[skip-ci] Update artifacts

Fix ubi push step

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: "[BUG]"
+labels: kind/bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Environment**
+ - Operator Version:
+ - Kubernetes/OpenShift Version:
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea/enhancement for this project
+title: "[ENHANCE]"
+labels: kind/enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/workflows/pull_request.yaml

@@ -7,6 +7,7 @@ on:
 
 env:
   DOCKER_FILE_PATH: Dockerfile
+  DOCKER_UBI_FILE_PATH: Dockerfile.ubi
   KUBERNETES_VERSION: "1.19.0"
   KIND_VERSION: "0.17.0"
   REGISTRY: ghcr.io
@@ -82,12 +83,14 @@ jobs:
     - name: Test
       run: make test
 
-    - name: Generate Tag
+    - name: Generate Tags
       id: generate_tag
       run: |
         sha=${{ github.event.pull_request.head.sha }}
         tag="SNAPSHOT-PR-${{ github.event.pull_request.number }}-${sha:0:8}"
+        ubi_tag="SNAPSHOT-PR-${{ github.event.pull_request.number }}-UBI-${sha:0:8}"
         echo "GIT_TAG=$(echo ${tag})" >> $GITHUB_OUTPUT
+        echo "GIT_UBI_TAG=$(echo ${ubi_tag})" >> $GITHUB_OUTPUT
 
     - name: Set up QEMU
       uses: docker/setup-qemu-action@v2
@@ -122,6 +125,25 @@ jobs:
           org.opencontainers.image.created=${{ steps.prep.outputs.created }}
           org.opencontainers.image.revision=${{ github.sha }}
 
+    - name: Build and Push Docker UBI Image to Docker registry
+      uses: docker/build-push-action@v4
+      with:
+        context: .
+        file: ${{ env.DOCKER_UBI_FILE_PATH  }}
+        pull: true
+        push: true
+        build-args: |
+          BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }}
+          BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }}
+        cache-to: type=inline
+        platforms: linux/amd64,linux/arm64
+        tags: |
+          ${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }}
+        labels: |
+          org.opencontainers.image.source=${{ github.event.repository.clone_url }}
+          org.opencontainers.image.created=${{ steps.prep.outputs.created }}
+          org.opencontainers.image.revision=${{ github.sha }}
+
     - name: Login to ghcr registry
       uses: docker/login-action@v2
       with:
@@ -150,13 +172,32 @@ jobs:
           org.opencontainers.image.created=${{ steps.prep.outputs.created }}
           org.opencontainers.image.revision=${{ github.sha }}
 
+    - name: Build and Push Docker UBI Image to ghcr registry
+      uses: docker/build-push-action@v4
+      with:
+        context: .
+        file: ${{ env.DOCKER_UBI_FILE_PATH  }}
+        pull: true
+        push: true
+        build-args: |
+          BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }}
+          BUILDER_IMAGE=${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }}
+        cache-to: type=inline
+        platforms: linux/amd64,linux/arm64
+        tags: |
+          ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }}
+        labels: |
+          org.opencontainers.image.source=${{ github.event.repository.clone_url }}
+          org.opencontainers.image.created=${{ steps.prep.outputs.created }}
+          org.opencontainers.image.revision=${{ github.sha }}
+
     - name: Comment on PR
       uses: mshick/add-pr-comment@v2
       if: always()
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       with:
-        message-success: '@${{ github.actor }} Image is available for testing. `docker pull ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }}`'
+        message-success: '@${{ github.actor }} Images are available for testing. `docker pull ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_TAG }}`\n`docker pull ${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.GIT_UBI_TAG }}`'
         message-failure: '@${{ github.actor }} Yikes! You better fix it before anyone else finds out! [Build](https://github.com/${{ github.repository }}/commit/${{ github.event.pull_request.head.sha }}/checks) has Failed!'
         allow-repeats: true
 

.github/workflows/push.yaml

@@ -7,6 +7,7 @@ on:
 
 env:
   DOCKER_FILE_PATH: Dockerfile
+  DOCKER_UBI_FILE_PATH: Dockerfile.ubi
   KUBERNETES_VERSION: "1.19.0"
   KIND_VERSION: "0.17.0"
   HELM_REGISTRY_URL: "https://stakater.github.io/stakater-charts"
@@ -111,11 +112,30 @@ jobs:
             org.opencontainers.image.created=${{ steps.prep.outputs.created }}
             org.opencontainers.image.revision=${{ github.sha }}
 
