Remove namespace optimization

The admission controller works with secrets from other namespaces. A restriction is not possible at this point.
gardener · Jan 5, 2024 · 23a6593 · 23a6593
1 parent 7e269ba
commit 23a6593
Showing 1 changed file with 0 additions and 9 deletions.
diff --git a/cmd/gardener-extension-shoot-rsyslog-relp-admission/app/app.go b/cmd/gardener-extension-shoot-rsyslog-relp-admission/app/app.go
@@ -16,13 +16,11 @@ import (
 	v1beta1constants "github.com/gardener/gardener/pkg/apis/core/v1beta1/constants"
 	gardenerhealthz "github.com/gardener/gardener/pkg/healthz"
 	"github.com/spf13/cobra"
-	corev1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 	componentbaseconfig "k8s.io/component-base/config"
 	"k8s.io/component-base/version/verflag"
 	"sigs.k8s.io/controller-runtime/pkg/cache"
-	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/cluster"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
@@ -103,13 +101,6 @@ func NewAdmissionCommand(ctx context.Context) *cobra.Command {
 					return err
 				}
 				managerOptions.LeaderElectionConfig = sourceClusterConfig
-			} else {
-				// Restrict the cache for secrets to the configured namespace to avoid the need for cluster-wide list/watch permissions.
-				managerOptions.Cache = cache.Options{
-					ByObject: map[client.Object]cache.ByObject{
-						&corev1.Secret{}: {Namespaces: map[string]cache.Config{webhookOptions.Server.Completed().Namespace: {}}},
-					},
-				}
 			}
 
 			mgr, err := manager.New(restOpts.Completed().Config, managerOptions)