From 6b56fe3d2b9352be7ba0982c7ce82ee7445a8552 Mon Sep 17 00:00:00 2001 From: Rui Vieira Date: Tue, 23 Jan 2024 18:13:59 +0000 Subject: [PATCH] Add unique ClusterRoleBinding names --- ...styai.opendatahub.io_trustyaiservices.yaml | 224 +++++++++--------- controllers/service_accounts.go | 5 +- 2 files changed, 114 insertions(+), 115 deletions(-) diff --git a/config/crd/bases/trustyai.opendatahub.io_trustyaiservices.yaml b/config/crd/bases/trustyai.opendatahub.io_trustyaiservices.yaml index 3c451efc..a04c9950 100644 --- a/config/crd/bases/trustyai.opendatahub.io_trustyaiservices.yaml +++ b/config/crd/bases/trustyai.opendatahub.io_trustyaiservices.yaml @@ -2,121 +2,121 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.11.1 - creationTimestamp: null - name: trustyaiservices.trustyai.opendatahub.io + annotations: + controller-gen.kubebuilder.io/version: v0.11.1 + creationTimestamp: null + name: trustyaiservices.trustyai.opendatahub.io spec: - group: trustyai.opendatahub.io - names: - kind: TrustyAIService - listKind: TrustyAIServiceList - plural: trustyaiservices - singular: trustyaiservice - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: TrustyAIService is the Schema for the trustyaiservices API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation + group: trustyai.opendatahub.io + names: + kind: TrustyAIService + listKind: TrustyAIServiceList + plural: trustyaiservices + singular: trustyaiservice + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: TrustyAIService is the Schema for the trustyaiservices API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: TrustyAIServiceSpec defines the desired state of TrustyAIService - properties: - data: - properties: - filename: - type: string - format: - type: string - required: - - filename - - format - type: object - metrics: - properties: - batchSize: - type: integer - schedule: - type: string - required: - - schedule - type: object - replicas: - description: Number of replicas - format: int32 - type: integer - storage: - properties: - folder: - type: string - format: - type: string - size: - type: string - required: - - folder - - format - - size - type: object - required: - - data - - metrics - - storage - type: object - status: - description: TrustyAIServiceStatus defines the observed state of TrustyAIService - properties: - conditions: - items: - description: Condition represents possible conditions of a TrustyAIServiceStatus - properties: - lastTransitionTime: - format: date-time - type: string - message: - type: string - reason: - type: string - status: - type: string - type: - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - phase: - description: Define your status fields here - type: string - ready: - type: string - replicas: - format: int32 - type: integer - required: - - conditions - - phase - - replicas - type: object + type: string + metadata: + type: object + spec: + description: TrustyAIServiceSpec defines the desired state of TrustyAIService + properties: + data: + properties: + filename: + type: string + format: + type: string + required: + - filename + - format + type: object + metrics: + properties: + batchSize: + type: integer + schedule: + type: string + required: + - schedule + type: object + replicas: + description: Number of replicas + format: int32 + type: integer + storage: + properties: + folder: + type: string + format: + type: string + size: + type: string + required: + - folder + - format + - size + type: object + required: + - data + - metrics + - storage + type: object + status: + description: TrustyAIServiceStatus defines the observed state of TrustyAIService + properties: + conditions: + items: + description: Condition represents possible conditions of a TrustyAIServiceStatus + properties: + lastTransitionTime: + format: date-time + type: string + message: + type: string + reason: + type: string + status: + type: string + type: + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type type: object - served: true - storage: true - subresources: - status: {} + type: array + phase: + description: Define your status fields here + type: string + ready: + type: string + replicas: + format: int32 + type: integer + required: + - conditions + - phase + - replicas + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/controllers/service_accounts.go b/controllers/service_accounts.go index 156ec226..f0229e02 100644 --- a/controllers/service_accounts.go +++ b/controllers/service_accounts.go @@ -99,7 +99,7 @@ func (r *TrustyAIServiceReconciler) createServiceAccount(ctx context.Context, in func (r *TrustyAIServiceReconciler) createClusterRoleBinding(ctx context.Context, instance *trustyaiopendatahubiov1alpha1.TrustyAIService, serviceAccountName string) error { clusterRoleBinding := &rbacv1.ClusterRoleBinding{ ObjectMeta: metav1.ObjectMeta{ - Name: instance.Name + "-proxy-rolebinding", + Name: instance.Name + "-" + instance.Namespace + "-proxy-rolebinding", Namespace: instance.Namespace, }, Subjects: []rbacv1.Subject{ @@ -128,10 +128,9 @@ func (r *TrustyAIServiceReconciler) createClusterRoleBinding(ctx context.Context log.FromContext(ctx).Info("Creating a new ClusterRoleBinding", "Name", clusterRoleBinding.Name) err = r.Create(ctx, clusterRoleBinding) if err != nil { + log.FromContext(ctx).Error(err, "Error creating a new ClusterRoleBinding") return err } - } else if err != nil { - return err } return nil