[Sandbox] Reloader

[karl-johan-grahn]

Application contact emails

[email protected]

Project Summary

A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig

Project Description

The problem Reloader addresses is that you would like to watch if some change happens in a ConfigMap or Secret, and then perform a rolling upgrade on the relevant DeploymentConfig, Deployment, Daemonset, Statefulset, and Rollout. Reloader can watch changes in ConfigMap and Secret objects and do rolling upgrades on Pods with their associated DeploymentConfigs, Deployments, Daemonsets, Statefulsets, and Rollouts.

Org repo URL (provide if all repos under the org are in scope of the application)

Only Reloader is applicable for this application in the stakater GitHub organization.

Project repo URL in scope of application

https://github.com/stakater/reloader/

Additional repos in scope of the application

No response

Website URL

https://docs.stakater.com/reloader/

Roadmap

https://github.com/orgs/stakater/projects/4

Roadmap context

The roadmap is continuously updated through the GitHub project

Contributing Guide

https://github.com/stakater/Reloader#contributing

Code of Conduct (CoC)

https://github.com/stakater/Reloader/blob/master/CODE_OF_CONDUCT.md

Adopters

No response

Contributing or Sponsoring Org

Stakater

Maintainers file

https://github.com/stakater/Reloader/blob/master/MAINTAINERS

IP Policy

• If the project is accepted, I agree the project will follow the CNCF IP Policy

Trademark and accounts

• If the project is accepted, I agree to donate all project trademarks and accounts to the CNCF

Why CNCF?

The CNCF can provide the project with wider adoption and community collaboration, further simplifying and enhancing updates of Kubernetes resources when secrets or configurations change in Kubernetes environments.

Benefit to the Landscape

Reloader uniquely addresses the problem of doing rolling updates of Kubernetes resources when configurations or secrets change.

Cloud Native 'Fit'

Reloader has become integral to thousands of Kubernetes deployments since it serves a fundamental architectural gap. It is built on Go and fits well into cloud-native by being fully focused on Kubernetes.

Cloud Native 'Integration'

Reloader integrates closely with Kubernetes.

Cloud Native Overlap

Small overlap with https://github.com/fabric8io/configmapcontroller which hasn't been updated in the last five years.

Similar projects

configmapcontroller

Landscape

No

Business Product or Service to Project separation

Stakater Reloader is available in an open-source version as well as an Enterprise version. The functionality is currently the same for both the open-source version and the Enterprise version.

The Reloader Enterprise version is different from the open-source version in that it is:

• Security-hardened
  • Certified by Stakater - an internal certification process that includes:
    • Quality assurance from code perspective
    • Quality assurance from supply chain perspective
    • Certified images is published to a private registry, which you gain access to with the
      purchase
• Delivered with dedicated support
• Delivered with dedicated resources to prioritize implementation of unique feature requests
  • All unique feature requests will still be open-sourced, but delivery will be prioritized

Project presentations

No response

Project champions

No response

Additional information

No response

[mnm678]

Please open a presentation issue with TAG security so that we can provide the TAG review. It may be useful to perform a self assessment before the presentation.

[TheFoxAtWork]

Some questions:

• The repo appears to be some less active, not many changes occurring. Is this project near feature complete/stable?
• what is stakater-user in relation to this repo?
• When is SHA1 going to be replaced with SHA2? SHA1 was deprecated in 2011.
• The project roadmap doesnt detail much future direction for the project, are there plans to extend the project beyond its current capabilities?

Actions:

• please complete the remaining fields on the application, in particular:
  • the business product and service separation as the project's repo indicates enterprise level support available by the same name.
  • Cloud native fit

[rchincha]

Don't Kubernetes' default controller already do what is described here? What additional functionality is being added/proposed? Other triggers other than k8s image field? How are reverts happening etc.

[jberkus]

TAG Contributor strategy has reviewed this project and found the following:

• The contributor guide is basic.
• The project has no written governance, yet.
• The roadmap is a Github project board and appears to be very new.
• There are 5 maintainers, whose employer affiliation is not clear. Two of these maintainers appear to be currently active.
• The project is at least 6 years old.

This review is for the TOC’s information only. Sandbox projects are not required to have full governance or contributor documentation.

[mrbobbytables]

Project has been given the okay to move to a vote in today's sandbox review
/vote

[git-vote]

Vote created

@mrbobbytables has called for a vote on [Sandbox] Reloader (#98).

The members of the following teams have binding votes:

Team
@cncf/cncf-toc

Non-binding votes are also appreciated as a sign of support!

How to vote

You can cast your vote by reacting to this comment. The following reactions are supported:

In favor	Against	Abstain
👍	👎	👀

Please note that voting for multiple options is not allowed and those votes won't be counted.

The vote will be open for 2months 30days 2h 52m 48s. It will pass if at least 66% of the users with binding votes vote In favor 👍. Once it's closed, results will be published here as a new comment.

