allow refresh interval to be configured or disabled

.github/workflows/on_pull-request_docs.yaml

@@ -26,4 +26,4 @@ jobs:
             +rebuild-docs
 
       - name: verify that the checked in file has not changed
-        run: ./hacks/exit-on-changed-files.sh "Please run 'earthly +rebuild-docs' and commit the results to this PR"
+        run: ./hacks/exit-on-changed-files.sh "Please run './earthly +rebuild-docs' and commit the results to this PR"

.github/workflows/on_pull-request_helm.yaml

@@ -17,6 +17,4 @@ jobs:
       - uses: earthly/actions-setup@v1
         with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" }
 
-      - run: |
-          earthly \
-            +ci-helm
+      - run: ./earthly +ci-helm

.github/workflows/on_pull_request_go.yaml

@@ -19,4 +19,4 @@ jobs:
       - uses: earthly/actions-setup@v1
         with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" }
 
-      - run: earthly +ci-golang
+      - run: ./earthly +ci-golang

.github/workflows/on_push_to_main.yaml

@@ -43,7 +43,7 @@ jobs:
 
       - name: Build and push the helm charts
         run: |
-          earthly \
+          ./earthly \
             --push \
             +release-helm \
               --repo_owner ${{ github.repository_owner }} \

cmd/controller_cmd.go

@@ -144,6 +144,8 @@ func init() {
 	stringFlag(flags, "webhook-secret", "Optional secret key for validating the source of incoming webhooks.")
 	boolFlag(flags, "monitor-all-applications", "Monitor all applications in argocd automatically.")
 	boolFlag(flags, "ensure-webhooks", "Ensure that webhooks are created in repositories referenced by argo.")
+	stringFlag(flags, "repo-refresh-interval", "Interval between static repo refreshes (for schemas and policies).",
+		newStringOpts().withDefault("5m"))
 
 	panicIfError(viper.BindPFlags(flags))
 }

cmd/locations.go

@@ -17,7 +17,7 @@ import (
 
 func processLocations(ctx context.Context, ctr container.Container, locations []string) error {
 	for index, location := range locations {
-		if newLocation, err := maybeCloneGitUrl(ctx, ctr.RepoManager, location, ctr.VcsClient.Username()); err != nil {
+		if newLocation, err := maybeCloneGitUrl(ctx, ctr.RepoManager, ctr.Config.RepoRefreshInterval, location, ctr.VcsClient.Username()); err != nil {
 			return errors.Wrapf(err, "failed to clone %q", location)
 		} else if newLocation != "" {
 			locations[index] = newLocation
@@ -33,7 +33,7 @@ type cloner interface {
 
 var ErrCannotUseQueryWithFilePath = errors.New("relative and absolute file paths cannot have query parameters")
 
-func maybeCloneGitUrl(ctx context.Context, repoManager cloner, location, vcsUsername string) (string, error) {
+func maybeCloneGitUrl(ctx context.Context, repoManager cloner, repoRefreshDuration time.Duration, location, vcsUsername string) (string, error) {
 	result := strings.SplitN(location, "?", 2)
 	if !urlutil.IsGitURL(result[0]) {
 		if len(result) > 1 {
@@ -53,24 +53,26 @@ func maybeCloneGitUrl(ctx context.Context, repoManager cloner, location, vcsUser
 		return "", errors.Wrap(err, "failed to clone")
 	}
 
-	go func() {
-		tick := time.Tick(time.Minute * 5)
-		for {
-			select {
-			case <-ctx.Done():
-				return
-			case <-tick:
-			}
+	if repoRefreshDuration != 0 {
+		go func() {
+			tick := time.Tick(repoRefreshDuration)
+			for {
+				select {
+				case <-ctx.Done():
+					return
+				case <-tick:
+				}
 
-			if err := repo.Update(ctx); err != nil {
-				log.Warn().
-					Err(err).
-					Str("path", repo.Directory).
-					Str("url", repo.CloneURL).
-					Msg("failed to update repo")
+				if err := repo.Update(ctx); err != nil {
+					log.Warn().
+						Err(err).
+						Str("path", repo.Directory).
+						Str("url", repo.CloneURL).
+						Msg("failed to update repo")
+				}
 			}
-		}
-	}()
+		}()
+	}
 
 	path := repo.Directory
 	subdir := query.Get("subdir")

docs/contributing.md

@@ -110,7 +110,7 @@ If you're using minikube with Tilt we recommend following this [guide](https://g
 