+      - name: Build and Push Docker UBI Image to Docker registry
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ${{ env.DOCKER_UBI_FILE_PATH  }}
+          pull: true
+          push: true
+          build-args: |
+            BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }}
+            BUILDER_IMAGE=${{ env.DOCKER_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }}
+          cache-to: type=inline
+          platforms: linux/amd64,linux/arm64
+          tags: |
+            ${{ env.DOCKER_IMAGE_REPOSITORY }}:ubi-${{ steps.generate_tag.outputs.new_tag }}
+          labels: |
+            org.opencontainers.image.source=${{ github.event.repository.clone_url }}
+            org.opencontainers.image.created=${{ steps.prep.outputs.created }}
+            org.opencontainers.image.revision=${{ github.sha }}
+
       - name: Login to ghcr registry
         uses: docker/login-action@v2
         with:
           registry: ${{env.REGISTRY}}
-          username: ${{github.actor}}
+          username: stakater-user
           password: ${{secrets.GITHUB_TOKEN}}
 
       - name: Generate image repository path for ghcr registry
@@ -139,6 +159,25 @@ jobs:
             org.opencontainers.image.created=${{ steps.prep.outputs.created }}
             org.opencontainers.image.revision=${{ github.sha }}
 
+      - name: Build and Push Docker UBI Image to ghcr registry
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: ${{ env.DOCKER_UBI_FILE_PATH  }}
+          pull: true
+          push: true
+          build-args: |
+            BUILD_PARAMETERS=${{ env.BUILD_PARAMETERS }}
+            BUILDER_IMAGE=${{ env.GHCR_IMAGE_REPOSITORY }}:${{ steps.generate_tag.outputs.new_tag }}
+          cache-to: type=inline
+          platforms: linux/amd64,linux/arm64
+          tags: |
+            ${{ env.GHCR_IMAGE_REPOSITORY }}:ubi-${{ steps.generate_tag.outputs.new_tag }}
+          labels: |
+            org.opencontainers.image.source=${{ github.event.repository.clone_url }}
+            org.opencontainers.image.created=${{ steps.prep.outputs.created }}
+            org.opencontainers.image.revision=${{ github.sha }}
+
       ##############################
       ## Add steps to generate required artifacts for a release here(helm chart, operator manifest etc.)
       ##############################

Dockerfile.ubi

@@ -0,0 +1,19 @@
+ARG BUILDER_IMAGE
+ARG BASE_IMAGE
+
+FROM --platform=${BUILDPLATFORM} ${BUILDER_IMAGE} as SRC
+
+FROM ${BASE_IMAGE:-registry.access.redhat.com/ubi8/ubi-minimal:latest}
+
+WORKDIR /
+COPY --from=SRC /manager .
+
+# Update image
+RUN microdnf update
+
+USER 65532:65532
+
+# Port for metrics and probes
+EXPOSE 9090
+
+ENTRYPOINT ["/manager"]

deployments/kubernetes/chart/reloader/Chart.yaml

@@ -3,8 +3,8 @@
 apiVersion: v1
 name: reloader
 description: Reloader chart that runs on kubernetes
-version: 1.0.40
-appVersion: v1.0.40
+version: 1.0.47
+appVersion: v1.0.47
 keywords:
   - Reloader
   - kubernetes

deployments/kubernetes/chart/reloader/templates/clusterrole.yaml

@@ -86,6 +86,19 @@ rules:
       - get
       - update
       - patch
+  - apiGroups:
+      - "batch"
+    resources:
+      - cronjobs
+    verbs:
+      - list
+      - get
+  - apiGroups:
+      - "batch"
+    resources:
+      - jobs
+    verbs:
+      - create
 {{- if .Values.reloader.enableHA }}
   - apiGroups:
       - "coordination.k8s.io"

deployments/kubernetes/chart/reloader/templates/deployment.yaml

@@ -206,6 +206,10 @@ spec:
           - "--search-match-annotation"
           - "{{ .Values.reloader.custom_annotations.match }}"
             {{- end }}
+            {{- if .Values.reloader.webhookUrl }}
+          - "--webhook-url"
+          - "{{ .Values.reloader.webhookUrl }}"
+            {{- end }}
           {{- end }}
           {{- if eq .Values.reloader.isArgoRollouts true }}
           - "--is-Argo-Rollouts={{ .Values.reloader.isArgoRollouts }}"

