git: Add new feature gates

OptimizedGitClones decreases resource utilization for GitRepository reconciliations. It supports both go-git and libgit2 implementations when cloning repositories using branches or tags. GitManagedTransport enables the use of Managed Transport. This replaces the previous 'EXPERIMENTAL_GIT_TRANSPORT' environment variable that was used for the same result. This commit also enables it by default. Both are opt-out features, which can be disabled by starting the controller with the argument '--feature-gates=GitManagedTransport=false,OptimizedGitClones=false' Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
fluxcd · May 12, 2022 · ba6deae · ba6deae
1 parent 4a64452
commit ba6deae
Show file tree

Hide file tree

Showing 4 changed files with 93 additions and 4 deletions.
diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
  github.com/fluxcd/pkg/apis/acl v0.0.3
  github.com/fluxcd/pkg/apis/meta v0.13.0
  github.com/fluxcd/pkg/gittestserver v0.5.2
- github.com/fluxcd/pkg/runtime v0.14.2
+ github.com/fluxcd/pkg/runtime v0.15.1
  github.com/fluxcd/pkg/ssh v0.3.2
  github.com/fluxcd/source-controller v0.24.4
  github.com/fluxcd/source-controller/api v0.24.4
@@ -31,6 +31,11 @@ require (
  sigs.k8s.io/kustomize/kyaml v0.13.6
 )
 
+require (
+ github.com/inconshreveable/mousetrap v1.0.0 // indirect
+ github.com/spf13/cobra v1.4.0 // indirect
+)
+
 require (
  cloud.google.com/go/compute v1.6.0 // indirect
  github.com/Masterminds/goutils v1.1.1 // indirect

diff --git a/go.sum b/go.sum
@@ -370,8 +370,8 @@ github.com/fluxcd/pkg/gittestserver v0.5.2 h1:Tt2g1C2b3DB4OM7ZX9hsj6scPdpnkl0xjH
 github.com/fluxcd/pkg/gittestserver v0.5.2/go.mod h1:QNv2arrHGReWIev8rp3Stg1JMq+xqT/lomSFZ2KfMBI=
 github.com/fluxcd/pkg/gitutil v0.1.0 h1:VO3kJY/CKOCO4ysDNqfdpTg04icAKBOSb3lbR5uE/IE=
 github.com/fluxcd/pkg/gitutil v0.1.0/go.mod h1:Ybz50Ck5gkcnvF0TagaMwtlRy3X3wXuiri1HVsK5id4=
-github.com/fluxcd/pkg/runtime v0.14.2 h1:ktyUjcX4pHoC8DRoBmhEP6eMHbmR6+/MYoARe4YulZY=
-github.com/fluxcd/pkg/runtime v0.14.2/go.mod h1:NZr3PRK7xX2M1bl0LdtugvQyWkOmu2NcW3NrZH6U0is=
+github.com/fluxcd/pkg/runtime v0.15.1 h1:PKooYqlZM+KLhnNz10sQnBH0AHllS40PIDHtiRH/BGU=
+github.com/fluxcd/pkg/runtime v0.15.1/go.mod h1:TPAoOEgUFG60FXBA4ID41uaPldxuXCEI4jt3qfd5i5Q=
 github.com/fluxcd/pkg/ssh v0.3.2 h1:HZlDF6Qu4yplsU4Tisv6hxsRIbIOwwr7rKus8/Q/Dn0=
 github.com/fluxcd/pkg/ssh v0.3.2/go.mod h1:OVnuv9y2WCx7AoOIid0sxqe9lLKKfDS4PMl+4ta5DIo=
 github.com/fluxcd/pkg/version v0.1.0 h1:v+SmCanmCB5Tj2Cx9TXlj+kNRfPGbAvirkeqsp7ZEAQ=
@@ -628,6 +628,7 @@ github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH
 github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
 github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
+github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA=
 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
@@ -921,6 +922,8 @@ github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHN
 github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo=
 github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk=
 github.com/spf13/cobra v1.3.0/go.mod h1:BrRVncBjOJa/eUcVVm9CE+oC6as8k+VYr4NY7WCi9V4=
+github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q=
+github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
 github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
 github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=

diff --git a/internal/features/features.go b/internal/features/features.go
@@ -0,0 +1,67 @@
+/*
+Copyright 2022 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package features sets the feature gates that
+// source-controller supports, and their default
+// states.
+package features
+
+import feathelper "github.com/fluxcd/pkg/runtime/features"
+
+const (
+ // OptimizedGitClones decreases resource utilization for GitRepository
+ // reconciliations. It supports both go-git and libgit2 implementations
+ // when cloning repositories using branches or tags.
+ //
+ // When enabled, avoids full clone operations by first checking whether
+ // the last revision is still the same at the target repository,
+ // and if that is so, skips the reconciliation.
+ OptimizedGitClones = "OptimizedGitClones"
+
+ // GitManagedTransport implements a managed transport for GitRepository
+ // objects that use the libgit2 implementation.
+ //
+ // When enabled, improves the reliability of libgit2 reconciliations,
+ // by enforcing timeouts and ensuring libgit2 cannot hijack the process
+ // and hang it indefinitely.
+ GitManagedTransport = "GitManagedTransport"
+)
+
+var features = map[string]bool{
+ // OptimizedGitClones
+ // opt-out from v0.23
+ OptimizedGitClones: true,
+
+ // GitManagedTransport
+ // opt-in from v0.21 (via environment variable)
+ // opt-out from v0.23
+ GitManagedTransport: true,
+}
+
+// DefaultFeatureGates contains a list of all supported feature gates and
+// their default values.
+func FeatureGates() map[string]bool {
+ return features
+}
+
+// Enabled verifies whether the feature is enabled or not.
+//
+// This is only a wrapper around the Enabled func in
+// pkg/runtime/features, so callers won't need to import
+// both packages for checking whether a feature is enabled.
+func Enabled(feature string) (bool, error) {
+ return feathelper.Enabled(feature)
+}
diff --git a/main.go b/main.go
@@ -33,6 +33,7 @@ import (
  "github.com/fluxcd/pkg/runtime/client"
  helper "github.com/fluxcd/pkg/runtime/controller"
  "github.com/fluxcd/pkg/runtime/events"
+ feathelper "github.com/fluxcd/pkg/runtime/features"
  "github.com/fluxcd/pkg/runtime/leaderelection"
  "github.com/fluxcd/pkg/runtime/logger"
  "github.com/fluxcd/pkg/runtime/metrics"
@@ -41,6 +42,7 @@ import (
  sourcev1 "github.com/fluxcd/source-controller/api/v1beta2"
 
  imagev1 "github.com/fluxcd/image-automation-controller/api/v1beta1"
+ "github.com/fluxcd/image-automation-controller/internal/features"
  "github.com/fluxcd/source-controller/pkg/git"
  "github.com/fluxcd/source-controller/pkg/git/libgit2/managed"
 
@@ -73,6 +75,7 @@ func main() {
  logOptions logger.Options
  leaderElectionOptions leaderelection.Options
  rateLimiterOptions helper.RateLimiterOptions
+ featureGates feathelper.FeatureGates
  watchAllNamespaces bool
  concurrent int
  kexAlgos []string
@@ -86,16 +89,26 @@ func main() {
  flag.IntVar(&concurrent, "concurrent", 4, "The number of concurrent resource reconciles.")
  flag.StringSliceVar(&kexAlgos, "ssh-kex-algos", []string{},
  "The list of key exchange algorithms to use for ssh connections, arranged from most preferred to the least.")
+
  clientOptions.BindFlags(flag.CommandLine)
  logOptions.BindFlags(flag.CommandLine)
  leaderElectionOptions.BindFlags(flag.CommandLine)
  aclOptions.BindFlags(flag.CommandLine)
  rateLimiterOptions.BindFlags(flag.CommandLine)
+ featureGates.BindFlags(flag.CommandLine)
+
  flag.Parse()
 
  log := logger.NewLogger(logOptions)
  ctrl.SetLogger(log)
 
+ err := featureGates.WithLogger(setupLog).
+ SupportedFeatures(features.FeatureGates())
+ if err != nil {
+ setupLog.Error(err, "unable to load feature gates")
+ os.Exit(1)
+ }
+
  metricsRecorder := metrics.NewRecorder()
  ctrlmetrics.Registry.MustRegister(metricsRecorder.Collectors()...)
 
@@ -147,9 +160,10 @@ func main() {
  }
  // +kubebuilder:scaffold:builder
 
- if managed.Enabled() {
+ if enabled, _ := features.Enabled(features.GitManagedTransport); enabled {
  managed.InitManagedTransport(ctrl.Log.WithName("managed-transport"))
  }
+
  setPreferredKexAlgos(kexAlgos)
 
  setupLog.Info("starting manager")