Skip to content

Commit

Permalink
Merge pull request #95 from erikgb/deprecate-propagate-generated
Browse files Browse the repository at this point in the history
docs: deprecate propagate-generated feature
  • Loading branch information
zoetrope authored Oct 19, 2023
2 parents c92a3ba + ea917ea commit 9bbac9f
Show file tree
Hide file tree
Showing 10 changed files with 30 additions and 9 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ It propagates resources between namespaces and allows tenant users to create/del

- Resource propagation between namespaces
- Any namespace-scoped resource can be propagated.
- Generated resources can be automatically checked and propagated.
- ⚠️ Generated resources can be automatically checked and propagated. (DEPRECATED)
- Inheriting labels and annotations from parent namespaces
- Template namespaces
- SubNamespace custom resource for tenant users
Expand Down
6 changes: 6 additions & 0 deletions controllers/propagate.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ import (
"sigs.k8s.io/controller-runtime/pkg/predicate"
)

// Deprecated: Part of the deprecated propagate-generated feature subject for
// removal soon.
const notGenerated = "false"

func cloneResource(res *unstructured.Unstructured, ns string) *unstructured.Unstructured {
Expand Down Expand Up @@ -134,6 +136,7 @@ func (r *PropagateController) Reconcile(ctx context.Context, req ctrl.Request) (
return ctrl.Result{}, err
}
case "":
//lint:ignore SA1019 subject for removal
if !config.DefaultFeatureGate.Enabled(feature.DisablePropagateGenerated) && ann[constants.AnnGenerated] != notGenerated {
if err := r.checkController(ctx, obj); err != nil {
logger.Error(err, "failed to check the controller reference")
Expand Down Expand Up @@ -315,6 +318,8 @@ func (r *PropagateController) propagateUpdate(ctx context.Context, obj, parent *
return nil
}

// Deprecated: Part of the deprecated propagate-generated feature subject for
// removal soon.
func (r *PropagateController) checkController(ctx context.Context, obj *unstructured.Unstructured) error {
cref := metav1.GetControllerOfNoCopy(obj)
if cref == nil {
Expand Down Expand Up @@ -363,6 +368,7 @@ func (r *PropagateController) SetupWithManager(mgr ctrl.Manager) error {
if _, ok := ann[constants.AnnPropagate]; ok {
return true
}
//lint:ignore SA1019 subject for removal
if config.DefaultFeatureGate.Enabled(feature.DisablePropagateGenerated) || ann[constants.AnnGenerated] == notGenerated {
return false
}
Expand Down
2 changes: 2 additions & 0 deletions controllers/propagate_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -392,6 +392,7 @@ var _ = Describe("SubNamespace controller", func() {
}
return svc1.Annotations[constants.AnnPropagate]
}).Should(Equal(constants.PropagateUpdate))
//lint:ignore SA1019 subject for removal
Expect(svc1.Annotations).NotTo(HaveKey(constants.AnnGenerated))

svc2 := &corev1.Service{}
Expand All @@ -408,6 +409,7 @@ var _ = Describe("SubNamespace controller", func() {
if err := k8sClient.Get(ctx, client.ObjectKey{Namespace: rootNS, Name: "svc2"}, svc2); err != nil {
return ""
}
//lint:ignore SA1019 subject for removal
return svc2.Annotations[constants.AnnGenerated]
}).Should(Equal(notGenerated))
})
Expand Down
4 changes: 2 additions & 2 deletions docs/annotations.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ The table below is a list of annotations used by Accurate.
| ----------------------------------------- | ------------------------ | ------------------------------ | ------------------------------------------------------------------ |
| `accurate.cybozu.com/from` | Namespace name | Copied or propagated resources | The namespace name from which the source resource was copied. |
| `accurate.cybozu.com/propagate` | `"create"` or `"update"` | Namespace-scoped resources | Specify propagation mode. |
| `accurate.cybozu.com/propagate-generated` | `"create"` or `"update"` | Namespace-scoped resources | Specify propagation mode of generated resources. |
| `accurate.cybozu.com/generated` | `false` | Namespace-scoped resources | The result of checking if this is generated from another resource. |
| `accurate.cybozu.com/propagate-generated` ⚠️ | `"create"` or `"update"` | Namespace-scoped resources | `DEPRECATED` Specify propagation mode of generated resources. |
| `accurate.cybozu.com/generated` ⚠️ | `false` | Namespace-scoped resources | `DEPRECATED` The result of checking if this is generated from another resource. |
6 changes: 5 additions & 1 deletion docs/concepts.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,11 @@ Mode is one of the following:
- `create`: the resource will be created in referencing Namespaces if missing.
- `update`: the resource will be created in referencing Namespaces if missing, or will be updated if not identical, or will be deleted when the resource in the referenced Namespace is deleted.

