Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow configuration of drift detection on HelmRelease #815

Merged
merged 4 commits into from
Nov 24, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
101 changes: 101 additions & 0 deletions api/v2beta2/helmrelease_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,12 @@ type HelmReleaseSpec struct {
// +optional
PersistentClient *bool `json:"persistentClient,omitempty"`

// DriftDetection holds the configuration for detecting and handling
// differences between the manifest in the Helm storage and the resources
// currently existing in the cluster.
// +optional
DriftDetection *DriftDetection `json:"driftDetection,omitempty"`

// Install holds the configuration for Helm install actions for this HelmRelease.
// +optional
Install *Install `json:"install,omitempty"`
Expand Down Expand Up @@ -192,6 +198,91 @@ type HelmReleaseSpec struct {
PostRenderers []PostRenderer `json:"postRenderers,omitempty"`
}

// DriftDetectionMode represents the modes in which a controller can detect and
// handle differences between the manifest in the Helm storage and the resources
// currently existing in the cluster.
type DriftDetectionMode string

var (
// DriftDetectionEnabled instructs the controller to actively detect any
// changes between the manifest in the Helm storage and the resources
// currently existing in the cluster.
// If any differences are detected, the controller will automatically
// correct the cluster state by performing a Helm upgrade.
DriftDetectionEnabled DriftDetectionMode = "enabled"

// DriftDetectionWarn instructs the controller to actively detect any
// changes between the manifest in the Helm storage and the resources
// currently existing in the cluster.
// If any differences are detected, the controller will emit a warning
// without automatically correcting the cluster state.
DriftDetectionWarn DriftDetectionMode = "warn"

// DriftDetectionDisabled instructs the controller to skip detection of
// differences entirely.
// This is the default behavior, and the controller will not actively
// detect or respond to differences between the manifest in the Helm
// storage and the resources currently existing in the cluster.
DriftDetectionDisabled DriftDetectionMode = "disabled"
)

var (
// DriftDetectionMetadataKey is the label or annotation key used to disable
// the diffing of an object.
DriftDetectionMetadataKey = GroupVersion.Group + "/driftDetection"
// DriftDetectionDisabledValue is the value used to disable the diffing of
// an object using DriftDetectionMetadataKey.
DriftDetectionDisabledValue = "disabled"
)

// IgnoreRule defines a rule to selectively disregard specific changes during
// the drift detection process.
type IgnoreRule struct {
// Paths is a list of JSON Pointer (RFC 6901) paths to be excluded from
// consideration in a Kubernetes object.
// +required
Paths []string `json:"paths"`

// Target is a selector for specifying Kubernetes objects to which this
// rule applies.
// If Target is not set, the Paths will be ignored for all Kubernetes
// objects within the manifest of the Helm release.
// +optional
Target *kustomize.Selector `json:"target,omitempty"`
}

// DriftDetection defines the strategy for performing differential analysis and
// provides a way to define rules for ignoring specific changes during this
// process.
type DriftDetection struct {
// Mode defines how differences should be handled between the Helm manifest
// and the manifest currently applied to the cluster.
// If not explicitly set, it defaults to DiffModeDisabled.
// +kubebuilder:validation:Enum=enabled;warn;disabled
// +optional
Mode DriftDetectionMode `json:"mode,omitempty"`

// Ignore contains a list of rules for specifying which changes to ignore
// during diffing.
// +optional
Ignore []IgnoreRule `json:"ignore,omitempty"`
}

// GetMode returns the DiffMode set on the Diff, or DiffModeDisabled if not
// set.
func (d DriftDetection) GetMode() DriftDetectionMode {
if d.Mode == "" {
return DriftDetectionDisabled
}
return d.Mode
}

// MustDetectChanges returns true if the DiffMode is set to DiffModeEnabled or
// DiffModeWarn.
func (d DriftDetection) MustDetectChanges() bool {
return d.GetMode() == DriftDetectionEnabled || d.GetMode() == DriftDetectionWarn
}

// HelmChartTemplate defines the template from which the controller will
// generate a v1beta2.HelmChart object in the same namespace as the referenced
// v1.Source.
Expand Down Expand Up @@ -970,6 +1061,16 @@ type HelmRelease struct {
Status HelmReleaseStatus `json:"status,omitempty"`
}

// GetDriftDetection returns the configuration for detecting and handling
// differences between the manifest in the Helm storage and the resources
// currently existing in the cluster.
func (in *HelmRelease) GetDriftDetection() DriftDetection {
if in.Spec.DriftDetection == nil {
return DriftDetection{}
}
return *in.Spec.DriftDetection
}

// GetInstall returns the configuration for Helm install actions for the
// HelmRelease.
func (in *HelmRelease) GetInstall() Install {
Expand Down
52 changes: 52 additions & 0 deletions api/v2beta2/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

74 changes: 74 additions & 0 deletions config/crd/bases/helm.toolkit.fluxcd.io_helmreleases.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1221,6 +1221,80 @@ spec:
- name
type: object
type: array
driftDetection:
description: DriftDetection holds the configuration for detecting
and handling differences between the manifest in the Helm storage
and the resources currently existing in the cluster.
properties:
ignore:
description: Ignore contains a list of rules for specifying which
changes to ignore during diffing.
items:
description: IgnoreRule defines a rule to selectively disregard
specific changes during the drift detection process.
properties:
paths:
description: Paths is a list of JSON Pointer (RFC 6901)
paths to be excluded from consideration in a Kubernetes
object.
items:
type: string
type: array
target:
description: Target is a selector for specifying Kubernetes
objects to which this rule applies. If Target is not set,
the Paths will be ignored for all Kubernetes objects within
the manifest of the Helm release.
properties:
annotationSelector:
description: AnnotationSelector is a string that follows
the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource annotations.
type: string
group:
description: Group is the API group to select resources
from. Together with Version and Kind it is capable
of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
kind:
description: Kind of the API Group to select resources
from. Together with Group and Version it is capable
of unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
labelSelector:
description: LabelSelector is a string that follows
the label selection expression https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#api
It matches with the resource labels.
type: string
name:
description: Name to match resources with.
type: string
namespace:
description: Namespace to select resources from.
type: string
version:
description: Version of the API Group to select resources
from. Together with Group and Kind it is capable of
unambiguously identifying and/or selecting resources.
https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/api-group.md
type: string
type: object
required:
- paths
type: object
type: array
mode:
description: Mode defines how differences should be handled between
the Helm manifest and the manifest currently applied to the
cluster. If not explicitly set, it defaults to DiffModeDisabled.
enum:
- enabled
- warn
- disabled
type: string
type: object
install:
description: Install holds the configuration for Helm install actions
for this HelmRelease.
Expand Down
Loading