Preserve deployment and its template labels and annotations

[linkvt]

Hi,

when running kubectl rollout restart deployment, Kubernetes adds the kubectl.kubernetes.io/restartedAt annotation to the deployment's pod template to trigger a rolling restart. However, Knative's reconciler was removing this annotation by completely replacing the deployment spec, causing new pods to be immediately terminated instead of completing the rollout.

This change preserves externally-added metadata at both the deployment level and template level during reconciliation:

• Deployment-level labels (was already the case) and annotations (new)
• Pod template labels and annotations (e.g., kubectl.kubernetes.io/restartedAt)

Fixes #14705

Proposed Changes

• Preserve deployment and template annotations and labels during reconcile
  • knative labels and annotations have priority and will overwrite other labels/annotations

Release Note

Preserve deployment and template annotations and labels during reconcile

/kind bug

Thanks for the review!

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 80.06%. Comparing base (60b1c39) to head (dff5d18).
⚠️ Report is 10 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #16199   +/-   ##
=======================================
  Coverage   80.05%   80.06%           
=======================================
  Files         215      215           
  Lines       13322    13330    +8     
=======================================
+ Hits        10665    10672    +7     
+ Misses       2297     2296    -1     
- Partials      360      362    +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Fedosin]

LGTM, but I'd like @dprotaso to take a look as well.

[linkvt]

/remove-approve

Was added automatically as I'm co-release lead.

[linkvt]

/ok-to-test

[dprotaso]

/hold

Will revisit after the release next Tuesday

[linkvt]

Hi @dprotaso , please take another look, thanks!

[aslammmuhammed]

@linkvt @dprotaso can we expect this bug fix in the next release ?

[dprotaso]

One thing I learned from working on - https://github.com/knative/serving/pull/16186/files

If we union the have map with the desired one then we end up losing the ability to delete things.

Thus we should filter out labels/annotations we control from the have map.

I think we can just remove *.knative.dev and we also have an app label (though I don't expect us to remove that)

Everything else should be preserved. See my other PR as a starting point - there we only care about specific autoscaling labels/annotations for the pod autoscaler.

[linkvt]

Thanks for the review!
I also thought about that but couldn't come up with a scenario where that would happen, as we (AFAIK) basically always create new deployments/revisions on changes.
It still makes sense though to be bit more defensive, I'll update the code.

[linkvt]

I just rebased the PR, PTAL 🫶

[linkvt]

/retest

[dprotaso]

/hold cancel

[dprotaso]

/lgtm
/approve

thanks for the change @linkvt 🎉

[knative-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dprotaso

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [dprotaso]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[aslammmuhammed]

Is this change released or planning to be released soon ? Asking since i cant see new releases in https://github.com/knative/operator/releases or https://knative.dev/docs/reference/relnotes/

[linkvt]

Right now it is only included in main which means it would get released in knative 1.21.

I'll trigger a cherry pick to the 1.20 release and let Dave decide whether it is OK to be included.

/cherrypick 1.20

[knative-prow-robot]

@linkvt: cannot checkout 1.20: error checking out "1.20": exit status 1 error: pathspec '1.20' did not match any file(s) known to git

Details

In response to this:

Right now it is only included in main which means it would get released in knative 1.21.

I'll trigger a cherry pick to the 1.20 release and let Dave decide whether it is OK to be included.

/cherrypick 1.20

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[linkvt]

/cherrypick release-1.20

Thats the correct one :)

[knative-prow-robot]

@linkvt: new pull request created: #16303

Details

In response to this:

/cherrypick release-1.20

Thats the correct one :)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.