Merge branch 'master' into osl-member

codeready-toolchain · Jul 18, 2024 · 29007cd · 29007cd
2 parents 56debe2 + 392066d
commit 29007cd
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 3 deletions.
diff --git a/controllers/useraccount/console_usersettings.go b/controllers/useraccount/console_usersettings.go
@@ -11,6 +11,8 @@ const (
 	ConsoleUserSettingsUID                = "console.openshift.io/user-settings-uid"
 	UserSettingNS                         = "openshift-console-user-settings"
 	ConsoleUserSettingsResourceNamePrefix = "user-settings-"
+	ConsoleUserSettingsRoleSuffix         = "-role"
+	ConsoleUserSettingsRoleBindingSuffix  = "-rolebinding"
 )
 
 // deleteResource deletes the specified resource associated with a user from console setting.
@@ -21,6 +23,12 @@ const (
 func deleteResource(ctx context.Context, cl client.Client, userUID string, toDelete client.Object) error {
 
 	name := ConsoleUserSettingsResourceNamePrefix + userUID
+	if toDelete.GetObjectKind().GroupVersionKind().Kind == "Role" {
+		name = name + ConsoleUserSettingsRoleSuffix
+	} else if toDelete.GetObjectKind().GroupVersionKind().Kind == "RoleBinding" {
+		name = name + ConsoleUserSettingsRoleBindingSuffix
+	}
+
 	toDelete.SetName(name)
 	toDelete.SetNamespace(UserSettingNS)
 	if err := cl.Delete(ctx, toDelete); err != nil {

diff --git a/controllers/useraccount/console_usersettings_test.go b/controllers/useraccount/console_usersettings_test.go
@@ -35,6 +35,46 @@ func TestDeleteConsoleSettingObjects(t *testing.T) {
 		// check that the configmap doesn't exist anymore
 		AssertObjectNotFound(t, cl, UserSettingNS, "user-settings-johnsmith", &corev1.ConfigMap{})
 	})
+	t.Run("Role found by name and deleted", func(t *testing.T) {
+		// given
+		ctx := context.Background()
+		role := &rbac.Role{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "user-settings-johnsmith-role",
+				Namespace: UserSettingNS,
+			},
+		}
+		cl := test.NewFakeClient(t, role)
+
+		// when
+		err := deleteResource(ctx, cl, "johnsmith", &rbac.Role{TypeMeta: metav1.TypeMeta{Kind: "Role"}})
+
+		// then
+		require.NoError(t, err)
+		// check that the role doesn't exist anymore
+		AssertObjectNotFound(t, cl, UserSettingNS, "user-settings-johnsmith-role", &rbac.Role{})
+	})
+
+	t.Run("Rolebinding found by name and deleted", func(t *testing.T) {
+		// given
+		ctx := context.Background()
+		rb := &rbac.RoleBinding{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      "user-settings-johnsmith-rolebinding",
+				Namespace: UserSettingNS,
+			},
+		}
+		cl := test.NewFakeClient(t, rb)
+
+		// when
+		err := deleteResource(ctx, cl, "johnsmith", &rbac.RoleBinding{TypeMeta: metav1.TypeMeta{Kind: "RoleBinding"}})
+
+		// then
+		require.NoError(t, err)
+		// check that the rolebinding doesn't exist anymore
+		AssertObjectNotFound(t, cl, UserSettingNS, "user-settings-johnsmith-rolebinding", &rbac.RoleBinding{})
+	})
+
 	t.Run("Object found by label and deletes successfully", func(t *testing.T) {
 		// given
 		cm := &corev1.ConfigMap{

diff --git a/controllers/useraccount/useraccount_controller.go b/controllers/useraccount/useraccount_controller.go
@@ -507,10 +507,10 @@ func (r *Reconciler) deleteUserResources(ctx context.Context, userUID string) er
 	if err := deleteResource(ctx, r.Client, userUID, &corev1.ConfigMap{}); err != nil {
 		return err
 	}
-	if err := deleteResource(ctx, r.Client, userUID, &rbac.Role{}); err != nil {
+	if err := deleteResource(ctx, r.Client, userUID, &rbac.Role{TypeMeta: metav1.TypeMeta{Kind: "Role"}}); err != nil {
 		return err
 	}
-	return deleteResource(ctx, r.Client, userUID, &rbac.RoleBinding{})
+	return deleteResource(ctx, r.Client, userUID, &rbac.RoleBinding{TypeMeta: metav1.TypeMeta{Kind: "RoleBinding"}})
 }
 
 // deleteIdentity deletes the Identity resources owned by the specified UserAccount.

diff --git a/controllers/useraccount/useraccount_controller_test.go b/controllers/useraccount/useraccount_controller_test.go
@@ -424,6 +424,10 @@ func TestReconcile(t *testing.T) {
 			},
 		}
 		role := &rbac.Role{
+			TypeMeta: metav1.TypeMeta{
+				Kind:       "Role",
+				APIVersion: "rbac.authorization.k8s.io/v1",
+			},
 			ObjectMeta: metav1.ObjectMeta{
 				Name:      resourceName + "random",
 				Namespace: UserSettingNS,
@@ -434,8 +438,12 @@ func TestReconcile(t *testing.T) {
 			},
 		}
 		rb := &rbac.RoleBinding{
+			TypeMeta: metav1.TypeMeta{
+				Kind:       "RoleBinding",
+				APIVersion: "rbac.authorization.k8s.io/v1",
+			},
 			ObjectMeta: metav1.ObjectMeta{
-				Name:      resourceName,
+				Name:      resourceName + ConsoleUserSettingsRoleBindingSuffix,
 				Namespace: UserSettingNS,
 			},
 		}