Commit Graph

88 Commits

Author SHA1 Message Date
Stefan Prodan f812f045c6
Set module name to `github.com/fluxcd/cli-utils`
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2023-11-20 08:45:35 +02:00
Simon Bein 542546c01d
Use HTTPClientFor instead of defaultHTTPClient
This allows for the http client to accept certificates from the kind
cluster.
2023-08-09 12:47:05 +10:00
Simon Bein b2051cfe5a
update dependencies to k8s.io v0.27.2 2023-08-09 12:47:05 +10:00
Sam Dowell cd911bfaa3 fix: retain objects which failed to reconcile
This change updates the set-inventory logic to retain objects which
failed to reconcile. This ensures that if you run the applier/destroyer
multiple times, an object that is failing to reconcile will be retained
in the inventory. Before this change, an object failing to reconcile
could be lost after multiple attempts (e.g. multiple destroys).
2023-07-24 15:06:23 -07:00
Sam Dowell 1c4eae944c fix: retain inventory for pruning failures
Prior to this change, the inventory always was deleted at the end of a
Destroy event. This would occur even in the case of a pruning
failure, resulting in the objects being removed from the inventory
without being deleted. This change makes it so that the inventory is
only deleted if all objects have been pruned.
2023-07-18 15:49:48 -07:00
Yash Singh a4b24bdc46
Update registry k8s.gcr.io -> registry.k8s.io 2023-02-17 08:41:28 +05:30
Manfred Liiv fa95a60e37 add a link to cohabitating resources in comments 2023-01-18 12:09:52 +00:00
Manfred Liiv 982fab3ecd add failing currentUIDFilter e2e test demonstrating https://github.com/kubernetes-sigs/cli-utils/issues/613 2023-01-16 17:29:19 +00:00
Mikhail Mazurskiy b07f05fc13
chore: update dependencies to Kubernetes v1.25.3 2022-11-03 10:59:44 +11:00
Johnnie Chou ad9f752d67 add filtering and listing functionalities 2022-08-22 04:47:03 +00:00
Morten Torkildsen 5240fc4cdb Use builder for creating the destroyer 2022-08-03 12:19:19 +00:00
Ramon Quitales c29e1ab60c Enable custom inventory storage logic
This commit introduces 2 new Storage interface methods to enable clients
to implement their own logic for applying inventory objects to the live
cluster.
2022-06-27 21:04:37 +00:00
Karl Isenberg 9dcbe6622a chore: add stress test that validates retries
- Duplicate the 1,000 Deployment test, but use a 1m reconcile timeout in
  a retry loop.
- This verifies that the applier and destroyer are re-entrant at scale.
2022-06-07 10:57:20 -07:00
Karl Isenberg c46949360e feat: replace StatusPoller w/ StatusWatcher
- Add DefaultStatusWatcher that wraps DynamicClient and manages
  informers for a set of resource objects.
  - Supports two modes: root-scoped & namespace-scoped.
  - Root-scoped mode uses root-scoped informers to efficiency and
    performance.
  - Namespace-scoped mode uses namespace-scoped informers to
    minimize the permissions needed to run and the size of the
    in-memory object cache.
  - Automatic mode selects which mode to use based on whether the
    objects being watched are in one or multiple namespaces.
    This is the default mode, optimizing for performance.
  - If CRDs are being watched, the creation/deletion of CRDs can
    cause informers for those custom resources to be created/deleted.
  - In namespace-scope mode, if namespaces are being watched, the
    creation/deletion of namespaces can also trigger informers to
    be created/deleted.
  - All creates/updates/deletes to CRDs also cause RESTMapper reset.
  - Allow pods to be unschedulable for 15s before reporting the
    status as Failed. Any update resets the timer.
- Add BlindStatusWatcher for testing and disabling for dry-run.
- Add DynamicClusterReader that wraps DynamicClient.
  This is now used to look up generated resources
  (ex: Deployment > ReplicaSets > Pods).
- Add DefaultStatusReader which uses a DelegatingStatusReader to
  wrap a list of conventional and specific StatusReaders.
  This should make it easier to extend the list of StatusReaders.
- Move some pending WaitEvents to be optional in tests, now that
  StatusWatcher can resolve their status before the WaitTask starts.
- Add a new Thousand Deployments stress test (10x kind nodes)
- Add some new logs for easier debugging
- Add internal SyncEvent so that apply/delete tasks don't start
  until the StatusWatcher has finished initial synchronization.
  This helps avoid missing events from actions that happen while
  synchronization is incomplete.
- Filter optional pending WaitEvents when testing.

BREAKING CHANGE: Replace StatusPoller w/ StatusWatcher
BREAKING CHANGE: Remove PollInterval (obsolete with watcher)
2022-05-10 10:40:05 -07:00
Kubernetes Prow Robot 02d2092d8c
Merge pull request #581 from karlkfi/karl-event-order
fix: Sort reconcile events to fix flakey test
2022-05-03 14:53:11 -07:00
Karl Isenberg 534438cb62 feat: Use server-side throttling, if enabled 2022-04-27 09:58:48 -07:00
Karl Isenberg 59a8300851 fix: Sort reconcile events to fix flakey test 2022-04-25 13:57:35 -07:00
Karl Isenberg f9563d9e37 chore: Upgrade to Ginkgo v2 2022-04-21 18:50:30 -07:00
Kubernetes Prow Robot 1d43cea19f
Merge pull request #576 from karlkfi/karl-throttling
chore: Disable client-side throttling for tests
2022-04-21 13:58:12 -07:00
Kubernetes Prow Robot 2bfa520569
Merge pull request #579 from karlkfi/karl-error-status
fix: Send Failed status when erroring
2022-04-20 09:37:42 -07:00
Karl Isenberg 119b51aabf fix: Send Failed status when erroring
- Caller should switch on Type == Failed, not Error != nil
- Error should always be non-nil for Failed and Skipped events
2022-04-19 18:22:52 -07:00
Karl Isenberg 4c53ada4bc chore: Test for more specific errors 2022-04-19 18:08:24 -07:00
Karl Isenberg 5fb2a68abb chore: Disable client-side throttling for tests 2022-04-15 16:36:22 -07:00
Karl Isenberg f124e7bb7f chore: Fix event sorting for testing
Previous sorting method was not stable, and only worked coincidentally
for the two use cases that were using it. This new method works on
more event types and only sorts contiguous events. This should make
the sort usable when we add parallel apply and watch instead of poll.
2022-04-15 15:52:11 -07:00
Kubernetes Prow Robot 5d06234969
Merge pull request #570 from karlkfi/karl-operations
feat: improve event status consistency
2022-04-14 09:28:47 -07:00
Karl Isenberg 393ecfe7a5 feat: improve event status consistency
Event Changes:
- Renamed ActionGroupEvent.Type -> Status
- Renamed Event.Operation -> Status
- Renamed Status fields to use consistent prefixes and suffixes
- Combined Applied, Changed, Unchanged, and ServersideApplied into
  ApplySuccessful
- Added Failed status for apply, prune, and delete events
- Replaced Unspecified with Pending
- Made enum String output more consistent

Printer Changes:
- Added FormatSummary to print summary stats at the end of the
  apply/destroy, instead of after the last of each type of action
  group.
- Modified printer output to match new more consistent events.
- Updated JSON printer docs with latest schema details.

BREAKING CHANGE: Event "operations" and "type" are now "status"
BREAKING CHANGE: JSON printer schema changed to match events
BREAKING CHANGE: Event status enums renamed/refactored
2022-04-14 01:14:10 -07:00
Karl Isenberg 80e2c16dde chore: Add make target for e2e test focus
- Ex: make test-e2e-focus FOCUS=ApplyDestroy
- Rename e2e tests to be easier to copy/paste/focus without spaces.
- Reduce stress test verbosity to reduce log spam.
- Wait for kind controllers to be ready before running tests.
2022-04-14 01:07:28 -07:00
Kubernetes Prow Robot 89be53da95
Merge pull request #571 from karlkfi/karl-cross-namespace-deps
chore: add test for cross namespace depends-on
2022-03-31 13:51:05 -07:00
Karl Isenberg aeff41d692 chore: add test for cross namespace depends-on 2022-03-31 11:03:19 -07:00
Karl Isenberg 7aee3cc6b4 feat: error on skip
- Rewrite actuation filters to return an error with the reason for
  skipping.
- Add explicit error types for most skip errors, to make it easier to catch
  and handle them.
- Add Is method to explicit error types to allow use of errors.Is for
  recursive unwrapped matching.
- Rename InventoryPolicyFilter to InventoryPolicyPruneFilter for
  consistency with InventoryPolicyApplyFilter
- Update deletion prevention inventory-id removal to use errors.As instead
  of matching the filter name.
- Convert error structs to use pointers to allow nil errors and avoid
  copying contents.
- Update printers to handle skip errors

BREAKING CHANGE: Skipped actuation events now include an error.
BREAKING CHANGE: DeleteEvent.Reason replaced with an error.
BREAKING CHANGE: Unused InventoryNamespaceInSet error removed.
BREAKING CHANGE: InventoryOverlapError replaced with PolicyPreventedActuationError.
BREAKING CHANGE: NeedAdoptionError replaced with PolicyPreventedActuationError.
BREAKING CHANGE: NoInventoryObjError & MultipleInventoryObjError now use pointers.
2022-03-16 17:40:28 -07:00
Karl Isenberg 34a8a7b334 chore: add stress test
- Stress test tests 1,000 Namespaces, CofnigMaps, & CronTabs (CR)
- Stress test is a new test suite with its own make entrypoint
- Refactor shared test code so the e2e and stress tests can both use it
- Update test client QPS to 20 (from 5)
2022-03-10 17:21:26 -08:00
Jingfang Liu ebbd19deca fix: Use empty object status list when the StatusPolicyNone is used
This reduces the request size when StatusPolicyNone is used
2022-03-07 16:36:36 -08:00
Karl Isenberg be7d6e2ab4 chore: Add e2e tests for inventory status 2022-03-04 19:09:28 -08:00
Karl Isenberg 2bdc05945d feat: Add inventory.StatusPolicy
- StatusPolicyNone disables inventory status updates.
- StatusPolicyAll fully enables inventory status updates.
- This allows an opt-out feature for working around the problem
  that adding status can make the inventory larger than the max
  etcd object size, causing the applier to exit without applying
  or pruning anything. With StatusPolicyNone, the user can still
  safely prune objects to make their inventory smaller, and then
  re-enable the status with StatusPolicyAll.
- Note: the default ConfigMap does not currently support status,
  so this only affects custom inventory impls.
2022-03-04 19:09:28 -08:00
Karl Isenberg c103784000 fix: Allow empty set of apply objects
- Add e2e test to ensure the inventory is still correctly created
  and destroyed when the apply object set is empty.
2022-03-02 10:36:59 -08:00
Karl Isenberg 0f7f95b24a fix: Make DependencyFilter handle DryRun
DryRun skips WaitEvents. So the DependencyFilter needs to skip
checking for reconciliation if DryRun is enabled.
2022-03-01 15:48:02 -08:00
Karl Isenberg 4599e4fb00 feat: Add dependency filter
- Pass TaskContext into TaskBuilder.Build
- Combine dependency graph for apply and prune objects.
  This is required to catch dependencies that would have been deleted.
- Replace graph.SortObjs into DependencyGraph + Sort + HydrateSetList
- Replace graph.ReverseSortObjs with ReverseSetList to perform on the
  combined (apply + prune) set list.
- Add planned pending applies and prune to the InventoryManager
  before executing the task queue.
  This allows the DependencyFilter to validate against the planned
  actuation strategy of objects that haven't been applied/pruned yet.
- Add the dependency graph to the TaskContext, for the
  DependencyFilter to use.
  This can be removed in the future if the filters are managed by the
  solver.
- Make Graph.Sort non-destructive, so the graph can be re-used by the
  DependencyFilter.
- Add Graph.EdgesFrom and EdgesTo for the DependencyFilter to use.
  This requires storing the reverse edge list.
- Add an e2e test for the DependencyFilter
- Add an e2e test for the LocalNamespaceFilter

Fixes https://github.com/kubernetes-sigs/cli-utils/issues/526
Fixes https://github.com/kubernetes-sigs/cli-utils/issues/528
2022-02-28 17:31:45 -08:00
Jingfang Liu 6bd4b565e8 Capture the apply status for individual resources after each apply.
If the inventory object supports status field, it is updated
after setting the inventory list at then of one apply process.

BREAKING CHANGE: Update the inventory client and inventory interfaces
to pass the apply/reconcile status.
2022-02-16 12:02:02 -08:00
Karl Isenberg 4e94795493 chore: refactor inventory pkg to avoid stuttering 2022-02-15 14:48:39 -08:00
Karl Isenberg 5c095e8d66 chore: Add Inventory to TaskContext
- Add a new Inventory KRM object for storing the spec and status
  of the inventory objects in memory.
- Improve reconcile, apply, & delete status tracking in the
  TaskContext/Inventory to cover all possible statuses
- Move most of the convenience methods from the TaskContext into a
  new inventory.Manager.
- Fix a minor bug where object UID might have drifted (delete &
  recreate) between GET and DELETE.
2022-02-03 11:16:54 -08:00
Sean Sullivan aac7d2d22a Fixes lint error 2022-02-01 14:22:07 -08:00
Mikhail Mazurskiy 2c815d2843
feat!: applier configuration options
BREAKING CHANGE: NewApplierBuilder() is the new way to construct an Applier
BREAKING CHANGE: apply.Options renamed into apply.ApplierOptions
2022-01-29 10:04:03 +11:00
Kubernetes Prow Robot 5fb19a18af
Merge pull request #488 from karlkfi/karl-validation-event
feat: Add ValidationPolicy & ValidationEvent
2022-01-27 16:12:45 -08:00
Karl Isenberg 9acdbce963 feat: Add ValidationPolicy & ValidationEvent
- Add ValidationPolicy:
  ExitEarly (default) - exit before apply/prune if any objects are invalid
  SkipInvalid - apply/prune valid objects & skip invalid ones
- Add ValidationEvent to be sent once for every invalid object or set of
  objects, when the SkipInvalid policy is selected. For ExitEarly,
  return an error for reverse compatibility.
- Add validation.Collector to simplify aggregating validation errors
  from multiple sources and extracting invalid object IDs.
- Add invalid objects to the TestContext so they can be retained in
  the inventory (only if already present). This primarily applies to
  invalid annotations and dependencies. Objects without name or kind
  should never be added to the inventory.
- Update Solver to use validation.Collector and filter invalid objects.
- Add e2e test for invalid objects.
- Update Printers to handle ValidationEvent
- Add ExternalDependencyError & InvalidAnnotationError to make it easier
  to handle and introspect validation errors.
2022-01-25 12:36:02 -08:00
Mikhail Mazurskiy 0af069f2c5
chore!: remove RESTMapper caching as it's no longer needed
It's cached upstream now https://github.com/kubernetes/kubernetes/pull/103900

BREAKING CHANGE: CachingRESTClientGetter is removed
2022-01-24 15:11:52 +11:00
Karl Isenberg f67aaa87ac feat: MultiError for invalid annotations
- Move Validator to pkg/object/validation
- Replace ValidationError with validation.Error
- Replace MultiValidationError with generic MultiError
- Update Validator & SortObjs to use MultiError
- Add ResourceReferenceFromObjMetadata
- Rename NewResourceReference -> ResourceReferenceFromUnstructured
- Delete duplicate ResourceReference.ObjMetadata()
- Modify some error messages for consistency and clarity
- Use templating to generate some test artifacts

BREAKING CHANGE: apply-time-mutation namespace required for namespace-scoped resources
2022-01-12 15:24:53 -08:00
Karl Isenberg 242b6aa83e fix: Don't panic when ObjMetadata is invalid
- UnstructuredToObjMetaOrDie -> UnstructuredToObjMetadata
- UnstructuredToObjMeta -> UnstructuredToObjectMetadata
- UnstructuredsToObjMetasOrDie -> UnstructuredSetToObjMetadataSet
- UnstructuredsToObjMetas -> UnstructuredSetToObjMetadataSet
- Remove CreateObjMetadata (Validator performs validation)
2022-01-07 18:50:30 -08:00
Karl Isenberg fb98bc7877 fix: Handle more validation errors as field errors
- Using field.Error allows more errors to be wrapped as a
  ValidationError, instead of interrupting validation and exiting
  early.
- Add explicit validation for kind (clearer error).
- Move NestedField from testutil to object, so it can be used at
  runtime.
2022-01-07 12:06:43 -08:00
Morten Torkildsen a95e9f43ca Add e2e tests for reconciliation failure and timeout 2021-12-06 00:51:52 -08:00
Karl Isenberg c5636c0243 feat: Always wait for reconciliation
- Converted WaitTask to use a context for timeout/cancellation, to
  improve readability and reduce error cases. Now it only sends
  TaskResult events from one place, removing the need for a token to
  silence subsequent complete() calls.
- Add pending object tracking to WaitTask to ensure all objects are
  accounted for at least one WaitEvent.
- Upgraded applier tests to use full event comparison, for better signal
  on breaking changes.
- Enhanced task tests to consume all events before validating and test
  actual event output.
- Add set sorting to graph.SortObjs, to make wait event ordering more
  consistent, to make testing easier.

BREAKING CHANGE: wait tasks always execute after apply/prune/delete (except dry runs)
BREAKING CHANGE: wait tasks default to waiting until cancelled (previously 1m default)
2021-11-10 12:34:54 -08:00