From 09ccaf44bfbfe1de19518c846d1192e6255ff882 Mon Sep 17 00:00:00 2001 From: Dennis Haney Date: Thu, 17 Oct 2024 08:17:21 +0200 Subject: [PATCH 1/3] feat: add logs for policy ignores --- plan/policy.go | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/plan/policy.go b/plan/policy.go index bbcf71e966..e02ae49eed 100644 --- a/plan/policy.go +++ b/plan/policy.go @@ -16,6 +16,10 @@ limitations under the License. package plan +import ( + log "github.com/sirupsen/logrus" +) + // Policy allows to apply different rules to a set of changes. type Policy interface { Apply(changes *Changes) *Changes @@ -41,6 +45,9 @@ type UpsertOnlyPolicy struct{} // Apply applies the upsert-only policy which strips out any deletions. func (p *UpsertOnlyPolicy) Apply(changes *Changes) *Changes { + for _, ep := range changes.Delete { + log.Debugf(`Skipping deletion of endpoint %v due to "upsert-only" policy`, ep) + } return &Changes{ Create: changes.Create, UpdateOld: changes.UpdateOld, @@ -53,6 +60,15 @@ type CreateOnlyPolicy struct{} // Apply applies the create-only policy which strips out updates and deletions. func (p *CreateOnlyPolicy) Apply(changes *Changes) *Changes { + for _, ep := range changes.Delete { + log.Debugf(`Skipping deletion of endpoint %v due to "create-only" policy`, ep) + } + for _, ep := range changes.UpdateOld { + log.Debugf(`Skipping update-old of endpoint %v due to "create-only" policy`, ep) + } + for _, ep := range changes.UpdateNew { + log.Debugf(`Skipping update-new of endpoint %v due to "create-only" policy`, ep) + } return &Changes{ Create: changes.Create, } From 426ba9d7e1273f52e0a704ca55a875b3d9439097 Mon Sep 17 00:00:00 2001 From: Dennis Haney Date: Wed, 30 Oct 2024 19:55:02 +0700 Subject: [PATCH 2/3] fix: add check for log level --- plan/policy.go | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/plan/policy.go b/plan/policy.go index e02ae49eed..6898b846ee 100644 --- a/plan/policy.go +++ b/plan/policy.go @@ -45,8 +45,10 @@ type UpsertOnlyPolicy struct{} // Apply applies the upsert-only policy which strips out any deletions. func (p *UpsertOnlyPolicy) Apply(changes *Changes) *Changes { - for _, ep := range changes.Delete { + if log.GetLevel() == log.DebugLevel { + for _, ep := range changes.Delete { log.Debugf(`Skipping deletion of endpoint %v due to "upsert-only" policy`, ep) + } } return &Changes{ Create: changes.Create, @@ -60,14 +62,16 @@ type CreateOnlyPolicy struct{} // Apply applies the create-only policy which strips out updates and deletions. func (p *CreateOnlyPolicy) Apply(changes *Changes) *Changes { - for _, ep := range changes.Delete { - log.Debugf(`Skipping deletion of endpoint %v due to "create-only" policy`, ep) - } - for _, ep := range changes.UpdateOld { - log.Debugf(`Skipping update-old of endpoint %v due to "create-only" policy`, ep) - } - for _, ep := range changes.UpdateNew { - log.Debugf(`Skipping update-new of endpoint %v due to "create-only" policy`, ep) + if log.GetLevel() == log.DebugLevel { + for _, ep := range changes.Delete { + log.Debugf(`Skipping deletion of endpoint %v due to "create-only" policy`, ep) + } + for _, ep := range changes.UpdateOld { + log.Debugf(`Skipping update-old of endpoint %v due to "create-only" policy`, ep) + } + for _, ep := range changes.UpdateNew { + log.Debugf(`Skipping update-new of endpoint %v due to "create-only" policy`, ep) + } } return &Changes{ Create: changes.Create, From 30a5274e862d585f42e6870c6e7f44a989b030fb Mon Sep 17 00:00:00 2001 From: Dennis Haney Date: Wed, 30 Oct 2024 19:57:36 +0700 Subject: [PATCH 3/3] fix: since policy now logs what it would have done, it makes sense to do them after the endpoint filtering, so that the logs does not contain things that get filtered out anyway --- plan/plan.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/plan/plan.go b/plan/plan.go index d0ca7f96a2..a110e8b118 100644 --- a/plan/plan.go +++ b/plan/plan.go @@ -245,10 +245,6 @@ func (p *Plan) Calculate() *Plan { } } - for _, pol := range p.Policies { - changes = pol.Apply(changes) - } - // filter out updates this external dns does not have ownership claim over if p.OwnerID != "" { changes.Delete = endpoint.FilterEndpointsByOwnerID(p.OwnerID, changes.Delete) @@ -257,6 +253,10 @@ func (p *Plan) Calculate() *Plan { changes.UpdateNew = endpoint.FilterEndpointsByOwnerID(p.OwnerID, changes.UpdateNew) } + for _, pol := range p.Policies { + changes = pol.Apply(changes) + } + plan := &Plan{ Current: p.Current, Desired: p.Desired,