Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-8551

Design: Making Image Updater CRD available in remote cluster

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • None
    • ImageUpdater

      Story
      As an Image Updater user trying to deploy applications across clusters at scale, I want to Image Updater runs on the applications regardless where the applications are deployed. As the engineer works on this feature, we want to create a well thoughout design and get feedback/buy-ins from other senior level engineers.

       

      Background and Approach
      Currently, the Image Updater controller watches the local Kubernetes API for ImageUpdater CRs. In a multi-cluster setup, the Application is in a remote cluster, but the CR must be in the management cluster.

      • The "Why": Users want to bundle the ImageUpdater CR inside the same Helm chart as their application.
      • Technical Path: * Research the use of ArgoCD Cluster Secrets (labeled argocd.argoproj.io/secret-type: cluster) to discover target clusters.
        • Define the security model: How will the controller get permissions to watch CRs in remote namespaces?
        • Define the Controller Manager logic: Will it use a Manager per cluster or a multi-cluster cache?
        • Propose configuration flags (e.g., {}allowed-clusters{-} or -cluster-label-selector).

      Out of Scope

      • Implementation of the controller logic.
      • Support for non-ArgoCD managed clusters.

      Dependencies

      • <Describes what this story depends on. Dependent stories and EPICs should be linked to the story.>

      Acceptance Criteria (Mandatory)

      • Create a design doc
      • Present the proposal in Cabal
      • Receive feedback by engineering team
      • Address feedback 

      Definition of Done

      • Code Complete:
        • All code has been written, reviewed, and approved.
      • Tested:
        • Unit tests have been written and passed.
        • Ensure code coverage is not reduced with the changes.
        • Integration tests have been automated.
        • System tests have been conducted, and all critical bugs have been fixed.
        • Tested and merged on OpenShift either upstream or downstream on a local build.
      • Documentation:
        • User documentation or release notes have been written (if applicable).
      • Build:
        • Code has been successfully built and integrated into the main repository / project.
        • Midstream changes (if applicable) are done, reviewed, approved and merged.
      • Review:
        • Code has been peer-reviewed and meets coding standards.
        • All acceptance criteria defined in the user story have been met.
        • Tested by reviewer on OpenShift.
      • Deployment:
        • The feature has been deployed on OpenShift cluster for testing.

              dkarpele@redhat.com Denis Karpelevich
              dkarpele@redhat.com Denis Karpelevich
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: