From cf65fc2f4824e14451c2f086bded3ea8b218248b Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Thu, 19 Oct 2023 15:16:46 +0800 Subject: [PATCH] fix: allow cleanup controller to update the policy status (#8681) (#8684) Signed-off-by: Mariam Fahmy Co-authored-by: Mariam Fahmy --- .../cleanup-controller/clusterrole.yaml | 7 ++++++ config/install-latest-testing.yaml | 7 ++++++ pkg/controllers/cleanup/controller.go | 22 ++++++++++++++----- 3 files changed, 30 insertions(+), 6 deletions(-) diff --git a/charts/kyverno/templates/cleanup-controller/clusterrole.yaml b/charts/kyverno/templates/cleanup-controller/clusterrole.yaml index 1777f32815..9f20026639 100644 --- a/charts/kyverno/templates/cleanup-controller/clusterrole.yaml +++ b/charts/kyverno/templates/cleanup-controller/clusterrole.yaml @@ -45,6 +45,13 @@ rules: verbs: - list - watch + - apiGroups: + - kyverno.io + resources: + - clustercleanuppolicies/status + - cleanuppolicies/status + verbs: + - update - apiGroups: - '' resources: diff --git a/config/install-latest-testing.yaml b/config/install-latest-testing.yaml index b3c896761e..4d2f28f8e9 100644 --- a/config/install-latest-testing.yaml +++ b/config/install-latest-testing.yaml @@ -43934,6 +43934,13 @@ rules: verbs: - list - watch + - apiGroups: + - kyverno.io + resources: + - clustercleanuppolicies/status + - cleanuppolicies/status + verbs: + - update - apiGroups: - '' resources: diff --git a/pkg/controllers/cleanup/controller.go b/pkg/controllers/cleanup/controller.go index 24d7fcd6a1..4b783c75ad 100644 --- a/pkg/controllers/cleanup/controller.go +++ b/pkg/controllers/cleanup/controller.go @@ -340,7 +340,10 @@ func (c *controller) reconcile(ctx context.Context, logger logr.Logger, key, nam if err != nil { return err } - c.updateCleanupPolicyStatus(ctx, policy, namespace, *executionTime) + if err := c.updateCleanupPolicyStatus(ctx, policy, namespace, *executionTime); err != nil { + logger.Error(err, "failed to update the cleanup policy status") + return err + } nextExecutionTime, err = policy.GetNextExecutionTime(*executionTime) if err != nil { logger.Error(err, "failed to get the policy next execution time") @@ -357,19 +360,26 @@ func (c *controller) reconcile(ctx context.Context, logger logr.Logger, key, nam return nil } -func (c *controller) updateCleanupPolicyStatus(ctx context.Context, policy kyvernov2alpha1.CleanupPolicyInterface, namespace string, time time.Time) { +func (c *controller) updateCleanupPolicyStatus(ctx context.Context, policy kyvernov2alpha1.CleanupPolicyInterface, namespace string, time time.Time) error { switch obj := policy.(type) { case *kyvernov2beta1.ClusterCleanupPolicy: latest := obj.DeepCopy() - latest.Status.LastExecutionTime.Time = time + latest.Status.LastExecutionTime = metav1.NewTime(time) - new, _ := c.kyvernoClient.KyvernoV2beta1().ClusterCleanupPolicies().UpdateStatus(ctx, latest, metav1.UpdateOptions{}) + new, err := c.kyvernoClient.KyvernoV2beta1().ClusterCleanupPolicies().UpdateStatus(ctx, latest, metav1.UpdateOptions{}) + if err != nil { + return err + } logging.V(3).Info("updated cluster cleanup policy status", "name", policy.GetName(), "status", new.Status) case *kyvernov2beta1.CleanupPolicy: latest := obj.DeepCopy() - latest.Status.LastExecutionTime.Time = time + latest.Status.LastExecutionTime = metav1.NewTime(time) - new, _ := c.kyvernoClient.KyvernoV2beta1().CleanupPolicies(namespace).UpdateStatus(ctx, latest, metav1.UpdateOptions{}) + new, err := c.kyvernoClient.KyvernoV2beta1().CleanupPolicies(namespace).UpdateStatus(ctx, latest, metav1.UpdateOptions{}) + if err != nil { + return err + } logging.V(3).Info("updated cleanup policy status", "name", policy.GetName(), "namespace", policy.GetNamespace(), "status", new.Status) } + return nil }