fix(auth): fix wait-local-sync post start hook blocking problem

TomatoAres · May 13, 2020 · a3c4dc4 · a3c4dc4
1 parent 563e07b
commit a3c4dc4
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 19 deletions.
diff --git a/pkg/auth/apiserver/apiserver.go b/pkg/auth/apiserver/apiserver.go
@@ -226,7 +226,7 @@ func (c completedConfig) registerHooks(dexHandler *identityprovider.DexHander, s
 
  apiSigningKeyHook := authenticator.NewAPISigningKeyHookHandler(authClient)
 
- localIdpHook := local.NewLocalHookHandler(authClient, c.ExtraConfig.VersionedInformers)
+ localIdpHook := local.NewLocalHookHandler(authClient)
  ldapIdpHook := ldap.NewLdapHookHandler(authClient)
 
  authVersionedClient := versionedclientset.NewForConfigOrDie(s.LoopbackClientConfig)

diff --git a/pkg/auth/authentication/oidc/identityprovider/local/hook_local.go b/pkg/auth/authentication/oidc/identityprovider/local/hook_local.go
@@ -26,39 +26,24 @@ import (
  "k8s.io/apimachinery/pkg/fields"
  "k8s.io/apimachinery/pkg/util/wait"
  genericapiserver "k8s.io/apiserver/pkg/server"
- "k8s.io/client-go/tools/cache"
-
  authinternalclient "tkestack.io/tke/api/client/clientset/internalversion/typed/auth/internalversion"
- versionedinformers "tkestack.io/tke/api/client/informers/externalversions"
- authv1informer "tkestack.io/tke/api/client/informers/externalversions/auth/v1"
  "tkestack.io/tke/pkg/auth/authentication/oidc/identityprovider"
  "tkestack.io/tke/pkg/util/log"
 )
 
 type localHookHandler struct {
  authClient authinternalclient.AuthInterface
-
- versionedInformers versionedinformers.SharedInformerFactory
- localIdentityInformer authv1informer.LocalIdentityInformer
- localGroupInformer authv1informer.LocalGroupInformer
 }
 
 // NewLocalHookHandler creates a new localHookHandler object.
-func NewLocalHookHandler(authClient authinternalclient.AuthInterface, versionedInformers versionedinformers.SharedInformerFactory) genericapiserver.PostStartHookProvider {
+func NewLocalHookHandler(authClient authinternalclient.AuthInterface) genericapiserver.PostStartHookProvider {
  return &localHookHandler{
- authClient: authClient,
- versionedInformers: versionedInformers,
- localIdentityInformer: versionedInformers.Auth().V1().LocalIdentities(),
- localGroupInformer: versionedInformers.Auth().V1().LocalGroups(),
+ authClient: authClient,
  }
 }
 
 func (d *localHookHandler) PostStartHook() (string, genericapiserver.PostStartHookFunc, error) {
  return "wait-local-sync", func(ctx genericapiserver.PostStartHookContext) error {
- if ok := cache.WaitForCacheSync(ctx.StopCh, d.localIdentityInformer.Informer().HasSynced, d.localGroupInformer.Informer().HasSynced); !ok {
- log.Error("Failed to wait for local identity and group caches to sync")
- }
-
  go wait.JitterUntil(func() {
  tenantUserSelector := fields.AndSelectors(
  fields.OneTermEqualSelector("spec.type", ConnectorType),
@@ -84,7 +69,6 @@ func (d *localHookHandler) PostStartHook() (string, genericapiserver.PostStartHo
  log.Info("load local identity provider successfully", log.String("idp", conn.Name))
  }
  }, 30*time.Second, 0.0, false, ctx.StopCh)
-
  return nil
  }, nil
 }