mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-31 03:45:17 +00:00
properly handle errors in generate controller
This commit is contained in:
Shuting Zhao
parent
f3e6e597cd
commit
6a062523a4
5 changed files with 30 additions and 20 deletions
|
|
@ -42,14 +42,11 @@ func ownerResourceExists(log logr.Logger, client *dclient.Client, gr kyverno.Gen
|
||||||
func deleteGeneratedResources(log logr.Logger, client *dclient.Client, gr kyverno.GenerateRequest) error {
|
func deleteGeneratedResources(log logr.Logger, client *dclient.Client, gr kyverno.GenerateRequest) error {
|
||||||
for _, genResource := range gr.Status.GeneratedResources {
|
for _, genResource := range gr.Status.GeneratedResources {
|
||||||
err := client.DeleteResource("", genResource.Kind, genResource.Namespace, genResource.Name, false)
|
err := client.DeleteResource("", genResource.Kind, genResource.Namespace, genResource.Name, false)
|
||||||
if apierrors.IsNotFound(err) {
|
if err != nil && !apierrors.IsNotFound(err) {
|
||||||
log.Error(err, "resource not found will not delete", "genKind", gr.Spec.Resource.Kind, "genNamespace", gr.Spec.Resource.Namespace, "genName", gr.Spec.Resource.Name)
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
if err != nil {
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
log.V(3).Info("generated resource deleted", "genKind", gr.Spec.Resource.Kind, "genNamespace", gr.Spec.Resource.Namespace, "genName", gr.Spec.Resource.Name)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -12,6 +12,7 @@ import (
|
||||||
"github.com/kyverno/kyverno/pkg/constant"
|
"github.com/kyverno/kyverno/pkg/constant"
|
||||||
dclient "github.com/kyverno/kyverno/pkg/dclient"
|
dclient "github.com/kyverno/kyverno/pkg/dclient"
|
||||||
"k8s.io/apimachinery/pkg/api/errors"
|
"k8s.io/apimachinery/pkg/api/errors"
|
||||||
|
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
|
|
@ -174,13 +175,13 @@ func (c *Controller) deleteGR(obj interface{}) {
|
||||||
}
|
}
|
||||||
for _, resource := range gr.Status.GeneratedResources {
|
for _, resource := range gr.Status.GeneratedResources {
|
||||||
r, err := c.client.GetResource(resource.APIVersion, resource.Kind, resource.Namespace, resource.Name)
|
r, err := c.client.GetResource(resource.APIVersion, resource.Kind, resource.Namespace, resource.Name)
|
||||||
if err != nil {
|
if err != nil && !apierrors.IsNotFound(err) {
|
||||||
logger.Error(err, "Generated resource is not deleted", "Resource", resource.Name)
|
logger.Error(err, "Generated resource is not deleted", "Resource", resource.Name)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
labels := r.GetLabels()
|
|
||||||
if labels["policy.kyverno.io/synchronize"] == "enable" {
|
if r != nil && r.GetLabels()["policy.kyverno.io/synchronize"] == "enable" {
|
||||||
if err := c.client.DeleteResource(r.GetAPIVersion(), r.GetKind(), r.GetNamespace(), r.GetName(), false); err != nil {
|
if err := c.client.DeleteResource(r.GetAPIVersion(), r.GetKind(), r.GetNamespace(), r.GetName(), false); err != nil && !apierrors.IsNotFound(err) {
|
||||||
logger.Error(err, "Generated resource is not deleted", "Resource", r.GetName())
|
logger.Error(err, "Generated resource is not deleted", "Resource", r.GetName())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@ import (
|
||||||
"github.com/kyverno/kyverno/pkg/policystatus"
|
"github.com/kyverno/kyverno/pkg/policystatus"
|
||||||
"github.com/kyverno/kyverno/pkg/resourcecache"
|
"github.com/kyverno/kyverno/pkg/resourcecache"
|
||||||
"k8s.io/apimachinery/pkg/api/errors"
|
"k8s.io/apimachinery/pkg/api/errors"
|
||||||
|
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
||||||
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
||||||
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
utilruntime "k8s.io/apimachinery/pkg/util/runtime"
|
||||||
"k8s.io/apimachinery/pkg/util/wait"
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
|
|
@ -220,13 +221,13 @@ func (c *Controller) deleteGR(obj interface{}) {
|
||||||
}
|
}
|
||||||
for _, resource := range gr.Status.GeneratedResources {
|
for _, resource := range gr.Status.GeneratedResources {
|
||||||
r, err := c.client.GetResource(resource.APIVersion, resource.Kind, resource.Namespace, resource.Name)
|
r, err := c.client.GetResource(resource.APIVersion, resource.Kind, resource.Namespace, resource.Name)
|
||||||
if err != nil {
|
if err != nil && !apierrors.IsNotFound(err) {
|
||||||
logger.Error(err, "Generated resource is not deleted", "Resource", resource.Name)
|
logger.Error(err, "Generated resource is not deleted", "Resource", resource.Name)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
labels := r.GetLabels()
|
|
||||||
if labels["policy.kyverno.io/synchronize"] == "enable" {
|
