2022-11-25 15:29:45 +05:30
|
|
|
package cleanup
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"github.com/go-logr/logr"
|
2023-09-26 13:02:17 +03:00
|
|
|
kyvernov1 "github.com/kyverno/kyverno/api/kyverno/v1"
|
2024-06-20 11:44:43 +02:00
|
|
|
kyvernov2 "github.com/kyverno/kyverno/api/kyverno/v2"
|
2023-09-26 13:02:17 +03:00
|
|
|
"github.com/kyverno/kyverno/pkg/client/clientset/versioned"
|
2024-06-26 10:48:32 +02:00
|
|
|
kyvernov2informers "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v2"
|
|
|
|
|
kyvernov2listers "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v2"
|
2023-09-26 13:02:17 +03:00
|
|
|
"github.com/kyverno/kyverno/pkg/clients/dclient"
|
2022-11-25 15:29:45 +05:30
|
|
|
"github.com/kyverno/kyverno/pkg/config"
|
2022-11-30 12:13:57 +01:00
|
|
|
"github.com/kyverno/kyverno/pkg/controllers"
|
2023-09-26 13:02:17 +03:00
|
|
|
engineapi "github.com/kyverno/kyverno/pkg/engine/api"
|
|
|
|
|
enginecontext "github.com/kyverno/kyverno/pkg/engine/context"
|
2024-02-23 12:34:04 +02:00
|
|
|
"github.com/kyverno/kyverno/pkg/engine/context/loaders"
|
2023-09-26 13:02:17 +03:00
|
|
|
"github.com/kyverno/kyverno/pkg/engine/factories"
|
|
|
|
|
"github.com/kyverno/kyverno/pkg/engine/jmespath"
|
|
|
|
|
"github.com/kyverno/kyverno/pkg/event"
|
|
|
|
|
"github.com/kyverno/kyverno/pkg/logging"
|
|
|
|
|
"github.com/kyverno/kyverno/pkg/metrics"
|
2024-01-30 09:08:30 +02:00
|
|
|
"github.com/kyverno/kyverno/pkg/toggle"
|
2023-10-24 16:15:52 +05:30
|
|
|
"github.com/kyverno/kyverno/pkg/utils/conditions"
|
2022-11-25 15:29:45 +05:30
|
|
|
controllerutils "github.com/kyverno/kyverno/pkg/utils/controller"
|
2023-09-26 13:02:17 +03:00
|
|
|
"github.com/kyverno/kyverno/pkg/utils/match"
|
|
|
|
|
"go.opentelemetry.io/otel"
|
|
|
|
|
"go.opentelemetry.io/otel/attribute"
|
|
|
|
|
"go.opentelemetry.io/otel/metric"
|
|
|
|
|
"go.uber.org/multierr"
|
2022-11-25 15:29:45 +05:30
|
|
|
apierrors "k8s.io/apimachinery/pkg/api/errors"
|
|
|
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
2023-09-26 13:02:17 +03:00
|
|
|
"k8s.io/apimachinery/pkg/util/sets"
|
|
|
|
|
corev1listers "k8s.io/client-go/listers/core/v1"
|
2022-11-25 15:29:45 +05:30
|
|
|
"k8s.io/client-go/util/workqueue"
|
|
|
|
|
)
|
|
|
|
|
|
2022-11-30 12:13:57 +01:00
|
|
|
type controller struct {
|
2022-11-25 15:29:45 +05:30
|
|
|
// clients
|
2023-09-26 13:02:17 +03:00
|
|
|
client dclient.Interface
|
|
|
|
|
kyvernoClient versioned.Interface
|
2022-11-25 15:29:45 +05:30
|
|
|
|
|
|
|
|
// listers
|
2024-06-26 10:48:32 +02:00
|
|
|
cpolLister kyvernov2listers.ClusterCleanupPolicyLister
|
|
|
|
|
polLister kyvernov2listers.CleanupPolicyLister
|
2023-09-26 13:02:17 +03:00
|
|
|
nsLister corev1listers.NamespaceLister
|
2022-11-25 15:29:45 +05:30
|
|
|
|
|
|
|
|
// queue
|
2024-08-28 19:09:58 +02:00
