Bump Version to v0.0.67

update slack links in readme (#156 )
Bump Version to v0.0.66
2026-02-14 18:09:50 +00:00 · 2020-08-08 18:46:03 +00:00 · 2020-08-08 20:36:09 +02:00 · 2020-08-06 18:20:25 +00:00 · 2020-08-06 20:09:59 +02:00 · 2020-08-06 20:09:45 +02:00
24 changed files with 305 additions and 64 deletions
--- a/.VERSION
+++ b/.VERSION
@@ -1 +1 @@
-version: v0.0.59
+version: v0.0.67
--- a/README.md
+++ b/README.md
@@ -38,6 +38,41 @@ spec:

 This will discover deployments/daemonsets/statefulset automatically where `foo-configmap` or `foo-secret` is being used either via environment variable or from volume mount. And it will perform rolling upgrade on related pods when `foo-configmap` or `foo-secret`are updated.

+You can restrict this discovery to only `ConfigMap` or `Secret` objects that
+are tagged with a special annotation. To take advantage of that, annotate
+your deployment/daemonset/statefulset like this:
+
+```yaml
+kind: Deployment
+metadata:
+  annotations:
+    reloader.stakater.com/search: "true"
+spec:
+  template:
+```
+
+and Reloader will trigger the rolling upgrade upon modification of any
+`ConfigMap` or `Secret` annotated like this:
+
+```yaml
+kind: ConfigMap
+metadata:
+  annotations:
+    reloader.stakater.com/match: "true"
+data:
+  key: value
+```
+
+provided the secret/configmap is being used in an environment variable or a
+volume mount.
+
+Please note that `reloader.stakater.com/search` and
+`reloader.stakater.com/auto` do not work together. If you have the
+`reloader.stakater.com/auto: "true"` annotation on your deployment, then it
+will always restart upon a change in configmaps or secrets it uses, regardless
+of whether they have the `reloader.stakater.com/match: "true"` annotation or
+not.
+
 We can also specify a specific configmap or secret which would trigger rolling upgrade only upon change in our specified configmap or secret, this way, it will not trigger rolling upgrade upon changes in all configmaps or secrets used in a deployment, daemonset or statefulset.
 To do this either set the auto annotation to `"false"` (`reloader.stakater.com/auto: "false"`) or remove it altogether, and use annotations mentioned [here](#Configmap) or [here](#Secret)

@@ -99,6 +134,8 @@ spec:
 - `reloader.stakater.com/auto: "true"` will only reload the pod, if the configmap or secret is used (as a volume mount or as an env) in `DeploymentConfigs/Deployment/Daemonsets/Statefulsets`
 - `secret.reloader.stakater.com/reload` or `configmap.reloader.stakater.com/reload` annotation will reload the pod upon changes in specified configmap or secret, irrespective of the usage of configmap or secret.
 - you may override the auto annotation with the `--auto-annotation` flag
+- you may override the search annotation with the `--auto-search-annotation` flag
+  and the match annotation with the `--search-match-annotation` flag
 - you may override the configmap annotation with the `--configmap-annotation` flag
 - you may override the secret annotation with the `--secret-annotation` flag
 - you may want to prevent watching certain namespaces with the `--namespaces-to-ignore` flag
@@ -195,8 +232,8 @@ File a GitHub [issue](https://github.com/stakater/Reloader/issues), or send us a

 Join and talk to us on Slack for discussing Reloader

-[![Join Slack](https://stakater.github.io/README/stakater-join-slack-btn.png)](https://stakater-slack.herokuapp.com/)
-[![Chat](https://stakater.github.io/README/stakater-chat-btn.png)](https://stakater.slack.com/messages/CC5S05S12)
+[![Join Slack](https://stakater.github.io/README/stakater-join-slack-btn.png)](https://slack.stakater.com/)
+[![Chat](https://stakater.github.io/README/stakater-chat-btn.png)](https://stakater-community.slack.com/messages/CC5S05S12)

 ## Contributing

--- a/build/package/Dockerfile.run
+++ b/build/package/Dockerfile.run
@@ -5,4 +5,7 @@ RUN apk add --update --no-cache ca-certificates

 COPY Reloader /bin/Reloader

+# On alpine 'nobody' has uid 65534
+USER 65534
+
 ENTRYPOINT ["/bin/Reloader"]
--- a/deployments/kubernetes/chart/reloader/Chart.yaml
+++ b/deployments/kubernetes/chart/reloader/Chart.yaml
@@ -3,8 +3,8 @@
 apiVersion: v1
 name: reloader
 description: Reloader chart that runs on kubernetes
-version: v0.0.59
-appVersion: v0.0.59
+version: v0.0.67
+appVersion: v0.0.67
 keywords:
  - Reloader
  - kubernetes
--- a/deployments/kubernetes/chart/reloader/templates/_helpers.tpl
+++ b/deployments/kubernetes/chart/reloader/templates/_helpers.tpl
@@ -12,9 +12,13 @@ Create a default fully qualified app name.
 We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
 */}}
 {{- define "reloader-fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
 {{- $name := default .Chart.Name .Values.nameOverride -}}
 {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
 {{- end -}}
+{{- end -}}

