diff --git a/pkg/controller/integrationkit/build.go b/pkg/controller/integrationkit/build.go index 9973c2043b..da534c672b 100644 --- a/pkg/controller/integrationkit/build.go +++ b/pkg/controller/integrationkit/build.go @@ -155,13 +155,6 @@ func (action *buildAction) createBuild(ctx context.Context, kit *v1.IntegrationK } } - //nolint:contextcheck - if buildConfig.Strategy == v1.BuildStrategyPod { - err = platform.CreateBuilderServiceAccount(env.Ctx, env.Client, env.Platform) - if err != nil { - return nil, fmt.Errorf("error while creating Camel K Builder service account: %w", err) - } - } // The build operation, when executed as a Pod, should be executed by a container image containing the // `kamel builder` command. Likely the same image running the operator should be fine. buildConfig.ToolImage = platform.OperatorImage diff --git a/pkg/install/builder.go b/pkg/install/builder.go deleted file mode 100644 index 44a9f238c1..0000000000 --- a/pkg/install/builder.go +++ /dev/null @@ -1,57 +0,0 @@ -/* -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package install - -import ( - "context" - - v1 "github.com/apache/camel-k/v2/pkg/apis/camel/v1" - "github.com/apache/camel-k/v2/pkg/client" -) - -// BuilderServiceAccountRoles installs the builder service account and related roles in the given namespace. -func BuilderServiceAccountRoles(ctx context.Context, c client.Client, namespace string, cluster v1.IntegrationPlatformCluster) error { - if cluster == v1.IntegrationPlatformClusterOpenShift { - if err := installBuilderServiceAccountRolesOpenShift(ctx, c, namespace); err != nil { - return err - } - } else { - if err := installBuilderServiceAccountRolesKubernetes(ctx, c, namespace); err != nil { - return err - } - } - return nil -} - -func installBuilderServiceAccountRolesOpenShift(ctx context.Context, c client.Client, namespace string) error { - return ResourcesOrCollect(ctx, c, namespace, nil, true, IdentityResourceCustomizer, - "/resources/builder/builder-service-account.yaml", - "/resources/builder/builder-role.yaml", - "/resources/builder/builder-role-binding.yaml", - "/resources/builder/builder-role-openshift.yaml", - "/resources/builder/builder-role-binding-openshift.yaml", - ) -} - -func installBuilderServiceAccountRolesKubernetes(ctx context.Context, c client.Client, namespace string) error { - return ResourcesOrCollect(ctx, c, namespace, nil, true, IdentityResourceCustomizer, - "/resources/builder/builder-service-account.yaml", - "/resources/builder/builder-role.yaml", - "/resources/builder/builder-role-binding.yaml", - ) -} diff --git a/pkg/platform/defaults.go b/pkg/platform/defaults.go index 66398013a6..ebb09c3d7f 100644 --- a/pkg/platform/defaults.go +++ b/pkg/platform/defaults.go @@ -19,7 +19,6 @@ package platform import ( "context" - "fmt" "runtime" "strings" "time" @@ -30,11 +29,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" - ctrl "sigs.k8s.io/controller-runtime/pkg/client" - v1 "github.com/apache/camel-k/v2/pkg/apis/camel/v1" "github.com/apache/camel-k/v2/pkg/client" - "github.com/apache/camel-k/v2/pkg/install" "github.com/apache/camel-k/v2/pkg/kamelet/repository" "github.com/apache/camel-k/v2/pkg/util/defaults" "github.com/apache/camel-k/v2/pkg/util/log" @@ -109,12 +105,6 @@ func ConfigureDefaults(ctx context.Context, c client.Client, p *v1.IntegrationPl return err } - if p.Status.Build.BuildConfiguration.Strategy == v1.BuildStrategyPod { - if err := CreateBuilderServiceAccount(ctx, c, p); err != nil { - return fmt.Errorf("cannot ensure service account is present: %w", err) - } - } - err = configureRegistry(ctx, c, p, verbose) if err != nil { return err @@ -131,22 +121,6 @@ func ConfigureDefaults(ctx context.Context, c client.Client, p *v1.IntegrationPl return nil } -func CreateBuilderServiceAccount(ctx context.Context, client client.Client, p *v1.IntegrationPlatform) error { - log.Debugf("Integration Platform %s [%s]: creating build service account", p.Name, p.Namespace) - sa := corev1.ServiceAccount{} - key := ctrl.ObjectKey{ - Name: BuilderServiceAccount, - Namespace: p.Namespace, - } - - err := client.Get(ctx, key, &sa) - if err != nil && k8serrors.IsNotFound(err) { - return install.BuilderServiceAccountRoles(ctx, client, p.Namespace, p.Status.Cluster) - } - - return err -} - func configureRegistry(ctx context.Context, c client.Client, p *v1.IntegrationPlatform, verbose bool) error { if p.Status.Cluster == v1.IntegrationPlatformClusterOpenShift && p.Status.Build.PublishStrategy != v1.IntegrationPlatformBuildPublishStrategyS2I && diff --git a/pkg/resources/resources/builder/builder-role-binding-openshift.yaml b/pkg/resources/config/manager/builder-role-binding-openshift.yaml similarity index 100% rename from pkg/resources/resources/builder/builder-role-binding-openshift.yaml rename to pkg/resources/config/manager/builder-role-binding-openshift.yaml diff --git a/pkg/resources/resources/builder/builder-role-binding.yaml b/pkg/resources/config/manager/builder-role-binding.yaml similarity index 100% rename from pkg/resources/resources/builder/builder-role-binding.yaml rename to pkg/resources/config/manager/builder-role-binding.yaml diff --git a/pkg/resources/resources/builder/builder-role-openshift.yaml b/pkg/resources/config/manager/builder-role-openshift.yaml similarity index 100% rename from pkg/resources/resources/builder/builder-role-openshift.yaml rename to pkg/resources/config/manager/builder-role-openshift.yaml diff --git a/pkg/resources/resources/builder/builder-role.yaml b/pkg/resources/config/manager/builder-role.yaml similarity index 100% rename from pkg/resources/resources/builder/builder-role.yaml rename to pkg/resources/config/manager/builder-role.yaml diff --git a/pkg/resources/resources/builder/builder-service-account.yaml b/pkg/resources/config/manager/builder-service-account.yaml similarity index 100% rename from pkg/resources/resources/builder/builder-service-account.yaml rename to pkg/resources/config/manager/builder-service-account.yaml diff --git a/pkg/resources/config/manager/kustomization.yaml b/pkg/resources/config/manager/kustomization.yaml index 895978ab4d..1ad4421c37 100644 --- a/pkg/resources/config/manager/kustomization.yaml +++ b/pkg/resources/config/manager/kustomization.yaml @@ -21,3 +21,8 @@ kind: Kustomization resources: - operator-deployment.yaml - operator-service-account.yaml +- builder-service-account.yaml +- builder-role.yaml +- builder-role-openshift.yaml +- builder-role-binding.yaml +- builder-role-binding-openshift.yaml diff --git a/pkg/resources/config/manager/patch-image-pull-policy-always.yaml b/pkg/resources/config/manager/patch-image-pull-policy-always.yaml deleted file mode 100644 index e03b90dc76..0000000000 --- a/pkg/resources/config/manager/patch-image-pull-policy-always.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# --------------------------------------------------------------------------- -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# --------------------------------------------------------------------------- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: camel-k-operator -spec: - template: - spec: - containers: - - name: camel-k-operator - imagePullPolicy: Always