Handle cleanup of individual origin authz objects#15223
Handle cleanup of individual origin authz objects#15223openshift-bot merged 1 commit intoopenshift:masterfrom liggitt:rbac-controller-cleanup
Conversation
|
@deads2k PTAL |
|
[test] |
|
[severity:blocker] |
|
Yes |
| for _, originObj := range originContainerObj.Roles { | ||
| keys := sets.NewString() | ||
| for _, originObj := range old.(*authorizationapi.ClusterPolicy).Roles { | ||
| c.originIndexer.Delete(originObj) |
There was a problem hiding this comment.
Seems like this would put our lister into a bad state that could be observed by the syncFunction, resulting in bad behavior as we repeatedly delete and recreate roles.
There was a problem hiding this comment.
hmm... have to compute the delta manually. I hate virtual resources.
|
fixed to avoid flutter on objects that are not removed |
|
Evaluated for origin test up to 1a09bcf |
|
lgtm [merge] |
|
Evaluated for origin merge up to 1a09bcf |
|
continuous-integration/openshift-jenkins/test SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pull_request_origin/3200/) (Base Commit: 8693402) (PR Branch Commit: 1a09bcf) |
|
continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/merge_pull_request_origin/1295/) (Base Commit: 271fb1c) (PR Branch Commit: 1a09bcf) (Extended Tests: blocker) (Image: devenv-rhel7_6448) |
4 participants
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1468629
update handler for container objects wasn't correctly processing removal of old nested objects