[mrbobbytables]

/check-vote

[git-vote]

Vote status

So far 0.00% of the users with binding vote are in favor (passing threshold: 66%).

Summary

In favor	Against	Abstain	Not voted
0	5	0	6

Binding votes (5)

User	Vote	Timestamp
dims	Against	2024-10-08 18:07:47.0 +00:00:00
angellk	Against	2024-10-08 17:21:01.0 +00:00:00
TheFoxAtWork	Against	2024-10-08 17:25:19.0 +00:00:00
rochaporto	Against	2024-10-09 1:01:33.0 +00:00:00
nikhita	Against	2024-10-09 6:05:43.0 +00:00:00
@mauilion	Pending
@linsun	Pending
@dzolotusky	Pending
@kevin-wangzefeng	Pending
@cathyhongzhang	Pending
@kgamanji	Pending

[karl-johan-grahn]

• The repo appears to be some less active, not many changes occurring. Is this project near feature complete/stable?
• what is stakater-user in relation to this repo?
• When is SHA1 going to be replaced with SHA2? SHA1 was deprecated in 2011.
• The project roadmap doesnt detail much future direction for the project, are there plans to extend the project beyond its current capabilities?

• The repo is maintained on a weekly basis, it is not complete but stable and ongoing work is happening regularly
• stakater-user is the root user of the organization stakater where the repo belongs
• There is a PR with an ongoing discussion on moving away from SHA1: Moving Away from SHA1 to SHA512 (Security) stakater/Reloader#527
• There are plans for extending the project beyond its current capabilities, but more help is needed, and that is why we apply for CNCF sandbox

[karl-johan-grahn]

Actions:

• please complete the remaining fields on the application, in particular:

  • the business product and service separation as the project's repo indicates enterprise level support available by the same name.
  • Cloud native fit

Done

[karl-johan-grahn]

Don't Kubernetes' default controller already do what is described here? What additional functionality is being added/proposed? Other triggers other than k8s image field? How are reverts happening etc.

No, it's not about images and reverts, Reloader is about watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig. Reloader watches changes in configmaps and secrets data. As soon as it detects a change in these. It forwards these objects to an update handler which decides if and how to perform the rolling upgrade.

[karl-johan-grahn]

• There are 5 maintainers, whose employer affiliation is not clear. Two of these maintainers appear to be currently active.

All maintainers have a Stakater email, how is the employer affiliation not clear? Four of the maintainers are currently active, how can you deem the other ones inactive?

[mrbobbytables]

/check-vote

[git-vote]

Vote status

So far 0.00% of the users with binding vote are in favor (passing threshold: 66%).

Summary

In favor	Against	Abstain	Not voted
0	8	0	3

Binding votes (8)

User	Vote	Timestamp
nikhita	Against	2024-10-09 6:05:43.0 +00:00:00
linsun	Against	2024-10-09 15:12:20.0 +00:00:00
kevin-wangzefeng	Against	2024-10-10 13:16:45.0 +00:00:00
dims	Against	2024-10-08 18:07:47.0 +00:00:00
angellk	Against	2024-10-08 17:21:01.0 +00:00:00
rochaporto	Against	2024-10-09 1:01:33.0 +00:00:00
TheFoxAtWork	Against	2024-10-08 17:25:19.0 +00:00:00
dzolotusky	Against	2024-10-10 23:01:22.0 +00:00:00
@mauilion	Pending
@cathyhongzhang	Pending
@kgamanji	Pending

Non-binding votes (3)

User	Vote	Timestamp
karl-johan-grahn	In favor	2024-10-10 8:35:56.0 +00:00:00
faizanahmad055	In favor	2024-10-10 8:42:03.0 +00:00:00
Sanghamitra-PERSONAL	In favor	2024-10-10 9:00:29.0 +00:00:00

[mrbobbytables]

/check-vote

[git-vote]

Vote status

So far 0.00% of the users with binding vote are in favor (passing threshold: 66%).

Summary

In favor	Against	Abstain	Not voted
0	8	0	3

Binding votes (8)

User	Vote	Timestamp
rochaporto	Against	2024-10-09 1:01:33.0 +00:00:00
nikhita	Against	2024-10-09 6:05:43.0 +00:00:00
linsun	Against	2024-10-09 15:12:20.0 +00:00:00
angellk	Against	2024-10-08 17:21:01.0 +00:00:00
TheFoxAtWork	Against	2024-10-08 17:25:19.0 +00:00:00
kevin-wangzefeng	Against	2024-10-10 13:16:45.0 +00:00:00
dims	Against	2024-10-08 18:07:47.0 +00:00:00
dzolotusky	Against	2024-10-10 23:01:22.0 +00:00:00
@mauilion	Pending
@cathyhongzhang	Pending
@kgamanji	Pending

Non-binding votes (3)

User	Vote	Timestamp
karl-johan-grahn	In favor	2024-10-10 8:35:56.0 +00:00:00
faizanahmad055	In favor	2024-10-10 8:42:03.0 +00:00:00
Sanghamitra-PERSONAL	In favor	2024-10-10 9:00:29.0 +00:00:00

[mrbobbytables]

/check-vote

[git-vote]

Vote status

So far 0.00% of the users with binding vote are in favor (passing threshold: 66%).

Summary

In favor	Against	Abstain	Not voted
0	9	0	2

Binding votes (9)

User	Vote	Timestamp
dims	Against	2024-10-08 18:07:47.0 +00:00:00
linsun	Against	2024-10-09 15:12:20.0 +00:00:00
nikhita	Against	2024-10-09 6:05:43.0 +00:00:00
dzolotusky	Against	2024-10-10 23:01:22.0 +00:00:00
rochaporto	Against	2024-10-09 1:01:33.0 +00:00:00
kevin-wangzefeng	Against	2024-10-10 13:16:45.0 +00:00:00
kgamanji	Against	2024-10-16 19:32:42.0 +00:00:00
TheFoxAtWork	Against	2024-10-08 17:25:19.0 +00:00:00
angellk	Against	2024-10-08 17:21:01.0 +00:00:00
@mauilion	Pending
@cathyhongzhang	Pending

Non-binding votes (3)

User	Vote	Timestamp
karl-johan-grahn	In favor	2024-10-10 8:35:56.0 +00:00:00
faizanahmad055	In favor	2024-10-10 8:42:03.0 +00:00:00
Sanghamitra-PERSONAL	In favor	2024-10-10 9:00:29.0 +00:00:00

[mrbobbytables]

gitvote has a bug keeping it at 0% voted, however manually looking at it with 9/11 TOC members voting against, its at 81%
I am going to go ahead and cease the vote and close out the issue.

/vote-close

[git-vote]

The requested configuration profile was not found in the configuration file.

[jberkus]

• There are 5 maintainers, whose employer affiliation is not clear. Two of these maintainers appear to be currently active.

All maintainers have a Stakater email, how is the employer affiliation not clear? Four of the maintainers are currently active, how can you deem the other ones inactive?

I do not have any of the maintainers emails; they are not listed in the Maintainers file.

Activity was based on the Github Contributors chart. I do not have access to better-resolution data than this.

[MuneebAijaz]

hi @jberkus ,
Little maintainer of Reloader project here. 👋
Just to clarify, here are the emails mentioned for the maintainers, mine for example [email protected] :
https://github.com/stakater/Reloader/blob/master/MAINTAINERS#L4
And our assumption was that @stakater.com at the end of the emails would clarify the affiliation. Do let us know if CNCF requires a specific format to be followed in such cases.

On a second note, I'd appreciate some clarification around:

• Reason of project getting rejected as a sandbox project, and should we apply for a different maturity level
• Any particular action items that we missed (I acknowledge us not being able to focus on presentation before voting, and SHA1 being an issue). Is there any doc that was supposed to be followed, but was missed?
• How long should we wait to apply again, if it's even possible?

[TheFoxAtWork]

@MuneebAijaz

The TOC reviewed the project and moved it to a vote. The TOC's decision to not include the project in the CNCF is not indicative of application to a different maturity level, rather that the TOC did not find sufficient novelty/experimentation and viability of the project to become a cloud native project in CNCF. You can find the discussion by the TOC on the YouTube Channel (it is the first project reviewed)..

[git-vote]

Vote closed

The vote did not pass.

0.00% of the users with binding vote were in favor and 90.91% were against (passing threshold: 66%).

Summary

In favor	Against	Abstain	Not voted
0	10	0	1

Binding votes (10)

User	Vote	Timestamp
@dzolotusky	Against	2024-10-10 23:01:22.0 +00:00:00
@kevin-wangzefeng	Against	2024-10-10 13:16:45.0 +00:00:00
@dims	Against	2024-10-08 18:07:47.0 +00:00:00
@kgamanji	Against	2024-10-16 19:32:42.0 +00:00:00
@nikhita	Against	2024-10-09 6:05:43.0 +00:00:00
@rochaporto	Against	2024-10-09 1:01:33.0 +00:00:00
@TheFoxAtWork	Against	2024-10-08 17:25:19.0 +00:00:00
@angellk	Against	2024-10-08 17:21:01.0 +00:00:00
@linsun	Against	2024-10-09 15:12:20.0 +00:00:00
@mauilion	Against	2024-11-05 0:52:09.0 +00:00:00

Non-binding votes (4)

User	Vote	Timestamp
@karl-johan-grahn	In favor	2024-10-10 8:35:56.0 +00:00:00
@faizanahmad055	In favor	2024-10-10 8:42:03.0 +00:00:00
@Sanghamitra-PERSONAL	In favor	2024-10-10 9:00:29.0 +00:00:00
@rasheedamir	In favor	2024-10-28 12:02:00.0 +00:00:00