kustomize-controller: Garbage collection conflicts with Stash controller
I’m using Stash to backup my kubernetes applications. Stash is a k8s operator. I manage the configuration of stash with a kustomization, which applies BackupConfigurations to the cluster. Stash will create a service account for those BackupConfigurations, therefore it copies the labels of the BackupConfiguration, which includes the kustomize.toolkit.fluxcd.io/checksum label.
Because the service account is not managed by flux and has the kustomize.toolkit.fluxcd.io/checksum label and pruning is activated, flux garbage collects the service account. As a result, the backups with stash do not work. This is probably a problem which must be fixed in stash, so I created an issue there https://github.com/stashed/stash/issues/1334.
However, the garbage collection behavior of flux is inconsistent. I have four BackupConfigurations each with its own service account, but flux only deletes two of them. The two remaining service accounts have the kustomize.toolkit.fluxcd.io/checksum label, but are not garbage collected by flux.
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 18 (7 by maintainers)
You’re applying the same thing twice and Flux will overwrite/delete all, please see how to organise your repos here: https://fluxcd.io/docs/guides/repository-structure/
PS. Move all things outside the clusters dir and create a Flux Kustomization inside clusters for each kustomize overlay.
We’re moving the checksum from labels to annotations in #362 but if Strimzi copies the annotations then it’s the same issue. Seems that for Stash is will work as it copies only labels from the custom resource to the generated objects.