 {{- define "reloader-labels.chart" -}}
 app: {{ template "reloader-fullname" . }}
--- a/deployments/kubernetes/chart/reloader/templates/deployment.yaml
+++ b/deployments/kubernetes/chart/reloader/templates/deployment.yaml
@@ -52,7 +52,11 @@ spec:
 {{ toYaml .Values.reloader.deployment.tolerations | indent 8 }}
      {{- end }}
      containers:
-      - env:
+      - image: "{{ .Values.reloader.deployment.image.name }}:{{ .Values.reloader.deployment.image.tag }}"
+        imagePullPolicy: {{ .Values.reloader.deployment.image.pullPolicy }}
+        name: {{ template "reloader-fullname" . }}
+      {{- if or (.Values.reloader.deployment.env.open) (.Values.reloader.deployment.env.secret) (.Values.reloader.deployment.env.field) (eq .Values.reloader.watchGlobally false) }}
+        env:
      {{- range $name, $value := .Values.reloader.deployment.env.open }}
      {{- if not (empty $value) }}
        - name: {{ $name | quote }}
@@ -83,14 +87,13 @@ spec:
            fieldRef:
              fieldPath: metadata.namespace
      {{- end }}
-        image: "{{ .Values.reloader.deployment.image.name }}:{{ .Values.reloader.deployment.image.tag }}"
-        imagePullPolicy: {{ .Values.reloader.deployment.image.pullPolicy }}
-        name: {{ template "reloader-fullname" . }}
+      {{- end }}
      {{- if eq .Values.reloader.readOnlyRootFileSystem true }}
        volumeMounts:
          - mountPath: /tmp/
            name: tmp-volume
      {{- end }}
+      {{- if or (.Values.reloader.logFormat) (.Values.reloader.ignoreSecrets) (eq .Values.reloader.ignoreConfigMaps true) (.Values.reloader.custom_annotations) }}
        args:
          {{- if .Values.reloader.logFormat }}
          - "--log-format={{ .Values.reloader.logFormat }}"
@@ -116,7 +119,7 @@ spec:
            - "{{ .Values.reloader.custom_annotations.auto }}"
            {{- end }}
          {{- end }}
-
+      {{- end }}
      {{- if .Values.reloader.deployment.resources }}
        resources:
 {{ toYaml .Values.reloader.deployment.resources | indent 10 }}
--- a/deployments/kubernetes/chart/reloader/values.yaml
+++ b/deployments/kubernetes/chart/reloader/values.yaml
@@ -32,6 +32,10 @@ reloader:
    #             operator: "Exists"
    affinity: {}

+    securityContext:
+      runAsNonRoot: true
+      runAsUser: 65534
+
    # A list of tolerations to be applied to the Deployment.
    # Example:
    #   tolerations:
@@ -44,10 +48,10 @@ reloader:
    labels:
      provider: stakater
      group: com.stakater.platform
-      version: v0.0.59
+      version: v0.0.67
    image:
      name: stakater/reloader
-      tag: "v0.0.59"
+      tag: "v0.0.67"
      pullPolicy: IfNotPresent
    # Support for extra environment variables.
    env:
--- a/deployments/kubernetes/manifests/clusterrole.yaml
+++ b/deployments/kubernetes/manifests/clusterrole.yaml
@@ -6,7 +6,7 @@ kind: ClusterRole
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
  name: reloader-reloader-role
--- a/deployments/kubernetes/manifests/clusterrolebinding.yaml
+++ b/deployments/kubernetes/manifests/clusterrolebinding.yaml
@@ -6,7 +6,7 @@ kind: ClusterRoleBinding
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
  name: reloader-reloader-role-binding
--- a/deployments/kubernetes/manifests/deployment.yaml
+++ b/deployments/kubernetes/manifests/deployment.yaml
@@ -5,12 +5,12 @@ kind: Deployment
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
    group: com.stakater.platform
    provider: stakater
-    version: v0.0.59
+    version: v0.0.67
    
  name: reloader-reloader
 spec:
@@ -24,19 +24,21 @@ spec:
    metadata:
      labels:
        app: reloader-reloader
-        chart: "reloader-v0.0.59"
+        chart: "reloader-v0.0.67"
        release: "reloader"
        heritage: "Tiller"
        group: com.stakater.platform
        provider: stakater
-        version: v0.0.59
+        version: v0.0.67
        
    spec:
      containers:
-      - env:
-        image: "stakater/reloader:v0.0.59"
+      - image: "stakater/reloader:v0.0.67"
        imagePullPolicy: IfNotPresent
        name: reloader-reloader
-        args:
+      securityContext: 
+        runAsNonRoot: true
+        runAsUser: 65534
+        
      serviceAccountName: reloader-reloader