|
|
|
queue workqueue.TypedRateLimitingInterface[any]
|
2024-06-26 10:48:32 +02:00
|
|
|
enqueue controllerutils.EnqueueFuncT[kyvernov2.CleanupPolicyInterface]
|
2022-12-07 11:30:47 +01:00
|
|
|
|
|
|
|
|
// config
|
2023-09-26 13:02:17 +03:00
|
|
|
configuration config.Configuration
|
|
|
|
|
cmResolver engineapi.ConfigmapResolver
|
|
|
|
|
eventGen event.Interface
|
|
|
|
|
jp jmespath.Interface
|
|
|
|
|
metrics cleanupMetrics
|
2024-02-23 12:34:04 +02:00
|
|
|
gctxStore loaders.Store
|
2023-09-26 13:02:17 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type cleanupMetrics struct {
|
|
|
|
|
deletedObjectsTotal metric.Int64Counter
|
|
|
|
|
cleanupFailuresTotal metric.Int64Counter
|
2022-11-25 15:29:45 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
maxRetries = 10
|
|
|
|
|
Workers = 3
|
|
|
|
|
ControllerName = "cleanup-controller"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func NewController(
|
2023-09-26 13:02:17 +03:00
|
|
|
client dclient.Interface,
|
|
|
|
|
kyvernoClient versioned.Interface,
|
2024-06-26 10:48:32 +02:00
|
|
|
cpolInformer kyvernov2informers.ClusterCleanupPolicyInformer,
|
|
|
|
|
polInformer kyvernov2informers.CleanupPolicyInformer,
|
2023-09-26 13:02:17 +03:00
|
|
|
nsLister corev1listers.NamespaceLister,
|
|
|
|
|
configuration config.Configuration,
|
|
|
|
|
cmResolver engineapi.ConfigmapResolver,
|
|
|
|
|
jp jmespath.Interface,
|
|
|
|
|
eventGen event.Interface,
|
2024-02-23 12:34:04 +02:00
|
|
|
gctxStore loaders.Store,
|
2022-11-30 12:13:57 +01:00
|
|
|
) controllers.Controller {
|
2024-11-04 21:48:58 +08:00
|
|
|
queue := workqueue.NewTypedRateLimitingQueueWithConfig(
|
|
|
|
|
workqueue.DefaultTypedControllerRateLimiter[any](),
|
|
|
|
|
workqueue.TypedRateLimitingQueueConfig[any]{Name: ControllerName},
|
|
|
|
|
)
|
2024-06-26 10:48:32 +02:00
|
|
|
keyFunc := controllerutils.MetaNamespaceKeyT[kyvernov2.CleanupPolicyInterface]
|
2023-01-13 22:27:02 +08:00
|
|
|
baseEnqueueFunc := controllerutils.LogError(logger, controllerutils.Parse(keyFunc, controllerutils.Queue(queue)))
|
2024-06-26 10:48:32 +02:00
|
|
|
enqueueFunc := func(logger logr.Logger, operation, kind string) controllerutils.EnqueueFuncT[kyvernov2.CleanupPolicyInterface] {
|
2023-01-13 22:27:02 +08:00
|
|
|
logger = logger.WithValues("kind", kind, "operation", operation)
|
2024-06-26 10:48:32 +02:00
|
|
|
return func(obj kyvernov2.CleanupPolicyInterface) error {
|
2024-07-03 00:32:51 +08:00
|
|
|
logger := logger.WithValues("name", obj.GetName())
|
2023-01-13 22:27:02 +08:00
|
|
|
if obj.GetNamespace() != "" {
|
|
|
|
|
logger = logger.WithValues("namespace", obj.GetNamespace())
|
|
|
|
|
}
|
2025-02-13 20:32:02 +05:30
|
|
|
logger.V(2).Info(operation)
|
2023-01-13 22:27:02 +08:00
|
|
|
if err := baseEnqueueFunc(obj); err != nil {
|
|
|
|
|
