fix PSS label reset issue

Signed-off-by: Varsha B <[email protected]>

Author: varshab1210

controllers/gitopsservice_controller.go

@@ -50,6 +50,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/event"
+	"sigs.k8s.io/controller-runtime/pkg/handler"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/predicate"
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
@@ -106,6 +107,11 @@ func (r *ReconcileGitopsService) SetupWithManager(mgr ctrl.Manager) error {
 		Owns(&appsv1.Deployment{}, builder.WithPredicates(pred)).
 		Owns(&corev1.Service{}, builder.WithPredicates(pred)).
 		Owns(&routev1.Route{}, builder.WithPredicates(pred)).
+		Watches(&corev1.Namespace{ObjectMeta: metav1.ObjectMeta{
+			Name: "openshift-gitops",
+		}},
+			handler.EnqueueRequestsFromMapFunc(namespaceMapper),
+		).
 		Complete(r)
 }
 
@@ -219,7 +225,7 @@ func (r *ReconcileGitopsService) Reconcile(ctx context.Context, request reconcil
 
 	// Create namespace if it doesn't already exist
 	namespaceRef := newRestrictedNamespace(namespace)
-	err = r.Client.Get(ctx, types.NamespacedName{Name: namespace}, &corev1.Namespace{})
+	err = r.Client.Get(ctx, types.NamespacedName{Name: namespace}, namespaceRef)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			reqLogger.Info("Creating a new Namespace", "Name", namespace)
@@ -231,8 +237,8 @@ func (r *ReconcileGitopsService) Reconcile(ctx context.Context, request reconcil
 			return reconcile.Result{}, err
 		}
 	} else {
-		needUpdate, updateNameSpace := ensurePodSecurityLabels(namespaceRef)
-		if needUpdate {
+		needsUpdate, updateNameSpace := ensurePodSecurityLabels(namespaceRef)
+		if needsUpdate {
 			err = r.Client.Update(context.TODO(), updateNameSpace)
 			if err != nil {
 				return reconcile.Result{}, err
@@ -345,7 +351,7 @@ func (r *ReconcileGitopsService) reconcileDefaultArgoCDInstance(instance *pipeli
 	// 4.6 Cluster: Backend in openshift-pipelines-app-delivery namespace and argocd in openshift-gitops namespace
 	// 4.7 Cluster: Both backend and argocd instance in openshift-gitops namespace
 	argocdNS := newRestrictedNamespace(defaultArgoCDInstance.Namespace)
-	err = r.Client.Get(context.TODO(), types.NamespacedName{Name: argocdNS.Name}, &corev1.Namespace{})
+	err = r.Client.Get(context.TODO(), types.NamespacedName{Name: argocdNS.Name}, argocdNS)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			reqLogger.Info("Creating a new Namespace", "Name", argocdNS.Name)
@@ -378,8 +384,8 @@ func (r *ReconcileGitopsService) reconcileDefaultArgoCDInstance(instance *pipeli
 			}
 		}
 
-		needUpdate, updateNameSpace := ensurePodSecurityLabels(argocdNS)
-		if needUpdate {
+		needsUpdate, updateNameSpace := ensurePodSecurityLabels(argocdNS)
+		if needsUpdate {
 			err = r.Client.Update(context.TODO(), updateNameSpace)
 			if err != nil {
 				return reconcile.Result{}, err
@@ -959,3 +965,17 @@ func ensurePodSecurityLabels(namespace *corev1.Namespace) (bool, *corev1.Namespa
 	}
 	return changed, namespace
 }
+
+func namespaceMapper(ctx context.Context, o client.Object) []reconcile.Request {
+	// var result = []reconcile.Request{}
+	namespacedName := client.ObjectKey{
+		Name: o.GetName(),
+	}
+	// result := []reconcile.Request{
+	// 	{NamespacedName: namespacedName},
+	// }
+	// return result
+	return []reconcile.Request{
+		{NamespacedName: namespacedName},
+	}
+}

controllers/gitopsservice_controller_test.go

@@ -542,7 +542,8 @@ func TestReconcile_VerifyResourceQuotaDeletionForUpgrade(t *testing.T) {
 	// Create namespace object for default ArgoCD instance and set resource quota to it.
 	defaultArgoNS := &corev1.Namespace{
 		ObjectMeta: v1.ObjectMeta{
-			Name: serviceNamespace,
+			Name:      serviceNamespace,
+			Namespace: serviceNamespace,
 		},
 	}
 	fakeClient.Create(context.TODO(), defaultArgoNS)