-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add IfNotPresent
and Ignore
SSA policies
#943
Conversation
Signed-off-by: Stefan Prodan <[email protected]>
Signed-off-by: Stefan Prodan <[email protected]>
561c780
to
642cc7c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome to have the annotations documented in one place now 💯 🥇
642cc7c
to
f652d7d
Compare
You may want to link from https://fluxcd.io/flux/faq/#how-to-patch-coredns-and-other-pre-installed-addons to the new documentation once this is available on the website. |
Signed-off-by: Stefan Prodan <[email protected]>
f652d7d
to
743cb79
Compare
I am struggling to get this to work for a configmap. We are using helm and it includes a configmap to which I have added this annotation. Then my master pod overwrites this configmap. This version also has the annotation. But flux still reconciles the configmap back the helm chart version. Does the annotation need to be in version 0 of this resource or can it be introduced in an upgrade? I hope this is an appropriate place to ask .... |
SSA has nothing to do with Helm, these annotations are only for resources managed by Flux Kustomizations https://fluxcd.io/flux/components/kustomize/kustomizations/#controlling-the-apply-behavior-of-resources |
This PR extends the apply behaviour with two policies
IfNotPresent
andIgnore
.Fix: #936
Implementation and tests: fluxcd/pkg#625
Controlling the apply behavior of resources
To change the apply behaviour for specific Kubernetes resources, you can annotate them with:
kustomize.toolkit.fluxcd.io/ssa
Override
Override
-
Merge
-
IfNotPresent
-
Ignore
kustomize.toolkit.fluxcd.io/force
Disabled
Enabled
-
Disabled
kustomize.toolkit.fluxcd.io/prune
Enabled
Enabled
-
Disabled
kustomize.toolkit.fluxcd.io/ssa
Override
The
Override
policy instructs the controller to reconcile the Kubernetes resources with the desired state (YAML manifests) defined in the Flux source (Git, OCI, Bucket).Merge
The
Merge
policy instructs the controller to preserve the fields added by other tools to the Kubernetes resources managed by Flux.The fields defined in the manifests applied by the controller will always be overridden, the
Merge
policy works only for adding new fields that don’t overlap with the desired state.IfNotPresent
The
IfNotPresent
policy instructs the controller to only apply the Kubernetes resources if they are not present on the cluster.This policy can be used for Kubernetes Secrets and ValidatingWebhookConfigurations managed by cert-manager, where Flux creates the resources with fields that are later on mutated by other controllers.
Ignore
The
Ignore
policy instructs the controller to skip applying Kubernetes resources even if they present in a Flux source (Git, OCI, Bucket).