kubernetes operator that patches resources

This project is deprecated in favor of Kyverno. Kyverno can do essentially everything this project set out to do and much more.

The example Kyverno Policy can achieve the same effect as a Patch.

Kyverno Policy

apiVersion: kyverno.io/v1 kind: Policy metadata: name: patch-hello-configmap spec: background: true mutateExistingOnPolicyUpdate: true rules: - name: hello-configmap match: resources: kinds: - /*/ConfigMap names: - hello mutate: targets: - apiVersion: v1 kind: ConfigMap name: hello patchStrategicMerge: data: hello: world

Patch (Deprecated)

apiVersion: patch.rock8s.com/v1alpha1 kind: Patch metadata: name: patch-hello-configmap spec: patches: - id: hello-configmap target: apiVersion: v1 kind: ConfigMap name: hello waitForResource: true type: merge patch: |  data:  hello: world

The patch will be recalibrated (forced to apply again) any time the spec changes. It is a common practice to set the value of spec.epoch to the current timestamp, thus forcing the patch to recalibrate every time a deployment is updated.

helm repo add rock8s https://charts.rock8s.com helm install patch-operator rock8s/patch-operator --version 0.1.0

You can learn more about this on ArtifactHub

Here's an example manifest file that creates a Patch resource.

apiVersion: patch.rock8s.com/v1alpha1 kind: Patch metadata: name: example-patch spec: epoch: "2023" patches: - id: patch-1 patch: |  {  "metadata": {  "annotations": {  "example.com/annotation": "true"  }  }  }  target: apiVersion: apps/v1 kind: Deployment name: my-deployment type: "json" waitForResource: true waitForTimeout: 60000 - id: patch-2 patch: |  [  {  "op": "replace",  "path": "/spec/replicas",  "value": 3  }  ]  target: apiVersion: apps/v1 kind: Deployment name: my-deployment type: "json"

Here are the properties of a Patch resource:

• epoch A string value representing the epoch of the patch. This property can be used to force recalibration of resources.

• image A string value representing the name and tag of the image to be used in the job. The default image used is registry.gitlab.com/bitspur/rock8s/images/kube-commands:3.18.0.

• patches An array of patches to be applied. Each patch is defined by the following properties:

  • id: an optional string value representing the ID of the patch.
  • patch: a string value representing the patch to be applied.
  • skipIf: an optional array of criteria to skip the patch if met.
  • target: a set of properties that define the target resource to patch.
  • type: a string value representing the type of patch to apply (json, merge, strategic or script). You can read more about the different patch types HERE.
  • waitForResource: a boolean value representing whether to wait for the resource to exist before applying the patch.
  • waitForTimeout: an integer value representing the time in milliseconds to wait before applying the patch.