v0.3.2

Incompatible changes

• The helm/kustomize generators were carved out of pkg/manifests, and moved into dedicated packages pkg/manifests/helm and pkg/manifests/kustomize, respectively.
• Package pkg/utils was removed; the *FromContext() methods are now in pkg/component.
• The field field manager of dependent objects (metadata.managedFields) is now set to the reconciler name passed to NewReconciler().

Enhancements

• New component states Pending and DeletionPending are introduced; they will be set, if a RetriableError is thrown during the reconciliation, for example by generators or hooks.
• A new method Reconciler.SetupWithManagerAndBuilder() was added. This allows to use an own controller-runtime builder for building the controller, which is useful for example if additional watches shall be set up, or custom controller options shall be used. The existing method Reconciler.SetupWithManager() remains unaffected, and should still be the best choice for most consumers.
• The retry period in case of missing configmap/secret references is always set to 10s, independently of any RetryConfiguration implemented by the component.

Fixes

• Previously, dependent objects were updated by the reconciler, even if they were in deleting state. During such an update, finalizers would probably get removed, leading to an immediate deletion of the object. This should not happen like this; to overcome, the reconciler no longer updates objects which are in a deletion state; in addition, to make the situation safe for objects without deletion timestamp, finalizers are copied over from the existing object during update.
• A fix was applied to scaffold (calling go mod tidy in various places), in order to avoid issues with missing go.sum entries.

Version updates

• Go was updated to 1.27, and various modules were upgraded.
• Default versions in scaffold were updated.

v0.3.1

Changes

• add more accurate kubebuilder:validation tags to CRD generation

v0.3.0

Incompatible changes

This release finalizes various announced deprecations:

• remove deprecated parameters from component.NewReconciler()
• remove deprecated parameters from manifests.NewHelmGenerator() and affiliated functions
• remove deprecated parameters from the operator.Operator interface.

In addition, component.Reconciler() has a new parameter option that allows to tune the reconciler behavior (e.g. auto-creation of namespaces, adoption of existing resources, ...):

type ReconcilerOptions struct {
	// Whether namespaces are auto-created if missing.
	// If unspecified, true is assumed.
	CreateMissingNamespaces *bool
	// How to react if a dependent object exists but has no or a different owner.
	// If unspecified, AdoptionPolicyAdoptUnowned is assumed.
	AdoptionPolicy *AdoptionPolicy
	// Schemebuilder allows to define additional schemes to be made available in the
	// target client.
	SchemeBuilder types.SchemeBuilder
}

Enhancements

• It is now possible (through reconciler options, see above) to tune whether or not missing namespaces will be automatically created; previously, they were always auto-created, which is the default behavior now.
• It is now possible (through reconciler options, see above) to tune the reconciler behavior in case dependent objects already exist in the deployment target; previously, existing dependents were adopted if they had no owner-id label, and an error was raised if they had a different owner; this behavior is still the default, but it is now possible to optionally adopt all objects (even those with a foreign owner), or to always fail in case an object is already present.
• Similar to generators, hooks can now retrieve a client for the deployment target from their context, by calling utils.ClientFromContext(). To be precise, this holds true for reconcile and delete hooks, but not for the post-read hook.
• Generators can now retrieve a digest of the triggering component from their context, by calling utils.ComponentDigestFromContext(); note that this digest honors loaded references (i.e. occurrences of the ConfigMapReference, ConfigMapKeyReference, SecretReference, SecretKeyReference types).

v0.2.8

Changes

A new struct tag (notFoundPolicy) can now be set on ConfigMap(Key)Reference and Secret(Key)Reference fields in the component's spec, such as:

SecretRef component.SecretReference `json:"secretRef" notFoundPolicy:"ignoreOnDeletion"`

By default, the absence of a referenced config map or secret would put the component into an error/retry state. However, if the component is in deletion (has a metadata.deletionTimestamp set), and if the affected reference has that struct tag set with value ignoreOnDeletion, then no error will happen, and the deletion can proceed, even without the referenced config map or secret being loaded. Note that in that case, the skipped reference must not be dereferenced (by calling Data() resp. Value()) under any circumstances; any attempt to do so will lead to a panic.

v0.2.7

Changes

Add some template functions (available in HelmGenerator and KustomizeGenerator); the full list of template functions (on top of or overloading go template standard and sprig functions) is now:

• toYaml: same as mustToYaml
• mustToYaml: as in helm
• fromYaml: same as mustFromYaml
• mustFromYaml: as in helm
• toJson: same as mustToJson
• mustToJson: as in helm
• toPrettyJson: same as mustToPrettyJson
• mustToPrettyJson: as in helm
• toRawJson: same as mustToRawJson
• mustToRawJson: as in helm
• fromJson: same as mustFromJson
• mustFromJson: as in helm
• required: as in helm
• include: as in helm
• tpl: as in helm
• lookup: as in helm
• mustLookup: same as lookup, but fails if referenced object does not exist
• localLookup: looks up given object in local cluster (that is the cluster where the component exists); returns an empty map if object does not exist
• mustLocalLookup: same as localLookup, but fails if referenced object does not exist

v0.2.6

fix(deps): update node.js to v21.6.1

v0.2.5

Changes

• Add option to orphan objects on deletion. An annotation

  <operator.name>/delete-policy: ""|default|oprhan

  can now be set on objects; if the value is empty or 'default', then the normal behavior applies; in case it is 'orphan', the object will just stay instead of being deleted (and it will be no longer tracked or considered as dependent of the component).

v0.2.4

Refactoring and minor fixes/enhancements

• Use linear backoff with retry interval only for loading kubeconfig only if the referenced
  secret is not found; for other errors, enter regular controller-runtime error backoff.
• Helm generator: add forgotten filepath.Clean() invocations.
• Reconciler: add some locking to prevent out-of-order or problematic concurrent calls.
• Scaffold: bump versions.

v0.2.3

Notable changes

• Add resolvable configmap/secret refs. The new types

  • component.ConfigMapReference
  • component.ConfigMapKeyReference
  • component.SecretReference
  • component.SecretKeyReference

  may be used in component's spec in order to reference a config map or secret as a whole, or just a specific key in the config map or secret. The references will be automatically loaded by the framework during the post-read-hook phase, and the loaded content can be retrieved by the according Data() or Value() methods; if the referenced object (or key in it) is missing, an error will be thrown, causing the reconcilation to enter a retry loop. For the key reference types it is possible to omit the key if at least
  one fallback key is defined as a struct tag, such as

  SecretRef SecretKeyReference `json:"secretRef" fallbackKeys:"value,value.yaml,value.yml"`

• Restructure/enhance interfaces

  • The methods GetDeploymentNamespace() and GetDeploymentName() are moved from Component to an own interface, called PlacementConfiguration; this simplifies implementation of Component in simple cases.
  • The ClientConfiguration, ImpersonationConfiguration interfaces are moved from package cluster to package component.
  • Two new interfaces are added which allow to tweak requeue and retry behavior: component.RequeueConfiguration and component.RetryConfiguration.
  • All the above interfaces (PlacementConfiguration, ClientConfiguration, ImpersonationConfiguration, RequeueConfiguration, RetryConfiguration) can alternatively be implemented on component Spec (rather than on the component type itself).
  • The creation of components which want to provide PlacementConfiguration, ClientConfiguration, ImpersonationConfiguration, RequeueConfiguration or RetryConfiguration is simplified; it is sufficient to just embed the respective struct types PlacementSpec, ClientSpec, ImpersonationSpec, RequeueSpec or RetrySpec into the component's spec.

• Add retriable errors.
  There is a new error type (types.RetriableError) which can be used anywhere in the reconciler logic (in particular in hooks and generators) to wrap other occuring errors; optionally a retry delay can be set on that error object; such errors will then be caught late in the reconciler flow, immediately before returning to controller-runtime. Basically, no error (but nil) will be returned to controller-runtime, and a RequeueAfter with the desired delay will be set instead in the response. This bypasses the (sometimes unwanted) default backoff done by controller-runtime, and leads to a linear retry behavior. In addition, components (or their specs) can implement two new interfaces component.RequeueConfiguration and component.RetryConfiguration, in order to override the default requeue interval (10m) and the default retry interval, which applies to retriable errors which do not specify a delay (default is the value of the requeue interval).

• Refactor/improve ownerid handling.
  The new possibility of reconciling in a different cluster makes it necessary to include a cluster id into the ownerid.
  The cluster id that will be used is the K8s metadata.uid of the kube-system namespace (which can be considered stable
  as the kube-system namespace cannot be deleted).
  To avoid hitting the 63 character limit valid for label values, the owner id value is now hashed; note that the cleartext
  value can still be seen in the analogous annotation. The old label format will still be recognized, in order to ensure
  backwards compatibility.

Fixes

• The path handling in helm/kustomize generator was fixed resp. made more robust.
• Some issues were fixed in file walker:
  • Methods Unwrap() and Cause() were added to the walkError type (to make it work with errors.As()).
  • The determination of struct fields was adjusted (to avoid double passes in case of embedded structs).

v0.2.2

relax client factory cleanup