--- a/deployments/kubernetes/manifests/serviceaccount.yaml
+++ b/deployments/kubernetes/manifests/serviceaccount.yaml
@@ -6,7 +6,7 @@ kind: ServiceAccount
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
  name: reloader-reloader
--- a/deployments/kubernetes/reloader.yaml
+++ b/deployments/kubernetes/reloader.yaml
@@ -6,7 +6,7 @@ kind: ClusterRole
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
  name: reloader-reloader-role
@@ -51,7 +51,7 @@ kind: ClusterRoleBinding
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
  name: reloader-reloader-role-binding
@@ -72,12 +72,12 @@ kind: Deployment
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
    group: com.stakater.platform
    provider: stakater
-    version: v0.0.59
+    version: v0.0.67
    
  name: reloader-reloader
 spec:
@@ -91,20 +91,22 @@ spec:
    metadata:
      labels:
        app: reloader-reloader
-        chart: "reloader-v0.0.59"
+        chart: "reloader-v0.0.67"
        release: "reloader"
        heritage: "Tiller"
        group: com.stakater.platform
        provider: stakater
-        version: v0.0.59
+        version: v0.0.67
        
    spec:
      containers:
-      - env:
-        image: "stakater/reloader:v0.0.59"
+      - image: "stakater/reloader:v0.0.67"
        imagePullPolicy: IfNotPresent
        name: reloader-reloader
-        args:
+      securityContext: 
+        runAsNonRoot: true
+        runAsUser: 65534
+        
      serviceAccountName: reloader-reloader

 ---
@@ -126,7 +128,7 @@ kind: ServiceAccount
 metadata:
  labels:
    app: reloader-reloader
-    chart: "reloader-v0.0.59"
+    chart: "reloader-v0.0.67"
    release: "reloader"
    heritage: "Tiller"
  name: reloader-reloader
--- a/deployments/kubernetes/templates/chart/values.yaml.tmpl
+++ b/deployments/kubernetes/templates/chart/values.yaml.tmpl
@@ -32,6 +32,10 @@ reloader:
    #             operator: "Exists"
    affinity: {}

+    securityContext:
+      runAsNonRoot: true
+      runAsUser: 65534
+
    # A list of tolerations to be applied to the Deployment.
    # Example:
    #   tolerations:
--- a/docs/Reloader-with-Sealed-Secrets.md
+++ b/docs/Reloader-with-Sealed-Secrets.md
@@ -8,4 +8,4 @@ Below are the steps to use reloader with Sealed Secrets.
 8. Install Reloader.
 9. Once everything is setup, update the original secret at client and encrypt it with kubeseal to see reloader working.
 10. Apply the updated sealed secret.
-11. Reloader will resatart the pod to use that updated secret.
+11. Reloader will restart the pod to use that updated secret.
--- a/internal/pkg/cmd/reloader.go
+++ b/internal/pkg/cmd/reloader.go
@@ -24,9 +24,11 @@ func NewReloaderCommand() *cobra.Command {
 	}

 	// options
-	cmd.PersistentFlags().StringVar(&options.ConfigmapUpdateOnChangeAnnotation, "configmap-annotation", "configmap.reloader.stakater.com/reload", "annotation to detect changes in configmaps")
-	cmd.PersistentFlags().StringVar(&options.SecretUpdateOnChangeAnnotation, "secret-annotation", "secret.reloader.stakater.com/reload", "annotation to detect changes in secrets")
+	cmd.PersistentFlags().StringVar(&options.ConfigmapUpdateOnChangeAnnotation, "configmap-annotation", "configmap.reloader.stakater.com/reload", "annotation to detect changes in configmaps, specified by name")
+	cmd.PersistentFlags().StringVar(&options.SecretUpdateOnChangeAnnotation, "secret-annotation", "secret.reloader.stakater.com/reload", "annotation to detect changes in secrets, specified by name")
 	cmd.PersistentFlags().StringVar(&options.ReloaderAutoAnnotation, "auto-annotation", "reloader.stakater.com/auto", "annotation to detect changes in secrets")
+	cmd.PersistentFlags().StringVar(&options.AutoSearchAnnotation, "auto-search-annotation", "reloader.stakater.com/search", "annotation to detect changes in configmaps or secrets tagged with special match annotation")
+	cmd.PersistentFlags().StringVar(&options.SearchMatchAnnotation, "search-match-annotation", "reloader.stakater.com/match", "annotation to mark secrets or configmapts to match the search")
 	cmd.PersistentFlags().StringVar(&options.LogFormat, "log-format", "", "Log format to use (empty string for text, or JSON")
 	cmd.PersistentFlags().StringSlice("resources-to-ignore", []string{}, "list of resources to ignore (valid options 'configMaps' or 'secrets')")
 	cmd.PersistentFlags().StringSlice("namespaces-to-ignore", []string{}, "list of namespaces to ignore")
--- a/internal/pkg/handler/update.go
+++ b/internal/pkg/handler/update.go
@@ -33,7 +33,7 @@ func (r ResourceUpdatedHandler) GetConfig() (util.Config, string) {
 	var oldSHAData string
 	var config util.Config
 	if _, ok := r.Resource.(*v1.ConfigMap); ok {
-		oldSHAData = util.GetSHAfromConfigmap(r.OldResource.(*v1.ConfigMap).Data)
+		oldSHAData = util.GetSHAfromConfigmap(r.OldResource.(*v1.ConfigMap))
 		config = util.GetConfigmapConfig(r.Resource.(*v1.ConfigMap))
 	} else if _, ok := r.Resource.(*v1.Secret); ok {
 		oldSHAData = util.GetSHAfromSecret(r.OldResource.(*v1.Secret).Data)
--- a/internal/pkg/handler/upgrade.go
+++ b/internal/pkg/handler/upgrade.go
@@ -99,10 +99,12 @@ func PerformRollingUpgrade(clients kube.Clients, config util.Config, upgradeFunc
 		// find correct annotation and update the resource
 		annotations := upgradeFuncs.AnnotationsFunc(i)
 		annotationValue, found := annotations[config.Annotation]
+		searchAnnotationValue, foundSearchAnn := annotations[options.AutoSearchAnnotation]
 		reloaderEnabledValue, foundAuto := annotations[options.ReloaderAutoAnnotation]
-		if !found && !foundAuto {
+		if !found && !foundAuto && !foundSearchAnn {
 			annotations = upgradeFuncs.PodAnnotationsFunc(i)
 			annotationValue = annotations[config.Annotation]
+			searchAnnotationValue = annotations[options.AutoSearchAnnotation]
 			reloaderEnabledValue = annotations[options.ReloaderAutoAnnotation]
 		}
 		result := constants.NotUpdated
@@ -123,6 +125,13 @@ func PerformRollingUpgrade(clients kube.Clients, config util.Config, upgradeFunc
 			}
 		}

+		if result != constants.Updated && searchAnnotationValue == "true" {
+			matchAnnotationValue := config.ResourceAnnotations[options.SearchMatchAnnotation]
+			if matchAnnotationValue == "true" {
+				result = updateContainers(upgradeFuncs, i, config, true)
+			}
+		}
+
 		if result == constants.Updated {
 			err = upgradeFuncs.UpdateFunc(clients, config.Namespace, i)
 			resourceName := util.ToObjectMeta(i).Name
--- a/internal/pkg/handler/upgrade_test.go
+++ b/internal/pkg/handler/upgrade_test.go
@@ -15,6 +15,8 @@ import (
 	"github.com/stakater/Reloader/internal/pkg/testutil"
 	"github.com/stakater/Reloader/internal/pkg/util"
 	"github.com/stakater/Reloader/pkg/kube"
+	core_v1 "k8s.io/api/core/v1"
+	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	testclient "k8s.io/client-go/kubernetes/fake"
 )

@@ -37,6 +39,7 @@ var (
 	secretWithEnvFromName               = "testsecretWithEnvFrom-handler-" + testutil.RandSeq(5)
 	configmapWithPodAnnotations         = "testconfigmapPodAnnotations-handler-" + testutil.RandSeq(5)
 	configmapWithBothAnnotations        = "testconfigmapBothAnnotations-handler-" + testutil.RandSeq(5)
+	configmapAnnotated                  = "testconfigmapAnnotated-handler-" + testutil.RandSeq(5)
 )

 func TestMain(m *testing.M) {
@@ -227,6 +230,17 @@ func setup() {
 		logrus.Errorf("Error in Deployment with secret configmap as envFrom source creation: %v", err)
 	}

+	// Creating Deployment with envFrom source as secret
+	_, err = testutil.CreateDeploymentWithEnvVarSourceAndAnnotations(
+		clients.KubernetesClient,
+		configmapAnnotated,
+		namespace,
+		map[string]string{"reloader.stakater.com/search": "true"},
+	)
+	if err != nil {
+		logrus.Errorf("Error in Deployment with secret configmap as envFrom source creation: %v", err)
+	}
+
 	// Creating DaemonSet with configmap
 	_, err = testutil.CreateDaemonSet(clients.KubernetesClient, configmapName, namespace, true)
 	if err != nil {
@@ -409,6 +423,12 @@ func teardown() {
 		logrus.Errorf("Error while deleting deployment with both annotations %v", deploymentError)
 	}

+	// Deleting Deployment with search annotation
+	deploymentError = testutil.DeleteDeployment(clients.KubernetesClient, namespace, configmapAnnotated)
+	if deploymentError != nil {
+		logrus.Errorf("Error while deleting deployment with search annotation %v", deploymentError)
+	}
+
 	// Deleting DaemonSet with configmap
 	daemonSetError := testutil.DeleteDaemonSet(clients.KubernetesClient, namespace, configmapName)
 	if daemonSetError != nil {
@@ -622,7 +642,6 @@ func TestRollingUpgradeForDeploymentWithConfigmapInProjectedVolume(t *testing.T)
 	collectors := getCollectors()

 	err := PerformRollingUpgrade(clients, config, deploymentFuncs, collectors)
-	time.Sleep(5 * time.Second)
 	if err != nil {
 		t.Errorf("Rolling upgrade failed for Deployment with Configmap in projected volume")
 	}
@@ -638,6 +657,93 @@ func TestRollingUpgradeForDeploymentWithConfigmapInProjectedVolume(t *testing.T)
 	}
 }

+func createConfigMap(clients *kube.Clients, namespace, name string, annotations map[string]string) (*core_v1.ConfigMap, error) {
+	configmapObj := testutil.GetConfigmap(namespace, name, "www.google.com")
+	configmapObj.Annotations = annotations
+	return clients.KubernetesClient.CoreV1().ConfigMaps(namespace).Create(configmapObj)
+}
+
+func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotation(t *testing.T) {
+	shaData := testutil.ConvertResourceToSHA(testutil.ConfigmapResourceType, namespace, configmapAnnotated, "www.stakater.com")
+	config := getConfigWithAnnotations(constants.ConfigmapEnvVarPostfix, configmapAnnotated, shaData, "")
+	config.ResourceAnnotations = map[string]string{"reloader.stakater.com/match": "true"}
+	deploymentFuncs := GetDeploymentRollingUpgradeFuncs()
+	collectors := getCollectors()
+
+	err := PerformRollingUpgrade(clients, config, deploymentFuncs, collectors)
+	if err != nil {
+		t.Errorf("Rolling upgrade failed for Deployment with Configmap")
+	}
+
+	logrus.Infof("Verifying deployment update")
+	updated := testutil.VerifyResourceUpdate(clients, config, constants.ConfigmapEnvVarPostfix, deploymentFuncs)
+	if !updated {
+		t.Errorf("Deployment was not updated")
+	}
+
+	if promtestutil.ToFloat64(collectors.Reloaded.With(labelSucceeded)) != 1 {
+		t.Errorf("Counter was not increased")
+	}
+}
+
+func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationNoTriggers(t *testing.T) {
+	shaData := testutil.ConvertResourceToSHA(testutil.ConfigmapResourceType, namespace, configmapAnnotated, "www.stakater.com")
+	config := getConfigWithAnnotations(constants.ConfigmapEnvVarPostfix, configmapAnnotated, shaData, "")
+	config.ResourceAnnotations = map[string]string{"reloader.stakater.com/match": "false"}
+	deploymentFuncs := GetDeploymentRollingUpgradeFuncs()
+	collectors := getCollectors()
+
+	err := PerformRollingUpgrade(clients, config, deploymentFuncs, collectors)
+	if err != nil {
+		t.Errorf("Rolling upgrade failed for Deployment with Configmap")
+	}
+
+	logrus.Infof("Verifying deployment update")
+	updated := testutil.VerifyResourceUpdate(clients, config, constants.ConfigmapEnvVarPostfix, deploymentFuncs)
+	time.Sleep(5 * time.Second)
+	if updated {
+		t.Errorf("Deployment was updated unexpectedly")
+	}
+
+	if promtestutil.ToFloat64(collectors.Reloaded.With(labelSucceeded)) > 0 {
+		t.Errorf("Counter was increased unexpectedly")
+	}
+}
+
+func TestRollingUpgradeForDeploymentWithConfigmapViaSearchAnnotationNotMapped(t *testing.T) {
+	deployment, err := testutil.CreateDeploymentWithEnvVarSourceAndAnnotations(
+		clients.KubernetesClient,
+		configmapAnnotated+"-different",
+		namespace,
+		map[string]string{"reloader.stakater.com/search": "true"},
+	)
+	if err != nil {
+		t.Errorf("Failed to create deployment with search annotation.")
+	}
+	defer clients.KubernetesClient.AppsV1().Deployments(namespace).Delete(deployment.Name, &v1.DeleteOptions{})
+
+	shaData := testutil.ConvertResourceToSHA(testutil.ConfigmapResourceType, namespace, configmapAnnotated, "www.stakater.com")
+	config := getConfigWithAnnotations(constants.ConfigmapEnvVarPostfix, configmapAnnotated, shaData, "")
+	config.ResourceAnnotations = map[string]string{"reloader.stakater.com/match": "false"}
+	deploymentFuncs := GetDeploymentRollingUpgradeFuncs()
+	collectors := getCollectors()
+
+	err = PerformRollingUpgrade(clients, config, deploymentFuncs, collectors)
+	if err != nil {
+		t.Errorf("Rolling upgrade failed for Deployment with Configmap")
+	}
+
+	logrus.Infof("Verifying deployment update")
+	updated := testutil.VerifyResourceUpdate(clients, config, constants.ConfigmapEnvVarPostfix, deploymentFuncs)
+	if updated {
+		t.Errorf("Deployment was updated unexpectedly")
+	}
+
+	if promtestutil.ToFloat64(collectors.Reloaded.With(labelSucceeded)) > 0 {
+		t.Errorf("Counter was increased unexpectedly")
+	}
+}
+
 func TestRollingUpgradeForDeploymentWithConfigmapInInitContainer(t *testing.T) {
 	shaData := testutil.ConvertResourceToSHA(testutil.ConfigmapResourceType, namespace, configmapWithInitContainer, "www.stakater.com")
 	config := getConfigWithAnnotations(constants.ConfigmapEnvVarPostfix, configmapWithInitContainer, shaData, options.ConfigmapUpdateOnChangeAnnotation)
--- a/internal/pkg/options/flags.go
+++ b/internal/pkg/options/flags.go
@@ -1,12 +1,20 @@
 package options

 var (
-	// ConfigmapUpdateOnChangeAnnotation is an annotation to detect changes in configmaps
+	// ConfigmapUpdateOnChangeAnnotation is an annotation to detect changes in
+	// configmaps specified by name
 	ConfigmapUpdateOnChangeAnnotation = "configmap.reloader.stakater.com/reload"
-	// SecretUpdateOnChangeAnnotation is an annotation to detect changes in secrets
+	// SecretUpdateOnChangeAnnotation is an annotation to detect changes in
+	// secrets specified by name
 	SecretUpdateOnChangeAnnotation = "secret.reloader.stakater.com/reload"
 	// ReloaderAutoAnnotation is an annotation to detect changes in secrets
 	ReloaderAutoAnnotation = "reloader.stakater.com/auto"
+	// AutoSearchAnnotation is an annotation to detect changes in
+	// configmaps or triggers with the SearchMatchAnnotation
+	AutoSearchAnnotation = "reloader.stakater.com/search"
+	// SearchMatchAnnotation is an annotation to tag secrets to be found with
+	// AutoSearchAnnotation
+	SearchMatchAnnotation = "reloader.stakater.com/match"
 	// LogFormat is the log format to use (json, or empty string for default)
 	LogFormat = ""
 )
--- a/internal/pkg/testutil/kube.go
+++ b/internal/pkg/testutil/kube.go
@@ -97,7 +97,7 @@ func getVolumes(name string) []v1.Volume {
 			VolumeSource: v1.VolumeSource{
 				Projected: &v1.ProjectedVolumeSource{
 					Sources: []v1.VolumeProjection{
-						v1.VolumeProjection{
+						{
 							ConfigMap: &v1.ConfigMapProjection{
 								LocalObjectReference: v1.LocalObjectReference{
 									Name: name,
@@ -113,7 +113,7 @@ func getVolumes(name string) []v1.Volume {
 			VolumeSource: v1.VolumeSource{
 				Projected: &v1.ProjectedVolumeSource{
 					Sources: []v1.VolumeProjection{
-						v1.VolumeProjection{
+						{
 							Secret: &v1.SecretProjection{
 								LocalObjectReference: v1.LocalObjectReference{
 									Name: name,
@@ -610,6 +610,7 @@ func CreateSecret(client kubernetes.Interface, namespace string, secretName stri
 	time.Sleep(3 * time.Second)
 	return secretClient, err
 }
+
 // CreateDeployment creates a deployment in given namespace and returns the Deployment
 func CreateDeployment(client kubernetes.Interface, deploymentName string, namespace string, volumeMount bool) (*appsv1.Deployment, error) {
 	logrus.Infof("Creating Deployment")
@@ -663,9 +664,10 @@ func CreateDeploymentWithEnvVarSource(client kubernetes.Interface, deploymentNam
 	deployment, err := deploymentClient.Create(deploymentObj)
 	time.Sleep(3 * time.Second)
 	return deployment, err
+
 }

-// CreateDeployment creates a deployment in given namespace and returns the Deployment
+// CreateDeploymentWithPodAnnotations creates a deployment in given namespace and returns the Deployment
 func CreateDeploymentWithPodAnnotations(client kubernetes.Interface, deploymentName string, namespace string, both bool) (*appsv1.Deployment, error) {
 	logrus.Infof("Creating Deployment")
 	deploymentClient := client.AppsV1().Deployments(namespace)
@@ -675,6 +677,18 @@ func CreateDeploymentWithPodAnnotations(client kubernetes.Interface, deploymentN
 	return deployment, err
 }

+// CreateDeploymentWithEnvVarSourceAndAnnotations returns a deployment in given
+// namespace with given annotations.
+func CreateDeploymentWithEnvVarSourceAndAnnotations(client kubernetes.Interface, deploymentName string, namespace string, annotations map[string]string) (*appsv1.Deployment, error) {
+	logrus.Infof("Creating Deployment")
+	deploymentClient := client.AppsV1().Deployments(namespace)
+	deploymentObj := GetDeploymentWithEnvVarSources(namespace, deploymentName)
+	deploymentObj.Annotations = annotations
+	deployment, err := deploymentClient.Create(deploymentObj)
+	time.Sleep(3 * time.Second)
+	return deployment, err
+}
+
 // CreateDaemonSet creates a deployment in given namespace and returns the DaemonSet
 func CreateDaemonSet(client kubernetes.Interface, daemonsetName string, namespace string, volumeMount bool) (*appsv1.DaemonSet, error) {
 	logrus.Infof("Creating DaemonSet")
@@ -798,6 +812,7 @@ func VerifyResourceUpdate(clients kube.Clients, config util.Config, envVarPostfi
 		containers := upgradeFuncs.ContainersFunc(i)
 		// match statefulsets with the correct annotation
 		annotationValue := util.ToObjectMeta(i).Annotations[config.Annotation]
+		searchAnnotationValue := util.ToObjectMeta(i).Annotations[options.AutoSearchAnnotation]
 		reloaderEnabledValue := util.ToObjectMeta(i).Annotations[options.ReloaderAutoAnnotation]
 		reloaderEnabled, err := strconv.ParseBool(reloaderEnabledValue)
 		matches := false
@@ -811,6 +826,10 @@ func VerifyResourceUpdate(clients kube.Clients, config util.Config, envVarPostfi
 					break
 				}
 			}
+		} else if searchAnnotationValue == "true" {
+			if config.ResourceAnnotations[options.SearchMatchAnnotation] == "true" {
+				matches = true
+			}
 		}

 		if matches {
--- a/internal/pkg/util/config.go
+++ b/internal/pkg/util/config.go
@@ -8,31 +8,34 @@ import (

 //Config contains rolling upgrade configuration parameters
 type Config struct {
-	Namespace    string
-	ResourceName string
-	Annotation   string
-	SHAValue     string
-	Type         string
+	Namespace           string
+	ResourceName        string
+	ResourceAnnotations map[string]string
+	Annotation          string
+	SHAValue            string
+	Type                string
 }

