Fix global test

apache · Nov 13, 2023 · 405f61a · 405f61a
1 parent 5e98c29
commit 405f61a
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 63 deletions.
diff --git a/e2e/support/test_support.go b/e2e/support/test_support.go
@@ -2375,7 +2375,7 @@ func CreateOperatorRole(ns string) (err error) {
 		// This should ideally be removed from the common RBAC manifest.
 		customizer = install.RemoveIngressRoleCustomizer
 	}
-	err = install.Resource(TestContext, TestClient(), ns, true, customizer, "/rbac/operator-role.yaml")
+	err = install.Resource(TestContext, TestClient(), ns, true, customizer, "/rbac/namespaced/operator-role.yaml")
 	if err != nil {
 		return err
 	}
@@ -2390,7 +2390,7 @@ func CreateOperatorRoleBinding(ns string) error {
 	if err != nil {
 		failTest(err)
 	}
-	err = install.Resource(TestContext, TestClient(), ns, true, install.IdentityResourceCustomizer, "/rbac/operator-role-binding.yaml")
+	err = install.Resource(TestContext, TestClient(), ns, true, install.IdentityResourceCustomizer, "/rbac/namespaced/operator-role-binding.yaml")
 	if err != nil {
 		return err
 	}

diff --git a/pkg/install/operator.go b/pkg/install/operator.go
@@ -21,7 +21,6 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"strings"
 
 	"github.com/spf13/cobra"
 
@@ -200,44 +199,6 @@ func OperatorOrCollect(ctx context.Context, cmd *cobra.Command, c client.Client,
 					envvar.SetVal(&d.Spec.Template.Spec.Containers[0].Env, "WATCH_NAMESPACE", "")
 				}
 			}
-
-			// Turn Role & RoleBinding into their equivalent cluster types
-			if r, ok := o.(*rbacv1.Role); ok {
-				if strings.HasPrefix(r.Name, "camel-k-operator") {
-					o = &rbacv1.ClusterRole{
-						ObjectMeta: metav1.ObjectMeta{
-							Namespace: cfg.Namespace,
-							Name:      r.Name,
-							Labels: map[string]string{
-								"app": "camel-k",
-							},
-						},
-						Rules: r.Rules,
-					}
-				}
-			}
-
-			if rb, ok := o.(*rbacv1.RoleBinding); ok {
-				if strings.HasPrefix(rb.Name, "camel-k-operator") {
-					rb.Subjects[0].Namespace = cfg.Namespace
-
-					o = &rbacv1.ClusterRoleBinding{
-						ObjectMeta: metav1.ObjectMeta{
-							Namespace: cfg.Namespace,
-							Name:      fmt.Sprintf("%s-%s", rb.Name, cfg.Namespace),
-							Labels: map[string]string{
-								"app": "camel-k",
-							},
-						},
-						Subjects: rb.Subjects,
-						RoleRef: rbacv1.RoleRef{
-							APIGroup: rb.RoleRef.APIGroup,
-							Kind:     "ClusterRole",
-							Name:     rb.RoleRef.Name,
-						},
-					}
-				}
-			}
 		}
 
 		if isOpenShift {
@@ -444,7 +405,7 @@ func installClusterRoleBinding(ctx context.Context, c client.Client, collection
 				bound = true
 
 				break
-			} else if subject.Namespace == "" {
+			} else if subject.Namespace == "" || subject.Namespace == "placeholder" {
 				target.Subjects[i].Namespace = namespace
 				bound = true
 
@@ -493,11 +454,18 @@ func installOpenShiftRoles(ctx context.Context, c client.Client, namespace strin
 
 func installKubernetesRoles(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/manager/operator-service-account.yaml",
 			"/rbac/descoped/operator-cluster-role.yaml",
-			"/rbac/descoped/operator-cluster-role-binding.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator", namespace),
+			"/rbac/descoped/operator-cluster-role-binding.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/manager/operator-service-account.yaml",
@@ -515,10 +483,17 @@ func installOperator(ctx context.Context, c client.Client, namespace string, cus
 
 func installKedaBindings(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/descoped/operator-cluster-role-keda.yaml",
-			"/rbac/descoped/operator-cluster-role-binding-keda.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator-keda", namespace),
+			"/rbac/descoped/operator-cluster-role-binding-keda.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/namespaced/operator-role-keda.yaml",
@@ -529,10 +504,17 @@ func installKedaBindings(ctx context.Context, c client.Client, namespace string,
 
 func installKnative(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/descoped/operator-cluster-role-knative.yaml",
-			"/rbac/descoped/operator-cluster-role-binding-knative.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator-knative", namespace),
+			"/rbac/descoped/operator-cluster-role-binding-knative.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/namespaced/operator-role-knative.yaml",
@@ -543,10 +525,17 @@ func installKnative(ctx context.Context, c client.Client, namespace string, cust
 
 func installEvents(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/descoped/operator-cluster-role-events.yaml",
-			"/rbac/descoped/operator-cluster-role-binding-events.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator-events", namespace),
+			"/rbac/descoped/operator-cluster-role-binding-events.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/namespaced/operator-role-events.yaml",
@@ -557,10 +546,17 @@ func installEvents(ctx context.Context, c client.Client, namespace string, custo
 
 func installPodMonitors(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/descoped/operator-cluster-role-podmonitors.yaml",
-			"/rbac/descoped/operator-cluster-role-binding-podmonitors.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator-podmonitors", namespace),
+			"/rbac/descoped/operator-cluster-role-binding-podmonitors.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/namespaced/operator-role-podmonitors.yaml",
@@ -571,10 +567,17 @@ func installPodMonitors(ctx context.Context, c client.Client, namespace string,
 
 func installStrimziBindings(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/descoped/operator-cluster-role-strimzi.yaml",
-			"/rbac/descoped/operator-cluster-role-binding-strimzi.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator-strimzi", namespace),
+			"/rbac/descoped/operator-cluster-role-binding-strimzi.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/namespaced/operator-role-strimzi.yaml",
@@ -592,10 +595,17 @@ func installMonitoringResources(ctx context.Context, c client.Client, namespace
 
 func installLeaseBindings(ctx context.Context, c client.Client, namespace string, customizer ResourceCustomizer, collection *kubernetes.Collection, force bool, global bool) error {
 	if global {
-		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
+		if err := ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/descoped/operator-cluster-role-leases.yaml",
-			"/rbac/descoped/operator-cluster-role-binding-leases.yaml",
-		)
+		); err != nil {
+			return err
+		}
+		if err := installClusterRoleBinding(ctx, c, collection, namespace,
+			fmt.Sprintf("%s-%s", "camel-k-operator-leases", namespace),
+			"/rbac/descoped/operator-cluster-role-binding-leases.yaml"); err != nil {
+			return err
+		}
+		return nil
 	} else {
 		return ResourcesOrCollect(ctx, c, namespace, collection, force, customizer,
 			"/rbac/namespaced/operator-role-leases.yaml",