Bug: Objects are pruned on templating errors

[yiraeChristineKim]

Description:
Deploying a enforced ConfigurationPolicy with a valid template and then updating the template to be invalid caused the created object to be pruned. (I did it with hub templates, but I'd suspect managed cluster templates would have a similar behavior.)

expected: Not perform any deletion while in this error state.

Ref: https://issues.redhat.com/browse/ACM-5301
Signed-off-by: Yi Rae Kim yikim@redhat.com

[yiraeChristineKim]

There are more addTemplateErrorViolation I am actually not sure which one should I add "skip removing resources"... Would anyone give me advice?

[JustinKuli]

Right now the instances I see where you don't set the parameter are:

• when getEncryptionConfig has an error
• when templates.NewResolver has an error
• when ObjectTemplatesRaw is used, but doesn't have any templates, and then yaml.Unmarshal has an error.

I can't think of a situation where I would want things related objects removed when one of these errors occurs. So I wonder if there are really any template errors where we should consider removing resources - I think that when any error occurs, we probably shouldn't clean anything up, just in case.

If addTemplateErrorViolation always passed a deleteDetachedObjs = false parameter (see other comments) to checkRelatedAndUpdate, I think that would be a bit cleaner.

[yiraeChristineKim]

@JustinKuli Did I miss anything?!

[JustinKuli]

Right now the instances I see where you don't set the parameter are:

• when getEncryptionConfig has an error
• when templates.NewResolver has an error
• when ObjectTemplatesRaw is used, but doesn't have any templates, and then yaml.Unmarshal has an error.

I can't think of a situation where I would want things related objects removed when one of these errors occurs. So I wonder if there are really any template errors where we should consider removing resources - I think that when any error occurs, we probably shouldn't clean anything up, just in case.

If addTemplateErrorViolation always passed a deleteDetachedObjs = false parameter (see other comments) to checkRelatedAndUpdate, I think that would be a bit cleaner.

[JustinKuli]

I think I would prefer this to not be variadic, because it makes it easier to review that we've considered each time that this function is called. I would also prefer it to be called something like deleteDetachedObjs to describe what it does, rather than where it's coming from, since there could be other cases where we don't want to do this cleanup, but the reason has nothing to do with template errors.

[JustinKuli]

Looking at other times checkRelatedAndUpdate is called, I think there are more error cases where we don't want to delete "detached" objects.

[JustinKuli]

Final note (sorry), I think the function signature is long enough now that each parameter should be on a separate line, like https://github.com/open-cluster-management-io/config-policy-controller/blob/main/controllers/configurationpolicy_controller.go#L1394. But that's just a style thing.

[JustinKuli]

Thanks for the update, I think it's looking right overall, just a few last details to iron out! Once we get the tests passing I think this will be good.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JustinKuli, yiraeChristineKim

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [JustinKuli,yiraeChristineKim]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment