Skip to content

1.9.0 - Mission api server on fire

Compare
Choose a tag to compare
@DaspawnW DaspawnW released this 09 Dec 18:21
· 43 commits to master since this release
1caee0f

As the title already says this release try to reduce the load on the api server

  • switched reconciliation loop to use indexed informer
  • introduce cache for secrets
  • switched owner reference fix by default to false

Update process

This upgrade requires a manual job to be executed as soon as the new version of vault-crd is deployed:

namespaceResources=$(kubectl get namespaces -o json)

for ns in $(echo "${namespaceResources}" | jq -r '.items[] | @base64'); do
  _jqNS() {
     echo ${ns} | base64 --decode | jq -r ${1}
  }
  
  namespace=$(_jqNS '.metadata.name')
  echo "Start searching for vault resources in namespace ${namespace}"

  vaultResources=$(kubectl get vault --namespace ${namespace} -o json)
  for vault in $(echo "${vaultResources}" | jq -r '.items[] | @base64'); do
    _jqVault() {
        echo ${vault} | base64 --decode | jq -r ${1}
    }

    name=$(_jqVault '.metadata.name')

    echo "Patching secret ${name} in namespace ${namespace}"
    kubectl patch secret --namespace ${namespace} ${name} -p '{"metadata": {"labels": {"vault.koudingspawn.de": "vault"}}}' --type=merge
  done

done