-
Notifications
You must be signed in to change notification settings - Fork 776
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add reconciling logic for creating cronjobs whenever a new cleanup policy is created #5385
Conversation
Codecov Report
@@ Coverage Diff @@
## main #5385 +/- ##
=======================================
Coverage 36.42% 36.42%
=======================================
Files 172 172
Lines 19087 19087
=======================================
Hits 6952 6952
Misses 11340 11340
Partials 795 795
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
d60913e
to
2b8d997
Compare
@NikhilSharmaWe we need to reconcile observed state with desired state, it means we can't just create cronjobs, the schedule could change for example. |
027b8c5
to
71512bd
Compare
8c9c156
to
9e18b2c
Compare
2b6976b
to
2eb775f
Compare
8c5b9ae
to
cf43e6e
Compare
@NikhilSharmaWe I think code can be factorised, I will push a commit if it's ok. |
2e22abe
to
c7e76dc
Compare
@NikhilSharmaWe I pushed the changes, I took the opportunity to add generic support to enqueue funcs in controller utils. |
cronjobNs := namespace | ||
if namespace == "" { | ||
cronjobNs = config.KyvernoNamespace() | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@NikhilSharmaWe - can you clarify how the namespace is selected to create the cronjob? For clustercleanuppolicy and cleanuppolicy respectively?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For CleanupPolicy
, the cronjob namespace is the same as the policy's namespace.
For ClusterCleanupPolicy
, the cronjob namespace will be the Kyverno namespace.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks Nikhil, that's what I understood.
Not sure if it makes sense to create cronjobs for all policies in the kyverno namespace. It could be confusing to use different namespaces for cleanup policies. This is easy to change, we can update it in the follow-up PRs if needed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cross namespace owner references are not allowed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In case of a namespaced policy the cronjob has to live in the same namespace.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good overall, have a question about the cronjob's namespace. See comments:
Head branch was pushed to by a user without write access
503405c
to
b7c4f93
Compare
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
Signed-off-by: Nikhil Sharma <nikhilsharma230303@gmail.com>
b7c4f93
to
a659cbc
Compare
a659cbc
to
16248fc
Compare
Signed-off-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Let's try to get this in 🤞 |
Signed-off-by: Nikhil Sharma nikhilsharma230303@gmail.com
Explanation
This PR adds reconciling logic for creating CronJob whenever a new cleanup policy is created.