Documentation ¶
Index ¶
- Constants
- func BadScopeErr(resource client.Object, want declared.Scope) status.ResourceError
- func OptionsForScope(options validate.Options, scope declared.Scope) validate.Options
- func Run(ctx context.Context, p Parser, nsControllerState *namespacecontroller.State, ...)
- type FileSource
- type Files
- type GitSourceSpec
- type HelmSourceSpec
- type OCISourceSpec
- type Options
- type Parser
- type ReconcilerStatus
- type RenderingStatus
- type RootOptions
- type RunFunc
- type RunOpts
- type SourceSpec
- type SourceStatus
- type SyncErrorCache
- func (s *SyncErrorCache) AddApplyError(err status.Error)
- func (s *SyncErrorCache) ConflictHandler() conflict.Handler
- func (s *SyncErrorCache) Errors() status.MultiError
- func (s *SyncErrorCache) FightHandler() fight.Handler
- func (s *SyncErrorCache) ResetApplyErrors()
- func (s *SyncErrorCache) SetValidationErrs(errs status.MultiError)
- func (s *SyncErrorCache) SetWatchErrs(errs status.MultiError)
- type SyncStatus
- type Updater
Constants ¶
const ( // RenderingInProgress means that the configs are still being rendered by Config Sync. RenderingInProgress string = "Rendering is still in progress" // RenderingSucceeded means that the configs have been rendered successfully. RenderingSucceeded string = "Rendering succeeded" // RenderingFailed means that the configs have failed to be rendered. RenderingFailed string = "Rendering failed" // RenderingSkipped means that the configs don't need to be rendered. RenderingSkipped string = "Rendering skipped" // RenderingRequired means that the configs require rendering but the // hydration-controller is not currently running. RenderingRequired string = "Rendering required but is currently disabled" // RenderingNotRequired means that the configs do not require rendering but the // hydration-controller is currently running. RenderingNotRequired string = "Rendering not required but is currently enabled" )
Variables ¶
This section is empty.
Functions ¶
func BadScopeErr ¶
BadScopeErr reports that the passed resource declares a Namespace for a different Namespace repository.
func OptionsForScope ¶
OptionsForScope returns new Options that have been updated for the given Scope.
Types ¶
type FileSource ¶
type FileSource struct { // SourceDir is the path to the symbolic link of the source repository. SourceDir cmpath.Absolute // HydratedRoot is the path to the root of the hydrated directory. HydratedRoot string // RepoRoot is the absolute path to the parent directory of SourceRoot and HydratedRoot. RepoRoot cmpath.Absolute // HydratedLink is the relative path to the symbolic link of the hydrated configs. HydratedLink string // SyncDir is the path to the directory of policies within the source repository. SyncDir cmpath.Relative // SourceType is the type of the source repository, must be git or oci. SourceType configsync.SourceType // SourceRepo is the source repo to sync. SourceRepo string // SourceBranch is the branch of the source repo to sync. SourceBranch string // SourceRev is the revision of the source repo to sync. SourceRev string }
FileSource includes all settings to configure where a Parser reads files from.
type Files ¶ added in v1.17.0
type Files struct { FileSource // contains filtered or unexported fields }
Files lists files in a repository and ensures the source repository hasn't been modified from HEAD.
type GitSourceSpec ¶ added in v1.19.0
GitSourceSpec is a SourceSpec for the Git SourceType
func (GitSourceSpec) Equals ¶ added in v1.19.0
func (g GitSourceSpec) Equals(other SourceSpec) bool
Equals returns true if the specified SourceSpec equals this GitSourceSpec, including type and all field values.
type HelmSourceSpec ¶ added in v1.19.0
HelmSourceSpec is a SourceSpec for the Helm SourceType
func (HelmSourceSpec) Equals ¶ added in v1.19.0
func (h HelmSourceSpec) Equals(other SourceSpec) bool
Equals returns true if the specified SourceSpec equals this HelmSourceSpec, including type and all field values.
