Replace Ancestor tracking webhook with controller

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
2026-01-27 10:18:39 +00:00 · 2025-09-17 12:54:27 +02:00
parent 37720b9609
commit cdf53e89e9
2 changed files with 225 additions and 60 deletions
--- a/internal/controller/cozystackresource_controller.go
+++ b/internal/controller/cozystackresource_controller.go
@@ -2,14 +2,25 @@ package controller

 import (
 	"context"
+	"crypto/sha256"
+	"encoding/hex"
+	"encoding/json"
+	"sort"
 	"sync"
 	"time"

+	"github.com/cozystack/cozystack/internal/shared/crdmem"
+
 	cozyv1alpha1 "github.com/cozystack/cozystack/api/v1alpha1"
+
+	"github.com/go-logr/logr"
 	appsv1 "k8s.io/api/apps/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
+
 	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/builder"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/handler"
 	"sigs.k8s.io/controller-runtime/pkg/log"
@@ -20,85 +31,55 @@ type CozystackResourceDefinitionReconciler struct {
 	client.Client
 	Scheme *runtime.Scheme

-	// Configurable debounce duration
 	Debounce time.Duration

-	// Internal state for debouncing
 	mu          sync.Mutex
-	lastEvent   time.Time // Time of last CRUD event on CozystackResourceDefinition
-	lastHandled time.Time // Last time the Deployment was actually restarted
+	lastEvent   time.Time
+	lastHandled time.Time
+
+	mem *crdmem.Memory
 }

-// Reconcile handles the logic to restart the target Deployment only once,
-// even if multiple events occur close together
 func (r *CozystackResourceDefinitionReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-	log := log.FromContext(ctx)
+	logger := log.FromContext(ctx)

-	// Only respond to our target deployment
-	if req.Namespace != "cozy-system" || req.Name != "cozystack-api" {
+	crd := &cozyv1alpha1.CozystackResourceDefinition{}
+	err := r.Get(ctx, types.NamespacedName{Name: req.Name}, crd)
+	if err == nil {
+		if r.mem != nil {
+			r.mem.Upsert(crd)
+		}
+
+		r.mu.Lock()
+		r.lastEvent = time.Now()
+		r.mu.Unlock()
 		return ctrl.Result{}, nil
 	}
-
-	r.mu.Lock()
-	le := r.lastEvent
-	lh := r.lastHandled
-	debounce := r.Debounce
-	r.mu.Unlock()
-
-	if debounce <= 0 {
-		debounce = 5 * time.Second
-	}
-
-	// No events received yet — nothing to do
-	if le.IsZero() {
-		return ctrl.Result{}, nil
-	}
-
-	// Wait until the debounce duration has passed since the last event
-	if d := time.Since(le); d < debounce {
-		return ctrl.Result{RequeueAfter: debounce - d}, nil
-	}
-
-	// Already handled this event — skip restart
-	if !lh.Before(le) {
-		return ctrl.Result{}, nil
-	}
-
-	// Perform the restart by patching the deployment annotation
-	deploy := &appsv1.Deployment{}
-	if err := r.Get(ctx, types.NamespacedName{Namespace: "cozy-system", Name: "cozystack-api"}, deploy); err != nil {
-		log.Error(err, "Failed to get Deployment cozy-system/cozystack-api")
-		return ctrl.Result{}, client.IgnoreNotFound(err)
-	}
-
-	patch := client.MergeFrom(deploy.DeepCopy())
-	if deploy.Spec.Template.Annotations == nil {
-		deploy.Spec.Template.Annotations = make(map[string]string)
-	}
-	deploy.Spec.Template.Annotations["kubectl.kubernetes.io/restartedAt"] = time.Now().Format(time.RFC3339)
-
-	if err := r.Patch(ctx, deploy, patch); err != nil {
-		log.Error(err, "Failed to patch Deployment annotation")
+	if err != nil && !apierrors.IsNotFound(err) {
 		return ctrl.Result{}, err
 	}
-
-	// Mark this event as handled
-	r.mu.Lock()
-	r.lastHandled = le
-	r.mu.Unlock()
-
-	log.Info("Deployment cozy-system/cozystack-api successfully restarted")
+	if apierrors.IsNotFound(err) && r.mem != nil {
+		r.mem.Delete(req.Name)
+	}
+	if req.Namespace == "cozy-system" && req.Name == "cozystack-api" {
+		return r.debouncedRestart(ctx, logger)
+	}
 	return ctrl.Result{}, nil
 }

-// SetupWithManager configures how the controller listens to events
 func (r *CozystackResourceDefinitionReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	if r.Debounce == 0 {
 		r.Debounce = 5 * time.Second
 	}
-
+	if r.mem == nil {
+		r.mem = crdmem.Global()
+	}
+	if err := r.mem.EnsurePrimingWithManager(mgr); err != nil {
+		return err
+	}
 	return ctrl.NewControllerManagedBy(mgr).
-		Named("cozystack-restart-controller").
+		Named("cozystackresource-controller").
+		For(&cozyv1alpha1.CozystackResourceDefinition{}, builder.WithPredicates()).
 		Watches(
 			&cozyv1alpha1.CozystackResourceDefinition{},
 			handler.EnqueueRequestsFromMapFunc(func(ctx context.Context, obj client.Object) []reconcile.Request {
@@ -115,3 +96,88 @@ func (r *CozystackResourceDefinitionReconciler) SetupWithManager(mgr ctrl.Manage
 		).
 		Complete(r)
 }
+
+type crdHashView struct {
+	Name string                                       `json:"name"`
+	Spec cozyv1alpha1.CozystackResourceDefinitionSpec `json:"spec"`
+}
+
+func (r *CozystackResourceDefinitionReconciler) computeConfigHash() (string, error) {
+	if r.mem == nil {
+		return "", nil
+	}
+	snapshot := r.mem.Snapshot()
+	sort.Slice(snapshot, func(i, j int) bool { return snapshot[i].Name < snapshot[j].Name })
+	views := make([]crdHashView, 0, len(snapshot))
+	for i := range snapshot {
+		views = append(views, crdHashView{
+			Name: snapshot[i].Name,
+			Spec: snapshot[i].Spec,
+		})
+	}
+	b, err := json.Marshal(views)
+	if err != nil {
+		return "", err
+	}
+	sum := sha256.Sum256(b)
+	return hex.EncodeToString(sum[:]), nil
+}
+
+func (r *CozystackResourceDefinitionReconciler) debouncedRestart(ctx context.Context, logger logr.Logger) (ctrl.Result, error) {
+	r.mu.Lock()
+	le := r.lastEvent
+	lh := r.lastHandled
+	debounce := r.Debounce
+	r.mu.Unlock()
+
+	if debounce <= 0 {
+		debounce = 5 * time.Second
+	}
+	if le.IsZero() {
+		return ctrl.Result{}, nil
+	}
+	if d := time.Since(le); d < debounce {
+		return ctrl.Result{RequeueAfter: debounce - d}, nil
+	}
+	if !lh.Before(le) {
+		return ctrl.Result{}, nil
+	}
+
+	newHash, err := r.computeConfigHash()
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+
+	deploy := &appsv1.Deployment{}
+	if err := r.Get(ctx, types.NamespacedName{Namespace: "cozy-system", Name: "cozystack-api"}, deploy); err != nil {
+		return ctrl.Result{}, client.IgnoreNotFound(err)
+	}
+
+	if deploy.Spec.Template.Annotations == nil {
+		deploy.Spec.Template.Annotations = map[string]string{}
+	}
+	oldHash := deploy.Spec.Template.Annotations["cozystack.io/config-hash"]
+
+	if oldHash == newHash && oldHash != "" {
+		r.mu.Lock()
+		r.lastHandled = le
+		r.mu.Unlock()
+		logger.Info("No changes in CRD config; skipping restart", "hash", newHash)
+		return ctrl.Result{}, nil
+	}
+
+	patch := client.MergeFrom(deploy.DeepCopy())
+	deploy.Spec.Template.Annotations["cozystack.io/config-hash"] = newHash
+
+	if err := r.Patch(ctx, deploy, patch); err != nil {
+		return ctrl.Result{}, err
+	}
+
+	r.mu.Lock()
+	r.lastHandled = le
+	r.mu.Unlock()
+
+	logger.Info("Updated cozystack-api podTemplate config-hash; rollout triggered",
+		"old", oldHash, "new", newHash)
+	return ctrl.Result{}, nil
+}