fix: removed duplicate config map generation, resolve permissions iss…

…ue (#305) Signed-off-by: James Milligan <james@omnant.co.uk>
open-feature · Jan 19, 2023 · eec16af · eec16af
1 parent 5deff60
commit eec16af
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 57 deletions.
diff --git a/chart/open-feature-operator/templates/rendered.yaml b/chart/open-feature-operator/templates/rendered.yaml
@@ -581,14 +581,14 @@ spec:
     listKind: FlagSourceConfigurationList
     plural: flagsourceconfigurations
     shortNames:
-    - fdc
+    - fsc
     singular: flagsourceconfiguration
   scope: Namespaced
   versions:
   - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: FlagSourceConfiguration is the Schema for the flagsourceconfigurations
+        description: FlagSourceConfiguration is the Schema for the FlagSourceConfigurations
           API
         properties:
           apiVersion:
@@ -604,7 +604,8 @@ spec:
           metadata:
             type: object
           spec:
-            description: FlagSourceConfigurationSpec defines the desired state of FlagSourceConfiguration
+            description: FlagSourceConfigurationSpec defines the desired state of
+              FlagSourceConfiguration
             properties:
               evaluator:
                 description: Evaluator sets an evaluator, defaults to 'json'
@@ -615,11 +616,11 @@ spec:
                 type: string
               metricsPort:
                 description: MetricsPort defines the port to serve metrics on, defaults
-                  to 8013
+                  to 8014
                 format: int32
                 type: integer
               port:
-                description: Port defines the port to listen on, defaults to 8014
+                description: Port defines the port to listen on, defaults to 8013
                 format: int32
                 type: integer
               socketPath:
@@ -636,7 +637,8 @@ spec:
                 type: string
             type: object
           status:
-            description: FlagSourceConfigurationStatus defines the observed state of FlagSourceConfiguration
+            description: FlagSourceConfigurationStatus defines the observed state
+              of FlagSourceConfiguration
             type: object
         type: object
     served: true
@@ -646,7 +648,7 @@ spec:
   - name: v1alpha2
     schema:
       openAPIV3Schema:
-        description: FlagSourceConfiguration is the Schema for the flagsourceconfigurations
+        description: FlagSourceConfiguration is the Schema for the FlagSourceConfigurations
           API
         properties:
           apiVersion:
@@ -662,14 +664,15 @@ spec:
           metadata:
             type: object
           spec:
-            description: FlagSourceConfigurationSpec defines the desired state of FlagSourceConfiguration
+            description: FlagSourceConfigurationSpec defines the desired state of
+              FlagSourceConfiguration
             properties:
               evaluator:
                 description: Evaluator sets an evaluator, defaults to 'json'
                 type: string
               image:
-                description: Image allows for the flagd image to be overridden, defaults
-                  to 'ghcr.io/open-feature/flagd'
+                description: Image allows for the sidecar image to be overridden,
+                  defaults to 'ghcr.io/open-feature/flagd'
                 type: string
               metricsPort:
                 description: MetricsPort defines the port to serve metrics on, defaults
@@ -690,11 +693,13 @@ spec:
                   type: string
                 type: array
               tag:
-                description: Tag to be appended to the flagd image, defaults to 'main'
+                description: Tag to be appended to the sidecar image, defaults to
+                  'main'
                 type: string
             type: object
           status:
-            description: FlagSourceConfigurationStatus defines the observed state of FlagSourceConfiguration
+            description: FlagSourceConfigurationStatus defines the observed state
+              of FlagSourceConfiguration
             type: object
         type: object
     served: true
@@ -1019,7 +1024,7 @@ spec:
         - /manager
         env:
         - name: FLAGD_VERSION
-          value: v0.2.7
+          value: v0.3.1
         image: ghcr.io/open-feature/open-feature-operator:main
         imagePullPolicy: IfNotPresent
         livenessProbe:
@@ -1156,4 +1161,4 @@ webhooks:
     - UPDATE
     resources:
     - featureflagconfigurations
-  sideEffects: None
+  sideEffects: None
diff --git a/config/crd/bases/core.openfeature.dev_flagsourceconfigurations.yaml b/config/crd/bases/core.openfeature.dev_flagsourceconfigurations.yaml
@@ -13,7 +13,7 @@ spec:
     listKind: FlagSourceConfigurationList
     plural: flagsourceconfigurations
     shortNames:
-    - fdc
+    - fsc
     singular: flagsourceconfiguration
   scope: Namespaced
   versions:

diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
@@ -40,7 +40,7 @@ rules:
 - apiGroups:
   - core.openfeature.dev
   resources:
-  - FlagSourceConfigurations
+  - featureflagconfigurations
   verbs:
   - create
   - delete
@@ -52,21 +52,21 @@ rules:
 - apiGroups:
   - core.openfeature.dev
   resources:
-  - FlagSourceConfigurations/finalizers
+  - featureflagconfigurations/finalizers
   verbs:
   - update
 - apiGroups:
   - core.openfeature.dev
   resources:
-  - FlagSourceConfigurations/status
+  - featureflagconfigurations/status
   verbs:
   - get
   - patch
   - update
 - apiGroups:
   - core.openfeature.dev
   resources:
-  - featureflagconfigurations
+  - flagsourceconfigurations
   verbs:
   - create
   - delete
@@ -78,13 +78,13 @@ rules:
 - apiGroups:
   - core.openfeature.dev
   resources:
-  - featureflagconfigurations/finalizers
+  - flagsourceconfigurations/finalizers
   verbs:
   - update
 - apiGroups:
   - core.openfeature.dev
   resources:
-  - featureflagconfigurations/status
+  - flagsourceconfigurations/status
   verbs:
   - get
   - patch

diff --git a/controllers/featureflagconfiguration_controller.go b/controllers/featureflagconfiguration_controller.go
@@ -25,7 +25,6 @@ import (
 	"github.com/open-feature/open-feature-operator/pkg/utils"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/tools/record"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
@@ -126,13 +125,11 @@ func (r *FeatureFlagConfigurationReconciler) Reconcile(ctx context.Context, req
 		return r.finishReconcile(err, false)
 	}
 
