Remove OwnerRef from keycloak client or add bool in crd to diasble it. #71
Assignees
Labels
enhancement
New feature or request
Comments
zmotso
added a commit
that referenced
this issue
Jul 26, 2024
Setting ownerReference with controller:true for Keycloak resources has disadvantages: - `controller: true` should be set for resources created by a controller. For example, we create a Deployment, and the controller creates a ReplicaSet with an `ownerReference` to the Deployment. In our case, we create resources separately, and the Keycloak controller isn't responsible for their creation. - ArgoCD doesn't remove resources with `controller: true`. It considers another controller responsible for them. If we remove the ArgoCD environment that contains KeycloakClient, this CR won't be removed by either ArgoCD or the Keycloak operator. This change break automatic deletion of CRs if related Keycloak/KeycloakRealm is removed. Now it isn't responsibility of the keycloak operator.
zmotso
added a commit
that referenced
this issue
Jul 26, 2024
Setting ownerReference with controller:true for Keycloak resources has disadvantages: - `controller: true` should be set for resources created by a controller. For example, we create a Deployment, and the controller creates a ReplicaSet with an `ownerReference` to the Deployment. In our case, we create resources separately, and the Keycloak controller isn't responsible for their creation. - ArgoCD doesn't remove resources with `controller: true`. It considers another controller responsible for them. If we remove the ArgoCD environment that contains KeycloakClient, this CR won't be removed by either ArgoCD or the Keycloak operator. This change breaks the automatic deletion of CRs if related Keycloak/KeycloakRealm is removed. Now, it isn't the responsibility of the keycloak operator.
10 tasks
zmotso
added a commit
that referenced
this issue
Jul 26, 2024
Setting ownerReference with controller:true for Keycloak resources has disadvantages: - `controller: true` should be set for resources created by a controller. For example, we create a Deployment, and the controller creates a ReplicaSet with an `ownerReference` to the Deployment. In our case, we create resources separately, and the Keycloak controller isn't responsible for their creation. - ArgoCD doesn't remove resources with `controller: true`. It considers another controller responsible for them. If we remove the ArgoCD environment that contains KeycloakClient, this CR won't be removed by either ArgoCD or the Keycloak operator. This change breaks the automatic deletion of CRs if related Keycloak/KeycloakRealm is removed. Now, it isn't the responsibility of the keycloak operator.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
ATM. adding OwnerRef in client CRD makes argocd useless. ArgoCD is not able to delete old resources.
In addition client CRD should not have controller: true flag.
Describe the solution you'd like
Remove OwnerRef from keycloak client or add bool in crd to diasble it.
The text was updated successfully, but these errors were encountered: