From bf0c470d4ab66d6299476b9707cdfc427ef86809 Mon Sep 17 00:00:00 2001 From: GregoireW <24318548+GregoireW@users.noreply.github.com> Date: Thu, 16 Dec 2021 21:32:00 +0100 Subject: [PATCH 1/6] RFC0005 - attributes in image automation Signed-off-by: GregoireW <24318548+GregoireW@users.noreply.github.com> --- .../README.md | 56 +++++++++++++++++++ 1 file changed, 56 insertions(+) create mode 100644 rfcs/0005-managed-attributes-image-automation/README.md diff --git a/rfcs/0005-managed-attributes-image-automation/README.md b/rfcs/0005-managed-attributes-image-automation/README.md new file mode 100644 index 00000000..bdabb4bd --- /dev/null +++ b/rfcs/0005-managed-attributes-image-automation/README.md @@ -0,0 +1,56 @@ +# RFC-0005 Managed attributes on Image Automation + +**Status:** provisional + +**Creation date:** 2021-12-16 + +**Last update:** 2021-12-16 + +## Summary + +Image automation controller can update some attributes of a kubernetes object. +Today this is limited to image name, image tag and image name+tag. +This RFC aims to extend this functionality to other attributes. + +## Motivation + +Some automation or observability tools can use label to identify better a +kubernetes object. It can be linked to a version, to a date, to a code +origin... For multiple reason, the image tag can reflect poorly this +data. An example can be given by the image reflector controller which +can extract a part of the tag and use it to sort and select the correct one. + +### Goals + +This RFC aims to describe a way to extract such additional value from the +image tag, and to use them to update some attributes on the kubernetes object. + +### Non-Goals + +This RFC will focus on image automation controller. It is a non goal to extend +this to manually modified kubernetes objects. + +## Proposal + +### User Stories + +As a user, I can update the filter pattern on the image policy object to +capture additional data. +Then, I can reference the name of the captured group in the comment of a +kubernetes object so that the attribute linked to this comment can be updated. + + +### Alternatives + +An alternative would be to build a mutation web hook which would be able to +filter all object and interact with them directly. It would be more generic +but heavier to build. +This raise the question on should this be included in flux or not. + +## Design Details + +Simple update on the image automation controller should be enough. + +## Implementation History + +_not implemented yet_ \ No newline at end of file From ea4a1a4a2ce7bf3dba7f2945bb5e6189caac0bf7 Mon Sep 17 00:00:00 2001 From: gregoireW <24318548+GregoireW@users.noreply.github.com> Date: Fri, 17 Dec 2021 10:01:32 +0100 Subject: [PATCH 2/6] Implementation hint Signed-off-by: gregoireW <24318548+GregoireW@users.noreply.github.com> --- .../README.md | 28 ++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/rfcs/0005-managed-attributes-image-automation/README.md b/rfcs/0005-managed-attributes-image-automation/README.md index bdabb4bd..f4273cf1 100644 --- a/rfcs/0005-managed-attributes-image-automation/README.md +++ b/rfcs/0005-managed-attributes-image-automation/README.md @@ -49,7 +49,33 @@ This raise the question on should this be included in flux or not. ## Design Details -Simple update on the image automation controller should be enough. +Simple update on the image automation controller should be enough. Today a +filter in the image policy is like: + +```yaml + extract: $ts + pattern: ^pr-(?P.*)-(?P\d*)-(?P.*)$ +``` + +It is possible to modify the image automation to take comment like: + +```yaml + # {"$imagepolicy": "{namespace}:{imagepolicy}:{attributes}" +``` + +with `attributes` a name of a capture group on the pattern. + +From previous pattern example, accepted attributes will be: + +- pr +- ts +- sha1 + +If a user try to use an attribute name like `tag` or `name` which is +already defined by flux core, then the original meaning will still be kept : + +- tag: the full tag string +- name: the image name ## Implementation History From 6d5f02a98430d2b26b36f2531743254e57274cb1 Mon Sep 17 00:00:00 2001 From: gregoireW <24318548+GregoireW@users.noreply.github.com> Date: Tue, 25 Jan 2022 17:43:57 +0100 Subject: [PATCH 3/6] Update rfcs/0005-managed-attributes-image-automation/README.md Co-authored-by: Aurel Canciu --- rfcs/0005-managed-attributes-image-automation/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rfcs/0005-managed-attributes-image-automation/README.md b/rfcs/0005-managed-attributes-image-automation/README.md index f4273cf1..240e2e7b 100644 --- a/rfcs/0005-managed-attributes-image-automation/README.md +++ b/rfcs/0005-managed-attributes-image-automation/README.md @@ -1,4 +1,4 @@ -# RFC-0005 Managed attributes on Image Automation +# RFC-0005 Extend supported list of image automation marker reference attributes **Status:** provisional From 200b4c3275ceab18e4c03579da10598af7f41072 Mon Sep 17 00:00:00 2001 From: GregoireW <24318548+GregoireW@users.noreply.github.com> Date: Tue, 25 Jan 2022 18:08:07 +0100 Subject: [PATCH 4/6] More detail for the RFC Signed-off-by: GregoireW <24318548+GregoireW@users.noreply.github.com> --- .../README.md | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/rfcs/0005-managed-attributes-image-automation/README.md b/rfcs/0005-managed-attributes-image-automation/README.md index 240e2e7b..f0a00f65 100644 --- a/rfcs/0005-managed-attributes-image-automation/README.md +++ b/rfcs/0005-managed-attributes-image-automation/README.md @@ -8,27 +8,29 @@ ## Summary -Image