## Propagating generated resources
## Propagating generated resources (DEPRECATED)

> [!WARNING]
> Propagating generated resources is a deprecated feature and is subject for
> removal soon.
If a resource annotated with `accurate.cybozu.com/propagate-generated=<mode>` creates a resource and set an owner reference in the created resource, Accurate automatically adds `accurate.cybozu.com/propagate=<mode>` to the created resource.

Expand Down
2 changes: 1 addition & 1 deletion docs/design.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ Since these are fundamentally different requirements, we decided to develop our
- Support the following propagation modes:
- `create`: if the resource does not exist, copy the resource from the parent namespace.
- `update`: if the resource is missing or different from the parent namespace, create or update it. If the parent resource is deleted, the copy will also be deleted.
- Propagate generated resources
- ⚠️ Propagate generated resources (DEPRECATED)
- Resources created and controlled by another resource can be automatically propagated.
- The generator resource should be annotated with `accurate.cybozu.com/propagate-generated: <mode>`.
- Propagate labels and annotations of parent or template namespaces
Expand Down
1 change: 0 additions & 1 deletion docs/overview.md
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,6 @@ Without propagating Role/RoleBinding, the tenant user would be able to do nothin
- Resource propagation between namespaces

Accurate can propagate any namespace-scope resource including custom resources between Namespaces.
Moreover, Accurate can detect generated resources owned by another resource and propagate them.

- Inheriting labels and annotations creation/update from parent namespaces

Expand Down
10 changes: 9 additions & 1 deletion docs/propagation.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,15 @@ metadata:
accurate.cybozu.com/propagate: <mode>
```

## Annotating a resource to propagate resources created from it
## Annotating a resource to propagate resources created from it (DEPRECATED)

> [!WARNING]
> Propagating generated resources is a deprecated feature and is subject for
> removal soon. Commonly used tools like cert-manager and sealed-secrets now
> provide features for adding annotations/labels to resources created from
> user-facing custom resources. These features can be used for migration to
> ensure the standard `accurate.cybozu.com/propagate` annotation is added to
> generated resources.
For example, a Secret created from cert-manager's Certificate can automatically be propagated.

Expand Down
2 changes: 1 addition & 1 deletion docs/reconcile.md
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ These resources can be propagated to other namespaces.
- If the resource exists and the annotation value is `update`, Accurate creates or updates a copy in all sub-namespaces if missing or different.
- When a resource is deleted, Accurate checks sub-namespaces and delete the resource of the same kind and the same name if the resource is annotated with `accurate.cybozu.com/propagate=update`.

### Resources owned by another resource that is annotated with `accurate.cybozu.com/propagate-generated`
### Resources owned by another resource that is annotated with `accurate.cybozu.com/propagate-generated` (DEPRECATED)

Accurate annotates the resource with `accurate.cybozu.com/propagate`.
The annotation value is the same as `accurate.cybozu.com/propagate-generated` annotation.
4 changes: 3 additions & 1 deletion pkg/constants/meta.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,9 @@ const (
AnnFrom = MetaPrefix + "from"
AnnPropagate = MetaPrefix + "propagate"
AnnPropagateGenerated = MetaPrefix + "propagate-generated"
AnnGenerated = MetaPrefix + "generated"
// Deprecated: Part of the deprecated propagate-generated feature subject for
// removal soon.
AnnGenerated = MetaPrefix + "generated"
)

// Label or annotation values
Expand Down

0 comments on commit 9bbac9f

Please sign in to comment.