Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: invoke cleanup process during shutdown #5974

Merged
merged 6 commits into from
Jan 12, 2023
Merged

fix: invoke cleanup process during shutdown #5974

merged 6 commits into from
Jan 12, 2023

Conversation

realshuting
Copy link
Member

@realshuting realshuting commented Jan 11, 2023
edited

Signed-off-by: ShutingZhao shuting@nirmata.com

Explanation

This PR cleans up Kyverno managed resources (leases, *webhookconfigurations) and fixes the shutdown panic. The webhooks' owner is set to clusterrole kyverno:webhook to deal with Helm uninstall where kyverno lost permission to perform such cleanup.

Related issue

Closes #5942.
Closes #5355.

Milestone of this PR

/1.9.0

What type of PR is this

/bug

Proposed Changes

Proof Manifests

Checklist

  • I have read the contributing guidelines.
  • I have read the PR documentation guide and followed the process including adding proof manifests to this PR.
  • This is a bug fix and I have added unit tests that prove my fix is effective.
  • This is a feature and I have added CLI tests that are applicable.
  • My PR needs to be cherry picked to a specific release branch which is .
  • My PR contains new or altered behavior to Kyverno and
    • CLI support should be added and my PR doesn't contain that functionality.
    • I have added or changed the documentation myself in an existing PR and the link is:
    • I have raised an issue in kyverno/website to track the documentation update and the link is:

Further Comments

@codecov
Copy link

codecov bot commented Jan 11, 2023
edited

Codecov Report

Merging #5974 (ee140df) into main (baee6e9) will decrease coverage by 0.03%.
The diff coverage is 0.00%.

@@            Coverage Diff             @@
##             main    #5974      +/-   ##
==========================================
- Coverage   35.93%   35.89%   -0.04%     
==========================================
  Files         192      192              
  Lines       21037    21060      +23     
==========================================
  Hits         7560     7560              
- Misses      12643    12666      +23     
  Partials      834      834
Impacted Files Coverage Δ
pkg/controllers/webhook/controller.go 0.00% <0.00%> (ø)
pkg/controllers/webhook/utils.go 29.54% <0.00%> (ø)
pkg/utils/annotations.go 81.11% <ø> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@realshuting
fix shutdown cleanup
bc7bdca 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
@realshuting realshuting marked this pull request as ready for review January 11, 2023 14:05
@realshuting realshuting requested review from eddycharly and removed request for prateekpandey14 January 11, 2023 14:20
@realshuting
fix shutdown panic
31fb0c8 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
@realshuting
cleanup webhooks by the label
b607105 
Signed-off-by: ShutingZhao <shuting@nirmata.com>
@realshuting realshuting added this to the Kyverno Release 1.9.0 milestone Jan 11, 2023
@realshuting
Copy link
Member Author

/cherry-pick release-1.9

@realshuting realshuting enabled auto-merge (squash) January 11, 2023 16:54
@realshuting realshuting mentioned this pull request Jan 11, 2023
Closed
2 tasks
@realshuting realshuting removed this from the Kyverno Release 1.9.0 milestone Jan 11, 2023
eddycharly
eddycharly reviewed Jan 11, 2023
View reviewed changes
pkg/utils/annotations.go
Comment on lines +17 to +18
ManagedByLabel = "webhook.kyverno.io/managed-by"
KyvernoComponentLabel = "app.kubernetes.io/component"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure it's the best place to define those new const.
Not a blocker, we can change later.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sure

eddycharly
eddycharly approved these changes Jan 11, 2023
View reviewed changes
Copy link
Member

@eddycharly eddycharly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Quickly looked at it, looks ok.
Did you test it ?

@realshuting
Copy link
Member Author

Quickly looked at it, looks ok. Did you test it ?

Yes, both scaling down to zero and helm uninstall:)

@realshuting realshuting merged commit 1997a29 into kyverno:main Jan 12, 2023
gcp-cherry-pick-bot bot pushed a commit that referenced this pull request Jan 12, 2023
@realshuting @eddycharly
fix: invoke cleanup process during shutdown (#5974)
a8b0ebb 
* invoke cleanup process during shutdown

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix shutdown cleanup

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix shutdown panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* cleanup webhooks by the label

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
@gcp-cherry-pick-bot gcp-cherry-pick-bot bot mentioned this pull request Jan 12, 2023
Merged
@realshuting realshuting added the cherry-pick-completed The PR was cherry-picked (or merged) to required release branches label Jan 12, 2023
realshuting added a commit that referenced this pull request Jan 12, 2023
@gcp-cherry-pick-bot @realshuting @eddycharly
fix: invoke cleanup process during shutdown (#5974) (#5981)
d1c27ad 
* invoke cleanup process during shutdown

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix shutdown cleanup

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix shutdown panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* cleanup webhooks by the label

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: shuting <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
MdSahil-oss pushed a commit to MdSahil-oss/kyverno that referenced this pull request Jan 13, 2023
@realshuting @eddycharly @MdSahil-oss
fix: invoke cleanup process during shutdown (kyverno#5974)
5c4b3e9 
* invoke cleanup process during shutdown

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix shutdown cleanup

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* fix shutdown panic

Signed-off-by: ShutingZhao <shuting@nirmata.com>

* cleanup webhooks by the label

Signed-off-by: ShutingZhao <shuting@nirmata.com>

Signed-off-by: ShutingZhao <shuting@nirmata.com>
Co-authored-by: Charles-Edouard Brétéché <charled.breteche@gmail.com>
Signed-off-by: MdSahil-oss <Mohdssahil1@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eddycharly eddycharly eddycharly approved these changes

@treydock treydock Awaiting requested review from treydock treydock is a code owner

Assignees
No one assigned
Labels
cherry-pick-completed The PR was cherry-picked (or merged) to required release branches cherry-pick-required milestone 1.9.0
Projects
None yet
Milestone
No milestone
2 participants
@realshuting @eddycharly