Remove unnecessary ClusterRole requirements for nodes and persistentv…

…olumes

config/rbac/role.yaml

@@ -7,7 +7,6 @@ rules:
 - apiGroups:
   - ""
   resources:
-  - nodes
   - persistentvolumes
   verbs:
   - get

internal/controllers/cassandra/cassandradatacenter_controller.go

@@ -60,7 +60,7 @@ var (
 // +kubebuilder:rbac:groups=apps,namespace=cass-operator,resources=deployments/finalizers,verbs=update
 // +kubebuilder:rbac:groups=core,namespace=cass-operator,resources=pods;endpoints;services;configmaps;secrets;persistentvolumeclaims;events,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=core,namespace=cass-operator,resources=namespaces,verbs=get
-// +kubebuilder:rbac:groups=core,resources=persistentvolumes;nodes,verbs=get;list;watch
+// +kubebuilder:rbac:groups=core,resources=persistentvolumes,verbs=get;list;watch
 // +kubebuilder:rbac:groups=storage.k8s.io,resources=storageclasses,verbs=get;list;watch
 // +kubebuilder:rbac:groups=policy,namespace=cass-operator,resources=poddisruptionbudgets,verbs=get;list;watch;create;update;patch;delete
 

pkg/utils/k8s_utils.go

@@ -5,9 +5,6 @@ import (
 	"os"
 	"strings"
 
-	corev1 "k8s.io/api/core/v1"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
@@ -44,129 +41,6 @@ func IntersectionStringSet(a, b StringSet) StringSet {
 	return result
 }
 
-// k8s Node helper functions
-func GetNodeNameSet(nodes []*corev1.Node) StringSet {
-	result := StringSet{}
-	for _, node := range nodes {
-		result[node.Name] = true
-	}
-	return result
-}
-
-func hasTaint(node *corev1.Node, taintKey, value string, effect corev1.TaintEffect) bool {
-	for _, taint := range node.Spec.Taints {
-		if taint.Key == taintKey && taint.Effect == effect {
-			if taint.Value == value {
-				return true
-			}
-		}
-	}
-	return false
-}
-
-func FilterNodesWithFn(nodes []*corev1.Node, fn func(*corev1.Node) bool) []*corev1.Node {
-	result := []*corev1.Node{}
-	for _, node := range nodes {
-		if fn(node) {
-			result = append(result, node)
-		}
-	}
-	return result
-}
-
-func FilterNodesWithTaintKeyValueEffect(nodes []*corev1.Node, taintKey, value string, effect corev1.TaintEffect) []*corev1.Node {
-	return FilterNodesWithFn(nodes, func(node *corev1.Node) bool {
-		return hasTaint(node, taintKey, value, effect)
-	})
-}
-
-// k8s Pod helper functions
-func IsPodUnschedulable(pod *corev1.Pod) bool {
-	for _, condition := range pod.Status.Conditions {
-		if condition.Reason == corev1.PodReasonUnschedulable &&
-			condition.Type == corev1.PodScheduled &&
-			condition.Status == corev1.ConditionFalse {
-			return true
-		}
-	}
-	return false
-}
-
-func GetPodNameSet(pods []*corev1.Pod) StringSet {
-	names := StringSet{}
-	for _, pod := range pods {
-		names[pod.Name] = true
-	}
-
-	return names
-}
-
-func GetPodNodeNameSet(pods []*corev1.Pod) StringSet {
-	names := StringSet{}
-	for _, pod := range pods {
-		names[pod.Spec.NodeName] = true
-	}
-	return names
-}
-
-func FilterPodsWithFn(pods []*corev1.Pod, fn func(*corev1.Pod) bool) []*corev1.Pod {
-	result := []*corev1.Pod{}
-	for _, pod := range pods {
-		if fn(pod) {
-			result = append(result, pod)
-		}
-	}
-	return result
-}
-
-func FilterPodsWithNodeInNameSet(pods []*corev1.Pod, nameSet StringSet) []*corev1.Pod {
-	return FilterPodsWithFn(pods, func(pod *corev1.Pod) bool {
-		return nameSet[pod.Spec.NodeName]
-	})
-}
-
-func FilterPodsWithAnnotationKey(pods []*corev1.Pod, key string) []*corev1.Pod {
-	return FilterPodsWithFn(pods, func(pod *corev1.Pod) bool {
-		annos := pod.ObjectMeta.Annotations
-		if annos != nil {
-			_, ok := annos[key]
-			return ok
-		}
-		return false
-	})
-}
-
-func FilterPodsWithLabel(pods []*corev1.Pod, label, value string) []*corev1.Pod {
-	return FilterPodsWithFn(pods, func(pod *corev1.Pod) bool {
-		labels := pod.Labels
-		if labels != nil {
-			labelValue, ok := labels[label]
-			return ok && labelValue == value
-		}
-		return false
-	})
-}
-
-// k8s PVC helpers
-func FilterPVCsWithFn(pvcs []*corev1.PersistentVolumeClaim, fn func(*corev1.PersistentVolumeClaim) bool) []*corev1.PersistentVolumeClaim {
-	result := []*corev1.PersistentVolumeClaim{}
-	for _, pvc := range pvcs {
-		if fn(pvc) {
-			result = append(result, pvc)
-		}
-	}
-	return result
-}
-
-func GetPVCSelectedNodeName(pvc *corev1.PersistentVolumeClaim) string {
-	annos := pvc.Annotations
-	if annos == nil {
-		annos = map[string]string{}
-	}
-	pvcNode := annos["volume.kubernetes.io/selected-node"]
-	return pvcNode
-}
-
 //
 // Migrated from operator-sdk, these are internal in newer versions
 //
@@ -228,43 +102,3 @@ func GetOperatorNamespace() (string, error) {
 func isRunModeLocal() bool {
 	return os.Getenv(ForceRunModeEnv) == string(LocalRunMode)
 }
-
-// GetGVKsFromAddToScheme takes in the runtime scheme and filters out all generic apimachinery meta types.
-// It returns just the GVK specific to this scheme.
-func GetGVKsFromAddToScheme(addToSchemeFunc func(*runtime.Scheme) error) ([]schema.GroupVersionKind, error) {
-	s := runtime.NewScheme()
-	err := addToSchemeFunc(s)
-	if err != nil {
-		return nil, err
-	}
-	schemeAllKnownTypes := s.AllKnownTypes()
-	ownGVKs := []schema.GroupVersionKind{}
-	for gvk := range schemeAllKnownTypes {
-		if !isKubeMetaKind(gvk.Kind) {
-			ownGVKs = append(ownGVKs, gvk)
-		}
-	}
-
-	return ownGVKs, nil
-}
-
-func isKubeMetaKind(kind string) bool {
-	if strings.HasSuffix(kind, "List") ||
-		kind == "PatchOptions" ||
-		kind == "GetOptions" ||
-		kind == "DeleteOptions" ||
-		kind == "ExportOptions" ||
-		kind == "APIVersions" ||
-		kind == "APIGroupList" ||
-		kind == "APIResourceList" ||
-		kind == "UpdateOptions" ||
-		kind == "CreateOptions" ||
-		kind == "Status" ||
-		kind == "WatchEvent" ||
-		kind == "ListOptions" ||
-		kind == "APIGroup" {
-		return true
-	}
-
-	return false
-}