diff --git a/public/tools/multicluster/pkg/common/common.go b/public/tools/multicluster/pkg/common/common.go index 2fbdf5e3f..22b5fa75c 100644 --- a/public/tools/multicluster/pkg/common/common.go +++ b/public/tools/multicluster/pkg/common/common.go @@ -575,8 +575,14 @@ func createRoles(ctx context.Context, c KubeClient, serviceAccountName, serviceA if telemetryClusterRoles { clusterRoleTelemetry := buildClusterRoleTelemetry() _, err = c.RbacV1().ClusterRoles().Create(ctx, &clusterRoleTelemetry, metav1.CreateOptions{}) - if !errors.IsAlreadyExists(err) && err != nil { - return xerrors.Errorf("error creating cluster role: %w", err) + if err != nil { + if errors.IsAlreadyExists(err) { + if _, err := c.RbacV1().ClusterRoles().Update(ctx, &clusterRoleTelemetry, metav1.UpdateOptions{}); err != nil { + return xerrors.Errorf("error updating role: %w", err) + } + } else { + return xerrors.Errorf("error creating cluster role: %w", err) + } } fmt.Printf("created clusterrole: %s\n", clusterRoleTelemetry.Name) if err = createClusterRoleBinding(ctx, c, serviceAccountName, serviceAccountNamespace, DefaultOperatorName+"-multi-telemetry-cluster-role-binding", clusterRoleTelemetry); err != nil { @@ -594,7 +600,7 @@ func createRoles(ctx context.Context, c KubeClient, serviceAccountName, serviceA } _, err = c.RbacV1().Roles(namespace).Create(ctx, &role, metav1.CreateOptions{}) - if !errors.IsAlreadyExists(err) && err != nil { + if err != nil { if errors.IsAlreadyExists(err) { if _, err := c.RbacV1().Roles(namespace).Update(ctx, &role, metav1.UpdateOptions{}); err != nil { return xerrors.Errorf("error updating role: %w", err) @@ -641,8 +647,14 @@ func createRoles(ctx context.Context, c KubeClient, serviceAccountName, serviceA func createClusterRoleBinding(ctx context.Context, c KubeClient, serviceAccountName string, serviceAccountNamespace string, clusterRoleBindingName string, clusterRole rbacv1.ClusterRole) error { clusterRoleBinding := buildClusterRoleBinding(clusterRole, serviceAccountName, serviceAccountNamespace, clusterRoleBindingName) _, err := c.RbacV1().ClusterRoleBindings().Create(ctx, &clusterRoleBinding, metav1.CreateOptions{}) - if !errors.IsAlreadyExists(err) && err != nil { - return xerrors.Errorf("error creating cluster role binding: %w", err) + if err != nil { + if errors.IsAlreadyExists(err) { + if _, err := c.RbacV1().ClusterRoleBindings().Update(ctx, &clusterRoleBinding, metav1.UpdateOptions{}); err != nil { + return xerrors.Errorf("error updating role: %w", err) + } + } else { + return xerrors.Errorf("error creating cluster role binding: %w", err) + } } fmt.Printf("created clusterrolebinding: %s\n", clusterRoleBinding.Name) return nil diff --git a/scripts/evergreen/e2e/dump_diagnostic_information.sh b/scripts/evergreen/e2e/dump_diagnostic_information.sh index 9ca5212d5..47603b63b 100755 --- a/scripts/evergreen/e2e/dump_diagnostic_information.sh +++ b/scripts/evergreen/e2e/dump_diagnostic_information.sh @@ -293,6 +293,10 @@ dump_namespace() { dump_objects sts "StatefulSets" "${namespace}" describe > "logs/${prefix}z_statefulsets.txt" dump_objects sts "StatefulSets Yaml" "${namespace}" >> "logs/${prefix}z_statefulsets.txt" dump_objects serviceaccounts "ServiceAccounts" "${namespace}" > "logs/${prefix}z_service_accounts.txt" + dump_objects clusterrolebindings "ClusterRoleBindings" "${namespace}" > "logs/${prefix}z_clusterrolebindings.txt" + dump_objects clusterroles "ClusterRoles" "${namespace}" > "logs/${prefix}z_clusterroles.txt" + dump_objects rolebindings "RoleBindings" "${namespace}" > "logs/${prefix}z_rolebindings.txt" + dump_objects roles "Roles" "${namespace}" > "logs/${prefix}z_roles.txt" dump_objects validatingwebhookconfigurations "Validating Webhook Configurations" "${namespace}" > "logs/${prefix}z_validatingwebhookconfigurations.txt" dump_objects certificates.cert-manager.io "Cert-manager certificates" "${namespace}" 2> /dev/null > "logs/${prefix}z_certificates_certmanager.txt" dump_objects catalogsources "OLM CatalogSources" "${namespace}" 2> /dev/null > "logs/${prefix}z_olm_catalogsources.txt"