Kubernetes controller for multi-tenancy. It propagates resources between namespaces accurately and allows tenant users to create/delete sub-namespaces.
Accurate currently does not delete previously propagated labels when deleted from the parent namespace to prevent unintended deletions. Users are expected to manually delete labels/annotations that are no longer needed.
I wonder which kind of "unintended deletions" are referred to here. I would expect Accurate to clean up a previously propagated namespace label/annotation (based on Kubernetes managedFields ownership) when the desired state of parent/template NS (or SubNamespace) indicates that a label/annotation should not be propagated.
Could a migration to SSA (Server Side Apply) aid in this? Since controller-runtime still has limited support for SSA, ref. https://github.com/kubernetes-sigs/controller-runtime/issues/347, we probably must migrate to Unstructured instead of structured types. But IMO I think it would be worth it.
What
Ref. docs:
I wonder which kind of "unintended deletions" are referred to here. I would expect Accurate to clean up a previously propagated namespace label/annotation (based on Kubernetes
managedFields
ownership) when the desired state of parent/template NS (or SubNamespace) indicates that a label/annotation should not be propagated.Could a migration to SSA (Server Side Apply) aid in this? Since controller-runtime still has limited support for SSA, ref. https://github.com/kubernetes-sigs/controller-runtime/issues/347, we probably must migrate to
Unstructured
instead of structured types. But IMO I think it would be worth it.How
Describe how to address the issue.
Checklist