From 1ee53f143d919279f0c268aacca56c13ca7b6f33 Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 16:34:41 +0200 Subject: [PATCH 1/7] label on configmap update --- internal/pkg/teleport/configmap.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/internal/pkg/teleport/configmap.go b/internal/pkg/teleport/configmap.go index 79551c58..d6ee5ef1 100644 --- a/internal/pkg/teleport/configmap.go +++ b/internal/pkg/teleport/configmap.go @@ -104,6 +104,15 @@ func (t *Teleport) UpdateConfigMap(ctx context.Context, log logr.Logger, ctrlCli // Update the ConfigMap's data with the modified value configMap.Data["values"] = string(updatedValuesYaml) + + // Ensure the Labels map is initialized + if configMap.Labels == nil { + configMap.Labels = make(map[string]string) + } + + // Add the specific label + configMap.Labels["app-operator.giantswarm.io/watching"] = "false" + if err := ctrlClient.Update(ctx, configMap); err != nil { return microerror.Mask(fmt.Errorf("failed to update ConfigMap: %w", err)) } From 5ba0c337f3db1724f610db112827a2547aac2c91 Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 16:37:34 +0200 Subject: [PATCH 2/7] test for configmap --- internal/pkg/teleport/configmap_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/internal/pkg/teleport/configmap_test.go b/internal/pkg/teleport/configmap_test.go index 97162c9e..8904a23a 100644 --- a/internal/pkg/teleport/configmap_test.go +++ b/internal/pkg/teleport/configmap_test.go @@ -221,6 +221,9 @@ func Test_ConfigMapCRUD(t *testing.T) { if err != nil { test.CheckConfigMap(t, tc.configMapToUpdate, actualConfigMap) } + if actualConfigMap.Labels["app-operator.giantswarm.io/watching"] != "false" { + t.Errorf("Expected label app-operator.giantswarm.io/watching=false, found %s", actualConfigMap.Labels["app-operator.giantswarm.io/watching"]) + } } } From 2ca9b0bcec56a4f6270d553c4c5543a230fcb632 Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 16:40:52 +0200 Subject: [PATCH 3/7] new nancyignore --- .nancy-ignore | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.nancy-ignore b/.nancy-ignore index 4d9e1f78..adf0d8ce 100644 --- a/.nancy-ignore +++ b/.nancy-ignore @@ -1,3 +1,3 @@ #pkg:golang/k8s.io/apiserver@v0.25.0 -CVE-2020-8561 until=2024-01-08 # k8s.io/apiserver@v0.25.0 -CVE-2023-47108 until=2024-01-18 # go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 +CVE-2020-8561 until=2024-04-08 # k8s.io/apiserver@v0.25.0 +CVE-2023-47108 until=2024-04-18 # go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 From 61cc44500c370507412357dca9e48b0f5dd7feec Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 16:44:46 +0200 Subject: [PATCH 4/7] more nancyignore --- .nancy-ignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.nancy-ignore b/.nancy-ignore index adf0d8ce..10004017 100644 --- a/.nancy-ignore +++ b/.nancy-ignore @@ -1,3 +1,4 @@ #pkg:golang/k8s.io/apiserver@v0.25.0 CVE-2020-8561 until=2024-04-08 # k8s.io/apiserver@v0.25.0 CVE-2023-47108 until=2024-04-18 # go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 +CVE-2024-24786 until=2024-04-18 # google.golang.org/protobuf@v1.30.0 \ No newline at end of file From 06d9e39e5334bc888a1a7325e971932816f991e1 Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 17:42:37 +0200 Subject: [PATCH 5/7] CHANGELOG --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4afbb605..b1556abf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added +- Added the label `app-operator.giantswarm.io/watching` to `"false"` on `configmap` created by the operator to avoid the unstopable reconciliation of the resource. + ## [0.8.4] - 2024-01-04 ### Changed From 253cce158e4fbb0585ba4074d04b65cb5d677590 Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 18:25:17 +0200 Subject: [PATCH 6/7] label on configmap creation --- internal/pkg/teleport/configmap.go | 3 +++ internal/pkg/test/resources.go | 3 +++ 2 files changed, 6 insertions(+) diff --git a/internal/pkg/teleport/configmap.go b/internal/pkg/teleport/configmap.go index d6ee5ef1..75305847 100644 --- a/internal/pkg/teleport/configmap.go +++ b/internal/pkg/teleport/configmap.go @@ -65,6 +65,9 @@ func (t *Teleport) CreateConfigMap(ctx context.Context, log logr.Logger, ctrlCli ObjectMeta: metav1.ObjectMeta{ Name: configMapName, Namespace: clusterNamespace, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, Data: configMapData, } diff --git a/internal/pkg/test/resources.go b/internal/pkg/test/resources.go index cbdc593b..9ff2735a 100644 --- a/internal/pkg/test/resources.go +++ b/internal/pkg/test/resources.go @@ -86,6 +86,9 @@ func NewConfigMap(clusterName, appName, namespaceName, tokenName string) *corev1 ObjectMeta: metav1.ObjectMeta{ Name: key.GetConfigmapName(clusterName, appName), Namespace: namespaceName, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, Data: map[string]string{ "values": fmt.Sprintf(ConfigMapValuesFormat, tokenName, ProxyAddr, registerName, TeleportVersion), From 6f5a7ee26fd5bce688c8591dd7ca9cc8ddc0b9a9 Mon Sep 17 00:00:00 2001 From: Spyros Synodinos Date: Wed, 20 Mar 2024 18:41:59 +0200 Subject: [PATCH 7/7] secret too --- internal/pkg/teleport/secret.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/internal/pkg/teleport/secret.go b/internal/pkg/teleport/secret.go index fe5d9094..748bcc83 100644 --- a/internal/pkg/teleport/secret.go +++ b/internal/pkg/teleport/secret.go @@ -52,6 +52,9 @@ func (t *Teleport) CreateSecret(ctx context.Context, log logr.Logger, ctrlClient ObjectMeta: metav1.ObjectMeta{ Name: secretName, Namespace: clusterNamespace, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, StringData: map[string]string{ "joinToken": token, @@ -70,6 +73,9 @@ func (t *Teleport) UpdateSecret(ctx context.Context, log logr.Logger, ctrlClient ObjectMeta: metav1.ObjectMeta{ Name: secretName, Namespace: clusterNamespace, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, StringData: map[string]string{ "joinToken": token,