df062f56c2
Take the following approach: On a fresh install, all bootstrap configuration objects will have auto update enabled via the following annotation : `apf.kubernetes.io/autoupdate: 'true'` The kube-apiserver periodically checks the bootstrap configuration objects on the cluster and applies update if necessary. We enforce an 'always auto-update' policy for the mandatory configuration object(s). We update the suggested configuration objects when: - auto update is enabled (`apf.kubernetes.io/autoupdate: 'true'`) or - auto update annotation key is missing but `generation` is `1` If the configuration object is missing the annotation key, we add it appropriately: it is set to `true` if `generation` is `1`, `false` otherwise. The above approach ensures that we don't squash changes made by an operator. Please note, we can't protect the changes made by the operator in the following scenario: - the user changes the spec and then deletes and recreates the same object. (generation resets to 1) remove using a marker Kubernetes-commit: 759a64136b0d4619d5535adb79a8367e124b06c6 |
||
|---|---|---|
| .. | ||
| apiserver | ||
| audit | ||
| config | ||
| example | ||
| example2 | ||
| flowcontrol/bootstrap | ||
| OWNERS | ||