deployments/kubernetes/chart/reloader/templates/networkpolicy.yaml

@@ -20,6 +20,7 @@ spec:
 {{- end }}
   policyTypes:
   - Ingress
+  - Egress
   ingress:
     - ports:
         - port: http
@@ -27,4 +28,11 @@ spec:
       from:
         {{- toYaml .| nindent 8 }}
       {{- end }}
+  egress:
+    - ports:
+        - port: 443
+      {{- with .Values.reloader.netpol.to}}
+      to:
+        {{- toYaml .| nindent 8 }}
+      {{- end }}
 {{- end }}

deployments/kubernetes/chart/reloader/templates/role.yaml

@@ -77,6 +77,19 @@ rules:
       - get
       - update
       - patch
+  - apiGroups:
+      - "batch"
+    resources:
+      - cronjobs
+    verbs:
+      - list
+      - get
+  - apiGroups:
+      - "batch"
+    resources:
+      - jobs
+    verbs:
+      - create
 {{- if .Values.reloader.enableHA }}
   - apiGroups:
       - "coordination.k8s.io"

deployments/kubernetes/chart/reloader/values.yaml

@@ -84,10 +84,10 @@ reloader:
     labels:
       provider: stakater
       group: com.stakater.platform
-      version: v1.0.40
+      version: v1.0.47
     image:
       name: ghcr.io/stakater/reloader
-      tag: v1.0.40
+      tag: v1.0.47
       pullPolicy: IfNotPresent
     # Support for extra environment variables.
     env:
@@ -276,3 +276,6 @@ reloader:
     # - podSelector:
     #     matchLabels:
     #       app.kubernetes.io/name: prometheus
+    to: []
+    
+  webhookUrl: ""

deployments/kubernetes/manifests/clusterrole.yaml

@@ -9,7 +9,7 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"
@@ -45,6 +45,19 @@ rules:
       - get
       - update
       - patch
+  - apiGroups:
+      - "batch"
+    resources:
+      - cronjobs
+    verbs:
+      - list
+      - get
+  - apiGroups:
+      - "batch"
+    resources:
+      - jobs
+    verbs:
+      - create
   - apiGroups:
       - ""
     resources:

deployments/kubernetes/manifests/clusterrolebinding.yaml

@@ -9,7 +9,7 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"

deployments/kubernetes/manifests/deployment.yaml

@@ -8,13 +8,13 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"
     group: com.stakater.platform
     provider: stakater
-    version: v1.0.40
+    version: v1.0.47
   name: reloader-reloader
   namespace: default
 spec:
@@ -28,16 +28,16 @@ spec:
     metadata:
       labels:
         app: reloader-reloader
-        chart: "reloader-1.0.40"
+        chart: "reloader-1.0.47"
         release: "reloader"
         heritage: "Helm"
         app.kubernetes.io/managed-by: "Helm"
         group: com.stakater.platform
         provider: stakater
-        version: v1.0.40
+        version: v1.0.47
     spec:
       containers:
-      - image: "ghcr.io/stakater/reloader:v1.0.40"
+      - image: "ghcr.io/stakater/reloader:v1.0.47"
         imagePullPolicy: IfNotPresent
         name: reloader-reloader
 

deployments/kubernetes/manifests/serviceaccount.yaml

@@ -8,7 +8,7 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"

deployments/kubernetes/reloader.yaml

@@ -8,7 +8,7 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"
@@ -25,7 +25,7 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"
@@ -61,6 +61,19 @@ rules:
       - get
       - update
       - patch
+  - apiGroups:
+      - "batch"
+    resources:
+      - cronjobs
+    verbs:
+      - list
+      - get
+  - apiGroups:
+      - "batch"
+    resources:
+      - jobs
+    verbs:
+      - create
   - apiGroups:
       - ""
     resources:
@@ -79,7 +92,7 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"
@@ -102,13 +115,13 @@ metadata:
     meta.helm.sh/release-name: "reloader"
   labels:
     app: reloader-reloader
-    chart: "reloader-1.0.40"
+    chart: "reloader-1.0.47"
     release: "reloader"
     heritage: "Helm"
     app.kubernetes.io/managed-by: "Helm"
     group: com.stakater.platform
     provider: stakater
-    version: v1.0.40
+    version: v1.0.47
   name: reloader-reloader
   namespace: default
 spec:
@@ -122,16 +135,16 @@ spec:
     metadata:
       labels:
         app: reloader-reloader
-        chart: "reloader-1.0.40"
+        chart: "reloader-1.0.47"
         release: "reloader"
         heritage: "Helm"
         app.kubernetes.io/managed-by: "Helm"
         group: com.stakater.platform
         provider: stakater
-        version: v1.0.40
+        version: v1.0.47
     spec:
       containers:
-      - image: "ghcr.io/stakater/reloader:v1.0.40"
+      - image: "ghcr.io/stakater/reloader:v1.0.47"
         imagePullPolicy: IfNotPresent
         name: reloader-reloader
 

deployments/kubernetes/templates/chart/values.yaml.tmpl

@@ -136,3 +136,5 @@ reloader:
     # labels:
     # Set timeout for scrape
     # timeout: 10s
+  
+  webhookUrl: ""

go.mod

@@ -50,11 +50,11 @@ require (
 	github.com/prometheus/procfs v0.11.1 // indirect
 	github.com/smartystreets/goconvey v1.7.2 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	golang.org/x/net v0.13.0 // indirect
+	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/oauth2 v0.8.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/term v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
+	golang.org/x/term v0.13.0 // indirect
+	golang.org/x/text v0.13.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect

go.sum

@@ -140,8 +140,8 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.13.0 h1:Nvo8UFsZ8X3BhAC9699Z1j7XQ3rsZnUUm7jfBEk1ueY=
-golang.org/x/net v0.13.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
 golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -152,15 +152,15 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
-golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c=
-golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
+golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
+golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
+golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
-golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
+golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
 golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -192,24 +192,16 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
 gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-k8s.io/api v0.28.0 h1:3j3VPWmN9tTDI68NETBWlDiA9qOiGJ7sdKeufehBYsM=
-k8s.io/api v0.28.0/go.mod h1:0l8NZJzB0i/etuWnIXcwfIv+xnDOhL3lLW919AWYDuY=
 k8s.io/api v0.28.1 h1:i+0O8k2NPBCPYaMB+uCkseEbawEt/eFaiRqUx8aB108=
 k8s.io/api v0.28.1/go.mod h1:uBYwID+66wiL28Kn2tBjBYQdEU0Xk0z5qF8bIBqk/Dg=
-k8s.io/apimachinery v0.28.0 h1:ScHS2AG16UlYWk63r46oU3D5y54T53cVI5mMJwwqFNA=
-k8s.io/apimachinery v0.28.0/go.mod h1:X0xh/chESs2hP9koe+SdIAcXWcQ+RM5hy0ZynB+yEvw=
 k8s.io/apimachinery v0.28.1 h1:EJD40og3GizBSV3mkIoXQBsws32okPOy+MkRyzh6nPY=
 k8s.io/apimachinery v0.28.1/go.mod h1:X0xh/chESs2hP9koe+SdIAcXWcQ+RM5hy0ZynB+yEvw=
-k8s.io/client-go v0.28.0 h1:ebcPRDZsCjpj62+cMk1eGNX1QkMdRmQ6lmz5BLoFWeM=
-k8s.io/client-go v0.28.0/go.mod h1:0Asy9Xt3U98RypWJmU1ZrRAGKhP6NqDPmptlAzK2kMc=
 k8s.io/client-go v0.28.1 h1:pRhMzB8HyLfVwpngWKE8hDcXRqifh1ga2Z/PU9SXVK8=
 k8s.io/client-go v0.28.1/go.mod h1:pEZA3FqOsVkCc07pFVzK076R+P/eXqsgx5zuuRWukNE=
 k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
 k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ=
 k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM=
-k8s.io/kubectl v0.28.0 h1:qhfju0OaU+JGeBlToPeeIg2UJUWP++QwTkpio6nlPKg=
-k8s.io/kubectl v0.28.0/go.mod h1:1We+E5nSX3/TVoSQ6y5Bzld5OhTBHZHlKEYl7g/NaTk=
 k8s.io/kubectl v0.28.1 h1:jAq4yKEqQL+fwkWcEsUWxhJ7uIRcOYQraJxx4SyAMTY=
 k8s.io/kubectl v0.28.1/go.mod h1:a0nk/lMMeKBulp0lMTJAKbkjZg1ykqfLfz/d6dnv1ak=
 k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=

internal/pkg/callbacks/rolling_upgrade.go

@@ -6,6 +6,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"github.com/stakater/Reloader/pkg/kube"
 	appsv1 "k8s.io/api/apps/v1"
+	batchv1 "k8s.io/api/batch/v1"
 	v1 "k8s.io/api/core/v1"
 	meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -67,6 +68,26 @@ func GetDeploymentItems(clients kube.Clients, namespace string) []runtime.Object
 	return items
 }
 
+// GetCronJobItems returns the jobs in given namespace
+func GetCronJobItems(clients kube.Clients, namespace string) []runtime.Object {
+	cronjobs, err := clients.KubernetesClient.BatchV1().CronJobs(namespace).List(context.TODO(), meta_v1.ListOptions{})
+	if err != nil {
+		logrus.Errorf("Failed to list cronjobs %v", err)
+	}
+
+	items := make([]runtime.Object, len(cronjobs.Items))
+	// Ensure we always have pod annotations to add to
+	for i, v := range cronjobs.Items {
+		if v.Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations == nil {
+			annotations := make(map[string]string)
+			cronjobs.Items[i].Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations = annotations
+		}
+		items[i] = &cronjobs.Items[i]
+	}
+
+	return items
+}
+
 // GetDaemonSetItems returns the daemonSets in given namespace
 func GetDaemonSetItems(clients kube.Clients, namespace string) []runtime.Object {
 	daemonSets, err := clients.KubernetesClient.AppsV1().DaemonSets(namespace).List(context.TODO(), meta_v1.ListOptions{})
@@ -148,6 +169,11 @@ func GetDeploymentAnnotations(item runtime.Object) map[string]string {
 	return item.(*appsv1.Deployment).ObjectMeta.Annotations
 }
 
+// GetCronJobAnnotations returns the annotations of given cronjob
+func GetCronJobAnnotations(item runtime.Object) map[string]string {
+	return item.(*batchv1.CronJob).ObjectMeta.Annotations
+}
+
 // GetDaemonSetAnnotations returns the annotations of given daemonSet
 func GetDaemonSetAnnotations(item runtime.Object) map[string]string {
 	return item.(*appsv1.DaemonSet).ObjectMeta.Annotations
@@ -173,6 +199,11 @@ func GetDeploymentPodAnnotations(item runtime.Object) map[string]string {
 	return item.(*appsv1.Deployment).Spec.Template.ObjectMeta.Annotations
 }
 
+// GetCronJobPodAnnotations returns the pod's annotations of given cronjob
+func GetCronJobPodAnnotations(item runtime.Object) map[string]string {
+	return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.ObjectMeta.Annotations
+}
+
 // GetDaemonSetPodAnnotations returns the pod's annotations of given daemonSet
 func GetDaemonSetPodAnnotations(item runtime.Object) map[string]string {
 	return item.(*appsv1.DaemonSet).Spec.Template.ObjectMeta.Annotations
@@ -198,6 +229,11 @@ func GetDeploymentContainers(item runtime.Object) []v1.Container {
 	return item.(*appsv1.Deployment).Spec.Template.Spec.Containers
 }
 
+// GetCronJobContainers returns the containers of given cronjob
+func GetCronJobContainers(item runtime.Object) []v1.Container {
+	return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.Containers
+}
+
 // GetDaemonSetContainers returns the containers of given daemonSet
 func GetDaemonSetContainers(item runtime.Object) []v1.Container {
 	return item.(*appsv1.DaemonSet).Spec.Template.Spec.Containers
@@ -223,6 +259,11 @@ func GetDeploymentInitContainers(item runtime.Object) []v1.Container {
 	return item.(*appsv1.Deployment).Spec.Template.Spec.InitContainers
 }
 
+// GetCronJobInitContainers returns the containers of given cronjob
+func GetCronJobInitContainers(item runtime.Object) []v1.Container {
+	return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.InitContainers
+}
+
 // GetDaemonSetInitContainers returns the containers of given daemonSet
 func GetDaemonSetInitContainers(item runtime.Object) []v1.Container {
 	return item.(*appsv1.DaemonSet).Spec.Template.Spec.InitContainers
@@ -250,6 +291,18 @@ func UpdateDeployment(clients kube.Clients, namespace string, resource runtime.O
 	return err
 }
 
