This configures a logger on the archive fetcher, to make HTTP errors
surface faster when it fails to retrieve the artifact of a source.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Setup new flag to allow overriding additional managers and pass this data to the KustomizationReconciler instance
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Update field name to be more specific
Co-authored-by: Stefan Prodan <stefan.prodan@gmail.com>
Signed-off-by: Luke Mallon <luke@mallon.ie>
Update the remaining fieldManagers vars to match the new definition
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Change AdditionalFieldManagers to DisallowedFieldManagers
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Add unit test to cover the new disallowed field manager change
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Use correct variable in the final Run
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Undo the timeout multiplication
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Update internal/controller/kustomization_disallowed_managers_test.go
Co-authored-by: Stefan Prodan <stefan.prodan@gmail.com>
Signed-off-by: Luke Mallon <luke@mallon.ie>
Check for we're not getting errors on the Patch calls and remove the eventually as not needed here
Signed-off-by: Luke Mallon (Nalum) <luke@mallon.ie>
Update main.go
Co-authored-by: Stefan Prodan <stefan.prodan@gmail.com>
Signed-off-by: Luke Mallon <luke@mallon.ie>
- Update ``sigs.k8s.io/kustomize` to v5.2.1
- Update `k8s.io` packages to v0.28.4
- Update `sigs.k8s.io/controller-runtime` to v0.16.3 and adapt to breaking changes
- Switch from `sigs.k8s.io/cli-utils` to `github.com/fluxcd/cli-utils`
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
The status poller cache fills the all the available memory
when reconciliation hundreds of resources in a single namespace.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
The forked implementation did not have OpenPGP anymore, as it never
really worked. However, the upstream version still does but now allows
it to be disabled.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Artifact not found errors (HTTP 404) are requeue using the dependency interval, while for a nil Artifact, the interval used for retry was set to the apply retry one.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
As the forked code has been contributed upstream in a modified format.
We continue to inject our own default credentials in the key server if
none are provided by the Kustomization, to ensure we do not shell out
to `az`.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This updates `go.mozilla.org/sops/v3` to the `v3.8.0-rc.1` release of
`github.com/getsops/sops/v3`.
This (finally) allows us to drop our forked key sources, as they have
now been contributed upstream in a slightly modified form which still
allows us to maintain control over the used credentials in isolation.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This flag can be used to set the number of concurrent server-side apply operations.
Defaults to 4 concurrent operations per reconciliation.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
The metrics helper now accepts owned finalizers to determine if an
object is no longer managed by the controller and is being deleted, and
deletes the metrics associated with the object.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
Add a `--interval-jitter-percentage` flag to the controller to
add a +/- percentage jitter to the `Kustomization.spec.interval`.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Fail the health check as soon as a resource becomes stalled
without waiting for the timeout to expire.
This behavior can be disabled using the `DisableFailFastBehavior` feature flag.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
In Reconcile() method, move the object deletion above add finalizer.
Finalizers can't be set when an object is being deleted.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
Kustomize controller uses the namespace of the kustomization resource
if the sourceRef is empty. However, this policy doesn't applied to
dependencies. This can be problematic if the same named `Sources`
without explicit namespace is in different namespace.
This commit fixes this issue by using kustomization's namespace when
checking dependencies if the namespace in sourceRef is empty.
Signed-off-by: Sunghoon Kang <me@hoon.dev>
Changes made due to breaking changes in controller-runtime:
* `Watches` accepts a plain `client.Object` instead of a `source.Kind`
object.
* Some fields in `controller.Options` are now in `config.Controller` which
is embedded in `controller.Options`.
* `handler.MapFunc` now accepts a context.
* `ctrlcache.Options` uses `ByObject` instead of `SelectorByObject`.
Signed-off-by: Sanskar Jaiswal <jaiswalsanskar078@gmail.com>
At the moment, the envCred logic can't actually set the Azure credentials.
This commit fixes the logic so that the environment variables can
actually be used to set the Azure credentials.
There are other issues that come up from this block of code, but those
can be dealt with separately.
Signed-off-by: Aaron Peschel <aaron.peschel@gmail.com>
Stefan Prodan
Hidde Beydals
Luke Mallon (Nalum)
Sunny
Sunghoon Kang
Sanskar Jaiswal
Aaron Peschel
Somtochi Onyekwere