fluxcd
/
kustomize-controller
mirror of https://github.com/fluxcd/kustomize-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Release v0.5.0 

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This commit is contained in:
Stefan Prodan 2020-12-11 13:37:58 +02:00
parent b6344b91c5
commit b09af484ec
No known key found for this signature in database
GPG Key ID: 3299AEB0E4085BAF
9 changed files with 167 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CHANGELOG.md
View File

@ -2,7 +2,22 @@
All notable changes to this project are documented in this file.
## 0.4.0 (2020-11-26)
## 0.5.0
**Release date:** 2020-12-11
This is the fifth MINOR prerelease. It comes with support for
overriding container images with `spec.images`.
Improvements:
* Implement container image setters
[#194](https://github.com/fluxcd/notification-controller/pull/194)
* Update kustomize/api to v0.7.0
[#198](https://github.com/fluxcd/notification-controller/pull/198)
## 0.4.0
**Release date:** 2020-11-26
This is the fourth MINOR prerelease. Suspended Kustomizations are
no longer marked as not ready, the status sub-resource is left untouched.
@ -17,7 +32,9 @@ Fixes:
* Requeue after interval on source not found errors
[#182](https://github.com/fluxcd/kustomize-controller/pull/182)
## 0.3.0 (2020-11-20)
## 0.3.0
**Release date:** 2020-11-20
This is the third MINOR prerelease. It introduces two breaking changes:
* the `ServiceAccount` field has been removed and replaced by `ServiceAccountName`;
@ -39,7 +56,9 @@ Fixes:
* Add fsGroup to security context (fix for AWS KMS IAM Role bindings)
[#178](https://github.com/fluxcd/kustomize-controller/pull/178)
## 0.2.2 (2020-11-12)
## 0.2.2
**Release date:** 2020-11-12
This prerelease comes with improvements to status reporting.
The Kustomization dry-run can now be explicitly disabled
@ -53,7 +72,9 @@ Improvements:
* Allow disabling validation
[#168](https://github.com/fluxcd/kustomize-controller/pull/168)
## 0.2.1 (2020-11-04)
## 0.2.1
**Release date:** 2020-11-04
This prerelease comes with improvements to garbage collection.
The Kubernetes packages have been updated to v1.19.
@ -70,7 +91,9 @@ Fixes:
* Omit checksum label if GC is disabled
[#162](https://github.com/fluxcd/kustomize-controller/pull/162)
## 0.2.0 (2020-10-29)
## 0.2.0
**Release date:** 2020-10-29
This is the second MINOR prerelease, it comes with breaking changes:
* the histogram metric `gotk_reconcile_duration` was renamed to `gotk_reconcile_duration_seconds`
@ -90,7 +113,9 @@ Improvements:
* Improve remote cluster documentation
[#148](https://github.com/fluxcd/kustomize-controller/pull/148)
## 0.1.2 (2020-10-16)
## 0.1.2
**Release date:** 2020-10-16
This prerelease comes with support for
[targeting remote clusters](https://github.com/fluxcd/kustomize-controller/blob/main/docs/spec/v1beta1/kustomization.md#cluster-api--remote-clusters)
@ -108,7 +133,9 @@ Fixes:
* Set correct status on failure events
[#145](https://github.com/fluxcd/kustomize-controller/pull/145)
## 0.1.1 (2020-10-13)
## 0.1.1
**Release date:** 2020-10-13
This prerelease comes with Prometheus instrumentation for the controller's resources.
@ -118,7 +145,9 @@ and a histogram with the reconciliation duration in seconds:
* `gotk_reconcile_condition{kind, name, namespace, status, type="Ready"}`
* `gotk_reconcile_duration{kind, name, namespace}`
## 0.1.0 (2020-09-30)
## 0.1.0
**Release date:** 2020-09-30
This is the first MINOR prerelease, it promotes the
`kustomize.toolkit.fluxcd.io` API to `v1beta1`
@ -129,125 +158,167 @@ mechanism. With this release the API becomes more stable, but while in
beta phase there are no guarantees about backwards compatibility
between beta releases.
## 0.0.13 (2020-09-22)
## 0.0.13
**Release date:** 2020-09-22
This prerelease comes with support for S3 bucket sources and
cross-namespace dependencies.
Container images for ARMv7 and ARMv8 are published to
`ghcr.io/fluxcd/kustomize-controller-arm64`.
## 0.0.12 (2020-09-14)
## 0.0.12
**Release date:** 2020-09-14
This prerelease comes with improvements to health assessment.
The health checks leverage the kstatus library to support
custom resources such as HelmReleases that implement the Ready condition.
## 0.0.11 (2020-09-12)
## 0.0.11
**Release date:** 2020-09-12
This prerelease comes with the option to watch for resources
in the runtime namespace of the controller or at cluster level.
## 0.0.10 (2020-09-05)
## 0.0.10
**Release date:** 2020-09-05
This prerelease comes with a bug fix to garbage collection.
## 0.0.9 (2020-09-04)
## 0.0.9
**Release date:** 2020-09-04
This prerelease comes with support for decrypting Kubernetes secrets
with Mozilla SOPS.
Container images for linux/amd64 and linux/arm64 are published to GHCR.
## 0.0.8 (2020-08-18)
## 0.0.8
**Release date:** 2020-08-18
This prerelease upgrades the `github.com/fluxcd/pkg/*` dependencies to
dedicated versioned modules, and makes the `api` package available as
a dedicated versioned module.
## 0.0.7 (2020-07-31)
## 0.0.7
**Release date:** 2020-07-31
This prerelease comes with a breaking change, the CRDs group has been
renamed to `kustomize.toolkit.fluxcd.io`. The dependency on `source-controller`
has been updated to `v0.0.7` to be able to work with `source.toolkit.fluxcd.io`
resources.
## 0.0.6 (2020-07-25)
## 0.0.6
**Release date:** 2020-07-25
This prerelease comes with improvements to the dependency management
and service account impersonation.
## 0.0.5 (2020-07-20)
## 0.0.5
**Release date:** 2020-07-20
This prerelease drops support for Kubernetes <1.16.
The CRDs have been updated to `apiextensions.k8s.io/v1`.
## 0.0.4 (2020-07-16)
## 0.0.4
**Release date:** 2020-07-16
This prerelease comes with improvements to the alerting system
and allows sources to be referenced across namespaces.
The kustomize/api has been updated to v0.5.1.
## 0.0.3 (2020-07-13)
## 0.0.3
**Release date:** 2020-07-13
This prerelease comes with improvements to logging.
The default logging format is JSON and the timestamp format is ISO8601.
Introduce `fluxcd.io/reconcileAt` annotation for on-demand reconciliation
of kustomization objects.
## 0.0.2 (2020-07-02)
## 0.0.2
**Release date:** 2020-07-02
This prerelease comes with improvements to the alerting system.
The reconciliation events can be forwarded to notification controller
and alerting can be configured for Slack, MS Teams, Discord and Rocket chat
using the [notification.fluxcd.io API](https://github.com/fluxcd/notification-controller/tree/main/docs/spec).
## 0.0.1 (2020-06-24)
## 0.0.1
**Release date:** 2020-06-24
This is the first prerelease ready for public testing. To get started
testing, see the [GitOps Toolkit guide](https://toolkit.fluxcd.io/get-started/).
## 0.0.1-beta.2 (2020-06-10)
## 0.0.1-beta.2
**Release date:** 2020-06-10
This beta release allows configuring the number of concurrent reconciles.
Starting with this version, the controller watches for resources
only in the namespace where it's deployed.
## 0.0.1-beta.1 (2020-05-29)
## 0.0.1-beta.1
**Release date:** 2020-05-29
This is the first beta release of kustomize controller.
This release comes with improvements to the reconciliation engine when
dealing with CRDs/CRs. The kustomize/api has been updated to v0.4.1.
## 0.0.1-alpha.9 (2020-05-11)
## 0.0.1-alpha.9
**Release date:** 2020-05-11
This alpha release includes a bug fix for the source event handler
and sets the current context to the default namespace.
## 0.0.1-alpha.8 (2020-05-09)
## 0.0.1-alpha.8
**Release date:** 2020-05-09
This alpha release comes with improvements to health assessment
and [dependency management](https://github.com/fluxcd/kustomize-controller/pull/32).
When a source revision changes, the
Kustomizations are executed based on the depends-on graph.
## 0.0.1-alpha.7 (2020-05-05)
## 0.0.1-alpha.7
**Release date:** 2020-05-05
This alpha release comes with improvements to the garbage collector.
The new GC doesn't require label selectors to be set in the kustomization
and can prune resources safely without hitting Kubernetes API rate limits.
## 0.0.1-alpha.6 (2020-05-03)
## 0.0.1-alpha.6
**Release date:** 2020-05-03
This alpha release comes with
[role-based access control](https://github.com/fluxcd/kustomize-controller/blob/v0.0.1-alpha.6/docs/spec/v1alpha1/kustomization.md#role-based-access-control)
for restricting the execution of a kustomization apply to a specific service account.
## 0.0.1-alpha.5 (2020-04-27)
## 0.0.1-alpha.5
**Release date:** 2020-04-27
This alpha release introduces an [intermediate state](https://github.com/fluxcd/kustomize-controller/pull/21)
to the status ready condition to signal that a reconciliation is underway.
This allows waiting for an on-demand sync to complete.
## 0.0.1-alpha.4 (2020-04-24)
## 0.0.1-alpha.4
**Release date:** 2020-04-24
This alpha release introduces a new status field for recording the
[last applied source revision](https://github.com/fluxcd/kustomize-controller/blob/v0.0.1-alpha.4/docs/spec/v1alpha1/kustomization.md#status).
@ -255,7 +326,9 @@ This alpha release introduces a new status field for recording the
Feature comparison with Flux has been added to
[docs/spec](https://github.com/fluxcd/kustomize-controller/blob/v0.0.1-alpha.4/docs/spec/README.md#backward-compatibility).
## 0.0.1-alpha.3 (2020-04-23)
## 0.0.1-alpha.3
**Release date:** 2020-04-23
This alpha release introduces the option to tell the controller to
[automatically generate](https://github.com/fluxcd/kustomize-controller/blob/v0.0.1-alpha.3/docs/spec/v1alpha1/kustomization.md#generate-kustomizationyaml)
@ -264,7 +337,9 @@ the `kustomization.yaml` for repositories that contain plain Kubernetes manifest
The controller design and motivation can be found at
[docs/spec](https://github.com/fluxcd/kustomize-controller/tree/v0.0.1-alpha.3/docs/spec).
## 0.0.1-alpha.2 (2020-04-21)
## 0.0.1-alpha.2
**Release date:** 2020-04-21
This alpha release introduces the
[Profile CRD](https://github.com/fluxcd/kustomize-controller/blob/main/docs/spec/v1alpha1/profile.md)
@ -274,7 +349,9 @@ objects and defining a common behavior for them.
The v1alpha1 profiles can be used for
[configuring Slack and Discord alerting](https://github.com/fluxcd/kustomize-controller/tree/v0.0.1-alpha.2#configure-alerting).
## 0.0.1-alpha.1 (2020-04-20)
## 0.0.1-alpha.1
**Release date:** 2020-04-20
This is the first alpha release of kustomize controller.
The controller is an implementation of the

