tags: `kapp`

kapp deploy triggers a new versioned asset based on a predetermined interval

Problem Statement

There is a requirement from user to have a feature in kapp deploy to trigger a new version of a resource on pre-defined interval (ref).

Proposal

New annotation:

kapp.k14s.io/renew-duration = duration (1h, 2s, 3m)
kapp.k14s.io/last-renewed-time = <current time> (used by kapp internally, to indicate an update in resource and for non-versioned resources with update-strategy != always-replace will be used to match the condition as creationTime don't update with the update in these resources)

Changes:

Validate value for annotation kapp.k14s.io/renew-duration (if set). If invalid, error out at diff stage only.
if current_time - creationTimestamp > renew-duration, add annotation kapp.k14s.io/last-renewed-time if not already added otherwise update kapp.k14s.io/last-renewed-time = <current time>.
if current_time - creationTimestamp < renew-duration, kapp will work as it is working currently.
For Versioned resources, kapp will create new resource(same as it working now whenever there is any new update).
For non-versioned resource, resource will get updated as per the update-strategy has been set for it.
Also if creationTimestamp < last_renewed_time (value of ann kapp.k14s.io/last-renewed-time) then last-renewed-time will be used to validate the condition. Condition will be current-time - last_renewed_time > renew-duration.

Drawbacks:
For non-versioned resources with update-strategy != always-replace:

if there is long time difference in diff and actual update to the res in the cluster(could happen due ordering of resources by kapp) then next update might happen early than it should be as we update last-renewed-time annotation before diff.
if user makes an update before duration expired, kapp won't update last-renwed-time annotation, as at diff stage it is difficult to find resource with update apply operation in current code base.

Solution:

User can use always-replace as update strategy for non-versioned resources.

Specification / Use Cases

Use case: Have some use cases around cert manager where certain apps dont reload secrets and configmaps automaticaly but use cert manager and lets encrypt certs. By having this feature in kapp deploy would make sure our apps reload the new certs from cert manager before they are invalid.

Syntax	Example	Reference
# Header	Header	基本排版
- Unordered List	Unordered List
1. Ordered List	Ordered List
- [ ] Todo List	Todo List
> Blockquote	Blockquote
Bold font	Bold font
Italics font	Italics font
~~Strikethrough~~	~~Strikethrough~~
19^th^	19^th
H~2~O	H₂O
++Inserted text++	Inserted text
==Marked text==	Marked text
[link text](https:// "title")	Link
![image alt](https:// "title")	Image
`Code`	`Code`	在筆記中貼入程式碼
```javascript var i = 0; ```	`var i = 0;`	在筆記中貼入程式碼
:smile:		Emoji list
{%youtube youtube_id %}	Externals
$L^aT_eX$	L^aT_eX
:::info This is a alert area. :::	This is a alert area.