update: change application/monitoring namespace creation

Signed-off-by: Wen Zhou <[email protected]>

controllers/dscinitialization/dscinitialization_controller.go

@@ -167,8 +167,7 @@ func (r *DSCInitializationReconciler) Reconcile(ctx context.Context, req ctrl.Re
 	}
 
 	// Check namespace is not exist, then create
-	namespace := instance.Spec.ApplicationsNamespace
-	err := r.createOdhNamespace(ctx, instance, namespace, platform)
+	err := r.createOdhNamespace(ctx, instance, platform)
 	if err != nil {
 		// no need to log error as it was already logged in createOdhNamespace
 		return reconcile.Result{}, err

controllers/dscinitialization/monitoring.go

@@ -350,7 +350,10 @@ func configurePrometheus(ctx context.Context, dsciInit *dsciv1.DSCInitialization
 func configureBlackboxExporter(ctx context.Context, dsciInit *dsciv1.DSCInitialization, r *DSCInitializationReconciler) error {
 	log := r.Log
 	consoleRoute := &routev1.Route{}
-	err := r.Client.Get(ctx, client.ObjectKey{Name: "console", Namespace: "openshift-console"}, consoleRoute)
+	err := r.Client.Get(ctx, client.ObjectKey{
+			Name: "console",
+			Namespace: "openshift-console",
+		}, consoleRoute)
 	if err != nil {
 		if !k8serr.IsNotFound(err) {
 			return err

