implement deletionOptions

mblaschke · mblaschke · commit e8852fe4b008 · 2026-01-14T19:56:17.000+01:00
Signed-off-by: Markus Blaschke &lt;mblaschke82@gmail.com&gt;
diff --git a/example.yaml b/example.yaml
@@ -21,6 +21,10 @@ ttl:
     # this rule will match ALL resources, !BE CAREFUL!
     # - {group: "*", version: "*", kind: "*"}
 
+  deleteOptions:
+    propagationPolicy: foreground # Foreground, Background, Orphan or empty
+    gracePeriodSeconds: 120 # seconds
+
 #################################################
 ## static rules
 ## applies a fixed TTLs against resources metadata.creationTimestamp (or JMESpath timestampPath)
@@ -95,6 +99,10 @@ rules:
           matchLabels:
             foo: bar
 
+    deleteOptions:
+      propagationPolicy: foreground # Foreground, Background, Orphan or empty
+      gracePeriodSeconds: 120 # seconds
+
     # kubernetes selector (matchLabels, matchExpressions), optional
     # if a namespaceSelector is active only namespaced resources will be checked
     # !! be careful !!
diff --git a/kube_janitor/config.go b/kube_janitor/config.go
@@ -21,6 +21,8 @@ type (
 		Annotation string             `json:"annotation"`
 		Label      string             `json:"label"`
 		Resources  ConfigResourceList `json:"resources"`
+
+		DeleteOptions ConfigRuleDeleteOptions `json:"deleteOptions"`
 	}
 
 	ConfigResourceList []*ConfigResource
@@ -39,8 +41,17 @@ type (
 		Resources         ConfigResourceList  `json:"resources"`
 		NamespaceSelector ConfigLabelSelector `json:"namespaceSelector"`
 		Ttl               string              `json:"ttl"`
+
+		DeleteOptions ConfigRuleDeleteOptions `json:"deleteOptions"`
 	}
 
+	ConfigRuleDeleteOptions struct {
+		PropagationPolicy  *ConfigRuleDeletePropagationPolicy `json:"propagationPolicy"`
+		GracePeriodSeconds *int64                             `json:"gracePeriodSeconds"`
+	}
+
+	ConfigRuleDeletePropagationPolicy metav1.DeletionPropagation
+
 	ConfigLabelSelector struct {
 		metav1.LabelSelector `json:",inline"`
 		selector             *string
@@ -80,6 +91,10 @@ func (c *ConfigTtl) Validate() error {
 		}
 	}
 
+	if err := c.DeleteOptions.PropagationPolicy.validate(); err != nil {
+		return err
+	}
+
 	return nil
 }
 
@@ -93,6 +108,10 @@ func (c *ConfigRule) Validate() error {
 		return errors.New("rules requires at least one resource")
 	}
 
+	if err := c.DeleteOptions.PropagationPolicy.validate(); err != nil {
+		return err
+	}
+
 	return nil
 }
 
@@ -160,3 +179,19 @@ func (selector *ConfigLabelSelector) Compile() (string, error) {
 
 	return *selector.selector, nil
 }
+
+// validate validates the deletion PropagationPolicy
+func (p *ConfigRuleDeletePropagationPolicy) validate() error {
+	if p == nil {
+		return nil
+	}
+
+	switch metav1.DeletionPropagation(*p) {
+	case "", metav1.DeletePropagationForeground, metav1.DeletePropagationBackground, metav1.DeletePropagationOrphan:
+		// ok
+	default:
+		return errors.New("propagation policy must be Foreground, Background, or Orphan")
+	}
+
+	return nil
+}
diff --git a/kube_janitor/manager.go b/kube_janitor/manager.go
@@ -121,7 +121,7 @@ func (j *Janitor) LoadConfigFromFile(path string) *Janitor {
 	logger.Info("parsing configuration")
 	err = yaml.UnmarshalContext(parserCtx, data, j.config, yaml.Strict(), yaml.UseJSONUnmarshaler())
 	if err != nil {
-		logger.Fatal("failed to parse config file")
+		logger.Fatal("failed to parse config file", slog.Any("error", err.Error()))
 	}
 
 	err = j.config.Validate()
diff --git a/kube_janitor/task.common.go b/kube_janitor/task.common.go
@@ -75,7 +75,7 @@ func (j *Janitor) runRule(ctx context.Context, logger *slogger.Logger, rule *Con
 					gvkLogger,
 					resourceType,
 					resource,
-					rule.Id,
+					rule,
 					ttl,
 					metricList,
 				)
@@ -92,7 +92,7 @@ func (j *Janitor) runRule(ctx context.Context, logger *slogger.Logger, rule *Con
 }
 