type OCISourceSpec ¶ added in v1.19.0
OCISourceSpec is a SourceSpec for the OCI SourceType
func (OCISourceSpec) Equals ¶ added in v1.19.0
func (o OCISourceSpec) Equals(other SourceSpec) bool
Equals returns true if the specified SourceSpec equals this OCISourceSpec, including type and all field values.
type Options ¶ added in v1.17.0
type Options struct { // Clock is used for time tracking, namely to simplify testing by allowing // a fake clock, instead of a RealClock. Clock clock.Clock // Parser defines the minimum interface required for Reconciler to use a // Parser to read configs from a filesystem. Parser filesystem.ConfigParser // ClusterName is the name of the cluster we're syncing configuration to. ClusterName string // Client knows how to read objects from a Kubernetes cluster and update // status. Client client.Client // ReconcilerName is the name of the reconciler resources, such as service // account, service, deployment and etc. ReconcilerName string // SyncName is the name of the RootSync or RepoSync object. SyncName string // PollingPeriod is the period of time between checking the filesystem for // source updates to sync. PollingPeriod time.Duration // ResyncPeriod is the period of time between forced re-sync from source // (even without a new commit). ResyncPeriod time.Duration // RetryPeriod is how long the Parser waits between retries, after an error. RetryPeriod time.Duration // StatusUpdatePeriod is how long the Parser waits between updates of the // sync status, to account for management conflict errors from the Remediator. StatusUpdatePeriod time.Duration // DiscoveryInterface is how the Parser learns what types are currently // available on the cluster. DiscoveryInterface discovery.ServerResourcer // Converter uses the DiscoveryInterface to encode the declared fields of // objects in Git. Converter *declared.ValueConverter // RenderingEnabled indicates whether the hydration-controller is currently // running for this reconciler. RenderingEnabled bool // WebhookEnabled indicates whether the Webhook is currently enabled WebhookEnabled bool // Files lists Files in the source of truth. Files // Updater mutates the most-recently-seen versions of objects stored in memory. Updater // contains filtered or unexported fields }
Options holds configuration and core functionality required by all parsers.
type Parser ¶
type Parser interface { ReconcilerStatusFromCluster(ctx context.Context) (*ReconcilerStatus, error) SetSyncStatus(ctx context.Context, newStatus *SyncStatus) error // SyncErrors returns all the sync errors, including remediator errors, // validation errors, applier errors, and watch update errors. SyncErrors() status.MultiError // K8sClient returns the Kubernetes client that talks to the API server. K8sClient() client.Client // contains filtered or unexported methods }
Parser represents a parser that can be pointed at and continuously parse a source.
func NewNamespaceRunner ¶
NewNamespaceRunner creates a new runnable parser for parsing a Namespace repo.
func NewRootRunner ¶
func NewRootRunner(opts *Options, rootOpts *RootOptions) Parser
NewRootRunner creates a new runnable parser for parsing a Root repository.
type ReconcilerStatus ¶ added in v1.19.0
type ReconcilerStatus struct { // SourceStatus tracks info from the `Status.Source` field of a RepoSync/RootSync. SourceStatus *SourceStatus // RenderingStatus tracks info from the `Status.Rendering` field of a RepoSync/RootSync. RenderingStatus *RenderingStatus // SyncStatus tracks info from the `Status.Sync` field of a RepoSync/RootSync. SyncStatus *SyncStatus // SyncingConditionLastUpdate tracks when the `Syncing` condition was updated most recently. SyncingConditionLastUpdate metav1.Time }
ReconcilerStatus represents the status of the reconciler.
func (*ReconcilerStatus) DeepCopy ¶ added in v1.19.0
func (s *ReconcilerStatus) DeepCopy() *ReconcilerStatus
DeepCopy returns a deep copy of the receiver. Warning: Go errors are not copy-able. So this isn't a true deep-copy.
type RenderingStatus ¶ added in v1.19.0
type RenderingStatus struct { // Spec represents the source specification that this status corresponds to. // The spec is stored in the status so we can distinguish if the status // reflects the latest spec or not. Spec SourceSpec Commit string Message string Errs status.MultiError LastUpdate metav1.Time // RequiresRendering indicates whether the sync source has dry configs // only used internally (not surfaced on RSync status) RequiresRendering bool }
RenderingStatus represents the status of the rendering stage of the pipeline.
