diff --git a/.nancy-ignore b/.nancy-ignore index 49d47ae0..e29168d2 100644 --- a/.nancy-ignore +++ b/.nancy-ignore @@ -1,4 +1,4 @@ #pkg:golang/k8s.io/apiserver@v0.25.0 -CVE-2020-8561 until=2024-01-08 # k8s.io/apiserver@v0.25.0 +CVE-2020-8561 until=2024-06-01 # k8s.io/apiserver@v0.25.0 CVE-2023-47108 until=2024-06-01 # go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 CVE-2024-24786 until=2024-06-01 # go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0 diff --git a/CHANGELOG.md b/CHANGELOG.md index 2330179f..fc0abb52 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added + +- Added the label `app-operator.giantswarm.io/watching` to `"false"` on `configmap` created by the operator to avoid the unstopable reconciliation of the resource. + ## [0.9.2] - 2024-05-07 ### Added diff --git a/internal/pkg/teleport/configmap.go b/internal/pkg/teleport/configmap.go index 79551c58..75305847 100644 --- a/internal/pkg/teleport/configmap.go +++ b/internal/pkg/teleport/configmap.go @@ -65,6 +65,9 @@ func (t *Teleport) CreateConfigMap(ctx context.Context, log logr.Logger, ctrlCli ObjectMeta: metav1.ObjectMeta{ Name: configMapName, Namespace: clusterNamespace, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, Data: configMapData, } @@ -104,6 +107,15 @@ func (t *Teleport) UpdateConfigMap(ctx context.Context, log logr.Logger, ctrlCli // Update the ConfigMap's data with the modified value configMap.Data["values"] = string(updatedValuesYaml) + + // Ensure the Labels map is initialized + if configMap.Labels == nil { + configMap.Labels = make(map[string]string) + } + + // Add the specific label + configMap.Labels["app-operator.giantswarm.io/watching"] = "false" + if err := ctrlClient.Update(ctx, configMap); err != nil { return microerror.Mask(fmt.Errorf("failed to update ConfigMap: %w", err)) } diff --git a/internal/pkg/teleport/configmap_test.go b/internal/pkg/teleport/configmap_test.go index 97162c9e..8904a23a 100644 --- a/internal/pkg/teleport/configmap_test.go +++ b/internal/pkg/teleport/configmap_test.go @@ -221,6 +221,9 @@ func Test_ConfigMapCRUD(t *testing.T) { if err != nil { test.CheckConfigMap(t, tc.configMapToUpdate, actualConfigMap) } + if actualConfigMap.Labels["app-operator.giantswarm.io/watching"] != "false" { + t.Errorf("Expected label app-operator.giantswarm.io/watching=false, found %s", actualConfigMap.Labels["app-operator.giantswarm.io/watching"]) + } } } diff --git a/internal/pkg/teleport/secret.go b/internal/pkg/teleport/secret.go index fe5d9094..748bcc83 100644 --- a/internal/pkg/teleport/secret.go +++ b/internal/pkg/teleport/secret.go @@ -52,6 +52,9 @@ func (t *Teleport) CreateSecret(ctx context.Context, log logr.Logger, ctrlClient ObjectMeta: metav1.ObjectMeta{ Name: secretName, Namespace: clusterNamespace, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, StringData: map[string]string{ "joinToken": token, @@ -70,6 +73,9 @@ func (t *Teleport) UpdateSecret(ctx context.Context, log logr.Logger, ctrlClient ObjectMeta: metav1.ObjectMeta{ Name: secretName, Namespace: clusterNamespace, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, StringData: map[string]string{ "joinToken": token, diff --git a/internal/pkg/test/resources.go b/internal/pkg/test/resources.go index cbdc593b..9ff2735a 100644 --- a/internal/pkg/test/resources.go +++ b/internal/pkg/test/resources.go @@ -86,6 +86,9 @@ func NewConfigMap(clusterName, appName, namespaceName, tokenName string) *corev1 ObjectMeta: metav1.ObjectMeta{ Name: key.GetConfigmapName(clusterName, appName), Namespace: namespaceName, + Labels: map[string]string{ + "app-operator.giantswarm.io/watching": "false", + }, }, Data: map[string]string{ "values": fmt.Sprintf(ConfigMapValuesFormat, tokenName, ProxyAddr, registerName, TeleportVersion),