This change adds a new field called `disableTakeOwnership` to `.spec.install` and `.spec.upgrade`. The flag allows users to disable ignoring helm annotations and labels before taking ownership of existing resources during install and upgrade.
Signed-off-by: Kumar Mallikarjuna <kumarmallikarjuna.work@gmail.com>
This commit add the oci artifact digest into the release observed
snapshot. This is used to later to add that value as an annotation.
Signed-off-by: Soule BA <bah.soule@gmail.com>
This makes the controller actually take the
`reconcile.fluxcd.io/forceAt` and `reconcile.fluxcd.io/resetAt` into
account.
For `reconcile.fluxcd.io/resetAt`, this means that the failure counts on
the `HelmRelease` object are reset when the token value of the
annotation equals `reconcile.fluxcd.io/requestedAt`. Allowing the
controller to start over with attempting to install or upgrade the
release until the retries count has been reached again.
For `reconcile.fluxcd.io/forceAt`, this means that a one-off Helm
install or upgrade is allowed to take place even if the object is out of
retries, in a failed state where it should be remediated, or in-sync.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This ensures that the metadata labels and annotations Helm adds during
the creation of resources are included while diffing them.
As they are not part of the manifest but should be restored in case
they are e.g. removed or modified.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This changes the cluster drift correction behavior from performing a
Helm upgrade to performing create and patch API requests based on the
JSON Patch data.
Doing this is much lighter than performing a full release cycle, and
deals with the issue of Helm being unable to restore state of Custom
Resources without the `--force` flag being set. Which has unwanted
side-effects like forcing objects through a deletion/creation cycle.
After a drift correction attempt a Kubernetes Event is emitted, which
contains a summary of the created and patched resources, and a
collection of any (potential) errors.
As the goal is to restore state as best as we can, the drift correction
will be re-attempted until all resources have been restored to the
desired state.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
These functions are no longer in use by the actual code base, while the
same outcome can be achieved by using `LastRelease` in combination with
`VerifyReleaseObject`.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
The `Diff` action can be used to detect changes between the manifest
from a Helm release and the current cluster state.
Compared to the previous diff functionality, it allows for ignoring
specific fields in a resource using the newly introduced ignore rules
in the API.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This decouples the state determination from deciding which action to
take, making it easier to reason about the different types of state
and what action should be taken to drive it forward.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
We actually only care about the chart name or version changing, as we
assume proper (immutable) versioning by the publisher of the chart
(either the user, or the source-controller).
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This ensures the logs of the Kubernetes client used by Helm are
persisted to the log buffer, as they can contain important information
when an action times out.
In addition, move the logs from the Helm actions themselves to the
"debug" log level (while still including them in Kubernetes Events in
case of a failure), in favor of the logs produced by the `reconcile`
package itself. While moving the logs from the Helm storage to the
"trace" log level, as they only contain information about e.g. writes
to a Secret.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
The primary reason for this is the alphabetical ordering of `kubectl
describe`, which caused the fields to be listed in separate places
instead of a bundle.
From a programmatic perspective, it is also great because it is now much
easier to reset any previous state when e.g. uninstalling a release. As
we can simply write an empty struct to erase any memory of a previous
release, instead of having to deal with multiple fields.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This adds the base wiring to get the controller to work with the
v2beta2 API and the newly introduced packages in `internal/`.
In essence, this means that from now on the controller will utilize all
new code for the reconciliation of the HelmRelease resource.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- Use `Unknown` status for the `TestSuccess` condition when tests
have not been run yet.
- Update Ready summarization logic to incorportate conditions with an
Unknown status. Within the context of readiness, this always caises
Ready=False when the condition is included in the summarization.
- Variety of tiny fixes.
- Tiny nits in test mocks to prevent confusion.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This provides more context to individual log entries (and the duration
between individual log lines) while e.g. printing them in an event.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit adds an atomic release reconciler, capable of stepping
through a series of Helm actions. In addition, it adds the last bits
around eventing and summarizing the end state of the Condition types
into e.g. a Ready condition.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This solves the issue where a release name composed out of e.g.
the target namespace and name of the HelmRelease itself would exceed
the >=53 character length. By calculating the SHA256 checksum of the
release name, taking the first 12 characters of this checksum and
appending it to the release named trimmed to 40 characters separated
by a hyphen (`<long-release-name>-abcdef12345678`).
Signed-off-by: Hidde Beydals <hello@hidde.co>
This gives more fine-grain control over what release must be targeted,
as we do not always want to rely on the current spec but rather on e.g.
a release we have made ourselves with a previous configuration for
garbage collection purposes.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This allows for requesting the count of non-empty values in the ring
buffer, and thus the number of log lines.
Signed-off-by: Hidde Beydals <hello@hidde.co>
- Change the map with Helm release test hooks to a pointer map. This
allows (in combination with the constrains around JSON serialization)
to distinguish a release _without_ a test run from a release _with_
test run but no tests (an empty map).
- Add `GetTestHooks` and `SetTestHooks` methods to help circumvent some
of the common problems around working with a pointer map in Go (e.g.
not being capable of iterating over it using range).
- Add `HasBeenTested` and `HasTestInPhase` methods to help make
observations on captured release information.
- Add `StorageNamespace` to Status to allow for observations of
configuration changes which are mutating compared to the spec.
- Add `GetActiveRemediation` helper method to get the active
remediation strategy based on the presence of Current and/or Previous
release observations in the Status of the object.
- Add `ReleaseTargetChanged` helper method to determine if an immutable
release target changed has occurred, in which case e.g. garbage
collection needs to happen before performing any other action.
- Add `GetCurrent`, `HasCurrent`, `GetPrevious` and `HasPrevious`
helper methods to ease access to their values nested in the Status.
- Add `FullReleaseName` and `VersionedChartName` helper methods to e.g.
allow printing full name references in Condition and Event messages
which can be placed in a point in time based on metadata more
familiar to a user than for example the observed generation.
- Change `GetFailureCount` and `RetriesExhausted` signatures of
`Remediation` interface to take a pointer. This eases use of the API,
as generally speaking a (Kubernetes) API object is a pointer.
- Move methods from `HelmReleaseSpec` to `HelmRelease`, this is easier
to access and matches `GetConditions`, etc.
- Remove `DeploymentAction` interface and `GetDescription` from
`Remediation` interface as this is no longer of value.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This to allow the Flux CLI to e.g. enable the dry-run flag on an action
outside of the HelmRelease spec, and inject other (user input based)
modifications.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This provides a rough (but not flawless) outline for determining the
sub-reconciler which should run based on the state of the `HelmRelease`
API object, and the Helm storage.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit introduces an `action` package which allows the consumer to
run Helm actions using the instructions from a `HelmRelease` v2beta2
API object.
The actions do not determine if there is a desire be run, nor do they
record state on the object. This can however be injected by the caller
using the simplified observing Helm storage driver, which now iterates
over a list of callback functions after persisting an object instead
of keeping state.
This separation of concerns would allow e.g. the Flux CLI later on
to run actions (but with a dry-run flag or different storage
configuration) using the object in the same manner as the controller.
Some minor changes have been made to the `postrender` and `runner`
package to allow the code to co-exist while we are inbetween API
versions.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Stevo Slavic
Matheus Pimenta
Kumar Mallikarjuna
Stefan Prodan
Soule BA
Hidde Beydals
Hidde Beydals
Jiri Tyr