+// CreateJobFromCronjob performs rolling upgrade on cronjob
+func CreateJobFromCronjob(clients kube.Clients, namespace string, resource runtime.Object) error {
+	cronJob := resource.(*batchv1.CronJob)
+	job := &batchv1.Job{
+		ObjectMeta: cronJob.Spec.JobTemplate.ObjectMeta,
+		Spec:       cronJob.Spec.JobTemplate.Spec,
+	}
+	job.GenerateName = cronJob.Name + "-"
+	_, err := clients.KubernetesClient.BatchV1().Jobs(namespace).Create(context.TODO(), job, meta_v1.CreateOptions{FieldManager: "Reloader"})
+	return err
+}
+
 // UpdateDaemonSet performs rolling upgrade on daemonSet
 func UpdateDaemonSet(clients kube.Clients, namespace string, resource runtime.Object) error {
 	daemonSet := resource.(*appsv1.DaemonSet)
@@ -286,6 +339,11 @@ func GetDeploymentVolumes(item runtime.Object) []v1.Volume {
 	return item.(*appsv1.Deployment).Spec.Template.Spec.Volumes
 }
 
+// GetCronJobVolumes returns the Volumes of given cronjob
+func GetCronJobVolumes(item runtime.Object) []v1.Volume {
+	return item.(*batchv1.CronJob).Spec.JobTemplate.Spec.Template.Spec.Volumes
+}
+
 // GetDaemonSetVolumes returns the Volumes of given daemonSet
 func GetDaemonSetVolumes(item runtime.Object) []v1.Volume {
 	return item.(*appsv1.DaemonSet).Spec.Template.Spec.Volumes

internal/pkg/cmd/reloader.go

@@ -39,6 +39,7 @@ func NewReloaderCommand() *cobra.Command {
 	cmd.PersistentFlags().StringVar(&options.AutoSearchAnnotation, "auto-search-annotation", "reloader.stakater.com/search", "annotation to detect changes in configmaps or secrets tagged with special match annotation")
 	cmd.PersistentFlags().StringVar(&options.SearchMatchAnnotation, "search-match-annotation", "reloader.stakater.com/match", "annotation to mark secrets or configmaps to match the search")
 	cmd.PersistentFlags().StringVar(&options.LogFormat, "log-format", "", "Log format to use (empty string for text, or JSON")
+	cmd.PersistentFlags().StringVar(&options.WebhookUrl, "webhook-url", "", "webhook to trigger instead of performing a reload")
 	cmd.PersistentFlags().StringSlice("resources-to-ignore", []string{}, "list of resources to ignore (valid options 'configMaps' or 'secrets')")
 	cmd.PersistentFlags().StringSlice("namespaces-to-ignore", []string{}, "list of namespaces to ignore")
 	cmd.PersistentFlags().StringSlice("namespace-selector", []string{}, "list of key:value labels to filter on for namespaces")
@@ -156,6 +157,10 @@ func startReloader(cmd *cobra.Command, args []string) {
 		logrus.Warnf("resource-label-selector is set, will only detect changes on resources with these labels: %s.", resourceLabelSelector)
 	}
 
+	if options.WebhookUrl != "" {
+		logrus.Warnf("webhook-url is set, will only send webhook, no resources will be reloaded")
+	}
+
 	collectors := metrics.SetupPrometheusEndpoint()
 
 	var controllers []*controller.Controller

internal/pkg/handler/create.go

@@ -3,6 +3,7 @@ package handler
 import (
 	"github.com/sirupsen/logrus"
 	"github.com/stakater/Reloader/internal/pkg/metrics"
+	"github.com/stakater/Reloader/internal/pkg/options"
 	"github.com/stakater/Reloader/internal/pkg/util"
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/tools/record"
@@ -21,6 +22,10 @@ func (r ResourceCreatedHandler) Handle() error {
 		logrus.Errorf("Resource creation handler received nil resource")
 	} else {
 		config, _ := r.GetConfig()
+		// Send webhook
+		if options.WebhookUrl != "" {
+			return sendUpgradeWebhook(config, options.WebhookUrl)
+		}
 		// process resource based on its type
 		return doRollingUpgrade(config, r.Collectors, r.Recorder)
 	}