automation controller can update some attributes of a kubernetes object. -Today this is limited to image name, image tag and image name+tag. -This RFC aims to extend this functionality to other attributes. +Flux should allow referencing more metadata in the image automation Setters strategy. ## Motivation Some automation or observability tools can use label to identify better a -kubernetes object. It can be linked to a version, to a date, to a code +kubernetes object. It can be linked to a version, a date, a code origin... For multiple reason, the image tag can reflect poorly this data. An example can be given by the image reflector controller which can extract a part of the tag and use it to sort and select the correct one. ### Goals -This RFC aims to describe a way to extract such additional value from the -image tag, and to use them to update some attributes on the kubernetes object. +This RFC aims to describe + +- A way to extract such additional attributes from the image tag. +- Use those new attributes to update the kubernetes object. ### Non-Goals -This RFC will focus on image automation controller. It is a non goal to extend -this to manually modified kubernetes objects. +This RFC will focus on Image Automation Controller and Image Reflector Controller. + +It is a non goal to keep in sync the attributes if the kubernetes object is +updated manually. ## Proposal @@ -43,9 +45,13 @@ kubernetes object so that the attribute linked to this comment can be updated. ### Alternatives An alternative would be to build a mutation web hook which would be able to -filter all object and interact with them directly. It would be more generic -but heavier to build. -This raise the question on should this be included in flux or not. +filter all object and interact with them directly. + +It would be more generic, more customizable and safer (fix the manual update use case) +to create such mutation web hook, but will be heavier to build. +(new kubernetes object, new controller) + +This raise the question on should this feature to be included in flux or not. ## Design Details From 15ea533e421c36beccef3b88c9f73c6f27a20d4d Mon Sep 17 00:00:00 2001 From: GregoireW <24318548+GregoireW@users.noreply.github.com> Date: Tue, 25 Jan 2022 18:15:05 +0100 Subject: [PATCH 5/6] More detail for the RFC Signed-off-by: GregoireW <24318548+GregoireW@users.noreply.github.com> --- .../README.md | 21 ++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/rfcs/0005-managed-attributes-image-automation/README.md b/rfcs/0005-managed-attributes-image-automation/README.md index f0a00f65..55c094a8 100644 --- a/rfcs/0005-managed-attributes-image-automation/README.md +++ b/rfcs/0005-managed-attributes-image-automation/README.md @@ -55,15 +55,23 @@ This raise the question on should this feature to be included in flux or not. ## Design Details -Simple update on the image automation controller should be enough. Today a -filter in the image policy is like: +Two options are possible here: + +- Only modify the Image Automation Controller to make it read ImagePolicies spec +and compute attributes +- Modify the Image Reflector Controller, to extract the attributes, stores them +in the status and update the Image Automation Controller to use this new data storage. + +The second option seems to be preferable to separate concerns. + +A simple option would be to allow multiple capture group in the filter in the ImagePolicy: ```yaml extract: $ts pattern: ^pr-(?P.*)-(?P\d*)-(?P.*)$ ``` -It is possible to modify the image automation to take comment like: +And then to modify the Image Automation Controller to take comment like: ```yaml # {"$imagepolicy": "{namespace}:{imagepolicy}:{attributes}" @@ -77,8 +85,11 @@ From previous pattern example, accepted attributes will be: - ts - sha1 -If a user try to use an attribute name like `tag` or `name` which is -already defined by flux core, then the original meaning will still be kept : +If a user try to capture an attribute with a name like `tag` or `name` (already defined +by flux core), then the original value will be kept and a warning should show on the +Image Reflector Controller logs. + +As reminder, here is the definition for those default attributes: - tag: the full tag string - name: the image name From 72c9bb84aab6effbc0c24616befe720bc6accefb Mon Sep 17 00:00:00 2001 From: GregoireW <24318548+GregoireW@users.noreply.github.com> Date: Tue, 25 Jan 2022 18:18:11 +0100 Subject: [PATCH 6/6] More detail for the RFC Signed-off-by: GregoireW <24318548+GregoireW@users.noreply.github.com> --- rfcs/0005-managed-attributes-image-automation/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rfcs/0005-managed-attributes-image-automation/README.md b/rfcs/0005-managed-attributes-image-automation/README.md index 55c094a8..338bedbd 100644 --- a/rfcs/0005-managed-attributes-image-automation/README.md +++ b/rfcs/0005-managed-attributes-image-automation/README.md @@ -4,7 +4,7 @@ **Creation date:** 2021-12-16 -**Last update:** 2021-12-16 +**Last update:** 2022-01-25 ## Summary @@ -48,7 +48,7 @@ An alternative would be to build a mutation web hook which would be able to filter all object and interact with them directly. It would be more generic, more customizable and safer (fix the manual update use case) -to create such mutation web hook, but will be heavier to build. +to create such mutation web hook, but will be more complex to build. (new kubernetes object, new controller) This raise the question on should this feature to be included in flux or not.