mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
Merge pull request #42519 from jbeda/fix-tokencleaner
Automatic merge from submit-queue Small fix to the bootstrap TokenCleaner Accidentally missed setting options and so the TokenCleaner was in a retry loop. Also moved from using an explicit timer over cached values vs. relying on a short resync timeout. ```release-note ``` Putting this in the 1.6 milestone as this is clearly a bug fix in a new feature.
This commit is contained in:
commit
b70a5b19cf
@ -25,6 +25,7 @@ import (
|
|||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
"k8s.io/apimachinery/pkg/fields"
|
"k8s.io/apimachinery/pkg/fields"
|
||||||
"k8s.io/apimachinery/pkg/runtime"
|
"k8s.io/apimachinery/pkg/runtime"
|
||||||
|
"k8s.io/apimachinery/pkg/util/wait"
|
||||||
"k8s.io/apimachinery/pkg/watch"
|
"k8s.io/apimachinery/pkg/watch"
|
||||||
clientset "k8s.io/client-go/kubernetes"
|
clientset "k8s.io/client-go/kubernetes"
|
||||||
"k8s.io/client-go/pkg/api"
|
"k8s.io/client-go/pkg/api"
|
||||||
@ -47,7 +48,9 @@ type TokenCleanerOptions struct {
|
|||||||
// DefaultTokenCleanerOptions returns a set of default options for creating a
|
// DefaultTokenCleanerOptions returns a set of default options for creating a
|
||||||
// TokenCleaner
|
// TokenCleaner
|
||||||
func DefaultTokenCleanerOptions() TokenCleanerOptions {
|
func DefaultTokenCleanerOptions() TokenCleanerOptions {
|
||||||
return TokenCleanerOptions{}
|
return TokenCleanerOptions{
|
||||||
|
TokenSecretNamespace: api.NamespaceSystem,
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// TokenCleaner is a controller that deletes expired tokens
|
// TokenCleaner is a controller that deletes expired tokens
|
||||||
@ -97,9 +100,16 @@ func NewTokenCleaner(cl clientset.Interface, options TokenCleanerOptions) *Token
|
|||||||
// Run runs controller loops and returns when they are done
|
// Run runs controller loops and returns when they are done
|
||||||
func (tc *TokenCleaner) Run(stopCh <-chan struct{}) {
|
func (tc *TokenCleaner) Run(stopCh <-chan struct{}) {
|
||||||
go tc.secretsController.Run(stopCh)
|
go tc.secretsController.Run(stopCh)
|
||||||
|
go wait.Until(tc.evalSecrets, 10*time.Second, stopCh)
|
||||||
<-stopCh
|
<-stopCh
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (tc *TokenCleaner) evalSecrets() {
|
||||||
|
for _, obj := range tc.secrets.List() {
|
||||||
|
tc.evalSecret(obj)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func (tc *TokenCleaner) evalSecret(o interface{}) {
|
func (tc *TokenCleaner) evalSecret(o interface{}) {
|
||||||
secret := o.(*v1.Secret)
|
secret := o.(*v1.Secret)
|
||||||
if isSecretExpired(secret) {
|
if isSecretExpired(secret) {
|
||||||
|
Loading…
Reference in New Issue
Block a user