Merge pull request apache#114 from claudio4j/fix_knative_evwebhook

fix(knative): Skip warn if rolebinding already exists and other fixes
claudio4j · Aug 19, 2022 · 9c839c0 · 9c839c0
2 parents bd82c9d + 047c192
commit 9c839c0
Show file tree

Hide file tree

Showing 7 changed files with 17 additions and 15 deletions.
diff --git a/config/rbac/operator-role-binding-knative-eventing-webhook.yaml b/config/rbac/operator-role-binding-knative-eventing-webhook.yaml
@@ -17,7 +17,7 @@
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: camel-k-operator-knative-eventing
+  name: camel-k-operator-knative-eventing-webhook
   namespace: knative-eventing
   labels:
     app: "camel-k"
@@ -27,5 +27,5 @@ subjects:
     namespace: placeholder
 roleRef:
   kind: Role
-  name: camel-k-operator-knative-eventing
+  name: camel-k-operator-knative-eventing-webhook
   apiGroup: rbac.authorization.k8s.io
diff --git a/config/rbac/operator-role-knative-eventing-webhook.yaml b/config/rbac/operator-role-knative-eventing-webhook.yaml
@@ -21,7 +21,7 @@ kind: Role
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
   namespace: knative-eventing
-  name: camel-k-operator-knative-eventing
+  name: camel-k-operator-knative-eventing-webhook
   labels:
     app: "camel-k"
 rules:

diff --git a/config/rbac/operator-role.yaml b/config/rbac/operator-role.yaml
@@ -110,6 +110,7 @@ rules:
   resources:
   - roles
   - rolebindings
+  - clusterrolebindings
   verbs:
   - create
   - delete

diff --git a/pkg/install/knative.go b/pkg/install/knative.go
@@ -48,6 +48,7 @@ func BindKnativeAddressableResolverClusterRole(ctx context.Context, c kubernetes
 
 func applyAddressableResolverRoleBinding(ctx context.Context, c kubernetes.Interface, namespace string, operatorNamespace string) error {
 	rb := rbacv1ac.RoleBinding(fmt.Sprintf("%s-addressable-resolver", serviceAccountName), namespace).
+		WithLabels(map[string]string{"app": "camel-k"}).
 		WithSubjects(
 			rbacv1ac.Subject().
 				WithKind("ServiceAccount").
@@ -59,7 +60,6 @@ func applyAddressableResolverRoleBinding(ctx context.Context, c kubernetes.Inter
 			WithKind("ClusterRole").
 			WithName(knativeAddressableResolverClusterRoleName))
 
-	rb.WithLabels(map[string]string{"app":"camel-k"})
 	_, err := c.RbacV1().RoleBindings(namespace).
 		Apply(ctx, rb, metav1.ApplyOptions{FieldManager: serviceAccountName, Force: true})
 
@@ -68,6 +68,7 @@ func applyAddressableResolverRoleBinding(ctx context.Context, c kubernetes.Inter
 
 func applyAddressableResolverClusterRoleBinding(ctx context.Context, c kubernetes.Interface, operatorNamespace string) error {
 	crb := rbacv1ac.ClusterRoleBinding(fmt.Sprintf("%s-addressable-resolver", serviceAccountName)).
+		WithLabels(map[string]string{"app": "camel-k"}).
 		WithSubjects(
 			rbacv1ac.Subject().
 				WithKind("ServiceAccount").
@@ -79,7 +80,6 @@ func applyAddressableResolverClusterRoleBinding(ctx context.Context, c kubernete
 			WithKind("ClusterRole").
 			WithName(knativeAddressableResolverClusterRoleName))
 
-	crb.WithLabels(map[string]string{"app":"camel-k"})
 	_, err := c.RbacV1().ClusterRoleBindings().
 		Apply(ctx, crb, metav1.ApplyOptions{FieldManager: serviceAccountName, Force: true})
 

diff --git a/pkg/install/operator.go b/pkg/install/operator.go
@@ -251,7 +251,9 @@ func OperatorOrCollect(ctx context.Context, c client.Client, cfg OperatorConfigu
 			return err
 		}
 		if err = installNamespacedRoleBinding(ctx, c, collection, cfg.Namespace, "/rbac/operator-role-binding-knative-eventing-webhook.yaml"); err != nil {
-			fmt.Printf("Warning: the operator won't be able to detect Knative settings from knative-eventing namespace. Error: %s\n", errors.Cause(err))
+			if !k8serrors.IsAlreadyExists(err) {
+				fmt.Printf("Warning: the operator won't be able to detect Knative settings from knative-eventing namespace. Error: %s\n", errors.Cause(err))
+			}
 		}
 		if err := installClusterRoleBinding(ctx, c, collection, cfg.Namespace, "camel-k-operator-bind-addressable-resolver", "/rbac/operator-cluster-role-binding-addressable-resolver.yaml"); err != nil {
 			if k8serrors.IsForbidden(err) {
@@ -362,7 +364,6 @@ func installNamespacedRoleBinding(ctx context.Context, c client.Client, collecti
 	return c.Create(ctx, target)
 }
 
-
 func installClusterRoleBinding(ctx context.Context, c client.Client, collection *kubernetes.Collection, namespace string, name string, path string) error {
 	var target *rbacv1.ClusterRoleBinding
 	existing, err := c.RbacV1().ClusterRoleBindings().Get(ctx, name, metav1.GetOptions{})
@@ -399,7 +400,7 @@ func installClusterRoleBinding(ctx context.Context, c client.Client, collection
 				bound = true
 
 				break
-			} else if subject.Namespace == "" {
+			} else if subject.Namespace == "" || subject.Namespace == "placeholder" {
 				target.Subjects[i].Namespace = namespace
 				bound = true
 

diff --git a/pkg/resources/resources.go b/pkg/resources/resources.go
diff --git a/script/Makefile b/script/Makefile
@@ -17,7 +17,7 @@ VERSIONFILE := pkg/util/defaults/defaults.go
 VERSION ?= 1.8.0
 LAST_RELEASED_IMAGE_NAME := red-hat-camel-k-operator
 LAST_RELEASED_VERSION := 1.6.7
-RUNTIME_VERSION ?= 1.8.0
+RUNTIME_VERSION ?= 1.12.0
 RHI_VERSION := 2022.Q3
 BUILDAH_VERSION := 1.14.0
 KANIKO_VERSION := 0.17.1
-Original file line number
+Diff line change
@@ Expand Up / @@ -110,6 +110,7 @@ rules: @@
       resources:
       - roles
       - rolebindings
+      - clusterrolebindings
       verbs:
       - create
       - delete
@@ Expand Down @@