From bb9def0da45790db24caea491a12787d05c3cf01 Mon Sep 17 00:00:00 2001
From: Luke <feixiang.li@smartnews.com>
Date: Wed, 15 May 2024 15:35:14 +0900
Subject: [PATCH] ignore handled pod

---
 pkg/controllers/provisioning/provisioner.go | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/pkg/controllers/provisioning/provisioner.go b/pkg/controllers/provisioning/provisioner.go
index 4e50c8324d..f0d75d7223 100644
--- a/pkg/controllers/provisioning/provisioner.go
+++ b/pkg/controllers/provisioning/provisioner.go
@@ -421,9 +421,29 @@ func (p *Provisioner) Validate(ctx context.Context, pod *v1.Pod) error {
 		validateNodeSelector(pod),
 		validateAffinity(pod),
 		p.volumeTopology.ValidatePersistentVolumeClaims(ctx, pod),
+		p.isPodHandled(ctx, pod),
 	)
 }
 
+func (p *Provisioner) isPodHandled(ctx context.Context, pod *v1.Pod) (err error) {
+	var events v1.EventList
+	filter := client.MatchingFields{
+		"metadata.namespace":  pod.Namespace,
+		"involvedObject.kind": "Pod",
+		"involvedObject.name": pod.Name,
+		"reason":              "HandledByKarpenter",
+	}
+	if err := p.kubeClient.List(ctx, &events, filter); err == nil {
+		for _, event := range events.Items {
+			// ignore the pod if it's already handled in 3 minute
+			if !time.Now().Add(3 * time.Minute).After(event.LastTimestamp.Time) {
+				return fmt.Errorf("pod is handled")
+			}
+		}
+	}
+	return nil
+}
+
 // validateKarpenterManagedLabelCanExist provides a more clear error message in the event of scheduling a pod that specifically doesn't
 // want to run on a Karpenter node (e.g. a Karpenter controller replica).
 func validateKarpenterManagedLabelCanExist(p *v1.Pod) error {