From 7f97b152fd70ba77519790060f391779dbe87784 Mon Sep 17 00:00:00 2001 From: Valentin Gerlach Date: Thu, 25 Sep 2025 11:55:35 +0200 Subject: [PATCH 1/4] Improve check when to refresh flux token --- internal/controller/kubeconfigs.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/internal/controller/kubeconfigs.go b/internal/controller/kubeconfigs.go index a5d970e..8ecd09d 100644 --- a/internal/controller/kubeconfigs.go +++ b/internal/controller/kubeconfigs.go @@ -41,8 +41,11 @@ func (r *ControlPlaneReconciler) ensureKubeconfig(ctx context.Context, remoteCfg return nil, err } + remainingLifetime := time.Until(expiration) + // check if token would expire before next planned reconciliation - if time.Now().Before(expiration.Add(-r.ReconcilePeriod)) { + // or less than a third of the desired lifetime is left + if remainingLifetime < r.ReconcilePeriod || remainingLifetime < r.FluxTokenLifetime/3 { // kubeconfig is still valid return &corev1.SecretReference{Name: secret.Name, Namespace: secret.Namespace}, nil } From ba0ace573a16edbd96a0f8b1054fc5d3e7af83c5 Mon Sep 17 00:00:00 2001 From: Valentin Gerlach Date: Thu, 25 Sep 2025 11:57:20 +0200 Subject: [PATCH 2/4] Set MaxConcurrentReconciles to 10 --- internal/controller/controlplane_controller.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/controller/controlplane_controller.go b/internal/controller/controlplane_controller.go index b76f852..88edb4c 100644 --- a/internal/controller/controlplane_controller.go +++ b/internal/controller/controlplane_controller.go @@ -48,8 +48,10 @@ import ( "k8s.io/client-go/tools/record" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/controller" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/reconcile" corev1beta1 "github.com/openmcp-project/control-plane-operator/api/v1beta1" "github.com/openmcp-project/control-plane-operator/pkg/controlplane/components" @@ -191,6 +193,9 @@ func (r *ControlPlaneReconciler) getReleaseChannels(ctx context.Context) corev1b func (r *ControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). For(&corev1beta1.ControlPlane{}). + WithOptions(controller.TypedOptions[reconcile.Request]{ + MaxConcurrentReconciles: 10, + }). Complete(r) } From d96b2786359f22dbe5deb29cf8f8b12d3e373d23 Mon Sep 17 00:00:00 2001 From: Valentin Gerlach Date: Thu, 25 Sep 2025 13:06:21 +0200 Subject: [PATCH 3/4] fix: token expiry logic --- internal/controller/kubeconfigs.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/internal/controller/kubeconfigs.go b/internal/controller/kubeconfigs.go index 8ecd09d..fef7de3 100644 --- a/internal/controller/kubeconfigs.go +++ b/internal/controller/kubeconfigs.go @@ -45,7 +45,9 @@ func (r *ControlPlaneReconciler) ensureKubeconfig(ctx context.Context, remoteCfg // check if token would expire before next planned reconciliation // or less than a third of the desired lifetime is left - if remainingLifetime < r.ReconcilePeriod || remainingLifetime < r.FluxTokenLifetime/3 { + expired := remainingLifetime < r.ReconcilePeriod || remainingLifetime < r.FluxTokenLifetime/3 + + if !expired { // kubeconfig is still valid return &corev1.SecretReference{Name: secret.Name, Namespace: secret.Namespace}, nil } From af0aa820227c4b1079badda879bd198c7add06e3 Mon Sep 17 00:00:00 2001 From: Valentin Gerlach Date: Thu, 25 Sep 2025 13:06:37 +0200 Subject: [PATCH 4/4] feat: release v0.1.16 --- VERSION | 2 +- charts/control-plane-operator/Chart.yaml | 4 ++-- charts/control-plane-operator/values.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/VERSION b/VERSION index c906c61..a33ca21 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -v0.1.15-dev \ No newline at end of file +v0.1.16 \ No newline at end of file diff --git a/charts/control-plane-operator/Chart.yaml b/charts/control-plane-operator/Chart.yaml index e346fb6..28a4073 100644 --- a/charts/control-plane-operator/Chart.yaml +++ b/charts/control-plane-operator/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: control-plane-operator description: A Helm chart for the Cloud Orchestration Control Plane Operator type: application -version: v0.1.15 -appVersion: v0.1.15 +version: v0.1.16 +appVersion: v0.1.16 home: https://github.com/openmcp-project/control-plane-operator sources: - https://github.com/openmcp-project/control-plane-operator diff --git a/charts/control-plane-operator/values.yaml b/charts/control-plane-operator/values.yaml index efc4402..7f3ddfa 100644 --- a/charts/control-plane-operator/values.yaml +++ b/charts/control-plane-operator/values.yaml @@ -8,7 +8,7 @@ image: repository: ghcr.io/openmcp-project/images/control-plane-operator pullPolicy: IfNotPresent # Overrides the image tag whose default is the chart appVersion. - tag: v0.1.15 + tag: v0.1.16 imagePullSecrets: [] nameOverride: ""