Skip to content

Commit

Permalink
code-refactoring: add/modify helper functions (argoproj-labs#1202)
Browse files Browse the repository at this point in the history
* fix: don't set phase to available during host reconciliation  (argoproj-labs#918)

* upgrade golangci-lint

Signed-off-by: Jaideep Rao <[email protected]>

* fix phase reconciliation during host reconciliation

Signed-off-by: Jaideep Rao <[email protected]>

* address review comment

Signed-off-by: Jaideep Rao <[email protected]>

* set phase to pending if ingress not found

Signed-off-by: Jaideep Rao <[email protected]>

---------

Signed-off-by: Jaideep Rao <[email protected]>

* update owners file (argoproj-labs#953)

* Move to only adding two roles for managed namespaces (argoproj-labs#954)

* Move to only adding two roles for managed namespaces
---------

Signed-off-by: Salem Elrahal <[email protected]>
Co-authored-by: Salem Elrahal <[email protected]>

* feat: expose operator metrics  (argoproj-labs#928)

Track and expose custom operator performance metrics 
---------

Signed-off-by: Jaideep Rao <[email protected]>

* add build.os config for readthedocs (argoproj-labs#967)

* setup 0.8.0 (argoproj-labs#966)

* feat: Add conversion webhook for ArgoCD v1alpha1 to v1beta1 migration (argoproj-labs#964)

* Add ArgoCD v1beta1 & deprecate v1alpha1

- Add new ArgoCD v1beta1 api
- Mark ArgoCD v1alpha1 as deprecated & add back the removed sso fields
- Use server side validation for "kubectl apply" as client side results into
  failure due to exceeding annotation size limit.

Signed-off-by: Siddhesh Ghadi <[email protected]>

Add funcs for ArgoCD alpha to beta conversion

Signed-off-by: Siddhesh Ghadi <[email protected]>

Add conversion webhook

- Create webhook & setup webhook server on 9443
- Disable operator namespaced install via OLM so that OLM can handle certs for webhook server
- For manual install, user needs to explicitly configure cert manager to inject certs and enable
  webhook server in operator by setting env ENABLE_CONVERSION_WEBHOOK="true"

Signed-off-by: Siddhesh Ghadi <[email protected]>

Resolve local build issues

Signed-off-by: Siddhesh Ghadi <[email protected]>

Tweak webhook configs

Signed-off-by: Siddhesh Ghadi <[email protected]>

Update operator installation docs

Signed-off-by: Siddhesh Ghadi <[email protected]>

Add e2e tests

Signed-off-by: Siddhesh Ghadi <[email protected]>

Minor updates

Signed-off-by: Siddhesh Ghadi <[email protected]>

Fix go-lint ci failure

Signed-off-by: Siddhesh Ghadi <[email protected]>

Update docs

Signed-off-by: Siddhesh Ghadi <[email protected]>

Remove webhook from 0.7.0 bundle

Signed-off-by: Siddhesh Ghadi <[email protected]>

Add spaces in bundle

Signed-off-by: Siddhesh Ghadi <[email protected]>

* update 0.8.0 bundle

Signed-off-by: Siddhesh Ghadi <[email protected]>

---------

Signed-off-by: Siddhesh Ghadi <[email protected]>

* chore(deps): bump pygments from 2.7.4 to 2.15.0 in /docs (argoproj-labs#950)

Bumps [pygments](https://github.com/pygments/pygments) from 2.7.4 to 2.15.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](pygments/pygments@2.7.4...2.15.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: upgrade RH-SSO from 7.5 to 7.6 (argoproj-labs#977)

* upgrade RH-SSO from 7.5 to 7.6

Signed-off-by: iam-veeramalla <[email protected]>

* fix: failing tests

Signed-off-by: iam-veeramalla <[email protected]>

* fix: failing tests

Signed-off-by: iam-veeramalla <[email protected]>

---------

Signed-off-by: iam-veeramalla <[email protected]>

* refactor: Remove dead code (argoproj-labs#979)

* Remove dead code

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Fix import

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Fix imports

Signed-off-by: Siddhesh Ghadi <[email protected]>

---------

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Replace ArgoCD v1alpha1 references with v1beta1 (argoproj-labs#975)

Signed-off-by: Siddhesh Ghadi <[email protected]>

* refactor: Remove deprecated .spec.resourceCustomizations (argoproj-labs#973)

* Remove .spec.resourceCustomizations code

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Update docs

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Update docs

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Address review comments

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Fix typo

Signed-off-by: Siddhesh Ghadi <[email protected]>

---------

Signed-off-by: Siddhesh Ghadi <[email protected]>

* upgrade ArgoCD version to 2.8.2 and update the CRDs (argoproj-labs#984)

* upgrade ArgoCD version to 2.8.2 and update the CRDs

Signed-off-by: ishitasequeira <[email protected]>

* Update argocd image

Signed-off-by: ishitasequeira <[email protected]>

---------

Signed-off-by: ishitasequeira <[email protected]>

* chore: Update ArgoCD v1alpha1 deprecation message (argoproj-labs#988)

* Update ArgoCD v1alpha1 deprecation message

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Run code gen

Signed-off-by: Siddhesh Ghadi <[email protected]>

---------

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Add support for tls self signed certs in AppSet Gitlab SCM Provider (argoproj-labs#985)

* add support for tls self signed certs in AppSet Gitlab SCM Provider

Signed-off-by: ishitasequeira <[email protected]>

* add e2e test

Signed-off-by: ishitasequeira <[email protected]>

* add unit tests

Signed-off-by: ishitasequeira <[email protected]>

* renamed field ScmRootCaPath to SCMRootCaPath

Signed-off-by: ishitasequeira <[email protected]>

* Add documentation and address comments

Signed-off-by: ishitasequeira <[email protected]>

* Address comments

Signed-off-by: ishitasequeira <[email protected]>

---------

Signed-off-by: ishitasequeira <[email protected]>

* chore(deps): bump github.com/argoproj/argo-cd/v2 from 2.8.2 to 2.8.3 (argoproj-labs#992)

Bumps [github.com/argoproj/argo-cd/v2](https://github.com/argoproj/argo-cd) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/argoproj/argo-cd/releases)
- [Changelog](https://github.com/argoproj/argo-cd/blob/master/CHANGELOG.md)
- [Commits](argoproj/argo-cd@v2.8.2...v2.8.3)

---
updated-dependencies:
- dependency-name: github.com/argoproj/argo-cd/v2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: pick up argo cd v2.8.3 (argoproj-labs#993)

Signed-off-by: iam-veeramalla <[email protected]>

* fix: replace deprecated syntax in kustomization.yaml (argoproj-labs#1000)

Signed-off-by: minchao <[email protected]>

* Missing syntax-highlighting, toggle button for screen mode in argocd-operator docs (argoproj-labs#1002)

* Update requirements.txt

added markdown= 3.3.7 and  markdown-include=0.6.0

Signed-off-by: Surajyadav <[email protected]>

* Delete docs/assets/extra.css

deleted extra.css

Signed-off-by: Surajyadav <[email protected]>

* Update mkdocs.yml

added markdown_extension  markdown_include with  codehighlight and toggle for screen mode

Signed-off-by: Surajyadav <[email protected]>

* Update mkdocs.yml

Signed-off-by: Surajyadav <[email protected]>

---------

Signed-off-by: Surajyadav <[email protected]>

* fix: keycloak probes failure and intermittent perforamance issues (argoproj-labs#1007)

* fix: keycloak probes failure results in pod crash

Signed-off-by: iam-veeramalla <[email protected]>

* fix: use latest keycloak image to handle performance issue

Signed-off-by: iam-veeramalla <[email protected]>

---------

Signed-off-by: iam-veeramalla <[email protected]>

* bug: fix heathcheck subkey generation for resources with no group  (argoproj-labs#1013)

* account for empty group during resource customization config subkey generation

---------

Signed-off-by: Jaideep Rao <[email protected]>

* chore(deps): bump golang.org/x/net from 0.11.0 to 0.17.0 (argoproj-labs#1019)

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.11.0 to 0.17.0.
- [Commits](golang/net@v0.11.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add labelSelector option to filter the ArgoCD instances for reconciliation (argoproj-labs#961)

