outposts: remove node_port on V1ServicePort checks to prevent service creation loops

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2095
2022-02-07 20:26:14 +01:00 · 2022-02-07 20:26:14 +01:00 · 055a76393d
parent 0754821628
commit 055a76393d
2 changed files with 7 additions and 3 deletions
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -12,7 +12,8 @@
        "totp",
        "webauthn",
        "traefik",
-        "passwordless"
+        "passwordless",
+        "kubernetes"
    ],
    "python.linting.pylintEnabled": true,
    "todo-tree.tree.showCountsInTree": true,
--- a/authentik/outposts/controllers/k8s/utils.py
+++ b/authentik/outposts/controllers/k8s/utils.py
@ -1,7 +1,7 @@
 """k8s utils"""
 from pathlib import Path

-from kubernetes.client.models.v1_container_port import V1ContainerPort
+from kubernetes.client.models.v1_service_port import V1ServicePort
 from kubernetes.config.incluster_config import SERVICE_TOKEN_FILENAME

 from authentik.outposts.controllers.k8s.triggers import NeedsRecreate
@ -16,10 +16,13 @@ def get_namespace() -> str:
    return "default"


-def compare_ports(current: list[V1ContainerPort], reference: list[V1ContainerPort]):
+def compare_ports(current: list[V1ServicePort], reference: list[V1ServicePort]):
    """Compare ports of a list"""
    if len(current) != len(reference):
        raise NeedsRecreate()
    for port in reference:
+        # We don't need to compare node_ports
+        # https://github.com/goauthentik/authentik/issues/2095#issuecomment-1020674326
+        port.node_port = None
        if port not in current:
            raise NeedsRecreate()