search

NiklasRosenstein / nyl

Nyl facilitates the orchestration of infrastructure and application deployment pipelines across different tools, making them work together in a seamless manner.
https://niklasrosenstein.github.io/nyl/
1 stars 0 forks source link

`nyl template --apply` does not remove `Backup.postgresql.cnpg.io` #17

Open NiklasRosenstein opened 3 weeks ago

NiklasRosenstein commented 3 weeks ago

Master issue: #5

I have a Backup resource from CNPG and when I remove it, nyl template --apply does not cause it to be removed despite the use of ApplySets.

apiVersion: nyl.io/v1
kind: ApplySet
metadata:
  name: dbtest
  namespace: default
  annotations:
    applyset.kubernetes.io/additional-namespaces: default
    applyset.kubernetes.io/contains-group-kinds: Backup.postgresql.cnpg.io,Cluster.postgresql.cnpg.io,Secret
    applyset.kubernetes.io/tooling: kubectl/v1.30.1
  labels:                                                                                                                                                                                                                                                                                                                       
    applyset.kubernetes.io/id: applyset-udOLAc3vebT-iZJonoxsKC3Nr7c6fVeNkIdTcC5DsdM-v1
NiklasRosenstein commented 2 weeks ago

It also doesn't seem to remove secrets. Simple example to reproduce:

---
apiVersion: v1
kind: Namespace
metadata:
  name: sccache

---
apiVersion: inline.nyl.io/v1
kind: HelmChart
release:
  name: redis
  namespace: sccache
chart:
  # Explore the chart at https://artifacthub.io/packages/helm/bitnami/redis
  repository: https://charts.bitnami.com/bitnami
  name: redis
  version: "20.0.3"
values:
  architecture: standalone
  auth:
    enabled: true # make this "false" in the second run
  master:
    persistence:
      enabled: true
      storageClass: hcloud-volumes
      size: 64Gi

Comparison between the kubectl logs between the two nyl template --apply runs:

 applyset.nyl.io/sccache serverside-applied
 ApplySet field manager kubectl-applyset should own these fields. Retrying with conflicts forced.
 namespace/sccache serverside-applied
 networkpolicy.networking.k8s.io/redis serverside-applied
 poddisruptionbudget.policy/redis-master serverside-applied
 serviceaccount/redis-master serverside-applied
-secret/redis serverside-applied
 configmap/redis-configuration serverside-applied
 configmap/redis-health serverside-applied
 configmap/redis-scripts serverside-applied
 service/redis-headless serverside-applied
 service/redis-master serverside-applied
 statefulset.apps/redis-master serverside-applied

There is supposed to be a "pruning secret ..." log!