search

argoproj / argo-cd

Declarative Continuous Deployment for Kubernetes
https://argo-cd.readthedocs.io
Apache License 2.0
17.92k stars 5.46k forks source link

Change from server is not considered as a diff #20765

Open OpenGuidou opened 2 days ago

OpenGuidou commented 2 days ago

Checklist:

Describe the bug

When a change is done on a resource directly on the target, it is not detected as a diff by Argo CD, and so not self-healed.

To Reproduce

  1. Create a simple Application deploying a ConfigMap (for example pointing to https://github.com/OpenGuidou/simple-configmap.git)
  2. Add a new field in the configmap on the server
  3. It is not seen as a change

Expected behavior

It should be flagged as a diff and self-healed if the option is set

Screenshots

Desired manifest: image

Live manifest: image

Diff: image

Application:

project: default
source:
  repoURL: https://github.com/OpenGuidou/simple-configmap.git
  path: .
  targetRevision: HEAD
destination:
  server: https://kubernetes.default.svc
  namespace: argocd
syncPolicy:
  automated:
    prune: true
    selfHeal: true

Version

argocd: v2.13.0+347f221
  BuildDate: 2024-11-04T15:31:20Z
  GitCommit: 347f221adba5599ef4d5f12ee572b2c17d01db4d
  GitTreeState: clean
  GoVersion: go1.23.2
  Compiler: gc
  Platform: linux/amd64
argocd-server: v2.13.0+347f221
  BuildDate: 2024-11-04T15:31:20Z
  GitCommit: 347f221adba5599ef4d5f12ee572b2c17d01db4d
  GitTreeState: clean
  GoVersion: go1.23.2
  Compiler: gc
  Platform: linux/amd64
  Kustomize Version: v5.4.1 2024-04-04T17:11:54Z
  Helm Version: v3.15.4+gfa9efb0
  Kubectl Version: v0.31.0
  Jsonnet Version: v0.20.0
OpenGuidou commented 1 day ago

While investigating in the code, I found out that it's because the kubectl.kubernetes.io/last-applied-configuration is no longer aligned with the content of the manifest.

It's then doing a 3-way merge, but keeping the changes on the live manifests: image

I don't think it's valid in our case, as we want to use the target (config) as source of truth

OpenGuidou commented 1 day ago

Similar investigation: https://github.com/argoproj/argo-cd/issues/7951#issuecomment-1343386682

andrii-korotkov-verkada commented 7 hours ago

That's an expected behavior from kubectl diffing as of now. I don't know the exact reasons though.