 ### Code Changes
 
-We use Earthly to simplify our CI/CD process with `kubechecks`. This also simplifies testing changes locally before pushing them up to ensure your PR will pass all required checks. The best command to run is `earthly +unit-test` this will pull all the required dependencies (including any new ones that you have added). It will then run [go vet](https://pkg.go.dev/cmd/vet), and if those pass it will run `go test` with race detection enabled. You can also always run these commands directly `go test -race ./...` will run all tests in the repo with race detection enabled. Please ensure that `earthly +unit-test` is passing before opening a PR.
+We use Earthly to simplify our CI/CD process with `kubechecks`. There's a thin wrapper around earthly that passes some common arguments in the root of the repo called `./earthly` that should be used instead of calling earthly directly. This also simplifies testing changes locally before pushing them up to ensure your PR will pass all required checks. The best command to run is `./earthly +test` this will pull all the required dependencies (including any new ones that you have added). It will then run [go vet](https://pkg.go.dev/cmd/vet), and if those pass it will run `go test` with race detection enabled. You can also always run these commands directly `go test -race ./...` will run all tests in the repo with race detection enabled. Please ensure that `./earthly +test` is passing before opening a PR.
 
 ### Documentation Changes
 

docs/usage.md

@@ -54,6 +54,7 @@ The full list of supported environment variables is described below:
 |`KUBECHECKS_OTEL_ENABLED`|Enable OpenTelemetry.|`false`|
 |`KUBECHECKS_PERSIST_LOG_LEVEL`|Persists the set log level down to other module loggers.|`false`|
 |`KUBECHECKS_POLICIES_LOCATION`|Sets rego policy locations to be used for every check request. Can be common path inside the repos being checked or git urls in either git or http(s) format.|`[./policies]`|
+|`KUBECHECKS_REPO_REFRESH_INTERVAL`|Interval between static repo refreshes (for schemas and policies).|`5m`|
 |`KUBECHECKS_SCHEMAS_LOCATION`|Sets schema locations to be used for every check request. Can be common paths inside the repos being checked or git urls in either git or http(s) format.|`[./schemas]`|
 |`KUBECHECKS_SHOW_DEBUG_INFO`|Set to true to print debug info to the footer of MR comments.|`false`|
 |`KUBECHECKS_TIDY_OUTDATED_COMMENTS_MODE`|Sets the mode to use when tidying outdated comments. One of hide, delete.|`hide`|

justfile

@@ -65,4 +65,4 @@ unit_test_race:
 	go test -race ./...
 
 rebuild_docs:
-    earthly +rebuild-docs
+    ./earthly +rebuild-docs

pkg/config/config.go

@@ -2,6 +2,7 @@ package config
 
 import (
 	"reflect"
+	"time"
 
 	"github.com/mitchellh/mapstructure"
 	"github.com/pkg/errors"
@@ -54,6 +55,7 @@ type ServerConfig struct {
 	LogLevel                 zerolog.Level `mapstructure:"log-level"`
 	MonitorAllApplications   bool          `mapstructure:"monitor-all-applications"`
 	OpenAIAPIToken           string        `mapstructure:"openai-api-token"`
+	RepoRefreshInterval      time.Duration `mapstructure:"repo-refresh-interval"`
 	SchemasLocations         []string      `mapstructure:"schemas-location"`
 	ShowDebugInfo            bool          `mapstructure:"show-debug-info"`
 	TidyOutdatedCommentsMode string        `mapstructure:"tidy-outdated-comments-mode"`
@@ -77,6 +79,11 @@ func NewWithViper(v *viper.Viper) (ServerConfig, error) {
 				return pkg.ParseCommitState(input)
 			}
 
+			if in.String() == "string" && out.String() == "time.Duration" {
+				input := value.(string)
+				return time.ParseDuration(input)
+			}
+
 			return value, nil
 		}
 	}); err != nil {

pkg/config/config_test.go

@@ -2,6 +2,7 @@ package config
 
 import (
 	"testing"
+	"time"
 
 	"github.com/rs/zerolog"
 	"github.com/spf13/viper"
@@ -16,10 +17,12 @@ func TestNew(t *testing.T) {
 	v.Set("log-level", "info")
 	v.Set("argocd-api-insecure", "true")
 	v.Set("worst-conftest-state", "warning")
+	v.Set("repo-refresh-interval", "10m")
 
 	cfg, err := NewWithViper(v)
 	require.NoError(t, err)
 	assert.Equal(t, zerolog.InfoLevel, cfg.LogLevel)
 	assert.Equal(t, true, cfg.ArgoCDInsecure)
 	assert.Equal(t, pkg.StateWarning, cfg.WorstConfTestState, "worst states can be overridden")
+	assert.Equal(t, time.Minute*10, cfg.RepoRefreshInterval)
 }