Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OwnerReference on Mesh owned entities prevents policies to be deleted by Argo #9541

Closed
lahabana opened this issue Mar 8, 2024 · 1 comment · Fixed by #9794
Closed

OwnerReference on Mesh owned entities prevents policies to be deleted by Argo #9541

lahabana opened this issue Mar 8, 2024 · 1 comment · Fixed by #9794
Assignees
@lahabana
Labels
kind/bug A bug triage/accepted The issue was reviewed and is complete enough to start working on it
Milestone
2.7.x

Comments

@lahabana
Copy link
Contributor

lahabana commented Mar 8, 2024

Description

When using Argo to manage policies the policies do not get deleted. This is because we add an ownerReference with the name of the mesh.

This is done there:
https://github.com/kumahq/kuma/blob/master/pkg/plugins/runtime/k8s/webhooks/owner_reference_mutator.go

We need to figure if it's an argo bug or something else. Some pointers to related argo issues:

Potential fixes:

  • Replace ownerReferences with a finalizer but that's a complex workaround.
  • Provide a flag to not set ownerReferences

Also it feels like the mesh deletion may need to have a finalizer anyway because of DPP deletion.
Indeed, we currently check for dpp count in mesh_validator which means that in a webhook we call the api which is not ideal. It also makes things kubectl delete -f not working very well.
@lahabana lahabana added triage/pending This issue will be looked at on the next triage meeting kind/bug A bug labels Mar 8, 2024
@lahabana lahabana added this to the 2.7.x milestone Mar 8, 2024
@jakubdyszkiewicz jakubdyszkiewicz added triage/accepted The issue was reviewed and is complete enough to start working on it and removed triage/pending This issue will be looked at on the next triage meeting labels Mar 12, 2024
@lahabana
Copy link
Contributor Author

Let's add an option to control whether or not we add the ownerReference on policies

lahabana added a commit to lahabana/kuma that referenced this issue Apr 3, 2024
@lahabana
feat(kubernetes): add possibility to not add owner reference
85bfde3 
Introduce a new config flag to not add ownerReference to resources.

This is useful when using argoCD which will refuse deleting resources
if they have an ownerReference

Fix kumahq#9541

Signed-off-by: Charly Molter <charly.molter@konghq.com>
@lahabana lahabana mentioned this issue Apr 3, 2024
Merged
5 tasks
@lahabana lahabana self-assigned this Apr 3, 2024
lahabana added a commit that referenced this issue Apr 4, 2024
@lahabana
feat(kubernetes): add possibility to not add owner reference (#9794)
d029597 
Introduce a new config flag to not add ownerReference to resources.

This is useful when using argoCD which will refuse deleting resources
if they have an ownerReference

Fix #9541

Signed-off-by: Charly Molter <charly.molter@konghq.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lahabana lahabana

Labels
kind/bug A bug triage/accepted The issue was reviewed and is complete enough to start working on it
Projects
None yet
Milestone
2.7.x
Development

Successfully merging a pull request may close this issue.

feat(k8s): add possibility to not add owner reference lahabana/kuma
2 participants
@lahabana @jakubdyszkiewicz