15
CONTRIBUTING.md
View File

@ -12,9 +12,18 @@ code.
By contributing to this project you agree to the Developer Certificate of
Origin (DCO). This document was created by the Linux Kernel community and is a
simple statement that you, as a contributor, have the legal right to make the
contribution. No action from you is required, but it's a good idea to see the
[DCO](DCO) file for details before you start contributing code to Kustomize
Controller.
contribution.
We require all commits to be signed. By signing off with your signature, you
certify that you wrote the patch or otherwise have the right to contribute the
material by the rules of the [DCO](DCO):
`Signed-off-by: Jane Doe <jane.doe@example.com>`
The signature must contain your real name
(sorry, no pseudonyms or anonymous contributions)
If your `user.name` and `user.email` are configured in your Git config,
you can sign your commit automatically with `git commit -s`.
## Communications

6
api/v1beta1/kustomization_types.go
View File

@ -67,7 +67,7 @@ type KustomizationSpec struct {
// +optional
HealthChecks []CrossNamespaceObjectReference `json:"healthChecks,omitempty"`
// A list of images that is used for changing the image name/tag in the kustomization yaml.
// A list of images used to override or set the name and tag for container images.
// +optional
Images []Image `json:"images,omitempty"`
@ -117,7 +117,7 @@ type Decryption struct {
SecretRef *corev1.LocalObjectReference `json:"secretRef,omitempty"`
}
// Image contains the name, new name and new tag that will replace the original image.
// Image contains the name, new name and new tag that will replace the original container image.
type Image struct {
// Name of the image to be replaced.
// +required
@ -127,7 +127,7 @@ type Image struct {
// +required
NewName string `json:"newName"`
// NewTag is the tag used to replace the original tag.
// NewTag is the image tag used to replace the original tag.
// +required
NewTag string `json:"newTag"`
}

8
config/crd/bases/kustomize.toolkit.fluxcd.io_kustomizations.yaml
View File

@ -111,11 +111,11 @@ spec:
type: object
type: array
images:
description: A list of images that is used for changing the image
name/tag in the kustomization yaml.
description: A list of images used to override or set the name and
tag for container images.
items:
description: Image contains the name, new name and new tag that
will replace the original image.
will replace the original container image.
properties:
name:
description: Name of the image to be replaced.
@ -125,7 +125,7 @@ spec:
the original one.
type: string
newTag:
description: NewTag is the tag used to replace the original
description: NewTag is the image tag used to replace the original
tag.
type: string
required:

2
config/manager/kustomization.yaml
View File

@ -5,4 +5,4 @@ resources:
images:
- name: fluxcd/kustomize-controller
newName: fluxcd/kustomize-controller
newTag: v0.4.0
newTag: v0.5.0