logger.Error(err, "failed to enqueue object", "obj", obj)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-11-30 12:13:57 +01:00
|
|
|
c := &controller{
|
2023-09-26 13:02:17 +03:00
|
|
|
client: client,
|
|
|
|
|
kyvernoClient: kyvernoClient,
|
|
|
|
|
cpolLister: cpolInformer.Lister(),
|
|
|
|
|
polLister: polInformer.Lister(),
|
|
|
|
|
nsLister: nsLister,
|
|
|
|
|
queue: queue,
|
|
|
|
|
enqueue: baseEnqueueFunc,
|
|
|
|
|
configuration: configuration,
|
|
|
|
|
cmResolver: cmResolver,
|
|
|
|
|
eventGen: eventGen,
|
|
|
|
|
metrics: newCleanupMetrics(logger),
|
|
|
|
|
jp: jp,
|
2024-02-23 12:34:04 +02:00
|
|
|
gctxStore: gctxStore,
|
2022-11-25 15:29:45 +05:30
|
|
|
}
|
2023-08-31 22:08:29 +02:00
|
|
|
if _, err := controllerutils.AddEventHandlersT(
|
2023-01-13 22:27:02 +08:00
|
|
|
cpolInformer.Informer(),
|
|
|
|
|
controllerutils.AddFuncT(logger, enqueueFunc(logger, "added", "ClusterCleanupPolicy")),
|
|
|
|
|
controllerutils.UpdateFuncT(logger, enqueueFunc(logger, "updated", "ClusterCleanupPolicy")),
|
|
|
|
|
controllerutils.DeleteFuncT(logger, enqueueFunc(logger, "deleted", "ClusterCleanupPolicy")),
|
2023-08-31 22:08:29 +02:00
|
|
|
); err != nil {
|
2023-09-14 16:52:24 +03:00
|
|
|
logger.Error(err, "failed to register event handlers")
|
2023-08-31 22:08:29 +02:00
|
|
|
}
|
|
|
|
|
if _, err := controllerutils.AddEventHandlersT(
|
2023-01-13 22:27:02 +08:00
|
|
|
polInformer.Informer(),
|
|
|
|
|
controllerutils.AddFuncT(logger, enqueueFunc(logger, "added", "CleanupPolicy")),
|
|
|
|
|
controllerutils.UpdateFuncT(logger, enqueueFunc(logger, "updated", "CleanupPolicy")),
|
|
|
|
|
controllerutils.DeleteFuncT(logger, enqueueFunc(logger, "deleted", "CleanupPolicy")),
|
2023-08-31 22:08:29 +02:00
|
|
|
); err != nil {
|
2023-09-14 16:52:24 +03:00
|
|
|
logger.Error(err, "failed to register event handlers")
|
2023-08-31 22:08:29 +02:00
|
|
|
}
|
2022-11-25 15:29:45 +05:30
|
|
|
return c
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-26 13:02:17 +03:00
|
|
|
func newCleanupMetrics(logger logr.Logger) cleanupMetrics {
|
|
|
|
|
meter := otel.GetMeterProvider().Meter(metrics.MeterName)
|
|
|
|
|
deletedObjectsTotal, err := meter.Int64Counter(
|
|
|
|
|
"kyverno_cleanup_controller_deletedobjects",
|
|
|
|
|
metric.WithDescription("can be used to track number of deleted objects."),
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Error(err, "Failed to create instrument, cleanup_controller_deletedobjects_total")
|
|
|
|
|
}
|
|
|
|
|
cleanupFailuresTotal, err := meter.Int64Counter(
|
|
|
|
|
"kyverno_cleanup_controller_errors",
|
|
|
|
|
metric.WithDescription("can be used to track number of cleanup failures."),
|
|
|
|
|
)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Error(err, "Failed to create instrument, cleanup_controller_errors_total")