internal/pkg/handler/update.go

@@ -3,6 +3,7 @@ package handler
 import (
 	"github.com/sirupsen/logrus"
 	"github.com/stakater/Reloader/internal/pkg/metrics"
+	"github.com/stakater/Reloader/internal/pkg/options"
 	"github.com/stakater/Reloader/internal/pkg/util"
 	v1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/tools/record"
@@ -23,6 +24,10 @@ func (r ResourceUpdatedHandler) Handle() error {
 	} else {
 		config, oldSHAData := r.GetConfig()
 		if config.SHAValue != oldSHAData {
+			// Send a webhook if update
+			if options.WebhookUrl != "" {
+				return sendUpgradeWebhook(config, options.WebhookUrl)
+			}
 			// process resource based on its type
 			return doRollingUpgrade(config, r.Collectors, r.Recorder)
 		}

internal/pkg/handler/upgrade.go

@@ -1,14 +1,17 @@
 package handler
 
 import (
+	"bytes"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io"
 	"os"
 	"regexp"
 	"strconv"
 	"strings"
 
+	"github.com/parnurzeal/gorequest"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/sirupsen/logrus"
 	alert "github.com/stakater/Reloader/internal/pkg/alerts"
@@ -38,6 +41,20 @@ func GetDeploymentRollingUpgradeFuncs() callbacks.RollingUpgradeFuncs {
 	}
 }
 
+// GetDeploymentRollingUpgradeFuncs returns all callback funcs for a cronjob
+func GetCronJobCreateJobFuncs() callbacks.RollingUpgradeFuncs {
+	return callbacks.RollingUpgradeFuncs{
+		ItemsFunc:          callbacks.GetCronJobItems,
+		AnnotationsFunc:    callbacks.GetCronJobAnnotations,
+		PodAnnotationsFunc: callbacks.GetCronJobPodAnnotations,
+		ContainersFunc:     callbacks.GetCronJobContainers,
+		InitContainersFunc: callbacks.GetCronJobInitContainers,
+		UpdateFunc:         callbacks.CreateJobFromCronjob,
+		VolumesFunc:        callbacks.GetCronJobVolumes,
+		ResourceType:       "CronJob",
+	}
+}
+
 // GetDaemonSetRollingUpgradeFuncs returns all callback funcs for a daemonset
 func GetDaemonSetRollingUpgradeFuncs() callbacks.RollingUpgradeFuncs {
 	return callbacks.RollingUpgradeFuncs{
@@ -94,6 +111,36 @@ func GetArgoRolloutRollingUpgradeFuncs() callbacks.RollingUpgradeFuncs {
 	}
 }
 
+func sendUpgradeWebhook(config util.Config, webhookUrl string) error {
+	message := fmt.Sprintf("Changes detected in '%s' of type '%s' in namespace '%s'", config.ResourceName, config.Type, config.Namespace)
+	message += fmt.Sprintf(", Sending webhook to '%s'", webhookUrl)
+	logrus.Infof(message)
+	body, errs := sendWebhook(webhookUrl)
+	if errs != nil {
+		// return the first error
+		return errs[0]
+	} else {
+		logrus.Info(body)
+	}
+
+	return nil
+}
+
+func sendWebhook(url string) (string, []error) {
+	request := gorequest.New()
+	resp, _, err := request.Post(url).Send(`{"webhook":"update successful"}`).End()
+	if err != nil {
+		// the reloader seems to retry automatically so no retry logic added
+		return "", err
+	}
+	var buffer bytes.Buffer
+	_, bufferErr := io.Copy(&buffer, resp.Body)
+	if bufferErr != nil {
+		logrus.Error(bufferErr)
+	}
+	return buffer.String(), nil
+}
+
 func doRollingUpgrade(config util.Config, collectors metrics.Collectors, recorder record.EventRecorder) error {
 	clients := kube.GetClients()
 
@@ -101,6 +148,10 @@ func doRollingUpgrade(config util.Config, collectors metrics.Collectors, recorde
 	if err != nil {
 		return err
 	}
+	err = rollingUpgrade(clients, config, GetCronJobCreateJobFuncs(), collectors, recorder)
+	if err != nil {
+		return err
+	}
 	err = rollingUpgrade(clients, config, GetDaemonSetRollingUpgradeFuncs(), collectors, recorder)
 	if err != nil {
 		return err

internal/pkg/options/flags.go

@@ -30,4 +30,6 @@ var (
 	SyncAfterRestart = false
 	// EnableHA adds support for running multiple replicas via leadership election
 	EnableHA = false
+	// Url to send a request to instead of triggering a reload
+	WebhookUrl = ""
 )