metadata

package
v1.16.3-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 19, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package metadata contains Config Sync metadata (annotations and labels) and related functions.

Index

Constants

View Source
const (
	// ConfigManagementPrefix is the prefix for all Nomos annotations and labels.
	ConfigManagementPrefix = configmanagement.GroupName + "/"

	// ClusterNameAnnotationKey is the annotation key set on Nomos-managed resources that refers to
	// the name of the cluster that the selectors are applied for.
	// This annotation is set by Config Sync on a managed resource.
	ClusterNameAnnotationKey = ConfigManagementPrefix + "cluster-name"

	// LegacyClusterSelectorAnnotationKey is the annotation key set on Nomos-managed resources that refers
	// to the name of the ClusterSelector resource.
	// This annotation is set by Config Sync users on a managed resource.
	LegacyClusterSelectorAnnotationKey = ConfigManagementPrefix + "cluster-selector"

	// NamespaceSelectorAnnotationKey is the annotation key set on Nomos-managed resources that refers
	// to name of NamespaceSelector resource.
	// This annotation is set by Config Sync users on a managed resource.
	NamespaceSelectorAnnotationKey = ConfigManagementPrefix + "namespace-selector"

	// DeclaredConfigAnnotationKey is the annotation key that stores the declared configuration of
	// a resource in Git.
	// This annotation is set by Config Sync on a managed resource.
	DeclaredConfigAnnotationKey = ConfigManagementPrefix + "declared-config"

	// SourcePathAnnotationKey is the annotation key representing the relative path from POLICY_DIR
	// where the object was originally declared. Paths are slash-separated and OS-agnostic.
	// This annotation is set by Config Sync on a managed resource.
	SourcePathAnnotationKey = ConfigManagementPrefix + "source-path"

	// SyncTokenAnnotationKey is the annotation key representing the last version token that a Nomos-
	// managed resource was successfully synced from.
	// This annotation is set by Config Sync on a managed resource.
	SyncTokenAnnotationKey = ConfigManagementPrefix + "token"

	// ResourceManagementKey is the annotation that indicates if Nomos will manage the content and
	// lifecycle for the resource.
	// This annotation is set by Config Sync on a managed resource.
	ResourceManagementKey = ConfigManagementPrefix + "managed"
	// ResourceManagementEnabled is the value corresponding to ResourceManagementKey indicating that
	// Nomos will manage content and lifecycle for the given resource.
	ResourceManagementEnabled = "enabled"
	// ResourceManagementDisabled is the value corresponding to ResourceManagementKey indicating that
	// Nomos will not manage content and lifecycle for the given resource.
	// By design, the `configmanagement.gke.io/managed: disabled` annotation
	// should not be pushed to the cluster. Instead, we remove all the Config
	// Sync metadata from the object on the cluster.
	ResourceManagementDisabled = "disabled"

	// ResourceStatusErrorsKey is the annotation that indicates any errors, encoded as a JSON array.
	// This annotation is set by Config Sync on a managed resource.
	ResourceStatusErrorsKey = ConfigManagementPrefix + "errors"

	// ResourceStatusReconcilingKey is the annotation that indicates reasons why a resource is
	// reconciling, encoded as a JSON array.
	// This annotation is set by Config Sync on a managed resource.
	ResourceStatusReconcilingKey = ConfigManagementPrefix + "reconciling"
)

Annotations with the `configmanagement.gke.io/` prefix.