* Added labelselector string to map conversion

Signed-off-by: Raghavi Shirur <[email protected]>

* Changed data-type for labelSelector to parse string

Signed-off-by: Raghavi Shirur <[email protected]>

* Added code to reconcile selected ArgoCD instances based on label selector

Signed-off-by: Raghavi Shirur <[email protected]>

* remove comments

Signed-off-by: Raghavi Shirur <[email protected]>

* Updated argoCD label fetch, renamed env var

Signed-off-by: Raghavi Shirur <[email protected]>

* Updated unit test and yaml

Signed-off-by: Raghavi Shirur <[email protected]>

* Updated unit test

Signed-off-by: Raghavi Shirur <[email protected]>

* Fix yaml env ValueFrom field

Signed-off-by: Raghavi Shirur <[email protected]>

* Added comments and labelSelector check in main.go

Signed-off-by: Raghavi Shirur <[email protected]>

* removed label-selector option from manifest

Signed-off-by: Raghavi Shirur <[email protected]>

* updated label-selector format in manifests

Signed-off-by: Raghavi Shirur <[email protected]>

* added label selector logs

Signed-off-by: Raghavi Shirur <[email protected]>

* go mod tidy

Signed-off-by: Raghavi Shirur <[email protected]>

* added e2e tests for label-selector

Signed-off-by: Raghavi Shirur <[email protected]>

* restructured kuttl files and added operator patch file

Signed-off-by: Raghavi Shirur <[email protected]>

* go mod tidy

Signed-off-by: Raghavi Shirur <[email protected]>

* corrected kuttl tests for cm failure

Signed-off-by: Raghavi Shirur <[email protected]>

* Added documentation for Environment Variable ARGOCD_LABEL_SELECTOR

Signed-off-by: Raghavi Shirur <[email protected]>

* cleanup

Signed-off-by: Raghavi Shirur <[email protected]>

* improved unit tests and some minor changes

Signed-off-by: Raghavi Shirur <[email protected]>

* kuttl rerun

Signed-off-by: Raghavi Shirur <[email protected]>

* removed env var

Signed-off-by: Raghavi Shirur <[email protected]>

* misc modifications

Signed-off-by: Raghavi Shirur <[email protected]>

* argocd-operator csv correction

Signed-off-by: Raghavi Shirur <[email protected]>

* fix bundle error

Signed-off-by: Raghavi Shirur <[email protected]>

* fix bundle error

Signed-off-by: Raghavi Shirur <[email protected]>

* fix manifests build

Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: Ishita Sequeira <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>

* Added more unit test cases

Signed-off-by: Raghavi Shirur <[email protected]>

* rebase

Signed-off-by: Raghavi Shirur <[email protected]>

* removed excess reconcilers

Signed-off-by: Raghavi Shirur <[email protected]>

* minor fix

Signed-off-by: Raghavi Shirur <[email protected]>

* removed extraneous test case and cleaned manager.yaml

Signed-off-by: Raghavi Shirur <[email protected]>

* cleaned manager.yaml

Signed-off-by: Raghavi Shirur <[email protected]>

* fix make bundle issue

Signed-off-by: Raghavi Shirur <[email protected]>

* fix make bundle issue

Signed-off-by: Raghavi Shirur <[email protected]>

---------

Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: Ishita Sequeira <[email protected]>
Co-authored-by: ishitasequeira <[email protected]>

* fix: address CVE-2023-39325 (argoproj-labs#1022)

*address CVE-2023-39325
- upgrade to golang v1.20.10 
- disable http/2 for webhook and metrics server, use http/1.1 by default but make it a configurable flag
- upgarde k8s library packages to v0.28.3
- Add new structs for keycloak API that were previously part of the (now deprecated) keycloak-operator repo 
- upgrade to controller-runtime to v0.16.3
- refactor all unit tests 

---------

Signed-off-by: Jaideep Rao <[email protected]>

* Add gcp cherry-pick bot config (argoproj-labs#1023)

Signed-off-by: Siddhesh Ghadi <[email protected]>

* Add .github/dependabot.yml to enable auto dependency version updates (argoproj-labs#1025)

* feat(dex): add optional env field (argoproj-labs#1005)

* feat(dex): add optional env field

Signed-off-by: Robert Deusser <[email protected]>

* fix: remove non-default configuration

Signed-off-by: Robert Deusser <[email protected]>

* fix: v1alpha1 is deprecated

Signed-off-by: Robert Deusser <[email protected]>

* fix: convert dex spec between api versions

Signed-off-by: Robert Deusser <[email protected]>

* fix: ensure there is no diff in the bundle

Signed-off-by: Robert Deusser <[email protected]>

---------

Signed-off-by: Robert Deusser <[email protected]>

* fix: replace deprecated AddToScheme with Install, and deprecated SchemeGroupVersion with GroupVersion. (argoproj-labs#1066)

Signed-off-by: Cheng Fang <[email protected]>

* allow enabling ArgoCD workloads independently (argoproj-labs#1021)

* allow enabling ArgoCD core workloads independently

Signed-off-by: ishitasequeira <[email protected]>

* fix lint

Signed-off-by: ishitasequeira <[email protected]>

* check for dependent component urls if dependent components are disabled

Signed-off-by: ishitasequeira <[email protected]>

* fix build

Signed-off-by: ishitasequeira <[email protected]>

* fix make bundle

Signed-off-by: ishitasequeira <[email protected]>

* fix tests

Signed-off-by: ishitasequeira <[email protected]>

* Update flags for each component

Signed-off-by: ishitasequeira <[email protected]>

* Update configuration using remote flag

Signed-off-by: ishitasequeira <[email protected]>

* fix CI

Signed-off-by: ishitasequeira <[email protected]>

* Address comments

Signed-off-by: ishitasequeira <[email protected]>

* Addressed feedback

Signed-off-by: ishitasequeira <[email protected]>

* update conversion webhook

Signed-off-by: ishitasequeira <[email protected]>

* fix make build

Signed-off-by: ishitasequeira <[email protected]>

---------

Signed-off-by: ishitasequeira <[email protected]>

* chore(deps): bump argoproj/argocd in /build/util (argoproj-labs#1080)

Bumps argoproj/argocd from `d40da8f` to `644c386`.

---
updated-dependencies:
- dependency-name: argoproj/argocd
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: upgrade Argo CD for release v.9.0 (argoproj-labs#1082)

* feat: upgrade Argo CD for release v.9.0

Signed-off-by: iam-veeramalla <[email protected]>

* fix: unit test failures

Signed-off-by: iam-veeramalla <[email protected]>

---------

Signed-off-by: iam-veeramalla <[email protected]>

* fix the logic for applicationset resources reconcilation when spec.applicationset.enabled is false (argoproj-labs#1089)

* fix the logic for applicationset resources reconciliation when spec.applicationset.enabled is false

Signed-off-by: ishitasequeira <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>

* fix tests

Signed-off-by: ishitasequeira <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>

* delete repo server when repo.enabled is set to false

Signed-off-by: ishitasequeira <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>

* Update status.Phase based on component enabled flag

Signed-off-by: ishitasequeira <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>

* Added kuttl tests

Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>

* Added namespace creation step

Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>

* delete services created for resources

Signed-off-by: ishitasequeira <[email protected]>

* delete server deployment when enabled flag set to false

Signed-off-by: ishitasequeira <[email protected]>

* fix e2e test

Signed-off-by: ishitasequeira <[email protected]>

* fix log message

Signed-off-by: ishitasequeira <[email protected]>

* revert kuttl test timeout

Signed-off-by: ishitasequeira <[email protected]>

* Added test for reverse scenario

Signed-off-by: Raghavi Shirur <[email protected]>

* Dir rename

Signed-off-by: Raghavi Shirur <[email protected]>

* Added e2e test for ha mode

Signed-off-by: Raghavi Shirur <[email protected]>

---------

Signed-off-by: ishitasequeira <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>
Co-authored-by: Raghavi Shirur <[email protected]>

* docs: enabling/disabling individual argocd core components (argoproj-labs#1098)

* Add documentation for enabling/disabling argocd core components

Signed-off-by: ishitasequeira <[email protected]>

* rephrase doc

Signed-off-by: ishitasequeira <[email protected]>

* Address comments

Signed-off-by: ishitasequeira <[email protected]>

---------

Signed-off-by: ishitasequeira <[email protected]>

* fix: Proper reference to where to find default admin password (argoproj-labs#1094)

Signed-off-by: ikegentz <[email protected]>

* adding applicationsets in server rbac policy rule (argoproj-labs#1140)

Signed-off-by: Mangaal <[email protected]>

* remove extra argoutils

Signed-off-by: Jaideep Rao <[email protected]>

* fix logic to allow processor operation to be less than default value (argoproj-labs#1146)

* fix logic to allow operation processors to be less than default value

---------

Signed-off-by: Anand Kumar Singh <[email protected]>

* Use correct repo-server address for notification controller (argoproj-labs#1125)

Signed-off-by: Siddhesh Ghadi <[email protected]>

* remove notifs files

Signed-off-by: Jaideep Rao <[email protected]>

* update all references to updateifchanged

Signed-off-by: Jaideep Rao <[email protected]>

* add resource helper & updated trigger rollout

Signed-off-by: Jaideep Rao <[email protected]>

* add helpers

Signed-off-by: Jaideep Rao <[email protected]>

* remove unnecessary changes

Signed-off-by: Jaideep Rao <[email protected]>

* undo unneccesary appset changes

Signed-off-by: Jaideep Rao <[email protected]>

* add nil check for ss

Signed-off-by: Jaideep Rao <[email protected]>

* add useTLS helper fn

Signed-off-by: Jaideep Rao <[email protected]>

---------

Signed-off-by: Jaideep Rao <[email protected]>
Signed-off-by: Salem Elrahal <[email protected]>
Signed-off-by: Siddhesh Ghadi <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: iam-veeramalla <[email protected]>
Signed-off-by: ishitasequeira <[email protected]>
Signed-off-by: minchao <[email protected]>
Signed-off-by: Surajyadav <[email protected]>
Signed-off-by: Raghavi Shirur <[email protected]>
Signed-off-by: Ishita Sequeira <[email protected]>
Signed-off-by: Robert Deusser <[email protected]>
Signed-off-by: Cheng Fang <[email protected]>
Signed-off-by: ikegentz <[email protected]>
Signed-off-by: Mangaal <[email protected]>
Signed-off-by: Anand Kumar Singh <[email protected]>
Co-authored-by: Regina Scott <[email protected]>
Co-authored-by: Salem Elrahal <[email protected]>
Co-authored-by: Salem Elrahal <[email protected]>
Co-authored-by: Siddhesh Ghadi <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhishek Veeramalla <[email protected]>
Co-authored-by: Ishita Sequeira <[email protected]>
Co-authored-by: Minchao <[email protected]>
Co-authored-by: Suraj yadav <[email protected]>
Co-authored-by: Raghavi <[email protected]>
Co-authored-by: ishitasequeira <[email protected]>
Co-authored-by: Cheng Fang <[email protected]>
Co-authored-by: Robert Deusser <[email protected]>
Co-authored-by: Isaac Gentz <[email protected]>
Co-authored-by: Mangaal <[email protected]>
Co-authored-by: Anand Kumar Singh <[email protected]>
  • Loading branch information
17 people authored and Julia Teslia committed Apr 24, 2024
1 parent 3f53385 commit fd2cd65
Show file tree
Hide file tree
Showing 9 changed files with 229 additions and 105 deletions.
36 changes: 16 additions & 20 deletions controllers/argocd/applicationset/deployment.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,31 +65,27 @@ func (asr *ApplicationSetReconciler) reconcileDeployment() error {
}
deploymentChanged := false

