Update go, dependencies and refactor controllers through splitting into multiple single responsibility controllers #156
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Before moving forward with this PR, I want to experiment a bit with kubebuilder/controller-runtime/operator-sdk. This repo was generated from operator-sdk, and I'd like to keep it that way so it is easier for us to ship the operator. From past experience, kubebuilder is very opinionated when it comes to directory structure - I don't want to go down a path that breaks this.
| // executed, otherwise the regular deploy workflow takes place. | ||
| func (r *CertificatesReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { | ||
| logger := r.Logger.WithValues("namespace", req.Namespace, "name", req.Name) | ||
| logger.Info("Starting resource reconciliation...") |
There was a problem hiding this comment.
Do we have a "debug" log level? This would otherwise generate a chatty log.
There was a problem hiding this comment.
comment removed, we dont have debug level
| } | ||
|
|
||
| // ReconcileCertManager | ||
| if common.BoolFromEnvVar(commonctrl.UseManagedWebhookCerts) { |
There was a problem hiding this comment.
Since an env var controls if we create certs or not, I think we should use the env var to determine if we run the controller in the first place.
| err = r.Get(ctx, certificateName, &certmanager.Certificate{}) | ||
| g.Expect(err).To(o.BeNil()) |
There was a problem hiding this comment.
Shouldn't this eventually result in a not found error? Isn't the goal for the operator to delete the cert in this scenario?
There was a problem hiding this comment.
You are right, well actually i reverted this because deleting the cr , will give an error on reconcile function, the object is not found, however reverting the test as it is, is given an error, looks like we can nolonger update the deletionTimestamp field.
Expected <*errors.errorString | 0xc000240500>: error: Unable to edit name: metadata.deletionTimestamp field is immutable { s: "error: Unable to edit name: metadata.deletionTimestamp field is immutable", } to be nil
To be honest i dont see how to fix this
| return ctrl.NewControllerManagedBy(mgr). | ||
| For(&v1alpha1.ShipwrightBuild{}, builder.WithPredicates(predicate.Funcs{ |
There was a problem hiding this comment.
Shouldn't this controller own/watch cert-manager components?
| @@ -174,7 +206,7 @@ func (r *ShipwrightBuildReconciler) Reconcile(ctx context.Context, req ctrl.Requ | |||
| } else { | |||
| transformerfncs = append(transformerfncs, manifestival.InjectNamespace(targetNamespace)) | |||
| transformerfncs = append(transformerfncs, common.DeploymentImages(images)) | |||
| transformerfncs = append(transformerfncs, common.InjectAnnotations(CertManagerInjectAnnotationKey, fmt.Sprintf(CertManagerInjectAnnotationValueTemplate, targetNamespace), common.Overwrite, "CustomResourceDefinition")) | |||
| transformerfncs = append(transformerfncs, common.InjectAnnotations(commonctrl.CertManagerInjectAnnotationKey, fmt.Sprintf(commonctrl.CertManagerInjectAnnotationValueTemplate, targetNamespace), common.Overwrite, "CustomResourceDefinition")) | |||
There was a problem hiding this comment.
Perhaps add a code comment to clarify why were are adding cert manager annotations here?
| init := b.Status.Conditions == nil | ||
| if init { | ||
| b.Status.Conditions = make([]metav1.Condition, 0) | ||
| apimeta.SetStatusCondition(&b.Status.Conditions, metav1.Condition{ | ||
| Type: commonctrl.ConditionReady, | ||
| Status: metav1.ConditionUnknown, // we just started trying to reconcile | ||
| Reason: "Init", | ||
| Message: "Initializing Shipwright Operator", | ||
| }) | ||
| if err := r.Client.Status().Update(ctx, b); err != nil { | ||
| return commonctrl.RequeueWithError(err) | ||
| } | ||
| } |
There was a problem hiding this comment.
Minor race condition risk - since two controllers are watching the same object, you might have both try to update the same object at the same time. This will result in a client "conflict" error, one will get requeued.
There was a problem hiding this comment.
remove this logic from this controller, we keep it only on build controller
| if err := r.Get(ctx, types.NamespacedName{Name: targetNamespace}, ns); err != nil { | ||
| if !errors.IsNotFound(err) { | ||
| logger.Info("retrieving target namespace %s error: %s", targetNamespace, err.Error()) | ||
| return commonctrl.RequeueOnError(err) | ||
| } | ||
| ns.Name = targetNamespace | ||
|
|
||
| if err = r.Create(ctx, ns, &client.CreateOptions{Raw: &metav1.CreateOptions{}}); err != nil { | ||
| if !errors.IsAlreadyExists(err) { | ||
| logger.Info("creating target namespace %s error: %s", targetNamespace, err.Error()) | ||
| return commonctrl.RequeueOnError(err) | ||
| } | ||
| } | ||
| logger.Info("created target namespace") | ||
| } |
There was a problem hiding this comment.
?Ditto race condition risk. Does it make sense to have the ShipwrightBuild controller create the target namespace, and this controller just requeue while it waits for the target namespace to be created?
There was a problem hiding this comment.
fixed, the controller requeue waiting for namespace to be created
jkhelil
force-pushed
the
refactor_controller
branch
2 times, most recently
from
6410d30 to
0732ce0
Compare
… from certificates controller shipwright build controller to reconcile shipwright build manifest certificates controller to reconcile webhook certificate
jkhelil
force-pushed
the
refactor_controller
branch
5 times, most recently
from
5ed4097 to
f0fa18f
Compare
jkhelil
force-pushed
the
refactor_controller
branch
from
f0fa18f to
4776244
Compare
Changes
Submitter Checklist
See the contributor guide
for details on coding conventions, github and prow interactions, and the code review process.
Release Notes