 // checkResourceTtlAndTriggerDeleteIfExpired checks the resource against the defined TTL and deletes if the resource is expired
-func (j *Janitor) checkResourceTtlAndTriggerDeleteIfExpired(ctx context.Context, logger *slogger.Logger, resourceConfig *ConfigResource, resource unstructured.Unstructured, ruleId string, ttlValue string, metricResourceTtl *prometheusCommon.MetricList) error {
+func (j *Janitor) checkResourceTtlAndTriggerDeleteIfExpired(ctx context.Context, logger *slogger.Logger, resourceConfig *ConfigResource, resource unstructured.Unstructured, rule *ConfigRule, ttlValue string, metricResourceTtl *prometheusCommon.MetricList) error {
 	resourceLogger := logger.WithGroup("resource").With(
 		slog.String("namespace", resource.GetNamespace()),
 		slog.String("name", resource.GetName()),
@@ -149,22 +149,31 @@ func (j *Janitor) checkResourceTtlAndTriggerDeleteIfExpired(ctx context.Context,
 			resourceLogger.Info("resource is expired, would delete resource (DRY-RUN)", slog.Time("expirationDate", *parsedDate))
 		} else {
 			resourceLogger.Info("deleting expired resource", slog.Time("expirationDate", *parsedDate))
-			err := j.dynClient.Resource(resourceConfig.AsGVR()).Namespace(resource.GetNamespace()).Delete(ctx, resource.GetName(), metav1.DeleteOptions{})
+			deleteOpts := metav1.DeleteOptions{}
+			if rule.DeleteOptions.PropagationPolicy != nil {
+				propagationPolicy := metav1.DeletionPropagation(*rule.DeleteOptions.PropagationPolicy)
+				deleteOpts.PropagationPolicy = &propagationPolicy
+			}
+			if rule.DeleteOptions.GracePeriodSeconds != nil {
+				deleteOpts.GracePeriodSeconds = rule.DeleteOptions.GracePeriodSeconds
+			}
+
+			err := j.dynClient.Resource(resourceConfig.AsGVR()).Namespace(resource.GetNamespace()).Delete(ctx, resource.GetName(), deleteOpts)
 			if err != nil {
 				return err
 			}
 
 			// increase deleted counter
 			j.prometheus.deleted.With(
 				prometheus.Labels{
-					"rule":             ruleId,
+					"rule":             rule.Id,
 					"groupVersionKind": fmt.Sprintf("%s/%s/%s", groupVersionKind.Group, groupVersionKind.Version, groupVersionKind.Kind),
 					"namespace":        resource.GetNamespace(),
 				},
 			).Inc()
 
 			reason := "TimeToLiveExpired"
-			message := fmt.Sprintf(`TTL of "%v" is expired and resource is being deleted (%s)`, ttlValue, ruleId)
+			message := fmt.Sprintf(`TTL of "%v" is expired and resource is being deleted (%s)`, ttlValue, rule.Id)
 
 			err = j.kubeCreateEventFromResource(ctx, resource.GetNamespace(), resource, message, reason)
 			if err != nil {
@@ -176,7 +185,7 @@ func (j *Janitor) checkResourceTtlAndTriggerDeleteIfExpired(ctx context.Context,
 
 		metricResourceTtl.AddTime(
 			prometheus.Labels{
-				"rule":             ruleId,
+				"rule":             rule.Id,
 				"groupVersionKind": fmt.Sprintf("%s/%s/%s", groupVersionKind.Group, groupVersionKind.Version, groupVersionKind.Kind),
 				"namespace":        resource.GetNamespace(),
 				"name":             resource.GetName(),
diff --git a/kube_janitor/task.ttl.go b/kube_janitor/task.ttl.go
@@ -46,8 +46,9 @@ func (j *Janitor) runTtlResources(ctx context.Context) error {
 
 	// faked rule for ttl handling
 	rule := &ConfigRule{
-		Id:        RuleIdInternalTTL,
-		Resources: j.config.Ttl.Resources,
+		Id:            RuleIdInternalTTL,
+		Resources:     j.config.Ttl.Resources,
+		DeleteOptions: j.config.Ttl.DeleteOptions,
 	}
 
 	err := j.runRule(ctx, j.logger, rule, metricResourceTtl, filterFunc)

Original file line number	Diff line number	Diff line change
`@@ -121,7 +121,7 @@ func (j Janitor) LoadConfigFromFile(path string) Janitor {`
`121`	`121`	`logger.Info("parsing configuration")`
`122`	`122`	`err = yaml.UnmarshalContext(parserCtx, data, j.config, yaml.Strict(), yaml.UseJSONUnmarshaler())`
`123`	`123`	`if err != nil {`
`124`		`- logger.Fatal("failed to parse config file")`
	`124`	`+ logger.Fatal("failed to parse config file", slog.Any("error", err.Error()))`
`125`	`125`	`}`
`126`	`126`
`127`	`127`	`err = j.config.Validate()`