fix: Have chisel deployment owned by ExitNode, to fix cross-namespace…

… owner bug
FyraLabs · Aug 2, 2023 · 6f80c27 · 6f80c27
1 parent 3db49f4
commit 6f80c27
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/src/daemon.rs b/src/daemon.rs
@@ -79,6 +79,10 @@ async fn reconcile(obj: Arc<Service>, ctx: Arc<Context>) -> Result<Action, Recon
     let deployments: Api<Deployment> =
         Api::namespaced(ctx.client.clone(), &node.namespace().unwrap());
 
+    // TODO: We should refactor this such that each deployment of Chisel corresponds to an exit node
+    // Currently each deployment of Chisel corresponds to a service, which means duplicate deployments of Chisel
+    // This also caused some issues, where we (intuitively) made the owner ref of the deployment the service
+    // which breaks since a service can be in a seperate namespace from the deployment (k8s disallows this)
     let deployment_data = create_owned_deployment(&obj, &node)?;
     let serverside = PatchParams::apply("chisel-operator").validation_strict();
     let _deployment = deployments

diff --git a/src/deployment.rs b/src/deployment.rs
@@ -219,7 +219,7 @@ pub fn create_owned_deployment(
     exit_node: &ExitNode,
 ) -> Result<Deployment, ReconcileError> {
     // We can unwrap safely since this object is from the API server
-    let oref = source.controller_owner_ref(&()).unwrap();
+    let oref = exit_node.controller_owner_ref(&()).unwrap();
     // We can unwrap safely since Service is guaranteed to have a name
     let service_name = source.metadata.name.as_ref().unwrap();