prune-unused: don't only look at pod specs

[ahmetb]

Most people version ConfigMaps/Secrets by creating new ones instead of editing existing. This pattern is heavily employed by tools like kustomize, as it is a best practice.

When you roll back a deployment (i.e. activating a replicaset that was scaled down to 0 pods) you don't want to find out you've pruned configmap/secret it referenced...

I think this plugin should look at all ReplicaSet specs for such unused info. If there's a ReplicaSet spec not cleaned up by its Deployment object (due to max history), its secret/cm should not be deleted.

[etiennetremel]

Hi @ahmetb, did you notice something wrong with the current implementation? The current logic should already be taking into account any deployment/replicaset configured with 0 replicas.

The current behavior is as follow:

1. select all resources (deploy, replicasets, replicacontroller, pods, deamonsets, cronjobs, jobs, statefulsets)
2. for each of these resources extract all the configmap/secret field (based on the pod spec section of these resrouces) and add the configmap/secret name to an array
3. then for each configmaps/secrets available in the given namespace, delete the one that aren't available listed in the array created in point 2