Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(watch): enqueue CR when target namespace is deleted #950

Merged
merged 3 commits into from
Sep 13, 2024
Merged

fix(watch): enqueue CR when target namespace is deleted #950

merged 3 commits into from
Sep 13, 2024

Conversation

ebaron
Copy link
Member

@ebaron ebaron commented Sep 12, 2024

Welcome to Cryostat! 👋

Before contributing, make sure you have:

  • Read the contributing guidelines
  • Linked a relevant issue which this PR resolves
  • Linked any other relevant issues, PR's, or documentation, if any
  • Resolved all conflicts, if any
  • Rebased your branch PR on top of the latest upstream main branch
  • Attached at least one of the following labels to the PR: [chore, ci, docs, feat, fix, test]
  • Signed all commits: git commit -S -m "YOUR_COMMIT_MESSAGE"

Fixes: #941

Description of the change:

  • Adds labels to role bindings and secrets created by the operator in target namespaces. These labels identify the name and namespace of the CR responsible for them
  • Adds a custom controller watch that filters role bindings and secrets by those labels, and enqueues the identified CR
  • Adds a testable wrapper around the controller builder, with a fake implementation for tests.
  • Adds tests for each controller watch in the SetupWithManager method.

Motivation for the change:

  • Allows the operator to watch and respond to deletion of those target namespace objects, or the namespace itself. In the case where the object was deleted, the controller will recreate the deleted object. In the case that the target namespace was deleted, the controller will requeue with an error until either the namespace is recreated, or it is removed from the CR spec.
  • Improves test coverage for controller watches, which has been missing.

How to manually test:

  1. Create a multi-namespace Cryostat CR
    a. Delete a role binding and/or secret within the target namespace.
    b. Observe the operator recreating the deleted object.
  2. Delete the entire target namespace
    a. The operator should fail to reconcile the CR
    b. Recreate the namespace
    c. The operator should successfully reconcile, and recreate the missing objects
  3. Delete the entire target namespace again
    a. The operator should fail to reconcile the CR
    b. Remove the deleted namespace from the CR's spec
    c. The operator should successfully reconcile

@ebaron ebaron added the fix label Sep 12, 2024
@ebaron ebaron requested a review from a team September 12, 2024 21:27
@mergify mergify bot added the safe-to-test label Sep 12, 2024
@ebaron
Copy link
Member Author

ebaron commented Sep 13, 2024

/build_test

@github-actions GitHub Actions
Copy link

/build_test : At least one test failed ❌.
View Actions Run.

@ebaron
Copy link
Member Author

ebaron commented Sep 13, 2024

/build_test : At least one test failed ❌. View Actions Run.

Looks like a timeout, going to try again

@ebaron
Copy link
Member Author

ebaron commented Sep 13, 2024

/build_test

@github-actions GitHub Actions
Copy link

/build_test completed successfully ✅.
View Actions Run.

@ebaron ebaron merged commit 1bdfc3e into cryostatio:main Sep 13, 2024
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewazores andrewazores andrewazores approved these changes

Assignees
No one assigned
Labels
fix safe-to-test
Projects
4.0.0 release
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Story] Operator should handle target namespace deletion
2 participants
@ebaron @andrewazores