fix(platform): resource watch and deletecollection validate tencentid (…

…tkestack#2319) Co-authored-by: xdonggao <[email protected]> (cherry picked from commit e0e2b8b)
GaoXiaodong · Jun 6, 2024 · bfa6771 · bfa6771
1 parent 951d53b
commit bfa6771
Show file tree

Hide file tree

Showing 7 changed files with 52 additions and 12 deletions.
diff --git a/pkg/platform/registry/cluster/storage/storage.go b/pkg/platform/registry/cluster/storage/storage.go
@@ -243,7 +243,8 @@ func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.Valid
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, apierrors.NewMethodNotSupported(platform.Resource("clusters"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // Get finds a resource in the storage by name and returns it.
@@ -395,7 +396,6 @@ func (r *StatusREST) New() runtime.Object {
 
 // Get retrieves the object from the storage. It is required to support Patch.
 func (r *StatusREST) Get(ctx context.Context, name string, options *metav1.GetOptions) (runtime.Object, error) {
-	log.Infof("---tao-----status")
 	return ValidateGetObjectAndTenantID(ctx, r.store, name, options)
 }
 

diff --git a/pkg/platform/registry/clustercredential/storage/storage.go b/pkg/platform/registry/clustercredential/storage/storage.go
@@ -143,7 +143,8 @@ func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.Valid
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, errors.NewMethodNotSupported(platform.Resource("clustercredentials"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // Get finds a resource in the storage by name and returns it.

diff --git a/pkg/platform/registry/cronhpa/storage/storage.go b/pkg/platform/registry/cronhpa/storage/storage.go
@@ -24,6 +24,7 @@ import (
 	metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
@@ -153,13 +154,20 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va
 	return r.Store.Delete(ctx, name, deleteValidation, options)
 }
 
+// Watch selects resources in the storage which match to the selector. 'options' can be nil.
+func (r *REST) Watch(ctx context.Context, options *metainternal.ListOptions) (watch.Interface, error) {
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, options)
+	return r.Store.Watch(ctx, wrappedOptions)
+}
+
 // DeleteCollection selects all resources in the storage matching given 'listOptions'
 // and deletes them.
 func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) {
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, errors.NewMethodNotSupported(platform.Resource("cronhpas"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // StatusREST implements the REST endpoint for changing the status of a CronHPA.

diff --git a/pkg/platform/registry/csioperator/storage/storage.go b/pkg/platform/registry/csioperator/storage/storage.go
@@ -23,17 +23,17 @@ import (
 	"k8s.io/apimachinery/pkg/api/errors"
 	"tkestack.io/tke/pkg/apiserver/authentication"
 
-	apiserverutil "tkestack.io/tke/pkg/apiserver/util"
-	"tkestack.io/tke/pkg/platform/registry/csioperator"
-	"tkestack.io/tke/pkg/platform/util"
-
 	metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
 	"tkestack.io/tke/api/platform"
+	apiserverutil "tkestack.io/tke/pkg/apiserver/util"
+	"tkestack.io/tke/pkg/platform/registry/csioperator"
+	"tkestack.io/tke/pkg/platform/util"
 	"tkestack.io/tke/pkg/util/log"
 )
 
@@ -155,13 +155,20 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va
 	return r.Store.Delete(ctx, name, deleteValidation, options)
 }
 
+// Watch selects resources in the storage which match to the selector. 'options' can be nil.
+func (r *REST) Watch(ctx context.Context, options *metainternal.ListOptions) (watch.Interface, error) {
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, options)
+	return r.Store.Watch(ctx, wrappedOptions)
+}
+
 // DeleteCollection selects all resources in the storage matching given 'listOptions'
 // and deletes them.
 func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) {
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, errors.NewMethodNotSupported(platform.Resource("csioperators"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // StatusREST implements the REST endpoint for changing the status of a LogCollector.

diff --git a/pkg/platform/registry/machine/storage/storage.go b/pkg/platform/registry/machine/storage/storage.go
@@ -25,6 +25,7 @@ import (
 	metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
@@ -272,13 +273,20 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va
 	return r.Store.Delete(ctx, name, deleteValidation, options)
 }
 
+// Watch selects resources in the storage which match to the selector. 'options' can be nil.
+func (r *REST) Watch(ctx context.Context, options *metainternal.ListOptions) (watch.Interface, error) {
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, options)
+	return r.Store.Watch(ctx, wrappedOptions)
+}
+
 // DeleteCollection selects all resources in the storage matching given 'listOptions'
 // and deletes them.
 func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) {
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, apierrors.NewMethodNotSupported(platform.Resource("machines"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // StatusREST implements the REST endpoint for changing the status of a

diff --git a/pkg/platform/registry/persistentevent/storage/storage.go b/pkg/platform/registry/persistentevent/storage/storage.go
@@ -24,6 +24,7 @@ import (
 	metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
@@ -152,13 +153,20 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va
 	return r.Store.Delete(ctx, name, deleteValidation, options)
 }
 
+// Watch selects resources in the storage which match to the selector. 'options' can be nil.
+func (r *REST) Watch(ctx context.Context, options *metainternal.ListOptions) (watch.Interface, error) {
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, options)
+	return r.Store.Watch(ctx, wrappedOptions)
+}
+
 // DeleteCollection selects all resources in the storage matching given 'listOptions'
 // and deletes them.
 func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) {
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, errors.NewMethodNotSupported(platform.Resource("persistentevents"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // StatusREST implements the REST endpoint for changing the status of a replication controller

diff --git a/pkg/platform/registry/tappcontroller/storage/storage.go b/pkg/platform/registry/tappcontroller/storage/storage.go
@@ -24,6 +24,7 @@ import (
 	metainternal "k8s.io/apimachinery/pkg/apis/meta/internalversion"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/watch"
 	genericregistry "k8s.io/apiserver/pkg/registry/generic"
 	"k8s.io/apiserver/pkg/registry/generic/registry"
 	"k8s.io/apiserver/pkg/registry/rest"
@@ -153,13 +154,20 @@ func (r *REST) Delete(ctx context.Context, name string, deleteValidation rest.Va
 	return r.Store.Delete(ctx, name, deleteValidation, options)
 }
 
+// Watch selects resources in the storage which match to the selector. 'options' can be nil.
+func (r *REST) Watch(ctx context.Context, options *metainternal.ListOptions) (watch.Interface, error) {
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, options)
+	return r.Store.Watch(ctx, wrappedOptions)
+}
+
 // DeleteCollection selects all resources in the storage matching given 'listOptions'
 // and deletes them.
 func (r *REST) DeleteCollection(ctx context.Context, deleteValidation rest.ValidateObjectFunc, options *metav1.DeleteOptions, listOptions *metainternal.ListOptions) (runtime.Object, error) {
 	if !authentication.IsAdministrator(ctx, r.privilegedUsername) {
 		return nil, errors.NewMethodNotSupported(platform.Resource("tappcontrollers"), "delete collection")
 	}
-	return r.Store.DeleteCollection(ctx, deleteValidation, options, listOptions)
+	wrappedOptions := apiserverutil.PredicateListOptions(ctx, listOptions)
+	return r.Store.DeleteCollection(ctx, deleteValidation, options, wrappedOptions)
 }
 
 // StatusREST implements the REST endpoint for changing the status of a tapp controller.