This allows a specific object from a release manifest to be excluded
from drift detection by labeling or annotating it with:
`helm.toolkit.fluxcd.io/diff: disabled`.
Using a Kustomize post renderer definition in a HelmRelease, this can
be used to ignore any object from an arbitrary chart.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This enables experimental drift detection of cluster state compared to
the current manifest data from the Helm storage's manifest blob.
Drift detection works based on the already proven approach of the
kustomize-controller's SSA package, and utilizes the managed field
configured by the controller since `v0.12.2`.
This feature is planned to go out of experimental once the further
controller rewrite has been finished, and the state of the Helm storage
itself is more fault tolerant.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This is backwards compatible, as it only changes the type without the
further requirements around the YAML declaration.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- github.com/fluxcd/pkg/apis/event to v0.4.0
- github.com/fluxcd/pkg/runtime to v0.29.0
- helm.sh/helm/v3 to v3.11.1
- k8s.io/utils to v0.0.0-20230209194617-a36077c30491
- github.com/containerd/containerd to v1.6.18
Signed-off-by: Hidde Beydals <hello@hidde.co>
- sigs.k8s.io/controller-runtime to v0.14.4
- Unpin golang.org/x/text from v0.4.0 to allow update to v0.5.0
Signed-off-by: Hidde Beydals <hello@hidde.co>
This updates all the comparisons to make use of `HasRevision` which
supports the RFC-0005 and legacy revision formats.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This allows the applied CRDs to be traced using the same labels as
currently applied to resources using a Kustomize post-render.
Kustomize is not used here as the apply logic for CRDs is different
from the approach used during releasing, where we inject the labels
in such a way that they are written back to the Helm storage in the
rendered manifest. This to match Helm's logic from which our present
code is already derived (buth with support for policies).
This also moves the full responsibility of dealing with the install
of CRDs to ourselves, as we no longer fall back to Helm's logic when
`Create` is configured as a policy during a Helm install. As this
would not allow us to add the labels.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Setting the default value for the graceful-shutdown-timeout flag to
match the default terminationGracePeriodSeconds value we set for the
controller pod container.
It seems the controller-runtime does not support passing -1 as a value
to skip the timeout as documented here:
https://github.com/kubernetes-sigs/controller-runtime/blob/v0.13.1/pkg/manager/manager.go#L286
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
You can re-enabled caching of secrets by starting the
controller with the argument '--feature-gates=CacheSecretsAndConfigMaps=true'
Signed-off-by: Mac Chaffee <machaffe@renci.org>
Hidde Beydals