|
|
|
|
|
}
|
|
|
|
|
return cleanupMetrics{
|
|
|
|
|
deletedObjectsTotal: deletedObjectsTotal,
|
|
|
|
|
cleanupFailuresTotal: cleanupFailuresTotal,
|
|
|
|
|
}
|
2022-11-25 15:29:45 +05:30
|
|
|
}
|
|
|
|
|
|
2023-09-26 13:02:17 +03:00
|
|
|
func (c *controller) Run(ctx context.Context, workers int) {
|
|
|
|
|
controllerutils.Run(ctx, logger.V(3), ControllerName, time.Second, c.queue, workers, maxRetries, c.reconcile)
|
2022-11-30 17:23:12 +01:00
|
|
|
}
|
|
|
|
|
|
2024-06-26 10:48:32 +02:00
|
|
|
func (c *controller) getPolicy(namespace, name string) (kyvernov2.CleanupPolicyInterface, error) {
|
2022-11-25 15:29:45 +05:30
|
|
|
if namespace == "" {
|
|
|
|
|
cpolicy, err := c.cpolLister.Get(name)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return cpolicy, nil
|
|
|
|
|
} else {
|
|
|
|
|
policy, err := c.polLister.CleanupPolicies(namespace).Get(name)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return policy, nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-26 10:48:32 +02:00
|
|
|
func (c *controller) cleanup(ctx context.Context, logger logr.Logger, policy kyvernov2.CleanupPolicyInterface) error {
|
2023-09-26 13:02:17 +03:00
|
|
|
spec := policy.GetSpec()
|
|
|
|
|
kinds := sets.New(spec.MatchResources.GetKinds()...)
|
|
|
|
|
debug := logger.V(4)
|
|
|
|
|
var errs []error
|
2024-10-22 16:34:01 +05:30
|
|
|
deleteOptions := metav1.DeleteOptions{
|
|
|
|
|
PropagationPolicy: spec.DeletionPropagationPolicy,
|
|
|
|
|
}
|
2023-09-26 13:02:17 +03:00
|
|
|
enginectx := enginecontext.NewContext(c.jp)
|
2024-02-23 12:34:04 +02:00
|
|
|
ctxFactory := factories.DefaultContextLoaderFactory(c.cmResolver, factories.WithGlobalContextStore(c.gctxStore))
|
2023-09-26 13:02:17 +03:00
|
|
|
loader := ctxFactory(nil, kyvernov1.Rule{})
|
|
|
|
|
if err := loader.Load(
|
|
|
|
|
ctx,
|
|
|
|
|
c.jp,
|
|
|
|
|
c.client,
|
|
|
|
|
nil,
|
|
|
|
|
spec.Context,
|
|
|
|
|
enginectx,
|
|
|
|
|
); err != nil {
|
2022-12-07 11:30:47 +01:00
|
|
|
return err
|
|
|
|
|
}
|
2023-09-26 13:02:17 +03:00
|
|
|
for kind := range kinds {
|
|
|
|
|
commonLabels := []attribute.KeyValue{
|
|
|
|
|
attribute.String("policy_type", policy.GetKind()),
|
|
|
|
|
attribute.String("policy_namespace", policy.GetNamespace()),
|
|
|
|
|
attribute.String("policy_name", policy.GetName()),
|
|
|
|
|
attribute.String("resource_kind", kind),
|
|
|
|
|
}
|
|
|
|
|
debug := debug.WithValues("kind", kind)
|
|
|
|
|
debug.Info("processing...")
|
|
|
|
|
list, err := c.client.ListResource(ctx, "", kind, policy.GetNamespace(), nil)
|
|
|
|
|
if err != nil {
|
|
|
|
|
debug.Error(err, "failed to list resources")
|
|
|
|
|
errs = append(errs, err)
|
|
|
|
|
if c.metrics.cleanupFailuresTotal != nil {
|
|
|
|
|
c.metrics.cleanupFailuresTotal.Add(ctx, 1, metric.WithAttributes(commonLabels...))
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
for i := range list.Items {
|
|
|
|
|
resource := list.Items[i]
|
|
|
|
|
namespace := resource.GetNamespace()
|
|
|
|
|
name := resource.GetName()
|
|
|
|
|
debug := debug.WithValues("name", name, "namespace", namespace)
|
2024-01-30 09:08:30 +02:00
|
|
|
// check if the resource is owned by Kyverno
|
|
|
|
|
if controllerutils.IsManagedByKyverno(&resource) && toggle.FromContext(ctx).ProtectManagedResources() {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var nsLabels map[string]string
|
|
|
|
|
if namespace != "" {
|
|
|
|
|
ns, err := c.nsLister.Get(namespace)
|
|
|
|
|
if err != nil {
|
|
|
|
|
debug.Error(err, "failed to get namespace labels")
|
|
|
|
|
errs = append(errs, err)
|
2023-09-26 13:02:17 +03:00
|
|
|
}
|
2024-01-30 09:08:30 +02:00
|
|
|
nsLabels = ns.GetLabels()
|
|
|
|
|
}
|
|
|
|
|
// match namespaces
|
|
|
|
|
if err := match.CheckNamespace(policy.GetNamespace(), resource); err != nil {
|
|
|
|
|
debug.Info("resource namespace didn't match policy namespace", "result", err)
|
|
|
|
|
}
|
|
|
|
|
// match resource with match/exclude clause
|
|
|
|
|
matched := match.CheckMatchesResources(
|
|
|
|
|
resource,
|
|
|
|
|
spec.MatchResources,
|
|
|
|
|
nsLabels,
|
|
|
|
|
// TODO(eddycharly): we don't have user info here, we should check that
|
|
|
|
|
// we don't have user conditions in the policy rule
|
2024-06-20 11:44:43 +02:00
|
|
|
kyvernov2.RequestInfo{},
|
2024-01-30 09:08:30 +02:00
|
|
|
resource.GroupVersionKind(),
|
|
|
|
|
"",
|
|
|
|
|
)
|
|
|
|
|
if matched != nil {
|
|
|
|
|
debug.Info("resource/match didn't match", "result", matched)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if spec.ExcludeResources != nil {
|
|
|
|
|
excluded := match.CheckMatchesResources(
|
2023-09-26 13:02:17 +03:00
|
|
|
resource,
|
2024-01-30 09:08:30 +02:00
|
|
|
*spec.ExcludeResources,
|
2023-09-26 13:02:17 +03:00
|
|
|
nsLabels,
|
|
|
|
|
// TODO(eddycharly): we don't have user info here, we should check that
|
|
|
|
|
// we don't have user conditions in the policy rule
|
2024-06-20 11:44:43 +02:00
|
|
|
kyvernov2.RequestInfo{},
|
2023-09-26 13:02:17 +03:00
|
|
|
resource.GroupVersionKind(),
|
|
|
|
|
"",
|
|
|
|
|
)
|
2024-01-30 09:08:30 +02:00
|
|
|
if excluded == nil {
|
|
|
|
|
debug.Info("resource/exclude matched")
|
|
|
|
|
continue
|
|
|
|
|
} else {
|
|
|
|
|
debug.Info("resource/exclude didn't match", "result", excluded)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// check conditions
|
|
|
|
|
if spec.Conditions != nil {
|
|
|
|
|
enginectx.Reset()
|
|
|
|
|
if err := enginectx.SetTargetResource(resource.Object); err != nil {
|
|
|
|
|
debug.Error(err, "failed to add resource in context")
|
|
|
|
|
errs = append(errs, err)
|
2023-09-26 13:02:17 +03:00
|
|
|
continue
|
|
|
|
|
}
|
2024-07-03 03:54:27 +08:00
|
|
|
if err := enginectx.AddNamespace(resource.GetNamespace()); err != nil {
|
|
|
|
|
debug.Error(err, "failed to add namespace in context")
|
2023-09-26 13:02:17 +03:00
|
|
|
errs = append(errs, err)
|
2024-01-30 09:08:30 +02:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if err := enginectx.AddImageInfos(&resource, c.configuration); err != nil {
|
|
|
|
|
debug.Error(err, "failed to add image infos in context")
|
|
|
|
|
errs = append(errs, err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
passed, err := conditions.CheckAnyAllConditions(logger, enginectx, *spec.Conditions)
|
|
|
|
|
if err != nil {
|
|
|
|
|
debug.Error(err, "failed to check condition")
|
|
|
|
|
errs = append(errs, err)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
if !passed {
|
|
|
|
|
debug.Info("conditions did not pass")
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
var labels []attribute.KeyValue
|
|
|
|
|
labels = append(labels, commonLabels...)
