From e815e56db23ff2acaffe1812e5602b822cbf2d3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Kalke?= <56382792+MichalKalke@users.noreply.github.com> Date: Thu, 4 Jan 2024 17:59:20 +0100 Subject: [PATCH] Remove secrets and configmaps from the cache (#170) * Remove secrets and configmaps from the cache * Bump images --- charts/warden/values.yaml | 4 ++-- cmd/admission/main.go | 5 +++++ cmd/operator/main.go | 6 ++++++ 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/charts/warden/values.yaml b/charts/warden/values.yaml index 5d779dd4..b8e315e9 100644 --- a/charts/warden/values.yaml +++ b/charts/warden/values.yaml @@ -20,7 +20,7 @@ global: wardenPriorityClassName: warden-priority wardenPriorityClassValue: 2000000 operator: - image: europe-docker.pkg.dev/kyma-project/prod/warden/operator:v20231222-48a12c63 + image: europe-docker.pkg.dev/kyma-project/dev/warden/operator:PR-170 resources: requests: cpu: 10m @@ -30,7 +30,7 @@ global: memory: 160Mi admission: - image: europe-docker.pkg.dev/kyma-project/prod/warden/admission:v20231222-48a12c63 + image: europe-docker.pkg.dev/kyma-project/dev/warden/admission:PR-170 resources: requests: cpu: 10m diff --git a/cmd/admission/main.go b/cmd/admission/main.go index dc746a8f..ac31a569 100644 --- a/cmd/admission/main.go +++ b/cmd/admission/main.go @@ -21,6 +21,7 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" ctrl "sigs.k8s.io/controller-runtime" + ctrlclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/manager" ctrlwebhook "sigs.k8s.io/controller-runtime/pkg/webhook" ) @@ -108,6 +109,10 @@ func main() { Port: appConfig.Admission.Port, MetricsBindAddress: ":9090", Logger: logrZap, + ClientDisableCacheFor: []ctrlclient.Object{ + &corev1.Secret{}, + &corev1.ConfigMap{}, + }, }) if err != nil { logger.Error("failed to start manager", err.Error()) diff --git a/cmd/operator/main.go b/cmd/operator/main.go index c24a8927..c6d8da45 100644 --- a/cmd/operator/main.go +++ b/cmd/operator/main.go @@ -33,10 +33,12 @@ import ( "go.uber.org/zap" "go.uber.org/zap/zapcore" + corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" ctrl "sigs.k8s.io/controller-runtime" + ctrlclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/healthz" zapk8s "sigs.k8s.io/controller-runtime/pkg/log/zap" //+kubebuilder:scaffold:imports @@ -97,6 +99,10 @@ func main() { LeaderElection: appConfig.Operator.LeaderElect, LeaderElectionID: "c3790980.warden.kyma-project.io", Logger: logrZap, + ClientDisableCacheFor: []ctrlclient.Object{ + &corev1.Secret{}, + &corev1.ConfigMap{}, + }, // LeaderElectionReleaseOnCancel defines if the leader should step down voluntarily // when the Manager ends. This requires the binary to immediately end when the // Manager is stopped, otherwise, this setting is unsafe. Setting this significantly