Skip to content

Commit

Permalink
Enable Sveltos Drift Detection
Browse files Browse the repository at this point in the history
  • Loading branch information
@wahabmk
wahabmk committed Jan 20, 2025
1 parent e16e8a0 commit 96142d3
Show file tree
Hide file tree
Showing 7 changed files with 253 additions and 0 deletions.
8 changes: 8 additions & 0 deletions api/v1alpha1/multiclusterservice_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ package v1alpha1

import (
sveltosv1beta1 "github.com/projectsveltos/addon-controller/api/v1beta1"
libsveltosv1beta1 "github.com/projectsveltos/libsveltos/api/v1beta1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)

Expand Down Expand Up @@ -92,6 +93,13 @@ type ServiceSpec struct {
StopOnConflict bool `json:"stopOnConflict,omitempty"`
// Reload instances via rolling upgrade when a ConfigMap/Secret mounted as volume is modified.
Reload bool `json:"reload,omitempty"`

// +kubebuilder:default:=Continuous
// +kubebuilder:validation:Enum:=OneTime;Continuous;ContinuousWithDriftDetection;DryRun

SyncMode string `json:"syncMode,omitempty"`
IgnoreDrift []libsveltosv1beta1.PatchSelector `json:"ignoreDrift,omitempty"`
DriftExclusions []sveltosv1beta1.DriftExclusion `json:"driftExclusions,omitempty"`
}

// MultiClusterServiceSpec defines the desired state of MultiClusterService
Expand Down
13 changes: 13 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions internal/controller/clusterdeployment_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -478,6 +478,9 @@ func (r *ClusterDeploymentReconciler) updateServices(ctx context.Context, mc *kc
StopOnConflict: mc.Spec.ServiceSpec.StopOnConflict,
Reload: mc.Spec.ServiceSpec.Reload,
TemplateResourceRefs: mc.Spec.ServiceSpec.TemplateResourceRefs,
SyncMode: mc.Spec.ServiceSpec.SyncMode,
IgnoreDrift: mc.Spec.ServiceSpec.IgnoreDrift,
DriftExclusions: mc.Spec.ServiceSpec.DriftExclusions,
}); err != nil {
return ctrl.Result{}, fmt.Errorf("failed to reconcile Profile: %w", err)
}
Expand Down
3 changes: 3 additions & 0 deletions internal/controller/multiclusterservice_controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,9 @@ func (r *MultiClusterServiceReconciler) reconcileUpdate(ctx context.Context, mcs
StopOnConflict: mcs.Spec.ServiceSpec.StopOnConflict,
Reload: mcs.Spec.ServiceSpec.Reload,
TemplateResourceRefs: mcs.Spec.ServiceSpec.TemplateResourceRefs,
SyncMode: mcs.Spec.ServiceSpec.SyncMode,
IgnoreDrift: mcs.Spec.ServiceSpec.IgnoreDrift,
DriftExclusions: mcs.Spec.ServiceSpec.DriftExclusions,
}); err != nil {
return ctrl.Result{}, fmt.Errorf("failed to reconcile ClusterProfile: %w", err)
}
Expand Down
16 changes: 16 additions & 0 deletions internal/sveltos/profile.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,14 +32,21 @@ import (
"github.com/K0rdent/kcm/internal/utils"
)

const DrifIgnorePatch = `- op: add
path: /metadata/annotations/projectsveltos.io~1driftDetectionIgnore
value: ok`

type ReconcileProfileOpts struct {

Check failure on line 39 in internal/sveltos/profile.go

View workflow job for this annotation

GitHub Actions / Build and Unit Test 

fieldalignment: struct with 152 pointer bytes could be 136 (govet)
OwnerReference *metav1.OwnerReference
LabelSelector metav1.LabelSelector
HelmChartOpts []HelmChartOpts
TemplateResourceRefs []sveltosv1beta1.TemplateResourceRef
IgnoreDrift []libsveltosv1beta1.PatchSelector
DriftExclusions []sveltosv1beta1.DriftExclusion
Priority int32
StopOnConflict bool
Reload bool
SyncMode string
}

