-
Notifications
You must be signed in to change notification settings - Fork 181
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revoke kubectl managed fields ownership #527
Conversation
48ddfab
to
1cc795f
Compare
We are looking for notifications spam around the time that this upgrade goes into the cluster (I have just re-enabled slack notifications so that I will be able to tell one way or another)
7dcf93d
to
408a889
Compare
440702f
to
78bd051
Compare
This is a contribution of information to solve this issue On resource of kind Kustomization with v1beta2 we are switching from
to
The kustomize controller however does not seem to have the correct permissions due to managedFields to remove the
Flux information. RC candidate setup: ► checking prerequisites pre RC candidate setup: ► checking prerequisites This is how a kustomization object looks before merging a switch from patchesStrategicMerge to patches look like
After applying the RC and making the changes these are the two variants we have been seing on the kustomization
We also had a successful run on the controller switching out the the two variants of patches by
Please let us know if we can be of any more assistance |
So we managed to work around the issue with stale
So the way to proceed is to
|
0d8a732
to
ad94bd6
Compare
@ericjohansson89 with the latest version of this PR ( |
I can confirm, After testing several RCs this one looks like the winner 🎉 |
Edit: 🎉 user error, no problem found here I have not noticed any other strange behavior with any other Kustomization, and I have about 25 different Kustomizations running on this cluster, so while that's not conclusive, it looks like all the issues I was able to reproduce with prior versions, were fixed by this RC build. That includes:
If you're still experiencing difficulty removing any of the above, or any that I missed, after installing this Kustomize Controller RC, please let us know too. |
I have performed more exhaustive tests against e611de4 with a matrix of Kubernetes minor versions in our support matrix and I believe this resolves the issue from all angles, 👍 LGTM |
Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
e611de4
to
f353ba4
Compare
This PR enforces Flux ownership of Kubernetes objects' fields that were applied on the cluster outside of the declared desired state. In addition, metadata annotations and labels removed from Git and are now removed from the cluster.
In order to undo changes made with
kubectl apply -f
andkubectl apply --server-side --force-conflicts
, we have to replacekubectl-*
managers with our own manager before the controller runs the server-side apply.In addition, this PR removes the kubectl last applied configuration annotation and Flux v1 & v2 deprecated metadata.
References:
Upstream bugs:
Test this PR using
ghcr.io/fluxcd/kustomize-controller:rc-e611de4e
.To use the release candidate on your cluster, add the following image patch to
clusters/<cluster>/flux-system/kustomization.yaml
:Big thanks to @somtochiama and @kingdonb for all the help validating this approach 🥇