Skip to content
This repository has been archived by the owner on Jan 19, 2024. It is now read-only.

Commit

Permalink
refactor: Remove service account check
Browse files Browse the repository at this point in the history
Signed-off-by: Raphael Ludwig <[email protected]>
  • Loading branch information
Raffy23 committed May 3, 2022
1 parent 7f43233 commit 5b376da
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 30 deletions.
22 changes: 2 additions & 20 deletions pkg/eventhandler/eventhandlers.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,6 @@ type K8s interface {
jobName string, maxPollDuration time.Duration, pollIntervalInSeconds time.Duration, namespace string,
) error
GetLogsOfPod(jobName string, namespace string) (string, error)
ExistsServiceAccount(saName string, namespace string) bool
}

// EventHandler contains all information needed to process an event
Expand Down Expand Up @@ -159,15 +158,9 @@ func (eh *EventHandler) startK8sJob(action *config.Action, jsonEventData interfa
start: time.Now(),
}

// To execute all tasks atomically, we check all images before we start executing a single task of a job
// Additionally we want to check if the job configuration is sound (like validating the specified serviceAccounts)
// To execute all tasks atomically, we check all images
// before we start executing a single task of a job
for _, task := range action.Tasks {

namespace := eh.JobSettings.JobNamespace
if len(task.Namespace) > 0 {
namespace = task.Namespace
}

if !eh.ImageFilter.IsImageAllowed(task.Image) {
errorText := fmt.Sprintf("Forbidden: Image %s does not match configured image allowlist.\n", task.Image)

Expand All @@ -178,17 +171,6 @@ func (eh *EventHandler) startK8sJob(action *config.Action, jsonEventData interfa

return
}

if task.ServiceAccount != nil && !eh.K8s.ExistsServiceAccount(*task.ServiceAccount, namespace) {
errorText := fmt.Sprintf("Error: service account %s does not exist!\n", *task.ServiceAccount)

log.Printf(errorText)
if !action.Silent {
sendTaskFailedEvent(eh.Keptn, task.Name, eh.ServiceName, errors.New(errorText), "")
}

return
}
}

for index, task := range action.Tasks {
Expand Down
10 changes: 0 additions & 10 deletions pkg/k8sutils/job.go
Original file line number Diff line number Diff line change
Expand Up @@ -442,13 +442,3 @@ func (k8s *K8sImpl) generateEnvFromSecret(env config.Env, namespace string) ([]v

return generatedEnv, nil
}

// ExistsServiceAccount returns true of the given service account exists in the namespace
func (k8s *K8sImpl) ExistsServiceAccount(saName string, namespace string) bool {
_, err := k8s.clientset.CoreV1().ServiceAccounts(namespace).Get(context.TODO(), saName, metav1.GetOptions{})
if err != nil {
return false
}

return true
}

0 comments on commit 5b376da

Please sign in to comment.