Skip to content

Commit

Permalink
Merge pull request #614 from gianlucam76/drift-detection
Browse files Browse the repository at this point in the history 
(feat) Don't track certain resources for configuration drift
  • Loading branch information
@gianlucam76
gianlucam76 authored Jul 2, 2024
2 parents 560941e + 15b0ba1 commit 3112fbc
Show file tree
Hide file tree
Showing 11 changed files with 206 additions and 39 deletions.
5 changes: 5 additions & 0 deletions api/v1beta1/clusterconfiguration_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,11 @@ type Resource struct {

// Owner is the list of ConfigMap/Secret containing this resource.
Owner corev1.ObjectReference `json:"owner"`

// IgnoreForConfigurationDrift indicates to not track resource
// for configuration drift detection.
// This field has a meaning only when mode is ContinuousWithDriftDetection
IgnoreForConfigurationDrift bool `json:"ignoreForConfigurationDrift"`
}

type Chart struct {
Expand Down
14 changes: 14 additions & 0 deletions config/crd/bases/config.projectsveltos.io_clusterconfigurations.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -479,6 +479,12 @@ spec:
description: Group of the resource deployed in the
Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the
Cluster.
Expand Down Expand Up @@ -551,6 +557,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down Expand Up @@ -644,6 +651,12 @@ spec:
description: Group of the resource deployed in the
Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the
Cluster.
Expand Down Expand Up @@ -716,6 +729,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down
14 changes: 14 additions & 0 deletions config/crd/bases/config.projectsveltos.io_clusterreports.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -384,6 +384,12 @@ spec:
group:
description: Group of the resource deployed in the Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the Cluster.
minLength: 1
Expand Down Expand Up @@ -453,6 +459,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down Expand Up @@ -530,6 +537,12 @@ spec:
group:
description: Group of the resource deployed in the Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the Cluster.
minLength: 1
Expand Down Expand Up @@ -599,6 +612,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down
41 changes: 41 additions & 0 deletions controllers/drift-detection-utils.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
/*
Copyright 2024. projectsveltos.io. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package controllers

import (
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
)

const (
// When this annotation is set, resource will be excluded from configuration
// drift detection
driftDetectionIgnoreAnnotation = "projectsveltos.io/driftDetectionIgnore"
)

// hasIgnoreConfigurationDriftAnnotation verifies whether resource has
// `projectsveltos.io/driftDetectionIgnore` annotation. Any resource with such
// annotation set won't be tracked for configuration drift.
func hasIgnoreConfigurationDriftAnnotation(resource *unstructured.Unstructured) bool {
annotations := resource.GetAnnotations()
if annotations != nil {
if _, ok := annotations[driftDetectionIgnoreAnnotation]; ok {
return true
}
}

return false
}
20 changes: 11 additions & 9 deletions controllers/handlers_helm.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ func deployHelmCharts(ctx context.Context, c client.Client,
if clusterSummary.Spec.ClusterProfileSpec.SyncMode == configv1beta1.SyncModeContinuousWithDriftDetection ||
clusterSummary.Spec.ClusterProfileSpec.Reloader {

helmResources, err = collectResourcesFromManagedHelmCharts(ctx, c, clusterSummary, kubeconfig, logger)
helmResources, err = collectResourcesFromManagedHelmChartsForDriftDetection(ctx, c, clusterSummary, kubeconfig, logger)
if err != nil {
return err
}
Expand Down Expand Up @@ -1685,10 +1685,11 @@ func getHelmChartValuesFrom(ctx context.Context, c client.Client, clusterSummary
return getValuesFrom(ctx, c, clusterSummary, helmChart.ValuesFrom, false, logger)
}

// collectResourcesFromManagedHelmCharts collects resources considering all
// collectResourcesFromManagedHelmChartsForDriftDetection collects resources considering all
// helm charts contained in a ClusterSummary that are currently managed by the
// ClusterProfile instance
func collectResourcesFromManagedHelmCharts(ctx context.Context, c client.Client,
// ClusterProfile instance.
// Resources with "projectsveltos.io/driftDetectionIgnore" annotation won't be included
func collectResourcesFromManagedHelmChartsForDriftDetection(ctx context.Context, c client.Client,
clusterSummary *configv1beta1.ClusterSummary, kubeconfig string, logger logr.Logger,
) ([]libsveltosv1beta1.HelmResources, error) {

