Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] SecurityContext settings override #1808

Open
margreiext opened this issue Dec 31, 2024 · 2 comments
Open

[Bug] SecurityContext settings override #1808

margreiext opened this issue Dec 31, 2024 · 2 comments
Labels
bug Something isn't working triage/accepted Indicates an issue or PR is ready to be actively worked on.

Comments

@margreiext
Copy link

Describe the bug
SecurityContext settings for deployment in Kind Grafana override after grafana deployment successful creation

Version
App Version: 5.15.1
Chart Version: 4.8.0

To Reproduce
Steps to reproduce the behavior:

  1. Apply Helm Chart for grafana operator
  2. Describe Grafana kind via kubectl and grab SecurityContext settings (path: spec.deployment.spec.template.spec.securityContext)
  3. Wait until Grafana deployment will be created
  4. Describe again Grafana kind via kubectl and compare SecurityContext settings (path: spec.deployment.spec.template.spec.securityContext)

Expected behavior
SecurityContext settings for deployment(spec.deployment.spec.template.spec.securityContext) in Kind Grafana should not be override after Deployment creation.

Suspect component/Location where the bug might be occurring
Grafana operator logic in code responsible for reconciliation after deployment creation.
Probably it is updating Grafana kind resource base on deployment settings.

Screenshots
Before Deployment creation
Image
After Deployment creation
Image

Runtime

  • OS: Linux
  • Grafana Operator Version: 5.15.1
  • Environment: Azure Kubernetes Service
  • Deployment type: Helm via ArgoCD
  • Other: Helm chart deployed via Argocd with App of Apps pattern

Additional context
The logic in grafana operator cause OutOfSync in ArgoCD Application level.
The initial sync of grafana operator chart when grafana Kind applied is successful with all SecurityContext settings applied as provided in values.
After Grafana Deployment creation SecurityContext changed(override) by settings provided in deployment. It cause that ArgoCD show differences for applied kind Grafana with comparison with version which stored in repository.

Attached values file
operator-values.txt
@margreiext margreiext added bug Something isn't working needs triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Dec 31, 2024
@pb82
Copy link
Collaborator

pb82 commented Jan 13, 2025

@margreiext are the security context settings changing after creating the deployment? Is you ArgoCD instance competing with the Operator here in updating those values?

@theSuess theSuess added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jan 13, 2025
@theSuess
Copy link
Member

This happens as we update the resource with the default version if not set. This causes a re-serialization in which default or empty fields get omitted. To fix this, we'll need to use a PATCH request instead. I'll put together a PR for that soon

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@theSuess @pb82 @margreiext