charts icon indicating copy to clipboard operation
charts copied to clipboard
verified publisher icon cloudnative-pg

feat(cloudnative-pg): add annotations to all CRDs

Open xmj opened this issue 8 months ago • 8 comments

We want to be able to pass annotations to all CustomResourceDefinitions.

This is helpful in that it allows passing an annotation to ArgoCD to enable ServerSideApply:

crds:
  annotations:
    argocd.argoproj.io/sync-options: ServerSideApply=true

Fixes #656

xmj avatar Aug 28 '25 04:08 xmj

What is missing for this to be merged?

kastl-ars avatar Sep 17 '25 07:09 kastl-ars

What is missing for this to be merged?

Sorry for bringing this up again, but why is this simple PR still open? What is missing?

kastl-ars avatar Oct 07 '25 06:10 kastl-ars

@xmj while the patch would technically solve the issue, it wouldn't work well with the current release procedure for the chart.

The crds.yaml is generated before every release with kustomize build on https://github.com/cloudnative-pg/cloudnative-pg/blob/main/config/helm/kustomization.yaml.

Something would need to change in the release procedure, or it becomes a release hell. I would guess from 3a0c7df44 that @sxd is running the command manually or with a script. In any case, the with block with annotations is best to be injected automatically as part of the build.

wizardist avatar Nov 24 '25 21:11 wizardist

Hi,

Why you need to do this at CRDs level and not at ArgoCD Application level? I've been doing a lot of work and installed the CRDs with ArgoCD using the application and managing all the possible and required changes there, from my point of view, this is not required at all.

Regards,

sxd avatar Nov 25 '25 06:11 sxd

Hi

I want an interface to pass arbitrary annotations, which is not present so far.

That I use them to pass ServerSideApply is just an example, and mostly due to the way we use ApplicationSets to install all our operators. And I really do not want to change it for any other operator.

Thanks johannes

xmj avatar Nov 25 '25 07:11 xmj

Hi @sxd,

Thanks a lot for taking a look. I agree that having a server-side apply on the Application would work just fine.

What I thought was a server-side / client-side apply difference issue (apparent drift in an ESO ClusterExternalSecret resource), turned out to be likely an issue in ESO.

I tried to solve it by adding an annotation to the drifting resource:

metadata:
  annotations:
    argocd.argoproj.io/sync-options: ServerSideApply=false

But it proved to be the wrong tree I barked at.

All this without prejudice to the need of annotations in the original issue. I wouldn't go as far as to say nobody needs it, but my immediate need is resolved.

Thanks

wizardist avatar Nov 25 '25 10:11 wizardist

Hi @sxd

The problem with server-side apply for the entire ArgoCD application is that with full SSA, ArgoCD can only add or modify keys in resources, but not delete them. So, if someone "temporarily" added a key to the live resource but didn't remove it later, ArgoCD will be unable to detect the drift because it doesn't manage this field.

The annotation allows to narrow down the problem from the entire chart to CRDs only, which usually only grow and aren't touched by itchy fingers.

xy2 avatar Nov 26 '25 11:11 xy2

Hi.

+1 for this feature.

In my case, I use a git generator to point to a repository containing a bunch of helm charts, one of them being cloudnative-pg.

Currently, without this PR I would have to set ServerSideApply=true on my single ApplicationSet, which then applies it all of those charts, causing issues with several of them.

In an ideal world, I'd add the annotations as @xmj has outlined; this is exactly how it is handled in other charts.

Thanks.

0xayf avatar Jan 03 '26 02:01 0xayf