Introduce the flag `--default-service-account` for allowing cluster admins to enforce impersonation for resources reconciliation.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
When ExternalEventRecorder is nil, the helm release reference is not used
therefore the function can safely return early.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
After downloading an artifact, compute its checksum and verify that it matches the original checksum advertised by source-controller.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
If the ReconcileStrategy is changed (from ChartVersion to Revision for
example), we should update the HelmChart.
Signed-off-by: Dylan Arbour <arbourd@users.noreply.github.com>
Add `values.yaml` to the supported kubeconfig secret key names in order for SOPS to correctly detect the storage format based on the file extension.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Before:
{"level":"info","ts":"2021-03-03T12:45:41.305Z","logger":"controller.helmrelease","msg":"could not find optional %s '%s'","reconciler group":"helm.toolkit.fluxcd.io","reconciler kind":"HelmRelease","name":"cert-manager","namespace":"kommander","ConfigMap":{"namespace":"kommander","name":"cert-manager-overrides"}}
After:
{"level":"info","ts":"2021-03-03T13:56:46.365+0100","logger":"controller.helmrelease","msg":"could not find optional ConfigMap 'kommander/cert-manager-overrides'","reconciler group":"helm.toolkit.fluxcd.io","reconciler kind":"HelmRelease","name":"cert-manager","namespace":"kommander"}
Signed-off-by: Max Jonas Werner <mwerner@d2iq.com>
To include a bug fix to the `ReconcilateAtChangedPredicate`
and renaming to `ReconcileRequestedPredicate`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit upgrades the `controller-runtime` dependency to `v0.7.0`,
including all changes required to make all wiring work again.
- Upgrade `runtime` to v0.6.0 to include `controller-runtime` changes.
- Loggers have been removed from the reconcilers and are now retrieved
from the `context.Context` passed to the `Reconcile` method and
downwards functions.
- Logger configuration flags are now bound to the flag set using
`BindFlags` from `runtime/logger`, ensuring the same contract across
GitOps Toolkit controllers, and the `--log-json` flag has been
deprecated in favour of the `--log-encoding=json` default.
- The `ChangePredicate` from `runtime` has changed to a
`ReconcilateAtChangedPredicate`, and is now chained with the
`GenerationChangedPredicate` from `controller-runtime` using
`predicate.Or`.
- Signatures that made use of `runtime.Object` have changed to
`client.Object`, removing the requirement to e.g. call
`runtime.Object#Object`.
- The `leader-election-role` was changed, as leader election now works
via the `coordination/v1` API.
Other notable changes:
- `util.ObjectKey` was added to easily construct a `client.ObjectKey` /
`types.NamespacedName` from a `metav1.Object`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This prevents the resource hanging forever if the release does not exist
in the Helm storage because it was either never created, or because it
was already removed by e.g. Kubernetes due to a namespace deletion.
Signed-off-by: Hidde Beydals <hello@hidde.co>
If a resource is marked as suspended we should not perform any
reconciliation action for the resource at all.
This includes updating the status of the resource to a
`Ready==False` state, as this is not an accurate representation of
the resource's state: we have been told to no longer look at it
and with that our last observation freezes in time.
Resource deletions are the sole exception to actions (not) being
performed, as we are duty-bound to remove our finalizer from the
resource to make a deletion succeed.
To make the suspend state still visible to the user, a column has
been added to the Custom Resource Definition which prints the
`.spec.suspend` of every HelmRelease.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Changes the condition type to the one introduced in k8s 1.19, including
the newly introduced helpers in place of the old pkg/apis/meta types.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This is a regression bug fix due to the introduction of the default
values in the source-controller CRDs.
Signed-off-by: Hidde Beydals <hello@hidde.co>
The reason for this is the `EnqueueRequestsFromMapFunc` calling the
enqueuer for _both_ the old and the new object, and we only want to act
on the ones that contain a revision different from the one that we have
recorded in the status object of the `HelmRelease`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This prevents the resources from getting annotated, and instead uses
the `handler.EnqueueRequestsFromMapFunc` to queue requests based on
changes to the source objects.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Stefan Prodan
Somtochi Onyekwere
Kingdon Barrett
Aurel Canciu
Paulo Gomes
Dylan Arbour
Hidde Beydals
Sunny
Zhongcheng Lao
Hidde Beydals
Max Jonas Werner
Will Salt
Alexander Berger
gtracer