fieldsToCompare := []struct {
existing, desired interface{}
extraAction func()
}{
{&existingDeployment.Spec.Template.Spec.Containers[0].Image, &desiredDeployment.Spec.Template.Spec.Containers[0].Image,
func() {
fieldsToCompare := []argocdcommon.FieldToCompare{
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Image, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Image,
ExtraAction: func() {
existingDeployment.Spec.Template.ObjectMeta.Labels[common.ImageUpgradedKey] = time.Now().UTC().Format(common.TimeFormatMST)
},
},
{&existingDeployment.Spec.Template.Spec.Containers[0].Command, &desiredDeployment.Spec.Template.Spec.Containers[0].Command, nil},
{&existingDeployment.Spec.Template.Spec.Containers[0].Env, &desiredDeployment.Spec.Template.Spec.Containers[0].Env, nil},
{&existingDeployment.Spec.Template.Spec.Containers[0].Resources, &desiredDeployment.Spec.Template.Spec.Containers[0].Resources, nil},
{&existingDeployment.Spec.Template.Spec.Volumes, &desiredDeployment.Spec.Template.Spec.Volumes, nil},
{&existingDeployment.Spec.Template.Spec.NodeSelector, &desiredDeployment.Spec.Template.Spec.NodeSelector, nil},
{&existingDeployment.Spec.Template.Spec.Tolerations, &desiredDeployment.Spec.Template.Spec.Tolerations, nil},
{&existingDeployment.Spec.Template.Spec.ServiceAccountName, &desiredDeployment.Spec.Template.Spec.ServiceAccountName, nil},
{&existingDeployment.Spec.Template.Labels, &desiredDeployment.Spec.Template.Labels, nil},
{&existingDeployment.Spec.Replicas, &desiredDeployment.Spec.Replicas, nil},
{&existingDeployment.Spec.Selector, &desiredDeployment.Spec.Selector, nil},
{&existingDeployment.Labels, &desiredDeployment.Labels, nil},
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Command, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Command, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Env, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Env, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Resources, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Resources, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Volumes, Desired: &desiredDeployment.Spec.Template.Spec.Volumes, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.NodeSelector, Desired: &desiredDeployment.Spec.Template.Spec.NodeSelector, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Tolerations, Desired: &desiredDeployment.Spec.Template.Spec.Tolerations, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.ServiceAccountName, Desired: &desiredDeployment.Spec.Template.Spec.ServiceAccountName, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Labels, Desired: &desiredDeployment.Spec.Template.Labels, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Replicas, Desired: &desiredDeployment.Spec.Replicas, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Selector, Desired: &desiredDeployment.Spec.Selector, ExtraAction: nil},
{Existing: &existingDeployment.Labels, Desired: &desiredDeployment.Labels, ExtraAction: nil},
{Existing: &existingDeployment.Annotations, Desired: &desiredDeployment.Annotations, ExtraAction: nil},
}

for _, field := range fieldsToCompare {
argocdcommon.UpdateIfChanged(field.existing, field.desired, field.extraAction, &deploymentChanged)
}
argocdcommon.UpdateIfChanged(fieldsToCompare, &deploymentChanged)

if deploymentChanged {

Expand Down
46 changes: 24 additions & 22 deletions controllers/argocd/applicationset/rolebinding.go
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
package applicationset

import (
"reflect"

"github.com/argoproj-labs/argocd-operator/common"
"github.com/argoproj-labs/argocd-operator/controllers/argocd/argocdcommon"
"github.com/argoproj-labs/argocd-operator/pkg/cluster"
"github.com/argoproj-labs/argocd-operator/pkg/permissions"
"github.com/pkg/errors"

rbacv1 "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/api/errors"
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
Expand Down Expand Up @@ -61,7 +63,7 @@ func (asr *ApplicationSetReconciler) reconcileRoleBinding() error {

existingRoleBinding, err := permissions.GetRoleBinding(desiredRoleBinding.Name, desiredRoleBinding.Namespace, asr.Client)
if err != nil {
if !errors.IsNotFound(err) {
if !apierrors.IsNotFound(err) {
asr.Logger.Error(err, "reconcileRoleBinding: failed to retrieve roleBinding", "name", desiredRoleBinding.Name, "namespace", desiredRoleBinding.Namespace)
return err
}
Expand All @@ -78,32 +80,32 @@ func (asr *ApplicationSetReconciler) reconcileRoleBinding() error {
return nil
}

roleBindingChanged := false
fieldsToCompare := []struct {
existing, desired interface{}
}{
{
&existingRoleBinding.RoleRef,
&desiredRoleBinding.RoleRef,
},
{
&existingRoleBinding.Subjects,
&desiredRoleBinding.Subjects,
},
// if roleRef differs, we must delete the rolebinding as kubernetes does not allow updation of roleRef
if !reflect.DeepEqual(existingRoleBinding.RoleRef, desiredRoleBinding.RoleRef) {
asr.Logger.Info("detected drift in roleRef for rolebinding", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)
if err := asr.deleteRoleBinding(resourceName, asr.Instance.Namespace); err != nil {
return errors.Wrapf(err, "reconcileRoleBinding: unable to delete obsolete rolebinding %s", existingRoleBinding.Name)
}
return nil
}

rbChanged := false

fieldsToCompare := []argocdcommon.FieldToCompare{
{Existing: &existingRoleBinding.Subjects, Desired: &desiredRoleBinding.Subjects, ExtraAction: nil},
}

for _, field := range fieldsToCompare {
argocdcommon.UpdateIfChanged(field.existing, field.desired, nil, &roleBindingChanged)
argocdcommon.UpdateIfChanged(fieldsToCompare, &rbChanged)

if !rbChanged {
return nil
}

if roleBindingChanged {
if err = permissions.UpdateRoleBinding(existingRoleBinding, asr.Client); err != nil {
asr.Logger.Error(err, "reconcileRoleBinding: failed to update roleBinding", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)
return err
}
if err = permissions.UpdateRoleBinding(existingRoleBinding, asr.Client); err != nil {
return errors.Wrapf(err, "reconcileRoleBinding: failed to update role %s", existingRoleBinding.Name)
}

asr.Logger.V(0).Info("reconcileRoleBinding: roleBinding updated", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)
asr.Logger.Info("rolebinding updated", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)

return nil
}
Expand Down
23 changes: 9 additions & 14 deletions controllers/argocd/applicationset/webhookroute.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,22 +62,17 @@ func (asr *ApplicationSetReconciler) reconcileWebhookRoute() error {

webhookRouteChanged := false

fieldsToCompare := []struct {
existing, desired interface{}
extraAction func()
}{
{&existingRoute.Annotations, &desiredWebhookRoute.Annotations, nil},
{&existingRoute.Labels, &desiredWebhookRoute.Labels, nil},
{&existingRoute.Spec.WildcardPolicy, &desiredWebhookRoute.Spec.WildcardPolicy, nil},
{&existingRoute.Spec.Host, &desiredWebhookRoute.Spec.Host, nil},
{&existingRoute.Spec.Port, &desiredWebhookRoute.Spec.Port, nil},
{&existingRoute.Spec.TLS, &desiredWebhookRoute.Spec.TLS, nil},
{&existingRoute.Spec.To, &desiredWebhookRoute.Spec.To, nil},
fieldsToCompare := []argocdcommon.FieldToCompare{
{Existing: &existingRoute.Annotations, Desired: &desiredWebhookRoute.Annotations, ExtraAction: nil},
{Existing: &existingRoute.Labels, Desired: &desiredWebhookRoute.Labels, ExtraAction: nil},
{Existing: &existingRoute.Spec.WildcardPolicy, Desired: &desiredWebhookRoute.Spec.WildcardPolicy, ExtraAction: nil},
{Existing: &existingRoute.Spec.Host, Desired: &desiredWebhookRoute.Spec.Host, ExtraAction: nil},
{Existing: &existingRoute.Spec.Port, Desired: &desiredWebhookRoute.Spec.Port, ExtraAction: nil},
{Existing: &existingRoute.Spec.TLS, Desired: &desiredWebhookRoute.Spec.TLS, ExtraAction: nil},
{Existing: &existingRoute.Spec.To, Desired: &desiredWebhookRoute.Spec.To, ExtraAction: nil},
}

for _, field := range fieldsToCompare {
argocdcommon.UpdateIfChanged(field.existing, field.desired, field.extraAction, &webhookRouteChanged)
}
argocdcommon.UpdateIfChanged(fieldsToCompare, &webhookRouteChanged)

if webhookRouteChanged {
if err = openshift.UpdateRoute(existingRoute, asr.Client); err != nil {
Expand Down
32 changes: 25 additions & 7 deletions controllers/argocd/argocdcommon/helper.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,32 @@ import (
"github.com/argoproj-labs/argocd-operator/pkg/util"
)

func UpdateIfChanged(existingVal, desiredVal interface{}, extraAction func(), changed *bool) {
if util.IsPtr(existingVal) && util.IsPtr(desiredVal) {
if !reflect.DeepEqual(existingVal, desiredVal) {
reflect.ValueOf(existingVal).Elem().Set(reflect.ValueOf(desiredVal).Elem())
if extraAction != nil {
extraAction()
type FieldToCompare struct {
Existing interface{}
Desired interface{}
ExtraAction func()
}

// UpdateIfChanged accepts a slice of fields to be compared, along with a bool ptr. It compares all the provided fields, updating any fields and setting the bool ptr to true if a drift is detected
func UpdateIfChanged(ftc []FieldToCompare, changed *bool) {
for _, field := range ftc {
if util.IsPtr(field.Existing) && util.IsPtr(field.Desired) {
if !reflect.DeepEqual(field.Existing, field.Desired) {
reflect.ValueOf(field.Existing).Elem().Set(reflect.ValueOf(field.Desired).Elem())
if field.ExtraAction != nil {
field.ExtraAction()
}
*changed = true
}
*changed = true
}
}
}

// PartialMatch accepts a slice of fields to be compared, along with a bool ptr. It compares all the provided fields and sets the bool to false if a drift is detected
func PartialMatch(ftc []FieldToCompare, match *bool) {
for _, field := range ftc {
if !reflect.DeepEqual(field.Existing, field.Desired) {
*match = false
}
}
}
Expand Down
44 changes: 44 additions & 0 deletions controllers/argocd/argocdcommon/tls.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
package argocdcommon

import (
"reflect"

"github.com/argoproj-labs/argocd-operator/pkg/util"
"github.com/argoproj-labs/argocd-operator/pkg/workloads"
corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/types"
"sigs.k8s.io/controller-runtime/pkg/client"
)

// UseTLS, on being invoked by a component, looks for a specified TLS secret on the cluster. If this secret is found, and is owned (either directly or indirectly) by an Argo CD instance, UseTLS returns true. In all other cases it returns false
func UseTLS(secretName, secretNs string, client client.Client, logger *util.Logger) bool {
tlsSecret, err := workloads.GetSecret(secretName, secretNs, client)
if err != nil {
if apierrors.IsNotFound(err) {
logger.Debug("TLS secret not found; skipping TLS enforcement")
return false
}
logger.Error(err, "UseTLS: failed to retrieve tls secret", "name", secretName, "namespace", secretNs)
return false
}

if tlsSecret.Type != corev1.SecretTypeTLS {
// We only process secrets of type kubernetes.io/tls
logger.Debug("secret is not of type kubernetes.io/tls ; skipping TLS enforcement", "name", tlsSecret.Name, "namespace", tlsSecret.Namespace)
return false
}

secretOwner, err := FindSecretOwnerInstance(types.NamespacedName{Name: tlsSecret.Name, Namespace: tlsSecret.Namespace}, client)
if err != nil {
logger.Error(err, "UseTLS: failed to find tls secret owner", "name", tlsSecret.Name, "namespace", tlsSecret.Namespace)
return false
}

if !reflect.DeepEqual(secretOwner, types.NamespacedName{}) {
return true
}

logger.Debug("no owner instance found for secret ; skipping TLS enforcement", "name", tlsSecret.Name, "namespace", tlsSecret.Namespace)
return false
}
8 changes: 8 additions & 0 deletions controllers/argocd/argocdcommon/workloads.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ func TriggerDeploymentRollout(name, namespace, key string, client cntrlClient.Cl
return err
}

if deployment.Spec.Template.ObjectMeta.Labels == nil {
deployment.Spec.Template.ObjectMeta.Labels = make(map[string]string)
}

deployment.Spec.Template.ObjectMeta.Labels[key] = util.NowNano()
return workloads.UpdateDeployment(deployment, client)
}
Expand All @@ -24,6 +28,10 @@ func TriggerStatefulSetRollout(name, namespace, key string, client cntrlClient.C
return err
}

if statefulset.Spec.Template.ObjectMeta.Labels == nil {
statefulset.Spec.Template.ObjectMeta.Labels = make(map[string]string)
}

statefulset.Spec.Template.ObjectMeta.Labels[key] = util.NowNano()
return workloads.UpdateStatefulSet(statefulset, client)
}
35 changes: 15 additions & 20 deletions controllers/argocd/notifications/deployment.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,31 +65,26 @@ func (nr *NotificationsReconciler) reconcileDeployment() error {
}
deploymentChanged := false

fieldsToCompare := []struct {
existing, desired interface{}
extraAction func()
}{
{&existingDeployment.Spec.Template.Spec.Containers[0].Image, &desiredDeployment.Spec.Template.Spec.Containers[0].Image,
func() {
fieldsToCompare := []argocdcommon.FieldToCompare{
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Image, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Image,
ExtraAction: func() {
existingDeployment.Spec.Template.ObjectMeta.Labels[common.ImageUpgradedKey] = time.Now().UTC().Format(common.TimeFormatMST)
},
},
{&existingDeployment.Spec.Template.Spec.Containers[0].Command, &desiredDeployment.Spec.Template.Spec.Containers[0].Command, nil},
{&existingDeployment.Spec.Template.Spec.Containers[0].Env, &desiredDeployment.Spec.Template.Spec.Containers[0].Env, nil},
{&existingDeployment.Spec.Template.Spec.Containers[0].Resources, &desiredDeployment.Spec.Template.Spec.Containers[0].Resources, nil},
{&existingDeployment.Spec.Template.Spec.Volumes, &desiredDeployment.Spec.Template.Spec.Volumes, nil},
{&existingDeployment.Spec.Template.Spec.NodeSelector, &desiredDeployment.Spec.Template.Spec.NodeSelector, nil},
{&existingDeployment.Spec.Template.Spec.Tolerations, &desiredDeployment.Spec.Template.Spec.Tolerations, nil},
{&existingDeployment.Spec.Template.Spec.ServiceAccountName, &desiredDeployment.Spec.Template.Spec.ServiceAccountName, nil},
{&existingDeployment.Spec.Template.Labels, &desiredDeployment.Spec.Template.Labels, nil},
{&existingDeployment.Spec.Replicas, &desiredDeployment.Spec.Replicas, nil},
{&existingDeployment.Spec.Selector, &desiredDeployment.Spec.Selector, nil},
{&existingDeployment.Labels, &desiredDeployment.Labels, nil},
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Command, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Command, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Env, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Env, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Containers[0].Resources, Desired: &desiredDeployment.Spec.Template.Spec.Containers[0].Resources, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Volumes, Desired: &desiredDeployment.Spec.Template.Spec.Volumes, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.NodeSelector, Desired: &desiredDeployment.Spec.Template.Spec.NodeSelector, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.Tolerations, Desired: &desiredDeployment.Spec.Template.Spec.Tolerations, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Spec.ServiceAccountName, Desired: &desiredDeployment.Spec.Template.Spec.ServiceAccountName, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Template.Labels, Desired: &desiredDeployment.Spec.Template.Labels, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Replicas, Desired: &desiredDeployment.Spec.Replicas, ExtraAction: nil},
{Existing: &existingDeployment.Spec.Selector, Desired: &desiredDeployment.Spec.Selector, ExtraAction: nil},
{Existing: &existingDeployment.Labels, Desired: &desiredDeployment.Labels, ExtraAction: nil},
}

for _, field := range fieldsToCompare {
argocdcommon.UpdateIfChanged(field.existing, field.desired, field.extraAction, &deploymentChanged)
}
argocdcommon.UpdateIfChanged(fieldsToCompare, &deploymentChanged)

if deploymentChanged {

Expand Down
46 changes: 24 additions & 22 deletions controllers/argocd/notifications/rolebinding.go
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
package notifications

import (
"reflect"

"github.com/argoproj-labs/argocd-operator/common"
"github.com/argoproj-labs/argocd-operator/controllers/argocd/argocdcommon"
"github.com/argoproj-labs/argocd-operator/pkg/cluster"
"github.com/argoproj-labs/argocd-operator/pkg/permissions"
"github.com/pkg/errors"

rbacv1 "k8s.io/api/rbac/v1"
"k8s.io/apimachinery/pkg/api/errors"
apierrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
Expand Down Expand Up @@ -61,7 +63,7 @@ func (nr *NotificationsReconciler) reconcileRoleBinding() error {

existingRoleBinding, err := permissions.GetRoleBinding(desiredRoleBinding.Name, desiredRoleBinding.Namespace, nr.Client)
if err != nil {
if !errors.IsNotFound(err) {
if !apierrors.IsNotFound(err) {
nr.Logger.Error(err, "reconcileRoleBinding: failed to retrieve roleBinding", "name", desiredRoleBinding.Name, "namespace", desiredRoleBinding.Namespace)
return err
}
Expand All @@ -78,32 +80,32 @@ func (nr *NotificationsReconciler) reconcileRoleBinding() error {
return nil
}

roleBindingChanged := false
fieldsToCompare := []struct {
existing, desired interface{}
}{
{
&existingRoleBinding.RoleRef,
&desiredRoleBinding.RoleRef,
},
{
&existingRoleBinding.Subjects,
&desiredRoleBinding.Subjects,
},
// if roleRef differs, we must delete the rolebinding as kubernetes does not allow updation of roleRef
if !reflect.DeepEqual(existingRoleBinding.RoleRef, desiredRoleBinding.RoleRef) {
nr.Logger.Info("detected drift in roleRef for rolebinding", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)
if err := nr.deleteRoleBinding(resourceName, nr.Instance.Namespace); err != nil {
return errors.Wrapf(err, "reconcileRoleBinding: unable to delete obsolete rolebinding %s", existingRoleBinding.Name)
}
return nil
}

rbChanged := false

fieldsToCompare := []argocdcommon.FieldToCompare{
{Existing: &existingRoleBinding.Subjects, Desired: &desiredRoleBinding.Subjects, ExtraAction: nil},
}

for _, field := range fieldsToCompare {
argocdcommon.UpdateIfChanged(field.existing, field.desired, nil, &roleBindingChanged)
argocdcommon.UpdateIfChanged(fieldsToCompare, &rbChanged)

if !rbChanged {
return nil
}

if roleBindingChanged {
if err = permissions.UpdateRoleBinding(existingRoleBinding, nr.Client); err != nil {
nr.Logger.Error(err, "reconcileRoleBinding: failed to update roleBinding", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)
return err
}
if err = permissions.UpdateRoleBinding(existingRoleBinding, nr.Client); err != nil {
return errors.Wrapf(err, "reconcileRoleBinding: failed to update role %s", existingRoleBinding.Name)
}

nr.Logger.V(0).Info("reconcileRoleBinding: roleBinding updated", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)
nr.Logger.Info("rolebinding updated", "name", existingRoleBinding.Name, "namespace", existingRoleBinding.Namespace)

return nil
}
Expand Down
Loading

0 comments on commit fd2cd65

Please sign in to comment.