- github.com/fluxcd/pkg/apis/kustomize to v0.3.2
- k8s.io/apiextensions-apiserver to v0.23.4
- k8s.io/apimachinery to v0.23.4
Kubernetes dependencies have been updated to `v0.23.4` due to
(apparent) release issues with `v0.23.5`, leaving some of the
submodules unpublished (for at least `k8s.io/apiextensions-apiserver`).
Ref: https://github.com/kubernetes/kubernetes/issues/108763
Signed-off-by: Hidde Beydals <hello@hidde.co>
This includes an update of the source-controller to v0.22.0, to pull in
the v1beta2 API which makes use of the same packages.
Co-authored-by: Sunny <darkowlzz@protonmail.com>
Signed-off-by: Hidde Beydals <hello@hidde.co>
Introduce an annotation that configures kustomize-controller to co-manage objects applied with kubectl.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Status content could be very long compare to other fields. Moving it to
the end helps improve the visibility of other fields.
Signed-off-by: Sunny <darkowlzz@protonmail.com>
In a Kustomization's post-build substitution sources, introduce a new
"Optional" field to allow referencing a Kubernetes ConfigMap or Secret
that may not exist at time of reconciliation. Treat substitution when
the referenced object is missing as if the object had been present but
empty, lacking any variable bindings.
Retain the longstanding behavior of interpreting references to
Kubernetes objects being mandatory by default, such that
reconciliation fails if such a referenced object does not exist. Only
when the "Optional" field is set to true will reconciliation tolerate
finding the referenced object to be missing.
Signed-off-by: Steven E. Harris <seh@panix.com>
Introduce the flag `--no-cross-namespace-refs` (defaults to false) for allowing cluster admins to disable cross-namespace references to sources.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
- Add `.spec.wait` optional boolean field to API
- Wait for all applied resources to become ready when `.spec.wait` is set to `true`
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Set the healthiness status to progressing and specify the health check timeout in the condition message.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Changes from v1beta1:
- `spec.validation` removed (server-side validation is implicit)
- `spec.status.snapshot` replaced by `spec.status.inventory`
- `spec.patchesStrategicMerge` deprecated in favour of `spec.patches`
- `spec.patchesJson6902` deprecated in favour of `spec.patches`
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
This is a follow-up to
https://github.com/fluxcd/helm-controller/pull/294, porting the same
code to the kustomize-controller so that all Flux 2 controllers work
the same way in this regard.
Signed-off-by: Max Jonas Werner <mail@makk.es>
Previously, the function iterated until the length limit was hit, which
is relatively slow and increases with the length of the limit. The new
implementation is easier to reason about and operates in constant time,
leading to better performance.
Signed-off-by: James Alseth <james@jalseth.me>
Allow patching multiple resources instead of a single existing one as
StrategicMerge & JSON6902 are forced to target existing named resources.
Signed-off-by: Guillaume Le Biller <glebiller@Traveldoo.com>
- Bump controller-runtime to v0.9.0
- Bump controller-gen to v0.5.0
- Use Environment.AddUser to generate the envtest cluster admin kubeconfig
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Allow passing --force to kubectl apply. Useful when dealing with
immutable field changes in resources.
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
- record the last health assessment result in a dedicated status condition
- use the condition status when issuing events to prevent notifications spam
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
The spec.retryInterval is the interval at which to retry a previously failed reconciliation.
When not specified, it defaults to the spec.interval value.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
To include a bug fix to the `ReconcilateAtChangedPredicate`
and renaming to `ReconcileRequestedPredicate`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
As due to secure joins, the requirement on both providing a path
and/or requiring it to be in a certain format offers little value
over the UX experience of not having to provide it when you just
want to reconcile whatever can be found in the root of the source
reference.
Signed-off-by: Hidde Beydals <hello@hidde.co>
- filter kubectl apply output and extract errors
- limit apply output to 20K charts (avoid reaching max etcd size)
- log kubectl exit code when the process is killed
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
- `github.com/fluxcd/pkg/apis/meta` to `v0.5.0`
- `github.com/fluxcd/pkg/runtime` to `v0.4.0`
- `github.com/fluxcd/source-controller/api` to `v0.5.1`
- `k8s.io/{api,apiextensions-apiserver,apimachinery,cli-runtime,client-go}` to `v0.19.4`
- `sigs.k8s.io/controller-runtime` to `v0.6.4`
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Drop the ServiceAccount field in favour of ServiceAccountName to prevent privilege escalation in multi-tenancy environments.
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
Updates to use metav1.Condition type and removes references for
deprecated corev1.Condition* constants and uses the new k8s api/meta
helpers in place of the old pkg/apis/meta types.
Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
- use reconciliation instead of apply for condition reasons
- add the reconciliation errors to the condition message
- trim the condition message to 4000 characters
- update the API docs and readme with the new condition reasons
The reconcileAt annotation and the predicate that recognises it are
now in fluxcd/pkg/runtime. This removes (near) duplicate definitions
in favour of using those.
Due to required domain changes for the helm-controller so that it
can co-exist in a cluster with the Helm Operator, other Toolkit
components are moving to a *.toolklit.fluxcd.io domain too.
Hidde Beydals
Stefan Prodan
Sunny
Steven E. Harris
Aurel Canciu
Max Jonas Werner
James Alseth
Guillaume Le Biller
Somtochi Onyekwere
Michael Bridgen
leigh capili
Philip Laine