|
|
|
|
|
labels = append(labels, attribute.String("resource_namespace", namespace))
|
2024-10-22 16:34:01 +05:30
|
|
|
if deleteOptions.PropagationPolicy != nil {
|
|
|
|
|
labels = append(labels, attribute.String("deletion_policy", string(*deleteOptions.PropagationPolicy)))
|
|
|
|
|
}
|
2024-01-30 09:08:30 +02:00
|
|
|
logger.WithValues("name", name, "namespace", namespace).Info("resource matched, it will be deleted...")
|
2024-11-25 11:48:58 +01:00
|
|
|
if err := c.client.DeleteResource(ctx, resource.GetAPIVersion(), resource.GetKind(), namespace, name, false, deleteOptions); err != nil {
|
2024-01-30 09:08:30 +02:00
|
|
|
if c.metrics.cleanupFailuresTotal != nil {
|
|
|
|
|
c.metrics.cleanupFailuresTotal.Add(ctx, 1, metric.WithAttributes(labels...))
|
|
|
|
|
}
|
|
|
|
|
debug.Error(err, "failed to delete resource")
|
|
|
|
|
errs = append(errs, err)
|
|
|
|
|
e := event.NewCleanupPolicyEvent(policy, resource, err)
|
|
|
|
|
c.eventGen.Add(e)
|
|
|
|
|
} else {
|
|
|
|
|
if c.metrics.deletedObjectsTotal != nil {
|
|
|
|
|
c.metrics.deletedObjectsTotal.Add(ctx, 1, metric.WithAttributes(labels...))
|
2023-09-26 13:02:17 +03:00
|
|
|
}
|
2024-10-22 16:34:01 +05:30
|
|
|
debug.Info("resource deleted")
|
2024-01-30 09:08:30 +02:00
|
|
|
e := event.NewCleanupPolicyEvent(policy, resource, nil)
|
|
|
|
|
c.eventGen.Add(e)
|
2023-09-26 13:02:17 +03:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-12-07 11:30:47 +01:00
|
|
|
}
|
2023-09-26 13:02:17 +03:00
|
|
|
return multierr.Combine(errs...)