Expand Down Expand Up @@ -1764,11 +1765,12 @@ func unstructuredToSveltosResources(policies []*unstructured.Unstructured) []lib

for i := range policies {
r := libsveltosv1beta1.Resource{
Namespace: policies[i].GetNamespace(),
Name: policies[i].GetName(),
Kind: policies[i].GetKind(),
Group: policies[i].GetObjectKind().GroupVersionKind().Group,
Version: policies[i].GetObjectKind().GroupVersionKind().Version,
Namespace: policies[i].GetNamespace(),
Name: policies[i].GetName(),
Kind: policies[i].GetKind(),
Group: policies[i].GetObjectKind().GroupVersionKind().Group,
Version: policies[i].GetObjectKind().GroupVersionKind().Version,
IgnoreForConfigurationDrift: hasIgnoreConfigurationDriftAnnotation(policies[i]),
}

resources = append(resources, r)
Expand Down
11 changes: 6 additions & 5 deletions controllers/handlers_resources.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -492,11 +492,12 @@ func deployResourceSummary(ctx context.Context, c client.Client,

for i := range deployed {
resources[i] = libsveltosv1beta1.Resource{
Namespace: deployed[i].Namespace,
Name: deployed[i].Name,
Group: deployed[i].Group,
Kind: deployed[i].Kind,
Version: deployed[i].Version,
Namespace: deployed[i].Namespace,
Name: deployed[i].Name,
Group: deployed[i].Group,
Kind: deployed[i].Kind,
Version: deployed[i].Version,
IgnoreForConfigurationDrift: deployed[i].IgnoreForConfigurationDrift,
}
}

Expand Down
22 changes: 13 additions & 9 deletions controllers/handlers_utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -332,7 +332,7 @@ func deployUnstructured(ctx context.Context, deployingToMgmtCluster bool, destCo
logger.V(logs.LogDebug).Info(fmt.Sprintf("deploying resource %s %s/%s (deploy to management cluster: %v)",
policy.GetKind(), policy.GetNamespace(), policy.GetName(), deployingToMgmtCluster))

resource, policyHash := getResource(policy, referencedObject, profileTier, featureID, logger)
resource, policyHash := getResource(policy, hasIgnoreConfigurationDriftAnnotation(policy), referencedObject, profileTier, featureID, logger)

// If policy is namespaced, create namespace if not already existing
err = createNamespace(ctx, destClient, clusterSummary, policy.GetNamespace())
Expand Down Expand Up @@ -520,17 +520,20 @@ func canDeployResource(ctx context.Context, dr dynamic.ResourceInterface, policy
return resourceInfo, false, nil
}

func generateResourceReport(policyHash string, resourceInfo *deployer.ResourceInfo, resource *configv1beta1.Resource,
) *configv1beta1.ResourceReport {
func generateResourceReport(policyHash string, resourceInfo *deployer.ResourceInfo,
resource *configv1beta1.Resource) *configv1beta1.ResourceReport {

resourceReport := &configv1beta1.ResourceReport{Resource: *resource}
if resourceInfo.ResourceVersion == "" {
return &configv1beta1.ResourceReport{Resource: *resource, Action: string(configv1beta1.CreateResourceAction)}
resourceReport.Action = string(configv1beta1.CreateResourceAction)
} else if policyHash != resourceInfo.Hash {
return &configv1beta1.ResourceReport{Resource: *resource, Action: string(configv1beta1.UpdateResourceAction)}
resourceReport.Action = string(configv1beta1.UpdateResourceAction)
} else {
return &configv1beta1.ResourceReport{Resource: *resource, Action: string(configv1beta1.NoResourceAction),
Message: "Object already deployed. And policy referenced by ClusterProfile has not changed since last deployment."}
resourceReport.Action = string(configv1beta1.NoResourceAction)
resourceReport.Message = "Object already deployed. And policy referenced by ClusterProfile has not changed since last deployment."
}

return resourceReport
}

// addExtraLabels adds ExtraLabels to policy.
Expand Down Expand Up @@ -580,8 +583,8 @@ func addExtraAnnotations(policy *unstructured.Unstructured, extraAnnotations map
}

