml b/config/crds/tenant_v1alpha1_workspace.yaml index 7b0d6ca9..d0519ca3 100644 --- a/config/crds/tenant_v1alpha1_workspace.yaml +++ b/config/crds/tenant_v1alpha1_workspace.yaml @@ -30,16 +30,8 @@ spec: properties: manager: type: string - quotas: - type: object type: object status: - properties: - quotas: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state - of cluster Important: Run "make" to regenerate code after modifying - this file' - type: object type: object version: v1alpha1 status: diff --git a/pkg/apis/tenant/v1alpha1/workspace_types.go b/pkg/apis/tenant/v1alpha1/workspace_types.go index 1612479f..faf15e7e 100644 --- a/pkg/apis/tenant/v1alpha1/workspace_types.go +++ b/pkg/apis/tenant/v1alpha1/workspace_types.go @@ -19,7 +19,6 @@ package v1alpha1 import ( - "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -28,15 +27,13 @@ import ( // WorkspaceSpec defines the desired state of Workspace type WorkspaceSpec struct { - Manager string `json:"manager,omitempty"` - Quotas v1.ResourceQuotaSpec `json:"quotas,omitempty"` + Manager string `json:"manager,omitempty"` } // WorkspaceStatus defines the observed state of Workspace type WorkspaceStatus struct { // INSERT ADDITIONAL STATUS FIELD - define observed state of cluster // Important: Run "make" to regenerate code after modifying this file - Quotas v1.ResourceQuotaStatus `json:"quotas,omitempty"` } // +genclient diff --git a/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go index 47a5fd61..12e60b27 100644 --- a/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/tenant/v1alpha1/zz_generated.deepcopy.go @@ -21,7 +21,7 @@ limitations under the License. package v1alpha1 import ( - "k8s.io/apimachinery/pkg/runtime" + runtime "k8s.io/apimachinery/pkg/runtime" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -29,8 +29,8 @@ func (in *Workspace) DeepCopyInto(out *Workspace) { *out = *in out.TypeMeta = in.TypeMeta in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) + out.Spec = in.Spec + out.Status = in.Status return } @@ -88,7 +88,6 @@ func (in *WorkspaceList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WorkspaceSpec) DeepCopyInto(out *WorkspaceSpec) { *out = *in - in.Quotas.DeepCopyInto(&out.Quotas) return } @@ -105,7 +104,6 @@ func (in *WorkspaceSpec) DeepCopy() *WorkspaceSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *WorkspaceStatus) DeepCopyInto(out *WorkspaceStatus) { *out = *in - in.Quotas.DeepCopyInto(&out.Quotas) return } diff --git a/pkg/apiserver/resources/application.go b/pkg/apiserver/resources/application.go index 11ec96b1..f27af314 100644 --- a/pkg/apiserver/resources/application.go +++ b/pkg/apiserver/resources/application.go @@ -19,6 +19,7 @@ package resources import ( "github.com/emicklei/go-restful" + "github.com/golang/glog" "k8s.io/api/core/v1" "kubesphere.io/kubesphere/pkg/constants" "kubesphere.io/kubesphere/pkg/errors" @@ -42,6 +43,7 @@ func ApplicationHandler(req *restful.Request, resp *restful.Response) { if len(clusterId) > 0 { app, err := applications.GetApp(clusterId) if err != nil { + glog.Errorln("get application error", err) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) return } @@ -66,14 +68,13 @@ func NamespacedApplicationHandler(req *restful.Request, resp *restful.Response) clusterId := req.QueryParameter("cluster_id") conditions, err := params.ParseConditions(req.QueryParameter(params.ConditionsParam)) if err != nil { - if err != nil { - resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) - return - } + resp.WriteHeaderAndEntity(http.StatusBadRequest, errors.Wrap(err)) + return } if len(clusterId) > 0 { app, err := applications.GetApp(clusterId) if err != nil { + glog.Errorln("get app failed", err) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) return } @@ -84,6 +85,7 @@ func NamespacedApplicationHandler(req *restful.Request, resp *restful.Response) namespace, err := resources.GetResource("", resources.Namespaces, namespaceName) if err != nil { + glog.Errorln("get namespace failed", err) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) return } @@ -95,6 +97,7 @@ func NamespacedApplicationHandler(req *restful.Request, resp *restful.Response) } if runtimeId == "" { + glog.Errorln("runtime id not found") resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.New("openpitrix runtime not init")) return } @@ -102,6 +105,7 @@ func NamespacedApplicationHandler(req *restful.Request, resp *restful.Response) result, err := applications.ListApplication(runtimeId, conditions, limit, offset) if err != nil { + glog.Errorln("list applications failed", err) resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) return } diff --git a/pkg/apiserver/resources/user.go b/pkg/apiserver/resources/user.go index 8b0bef45..03b37632 100644 --- a/pkg/apiserver/resources/user.go +++ b/pkg/apiserver/resources/user.go @@ -19,6 +19,7 @@ package resources import ( "github.com/emicklei/go-restful" + k8serr "k8s.io/apimachinery/pkg/api/errors" "net/http" "kubesphere.io/kubesphere/pkg/errors" @@ -47,7 +48,14 @@ func GetKubeconfig(req *restful.Request, resp *restful.Response) { kubectlConfig, err := kubeconfig.GetKubeConfig(user) if err != nil { - resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) + if k8serr.IsNotFound(err) { + // recreate + kubeconfig.CreateKubeConfig(user) + resp.WriteHeaderAndEntity(http.StatusNotFound, errors.Wrap(err)) + } else { + resp.WriteHeaderAndEntity(http.StatusInternalServerError, errors.Wrap(err)) + } + return } diff --git a/pkg/client/clientset/versioned/clientset.go b/pkg/client/clientset/versioned/clientset.go index 7a7c8cde..70342b04 100644 --- a/pkg/client/clientset/versioned/clientset.go +++ b/pkg/client/clientset/versioned/clientset.go @@ -19,9 +19,9 @@ limitations under the License. package versioned import ( - "k8s.io/client-go/discovery" - "k8s.io/client-go/rest" - "k8s.io/client-go/util/flowcontrol" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/servicemesh/v1alpha2" tenantv1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tenant/v1alpha1" ) diff --git a/pkg/client/clientset/versioned/fake/register.go b/pkg/client/clientset/versioned/fake/register.go index 658e7f6f..2698edce 100644 --- a/pkg/client/clientset/versioned/fake/register.go +++ b/pkg/client/clientset/versioned/fake/register.go @@ -19,10 +19,10 @@ limitations under the License. package fake import ( - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/runtime/serializer" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" utilruntime "k8s.io/apimachinery/pkg/util/runtime" servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2" tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" diff --git a/pkg/client/clientset/versioned/scheme/register.go b/pkg/client/clientset/versioned/scheme/register.go index 7cbb08ed..5d3335af 100644 --- a/pkg/client/clientset/versioned/scheme/register.go +++ b/pkg/client/clientset/versioned/scheme/register.go @@ -19,10 +19,10 @@ limitations under the License. package scheme import ( - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/runtime/serializer" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" utilruntime "k8s.io/apimachinery/pkg/util/runtime" servicemeshv1alpha2 "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2" tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go index 915c4f8d..d0342008 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_tenant_client.go @@ -19,9 +19,9 @@ limitations under the License. package fake import ( - "k8s.io/client-go/rest" - "k8s.io/client-go/testing" - "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tenant/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" + v1alpha1 "kubesphere.io/kubesphere/pkg/client/clientset/versioned/typed/tenant/v1alpha1" ) type FakeTenantV1alpha1 struct { diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go index 19b5c2a4..8fa605f1 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/fake/fake_workspace.go @@ -19,13 +19,13 @@ limitations under the License. package fake import ( - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/testing" - "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" + v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" ) // FakeWorkspaces implements WorkspaceInterface diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go index 1061b8fb..a58e5cc8 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/tenant_client.go @@ -19,9 +19,9 @@ limitations under the License. package v1alpha1 import ( - "k8s.io/apimachinery/pkg/runtime/serializer" - "k8s.io/client-go/rest" - "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + rest "k8s.io/client-go/rest" + v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" "kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme" ) diff --git a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go index 21e1ebcf..4c5722c4 100644 --- a/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go +++ b/pkg/client/clientset/versioned/typed/tenant/v1alpha1/workspace.go @@ -21,12 +21,12 @@ package v1alpha1 import ( "time" - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/types" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/rest" - "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" - "kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" + v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" + scheme "kubesphere.io/kubesphere/pkg/client/clientset/versioned/scheme" ) // WorkspacesGetter has a method to return a WorkspaceInterface. diff --git a/pkg/client/informers/externalversions/factory.go b/pkg/client/informers/externalversions/factory.go index d54429d6..200efe44 100644 --- a/pkg/client/informers/externalversions/factory.go +++ b/pkg/client/informers/externalversions/factory.go @@ -19,18 +19,18 @@ limitations under the License. package externalversions import ( - "reflect" - "sync" - "time" - - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/tools/cache" - "kubesphere.io/kubesphere/pkg/client/clientset/versioned" - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/servicemesh" - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tenant" + reflect "reflect" + sync "sync" + time "time" + + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" + versioned "kubesphere.io/kubesphere/pkg/client/clientset/versioned" + internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" + servicemesh "kubesphere.io/kubesphere/pkg/client/informers/externalversions/servicemesh" + tenant "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tenant" ) // SharedInformerOption defines the functional option type for SharedInformerFactory. diff --git a/pkg/client/informers/externalversions/generic.go b/pkg/client/informers/externalversions/generic.go index 16980838..ab24560f 100644 --- a/pkg/client/informers/externalversions/generic.go +++ b/pkg/client/informers/externalversions/generic.go @@ -21,10 +21,10 @@ package externalversions import ( "fmt" - "k8s.io/apimachinery/pkg/runtime/schema" - "k8s.io/client-go/tools/cache" - "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2" - "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" + v1alpha2 "kubesphere.io/kubesphere/pkg/apis/servicemesh/v1alpha2" + v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" ) // GenericInformer is type of SharedIndexInformer which will locate and delegate to other diff --git a/pkg/client/informers/externalversions/tenant/interface.go b/pkg/client/informers/externalversions/tenant/interface.go index 0fde9592..b797c763 100644 --- a/pkg/client/informers/externalversions/tenant/interface.go +++ b/pkg/client/informers/externalversions/tenant/interface.go @@ -19,8 +19,8 @@ limitations under the License. package tenant import ( - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tenant/v1alpha1" + internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "kubesphere.io/kubesphere/pkg/client/informers/externalversions/tenant/v1alpha1" ) // Interface provides access to each of this group's versions. diff --git a/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go b/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go index 6a2e2d37..53f3a7a2 100644 --- a/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go +++ b/pkg/client/informers/externalversions/tenant/v1alpha1/interface.go @@ -19,7 +19,7 @@ limitations under the License. package v1alpha1 import ( - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" + internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go b/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go index d038faed..13452c96 100644 --- a/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go +++ b/pkg/client/informers/externalversions/tenant/v1alpha1/workspace.go @@ -19,16 +19,16 @@ limitations under the License. package v1alpha1 import ( - "time" + time "time" - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/watch" - "k8s.io/client-go/tools/cache" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" tenantv1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" - "kubesphere.io/kubesphere/pkg/client/clientset/versioned" - "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" - "kubesphere.io/kubesphere/pkg/client/listers/tenant/v1alpha1" + versioned "kubesphere.io/kubesphere/pkg/client/clientset/versioned" + internalinterfaces "kubesphere.io/kubesphere/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "kubesphere.io/kubesphere/pkg/client/listers/tenant/v1alpha1" ) // WorkspaceInformer provides access to a shared informer and lister for diff --git a/pkg/client/listers/tenant/v1alpha1/workspace.go b/pkg/client/listers/tenant/v1alpha1/workspace.go index 42cd6428..1369888c 100644 --- a/pkg/client/listers/tenant/v1alpha1/workspace.go +++ b/pkg/client/listers/tenant/v1alpha1/workspace.go @@ -22,7 +22,7 @@ import ( "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" - "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" + v1alpha1 "kubesphere.io/kubesphere/pkg/apis/tenant/v1alpha1" ) // WorkspaceLister helps list Workspaces. diff --git a/pkg/models/applications/applications.go b/pkg/models/applications/applications.go index 7e6313f1..93372b23 100644 --- a/pkg/models/applications/applications.go +++ b/pkg/models/applications/applications.go @@ -96,6 +96,7 @@ func GetApp(clusterId string) (*Application, error) { item, err := openpitrix.GetCluster(clusterId) if err != nil { + glog.Error(err) return nil, err } diff --git a/pkg/models/iam/am.go b/pkg/models/iam/am.go index d89aac0f..aef40bd5 100644 --- a/pkg/models/iam/am.go +++ b/pkg/models/iam/am.go @@ -30,7 +30,6 @@ import ( "kubesphere.io/kubesphere/pkg/informers" "kubesphere.io/kubesphere/pkg/models" "kubesphere.io/kubesphere/pkg/models/iam/policy" - "kubesphere.io/kubesphere/pkg/models/kubeconfig" "kubesphere.io/kubesphere/pkg/models/kubectl" "kubesphere.io/kubesphere/pkg/models/resources" "kubesphere.io/kubesphere/pkg/params" @@ -39,6 +38,7 @@ import ( "kubesphere.io/kubesphere/pkg/utils/sliceutil" "sort" "strings" + "time" ) const ( @@ -643,9 +643,6 @@ func CreateClusterRoleBinding(username string, clusterRoleName string) error { glog.Errorln("create cluster role binding", err) return err } - if err := kubeconfig.CreateKubeConfig(username); err != nil { - glog.Errorln("create user kubeconfig failed", username, err) - } if clusterRoleName == constants.ClusterAdmin { if err := kubectl.CreateKubectlDeploy(username); err != nil { glog.Errorln("create user terminal pod failed", username, err) @@ -667,17 +664,21 @@ func CreateClusterRoleBinding(username string, clusterRoleName string) error { return err } if found.RoleRef.Name == constants.ClusterAdmin { - if err := kubeconfig.DelKubeConfig(username); err != nil { - glog.Error("delete user kubeconfig failed", username, err) - } if err := kubectl.DelKubectlDeploy(username); err != nil { glog.Error("delete user terminal pod failed", username, err) } } - _, err = k8s.Client().RbacV1().ClusterRoleBindings().Create(clusterRoleBinding) - if err != nil { - glog.Errorln("create cluster role binding", err) - return err + maxRetries := 3 + for i := 0; i < maxRetries; i++ { + _, err = k8s.Client().RbacV1().ClusterRoleBindings().Create(clusterRoleBinding) + if apierrors.IsAlreadyExists(err) { + time.Sleep(300 * time.Millisecond) + continue + } + if err != nil { + glog.Errorln("create cluster role binding", err) + return err + } } return nil } diff --git a/pkg/models/iam/im.go b/pkg/models/iam/im.go index 2d9f7c7f..f0be92b0 100644 --- a/pkg/models/iam/im.go +++ b/pkg/models/iam/im.go @@ -24,6 +24,8 @@ import ( "io/ioutil" "kubesphere.io/kubesphere/pkg/constants" "kubesphere.io/kubesphere/pkg/informers" + "kubesphere.io/kubesphere/pkg/models/kubeconfig" + "kubesphere.io/kubesphere/pkg/models/kubectl" "kubesphere.io/kubesphere/pkg/params" "kubesphere.io/kubesphere/pkg/simple/client/k8s" "kubesphere.io/kubesphere/pkg/simple/client/redis" @@ -499,16 +501,24 @@ func DeleteUser(username string) error { deleteRequest := ldap.NewDelRequest(fmt.Sprintf("uid=%s,%s", username, ldapclient.UserSearchBase), nil) - err = conn.Del(deleteRequest) - - if err != nil { + if err = conn.Del(deleteRequest); err != nil { glog.Errorln("delete user", err) return err } - err = deleteRoleBindings(username) + if err = deleteRoleBindings(username); err != nil { + glog.Errorln("delete user role bindings failed", username, err) + } + + if err := kubeconfig.DelKubeConfig(username); err != nil { + glog.Errorln("delete user kubeconfig failed", username, err) + } - return err + if err := kubectl.DelKubectlDeploy(username); err != nil { + glog.Errorln("delete user terminal pod failed", username, err) + } + + return nil } func deleteRoleBindings(username string) error { @@ -686,6 +696,10 @@ func CreateUser(user *models.User) (*models.User, error) { setAvatar(user.Username, user.AvatarUrl) } + if err := kubeconfig.CreateKubeConfig(user.Username); err != nil { + glog.Errorln("create user kubeconfig failed", user.Username, err) + } + if user.ClusterRole != "" { err := CreateClusterRoleBinding(user.Username, user.ClusterRole) diff --git a/pkg/models/resources/jobs.go b/pkg/models/resources/jobs.go index a8e60e8b..d4578fe6 100644 --- a/pkg/models/resources/jobs.go +++ b/pkg/models/resources/jobs.go @@ -21,6 +21,7 @@ import ( "kubesphere.io/kubesphere/pkg/constants" "kubesphere.io/kubesphere/pkg/informers" "kubesphere.io/kubesphere/pkg/params" + "kubesphere.io/kubesphere/pkg/utils/k8sutil" "kubesphere.io/kubesphere/pkg/utils/sliceutil" "sort" "strings" @@ -60,6 +61,14 @@ func (*jobSearcher) match(match map[string]string, item *batchv1.Job) bool { if jobStatus(item) != v { return false } + case includeCronJob: + if v == "false" && k8sutil.IsControlledBy(item.OwnerReferences, cronJobKind, "") { + return false + } + case includeS2iRun: + if v == "false" && k8sutil.IsControlledBy(item.OwnerReferences, s2iRunKind, "") { + return false + } case Name: names := strings.Split(v, "|") if !sliceutil.HasString(names, item.Name) { diff --git a/pkg/models/resources/resources.go b/pkg/models/resources/resources.go index c469d8d2..528462f1 100644 --- a/pkg/models/resources/resources.go +++ b/pkg/models/resources/resources.go @@ -68,6 +68,10 @@ const ( annotation = "annotation" Keyword = "keyword" status = "status" + includeCronJob = "includeCronJob" + cronJobKind = "CronJob" + s2iRunKind = "S2iRun" + includeS2iRun = "includeS2iRun" running = "running" paused = "paused" updating = "updating" -- GitLab