View Source
const (
	// ConfigMapAnnotationKey is the annotation key representing the hash of all the configmaps
	// required to run a root-reconciler, namespace-reconciler, or otel-collector pod.
	// This annotation is set by Config Sync on a root-reconciler, namespace-reconciler, or otel-collector pod.
	ConfigMapAnnotationKey = configsync.ConfigSyncPrefix + "configmap"

	// DeclaredFieldsKey is the annotation key that stores the declared configuration of
	// a resource in Git. This uses the same format as the managed fields of server-side apply.
	// This annotation is set by Config Sync on a managed resource.
	DeclaredFieldsKey = configsync.ConfigSyncPrefix + "declared-fields"

	// GitContextKey is the annotation key for the git source-of-truth a resource is synced from.
	// This annotation is set by Config Sync on a managed resource.
	GitContextKey = configsync.ConfigSyncPrefix + "git-context"

	// ResourceManagerKey is the annotation that indicates which multi-repo reconciler is managing
	// the resource.
	// This annotation is set by Config Sync on a managed resource.
	ResourceManagerKey = configsync.ConfigSyncPrefix + "manager"

	// ClusterNameSelectorAnnotationKey is the annotation key set on ConfigSync-managed resources that refers
	// to the name of the ClusterSelector resource.
	// This annotation is set by Config Sync users on a managed resource.
	ClusterNameSelectorAnnotationKey = configsync.ConfigSyncPrefix + "cluster-name-selector"

	// ResourceIDKey is the annotation that indicates the resource's GKNN.
	// This annotation is set by Config  on a managed resource.
	ResourceIDKey = configsync.ConfigSyncPrefix + "resource-id"

	// OriginalHNCManagedByValue is the annotation that stores the original value of the
	// hnc.x-k8s.io/managed-by annotation before Config Sync overrides the annotation.
	// This annotation is set by Config Sync on a managed namespace resource.
	OriginalHNCManagedByValue = configsync.ConfigSyncPrefix + "original-hnc-managed-by-value"

	// WebhookconfigurationKey annotation declares if the webhook configuration
	// should be updated.
	// This annotation is set by Config Sync users on the Config Sync ValidatingWebhookConfiguration object.
	WebhookconfigurationKey = configsync.ConfigSyncPrefix + "webhook-configuration-update"

	// WebhookConfigurationUpdateDisabled is the value for WebhookConfigurationKey
	// to disable updating the webhook configuration.
	WebhookConfigurationUpdateDisabled = "disabled"

	// UnknownScopeAnnotationKey is the annotation that indicates the scope of a resource is unknown.
	// This annotation is set by Config Sync on a managed resource whose scope is unknown.
	UnknownScopeAnnotationKey = configsync.ConfigSyncPrefix + "unknown-scope"

	// UnknownScopeAnnotationValue is the value for UnknownScopeAnnotationKey
	// to indicate that the scope of a resource is unknown.
	UnknownScopeAnnotationValue = "true"

	// DeletionPropagationPolicyAnnotationKey is the annotation key set on
	// RootSync/RepoSync objects to indicate what do do with the managed
	// resources when the RootSync/RepoSync object is deleted.
	DeletionPropagationPolicyAnnotationKey = configsync.ConfigSyncPrefix + "deletion-propagation-policy"

	// RequiresRenderingAnnotationKey is the annotation key set on
	// RootSync/RepoSync objects to indicate whether the source of truth
	// requires last mile hydration. The reconciler writes the value of this
	// annotation and the reconciler-manager reads it. If set to true, the
	// reconciler-manager will create the reconciler with the hydration-controller
	// sidecar container.
	RequiresRenderingAnnotationKey = configsync.ConfigSyncPrefix + "requires-rendering"
)

Annotations with the `configsync.gke.io/` prefix.

View Source
const (
	// LifecyclePrefix is the prefix for all lifecycle annotations.
	LifecyclePrefix = "client.lifecycle.config.k8s.io"

	// LifecycleMutationAnnotation is the lifecycle annotation key for the mutation
	// operation. The annotation must be declared in the repository in order to
	// function properly. This annotation only has effect when the object
	// updated in the cluster or the declaration changes. It has no impact on
	// behavior related to object creation/deletion, or if the object does not
	// already exist.
	// This annotation is set by Config Sync users on a managed resource.
	LifecycleMutationAnnotation = LifecyclePrefix + "/mutation"

	// IgnoreMutation is the value used with LifecycleMutationAnnotation to
	// prevent mutating a resource. That is, if the resource exists on the cluster
	// then ACM will make no attempt to modify it.
	IgnoreMutation = "ignore"
)