type HelmChartOpts struct {
Expand Down Expand Up @@ -238,7 +245,16 @@ func GetSpec(opts *ReconcileProfileOpts) (*sveltosv1beta1.Spec, error) {
ContinueOnConflict: !opts.StopOnConflict,
HelmCharts: make([]sveltosv1beta1.HelmChart, 0, len(opts.HelmChartOpts)),
Reloader: opts.Reload,
SyncMode: sveltosv1beta1.SyncMode(opts.SyncMode),
TemplateResourceRefs: opts.TemplateResourceRefs,
DriftExclusions: opts.DriftExclusions,
}

for _, target := range opts.IgnoreDrift {
spec.Patches = append(spec.Patches, libsveltosv1beta1.Patch{
Target: &target,
Patch: DrifIgnorePatch,
})
}

for _, hc := range opts.HelmChartOpts {
Expand Down
105 changes: 105 additions & 0 deletions templates/provider/kcm/templates/crds/k0rdent.mirantis.com_clusterdeployments.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,103 @@ spec:
serviceSpec:
description: ServiceSpec is spec related to deployment of services.
properties:
driftExclusions:
items:
properties:
paths:
description: Paths is a slice of JSON6902 paths to exclude
from configuration drift evaluation.
items:
type: string
type: array
target:
description: Target points to the resources that the paths
refers to.
properties:
annotationSelector:
description: |-
AnnotationSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
description: |-
Group is the API group to select resources from.
Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
description: |-
Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
description: |-
LabelSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Name to match resources with.
type: string
namespace:
description: Namespace to select resources from.
type: string
version:
description: |-
Version of the API Group to select resources from.
Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
- paths
type: object
type: array
ignoreDrift:
items:
properties:
annotationSelector:
description: |-
AnnotationSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
description: |-
Group is the API group to select resources from.
Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
description: |-
Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
description: |-
LabelSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Name to match resources with.
type: string
namespace:
description: Namespace to select resources from.
type: string
version:
description: |-
Version of the API Group to select resources from.
Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
type: array
priority:
default: 100
description: |-
Expand Down Expand Up @@ -172,6 +269,14 @@ spec:
By default the remaining services will be deployed even if conflict is detected.
If set to true, the deployment will stop after encountering the first conflict.
type: boolean
syncMode:
default: Continuous
enum:
- OneTime
- Continuous
- ContinuousWithDriftDetection
- DryRun
type: string
templateResourceRefs:
description: |-
TemplateResourceRefs is a list of resources to collect from the management cluster,
Expand Down
105 changes: 105 additions & 0 deletions templates/provider/kcm/templates/crds/k0rdent.mirantis.com_multiclusterservices.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -90,6 +90,103 @@ spec:
serviceSpec:
description: ServiceSpec is spec related to deployment of services.
properties:
driftExclusions:
items:
properties:
paths:
description: Paths is a slice of JSON6902 paths to exclude
from configuration drift evaluation.
items:
type: string
type: array
target:
description: Target points to the resources that the paths
refers to.
properties:
annotationSelector:
description: |-
AnnotationSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
description: |-
Group is the API group to select resources from.
Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
description: |-
Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
description: |-
LabelSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Name to match resources with.
type: string
namespace:
description: Namespace to select resources from.
type: string
version:
description: |-
Version of the API Group to select resources from.
Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
- paths
type: object
type: array
ignoreDrift:
items:
properties:
annotationSelector:
description: |-
AnnotationSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
description: |-
Group is the API group to select resources from.
Together with Version and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
description: |-
Kind of the API Group to select resources from.
Together with Group and Version it is capable of unambiguously
identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
description: |-
LabelSelector is a string that follows the label selection expression
https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Name to match resources with.
type: string
namespace:
description: Namespace to select resources from.
type: string
version:
description: |-
Version of the API Group to select resources from.
Together with Group and Kind it is capable of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
type: array
priority:
default: 100
description: |-
Expand Down Expand Up @@ -184,6 +281,14 @@ spec:
By default the remaining services will be deployed even if conflict is detected.
If set to true, the deployment will stop after encountering the first conflict.
type: boolean
syncMode:
default: Continuous
enum:
- OneTime
- Continuous
- ContinuousWithDriftDetection
- DryRun
type: string
templateResourceRefs:
description: |-
TemplateResourceRefs is a list of resources to collect from the management cluster,
Expand Down

0 comments on commit 96142d3

Please sign in to comment.