Updates issuer and cluster issuer controllers to optionally user server

side apply Signed-off-by: joshvanl <vleeuwenjoshua@gmail.com>
2022-01-27 18:53:14 +00:00 · 2022-01-27 18:53:14 +00:00 · 085b2bf34b
commit 085b2bf34b
parent 5c37326e36
11 changed files with 45 additions and 14 deletions
--- a/internal/controller/issuers/BUILD.bazel
+++ b/internal/controller/issuers/BUILD.bazel
@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
 go_library(
    name = "go_default_library",
    srcs = ["apply.go"],
-    importpath = "github.com/jetstack/cert-manager/internal/controller/issuers",
+    importpath = "github.com/cert-manager/cert-manager/internal/controller/issuers",
    visibility = ["//:__subpackages__"],
    deps = [
        "//pkg/apis/certmanager/v1:go_default_library",
--- a/internal/controller/issuers/apply.go
+++ b/internal/controller/issuers/apply.go
@ -21,12 +21,12 @@ import (
 	"encoding/json"
 	"fmt"

-	cmclient "github.com/jetstack/cert-manager/pkg/client/clientset/versioned"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	apitypes "k8s.io/apimachinery/pkg/types"
 	"k8s.io/utils/pointer"

-	cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
+	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
+	cmclient "github.com/cert-manager/cert-manager/pkg/client/clientset/versioned"
 )

 // ApplyIssuerStatus will make an Apply API call with the given client to the
--- a/internal/controller/issuers/apply_test.go
+++ b/internal/controller/issuers/apply_test.go
@ -24,7 +24,7 @@ import (
 	fuzz "github.com/google/gofuzz"
 	"github.com/stretchr/testify/assert"

-	cmapi "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
+	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
 )

 func Test_serializeApplyIssuerStatus(t *testing.T) {
--- a/pkg/controller/clusterissuers/BUILD.bazel
+++ b/pkg/controller/clusterissuers/BUILD.bazel
@ -10,12 +10,15 @@ go_library(
    importpath = "github.com/cert-manager/cert-manager/pkg/controller/clusterissuers",
    visibility = ["//visibility:public"],
    deps = [
+        "//internal/controller/feature:go_default_library",
+        "//internal/controller/issuers:go_default_library",
        "//pkg/apis/certmanager/v1:go_default_library",
        "//pkg/client/clientset/versioned:go_default_library",
        "//pkg/client/listers/certmanager/v1:go_default_library",
        "//pkg/controller:go_default_library",
        "//pkg/issuer:go_default_library",
        "//pkg/logs:go_default_library",
+        "//pkg/util/feature:go_default_library",
        "@com_github_go_logr_logr//:go_default_library",
        "@io_k8s_api//core/v1:go_default_library",
        "@io_k8s_apimachinery//pkg/api/equality:go_default_library",
--- a/pkg/controller/clusterissuers/controller.go
+++ b/pkg/controller/clusterissuers/controller.go
@ -58,6 +58,9 @@ type controller struct {
 	// clusterResourceNamespace is the namespace used to store resources
 	// referenced by ClusterIssuer resources, e.g. acme account secrets
 	clusterResourceNamespace string
+
+	// fieldManager is the manager name used for the Apply operations.
+	fieldManager string
 }

 // Register registers and constructs the controller using the provided context.
@ -91,6 +94,7 @@ func (c *controller) Register(ctx *controllerpkg.Context) (workqueue.RateLimitin
 	// instantiate additional helpers used by this controller
 	c.issuerFactory = issuer.NewFactory(ctx)
 	c.cmClient = ctx.CMClient
+	c.fieldManager = ctx.FieldManager
 	c.recorder = ctx.Recorder
 	c.clusterResourceNamespace = ctx.IssuerOptions.ClusterResourceNamespace

--- a/pkg/controller/clusterissuers/sync.go
+++ b/pkg/controller/clusterissuers/sync.go
@ -25,8 +25,11 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/errors"

+	"github.com/cert-manager/cert-manager/internal/controller/feature"
+	internalissuers "github.com/cert-manager/cert-manager/internal/controller/issuers"
 	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
 	logf "github.com/cert-manager/cert-manager/pkg/logs"
+	utilfeature "github.com/cert-manager/cert-manager/pkg/util/feature"
 )

 const (
@ -44,7 +47,7 @@ func (c *controller) Sync(ctx context.Context, iss *cmapi.ClusterIssuer) (err er

 	issuerCopy := iss.DeepCopy()
 	defer func() {
-		if _, saveErr := c.updateIssuerStatus(ctx, iss, issuerCopy); saveErr != nil {
+		if saveErr := c.updateIssuerStatus(ctx, iss, issuerCopy); saveErr != nil {
 			err = errors.NewAggregate([]error{saveErr, err})
 		}
 	}()
@ -65,9 +68,14 @@ func (c *controller) Sync(ctx context.Context, iss *cmapi.ClusterIssuer) (err er
 	return nil
 }