func (*RenderingStatus) DeepCopy ¶ added in v1.19.0
func (rs *RenderingStatus) DeepCopy() *RenderingStatus
DeepCopy returns a deep copy of the receiver. Warning: Go errors are not copy-able. So this isn't a true deep-copy.
func (*RenderingStatus) Equals ¶ added in v1.19.0
func (rs *RenderingStatus) Equals(other *RenderingStatus) bool
Equals returns true if the specified RenderingStatus equals this RenderingStatus, excluding the LastUpdate timestamp.
type RootOptions ¶ added in v1.17.0
type RootOptions struct { // SourceFormat defines the structure of the Root repository. Only the Root // repository may be SourceFormatHierarchy; all others are implicitly // SourceFormatUnstructured. SourceFormat configsync.SourceFormat // NamespaceStrategy indicates the NamespaceStrategy to be used by this // reconciler. NamespaceStrategy configsync.NamespaceStrategy // DynamicNSSelectorEnabled represents whether the NamespaceSelector's dynamic // mode is enabled. If it is enabled, NamespaceSelector will also select // resources matching the on-cluster Namespaces. // Only Root reconciler may have dynamic NamespaceSelector enabled because // RepoSync can't manage NamespaceSelectors. DynamicNSSelectorEnabled bool // NSControllerState stores whether the Namespace Controller schedules a sync // event for the reconciler thread, along with the cached NamespaceSelector // and selected namespaces. // Only Root reconciler may have Namespace Controller state because // RepoSync can't manage NamespaceSelectors. NSControllerState *namespacecontroller.State }
RootOptions includes options specific to RootSync objects.
type RunFunc ¶ added in v1.19.0
RunFunc is the function signature of the function that starts the parse-apply-watch loop
type RunOpts ¶ added in v1.19.0
type RunOpts struct {
// contains filtered or unexported fields
}
RunOpts are the options used when calling Run
func DefaultRunOpts ¶ added in v1.19.0
func DefaultRunOpts() RunOpts
DefaultRunOpts returns the default options for Run
type SourceSpec ¶ added in v1.19.0
type SourceSpec interface { // Equals returns true if the specified SourceSpec equals this // SourceSpec, including type and all field values. Equals(SourceSpec) bool }
SourceSpec is a representation of the source specification that is cached and stored in the RSync status for each stage in the pipeline.
For the purposes of deciding when to skip updates, the SourceSpec is comparable for equality. If not equal, an update is necessary.
func SourceSpecFromFileSource ¶ added in v1.19.0
func SourceSpecFromFileSource(source FileSource, sourceType configsync.SourceType, commit string) SourceSpec
SourceSpecFromFileSource builds a SourceSpec from the FileSource. The type of SourceSpec depends on the SourceType. Commit is only necessary for Helm sources, because the chart Version is parsed from the "commit" string (`chart:version`).
type SourceStatus ¶ added in v1.19.0
type SourceStatus struct { // Spec represents the source specification that this status corresponds to. // The spec is stored in the status so we can distinguish if the status // reflects the latest spec or not. Spec SourceSpec Commit string Errs status.MultiError LastUpdate metav1.Time }
SourceStatus represents the status of the source stage of the pipeline.
func (*SourceStatus) DeepCopy ¶ added in v1.19.0
func (gs *SourceStatus) DeepCopy() *SourceStatus
DeepCopy returns a deep copy of the receiver. Warning: Go errors are not copy-able. So this isn't a true deep-copy.
func (*SourceStatus) Equals ¶ added in v1.19.0
func (gs *SourceStatus) Equals(other *SourceStatus) bool
Equals returns true if the specified SourceStatus equals this SourceStatus, excluding the LastUpdate timestamp.
type SyncErrorCache ¶ added in v1.19.0
type SyncErrorCache struct {
// contains filtered or unexported fields
}
SyncErrorCache is a collection of sync errors, locked for thread-safe use.