-	cmExists := false
 	// Get list of configmaps with annotation
 	for _, cm := range configMapList.Items {
 		val, ok := cm.GetAnnotations()["openfeature.dev/featureflagconfiguration"]
 		if ok && val == ffconf.Name {
 			ffConfigMapList = append(ffConfigMapList, cm)
-			cmExists = true
 		}
 	}
 
@@ -162,32 +159,6 @@ func (r *FeatureFlagConfigurationReconciler) Reconcile(ctx context.Context, req
 		}
 	}
 
-	if !cmExists {
-		ffOwnerRefs := []metav1.OwnerReference{
-			corev1alpha1.GetFfReference(ffconf),
-		}
-		cm := corev1alpha1.GenerateFfConfigMap(ffconf.Name, ffconf.Namespace, ffOwnerRefs, ffconf.Spec)
-
-		podList := &corev1.PodList{}
-		if err := r.List(ctx, podList); err != nil {
-			return r.finishReconcile(err, false)
-		}
-		for _, pod := range podList.Items {
-			val, ok := pod.GetAnnotations()["openfeature.dev/featureflagconfiguration"]
-			if ok && val == ffconf.Name {
-				reference := pod.OwnerReferences[0]
-				reference.Controller = utils.FalseVal()
-				cm.OwnerReferences = append(cm.OwnerReferences, reference)
-			}
-		}
-		// Create ConfigMap only if there is a pod which uses it
-		if len(cm.OwnerReferences) > 1 {
-			err := r.Client.Create(ctx, &cm)
-			return r.finishReconcile(err, true)
-		}
-
-	}
-
 	return r.finishReconcile(nil, false)
 }
 

diff --git a/controllers/flagdconfiguration_controller.go → ...ers/flagsourceconfiguration_controller.go b/controllers/flagdconfiguration_controller.go → ...ers/flagsourceconfiguration_controller.go
@@ -33,9 +33,9 @@ type FlagSourceConfigurationReconciler struct {
 	Scheme *runtime.Scheme
 }
 
-//+kubebuilder:rbac:groups=core.openfeature.dev,resources=FlagSourceConfigurations,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=core.openfeature.dev,resources=FlagSourceConfigurations/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=core.openfeature.dev,resources=FlagSourceConfigurations/finalizers,verbs=update
+//+kubebuilder:rbac:groups=core.openfeature.dev,resources=flagsourceconfigurations,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups=core.openfeature.dev,resources=flagsourceconfigurations/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups=core.openfeature.dev,resources=flagsourceconfigurations/finalizers,verbs=update
 
 // Reconcile is part of the main kubernetes reconciliation loop which aims to
 // move the current state of the cluster closer to the desired state.

diff --git a/webhooks/pod_webhook.go b/webhooks/pod_webhook.go
@@ -138,7 +138,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio
 	}
 
 	// merge any provided flagd specs
-	flagdConfigSpec := corev1alpha1.NewFlagSourceConfigurationSpec()
+	flagSourceConfigurationSpec := corev1alpha1.NewFlagSourceConfigurationSpec()
 	for _, fcName := range fcNames {
 		ns, name := parseAnnotation(fcName, req.Namespace)
 		if err != nil {
@@ -150,7 +150,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio
 			m.Log.V(1).Info(fmt.Sprintf("FlagSourceConfiguration could not be found for %s", fcName))
 			return admission.Errored(http.StatusBadRequest, err)
 		}
-		flagdConfigSpec.Merge(&fc.Spec)
+		flagSourceConfigurationSpec.Merge(&fc.Spec)
 	}
 
 	ffConfigs := []*corev1alpha1.FeatureFlagConfiguration{}
@@ -166,7 +166,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio
 			m.Log.V(1).Info(fmt.Sprintf("FeatureFlagConfiguration could not be found for %s", ffName))
 			return admission.Errored(http.StatusBadRequest, err)
 		}
-		if ff.Spec.SyncProvider != nil && !ff.Spec.SyncProvider.IsFilepath() {
+		if ff.Spec.SyncProvider != nil && !ff.Spec.SyncProvider.IsKubernetes() {
 			// Check for ConfigMap and create it if it doesn't exist (only required if sync provider isn't kubernetes)
 			cm := corev1.ConfigMap{}
 			if err := m.Client.Get(ctx, client.ObjectKey{Name: name, Namespace: req.Namespace}, &cm); errors.IsNotFound(err) {
@@ -192,7 +192,7 @@ func (m *PodMutator) Handle(ctx context.Context, req admission.Request) admissio
 		ffConfigs = append(ffConfigs, &ff)
 	}
 
-	marshaledPod, err := m.injectSidecar(pod, flagdConfigSpec, ffConfigs)
+	marshaledPod, err := m.injectSidecar(pod, flagSourceConfigurationSpec, ffConfigs)
 	if err != nil {
 		return admission.Errored(http.StatusInternalServerError, err)
 	}