|
2022-12-07 11:30:47 +01:00
|
|
|
}
|
|
|
|
|
|
2022-11-30 12:13:57 +01:00
|
|
|
func (c *controller) reconcile(ctx context.Context, logger logr.Logger, key, namespace, name string) error {
|
2022-11-25 15:29:45 +05:30
|
|
|
policy, err := c.getPolicy(namespace, name)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if apierrors.IsNotFound(err) {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
logger.Error(err, "unable to get the policy from policy informer")
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-09-27 09:55:25 +03:00
|
|
|
|
|
|
|
|
var nextExecutionTime *time.Time
|
|
|
|
|
executionTime, err := policy.GetExecutionTime()
|
2022-12-07 11:30:47 +01:00
|
|
|
if err != nil {
|
2023-09-27 09:55:25 +03:00
|
|
|
logger.Error(err, "failed to get the policy execution time")
|
2023-09-26 13:02:17 +03:00
|
|
|
return err
|
2022-12-07 11:30:47 +01:00
|
|
|
}
|
2023-09-27 09:55:25 +03:00
|
|
|
// In case it is the time to do the cleanup process
|
|
|
|
|
if time.Now().After(*executionTime) {
|
|
|
|
|
err := c.cleanup(ctx, logger, policy)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
2023-09-26 13:02:17 +03:00
|
|
|
}
|
2023-10-18 16:22:42 +03:00
|
|
|
if err := c.updateCleanupPolicyStatus(ctx, policy, namespace, *executionTime); err != nil {
|
|
|
|
|
logger.Error(err, "failed to update the cleanup policy status")
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-09-27 09:55:25 +03:00
|
|
|
nextExecutionTime, err = policy.GetNextExecutionTime(*executionTime)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logger.Error(err, "failed to get the policy next execution time")
|
|
|
|
|
return err
|
2022-12-07 11:30:47 +01:00
|
|
|
}
|
2022-11-25 15:29:45 +05:30
|
|
|
} else {
|
2023-09-27 09:55:25 +03:00
|
|
|
nextExecutionTime = executionTime
|
2023-09-26 13:02:17 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// calculate the remaining time until deletion.
|
2023-09-27 09:55:25 +03:00
|
|
|
timeRemaining := time.Until(*nextExecutionTime)
|
2023-09-26 13:02:17 +03:00
|
|
|
// add the item back to the queue after the remaining time.
|
|
|
|
|
c.queue.AddAfter(key, timeRemaining)
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2024-06-26 10:48:32 +02:00
|
|
|
func (c *controller) updateCleanupPolicyStatus(ctx context.Context, policy kyvernov2.CleanupPolicyInterface, namespace string, time time.Time) error {
|
2023-09-26 13:02:17 +03:00
|
|
|
switch obj := policy.(type) {
|
2024-06-26 10:48:32 +02:00
|
|
|
case *kyvernov2.ClusterCleanupPolicy:
|
2023-09-26 13:02:17 +03:00
|
|
|
latest := obj.DeepCopy()
|
2023-10-18 16:22:42 +03:00
|
|
|
latest.Status.LastExecutionTime = metav1.NewTime(time)
|
2023-09-26 13:02:17 +03:00
|
|
|
|
2024-06-26 10:48:32 +02:00
|
|
|
new, err := c.kyvernoClient.KyvernoV2().ClusterCleanupPolicies().UpdateStatus(ctx, latest, metav1.UpdateOptions{})
|
2023-10-18 16:22:42 +03:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-09-26 13:02:17 +03:00
|
|
|
logging.V(3).Info("updated cluster cleanup policy status", "name", policy.GetName(), "status", new.Status)
|
2024-06-26 10:48:32 +02:00
|
|
|
case *kyvernov2.CleanupPolicy:
|
2023-09-26 13:02:17 +03:00
|
|
|
latest := obj.DeepCopy()
|
2023-10-18 16:22:42 +03:00
|
|
|
latest.Status.LastExecutionTime = metav1.NewTime(time)
|
2023-09-26 13:02:17 +03:00
|
|
|
|
2024-06-26 10:48:32 +02:00
|
|
|
new, err := c.kyvernoClient.KyvernoV2().CleanupPolicies(namespace).UpdateStatus(ctx, latest, metav1.UpdateOptions{})
|
2023-10-18 16:22:42 +03:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2023-09-26 13:02:17 +03:00
|
|
|
logging.V(3).Info("updated cleanup policy status", "name", policy.GetName(), "namespace", policy.GetNamespace(), "status", new.Status)
|
2022-11-25 15:29:45 +05:30
|
|
|
}
|
2023-10-18 16:22:42 +03:00
|
|
|
return nil
|
2022-11-25 15:29:45 +05:30
|
|
|
}
|
