#71 Remove leader-election

The leader-election was not used, but needed special RBAC permissions.

CHANGELOG.md

@@ -10,6 +10,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Removed
 - [#71] Remove unused ClusterRole for reading metrics
+- [#71] Remove unused leader-election along with its RBAC permissions
 
 ## [v1.2.1] - 2024-11-04
 ### Fixed

k8s/helm/templates/deployment.yaml

@@ -47,7 +47,6 @@ spec:
         - args:
             - --health-probe-bind-address=:8081
             - --metrics-bind-address=127.0.0.1:8080
-            - --leader-elect
           env:
             - name: STAGE
               value: {{ quote .Values.manager.env.stage | default "production" }}

k8s/helm/templates/manager-config.yaml

@@ -14,6 +14,3 @@ data:
       bindAddress: 127.0.0.1:8080
     webhook:
       port: 9443
-    leaderElection:
-      leaderElect: true
-      resourceName: 951e217a.cloudogu.com

main.go

@@ -35,10 +35,9 @@ var (
 	scheme = runtime.NewScheme()
 	// set up the logger before the actual logger is instantiated
 	// the logger will be replaced later-on with a more sophisticated instance
-	operatorLog          = ctrl.Log.WithName("component-operator")
-	metricsAddr          string
-	enableLeaderElection bool
-	probeAddr            string
+	operatorLog = ctrl.Log.WithName("component-operator")
+	metricsAddr string
+	probeAddr   string
 )
 
 var (
@@ -132,9 +131,6 @@ func addRunners(k8sManager manager.Manager, clientSet ecosystem.ComponentEcosyst
 func getK8sManagerOptions(operatorConfig *config.OperatorConfig) manager.Options {
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
-	flag.BoolVar(&enableLeaderElection, "leader-elect", false,
-		"Enable leader election for controller manager. "+
-			"Enabling this will ensure there is only one active controller manager.")
 
 	options := ctrl.Options{
 		Scheme:  scheme,
@@ -148,8 +144,6 @@ func getK8sManagerOptions(operatorConfig *config.OperatorConfig) manager.Options
 		}},
 		WebhookServer:          webhook.NewServer(webhook.Options{Port: 9443}),
 		HealthProbeBindAddress: probeAddr,
-		LeaderElection:         enableLeaderElection,
-		LeaderElectionID:       "951e217a.cloudogu.com",
 	}
 
 	return options

pkg/controllers/componentController.go

@@ -335,7 +335,6 @@ func (r *ComponentReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	options := controller.TypedOptions[reconcile.Request]{
 		SkipNameValidation: controllerOptions.SkipNameValidation,
 		RecoverPanic:       controllerOptions.RecoverPanic,
-		NeedLeaderElection: controllerOptions.NeedLeaderElection,
 	}
 
 	return ctrl.NewControllerManagedBy(mgr).

pkg/labels/testdata/doguOp.yaml

@@ -49,9 +49,6 @@ data:
       bindAddress: 127.0.0.1:8080
     webhook:
       port: 9443
-    leaderElection:
-      leaderElect: true
-      resourceName: 951e217a.cloudogu.com
 ---
 # Source: k8s-dogu-operator/templates/cluster-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
@@ -113,51 +110,6 @@ subjects:
     name: 'k8s-dogu-operator-controller-manager'
     namespace: 'ecosystem'
 ---
-# Source: k8s-dogu-operator/templates/leader-election-rbac.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: k8s-dogu-operator-leader-election-role
-  labels:
-    app: ces
-    app.kubernetes.io/name: k8s-dogu-operator
-    app.kubernetes.io/instance: release-name
-    helm.sh/chart: k8s-dogu-operator-0.40.0-dev
-    app.kubernetes.io/version: "0.40.0-dev"
-    app.kubernetes.io/managed-by: Helm
-rules:
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - update
-      - patch
-      - delete
-  - apiGroups:
-      - coordination.k8s.io
-    resources:
-      - leases
-    verbs:
-      - get
-      - list
-      - watch
-      - create
-      - update
-      - patch
-      - delete
-  - apiGroups:
-      - ""
-    resources:
-      - events
-    verbs:
-      - create
-      - patch
----
 # Source: k8s-dogu-operator/templates/manager-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -204,27 +156,6 @@ rules:
     verbs:
       - create
 ---
-# Source: k8s-dogu-operator/templates/leader-election-rbac.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: k8s-dogu-operator-leader-election-rolebinding
-  labels:
-    app: ces
-    app.kubernetes.io/name: k8s-dogu-operator
-    app.kubernetes.io/instance: release-name
-    helm.sh/chart: k8s-dogu-operator-0.40.0-dev
-    app.kubernetes.io/version: "0.40.0-dev"
-    app.kubernetes.io/managed-by: Helm
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: 'k8s-dogu-operator-leader-election-role'
-subjects:
-  - kind: ServiceAccount
-    name: 'k8s-dogu-operator-controller-manager'
-    namespace: 'ecosystem'
----
 # Source: k8s-dogu-operator/templates/manager-rbac.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
@@ -344,7 +275,6 @@ spec:
         - args:
             - --health-probe-bind-address=:8081
             - --metrics-bind-address=127.0.0.1:8080
-            - --leader-elect
           env:
             - name: STAGE
               value: "development"

pkg/labels/testdata/doguOpWithLabels.yaml

@@ -41,9 +41,6 @@ data:
       bindAddress: 127.0.0.1:8080
     webhook:
       port: 9443
-    leaderElection:
-      leaderElect: true
-      resourceName: 951e217a.cloudogu.com
 kind: ConfigMap
 metadata:
   labels:
@@ -123,53 +120,6 @@ subjects:
   name: k8s-dogu-operator-controller-manager
   namespace: ecosystem
 
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  labels:
-    app: ces
-    app.kubernetes.io/instance: release-name
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/name: k8s-dogu-operator
-    app.kubernetes.io/version: 0.40.0-dev
-    helm.sh/chart: k8s-dogu-operator-0.40.0-dev
-    k8s.cloudogu.com/component.name: k8s-dogu-operator
-    k8s.cloudogu.com/component.version: 1.2.3-4
-  name: k8s-dogu-operator-leader-election-role
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - configmaps
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - coordination.k8s.io
-  resources:
-  - leases
-  verbs:
-  - get
-  - list
-  - watch
-  - create
-  - update
-  - patch
-  - delete
-- apiGroups:
-  - ""
-  resources:
-  - events
-  verbs:
-  - create
-  - patch
-
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
@@ -221,27 +171,6 @@ rules:
   - create
 
 ---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  labels:
-    app: ces
-    app.kubernetes.io/instance: release-name
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/name: k8s-dogu-operator
-    app.kubernetes.io/version: 0.40.0-dev
-    helm.sh/chart: k8s-dogu-operator-0.40.0-dev
-    k8s.cloudogu.com/component.name: k8s-dogu-operator
-    k8s.cloudogu.com/component.version: 1.2.3-4
-  name: k8s-dogu-operator-leader-election-rolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: k8s-dogu-operator-leader-election-role
-subjects:
-- kind: ServiceAccount
-  name: k8s-dogu-operator-controller-manager
-  namespace: ecosystem
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1
@@ -370,7 +299,6 @@ spec:
       - args:
         - --health-probe-bind-address=:8081
         - --metrics-bind-address=127.0.0.1:8080
-        - --leader-elect
         env:
         - name: STAGE
           value: development