if r != nil && r.GetLabels()["policy.kyverno.io/synchronize"] == "enable" {
|
||||||
if err := c.client.DeleteResource(r.GetAPIVersion(), r.GetKind(), r.GetNamespace(), r.GetName(), false); err != nil {
|
if err := c.client.DeleteResource(r.GetAPIVersion(), r.GetKind(), r.GetNamespace(), r.GetName(), false); err != nil && !apierrors.IsNotFound(err) {
|
||||||
logger.Error(err, "Generated resource is not deleted", "Resource", r.GetName())
|
logger.Error(err, "Generated resource is not deleted", "Resource", r.GetName())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -34,6 +34,11 @@ func (c *Controller) processGR(gr *kyverno.GenerateRequest) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// trigger resource is being terminated
|
||||||
|
if resource == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
// 2 - Apply the generate policy on the resource
|
// 2 - Apply the generate policy on the resource
|
||||||
genResources, err = c.applyGenerate(*resource, *gr)
|
genResources, err = c.applyGenerate(*resource, *gr)
|
||||||
|
|
||||||
|
|
@ -57,13 +62,12 @@ func (c *Controller) applyGenerate(resource unstructured.Unstructured, gr kyvern
|
||||||
if apierrors.IsNotFound(err) {
|
if apierrors.IsNotFound(err) {
|
||||||
for _, e := range gr.Status.GeneratedResources {
|
for _, e := range gr.Status.GeneratedResources {
|
||||||
resp, err := c.client.GetResource(e.APIVersion, e.Kind, e.Namespace, e.Name)
|
resp, err := c.client.GetResource(e.APIVersion, e.Kind, e.Namespace, e.Name)
|
||||||
if err != nil {
|
if err != nil && !apierrors.IsNotFound(err) {
|
||||||
logger.Error(err, "failed to find generated resource", "name", e.Name)
|
logger.Error(err, "failed to find generated resource", "name", e.Name)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
labels := resp.GetLabels()
|
if resp != nil && resp.GetLabels()["policy.kyverno.io/synchronize"] == "enable" {
|
||||||
if labels["policy.kyverno.io/synchronize"] == "enable" {
|
|
||||||
if err := c.client.DeleteResource(resp.GetAPIVersion(), resp.GetKind(), resp.GetNamespace(), resp.GetName(), false); err != nil {
|
if err := c.client.DeleteResource(resp.GetAPIVersion(), resp.GetKind(), resp.GetNamespace(), resp.GetName(), false); err != nil {
|
||||||
logger.Error(err, "Generated resource is not deleted", "Resource", e.Name)
|
logger.Error(err, "Generated resource is not deleted", "Resource", e.Name)
|
||||||
}
|
}
|
||||||
|
|
@ -348,8 +352,6 @@ func applyRule(log logr.Logger, client *dclient.Client, rule kyverno.Rule, resou
|
||||||
logger.V(4).Info("creating new resource")
|
logger.V(4).Info("creating new resource")
|
||||||
_, err = client.CreateResource(genAPIVersion, genKind, genNamespace, newResource, false)
|
_, err = client.CreateResource(genAPIVersion, genKind, genNamespace, newResource, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Error(err, "failed to create resource", "resource", newResource.GetName())
|
|
||||||
// Failed to create resource
|
|
||||||
return noGenResource, err
|
return noGenResource, err
|
||||||
}
|
}
|
||||||
logger.V(2).Info("created generated resource")
|
logger.V(2).Info("created generated resource")
|
||||||
|
|
@ -403,7 +405,7 @@ func manageData(log logr.Logger, apiVersion, kind, namespace, name string, data
|
||||||
obj, err := client.GetResource(apiVersion, kind, namespace, name)
|
obj, err := client.GetResource(apiVersion, kind, namespace, name)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if apierrors.IsNotFound(err) {
|
if apierrors.IsNotFound(err) {
|
||||||
log.Error(err, "resource does not exist, will try to create", "genKind", kind, "genAPIVersion", apiVersion, "genNamespace", namespace, "genName", name)
|
log.V(3).Info("resource does not exist, will try to create", "genKind", kind, "genAPIVersion", apiVersion, "genNamespace", namespace, "genName", name)
|
||||||
return data, Create, nil
|
return data, Create, nil
|
||||||
}
|
}
|
||||||
//something wrong while fetching resource
|
//something wrong while fetching resource
|
||||||
|
|
|
||||||
|
|
@ -7,5 +7,14 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func getResource(client *dclient.Client, resourceSpec kyverno.ResourceSpec) (*unstructured.Unstructured, error) {
|
func getResource(client *dclient.Client, resourceSpec kyverno.ResourceSpec) (*unstructured.Unstructured, error) {
|
||||||
return client.GetResource(resourceSpec.APIVersion, resourceSpec.Kind, resourceSpec.Namespace, resourceSpec.Name)
|
resource, err := client.GetResource(resourceSpec.APIVersion, resourceSpec.Kind, resourceSpec.Namespace, resourceSpec.Name)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
if resource.GetDeletionTimestamp() != nil {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return resource, nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue