Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Experimental support of drift detection #617

Merged
merged 9 commits into from
Mar 1, 2023
Merged

Experimental support of drift detection #617

merged 9 commits into from
Mar 1, 2023

Conversation

hiddeco
Copy link
Member

@hiddeco hiddeco commented Feb 20, 2023

This enables experimental drift detection of cluster state compared to
the current manifest data from the Helm storage's manifest blob
by starting the controller with --feature-gates=DetectDrift=true.

Drift detection works based on the already proven approach of the
kustomize-controller's SSA package, and utilizes the managed field
configured by the controller since v0.12.2.

This feature is planned to go out of experimental once the further
controller rewrite has been finished, and the state of the Helm storage
itself is more fault tolerant.

It allows a specific object from a release manifest to be excluded
from drift detection by label or annotating it with:
helm.toolkit.fluxcd.io/driftDetection: disabled.

Using a Kustomize post renderer definition in a HelmRelease, this can
be used to ignore any object from an arbitrary chart.

Experimentally covers #186

@hiddeco hiddeco marked this pull request as draft February 20, 2023 21:03
@hiddeco hiddeco force-pushed the detect-drift branch 3 times, most recently from 54eb1c6 to ee4b8a6 Compare February 22, 2023 09:41
@hiddeco hiddeco added enhancement New feature or request area/helm Helm related issues and pull requests labels Feb 23, 2023
@hiddeco hiddeco force-pushed the detect-drift branch 4 times, most recently from 0ca3a20 to fed429b Compare February 23, 2023 21:42
@hiddeco hiddeco marked this pull request as ready for review February 23, 2023 21:43
@hiddeco hiddeco force-pushed the detect-drift branch 4 times, most recently from d7aeb3f to e3905e5 Compare February 24, 2023 15:37
@hiddeco hiddeco requested a review from stefanprodan February 27, 2023 09:37
docs/spec/v2beta1/helmreleases.md Outdated Show resolved Hide resolved
internal/diff/differ.go Show resolved Hide resolved
internal/diff/differ.go Outdated Show resolved Hide resolved
@hiddeco hiddeco force-pushed the detect-drift branch 4 times, most recently from 4db1919 to 217e659 Compare February 28, 2023 15:55
Copy link
Member

@pjbgf pjbgf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome job @hiddeco!

internal/cmp/simple_unstructured.go Outdated Show resolved Hide resolved
hiddeco added 4 commits March 1, 2023 09:36
This is backwards compatible, as it only changes the type without the
further requirements around the YAML declaration.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This enables experimental drift detection of cluster state compared to
the current manifest data from the Helm storage's manifest blob.

Drift detection works based on the already proven approach of the
kustomize-controller's SSA package, and utilizes the managed field
configured by the controller since `v0.12.2`.

This feature is planned to go out of experimental once the further
controller rewrite has been finished, and the state of the Helm storage
itself is more fault tolerant.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This allows a specific object from a release manifest to be excluded
from drift detection by labeling or annotating it with:
`helm.toolkit.fluxcd.io/diff: disabled`.

Using a Kustomize post renderer definition in a HelmRelease, this can
be used to ignore any object from an arbitrary chart.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
As there are currently no other utilities to properly see what change
the controller detected, this allows people to have an insight into
the observed changes by configuring the controller with
`--log-level=debug`.

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Copy link
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Thanks @hiddeco 🥇

PS. We need to add a section to the bootstrap docs and show how users can enable this feature.

hiddeco added 2 commits March 1, 2023 13:04
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
@hiddeco hiddeco merged commit 7881159 into main Mar 1, 2023
@hiddeco hiddeco deleted the detect-drift branch March 1, 2023 12:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/helm Helm related issues and pull requests enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants