feat: add bare policy binding controller

2026-05-17 19:38:29 +02:00
parent bd6a71f541
commit fb926c81ee
31 changed files with 2192 additions and 1 deletions
@@ -34,6 +34,7 @@ import (
 	// _ "k8s.io/client-go/plugin/pkg/client/auth/gcp"

 	applicationcontroller "gitea.t000-n.de/t.behrendt/authentik-kubernetes-operator/pkg/controllers/application"
+	policybindingcontroller "gitea.t000-n.de/t.behrendt/authentik-kubernetes-operator/pkg/controllers/policybinding"
 	proxyprovidercontroller "gitea.t000-n.de/t.behrendt/authentik-kubernetes-operator/pkg/controllers/proxyprovider"
 	clientset "gitea.t000-n.de/t.behrendt/authentik-kubernetes-operator/pkg/generated/clientset/versioned"
 	informers "gitea.t000-n.de/t.behrendt/authentik-kubernetes-operator/pkg/generated/informers/externalversions"
@@ -87,13 +88,19 @@ func main() {
 		applicationInformerFactory.Application().V1alpha1().Applications(),
 	)

+	policyBindingInformerFactory := informers.NewSharedInformerFactory(clientset, time.Second*30)
+	pbController := policybindingcontroller.NewController(ctx, kubeClient, clientset, authentikClient,
+		policyBindingInformerFactory.PolicyBinding().V1alpha1().PolicyBindings(),
+	)
+
 	// notice that there is no need to run Start methods in a separate goroutine. (i.e. go kubeInformerFactory.Start(ctx.done())
 	// Start method is non-blocking and runs all registered informers in a dedicated goroutine.
 	proxyProviderInformerFactory.Start(ctx.Done())
 	applicationInformerFactory.Start(ctx.Done())
+	policyBindingInformerFactory.Start(ctx.Done())

 	var wg sync.WaitGroup
-	wg.Add(2)
+	wg.Add(3)

 	go func() {
 		defer wg.Done()
@@ -111,6 +118,14 @@ func main() {
 		}
 	}()

+	go func() {
+		defer wg.Done()
+		if err := pbController.Run(ctx, 2); err != nil {
+			logger.Error(err, "Error running policy binding controller")
+			klog.FlushAndExit(klog.ExitFlushTimeout, 1)
+		}
+	}()
+
 	wg.Wait()
 }