 // GetConfigmapConfig provides utility config for configmap
 func GetConfigmapConfig(configmap *v1.ConfigMap) Config {
 	return Config{
-		Namespace:    configmap.Namespace,
-		ResourceName: configmap.Name,
-		Annotation:   options.ConfigmapUpdateOnChangeAnnotation,
-		SHAValue:     GetSHAfromConfigmap(configmap.Data),
-		Type:         constants.ConfigmapEnvVarPostfix,
+		Namespace:           configmap.Namespace,
+		ResourceName:        configmap.Name,
+		ResourceAnnotations: configmap.Annotations,
+		Annotation:          options.ConfigmapUpdateOnChangeAnnotation,
+		SHAValue:            GetSHAfromConfigmap(configmap),
+		Type:                constants.ConfigmapEnvVarPostfix,
 	}
 }

 // GetSecretConfig provides utility config for secret
 func GetSecretConfig(secret *v1.Secret) Config {
 	return Config{
-		Namespace:    secret.Namespace,
-		ResourceName: secret.Name,
-		Annotation:   options.SecretUpdateOnChangeAnnotation,
-		SHAValue:     GetSHAfromSecret(secret.Data),
-		Type:         constants.SecretEnvVarPostfix,
+		Namespace:           secret.Namespace,
+		ResourceName:        secret.Name,
+		ResourceAnnotations: secret.Annotations,
+		Annotation:          options.SecretUpdateOnChangeAnnotation,
+		SHAValue:            GetSHAfromSecret(secret.Data),
+		Type:                constants.SecretEnvVarPostfix,
 	}
 }
--- a/internal/pkg/util/util.go
+++ b/internal/pkg/util/util.go
@@ -2,10 +2,12 @@ package util

 import (
 	"bytes"
+	"encoding/base64"
 	"sort"
 	"strings"

 	"github.com/stakater/Reloader/internal/pkg/crypto"
+	v1 "k8s.io/api/core/v1"
 )

 // ConvertToEnvVarName converts the given text into a usable env var
@@ -29,11 +31,14 @@ func ConvertToEnvVarName(text string) string {
 	return buffer.String()
 }

-func GetSHAfromConfigmap(data map[string]string) string {
+func GetSHAfromConfigmap(configmap *v1.ConfigMap) string {
 	values := []string{}
-	for k, v := range data {
+	for k, v := range configmap.Data {
 		values = append(values, k+"="+v)
 	}
+	for k, v := range configmap.BinaryData {
+		values = append(values, k+"="+base64.StdEncoding.EncodeToString(v))
+	}
 	sort.Strings(values)
 	return crypto.GenerateSHA(strings.Join(values, ";"))
 }
--- a/internal/pkg/util/util_test.go
+++ b/internal/pkg/util/util_test.go
@@ -2,6 +2,8 @@ package util

 import (
 	"testing"
+
+	v1 "k8s.io/api/core/v1"
 )

 func TestConvertToEnvVarName(t *testing.T) {
@@ -11,3 +13,35 @@ func TestConvertToEnvVarName(t *testing.T) {
 		t.Errorf("Failed to convert data into environment variable")
 	}
 }
+
+func TestGetHashFromConfigMap(t *testing.T) {
+	data := map[*v1.ConfigMap]string{
+		{
+			Data: map[string]string{"test": "test"},
+		}: "Only Data",
+		{
+			Data:       map[string]string{"test": "test"},
+			BinaryData: map[string][]byte{"bintest": []byte("test")},
+		}: "Both Data and BinaryData",
+		{
+			BinaryData: map[string][]byte{"bintest": []byte("test")},
+		}: "Only BinaryData",
+	}
+	converted := map[string]string{}
+	for cm, cmName := range data {
+		converted[cmName] = GetSHAfromConfigmap(cm)
+	}
+
+	// Test that the has for each configmap is really unique
+	for cmName, cmHash := range converted {
+		count := 0
+		for _, cmHash2 := range converted {
+			if cmHash == cmHash2 {
+				count++
+			}
+		}
+		if count > 1 {
+			t.Errorf("Found duplicate hashes for %v", cmName)
+		}
+	}
+}
--- a/pkg/kube/client.go
+++ b/pkg/kube/client.go
@@ -78,7 +78,6 @@ func GetKubernetesClient() (*kubernetes.Clientset, error) {

 func getConfig() (*rest.Config, error) {
 	var config *rest.Config
-	var err error
 	kubeconfigPath := os.Getenv("KUBECONFIG")
 	if kubeconfigPath == "" {
 		kubeconfigPath = os.Getenv("HOME") + "/.kube/config"
@@ -95,9 +94,6 @@ func getConfig() (*rest.Config, error) {
 			return nil, err
 		}
 	}
-	if err != nil {
-		return nil, err
-	}

