apps/kubevpn
1
0
Fork 0
mirror of https://github.com/kubenetworks/kubevpn.git synced 2025-10-21 22:39:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: restore sa

Browse Source
This commit is contained in:
fengcaiwen
2023-02-16 21:01:55 +08:00
parent 674d4aeefe
commit 589f57afb0
4 changed files with 37 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/config/config.go
View File

@@ -33,6 +33,9 @@ const (
// env name // env name
EnvTunNameOrLUID = "TunNameOrLUID" EnvTunNameOrLUID = "TunNameOrLUID"
EnvInboundPodTunIP = "InboundPodTunIP" EnvInboundPodTunIP = "InboundPodTunIP"
// annotation
AnnoServiceAccountName = "service_account_name_backup_by_kubevpn"
) )
var ( var (

17
pkg/handler/envoy.go
View File

@@ -88,6 +88,11 @@ func InjectVPNAndEnvoySidecar(ctx1 context.Context, factory cmdutil.Factory, cli
Path: "/metadata/annotations/probe", Path: "/metadata/annotations/probe",
Value: b, Value: b,
}, },
{
Op: "replace",
Path: "/metadata/annotations/" + config.AnnoServiceAccountName,
Value: origin.Spec.ServiceAccountName,
},
} }
var bytes []byte var bytes []byte
bytes, err = json.Marshal(append(ps, removePatch...)) bytes, err = json.Marshal(append(ps, removePatch...))
@@ -131,6 +136,15 @@ func UnPatchContainer(factory cmdutil.Factory, mapInterface v12.ConfigMapInterfa
} }
if empty { if empty {
var anno map[string]string
anno, err = util.GetAnnotation(factory, namespace, workloads)
if err != nil {
return err
}
if v, ok := anno[config.AnnoServiceAccountName]; ok {
templateSpec.Spec.ServiceAccountName = v
}
mesh.RemoveContainers(templateSpec) mesh.RemoveContainers(templateSpec)
helper := pkgresource.NewHelper(object.Client, object.Mapping) helper := pkgresource.NewHelper(object.Client, object.Mapping)
var bytes []byte var bytes []byte
@@ -151,6 +165,9 @@ func UnPatchContainer(factory cmdutil.Factory, mapInterface v12.ConfigMapInterfa
return err return err
} }
_, err = helper.Patch(object.Namespace, object.Name, types.JSONPatchType, bytes, &metav1.PatchOptions{}) _, err = helper.Patch(object.Namespace, object.Name, types.JSONPatchType, bytes, &metav1.PatchOptions{})
if err != nil {
return err
}
} }
return err return err
} }

1
pkg/mesh/controller.go
View File

@@ -19,7 +19,6 @@ func RemoveContainers(spec *v1.PodTemplateSpec) {
i-- i--
} }
} }
spec.Spec.ServiceAccountName = ""
} }
func AddMeshContainer(spec *v1.PodTemplateSpec, ns, nodeId string, c util.PodRouteConfig) { func AddMeshContainer(spec *v1.PodTemplateSpec, ns, nodeId string, c util.PodRouteConfig) {

17
pkg/util/util.go
View File

@@ -39,6 +39,7 @@ import (
watchtools "k8s.io/client-go/tools/watch" watchtools "k8s.io/client-go/tools/watch"
"k8s.io/client-go/transport/spdy" "k8s.io/client-go/transport/spdy"
"k8s.io/kubectl/pkg/cmd/exec" "k8s.io/kubectl/pkg/cmd/exec"
"k8s.io/kubectl/pkg/cmd/util"
cmdutil "k8s.io/kubectl/pkg/cmd/util" cmdutil "k8s.io/kubectl/pkg/cmd/util"
"k8s.io/kubectl/pkg/polymorphichelpers" "k8s.io/kubectl/pkg/polymorphichelpers"
@@ -480,3 +481,19 @@ func IsPortListening(port int) bool {
return false return false
} }
} }
func GetAnnotation(f util.Factory, ns string, resources string) (map[string]string, error) {
ownerReference, err := GetTopOwnerReference(f, ns, resources)
if err != nil {
return nil, err
}
u, ok := ownerReference.Object.(*unstructured.Unstructured)
if !ok {
return nil, fmt.Errorf("can not convert to unstaructed")
}
annotations := u.GetAnnotations()
if annotations == nil {
annotations = map[string]string{}
}
return annotations, nil
}