-func (c *controller) updateIssuerStatus(ctx context.Context, old, new *cmapi.ClusterIssuer) (*cmapi.ClusterIssuer, error) {
+func (c *controller) updateIssuerStatus(ctx context.Context, old, new *cmapi.ClusterIssuer) error {
 	if apiequality.Semantic.DeepEqual(old.Status, new.Status) {
-		return nil, nil
+		return nil
+	}
+	if utilfeature.DefaultFeatureGate.Enabled(feature.ServerSideApply) {
+		return internalissuers.ApplyClusterIssuerStatus(ctx, c.cmClient, c.fieldManager, new)
+	} else {
+		_, err := c.cmClient.CertmanagerV1().ClusterIssuers().UpdateStatus(ctx, new, metav1.UpdateOptions{})
+		return err
 	}
-	return c.cmClient.CertmanagerV1().ClusterIssuers().UpdateStatus(ctx, new, metav1.UpdateOptions{})
 }
--- a/pkg/controller/clusterissuers/sync_test.go
+++ b/pkg/controller/clusterissuers/sync_test.go
@ -79,7 +79,7 @@ func TestUpdateIssuerStatus(t *testing.T) {

 	issuerCopy := issuer.DeepCopy()
 	issuerCopy.Status = newStatus
-	_, err = c.updateIssuerStatus(context.TODO(), issuer, issuerCopy)
+	err = c.updateIssuerStatus(context.TODO(), issuer, issuerCopy)
 	assertErrIsNil(t, fatalf, err)

 	actions := filter(fakeClient.Actions())
--- a/pkg/controller/issuers/BUILD.bazel
+++ b/pkg/controller/issuers/BUILD.bazel
@ -10,12 +10,15 @@ go_library(
    importpath = "github.com/cert-manager/cert-manager/pkg/controller/issuers",
    visibility = ["//visibility:public"],
    deps = [
+        "//internal/controller/feature:go_default_library",
+        "//internal/controller/issuers:go_default_library",
        "//pkg/apis/certmanager/v1:go_default_library",
        "//pkg/client/clientset/versioned:go_default_library",
        "//pkg/client/listers/certmanager/v1:go_default_library",
        "//pkg/controller:go_default_library",
        "//pkg/issuer:go_default_library",
        "//pkg/logs:go_default_library",
+        "//pkg/util/feature:go_default_library",
        "@com_github_go_logr_logr//:go_default_library",
        "@io_k8s_api//core/v1:go_default_library",
        "@io_k8s_apimachinery//pkg/api/equality:go_default_library",
--- a/pkg/controller/issuers/controller.go
+++ b/pkg/controller/issuers/controller.go
@ -54,6 +54,9 @@ type controller struct {
 	// issuerFactory is used to obtain a reference to the Issuer implementation
 	// for each ClusterIssuer resource
 	issuerFactory issuer.Factory
+
+	// fieldManager is the manager name used for the Apply operations.
+	fieldManager string
 }

 // Register registers and constructs the controller using the provided context.
@ -87,6 +90,7 @@ func (c *controller) Register(ctx *controllerpkg.Context) (workqueue.RateLimitin
 	// instantiate additional helpers used by this controller
 	c.issuerFactory = issuer.NewFactory(ctx)
 	c.cmClient = ctx.CMClient
+	c.fieldManager = ctx.FieldManager
 	c.recorder = ctx.Recorder

 	return c.queue, mustSync, nil
--- a/pkg/controller/issuers/sync.go
+++ b/pkg/controller/issuers/sync.go
@ -25,8 +25,11 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/errors"

+	"github.com/cert-manager/cert-manager/internal/controller/feature"
+	internalissuers "github.com/cert-manager/cert-manager/internal/controller/issuers"
 	cmapi "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1"
 	logf "github.com/cert-manager/cert-manager/pkg/logs"
+	utilfeature "github.com/cert-manager/cert-manager/pkg/util/feature"
 )

 const (
@ -44,7 +47,7 @@ func (c *controller) Sync(ctx context.Context, iss *cmapi.Issuer) (err error) {

 	issuerCopy := iss.DeepCopy()
 	defer func() {
-		if _, saveErr := c.updateIssuerStatus(ctx, iss, issuerCopy); saveErr != nil {
+		if saveErr := c.updateIssuerStatus(ctx, iss, issuerCopy); saveErr != nil {
 			err = errors.NewAggregate([]error{saveErr, err})
 		}
 	}()
@ -65,9 +68,15 @@ func (c *controller) Sync(ctx context.Context, iss *cmapi.Issuer) (err error) {
 	return nil
 }

-func (c *controller) updateIssuerStatus(ctx context.Context, old, new *cmapi.Issuer) (*cmapi.Issuer, error) {
+func (c *controller) updateIssuerStatus(ctx context.Context, old, new *cmapi.Issuer) error {
 	if apiequality.Semantic.DeepEqual(old.Status, new.Status) {
-		return nil, nil
+		return nil
+	}
+
+	if utilfeature.DefaultFeatureGate.Enabled(feature.ServerSideApply) {
+		return internalissuers.ApplyIssuerStatus(ctx, c.cmClient, c.fieldManager, new)
+	} else {
+		_, err := c.cmClient.CertmanagerV1().Issuers(new.Namespace).UpdateStatus(ctx, new, metav1.UpdateOptions{})
+		return err
 	}
-	return c.cmClient.CertmanagerV1().Issuers(new.Namespace).UpdateStatus(ctx, new, metav1.UpdateOptions{})
 }
--- a/pkg/controller/issuers/sync_test.go
+++ b/pkg/controller/issuers/sync_test.go
@ -80,7 +80,7 @@ func TestUpdateIssuerStatus(t *testing.T) {

 	issuerCopy := issuer.DeepCopy()
 	issuerCopy.Status = newStatus
-	_, err = c.updateIssuerStatus(context.TODO(), issuer, issuerCopy)
+	err = c.updateIssuerStatus(context.TODO(), issuer, issuerCopy)
 	assertErrIsNil(t, fatalf, err)

 	actions := filter(cmClient.Actions())