func NewSyncErrorCache ¶ added in v1.19.0
func NewSyncErrorCache(conflictHandler conflict.Handler, fightHandler fight.Handler) *SyncErrorCache
NewSyncErrorCache constructs a new SyncErrorCache with shared handlers
func (*SyncErrorCache) AddApplyError ¶ added in v1.19.0
func (s *SyncErrorCache) AddApplyError(err status.Error)
AddApplyError adds an apply error to the list of cached apply errors.
func (*SyncErrorCache) ConflictHandler ¶ added in v1.19.0
func (s *SyncErrorCache) ConflictHandler() conflict.Handler
ConflictHandler returns the thread-safe handler of resource & management fights
func (*SyncErrorCache) Errors ¶ added in v1.19.0
func (s *SyncErrorCache) Errors() status.MultiError
Errors returns the latest known set of errors from the updater and remediator.
func (*SyncErrorCache) FightHandler ¶ added in v1.19.0
func (s *SyncErrorCache) FightHandler() fight.Handler
FightHandler returns the thread-safe handler of controller fights
func (*SyncErrorCache) ResetApplyErrors ¶ added in v1.19.0
func (s *SyncErrorCache) ResetApplyErrors()
ResetApplyErrors deletes all cached apply errors.
func (*SyncErrorCache) SetValidationErrs ¶ added in v1.19.0
func (s *SyncErrorCache) SetValidationErrs(errs status.MultiError)
SetValidationErrs replaces the cached validation errors
func (*SyncErrorCache) SetWatchErrs ¶ added in v1.19.0
func (s *SyncErrorCache) SetWatchErrs(errs status.MultiError)
SetWatchErrs replaces the cached watch errors. These come from updating the watches, not watch event errors.
type SyncStatus ¶ added in v1.19.0
type SyncStatus struct { // Spec represents the source specification that this status corresponds to. // The spec is stored in the status so we can distinguish if the status // reflects the latest spec or not. Spec SourceSpec Syncing bool Commit string Errs status.MultiError LastUpdate metav1.Time }
SyncStatus represents the status of the sync stage of the pipeline.
func (*SyncStatus) DeepCopy ¶ added in v1.19.0
func (ss *SyncStatus) DeepCopy() *SyncStatus
DeepCopy returns a deep copy of the receiver. Warning: Go errors are not copy-able. So this isn't a true deep-copy.
func (*SyncStatus) Equals ¶ added in v1.19.0
func (ss *SyncStatus) Equals(other *SyncStatus) bool
Equals returns true if the specified SyncStatus equals this SyncStatus, excluding the LastUpdate timestamp.
type Updater ¶ added in v1.17.0
type Updater struct { // Scope defines the scope of the reconciler, either root or namespaced. Scope declared.Scope // Resources is a set of resources declared in the source of truth. *declared.Resources // Remediator is the interface Remediator implements that accepts a new set of // declared configuration. Remediator remediator.Interface // Applier is a bulk client for applying a set of desired resource objects and // tracking them in a ResourceGroup inventory. Applier applier.Applier // SyncErrorCache caches the sync errors from the various reconciler // sub-components running in parallel. This allows batching updates and // pushing them asynchronously. SyncErrorCache *SyncErrorCache // contains filtered or unexported fields }
Updater mutates the most-recently-seen versions of objects stored in memory.
func (*Updater) HasManagementConflict ¶ added in v1.19.0
HasManagementConflict returns true when conflict errors have been encountered by the Applier or Remediator for at least one currently managed object.
func (*Updater) ManagementConflicts ¶ added in v1.19.0
func (u *Updater) ManagementConflicts() []status.ManagementConflictError
ManagementConflicts returns a list of conflict errors encountered by the Applier or Remediator.
func (*Updater) Remediating ¶ added in v1.19.0
Remediating returns true if the Remediator is remediating.
func (*Updater) Update ¶ added in v1.17.0
func (u *Updater) Update(ctx context.Context, cache *cacheForCommit) status.MultiError
Update does the following: 1. Pauses the remediator 2. Validates and sterilizes the objects 3. Updates the declared resource objects in memory 4. Applies the objects 5. Updates the remediator watches 6. Restarts the remediator
Any errors returned will be prepended with any known conflict errors from the remediator. This is required to preserve errors that have been reported by another reconciler.