-
Notifications
You must be signed in to change notification settings - Fork 5.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A way to cause resources to be deleted and recreated #5882
Comments
We've recently introduced |
@alexmt What I'm still missing in the documentation you linked: Can the |
I just performed the following test: Add this Pod to ArgoCD:
Wait until it is running, then change the manifest to this:
Unfortunately, the change fails to apply because Kubernetes responds with |
Sorry for delay in response @sgielen . You added annotation to the Pod spec stored in Git, correct? Which Argo CD version are you using? |
Hi @alexmt I tried this to, by just updating a deployment (in github) with version 2.0.2 of argocd. I added the annotation for Replace=true to my deployment, and added a new label to the selector, but that still doesn't work. argo give the error
Desired manifest from the argcd UI:
|
I don't think this option is setup for individual resources, but rather only at the application CRD level. I don't see this annotation getting read, or used, anywhere. |
This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further. |
/reopen |
Like I'm @mikebryant I have some immutable GCP ConfigConnector resources (
As @mmerrill3 mentioned, a first problem is that "Replace" might not be set up for individual resources, but I'm getting the sync error above when triggering a manual sync with Replace for this resource in the UI. Is there a need for a "delete + apply" sync option for when "replace" won't do, or am I missing something ? |
Hi @alexmt, should this be labelled as a bug rather than an enhancement ? The stable documentation suggests this should be working at the resource level, but it isn't for me (ArgoCD v2.1.1+aab9542) :
Resource :
|
DO NOT work for Job
|
@alexmt A gentle nudge regarding this issue, your question has been answered and it appears multiple people are running into this :-) |
Just run into the same issue. Cannot change spec of job despite using "Replace=true" syncOption... Edit. - For anyone struggling with this issue in case of kubernetes jobs -> calculate a checksum of immutable fields and simply append substr of it to name of the job. |
Hi @alexmt, is there anything else blocking this ? |
Seems from the UI using force allows the sync of the Job to succeed (delete+recreate). The annotation below could be nice to have:
|
Happy new year ! Any update on this please ? |
To fix the apiVersion: batch/v1
kind: Job
metadata:
name: generate-ca-bundle
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-delete-policy": before-hook-creation Which maps to: apiVersion: batch/v1
kind: Job
metadata:
name: generate-ca-bundle
annotations:
argocd.argoproj.io/hook: PostSync
argocd.argoproj.io/hook-delete-policy: BeforeHookCreation Refs: |
I needed to have the Job specified in a sync wave, so what I did was create a Job that runs in a PreSync hook that deletes the Job that wouldn't update. The only other change I needed to do was to create a Role and RoleBinding allowing the SA to delete the Job. It's a bit of a hack, but it works.
|
@lamebear I don't understand why you need to delete the configmap (there is no immutable fields in a configmap)... |
+1 |
Hitting the same on ArgoCD v2.2.8 via gitops operator. Testing SyncOption Replace=True on a Job resource without any hooks, both at Argocd Application level and specific resource level via annotation does not work and sync fails due to immutability. |
Hi, any updates on this issue? I have similar problem! |
@aldycool Have you tried using a Deployment with |
@sathieu Yes you're right, I've tested your approach (Deployment with Recreate) and it works fine, thanks. I actually knew about this from the kubernetes docs, but this statement threw me off:
I thought that in order to kill the pods, the Deployment manifest must somehow be different than the existing one (to be considered an upgrade), but evidently it works evem though the Deployment is exactly the same as it was. |
@aldycool the problem never really was with Deployments but with immutable types like job or cronjob to update their image spec to newer images for example myjobimage:1.0.0 to myjobimage:2.0.0 Any news about my proposed solution on this comment? #5882 (comment) We need "Force" support in the manifest annotation, not just on the UI:
|
Is there any update on this issue? This issue has been open for almost 2 years at this point. For those finding this issue now, there are currently three work arounds each with drawbacks:
There is a solution proposed by @ktzsolt to allow setting |
Adding my two cents to this issue, I believe this is a much needed feature. I am trying to get secrets to update in a similar fashion. The secrets are created from an application set and when the values are updated they are not shown out of sync so I have to delete the secrets and re-create them whenever they get updated. Have a replace and force annotation to add to these secrets would be ideal. |
Adding also my 2c here, I need to re-run jobs after a configmap get changed, but the only way of using Replace+Force via UI. |
I found a workaround which works for the
With this setup, everytime new Example Configmap
Partial example of Job resource template
|
@alexmt I have drafted a PR for |
Any updates on this? |
Working with @n9 on the prerequisite gitops-engine PR. |
Is there any updates for the |
@yukccy you can achieve that with https://github.com/stakater/Reloader |
* chore: update gitops engine version Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: e2e and docs for force sync options Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * docs: Add warning description of force sync options Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io>
Signed-off-by: pashakostohrys <pavel@codefresh.io>
Signed-off-by: pashakostohrys <pavel@codefresh.io>
* fix: elements should be optional (argoproj#17424) (argoproj#17510) A bug was reported, where an applicationset with an empty elements array, when created with `argocd appset create <filename>.yaml` gets a `...list.elements: Required value` error. My hypothesis is that when calling the K8s API, golang JSON marshalling mangles the empty `elements` array to `nil`, rather than creating an empty array when submitting the `POST`. Still need to figure out why the same setup seemingly works fine when the same appset is in an app-of-apps. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * Merge pull request from GHSA-jhwx-mhww-rgc3 * sec: limit helm index max size Signed-off-by: pashakostohrys <pavel@codefresh.io> * sec: limit helm index max size Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: fix tests and linter Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * Bump version to 2.10.5 (argoproj#17654) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: pasha-codefresh <pasha-codefresh@users.noreply.github.com> * fix cosign (argoproj#17656) Signed-off-by: Justin Marquis <justin@akuity.io> * chore(deps): bump webpack-dev-middleware from 5.3.1 to 5.3.4 in /ui (argoproj#17598) (argoproj#17686) Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.1 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(ui): Fix color generation for pod name in logs viewer. Fixes argoproj#17704 (argoproj#17706) (argoproj#17710) * Fix color generation for pod name in logs viewer * Add rebuy to users.md --------- Signed-off-by: Philipp Trulson <der-eismann@users.noreply.github.com> Co-authored-by: Philipp Trulson <der-eismann@users.noreply.github.com> * fix: fix calculating patch for respect ignore diff feature (argoproj#17693) * test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io> * fix(security): use Chainguard fork of git-urls (argoproj#17732) (argoproj#17735) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * Bump version to 2.10.6 (argoproj#17744) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: alexmt <alexmt@users.noreply.github.com> * Merge pull request from GHSA-2gvw-w6fj-7m3c Signed-off-by: pashakostohrys <pavel@codefresh.io> * Bump version to 2.10.7 (argoproj#17831) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: pasha-codefresh <pasha-codefresh@users.noreply.github.com> * fix: docker build fails due to "The repository 'http://deb.debian.org/debian buster-backports Release' does not have a Release file." Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen and e2e tests in release-2.10 (argoproj#17844) * fix: codegen and e2e tests Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen and e2e tests Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: upgrade redis to 7.0.15 (argoproj#17666) Upgrade to latest stable 7.0.x version to fix CVEs: CVE-2023-41056 Signed-off-by: Tais P. Hansen <taishansen@gmail.com> * Merge pull request from GHSA-9m6p-x4h2-6frq * feat: limit jq.Run with timeout Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: ignore normalizer jq execution timeout as env variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: customize error message and add doc section Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: improve log and change a way how to get variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: rename variable inside sts Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * Merge pull request from GHSA-9m6p-x4h2-6frq * feat: limit jq.Run with timeout Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: ignore normalizer jq execution timeout as env variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: customize error message and add doc section Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: improve log and change a way how to get variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: rename variable inside sts Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen after security fix - 2.10 (argoproj#17985) * fix: codegen after security fix Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen after security fix Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * Bump version to 2.10.8 (argoproj#17990) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <39732895+pasha-codefresh@users.noreply.github.com> * fix: enable sha256 and sha512 for git ssh (argoproj#18028) (argoproj#18029) * fix: bumping the knownhosts to v1.2.2 since this contains a fix that allows for sha256 and sha512 algorithms when using git ssh * chore: remove older version of module from go sum --------- Signed-off-by: Marc Arndt <marc@marcarndt.com> Signed-off-by: Marc Arndt <m.arndt@evana.de> Co-authored-by: Marc Arndt <marc@marcarndt.com> Co-authored-by: Marc Arndt <m.arndt@evana.de> * Bump version to 2.10.9 (argoproj#18033) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: jannfis <3942683+jannfis@users.noreply.github.com> * fix: status.sync.comparedTo should use replace patch strategy (argoproj#18061) (argoproj#18075) * fix: status.sync.comparedTo should use replace patch strategy * add e2e tests --------- Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: bump go-jose from 3.0.1 to 3.0.3 (argoproj#18102) Signed-off-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> Co-authored-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> * docs: fix 404 styling (argoproj#18094) (argoproj#18105) * docs: fix 404 styling * hack around custom tag destruction --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * chore: update gitops engine for force sync option (argoproj#5882) - 2.10 (argoproj#18123) Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: Enable Redis authentication in the default installation * fix: linter issue * fix: linter issue --------- Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: pashakostohrys <pavel@codefresh.io> Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Justin Marquis <justin@akuity.io> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Philipp Trulson <der-eismann@users.noreply.github.com> Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Tais P. Hansen <taishansen@gmail.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Marc Arndt <marc@marcarndt.com> Signed-off-by: Marc Arndt <m.arndt@evana.de> Signed-off-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> Co-authored-by: gcp-cherry-pick-bot[bot] <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pasha-codefresh@users.noreply.github.com> Co-authored-by: Justin Marquis <76892343+34fathombelow@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Philipp Trulson <der-eismann@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: alexmt <alexmt@users.noreply.github.com> Co-authored-by: Tais P. Hansen <taisph@users.noreply.github.com> Co-authored-by: Marc Arndt <marc@marcarndt.com> Co-authored-by: Marc Arndt <m.arndt@evana.de> Co-authored-by: jannfis <3942683+jannfis@users.noreply.github.com> Co-authored-by: Jayendra Parsai <jparsai@redhat.com> Co-authored-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> Co-authored-by: May Zhang <may_zhang@intuit.com>
…goproj#17866) * chore: update gitops engine version Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: e2e and docs for force sync options Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * docs: Add warning description of force sync options Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io>
…goproj#17866) * chore: update gitops engine version Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * add: e2e and docs for force sync options Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> * docs: Add warning description of force sync options Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> --------- Signed-off-by: kkk777-7 <kota.kimura0725@gmail.com> Co-authored-by: pasha-codefresh <pavel@codefresh.io>
….11 (argoproj#18125) Signed-off-by: pashakostohrys <pavel@codefresh.io> Co-authored-by: Kota Kimura <86363983+kkk777-7@users.noreply.github.com>
Summary
There should be a way to specify that resources should be deleted and recreated on a change to all/part of the spec
Motivation
Some resources can't be changed in place, e.g.
Proposal
Add an option to the
argocd.argoproj.io/sync-options
annotation for this behaviour?The text was updated successfully, but these errors were encountered: