-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: fix calculating patch for respect ignore diff feature #17693
fix: fix calculating patch for respect ignore diff feature #17693
Conversation
@alexmt I'm not sure how much you're trying to tackle in this PR, but this issue has a lot of currently-broken use cases documented, and @blakepettersson converted many (all?) of them to unit tests which maybe could be borrowed in this PR. |
a77046c
to
a96ba8a
Compare
@crenshaw-dev thank you for letting me know @crenshaw-dev . The PR solves the #9678 partially: it is possible to ignore array completely but still impossible to ignore one element of the array. I propose to merge PR to unblock users who want to ignore array fields and continue working on improvement in #17694 |
a96ba8a
to
dcac669
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Signed-off-by: Jesse Suen <jesse@akuity.io>
Signed-off-by: Jesse Suen <jesse@akuity.io>
dcac669
to
ec031a3
Compare
JQPathExpressions: []string{".spec.routes[]"}, | ||
//JSONPointers: []string{"/spec/routes"}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there any value in trying both jqpathexpression and jsonpointer? e.g. Should the test iterate the two options?
ec031a3
to
5fd0115
Compare
Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com>
5fd0115
to
17e164b
Compare
The e2e test was failing because my change introduced another bug. I had to implement strategic merge patch support and partially resolve #17694 . So now user can ignore array elements with merge keys in well known k8s types. CRDs are not supported (same as in diffing). I've added most of tests from #14602 except Rollouts test (since it is CRD) and mutating webhook test (it is trying to merge arrays without merge key). PTAL |
I might be missing something here, but doesn't the mutating webhook test have merge keys in its arrays? webhooks:
- admissionReviewVersions:
- v1beta1
clientConfig:
caBundle: >-
something-new
service:
name: aws-load-balancer-webhook-service
namespace: kube-system
path: /mutate-v1-pod
failurePolicy: Fail
name: mpod.elbv2.k8s.aws # <- merge key?
# Omitted other elements Or do you mean that because each webhook has a |
second := env[1] | ||
third := env[2] | ||
|
||
// Currently the defined order at this time is the insertion order of the target manifest. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this still true when using SMP?
@blakepettersson , thank you for review. I've clicked auto-merge and Github automatically merged PR once CI is green. Checking your comment about mutating webhook test |
/cherry-pick release-2.7 |
Cherry-pick failed with |
/cherry-pick release-2.8 |
Cherry-pick failed with |
/cherry-pick release-2.9 |
Cherry-pick failed with |
/cherry-pick release-2.10 |
Cherry-pick failed with |
…17693) * test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
* test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
* test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
* test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
…17733) * test: unit test for respectIgnoreDifferences bug * test: simplify unit test * fix: fix calculating patch for respect ignore diff feature --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
* fix: elements should be optional (argoproj#17424) (argoproj#17510) A bug was reported, where an applicationset with an empty elements array, when created with `argocd appset create <filename>.yaml` gets a `...list.elements: Required value` error. My hypothesis is that when calling the K8s API, golang JSON marshalling mangles the empty `elements` array to `nil`, rather than creating an empty array when submitting the `POST`. Still need to figure out why the same setup seemingly works fine when the same appset is in an app-of-apps. Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> * Merge pull request from GHSA-jhwx-mhww-rgc3 * sec: limit helm index max size Signed-off-by: pashakostohrys <pavel@codefresh.io> * sec: limit helm index max size Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: fix tests and linter Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * Bump version to 2.10.5 (argoproj#17654) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: pasha-codefresh <pasha-codefresh@users.noreply.github.com> * fix cosign (argoproj#17656) Signed-off-by: Justin Marquis <justin@akuity.io> * chore(deps): bump webpack-dev-middleware from 5.3.1 to 5.3.4 in /ui (argoproj#17598) (argoproj#17686) Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.1 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix(ui): Fix color generation for pod name in logs viewer. Fixes argoproj#17704 (argoproj#17706) (argoproj#17710) * Fix color generation for pod name in logs viewer * Add rebuy to users.md --------- Signed-off-by: Philipp Trulson <der-eismann@users.noreply.github.com> Co-authored-by: Philipp Trulson <der-eismann@users.noreply.github.com> * fix: fix calculating patch for respect ignore diff feature (argoproj#17693) * test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io> * fix(security): use Chainguard fork of git-urls (argoproj#17732) (argoproj#17735) Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * Bump version to 2.10.6 (argoproj#17744) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: alexmt <alexmt@users.noreply.github.com> * Merge pull request from GHSA-2gvw-w6fj-7m3c Signed-off-by: pashakostohrys <pavel@codefresh.io> * Bump version to 2.10.7 (argoproj#17831) Signed-off-by: GitHub <noreply@github.com> Co-authored-by: pasha-codefresh <pasha-codefresh@users.noreply.github.com> * fix: docker build fails due to "The repository 'http://deb.debian.org/debian buster-backports Release' does not have a Release file." Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen and e2e tests in release-2.10 (argoproj#17844) * fix: codegen and e2e tests Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen and e2e tests Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: upgrade redis to 7.0.15 (argoproj#17666) Upgrade to latest stable 7.0.x version to fix CVEs: CVE-2023-41056 Signed-off-by: Tais P. Hansen <taishansen@gmail.com> * Merge pull request from GHSA-9m6p-x4h2-6frq * feat: limit jq.Run with timeout Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: ignore normalizer jq execution timeout as env variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: customize error message and add doc section Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: improve log and change a way how to get variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: rename variable inside sts Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * Merge pull request from GHSA-9m6p-x4h2-6frq * feat: limit jq.Run with timeout Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: ignore normalizer jq execution timeout as env variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: customize error message and add doc section Signed-off-by: pashakostohrys <pavel@codefresh.io> * feat: improve log and change a way how to get variable Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: rename variable inside sts Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import order Signed-off-by: pashakostohrys <pavel@codefresh.io> * chore: fix import`s order Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen after security fix - 2.10 (argoproj#17985) * fix: codegen after security fix Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: codegen after security fix Signed-off-by: pashakostohrys <pavel@codefresh.io> --------- Signed-off-by: pashakostohrys <pavel@codefresh.io> * Bump version to 2.10.8 (argoproj#17990) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <39732895+pasha-codefresh@users.noreply.github.com> * fix: enable sha256 and sha512 for git ssh (argoproj#18028) (argoproj#18029) * fix: bumping the knownhosts to v1.2.2 since this contains a fix that allows for sha256 and sha512 algorithms when using git ssh * chore: remove older version of module from go sum --------- Signed-off-by: Marc Arndt <marc@marcarndt.com> Signed-off-by: Marc Arndt <m.arndt@evana.de> Co-authored-by: Marc Arndt <marc@marcarndt.com> Co-authored-by: Marc Arndt <m.arndt@evana.de> * Bump version to 2.10.9 (argoproj#18033) Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: jannfis <3942683+jannfis@users.noreply.github.com> * fix: status.sync.comparedTo should use replace patch strategy (argoproj#18061) (argoproj#18075) * fix: status.sync.comparedTo should use replace patch strategy * add e2e tests --------- Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> * chore: bump go-jose from 3.0.1 to 3.0.3 (argoproj#18102) Signed-off-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> Co-authored-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> * docs: fix 404 styling (argoproj#18094) (argoproj#18105) * docs: fix 404 styling * hack around custom tag destruction --------- Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> * chore: update gitops engine for force sync option (argoproj#5882) - 2.10 (argoproj#18123) Signed-off-by: pashakostohrys <pavel@codefresh.io> * fix: Enable Redis authentication in the default installation * fix: linter issue * fix: linter issue --------- Signed-off-by: Blake Pettersson <blake.pettersson@gmail.com> Signed-off-by: pashakostohrys <pavel@codefresh.io> Signed-off-by: GitHub <noreply@github.com> Signed-off-by: Justin Marquis <justin@akuity.io> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Philipp Trulson <der-eismann@users.noreply.github.com> Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Signed-off-by: Tais P. Hansen <taishansen@gmail.com> Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Marc Arndt <marc@marcarndt.com> Signed-off-by: Marc Arndt <m.arndt@evana.de> Signed-off-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> Co-authored-by: gcp-cherry-pick-bot[bot] <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Co-authored-by: Blake Pettersson <blake.pettersson@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: pasha-codefresh <pasha-codefresh@users.noreply.github.com> Co-authored-by: Justin Marquis <76892343+34fathombelow@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Philipp Trulson <der-eismann@users.noreply.github.com> Co-authored-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io> Co-authored-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com> Co-authored-by: alexmt <alexmt@users.noreply.github.com> Co-authored-by: Tais P. Hansen <taisph@users.noreply.github.com> Co-authored-by: Marc Arndt <marc@marcarndt.com> Co-authored-by: Marc Arndt <m.arndt@evana.de> Co-authored-by: jannfis <3942683+jannfis@users.noreply.github.com> Co-authored-by: Jayendra Parsai <jparsai@redhat.com> Co-authored-by: Jayendra Parsai <jparsai@jparsai-thinkpadp1gen4i.remote.csb> Co-authored-by: May Zhang <may_zhang@intuit.com>
…17693) * test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
…17693) * test: unit test for respectIgnoreDifferences bug Signed-off-by: Jesse Suen <jesse@akuity.io> * test: simplify unit test Signed-off-by: Jesse Suen <jesse@akuity.io> * fix: fix calculating patch for respect ignore diff feature Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> --------- Signed-off-by: Jesse Suen <jesse@akuity.io> Signed-off-by: Alexander Matyushentsev <AMatyushentsev@gmail.com> Co-authored-by: Jesse Suen <jesse@akuity.io>
Closes #9678
When ignoreDifferences and
RespectIgnoreDifferences=true
are used the Argo CD needs to "copy" values of ignored paths from the k8s resource of the managed cluster to the expected resource. This way "ignored" fields won't be modified. The "copying" was implemented incorrectly for arrays. PR fixes the implementation.It is still impossible to ignoring differences in selected array elements. Created #17694 to track fix.