 	return config, nil
 }
Author	SHA1	Message	Date
stakater-user	8dbe7a85af	Bump Version to v0.0.67	2020-08-08 18:46:03 +00:00
Ahmad Iqbal Ali	e86f616305	update slack links in readme (#156 )	2020-08-08 20:36:09 +02:00
stakater-user	0c36cfd602	Bump Version to v0.0.66	2020-08-06 18:20:25 +00:00
Faizan Ahmad	f38f86a45c	Merge pull request #154 from clive-jevons/respect-configmap-binarydata-for-hash Include data from ConfigMap.BinaryData when calculating SHA	2020-08-06 20:09:59 +02:00
Faizan Ahmad	5033b8fcdc	Merge pull request #155 from kostyrev/master Add fullnameOverride to helm chart	2020-08-06 20:09:45 +02:00
Aleksandr Kostyrev	be4285742a	Add fullnameOverride to helm chart	2020-08-06 16:54:50 +03:00
Clive Jevons	6a008999f5	Include data from ConfigMap.BinaryData when calculating SHA	2020-08-06 13:37:50 +02:00
stakater-user	93f4ea240f	Bump Version to v0.0.65	2020-08-04 09:17:57 +00:00
stakater-user	c6fbae2f62	Bump Version to v0.0.64	2020-08-04 08:15:47 +00:00
Ahmed Waleed Malik	3fe0ebb48a	Merge pull request #152 from liuming-dev/refactor--code-polish Polishing code	2020-08-04 13:02:17 +05:00
Ahmed Waleed Malik	67b847bf41	Merge pull request #151 from liuming-dev/style--gofmt style: gofmt -l -w -s .	2020-08-04 13:01:44 +05:00
Liu Ming	eaa3db48f5	Polish code Signed-off-by: Liu Ming <hit_oak_tree@126.com>	2020-07-29 10:25:55 +08:00
Liu Ming	a505d2e3b1	style: gofmt -l -w -s . Signed-off-by: Liu Ming <hit_oak_tree@126.com>	2020-07-28 21:45:56 +08:00
stakater-user	9ec5515a39	Bump Version to v0.0.63	2020-07-20 17:56:16 +00:00
Ahmed Waleed Malik	8db17acf67	Merge pull request #150 from stakater/fix-watch-global Fix watch global	2020-07-20 22:46:29 +05:00
faizanahmad055	b43719cf34	Remove duplicate condition Signed-off-by: faizanahmad055 <faizan.ahmad55@outlook.com>	2020-07-20 19:33:38 +02:00
faizanahmad055	e8216069a5	Fix issue for watch global variable	2020-07-20 18:48:58 +02:00
stakater-user	732d35e45f	Bump Version to v0.0.62	2020-07-17 09:17:35 +00:00
Ahmed Waleed Malik	dcedaa2cfe	Merge pull request #147 from alexconlin/patch-1 Remove empty fields from kustomize deployment	2020-07-17 14:07:01 +05:00
Alex Conlin-Oakley	8d77121c3b	only include env and args in container when needed	2020-07-15 17:42:08 +01:00
Alex Conlin	013cd92219	Merge branch 'master' into patch-1	2020-07-10 17:24:33 +01:00
stakater-user	39b5be37af	Bump Version to v0.0.61	2020-07-10 15:54:41 +00:00
kahootali	86c2ed265d	Add non-root security context	2020-07-10 20:40:48 +05:00
LucasBoisserie	87130f06bc	Run as Non Root (#149 )	2020-07-10 17:34:49 +02:00
Ali Kahoot	17f702f510	Merge pull request #148 from TBBle/patch-1 Typo fix "resatart"	2020-07-10 20:27:40 +05:00
Paul "TBBle" Hampson	16f3055e10	Typo fix "resatart"	2020-07-10 11:34:47 +10:00
Alex Conlin	4800af8e28	Remove empty fields from deployment manifest	2020-07-08 11:22:43 +01:00
Alex Conlin	db79c65334	Remove empty fields from kustomize deployment Fixes #115	2020-07-07 22:52:53 +01:00
stakater-user	d2223f313f	Bump Version to v0.0.60	2020-06-23 07:15:27 +00:00
Ahmed Waleed Malik	c9dabc3a14	Merge pull request #142 from vladlosev/feat-track-secrets-configmaps-by-annotation Adds support for auto-reloading secrets and configmaps by annotation.	2020-06-23 12:05:22 +05:00
Vlad Losev	e61f9a6bdb	Adds note on incompatibility with 'reloader.stakater.com/auto'.	2020-06-21 14:15:58 -07:00
Vlad Losev	6bcec06052	Fixes missing import.	2020-06-09 19:45:12 -07:00
Vlad Losev	0988e8947f	Removes unused import.	2020-06-09 19:18:12 -07:00
Vlad Losev	ff27cc0f51	Simplifies test.	2020-06-09 19:17:19 -07:00
Vlad Losev	be7d454504	Fixes test using auto annotations.	2020-06-09 19:16:04 -07:00
Vlad Losev	3131116ed6	Re-adds sleep statements.	2020-06-09 19:16:04 -07:00
Vlad Losev	965cacf1ba	Updates documentation.	2020-06-09 19:16:04 -07:00
Vlad Losev	e81b49d81b	Renames search annotation.	2020-06-09 19:16:03 -07:00
Vlad Losev	17f8b81110	Simplifies annotations for searching secrets for reload.	2020-06-09 19:16:03 -07:00
Vlad Losev	5980c91560	Abstracts out configmap and deployment creation.	2020-06-09 19:16:01 -07:00
Vlad Losev	fda733ea5a	Adds support for auto-reloading secrets and configmaps by annotation.	2020-06-09 19:14:14 -07:00