stefanprodan
commented
1 week ago You should rename the Flux Kustomization, workloads are tracked by their group/kind/name/namespace, not cluster.
Open rcarre opened 1 week ago
stefanprodan
commented
1 week ago You should rename the Flux Kustomization, workloads are tracked by their group/kind/name/namespace, not cluster.
rcarre
commented
1 week ago Thx for you swith reply @stefanprodan I will give a try but it looks not as easy in my case because my Flux release intents are build up from kustomize components patches.
kustomization.yaml
---
apiVersion: kustomize.config.k8s.io/v1alpha1
kind: Component
patches:
- path: release-patch.yaml
target:
group: kustomize.toolkit.fluxcd.io
version: v1
kind: Kustomization
name: ....release-patch.yaml
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: .*
namespace: ${SERVICE_NAME}
spec:
kubeConfig:
secretRef:
name: occne-target-kubeconfig
targetNamespace: ${SERVICE_NAME}Maybe we should make the kubeConfig field immutable. This type of change was never supported, it’s the same as changing the label selectors in a Deployment, you cannot do that without deleting/creating the deployment.
rcarre
commented
6 days ago Agreed @stefanprodan ...meanwhile, I gave a try to apply Kustomize builtin transformers to certain resources in order to distinguish Flux Kustomization along cluster target installation, but strangely metadata.name: myRelease is ignored making all Flux Kustomization append with -occne but that fits the bill
transformers:
- |-
apiVersion: builtin
kind: PrefixSuffixTransformer
metadata:
name: myRelease
suffix: -occne
fieldSpecs:
- path: metadata/name
group: kustomize.toolkit.fluxcd.io
kind: Kustomization
version: v1I gonna initiate a PR to make the kubeConfig field immutable ...
stefanprodan
commented
3 days ago There is a major issue with that, people should be rotating the token in the kubeconfig, this is usually done using Kustomize secretgen that changes the secret name. Making that field readonly would break a valid usecase. The cluster doesn’t change but the the auth does.
Describe the bug
Install this kusto on local Flux cluster
Then, change your mind, and decide to install kusto on remote cluster thanks to kusto update
Workloads first created on local Flux cluster are not deleted
Steps to reproduce
See above
Expected behavior
Workloads first created on local Flux cluster should be deleted, shouldn't they ?
Screenshots and recordings
No response
OS / Distro
Linux
Flux version
2.3.0
Flux check
► checking prerequisites ✔ Kubernetes 1.28.11+rke2r1 >=1.28.0-0 ► checking version in cluster ✔ distribution: flux-v2.3.0 ✔ bootstrapped: true ► checking controllers ✔ helm-controller: deployment ready ► ghcr.io/fluxcd/helm-controller:v1.0.1 ✔ kustomize-controller: deployment ready ► ghcr.io/fluxcd/kustomize-controller:v1.3.0 ✔ notification-controller: deployment ready ► ghcr.io/fluxcd/notification-controller:v1.3.0 ✔ source-controller: deployment ready ► ghcr.io/fluxcd/source-controller:v1.3.0 ► checking crds ✔ alerts.notification.toolkit.fluxcd.io/v1beta3 ✔ buckets.source.toolkit.fluxcd.io/v1beta2 ✔ gitrepositories.source.toolkit.fluxcd.io/v1 ✔ helmcharts.source.toolkit.fluxcd.io/v1 ✔ helmreleases.helm.toolkit.fluxcd.io/v2 ✔ helmrepositories.source.toolkit.fluxcd.io/v1 ✔ kustomizations.kustomize.toolkit.fluxcd.io/v1 ✔ ocirepositories.source.toolkit.fluxcd.io/v1beta2 ✔ providers.notification.toolkit.fluxcd.io/v1beta3 ✔ receivers.notification.toolkit.fluxcd.io/v1 ✔ all checks passed
Git provider
No response
Container Registry provider
No response
Additional context
No response
Code of Conduct