controllers/dscinitialization/utils.go

@@ -18,6 +18,7 @@ import (
 	"k8s.io/client-go/util/retry"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 
 	dsciv1 "github.com/opendatahub-io/opendatahub-operator/v2/apis/dscinitialization/v1"
 	"github.com/opendatahub-io/opendatahub-operator/v2/pkg/cluster"
@@ -36,106 +37,79 @@ var (
 // - ConfigMap  'odh-common-config'
 // - Network Policies 'opendatahub' that allow traffic between the ODH namespaces
 // - RoleBinding 'opendatahub'.
-func (r *DSCInitializationReconciler) createOdhNamespace(ctx context.Context, dscInit *dsciv1.DSCInitialization, name string, platform cluster.Platform) error {
+func (r *DSCInitializationReconciler) createOdhNamespace(ctx context.Context, dscInit *dsciv1.DSCInitialization, platform cluster.Platform) error {
 	log := r.Log
-	// Expected application namespace for the given name
-	desiredNamespace := &corev1.Namespace{
+
+	desiredAppNamespace := &corev1.Namespace{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name,
-			Labels: map[string]string{
-				labels.ODH.OwnedNamespace: "true",
-				labels.SecurityEnforce:    "baseline",
-			},
+			Name: dscInit.Spec.ApplicationsNamespace,
 		},
 	}
-
-	// Create Application Namespace if it doesn't exist
-	foundNamespace := &corev1.Namespace{}
-	err := r.Get(ctx, client.ObjectKey{Name: name}, foundNamespace)
-	if err != nil {
-		if k8serr.IsNotFound(err) {
-			log.Info("Creating namespace", "name", name)
-			// Set Controller reference
-			// err = ctrl.SetControllerReference(dscInit, desiredNamespace, r.Scheme)
-			// if err != nil {
-			//	 log.Error(err, "Unable to add OwnerReference to the Namespace")
-			//	 return err
-			// }
-			err = r.Create(ctx, desiredNamespace)
-			if err != nil && !k8serr.IsAlreadyExists(err) {
-				log.Error(err, "Unable to create namespace", "name", name)
-				return err
-			}
-		} else {
-			log.Error(err, "Unable to fetch namespace", "name", name)
-			return err
+	result, err := controllerutil.CreateOrUpdate(ctx, r.Client, desiredAppNamespace, func() error {
+		labes := map[string]string{
+			labels.ODH.OwnedNamespace: "true",
+			labels.SecurityEnforce:    "baseline",
 		}
-		// Patch Application Namespace if it exists
-	} else if dscInit.Spec.Monitoring.ManagementState == operatorv1.Managed {
-		log.Info("Patching application namespace for Managed cluster", "name", name)
-		labelPatch := `{"metadata":{"labels":{"openshift.io/cluster-monitoring":"true","pod-security.kubernetes.io/enforce":"baseline","opendatahub.io/generated-namespace": "true"}}}`
-		err = r.Patch(ctx, foundNamespace, client.RawPatch(types.MergePatchType,
-			[]byte(labelPatch)))
-		if err != nil {
-			return err
+		// Patch label for Application Namespace in Managed cluster
+		if dscInit.Spec.Monitoring.ManagementState == operatorv1.Managed {
+			labes["openshift.io/cluster-monitoring"] = "true"
 		}
+		desiredAppNamespace.Labels = labes
+		return nil
+	})
+	if err != nil {
+		r.Log.Error(err, "Unable to create or reconcile namespace", "name", dscInit.Spec.ApplicationsNamespace)
+		return err
+	}
+	if result == controllerutil.OperationResultCreated {
+		r.Log.Info("Created namespace", "name", dscInit.Spec.ApplicationsNamespace)
+		return nil
 	}
+
 	// Create Monitoring Namespace if it is enabled and not exists
 	if dscInit.Spec.Monitoring.ManagementState == operatorv1.Managed {
-		foundMonitoringNamespace := &corev1.Namespace{}
-		monitoringName := dscInit.Spec.Monitoring.Namespace
-		err := r.Get(ctx, client.ObjectKey{Name: monitoringName}, foundMonitoringNamespace)
-		if err != nil {
-			if k8serr.IsNotFound(err) {
-				log.Info("Not found monitoring namespace", "name", monitoringName)
-				desiredMonitoringNamespace := &corev1.Namespace{
-					ObjectMeta: metav1.ObjectMeta{
-						Name: monitoringName,
-						Labels: map[string]string{
-							labels.ODH.OwnedNamespace: "true",
-							labels.SecurityEnforce:    "baseline",
-							labels.ClusterMonitoring:  "true",
-						},
-					},
-				}
-				err = r.Create(ctx, desiredMonitoringNamespace)
-				if err != nil && !k8serr.IsAlreadyExists(err) {
-					log.Error(err, "Unable to create namespace", "name", monitoringName)
-					return err
-				}
-			} else {
-				log.Error(err, "Unable to fetch monitoring namespace", "name", monitoringName)
-				return err
-			}
-		} else { // force to patch monitoring namespace with label for cluster-monitoring
-			log.Info("Patching monitoring namespace", "name", monitoringName)
-			labelPatch := `{"metadata":{"labels":{"openshift.io/cluster-monitoring":"true", "pod-security.kubernetes.io/enforce":"baseline","opendatahub.io/generated-namespace": "true"}}}`
-
-			err = r.Patch(ctx, foundMonitoringNamespace, client.RawPatch(types.MergePatchType, []byte(labelPatch)))
-			if err != nil {
-				return err
+		desireddMonNamespace := &corev1.Namespace{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: dscInit.Spec.Monitoring.Namespace,
+			},
+		}
+		result, err := controllerutil.CreateOrUpdate(ctx, r.Client, desireddMonNamespace, func() error {
+			labes := map[string]string{
+				labels.ODH.OwnedNamespace: "true",
+				labels.SecurityEnforce:    "baseline",
+				labels.ClusterMonitoring:  "true",
 			}
+			desireddMonNamespace.Labels = labes
+			return nil
+		})
+		if err != nil {
+			r.Log.Error(err, "Unable to create or reconcile namespace", "name", dscInit.Spec.Monitoring.Namespace)
+			return err
+		}
+		if result == controllerutil.OperationResultCreated {
+			r.Log.Info("Created namespace", "name", dscInit.Spec.Monitoring.Namespace)
+			return nil
 		}
 	}
 
 	// Create default NetworkPolicy for the namespace
-	err = r.reconcileDefaultNetworkPolicy(ctx, name, dscInit, platform)
+	err = r.reconcileDefaultNetworkPolicy(ctx, dscInit.Spec.ApplicationsNamespace, dscInit, platform)
 	if err != nil {
-		log.Error(err, "error reconciling network policy ", "name", name)
+		log.Error(err, "error reconciling network policy ", "name", dscInit.Spec.ApplicationsNamespace)
 		return err
 	}
 
 	// Create odh-common-config Configmap for the Namespace
-	err = r.createOdhCommonConfigMap(ctx, name, dscInit)
+	err = r.createOdhCommonConfigMap(ctx, dscInit.Spec.ApplicationsNamespace, dscInit)
 	if err != nil {
 		log.Error(err, "error creating configmap", "name", "odh-common-config")
 		return err
 	}
 
 	// Create default Rolebinding for the namespace
-	err = r.createDefaultRoleBinding(ctx, name, dscInit)
+	err = r.createDefaultRoleBinding(ctx, dscInit.Spec.ApplicationsNamespace, dscInit)
 	if err != nil {
-		log.Error(err, "error creating rolebinding", "name", name)
+		log.Error(err, "error creating rolebinding", "name", dscInit.Spec.ApplicationsNamespace)
 		return err
 	}
 	return nil