Skip to content

Commit

Permalink
Merge pull request #2276 from neogopher/backport/v0.20/pr-2259
Browse files Browse the repository at this point in the history
[v0.20] feat: exclude Rancher managed annotations while syncing ingress (#2259)
  • Loading branch information
FabianKramm authored Nov 13, 2024
2 parents c27a3e1 + c378748 commit 8e9bdbc
Show file tree
Hide file tree
Showing 7 changed files with 91 additions and 11 deletions.
2 changes: 1 addition & 1 deletion .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@ linters:
- tagalign
- asciicheck
- bidichk
- copyloopvar
- decorder
- dupl
- durationcheck
- errcheck
- errname
- errorlint
- exhaustive
- exportloopref
- ginkgolinter
- gocheckcompilerdirectives
- gofmt
Expand Down
4 changes: 3 additions & 1 deletion pkg/controllers/resources/ingresses/syncer.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package ingresses
import (
"strings"

"github.com/loft-sh/vcluster/pkg/controllers/resources/services"
synccontext "github.com/loft-sh/vcluster/pkg/controllers/syncer/context"
"github.com/loft-sh/vcluster/pkg/controllers/syncer/translator"
syncertypes "github.com/loft-sh/vcluster/pkg/types"
Expand All @@ -14,8 +15,9 @@ import (
)

func NewSyncer(ctx *synccontext.RegisterContext) (syncertypes.Object, error) {
excludedAnnotations := []string{services.RancherPublicEndpointsAnnotation}
return &ingressSyncer{
NamespacedTranslator: translator.NewNamespacedTranslator(ctx, "ingress", &networkingv1.Ingress{}),
NamespacedTranslator: translator.NewNamespacedTranslator(ctx, "ingress", &networkingv1.Ingress{}, excludedAnnotations...),
}, nil
}

Expand Down
75 changes: 75 additions & 0 deletions pkg/controllers/resources/ingresses/syncer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -430,6 +430,81 @@ func TestSync(t *testing.T) {
err = syncCtx.PhysicalClient.Get(syncCtx.Context, types.NamespacedName{Name: createdIngress.Name, Namespace: createdIngress.Namespace}, pIngress)
assert.NilError(t, err)

_, err = syncer.(*ingressSyncer).Sync(syncCtx, pIngress, vIngress)
assert.NilError(t, err)
},
},
{
Name: "Exclude Rancher managed annotations from syncing",
InitialVirtualState: []runtime.Object{
&networkingv1.Ingress{
ObjectMeta: metav1.ObjectMeta{
Name: baseIngress.Name,
Namespace: baseIngress.Namespace,
Labels: baseIngress.Labels,
Annotations: map[string]string{
"nginx.ingress.kubernetes.io/auth-secret": "my-secret",
"nginx.ingress.kubernetes.io/auth-tls-secret": baseIngress.Namespace + "/my-secret",
"field.cattle.io/publicEndpoints": `[{"addresses":["192.168.0.10"],"port":80,"protocol":"HTTP","serviceName":"default:nginx","ingressName":"default:test-ingress","hostname":"my-ingress-endpoint.com","path":"/","allNodes":false}]`,
},
},
},
},
InitialPhysicalState: []runtime.Object{
&networkingv1.Ingress{
ObjectMeta: metav1.ObjectMeta{
Name: createdIngress.Name,
Namespace: createdIngress.Namespace,
Labels: createdIngress.Labels,
},
},
},
ExpectedVirtualState: map[schema.GroupVersionKind][]runtime.Object{
networkingv1.SchemeGroupVersion.WithKind("Ingress"): {
&networkingv1.Ingress{
ObjectMeta: metav1.ObjectMeta{
Name: baseIngress.Name,
Namespace: baseIngress.Namespace,
Labels: baseIngress.Labels,
Annotations: map[string]string{
"nginx.ingress.kubernetes.io/auth-secret": "my-secret",
"nginx.ingress.kubernetes.io/auth-tls-secret": baseIngress.Namespace + "/my-secret",
"field.cattle.io/publicEndpoints": `[{"addresses":["192.168.0.10"],"port":80,"protocol":"HTTP","serviceName":"default:nginx","ingressName":"default:test-ingress","hostname":"my-ingress-endpoint.com","path":"/","allNodes":false}]`,
},
},
},
},
},
ExpectedPhysicalState: map[schema.GroupVersionKind][]runtime.Object{
networkingv1.SchemeGroupVersion.WithKind("Ingress"): {
&networkingv1.Ingress{
ObjectMeta: metav1.ObjectMeta{
Name: createdIngress.Name,
Namespace: createdIngress.Namespace,
Labels: createdIngress.Labels,
Annotations: map[string]string{
"nginx.ingress.kubernetes.io/auth-secret": translate.Default.PhysicalName("my-secret", baseIngress.Namespace),
"nginx.ingress.kubernetes.io/auth-tls-secret": createdIngress.Namespace + "/" + translate.Default.PhysicalName("my-secret", baseIngress.Namespace),
"vcluster.loft.sh/managed-annotations": "nginx.ingress.kubernetes.io/auth-secret\nnginx.ingress.kubernetes.io/auth-tls-secret",
"vcluster.loft.sh/object-name": baseIngress.Name,
"vcluster.loft.sh/object-namespace": baseIngress.Namespace,
translate.UIDAnnotation: "",
},
},
},
},
},
Sync: func(registerContext *synccontext.RegisterContext) {
syncCtx, syncer := generictesting.FakeStartSyncer(t, registerContext, NewSyncer)

