From 1a292feebbe7185202885284c1ff998039eaa90f Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Mon, 28 Dec 2020 16:44:27 +0100 Subject: [PATCH] outposts: always check metadata on reconcile --- authentik/outposts/controllers/k8s/base.py | 3 ++- authentik/outposts/controllers/k8s/deployment.py | 1 + authentik/outposts/controllers/k8s/secret.py | 1 + authentik/outposts/controllers/k8s/service.py | 1 + authentik/providers/proxy/controllers/k8s/ingress.py | 1 + 5 files changed, 6 insertions(+), 1 deletion(-) diff --git a/authentik/outposts/controllers/k8s/base.py b/authentik/outposts/controllers/k8s/base.py index 0fbf5588a..d2f895380 100644 --- a/authentik/outposts/controllers/k8s/base.py +++ b/authentik/outposts/controllers/k8s/base.py @@ -93,7 +93,8 @@ class KubernetesObjectReconciler(Generic[T]): def reconcile(self, current: T, reference: T): """Check what operations should be done, should be raised as ReconcileTrigger""" - raise NotImplementedError + if current.metadata.annotations != reference.metadata.annotations: + raise NeedsUpdate() def create(self, reference: T): """API Wrapper to create object""" diff --git a/authentik/outposts/controllers/k8s/deployment.py b/authentik/outposts/controllers/k8s/deployment.py index c241e91aa..1f871e249 100644 --- a/authentik/outposts/controllers/k8s/deployment.py +++ b/authentik/outposts/controllers/k8s/deployment.py @@ -44,6 +44,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]): return f"authentik-outpost-{self.controller.outpost.uuid.hex}" def reconcile(self, current: V1Deployment, reference: V1Deployment): + super().reconcile(current, reference) if current.spec.replicas != reference.spec.replicas: raise NeedsUpdate() if ( diff --git a/authentik/outposts/controllers/k8s/secret.py b/authentik/outposts/controllers/k8s/secret.py index e7fc2d3f8..3ddedce99 100644 --- a/authentik/outposts/controllers/k8s/secret.py +++ b/authentik/outposts/controllers/k8s/secret.py @@ -31,6 +31,7 @@ class SecretReconciler(KubernetesObjectReconciler[V1Secret]): return f"authentik-outpost-{self.controller.outpost.uuid.hex}-api" def reconcile(self, current: V1Secret, reference: V1Secret): + super().reconcile(current, reference) for key in reference.data.keys(): if current.data[key] != reference.data[key]: raise NeedsUpdate() diff --git a/authentik/outposts/controllers/k8s/service.py b/authentik/outposts/controllers/k8s/service.py index 3013a70cd..8a1c35aab 100644 --- a/authentik/outposts/controllers/k8s/service.py +++ b/authentik/outposts/controllers/k8s/service.py @@ -26,6 +26,7 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]): return f"authentik-outpost-{self.controller.outpost.uuid.hex}" def reconcile(self, current: V1Service, reference: V1Service): + super().reconcile(current, reference) if len(current.spec.ports) != len(reference.spec.ports): raise NeedsUpdate() for port in reference.spec.ports: diff --git a/authentik/providers/proxy/controllers/k8s/ingress.py b/authentik/providers/proxy/controllers/k8s/ingress.py index f0f643f36..029cfeec1 100644 --- a/authentik/providers/proxy/controllers/k8s/ingress.py +++ b/authentik/providers/proxy/controllers/k8s/ingress.py @@ -40,6 +40,7 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]): def reconcile( self, current: NetworkingV1beta1Ingress, reference: NetworkingV1beta1Ingress ): + super().reconcile(current, reference) # Create a list of all expected host and tls hosts expected_hosts = [] expected_hosts_tls = []