@@ -587,9 +587,7 @@ func prepareOauthAPIServerOperator(
587
587
).WithAPIServiceController (
588
588
"openshift-apiserver" ,
589
589
"openshift-oauth-apiserver" ,
590
- func () ([]* apiregistrationv1.APIService , []* apiregistrationv1.APIService , error ) {
591
- return apiServices (), nil , nil
592
- },
590
+ apiServicesFuncWrapper (authLister , kasLister , kasConfigMapLister ),
593
591
informerFactories .apiregistrationInformers ,
594
592
authOperatorInput .apiregistrationv1Client .ApiregistrationV1 (),
595
593
informerFactories .kubeInformersForNamespaces ,
@@ -884,6 +882,20 @@ func extractOperatorStatus(obj *unstructured.Unstructured, fieldManager string)
884
882
return & ret .Status .OperatorStatusApplyConfiguration , nil
885
883
}
886
884
885
+ func apiServicesFuncWrapper (authLister configv1listers.AuthenticationLister , kasLister operatorv1listers.KubeAPIServerLister , kasConfigMapLister corev1listers.ConfigMapLister ) func () ([]* apiregistrationv1.APIService , []* apiregistrationv1.APIService , error ) {
886
+ return func () ([]* apiregistrationv1.APIService , []* apiregistrationv1.APIService , error ) {
887
+ apiServices := apiServices ()
888
+ if oidcAvailable , err := common .ExternalOIDCConfigAvailable (authLister , kasLister , kasConfigMapLister ); err != nil {
889
+ return nil , nil , err
890
+ } else if oidcAvailable {
891
+ // return apiServices as disabled
892
+ return nil , apiServices , nil
893
+ }
894
+
895
+ return apiServices , nil , nil
896
+ }
897
+ }
898
+
887
899
func countNodesFuncWrapper (nodeLister corev1listers.NodeLister , authLister configv1listers.AuthenticationLister , kasLister operatorv1listers.KubeAPIServerLister , kasConfigMapLister corev1listers.ConfigMapLister ) func (nodeSelector map [string ]string ) (* int32 , error ) {
888
900
return func (nodeSelector map [string ]string ) (* int32 , error ) {
889
901
if oidcAvailable , err := common .ExternalOIDCConfigAvailable (authLister , kasLister , kasConfigMapLister ); err != nil {
0 commit comments