8
docs/api/kustomize.md
View File

@ -173,7 +173,7 @@ bool
</td>
<td>
<em>(Optional)</em>
<p>A list of images that is used for changing the image name/tag in the kustomization yaml.</p>
<p>A list of images used to override or set the name and tag for container images.</p>
</td>
</tr>
<tr>
@ -463,7 +463,7 @@ Kubernetes core/v1.LocalObjectReference
(<em>Appears on:</em>
<a href="#kustomize.toolkit.fluxcd.io/v1beta1.KustomizationSpec">KustomizationSpec</a>)
</p>
<p>Image contains the name, new name and new tag that will replace the original image.</p>
<p>Image contains the name, new name and new tag that will replace the original container image.</p>
<div class="md-typeset__scrollwrap">
<div class="md-typeset__table">
<table>
@ -504,7 +504,7 @@ string
</em>
</td>
<td>
<p>NewTag is the tag used to replace the original tag.</p>
<p>NewTag is the image tag used to replace the original tag.</p>
</td>
</tr>
</tbody>
@ -674,7 +674,7 @@ bool
</td>
<td>
<em>(Optional)</em>
<p>A list of images that is used for changing the image name/tag in the kustomization yaml.</p>
<p>A list of images used to override or set the name and tag for container images.</p>
</td>
</tr>
<tr>

1
docs/spec/v1beta1/README.md
View File

@ -13,6 +13,7 @@ of Kubernetes objects generated with Kustomize.
+ [Health assessment](kustomization.md#health-assessment)
+ [Kustomization dependencies](kustomization.md#kustomization-dependencies)
+ [Role-based access control](kustomization.md#role-based-access-control)
+ [Override kustomize config](kustomization.md#override-kustomize-config)
+ [Targeting remote clusters](kustomization.md#remote-clusters--cluster-api)
+ [Secrets decryption](kustomization.md#secrets-decryption)
+ [Status](kustomization.md#status)

39
docs/spec/v1beta1/kustomization.md
View File

@ -30,7 +30,7 @@ type KustomizationSpec struct {
// +optional
KubeConfig *KubeConfig `json:"kubeConfig,omitempty"`
// Path to the directory containing the kustomization file.
// Path to the directory containing the kustomization.yaml file.
// +kubebuilder:validation:Pattern="^\\./"
// +required
Path string `json:"path"`
@ -43,9 +43,9 @@ type KustomizationSpec struct {
// +optional
HealthChecks []CrossNamespaceObjectReference `json:"healthChecks,omitempty"`
// A list of images that is used for changing the image name/tag in the kustomization yaml.
// +optional
Images []Image `json:"images,omitempty"`
// A list of images used to override or set the name and tag for container images.
// +optional
Images []Image `json:"images,omitempty"`
// The name of the Kubernetes service account to impersonate
// when reconciling this Kustomization.
@ -112,7 +112,7 @@ type KubeConfig struct {
}
```
The image type contains the name, new name and new tag that will replace the original image.
Image contains the name, new name and new tag that will replace the original container image:
```go
type Image struct {
@ -120,11 +120,11 @@ type Image struct {
// +required
Name string `json:"name"`
// NewName is the name of the image used to replace the original one.
// NewName is the name of the image used to replace the original one.
// +required
NewName string `json:"newName"`
// NewTag is the tag used to replace the original tag.
// NewTag is the image tag used to replace the original tag.
// +required
NewTag string `json:"newTag"`
}
@ -525,6 +525,31 @@ account. If the Kustomization contains cluster level objects like CRDs or object
namespace, the reconciliation will fail since the account it runs under has no permissions to alter objects
outside of the `webapp` namespace.
## Override kustomize config
You can override the namespace of all the Kubernetes objects reconciled
by a `Kustomization` with `spec.targetNamespace`, and you can
override container images using `spec.images`:
```yaml
apiVersion: kustomize.toolkit.fluxcd.io/v1beta1
kind: Kustomization
metadata:
name: podinfo
namespace: flux-system
spec:
interval: 5m
path: "./kustomize"
sourceRef:
kind: GitRepository
name: podinfo
tagetNamespace: test
images:
- name: ghcr.io/stefanprodan/podinfo
newName: ghcr.io/stefanprodan/podinfo
newTag: 5.0.0
```
## Remote Clusters / Cluster-API
If the `kubeConfig` field is set, objects will be applied, health-checked, pruned, and deleted for the default

2
go.mod
View File

@ -5,7 +5,7 @@ go 1.15
replace github.com/fluxcd/kustomize-controller/api => ./api
require (
github.com/fluxcd/kustomize-controller/api v0.4.0
github.com/fluxcd/kustomize-controller/api v0.5.0
github.com/fluxcd/pkg/apis/meta v0.5.0
github.com/fluxcd/pkg/runtime v0.4.0
github.com/fluxcd/pkg/testserver v0.0.2