vIngress := &networkingv1.Ingress{}
err := syncCtx.VirtualClient.Get(syncCtx.Context, types.NamespacedName{Name: baseIngress.Name, Namespace: baseIngress.Namespace}, vIngress)
assert.NilError(t, err)

pIngress := &networkingv1.Ingress{}
err = syncCtx.PhysicalClient.Get(syncCtx.Context, types.NamespacedName{Name: createdIngress.Name, Namespace: createdIngress.Namespace}, pIngress)
assert.NilError(t, err)

_, err = syncer.(*ingressSyncer).Sync(syncCtx, pIngress, vIngress)
assert.NilError(t, err)
},
Expand Down
6 changes: 3 additions & 3 deletions pkg/controllers/resources/nodes/syncer.go
Original file line number Diff line number Diff line change
Expand Up @@ -157,10 +157,10 @@ func (s *nodeSyncer) ModifyController(ctx *synccontext.RegisterContext, bld *bui
}

// only used when scheduler is enabled
func enqueueNonVClusterPod(old, new client.Object, q workqueue.RateLimitingInterface) {
pod, ok := new.(*corev1.Pod)
func enqueueNonVClusterPod(old, newObj client.Object, q workqueue.RateLimitingInterface) {
pod, ok := newObj.(*corev1.Pod)
if !ok {
klog.Errorf("invalid type passed to pod handler: %T", new)
klog.Errorf("invalid type passed to pod handler: %T", newObj)
return
}
// skip if node name missing
Expand Down
7 changes: 5 additions & 2 deletions pkg/controllers/resources/services/syncer.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,17 @@ import (
"sigs.k8s.io/controller-runtime/pkg/client"
)

var ServiceBlockDeletion = "vcluster.loft.sh/block-deletion"
var (
ServiceBlockDeletion = "vcluster.loft.sh/block-deletion"
RancherPublicEndpointsAnnotation = "field.cattle.io/publicEndpoints"
)

func New(ctx *synccontext.RegisterContext) (syncertypes.Object, error) {
return &serviceSyncer{
// exclude "field.cattle.io/publicEndpoints" annotation used by Rancher,
// because if it is also installed in the host cluster, it will be
// overriding it, which would cause endless updates back and forth.
NamespacedTranslator: translator.NewNamespacedTranslator(ctx, "service", &corev1.Service{}, "field.cattle.io/publicEndpoints"),
NamespacedTranslator: translator.NewNamespacedTranslator(ctx, "service", &corev1.Service{}, RancherPublicEndpointsAnnotation),

serviceName: ctx.Config.WorkloadService,
}, nil
Expand Down
4 changes: 2 additions & 2 deletions pkg/helm/time.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@ func ParseInLocation(layout, value string, loc *time.Location) (Time, error) {
return Time{Time: t}, err
}

func Date(year int, month time.Month, day, hour, min, sec, nsec int, loc *time.Location) Time {
return Time{Time: time.Date(year, month, day, hour, min, sec, nsec, loc)}
func Date(year int, month time.Month, day, hour, minute, sec, nsec int, loc *time.Location) Time {
return Time{Time: time.Date(year, month, day, hour, minute, sec, nsec, loc)}
}

func Unix(sec int64, nsec int64) Time { return Time{Time: time.Unix(sec, nsec)} }
Expand Down
4 changes: 2 additions & 2 deletions pkg/util/encoding/helper.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,15 @@ func Convert(from runtime.Object, to runtime.Object) error {
}

// ConvertList converts the objects from the from list and puts them into the to list
func ConvertList(fromList runtime.Object, toList runtime.Object, new rest.Storage) error {
func ConvertList(fromList runtime.Object, toList runtime.Object, storage rest.Storage) error {
list, err := meta.ExtractList(fromList)
if err != nil {
return err
}

newItems := []runtime.Object{}
for _, item := range list {
newItem := new.New()
newItem := storage.New()
err = Convert(item, newItem)
if err != nil {
return err
Expand Down

0 comments on commit 8e9bdbc

Please sign in to comment.