Lifecycle annotations

View Source
const (
	// LocalConfigAnnotationKey is the annotation key to mark
	// a resource is only local. When its value is "true",
	// the resource shouldn't be applied to the cluster.
	// This annotation is set by Config Sync users on a resource that
	// should be only used by local tools such as kpt function.
	LocalConfigAnnotationKey = filters.LocalConfigAnnotation

	// Any value except for NoLocalConfigAnnoVal will mark a resource as a local configuration.
	NoLocalConfigAnnoVal = "false"
)

Annotation for local configuration

View Source
const (
	// DeletionPropagationPolicyForeground indicates that the managed resources
	// should all be deleted/pruned before the RootSync/RepoSync object is deleted.
	// This will block deletion of the RootSync/RepoSync using a finalizer.
	DeletionPropagationPolicyForeground = DeletionPropagationPolicy("Foreground")

	// DeletionPropagationPolicyOrphan indicates that the managed resources
	// should all be orphanned (not deleted) when the RootSync/RepoSync object
	// is deleted.
	// This will NOT block deletion of the RootSync/RepoSync AND will not
	// remove or modify any config sync managed annotations.
	// This allows the RootSync/RepoSync to be deleted and re-created without
	// affecting the managed resources.
	// This is the default behavior if the annotation is not specified.
	DeletionPropagationPolicyOrphan = DeletionPropagationPolicy("Orphan")
)
View Source
const (
	// ReconcilerFinalizer is the finalizer added to the RootSync/RepoSync by
	// the reconciler when the deletion-propagation-policy is Foreground to
	// ensure deletion of the user objects it manages, before the
	// RootSync/RepoSync is deleted.
	ReconcilerFinalizer = configsync.ConfigSyncPrefix + reconcilermanager.Reconciler

	// ReconcilerManagerFinalizer is the finalizer added to the
	// RootSync/RepoSync by the reconciler-manager to ensure
	// deletion of the reconciler and its dependencies, before the
	// RootSync/RepoSync is deleted.
	ReconcilerManagerFinalizer = configsync.ConfigSyncPrefix + reconcilermanager.ManagerName
)
View Source
const (
	// ManagedByValue marks the resource as managed by Nomos.
	ManagedByValue = configmanagement.GroupName
	// SystemLabel is the system Nomos label.
	SystemLabel = ConfigManagementPrefix + "system"
	// ArchLabel is the arch Nomos label.
	ArchLabel = ConfigManagementPrefix + "arch"
)

Labels with the `configmanagement.gke.io/` prefix.

View Source
const (
	// ReconcilerLabel is the unique label given to each reconciler pod.
	// This label is set by Config Sync on a root-reconciler or namespace-reconciler pod.
	ReconcilerLabel = configsync.ConfigSyncPrefix + "reconciler"

	// DeclaredVersionLabel declares the API Version in which a resource was initially
	// declared.
	// This label is set by Config Sync on a managed resource.
	DeclaredVersionLabel = configsync.ConfigSyncPrefix + "declared-version"

	// SyncNamespaceLabel indicates the namespace of RootSync or RepoSync.
	SyncNamespaceLabel = configsync.ConfigSyncPrefix + "sync-namespace"

	// SyncNameLabel indicates the name of RootSync or RepoSync.
	SyncNameLabel = configsync.ConfigSyncPrefix + "sync-name"

	// SyncKindLabel indicates the RSync kind: RootSync or RepoSync.
	SyncKindLabel = configsync.ConfigSyncPrefix + "sync-kind"

	// SyncGenerationLabel indicates the generation of RootSync or RepoSync.
	SyncGenerationLabel = configsync.ConfigSyncPrefix + "sync-generation"

	// DeploymentNameLabel indicates the name of the Deployment.
	// This is used to enable selecting pods by label, primarily for printing logs.
	// Example: kubectl logs deployment/<deploy-name> <container-name> -n config-management-system
	DeploymentNameLabel = configsync.ConfigSyncPrefix + "deployment-name"
)

Labels with the `configsync.gke.io/` prefix.

View Source
const AutoPilotAnnotation = "autopilot.gke.io/resource-adjustment"

AutoPilotAnnotation is the annotation generated by the autopilot for resource adjustment.

View Source
const DepthSuffix = ".tree.hnc.x-k8s.io/depth"

DepthSuffix is a label suffix for hierarchical namespace depth. See definition at http://bit.ly/k8s-hnc-design#heading=h.1wg2oqxxn6ka. This label is set by Config Sync on a managed namespace resource.

View Source
const FleetWorkloadIdentityCredentials = "config.kubernetes.io/fleet-workload-identity"

FleetWorkloadIdentityCredentials is the key for the credentials file of the Fleet Workload Identity.

View Source
const HNCManagedBy = "hnc.x-k8s.io/managed-by"

HNCManagedBy is the annotation that indicates the namespace hierarchy is not managed by the Hierarchical Namespace Controller (http://bit.ly/k8s-hnc-design) but someone else, "configmanagement.gke.io" in this case. This annotation is set by Config Sync on a managed namespace resource.

View Source
const KustomizeOrigin = "config.kubernetes.io/origin"

KustomizeOrigin is the annotation generated by Kustomize to indicate the origin of the rendered resource.

View Source
const ManagedByKey = "app.kubernetes.io/managed-by"

ManagedByKey is the recommended Kubernetes label for marking a resource as managed by an application.

View Source
const OwningInventoryKey = "config.k8s.io/owning-inventory"

OwningInventoryKey is the annotation key for marking the owning-inventory object. This annotation is needed because the kpt library cannot apply a single resource. This annotation is set by Config Sync on a managed resource.

Variables

CommonAnnotationKeys include the annotation keys used in both the mono-repo and multi-repo mode.

ConfigSyncAnnotations contain the keys for ConfigSync annotations.

View Source
var MultiRepoOnlyAnnotationKeys = []string{
	GitContextKey,
	ResourceManagerKey,
	OwningInventoryKey,
}

MultiRepoOnlyAnnotationKeys include the annotation keys used only in the multi-repo mode.

Functions

func GetNomosAnnotationKeys

func GetNomosAnnotationKeys() []string

GetNomosAnnotationKeys returns the set of Nomos annotations that Config Sync should manage.

func HasConfigSyncMetadata

func HasConfigSyncMetadata(obj client.Object) bool

HasConfigSyncMetadata returns true if the given obj has at least one Config Sync annotation or label.

func HasConfigSyncPrefix

func HasConfigSyncPrefix(s string) bool

HasConfigSyncPrefix returns true if the string begins with a ConfigSync annotation prefix.

func IsConfigSyncAnnotationKey

func IsConfigSyncAnnotationKey(k string) bool

IsConfigSyncAnnotationKey returns whether an annotation key is a Config Sync annotation key.

func IsConfigSyncLabelKey

func IsConfigSyncLabelKey(k string) bool

IsConfigSyncLabelKey returns whether a label key is a Config Sync label key.

func IsSourceAnnotation

func IsSourceAnnotation(k string) bool

IsSourceAnnotation returns true if the annotation is a ConfigSync source annotation.

func RemoveConfigSyncMetadata

func RemoveConfigSyncMetadata(obj client.Object) bool

RemoveConfigSyncMetadata removes the Config Sync metadata, including both Config Sync annotations and labels, from the given resource. The only Config Sync metadata which will not be removed is `LifecycleMutationAnnotation`. The resource is modified in place. Returns true if the object was modified.

func SyncerLabels

func SyncerLabels() map[string]string

SyncerLabels returns the Nomos labels that the syncer should manage.

Types

type DeletionPropagationPolicy added in v1.15.1

type DeletionPropagationPolicy string

DeletionPropagationPolicy is the type used to identify value enums to use with the deletion-propagation-policy annotation.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL