Page MenuHomePhabricator
Create Task
Maniphest T265979

Alert on unapplied changes in deployment-charts repo
Open, MediumPublic
Actions

Description

From time to time I stumble upon changes in deployment-charts repo that have not been applied to the clusters.

We should come up with some alert (similar to unmerged puppet changes) if changes have not been applied for some time.

There are multiple ways to implement that:

  • Periodically diff all releases against all clusters
    • - Needs privileges and is probably quite slow
  • Write the git hash that was applied last to some namespace annotation or configmap
    • + Faster, does not need very broad privileges to check (just read on git and namespace objects)
    • - Not sure how to generate a "good" git hash for this as we share the repo for lots of stuff

First iteration could check for helmfile.d/admin only as thats more easy to forget and less easy to apply (or just skip and let some developer decide),

Related Objects

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits