diff --git a/internal/policy/clusterpolicy_controller.go b/internal/policy/clusterpolicy_controller.go index 4f2e757..1e7521d 100644 --- a/internal/policy/clusterpolicy_controller.go +++ b/internal/policy/clusterpolicy_controller.go @@ -146,17 +146,18 @@ func (c *ClusterPolicyController) handleDeleteVarmorClusterPolicy(name string) e ap, err := c.varmorInterface.ArmorProfiles(varmorconfig.Namespace).Get(context.Background(), apName, metav1.GetOptions{}) if err != nil { if k8errors.IsNotFound(err) { - return nil + logger.Info("ArmorProfile object not found", "namespace", varmorconfig.Namespace, "name", apName) + } else { + logger.Error(err, "c.varmorInterface.ArmorProfiles().Get()") + return err + } + } else { + logger.Info("delete ArmorProfile") + err = c.varmorInterface.ArmorProfiles(varmorconfig.Namespace).Delete(context.Background(), apName, metav1.DeleteOptions{}) + if err != nil { + logger.Error(err, "ArmorProfile().Delete()") + return err } - logger.Error(err, "c.varmorInterface.ArmorProfiles().Get()") - return err - } - - logger.Info("delete ArmorProfile") - err = c.varmorInterface.ArmorProfiles(varmorconfig.Namespace).Delete(context.Background(), apName, metav1.DeleteOptions{}) - if err != nil { - logger.Error(err, "ArmorProfile().Delete()") - return err } if c.restartExistWorkloads && ap.Spec.UpdateExistingWorkloads { diff --git a/internal/policy/policy_controller.go b/internal/policy/policy_controller.go index 316182f..57e6a42 100644 --- a/internal/policy/policy_controller.go +++ b/internal/policy/policy_controller.go @@ -151,17 +151,18 @@ func (c *PolicyController) handleDeleteVarmorPolicy(namespace, name string) erro ap, err := c.varmorInterface.ArmorProfiles(namespace).Get(context.Background(), apName, metav1.GetOptions{}) if err != nil { if k8errors.IsNotFound(err) { - return nil + logger.Info("ArmorProfile object not found", "namespace", namespace, "name", apName) + } else { + logger.Error(err, "c.varmorInterface.ArmorProfiles().Get()") + return err + } + } else { + logger.Info("delete ArmorProfile") + err = c.varmorInterface.ArmorProfiles(namespace).Delete(context.Background(), apName, metav1.DeleteOptions{}) + if err != nil { + logger.Error(err, "ArmorProfile().Delete()") + return err } - logger.Error(err, "c.varmorInterface.ArmorProfiles().Get()") - return err - } - - logger.Info("delete ArmorProfile") - err = c.varmorInterface.ArmorProfiles(namespace).Delete(context.Background(), apName, metav1.DeleteOptions{}) - if err != nil { - logger.Error(err, "ArmorProfile().Delete()") - return err } if c.restartExistWorkloads && ap.Spec.UpdateExistingWorkloads { diff --git a/internal/profile/profile.go b/internal/profile/profile.go index 271f7c1..04a75b1 100644 --- a/internal/profile/profile.go +++ b/internal/profile/profile.go @@ -191,6 +191,7 @@ func GenerateProfile(policy varmor.Policy, name string, namespace string, varmor func NewArmorProfile(obj interface{}, varmorInterface varmorinterface.CrdV1beta1Interface, clusterScope bool) (*varmor.ArmorProfile, error) { ap := varmor.ArmorProfile{} + controller := true if clusterScope { vcp := obj.(*varmor.VarmorClusterPolicy) @@ -199,6 +200,15 @@ func NewArmorProfile(obj interface{}, varmorInterface varmorinterface.CrdV1beta1 ap.Name = profileName ap.Namespace = varmorconfig.Namespace ap.Labels = vcp.ObjectMeta.DeepCopy().Labels + ap.OwnerReferences = []metav1.OwnerReference{ + { + APIVersion: "crd.varmor.org/v1beta1", + Kind: "VarmorClusterPolicy", + Name: vcp.Name, + UID: vcp.UID, + Controller: &controller, + }, + } profile, err := GenerateProfile(vcp.Spec.Policy, ap.Name, ap.Namespace, varmorInterface, false) if err != nil { @@ -223,6 +233,15 @@ func NewArmorProfile(obj interface{}, varmorInterface varmorinterface.CrdV1beta1 ap.Name = profileName ap.Namespace = vp.Namespace ap.Labels = vp.ObjectMeta.DeepCopy().Labels + ap.OwnerReferences = []metav1.OwnerReference{ + { + APIVersion: "crd.varmor.org/v1beta1", + Kind: "VarmorPolicy", + Name: vp.Name, + UID: vp.UID, + Controller: &controller, + }, + } profile, err := GenerateProfile(vp.Spec.Policy, ap.Name, ap.Namespace, varmorInterface, false) if err != nil {