Merge pull request #42519 from jbeda/fix-tokencleaner

Automatic merge from submit-queue

Small fix to the bootstrap TokenCleaner

Accidentally missed setting options and so the TokenCleaner was in a retry loop.  Also moved from using an explicit timer over cached values vs. relying on a short resync timeout.

```release-note
```

Putting this in the 1.6 milestone as this is clearly a bug fix in a new feature.
This commit is contained in:
Kubernetes Submit Queue 2017-03-04 10:42:24 -08:00 committed by GitHub
commit b70a5b19cf

View File

@ -25,6 +25,7 @@ import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/fields"
"k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apimachinery/pkg/watch" "k8s.io/apimachinery/pkg/watch"
clientset "k8s.io/client-go/kubernetes" clientset "k8s.io/client-go/kubernetes"
"k8s.io/client-go/pkg/api" "k8s.io/client-go/pkg/api"
@ -47,7 +48,9 @@ type TokenCleanerOptions struct {
// DefaultTokenCleanerOptions returns a set of default options for creating a // DefaultTokenCleanerOptions returns a set of default options for creating a
// TokenCleaner // TokenCleaner
func DefaultTokenCleanerOptions() TokenCleanerOptions { func DefaultTokenCleanerOptions() TokenCleanerOptions {
return TokenCleanerOptions{} return TokenCleanerOptions{
TokenSecretNamespace: api.NamespaceSystem,
}
} }
// TokenCleaner is a controller that deletes expired tokens // TokenCleaner is a controller that deletes expired tokens
@ -97,9 +100,16 @@ func NewTokenCleaner(cl clientset.Interface, options TokenCleanerOptions) *Token
// Run runs controller loops and returns when they are done // Run runs controller loops and returns when they are done
func (tc *TokenCleaner) Run(stopCh <-chan struct{}) { func (tc *TokenCleaner) Run(stopCh <-chan struct{}) {
go tc.secretsController.Run(stopCh) go tc.secretsController.Run(stopCh)
go wait.Until(tc.evalSecrets, 10*time.Second, stopCh)
<-stopCh <-stopCh
} }
func (tc *TokenCleaner) evalSecrets() {
for _, obj := range tc.secrets.List() {
tc.evalSecret(obj)
}
}
func (tc *TokenCleaner) evalSecret(o interface{}) { func (tc *TokenCleaner) evalSecret(o interface{}) {
secret := o.(*v1.Secret) secret := o.(*v1.Secret)
if isSecretExpired(secret) { if isSecretExpired(secret) {