fluxcd
/
kustomize-controller
mirror of https://github.com/fluxcd/kustomize-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
544 Commits 18 Branches 232 Tags 8.7 MiB
Commit Graph

125 Commits

Author SHA1 Message Date
Christian Hernvall d0f2dc6e4a
Support impersonation for validation 
Signed-off-by: Christian Hernvall <c.hernvall@yubico.com>
 2021-01-29 14:56:45 +01:00
Stefan Prodan 100d362ce7
Fix reconciliation retry scheduler 
Log the reconciliation error instead of returning it, so that controller-runtime doesn't requeue immediately. Reconciliation failures should be scheduled at the specified retry interval.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-25 13:17:38 +02:00
Stefan Prodan dfba88ccc1
Requeue a failed reconciliation based on retry interval 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-22 15:50:45 +02:00
Stefan Prodan 085588b632
Disable kyaml 
Workaround for upstream bug: https://github.com/kubernetes-sigs/kustomize/issues/3446

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-18 14:14:23 +02:00
Stefan Prodan 7859a639ed
Update kustomize/api to v0.7.2 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-17 22:00:51 +02:00
Hidde Beydals c6353b4afd Upgrade runtime package to v0.6.2 
To include a bug fix to the `ReconcilateAtChangedPredicate`
and renaming to `ReconcileRequestedPredicate`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2021-01-14 12:34:10 +01:00
Stefan Prodan 5a0e5abd9a
Setup impersonation for GC and health checks 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-04 11:51:04 +02:00
Stefan Prodan 696f91d380
Refactor impersonation 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-04 11:50:59 +02:00
Stefan Prodan f14cd2323c
Upgrade controller-runtime to v0.7.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2021-01-04 11:50:58 +02:00
Hidehito Yabuuchi 8b132d18be Emit healthcheck event when Kustomization was not ready 
Signed-off-by: Hidehito Yabuuchi <hdht.ybuc@gmail.com>
 2020-12-17 17:50:05 +09:00
Stefan Prodan 8be1e169d2
Merge pull request #210 from fluxcd/gc-prune 
Refactor garbage collection
 2020-12-16 16:29:37 +02:00
Hidde Beydals d7a0deac97 Write KubeConfig to tmp file in working dir 
Instead of using the name of the secret, as this can cause unexpected
collisions in edge case scenarios.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-16 12:59:19 +01:00
Hidde Beydals 6a4bf74cf3 Add safe guards for relative paths 
This commit ensures that relative (user configurable) paths never
traverse outside their working directory.

It does _not_ provide protection against path traversal within
`kustomization.yaml` files.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-12-16 12:44:13 +01:00
Stefan Prodan 59845b0891
Refactor garbage collection 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-12-16 13:09:30 +02:00
Stefan Prodan d65ea71699
Refactor apply error reporting 
- filter kubectl apply output and extract errors
- limit apply output to 20K charts (avoid reaching max etcd size)
- log kubectl exit code when the process is killed

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-12-14 17:34:55 +02:00
Sylvain Rabot 3f34e450ec
Set --field-manager when applying 
Signed-off-by: Sylvain Rabot <s.rabot@lectra.com>
 2020-11-26 13:32:26 +01:00
Stefan Prodan 5a9e122e77
Set progressing after source readiness check 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-26 09:29:34 +02:00
Stefan Prodan 2312d69a51
Do not mark suspended resource as not ready 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-26 09:00:52 +02:00
Stefan Prodan 73546e92d2
Requeue after interval on source not found errors 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-24 11:35:47 +02:00
Stefan Prodan 0c9170241f
Use ServiceAccountName for impersonation 
Drop the ServiceAccount field in favour of ServiceAccountName to prevent privilege escalation in multi-tenancy environments.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-20 10:58:24 +02:00
Aurel Canciu ac6cc88e29
Refactor to adopt k8s standardized Condition type 
Updates to use metav1.Condition type and removes references for
deprecated corev1.Condition* constants and uses the new k8s api/meta
helpers in place of the old pkg/apis/meta types.

Signed-off-by: Aurel Canciu <aurelcanciu@gmail.com>
 2020-11-19 19:49:04 +02:00
Hidde Beydals c53e5eeab2 Use DeletionTimestamp for prune and readiness 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-11-19 12:23:48 +01:00
Stefan Prodan 5aded37954
Patch status sub-resource 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-12 13:04:16 +02:00
Stefan Prodan 2ba6252d76
Allow disabling validation 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-12 12:18:04 +02:00
Stefan Prodan 8ec066bf37
Use latest generation when updating final status 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-04 13:04:01 +02:00
Stefan Prodan 46f828ff43
Omit checksum label if GC is disabled 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-11-03 15:22:25 +02:00
Hidde Beydals 26db48b9f0 Compare artifact <> Kustomizations in enqueuers 
The reason for this is the `EnqueueRequestsFromMapFunc` calling the
enqueuer for _both_ the old and the new object, and we only want to act
on the ones that contain a revision different from the one that we have
recorded in the status object of the `Kustomization`.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-28 22:36:34 +01:00
Hidde Beydals 752b6b6bf1 Bundle revision change predicates into one 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-28 21:56:44 +01:00
Hidde Beydals 824af43beb Add Kustomization finalizers permissions 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-28 13:31:08 +01:00
Hidde Beydals 6bd8971cec Re-add status GET permissions 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-28 13:21:53 +01:00
Hidde Beydals e8d2c31b40 Log reconciliation requests by watcher 
Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-28 13:11:17 +01:00
Stefan Prodan dde74d9ea5
Change copyright to Flux authors 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-27 18:49:02 +02:00
Hidde Beydals 2b861622b1 Move dedicated watchers to in-controller watches 
This prevents the resources from getting annotated, and instead uses
the `handler.EnqueueRequestsFromMapFunc` to queue requests based on
changes to the source objects.

Signed-off-by: Hidde Beydals <hello@hidde.co>
 2020-10-27 13:05:34 +01:00
Stefan Prodan 8bb4f4c80b
Merge pull request #151 from ordovicia/supress-healthchecks-when-no-changes 
Suppress health check events when no changes made
 2020-10-22 14:54:43 +03:00
Michael Bridgen e78726f97c Factor out requestReconciliation 
There were two of these methods, identical aside from the receiver --
and the requirement on the receiver was just that it was a client that
knows the Kustomization type.
 2020-10-22 11:37:13 +01:00
Hidehito Yabuuchi 5ed7463552 Suppress health check events regardless of dependencies 
Because if a dependency is failing, the reconciliation will never get to
the health check part.
 2020-10-21 19:28:44 +09:00
Hidehito Yabuuchi 4df55dde11 Suppress health check events when no changes made 2020-10-21 19:05:04 +09:00
Hidde Beydals 3315e66586 Switch to controller-runtime utils for finalizers 2020-10-21 11:15:30 +02:00
leigh capili 7a1c06571a Implement non-caching, per-kustomization GC-client/statusPoller for cross-cluster kubeconfigs 2020-10-15 09:44:44 -06:00
Stefan Prodan 7ec444545b
Merge pull request #145 from fluxcd/fix-error-event 
Set correct status on failure events
 2020-10-15 16:29:52 +03:00
Stefan Prodan 826051ac54
Set correct status on failure events 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-15 16:12:58 +03:00
Stefan Prodan 4fc1466443
Fix status reporting when the source is not found 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-15 10:12:06 +03:00
Stefan Prodan d4cef2f046
Use events and metrics from fluxcd/pkg/runtime 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-13 12:37:45 +03:00
Stefan Prodan deb902a13f
Record reconcile duration as Prometheus histogram 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-13 09:50:00 +03:00
Stefan Prodan a82352e892
Make the condition metric exporter generic 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-13 08:42:04 +03:00
Stefan Prodan b2d19e469f
Set ready metric to unknown when condition is missing 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-09 18:53:49 +03:00
Stefan Prodan ef360ebc3e
Add metrics recorder test 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-09 18:47:59 +03:00
Stefan Prodan 6223abdd06
Record the ready status as Prometheus metric 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2020-10-09 16:27:43 +03:00
stefanprodan 50104826ae Promote API to v1beta1 2020-09-30 19:10:27 +03:00
stefanprodan 7b8fef2984 Implement `fluxcd/pkg/meta/api` in APIs 2020-09-30 14:01:17 +03:00