Helm chart: add extraCRDAnnotations value and set ArgoCD sync option by default

[sysedwinistrator]

Explanation

When trying to update from 1.7.x to 1.8.0 via ArgoCD, ArgoCD complains that the kubectl.kubernetes.io/last-applied-configuration annotation is too long. This is a known issue in ArgoCD. The reason this is only happening since 1.8.0 is that this version introduced v2beta1 versions of the Custom Resources, which are added to the CRDs in addition to the v1 versions.

Related issue

Milestone of this PR

What type of PR is this

Proposed Changes

The workaround is to use the Replace=true sync option via an annotation. It is safe to use for CRDs as it does not actually do a replace for them. The setting could also be set on a per-application level, but that could have unintended side effects. Therefore the option should only be set on the CRDs via an annotation.
Please give some feedback whether the annotation should be set by default. On the one hand, it will only by used by ArgoCD and ArgoCD currently can't sync the CRDs without them; on the other hand, ArgoCD will introduce a server-side apply sync option in the upcoming 2.5 version, which will likely be a better solution.

Proof Manifests

Checklist

• [ x] I have read the contributing guidelines.
• I have read the PR documentation guide and followed the process including adding proof manifests to this PR.
• This is a bug fix and I have added unit tests that prove my fix is effective.
• This is a feature and I have added CLI tests that are applicable.
• My PR needs to be cherry picked to a specific release branch which is .
• My PR contains new or altered behavior to Kyverno and
  • CLI support should be added and my PR doesn't contain that functionality.
  • I have added or changed the documentation myself in an existing PR and the link is:
  • I have raised an issue in kyverno/website to track the documentation update and the link is:

Further Comments

[welcome]

Thanks for opening your first Pull Request here! Please check out our Contributing guidelines and confirm that you Signed off.

[eddycharly]

@sysedwinistrator thanks for working on this.
The issue here is that CRDs are generated so this is not going to work.
We could add them statically though.

[codecov]

Codecov Report

Merging #4964 (260b33d) into main (9f6b0e8) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #4964   +/-   ##
=======================================
  Coverage   36.00%   36.00%           
=======================================
  Files         155      155           
  Lines       18386    18386           
=======================================
  Hits         6620     6620           
  Misses      10994    10994           
  Partials      772      772           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[eddycharly]

@sysedwinistrator are you still on it ?

[sysedwinistrator]

@sysedwinistrator are you still on it ?

I added the injection of the new templates to the code in the Makefile that also injects the condition templates in the first and last line. It's a bit hacky, because it simply inserts a line before creationTimestamp: null, but at least it doesn't depend on any other tool than sed (otherwise I might have done it with yq).

[eddycharly]

@sysedwinistrator smart !
I fear it will break with empty object though, I would recommend using a template instead.

Shall I push changes in your fork ?

[sysedwinistrator]

@sysedwinistrator smart ! I fear it will break with empty object though, I would recommend using a template instead.

Shall I push changes in your fork ?

Yes, please, that would be great

[eddycharly]

@sysedwinistrator changes done !
LGTM, thanks for working on this 🙏

[welcome]

Congratulations! 🎉

Great job merging your first Pull Request here! How awesome! If you are new to this project, feel free to join our Slack community

[eddycharly]

/cherry-pick release-1.8