-
Notifications
You must be signed in to change notification settings - Fork 19
Remove finalizers from secret when reference is removed #54
Remove finalizers from secret when reference is removed #54
Conversation
/kind bug |
7b2dccb
to
ccec2c6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally looks good! Just nits :)
ccec2c6
to
db9267a
Compare
} | ||
} | ||
|
||
func metaHasFinalizer(meta metav1.Object, finalizer string) bool { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm okay, I was more thinking about also including the
if e.MetaNew == nil {
log.Error(nil, "Update event has no new object meta", "event", e)
return false
}
part in this function. But anyways, it's fine and doesn't matter too much.
/lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh sorry, then I misunderstood.
Anyways, let's keep it this way, so we can have more meaningful logs in case of errors (like "Create/Update event" and also the event
attribute) without passing basically everything to the helper function :)
What this PR does / why we need it:
This PR adds a new controller for secrets, that is only responsible for adding/removing
grm
's finalizer to/from secrets referenced by ManagedResources.It watches ManagedResources and enqueues all secrets on a generation change, that are/were referenced by the ManagedResource. It additionally enqueues secrets with its finalizer on create and update to remove its finalizer if it missed an important update event during a downtime.
So now, grm properly removes its finalizer from secrets that are not referenced by a ManagedResource anymore.
Which issue(s) this PR fixes:
Fixes #52
Special notes for your reviewer:
Tests will fail because of changes introduced by #46, but should run green after rebasing on #53
✅ test-wise depends on #53
Release note: