Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG: configuration drift detection does not work in the scenario described by this bug #363

Closed
gianlucam76 opened this issue Oct 13, 2023 · 2 comments
Closed

BUG: configuration drift detection does not work in the scenario described by this bug #363

gianlucam76 opened this issue Oct 13, 2023 · 2 comments
Labels
bug Something isn't working

Comments

@gianlucam76
Copy link
Member

Problem Description

When deploying this ClusterPolicy, configuration drift detection does not work.

apiVersion: config.projectsveltos.io/v1alpha1
kind: ClusterProfile
metadata:
  name: podinfo
spec:
  clusterSelector: env=fv
  helmCharts:
  - chartName: podinfo/podinfo
    chartVersion: v6.5.1
    helmChartAction: Install
    releaseName: podinfo
    releaseNamespace: test
    repositoryName: podinfo
    repositoryURL: https://stefanprodan.github.io/podinfo
  syncMode: ContinuousWithDriftDetection

An initial debug of the issue indicates the problem to be in addon-controller.

Addon-controller, when a ClusterProfile syncMode is set to ContinuousWithDriftDetection, gets list of resources deployed and pass it to drift-detection-manager.

In this case, the manifest returned by Helm does not have namespace even for namespace resources..

    - group: apps
      kind: Deployment
      name: podinfo
      version: v1

while in general in other cases this is what is returned

    - group: apps
      kind: Deployment
      name: kyverno-admission-controller
      namespace: kyverno
      version: v1

The missing namespace information is causing drift-detection-manager to fail.
@gianlucam76 gianlucam76 added the bug Something isn't working label Oct 13, 2023
@gianlucam76
Copy link
Member Author

FYI @promet

gianlucam76 pushed a commit to gianlucam76/drift-detection-manager that referenced this issue Oct 15, 2023
bug: use helm chart namespace when collecting resources
534e784 
When a ClusterProfile is using configuration drift detection:

1. addon-controller gets list of deployed resources
2. passes this information in a ResourceSummary to drift-detection-manager
3. drift-detection-manager starts watching those resources and when it
detects a configuration drift, drift-detection-manager reports it to
management cluster causing a new reconciliation

With respect to Helm charts, addon-controller gets list of deployed
resources using helm SDK and using manifest.
In certain scenarios, like this [one](projectsveltos/addon-controller#363)
manifest does not contain namespace for namespace resources like deployments.

If namespace is not set for namespace resource, point projectsveltos#3 won't work.

This PR fixes that. When drift-detection-manager gets resources deployed
by addon-controller because of an Helm chart, it adds the helm chart namespace.
This information is later on processed with dynamic.ResourceInterface which
ignores namespace for cluster wide.
gianlucam76 pushed a commit to gianlucam76/drift-detection-manager that referenced this issue Oct 15, 2023
bug: use helm chart namespace when collecting resources
c090a5b 
When a ClusterProfile is using configuration drift detection:

1. addon-controller gets list of deployed resources
2. passes this information in a ResourceSummary to drift-detection-manager
3. drift-detection-manager starts watching those resources and when it
detects a configuration drift, drift-detection-manager reports it to
management cluster causing a new reconciliation

With respect to Helm charts, addon-controller gets list of deployed
resources using helm SDK and using manifest.
In certain scenarios, like this [one](projectsveltos/addon-controller#363)
manifest does not contain namespace for namespace resources like deployments.

If namespace is not set for namespace resource, point projectsveltos#3 won't work.

This PR fixes that. When drift-detection-manager gets resources deployed
by addon-controller because of an Helm chart, it adds the helm chart namespace.
This information is later on processed with dynamic.ResourceInterface which
ignores namespace for cluster wide.
@gianlucam76 gianlucam76 mentioned this issue Oct 15, 2023
Merged
@gianlucam76
Copy link
Member Author

Fixed changing drift-detection-manager projectsveltos/drift-detection-manager#126

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@gianlucam76