Delete Kubernetes resources on application updates

Within the application update process, it is necessary to call "kubectl delete -k <manifest_dir>" to delete the charts that will not be present in the new version of the application. This way we eliminate unnecessary remnants of secrets in the N+1 application. Test Plan: PASS: Upload/Apply/Remove/Delete cert-manager PASS: Upload/Apply/Remove/Delete plataform-integ-apps PASS: Platform-integ-app update to the new version with changed list of the charts PASS: Secrets no longer used were deleted PASS: If the update fails, it must remove the secrets that are in version N+1 and should not be in version N Closes-Bug: 2040277 Change-Id: I1c281491d30b46a7cbf53211890bb4add021dcc8 Signed-off-by: David Barbosa Bastos <david.barbosabastos@windriver.com>
2023-10-23 18:30:22 -03:00 · 2023-10-23 18:30:22 -03:00 · 301b401c9a
parent 966f15f3fc
commit 301b401c9a
1 changed files with 12 additions and 1 deletions
--- a/sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py
+++ b/sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py
@ -1746,7 +1746,6 @@ class AppOperator(object):
        self._update_app_status(new_app, constants.APP_INACTIVE_STATE)

        try:
-            self._cleanup(new_app, app_dir=False)
            self._utils._patch_report_app_dependencies(
                new_app.name + '-' + new_app.version)
            self._dbapi.kube_app_destroy(new_app.name,
@ -1784,6 +1783,11 @@ class AppOperator(object):
                        # but are not in the old application version
                        if (new_chart.release not in old_app_charts and
                                new_chart.release in deployed_releases):
+
+                            # Deletes secrets that are not in the version N of the app
+                            self._fluxcd.run_kubectl_kustomize(constants.KUBECTL_KUSTOMIZE_DELETE,
+                                                               new_chart.chart_os_path)
+
                            # Send delete request in FluxCD so it doesn't
                            # recreate the helm release
                            self._kube.delete_custom_resource(
@ -1798,6 +1802,8 @@ class AppOperator(object):
                else:
                    rc = False

+            self._cleanup(new_app, app_dir=False)
+
        except exception.ApplicationApplyFailure:
            rc = False
        except Exception as e:
@ -2780,6 +2786,11 @@ class AppOperator(object):
                # but are not in the new application version
                if (from_chart.release not in to_app_charts and
                        from_chart.release in deployed_releases):
+
+                    # Deletes secrets that are not in the n+1 app
+                    self._fluxcd.run_kubectl_kustomize(constants.KUBECTL_KUSTOMIZE_DELETE,
+                                                       from_chart.chart_os_path)
+
                    # Send delete request in FluxCD so it doesn't
                    # recreate the helm release
                    self._kube.delete_custom_resource(