Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure finalizer is present before reconciling #218

Merged
merged 2 commits into from
Aug 2, 2023
Merged

Ensure finalizer is present before reconciling #218

merged 2 commits into from
Aug 2, 2023

Conversation

ludydoo
Copy link
Contributor

@ludydoo ludydoo commented Jun 27, 2023
edited
Loading

The current logic will apply the finalizer to the custom resource after the first reconciliation loop (in a closure). Though, in certain circumstances, the custom resource might get deleted after the first reconciliation loop has installed the chart but before it has applied the finalizer. If the chart created any resources not in the same namespace these will be orphaned without cleanup.

By ensuring that the finalizer is present on the custom resource before proceeding, this will ensure a proper cleanup in all cases.

@ludydoo
Copy link
Contributor Author

ludydoo commented Jun 27, 2023

ping: @joelanford

@ludydoo ludydoo mentioned this pull request Jun 27, 2023
Closed
@ludydoo ludydoo requested a review from joelanford June 27, 2023 14:27
@ludydoo ludydoo requested a review from joelanford June 27, 2023 14:55
@ludydoo ludydoo force-pushed the ensure-finalizer-before-reconcile branch from df6d950 to 339a185 Compare June 30, 2023 08:06
@ludydoo
Copy link
Contributor Author

ludydoo commented Jul 4, 2023

@joelanford Do you have any more concerns for this one ?

@ludydoo ludydoo mentioned this pull request Jun 30, 2023
Merged
porridge
porridge approved these changes Jul 13, 2023
View reviewed changes
Copy link
Member

@porridge porridge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two nitpicks inline, and I'd suggest to reword the PR description to:

The current logic will apply the finalizer to the custom resource after the first reconciliation loop (in a closure). Though, in certain circumstances, the custom resource might get deleted after the first reconciliation loop has installed the chart but before it has applied the finalizer. If the chart created any resources not in the same namespace these will be orphaned without cleanup.

By ensuring that the finalizer is present on the custom resource before proceeding, this will ensure a proper cleanup in all cases.

pkg/reconciler/reconciler.go Outdated
@@ -521,6 +522,18 @@ func (r *Reconciler) Reconcile(ctx context.Context, req ctrl.Request) (res ctrl.
return ctrl.Result{}, err
}

// The finalizer must be present on the CR before we can do anything. Otherwise, if the reconciliation fails,
// there might be resources created by the chart that will not be garbage-collected
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// there might be resources created by the chart that will not be garbage-collected
// there might be resources created by the chart that will not be garbage-collected

pkg/reconciler/reconciler.go Outdated
// (cluster-scoped resources or resources in other namespaces, which are not bound by an owner reference).
// This is a safety measure to ensure that the chart is fully uninstalled before the CR is deleted.
if obj.GetDeletionTimestamp() == nil && !controllerutil.ContainsFinalizer(obj, uninstallFinalizer) {
log.V(1).Info("Adding uninstall finalizer")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
log.V(1).Info("Adding uninstall finalizer")
log.V(1).Info("Adding uninstall finalizer.")

@porridge
Copy link
Member

@joelanford can you please approve and merge? This fixes a resource leak which occurs frequently at high CR cardinalities.

varshaprasad96
varshaprasad96 approved these changes Jul 27, 2023
View reviewed changes
Copy link
Member

@varshaprasad96 varshaprasad96 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 27, 2023
@coveralls
Copy link

Pull Request Test Coverage Report for Build 5542078207

  • 6 of 8 (75.0%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.1%) to 89.349%
Changes Missing Coverage Covered Lines Changed/Added Lines %
pkg/reconciler/reconciler.go 6 8 75.0%
Totals Coverage Status
Change from base Build 4940267938: -0.1%
Covered Lines: 1703
Relevant Lines: 1906
💛 - Coveralls

@varshaprasad96
Copy link
Member

@ludydoo could you please rebase this PR with main

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 28, 2023
@ludydoo ludydoo force-pushed the ensure-finalizer-before-reconcile branch from 47fde81 to 66042cd Compare July 28, 2023 13:28
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Jul 28, 2023
@openshift-ci
Copy link

openshift-ci bot commented Jul 28, 2023

New changes are detected. LGTM label has been removed.

@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 28, 2023
@ludydoo ludydoo requested a review from varshaprasad96 July 28, 2023 13:28
@varshaprasad96
Copy link
Member

Reopening this to run the CI again

everettraven
everettraven approved these changes Jul 28, 2023
View reviewed changes
Copy link
Contributor

@everettraven everettraven left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code changes look good and make sense to me. Approving but pending merge on passing CI

@varshaprasad96 varshaprasad96 merged commit 9038198 into operator-framework:main Aug 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@everettraven everettraven everettraven approved these changes

@porridge porridge porridge approved these changes

@fabianvf fabianvf Awaiting requested review from fabianvf

@joelanford joelanford Awaiting requested review from joelanford

@varshaprasad96 varshaprasad96 Awaiting requested review from varshaprasad96

Assignees

@varshaprasad96 varshaprasad96

Labels
area/deps area/sdk area/testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@ludydoo @porridge @coveralls @varshaprasad96 @joelanford @everettraven @openshift-merge-robot