diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index e258ce42..efca1518 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2021 Clastix Labs diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index ae7eb6eb..1ea0ee53 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -1,3 +1,4 @@ +//go:build !ignore_autogenerated // +build !ignore_autogenerated // Copyright 2020-2021 Clastix Labs diff --git a/controllers/tenant/rolebindings.go b/controllers/tenant/rolebindings.go index f55140d2..06905ce6 100644 --- a/controllers/tenant/rolebindings.go +++ b/controllers/tenant/rolebindings.go @@ -97,9 +97,6 @@ func (r *Manager) syncAdditionalRoleBinding(tenant *capsulev1beta1.Tenant, ns st r.Log.Error(err, "Cannot sync Additional RoleBinding") } r.Log.Info(fmt.Sprintf("Additional RoleBindings sync result: %s", string(res)), "name", target.Name, "namespace", target.Namespace) - if err != nil { - return - } } return nil diff --git a/docs/content/dev-guide.md b/docs/content/dev-guide.md index f4fd4f49..bacff9bf 100644 --- a/docs/content/dev-guide.md +++ b/docs/content/dev-guide.md @@ -31,6 +31,9 @@ $ export LAPTOP_HOST_IP=192.168.10.101 # Refer to here for more options: https://k3d.io/v4.4.8/usage/commands/k3d_cluster_create/ $ k3d cluster create k3s-capsule --servers 1 --agents 1 --no-lb --k3s-server-arg --tls-san=${LAPTOP_HOST_IP} +# Get Kubeconfig +$ k3d kubeconfig get k3s-capsule > /tmp/k3s-capsule && export KUBECONFIG="/tmp/k3s-capsule" + # This will create a cluster with 1 server and 1 worker node $ kubectl get nodes NAME STATUS ROLES AGE VERSION @@ -153,6 +156,8 @@ spec: owners: - name: alice kind: User + - name: system:serviceaccount:capsule-system:default + kind: ServiceAccount EOF # There shouldn't be any errors and you should see the newly created tenant @@ -161,12 +166,17 @@ NAME STATE NAMESPACE QUOTA NAMESPACE COUNT NODE SELECTOR AGE oil Active 0 14s ``` +If you want to test namespace creation or such stuff, make sure to use impersonation: + +```sh +$ kubectl ... --as system:serviceaccount:capsule-system:default --as-group capsule.clastix.io +``` + As of now, a complete Capsule environment has been set up in `kind`- or `k3d`-powered cluster, and the `capsule-controller-manager` is running as a deployment serving as: - The reconcilers for CRDs and; - A series of webhooks - ## Set up development env During development, we prefer that the code is running within our IDE locally, instead of running as the normal Pod(s) within the Kubernetes cluster.