From 849502093e3c382c4049eca6a294c49497ce3853 Mon Sep 17 00:00:00 2001 From: Kimonas Sotirchos Date: Tue, 21 Jan 2025 08:35:28 +0000 Subject: [PATCH] review: Refactor delete_rolebindings_not_matching_profile_contributors --- src/profiles_management/create_or_update.py | 7 ++----- src/profiles_management/helpers/kfam.py | 20 ++++++-------------- 2 files changed, 8 insertions(+), 19 deletions(-) diff --git a/src/profiles_management/create_or_update.py b/src/profiles_management/create_or_update.py index 1b25fba..0f29535 100644 --- a/src/profiles_management/create_or_update.py +++ b/src/profiles_management/create_or_update.py @@ -100,10 +100,7 @@ def create_or_update_profiles( profiles.update_resource_quota(client, existing_profile, profile) log.info("Deleting RoleBindings that don't match Profile: %s", profile_name) - rbs = list_contributor_rolebindings(client, profile.name) - rbs = kfam.delete_rolebindings_not_matching_profile_contributors(client, profile, rbs) + kfam.delete_rolebindings_not_matching_profile_contributors(client, profile) log.info("Creating RoleBindings for Profile: %s", profile_name) - kfam.create_rolebindings_for_profile_contributors( - client, profile, existing_rolebindings=rbs - ) + kfam.create_rolebindings_for_profile_contributors(client, profile) diff --git a/src/profiles_management/helpers/kfam.py b/src/profiles_management/helpers/kfam.py index f0f9c36..97bbbbc 100644 --- a/src/profiles_management/helpers/kfam.py +++ b/src/profiles_management/helpers/kfam.py @@ -245,20 +245,15 @@ def kfam_resources_list_to_roles_dict( def delete_rolebindings_not_matching_profile_contributors( client: Client, profile: classes.Profile, - existing_rolebindings: List[RoleBinding], -) -> List[RoleBinding]: +) -> None: """Delete RoleBindings in the cluster that doesn't match Contributors in PMR Profile. Args: client: The lightkube client to use. profile: The PMR Profile to create RoleBindings based on its Contributors. - existing_rolebindings: RoleBindings in the cluster that will be evaluated for deletion. - - Returns: - The remaining resources, after removing the deleted ones from the existing_resources. """ + existing_rolebindings = list_contributor_rolebindings(client, profile.name) role_bindings_to_delete = [] - remaining_role_bindings = [] for rb in existing_rolebindings: if not resource_matches_profile_contributor(rb, profile): @@ -267,19 +262,15 @@ def delete_rolebindings_not_matching_profile_contributors( k8s.get_name(rb), ) role_bindings_to_delete.append(rb) - else: - remaining_role_bindings.append(rb) - - log.info("Deleting all resources that don't match the PMR.") - delete_many(client, role_bindings_to_delete, logger=log) - return remaining_role_bindings + if role_bindings_to_delete: + log.info("Deleting all resources that don't match the PMR.") + delete_many(client, role_bindings_to_delete, logger=log) def create_rolebindings_for_profile_contributors( client: Client, profile: classes.Profile, - existing_rolebindings: List[RoleBinding], ) -> None: """Create RoleBindings for all contributors defined in a Profile, in the PMR. @@ -292,6 +283,7 @@ def create_rolebindings_for_profile_contributors( existing_rolebindings: List of existing RoleBindings, to avoid doing redundant API requests """ + existing_rolebindings = list_contributor_rolebindings(client, profile.name) existing_contributor_roles = kfam_resources_list_to_roles_dict(existing_rolebindings) for contributor in profile.contributors or []: