This can be used to reliable determine the active remediation strategy
which should be used. Including in edge cases where e.g. an uninstall
remediation is configured for upgrade failures.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
The primary reason for this is the alphabetical ordering of `kubectl
describe`, which caused the fields to be listed in separate places
instead of a bundle.
From a programmatic perspective, it is also great because it is now much
easier to reset any previous state when e.g. uninstalling a release. As
we can simply write an empty struct to erase any memory of a previous
release, instead of having to deal with multiple fields.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This will allow the controller to pick the right method for digest
calculations when we for example add new data into the calculation.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This adds the base wiring to get the controller to work with the
v2beta2 API and the newly introduced packages in `internal/`.
In essence, this means that from now on the controller will utilize all
new code for the reconciliation of the HelmRelease resource.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- Change the map with Helm release test hooks to a pointer map. This
allows (in combination with the constrains around JSON serialization)
to distinguish a release _without_ a test run from a release _with_
test run but no tests (an empty map).
- Add `GetTestHooks` and `SetTestHooks` methods to help circumvent some
of the common problems around working with a pointer map in Go (e.g.
not being capable of iterating over it using range).
- Add `HasBeenTested` and `HasTestInPhase` methods to help make
observations on captured release information.
- Add `StorageNamespace` to Status to allow for observations of
configuration changes which are mutating compared to the spec.
- Add `GetActiveRemediation` helper method to get the active
remediation strategy based on the presence of Current and/or Previous
release observations in the Status of the object.
- Add `ReleaseTargetChanged` helper method to determine if an immutable
release target changed has occurred, in which case e.g. garbage
collection needs to happen before performing any other action.
- Add `GetCurrent`, `HasCurrent`, `GetPrevious` and `HasPrevious`
helper methods to ease access to their values nested in the Status.
- Add `FullReleaseName` and `VersionedChartName` helper methods to e.g.
allow printing full name references in Condition and Event messages
which can be placed in a point in time based on metadata more
familiar to a user than for example the observed generation.
- Change `GetFailureCount` and `RetriesExhausted` signatures of
`Remediation` interface to take a pointer. This eases use of the API,
as generally speaking a (Kubernetes) API object is a pointer.
- Move methods from `HelmReleaseSpec` to `HelmRelease`, this is easier
to access and matches `GetConditions`, etc.
- Remove `DeploymentAction` interface and `GetDescription` from
`Remediation` interface as this is no longer of value.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This is an initial introduction, and still subject to changes. The
storage version is still configured to v2beta1. This allows low
level packages to already work with the new object data, but keeps
it away from the reconciler for now.
The changes mainly focus around removing the helper methods from the
API, and to enrich the status object with more data about the current
and previous revision. With the goal to deprecate all `LastAttempted*`
and `LastApplied*` fields, as this data is now available in `Current`
and `Previous`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This adds a `--interval-jitter-percentage` flag to the controller to
add a +/- percentage jitter to the interval defined in a HelmRelease
(defaults to 5%).
Effectively, this results in a reconciliation every 9.5 - 10.5 minutes
for a resource with an interval of 10 minutes.
Main reason to add this change is to mitigate spikes in memory and
CPU usage caused by many resources being configured with the same
interval.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This adds a `PersistentClient` flag which should be consumed by the
controller while initializing the Kubernetes client used by Helm
actions.
This to allow the controller to work with certain charts which do
require a client which does not persist, as they create Custom Resource
Definitions on demand during e.g. install, which then later aren't
observed by Helm as it does not reset the REST mapper between successive
action steps.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- Assing `ObjectMeta` field in Helm chart template.
- Ensure things are at least lightly mentioned in spec documentation.
- Add two simple test cases.
- Fix broken links to Kubernetes documentation.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- github.com/fluxcd/pkg/apis/kustomize to v1.0.0
- github.com/fluxcd/pkg/apis/meta to v1.0.0
- k8s.io/apiextensions-apiserver to v0.26.3
- k8s.io/apimachinery to v0.26.3
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- github.com/fluxcd/pkg/runtime to v0.32.0
- github.com/fluxcd/pkg/ssa to v0.25.0
- github.com/fluxcd/source-controller/api to v0.36.1
- github.com/onsi/gomega to v1.27.4
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Check if the service account to be impersonated actually exists
and proceed with uninstalling the Helm release only if it does.
Otherwise, skip uninstalling the release and carry on with finalization.
Add an e2e test to check if deleting a namespace with the RBAC and
HelmRelease succeeds with the namespace being fully deleted.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
This is backwards compatible, as it only changes the type without the
further requirements around the YAML declaration.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This updates all the comparisons to make use of `HasRevision` which
supports the RFC-0005 and legacy revision formats.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Unlike the other Flux components, there are some scenarios in which a
timeout of 1h (or more) is justified to be able to Helm actions which
take a long time to finish.
To support this, widen the validation added in
54aee36b3a to allow the configuration
of the `h` time unit again. At the cost of theoretically keeping the
workers busy for a long duration of time (and thereby not processing
other changes), but without causing a full denial of service.
Signed-off-by: Hidde Beydals <hello@hidde.co>
- Update Go to 1.19 in CI
- Use Go 1.19 in base image
- Update controller-gen v0.8.0 (v0.7 fails with Go 1.19) and regenerate manifests
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Formalises the API requirements around TargetPath and ValuesKey,
which were the two fields missing validation within ValuesReference.
In both cases the validation was introduced at CRD level, so that
the apiserver will enforce it.
ValuesKey must be a valid Data Key. Therefore the same logic used by
upstream Kubernetes is reused here to ensure a valid key is being used.
For TargetPath a loose regex is being used to largely represent the
expected format. A max length of 250 is now being enforced.
This is a breaking change, as invalid TargetPath and ValuesKey will now
be rejected by the apiserver, instead of being accepted and potentially
failing at reconciliation time.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
- github.com/fluxcd/source-controller/api to v0.25.3
- k8s.io/api to v0.24.1
- k8s.io/apiextensions-apiserver to v0.24.1
- k8s.io/apimachinery to v0.24.1
- k8s.io/cli-runtime to v0.24.1
- k8s.io/client-go to v0.24.1
Signed-off-by: Hidde Beydals <hello@hidde.co>
- github.com/fluxcd/pkg/runtime to v0.14.1
- github.com/fluxcd/source-controller/api to v0.24.0
- github.com/hashicorp/go-retryablehttp to v0.7.1
- github.com/onsi/gomega to v1.19.0
- sigs.k8s.io/kustomize/api to v0.11.4
- sigs.k8s.io/kustomize/kyaml to v0.13.6
Signed-off-by: Hidde Beydals <hello@hidde.co>
When the flag --default-service-account was added it changed
slightly the behaviour of the spec.KubeConfig field. It forces
the impersonation to always take place, either via the contents
of spec.ServiceAccountName or its fallback at controller level.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
This includes an update of the source-controller to v0.22.0, to pull in
the v1beta2 API which makes use of the same packages.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
Status content could be very long compare to other fields. Moving it to
the end helps improve the visibility of other fields.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
Hidde Beydals
Hidde Beydals
Jiri Tyr
souleb
Stefan Prodan
Martin Hoffmann
Max Jonas Werner
Sanskar Jaiswal
Sunny
Raffael Sahli
Aurel Canciu
Paulo Gomes
Zhongcheng Lao
Nick Stogner
Kingdon Barrett
Tomek Rękawek