Skip to content

Commit

Permalink
Merge pull request kubesphere#4271 from LinuxSuRen/fix-am-devops-client
Browse files Browse the repository at this point in the history
Fix the devopsProjectLister is nil
  • Loading branch information
ks-ci-bot authored Sep 24, 2021
2 parents 9734c99 + 182c4ac commit 15205cb
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 9 deletions.
2 changes: 1 addition & 1 deletion pkg/apiserver/apiserver.go
Original file line number Diff line number Diff line change
Expand Up @@ -322,7 +322,7 @@ func (s *APIServer) buildHandlerChain(stopCh <-chan struct{}) {
case authorization.RBAC:
excludedPaths := []string{"/oauth/*", "/kapis/config.kubesphere.io/*", "/kapis/version", "/kapis/metrics"}
pathAuthorizer, _ := path.NewAuthorizer(excludedPaths)
amOperator := am.NewReadOnlyOperator(s.InformerFactory)
amOperator := am.NewReadOnlyOperator(s.InformerFactory, s.DevopsClient)
authorizers = unionauthorizer.New(pathAuthorizer, rbac.NewRBACAuthorizer(amOperator))
}

Expand Down
2 changes: 1 addition & 1 deletion pkg/apiserver/authorization/rbac/rbac_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -920,7 +920,7 @@ func newMockRBACAuthorizer(staticRoles *StaticRoles) (*RBACAuthorizer, error) {
return nil, err
}
}
return NewRBACAuthorizer(am.NewReadOnlyOperator(fakeInformerFactory)), nil
return NewRBACAuthorizer(am.NewReadOnlyOperator(fakeInformerFactory, nil)), nil
}

func TestAppliesTo(t *testing.T) {
Expand Down
15 changes: 8 additions & 7 deletions pkg/models/iam/am/am.go
Original file line number Diff line number Diff line change
Expand Up @@ -114,8 +114,8 @@ type amOperator struct {
k8sclient kubernetes.Interface
}

func NewReadOnlyOperator(factory informers.InformerFactory) AccessManagementInterface {
return &amOperator{
func NewReadOnlyOperator(factory informers.InformerFactory, devopsClient devops.Interface) AccessManagementInterface {
operator := &amOperator{
globalRoleBindingGetter: globalrolebinding.New(factory.KubeSphereSharedInformerFactory()),
workspaceRoleBindingGetter: workspacerolebinding.New(factory.KubeSphereSharedInformerFactory()),
clusterRoleBindingGetter: clusterrolebinding.New(factory.KubernetesSharedInformerFactory()),
Expand All @@ -126,16 +126,17 @@ func NewReadOnlyOperator(factory informers.InformerFactory) AccessManagementInte
roleGetter: role.New(factory.KubernetesSharedInformerFactory()),
namespaceLister: factory.KubernetesSharedInformerFactory().Core().V1().Namespaces().Lister(),
}
// no more CRDs of devopsprojects if the DevOps module was disabled
if devopsClient != nil {
operator.devopsProjectLister = factory.KubeSphereSharedInformerFactory().Devops().V1alpha3().DevOpsProjects().Lister()
}
return operator
}

func NewOperator(ksClient kubesphere.Interface, k8sClient kubernetes.Interface, factory informers.InformerFactory, devopsClient devops.Interface) AccessManagementInterface {
amOperator := NewReadOnlyOperator(factory).(*amOperator)
amOperator := NewReadOnlyOperator(factory, devopsClient).(*amOperator)
amOperator.ksclient = ksClient
amOperator.k8sclient = k8sClient
// no more CRDs of devopsprojects if the DevOps module was disabled
if devopsClient != nil {
amOperator.devopsProjectLister = factory.KubeSphereSharedInformerFactory().Devops().V1alpha3().DevOpsProjects().Lister()
}
return amOperator
}

Expand Down

0 comments on commit 15205cb

Please sign in to comment.