From 7c791e749fc377f9d96994a198b8ef3b4e893980 Mon Sep 17 00:00:00 2001 From: Philip Laine Date: Thu, 23 May 2024 17:05:19 +0200 Subject: [PATCH] refactor: remove use of k8s serivce account --- src/pkg/cluster/state.go | 24 ++++++++++++++- src/pkg/k8s/sa.go | 64 ---------------------------------------- 2 files changed, 23 insertions(+), 65 deletions(-) delete mode 100644 src/pkg/k8s/sa.go diff --git a/src/pkg/cluster/state.go b/src/pkg/cluster/state.go index 39efa83008..83af027217 100644 --- a/src/pkg/cluster/state.go +++ b/src/pkg/cluster/state.go @@ -13,6 +13,7 @@ import ( "github.com/fatih/color" corev1 "k8s.io/api/core/v1" + kerrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/defenseunicorns/pkg/helpers" @@ -115,7 +116,28 @@ func (c *Cluster) InitZarfState(ctx context.Context, initOptions types.ZarfInitO // The default SA is required for pods to start properly. saCtx, cancel := context.WithTimeout(ctx, 2*time.Minute) defer cancel() - if _, err := c.WaitForServiceAccount(saCtx, ZarfNamespaceName, "default"); err != nil { + err = func(ctx context.Context, ns, name string) error { + timer := time.NewTimer(0) + defer timer.Stop() + for { + select { + case <-ctx.Done(): + return fmt.Errorf("failed to get service account %s/%s: %w", ns, name, ctx.Err()) + case <-timer.C: + _, err := c.Clientset.CoreV1().ServiceAccounts(ns).Get(ctx, name, metav1.GetOptions{}) + if err != nil && !kerrors.IsNotFound(err) { + return err + } + if kerrors.IsNotFound(err) { + c.Log("Service account %s/%s not found, retrying...", ns, name) + timer.Reset(1 * time.Second) + continue + } + return nil + } + } + }(saCtx, ZarfNamespaceName, "default") + if err != nil { return fmt.Errorf("unable get default Zarf service account: %w", err) } diff --git a/src/pkg/k8s/sa.go b/src/pkg/k8s/sa.go deleted file mode 100644 index 38b7624130..0000000000 --- a/src/pkg/k8s/sa.go +++ /dev/null @@ -1,64 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 -// SPDX-FileCopyrightText: 2021-Present The Zarf Authors - -// Package k8s provides a client for interacting with a Kubernetes cluster. -package k8s - -import ( - "context" - "fmt" - "time" - - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/errors" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -// GetAllServiceAccounts returns a list of services accounts for all namespaces. -func (k *K8s) GetAllServiceAccounts(ctx context.Context) (*corev1.ServiceAccountList, error) { - return k.GetServiceAccounts(ctx, corev1.NamespaceAll) -} - -// GetServiceAccounts returns a list of service accounts in a given namespace. -func (k *K8s) GetServiceAccounts(ctx context.Context, namespace string) (*corev1.ServiceAccountList, error) { - metaOptions := metav1.ListOptions{} - return k.Clientset.CoreV1().ServiceAccounts(namespace).List(ctx, metaOptions) -} - -// GetServiceAccount returns a single service account by namespace and name. -func (k *K8s) GetServiceAccount(ctx context.Context, namespace, name string) (*corev1.ServiceAccount, error) { - metaOptions := metav1.GetOptions{} - return k.Clientset.CoreV1().ServiceAccounts(namespace).Get(ctx, name, metaOptions) -} - -// UpdateServiceAccount updates the given service account in the cluster. -func (k *K8s) UpdateServiceAccount(ctx context.Context, svcAccount *corev1.ServiceAccount) (*corev1.ServiceAccount, error) { - metaOptions := metav1.UpdateOptions{} - return k.Clientset.CoreV1().ServiceAccounts(svcAccount.Namespace).Update(ctx, svcAccount, metaOptions) -} - -// WaitForServiceAccount waits for a service account to be created in the cluster. -func (k *K8s) WaitForServiceAccount(ctx context.Context, ns, name string) (*corev1.ServiceAccount, error) { - timer := time.NewTimer(0) - defer timer.Stop() - - for { - select { - case <-ctx.Done(): - return nil, fmt.Errorf("failed to get service account %s/%s: %w", ns, name, ctx.Err()) - case <-timer.C: - sa, err := k.Clientset.CoreV1().ServiceAccounts(ns).Get(ctx, name, metav1.GetOptions{}) - if err == nil { - return sa, nil - } - - if errors.IsNotFound(err) { - k.Log("Service account %s/%s not found, retrying...", ns, name) - } else { - return nil, fmt.Errorf("error getting service account %s/%s: %w", ns, name, err) - } - - timer.Reset(1 * time.Second) - } - } -}