// getResource returns sveltos Resource and the resource hash hash
func getResource(policy *unstructured.Unstructured, referencedObject *corev1.ObjectReference,
tier int32, featureID configv1beta1.FeatureID, logger logr.Logger,
func getResource(policy *unstructured.Unstructured, ignoreForConfigurationDrift bool,
referencedObject *corev1.ObjectReference, tier int32, featureID configv1beta1.FeatureID, logger logr.Logger,
) (resource *configv1beta1.Resource, policyHash string) {

resource = &configv1beta1.Resource{
Expand All @@ -595,6 +598,7 @@ func getResource(policy *unstructured.Unstructured, referencedObject *corev1.Obj
Name: referencedObject.Name,
Kind: referencedObject.Kind,
},
IgnoreForConfigurationDrift: ignoreForConfigurationDrift,
}

var err error
Expand Down
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ require (
github.com/onsi/ginkgo/v2 v2.19.0
github.com/onsi/gomega v1.33.1
github.com/pkg/errors v0.9.1
github.com/projectsveltos/libsveltos v0.32.1-0.20240624142620-affdfeb694be
github.com/projectsveltos/libsveltos v0.32.1-0.20240702090008-925c00e1be3d
github.com/prometheus/client_golang v1.19.1
github.com/spf13/pflag v1.0.5
github.com/yuin/gopher-lua v1.1.1
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -364,8 +364,8 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/poy/onpar v1.1.2 h1:QaNrNiZx0+Nar5dLgTVp5mXkyoVFIbepjyEoGSnhbAY=
github.com/poy/onpar v1.1.2/go.mod h1:6X8FLNoxyr9kkmnlqpK6LSoiOtrO6MICtWwEuWkLjzg=
github.com/projectsveltos/libsveltos v0.32.1-0.20240624142620-affdfeb694be h1:IC9Ca6OqzSQRv//9NSRZt34gdZDyjudwyEz2hZVae7c=
github.com/projectsveltos/libsveltos v0.32.1-0.20240624142620-affdfeb694be/go.mod h1:z6avfRqeHbzqkThyqqqoGcCWMI0JBeAjdeZlbJ7P8TI=
github.com/projectsveltos/libsveltos v0.32.1-0.20240702090008-925c00e1be3d h1:wT8qFe4Yf97G/y2sY2I+f0iSnfgrnFF3SXwau4PJxYU=
github.com/projectsveltos/libsveltos v0.32.1-0.20240702090008-925c00e1be3d/go.mod h1:m2CcqCd9Gq/czJS1lYmMPrnQTvVzc7AL9xlgXaAaQRE=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g=
Expand Down
28 changes: 28 additions & 0 deletions manifest/manifest.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,6 +483,12 @@ spec:
description: Group of the resource deployed in the
Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the
Cluster.
Expand Down Expand Up @@ -555,6 +561,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down Expand Up @@ -648,6 +655,12 @@ spec:
description: Group of the resource deployed in the
Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the
Cluster.
Expand Down Expand Up @@ -720,6 +733,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down Expand Up @@ -3268,6 +3282,12 @@ spec:
group:
description: Group of the resource deployed in the Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the Cluster.
minLength: 1
Expand Down Expand Up @@ -3337,6 +3357,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down Expand Up @@ -3414,6 +3435,12 @@ spec:
group:
description: Group of the resource deployed in the Cluster.
type: string
ignoreForConfigurationDrift:
description: |-
IgnoreForConfigurationDrift indicates to not track resource
for configuration drift detection.
This field has a meaning only when mode is ContinuousWithDriftDetection
type: boolean
kind:
description: Kind of the resource deployed in the Cluster.
minLength: 1
Expand Down Expand Up @@ -3483,6 +3510,7 @@ spec:
type: string
required:
- group
- ignoreForConfigurationDrift
- kind
- name
- owner
Expand Down
Loading

0 comments on commit 3112fbc

Please sign in to comment.