feat: feature flag to not clone secondary resource on access

operator-framework-core/src/main/java/io/javaoperatorsdk/operator/api/config/ConfigurationService.java

@@ -404,4 +404,15 @@ default boolean useSSAToPatchPrimaryResource() {
     return true;
   }
 
+  /**
+   * By default, secondary resources are cloned when returned from the cache.
+   * ({@link io.javaoperatorsdk.operator.api.reconciler.Context#getSecondaryResource(Class)}) This
+   * might have a performance impact, and if reconciler relies on SSA it is not needed to do. Since
+   * the goal of the cloning is to prevent modification on the object in the cache, that would no
+   * longer reflect the state on the server in that case.
+   */
+  default boolean cloneSecondaryResourcesWhenGettingFromCache() {
+    return true;
+  }
+
 }

operator-framework-core/src/main/java/io/javaoperatorsdk/operator/api/config/ConfigurationServiceOverrider.java

@@ -40,6 +40,7 @@ public class ConfigurationServiceOverrider {
   private Boolean previousAnnotationForDependentResources;
   private Boolean parseResourceVersions;
   private Boolean useSSAToPatchPrimaryResource;
+  private Boolean cloneSecondaryResourcesWhenGettingFromCache;
   private DependentResourceFactory dependentResourceFactory;
 
   ConfigurationServiceOverrider(ConfigurationService original) {
@@ -180,6 +181,12 @@ public ConfigurationServiceOverrider withUseSSAToPatchPrimaryResource(boolean va
     return this;
   }
 
+  public ConfigurationServiceOverrider withCloneSecondaryResourcesWhenGettingFromCache(
+      boolean value) {
+    this.cloneSecondaryResourcesWhenGettingFromCache = value;
+    return this;
+  }
+
   public ConfigurationService build() {
     return new BaseConfigurationService(original.getVersion(), cloner, client) {
       @Override
@@ -323,6 +330,13 @@ public boolean useSSAToPatchPrimaryResource() {
             : super.useSSAToPatchPrimaryResource();
 
       }
+
+      @Override
+      public boolean cloneSecondaryResourcesWhenGettingFromCache() {
+        return cloneSecondaryResourcesWhenGettingFromCache != null
+            ? cloneSecondaryResourcesWhenGettingFromCache
+            : super.cloneSecondaryResourcesWhenGettingFromCache();
+      }
     };
   }
 

operator-framework-core/src/main/java/io/javaoperatorsdk/operator/processing/event/ReconciliationDispatcher.java

@@ -361,7 +361,6 @@ private P patchResource(P resource, P originalResource) {
         getVersion(resource));
     log.trace("Resource before update: {}", resource);
 
-    // todo unit test
     final var finalizerName = configuration().getFinalizerName();
     if (useSSA && controller.useFinalizer()) {
       // addFinalizer already prevents adding an already present finalizer so no need to check

operator-framework-core/src/main/java/io/javaoperatorsdk/operator/processing/event/source/informer/InformerManager.java

@@ -170,7 +170,9 @@ public Stream<T> list(String namespace, Predicate<T> predicate) {
   public Optional<T> get(ResourceID resourceID) {
     return getSource(resourceID.getNamespace().orElse(WATCH_ALL_NAMESPACES))
         .flatMap(source -> source.get(resourceID))
-        .map(r -> configurationService.getResourceCloner().clone(r));
+        .map(r -> configurationService.cloneSecondaryResourcesWhenGettingFromCache()
+            ? configurationService.getResourceCloner().clone(r)
+            : r);
   }
 
   @Override

sample-operators/webpage/src/main/java/io/javaoperatorsdk/operator/sample/WebPageReconciler.java

@@ -12,7 +12,6 @@
 import io.fabric8.kubernetes.api.model.apps.Deployment;
 import io.fabric8.kubernetes.api.model.networking.v1.Ingress;
 import io.fabric8.kubernetes.client.KubernetesClient;
-import io.fabric8.kubernetes.client.dsl.Replaceable;
 import io.javaoperatorsdk.operator.ReconcilerUtils;
 import io.javaoperatorsdk.operator.api.config.informer.InformerConfiguration;
 import io.javaoperatorsdk.operator.api.reconciler.*;
@@ -90,7 +89,7 @@ public UpdateControl<WebPage> reconcile(WebPage webPage, Context<WebPage> contex
           desiredHtmlConfigMap.getMetadata().getName(),
           ns);
       kubernetesClient.configMaps().inNamespace(ns).resource(desiredHtmlConfigMap)
-          .createOr(Replaceable::update);
+          .serverSideApply();
     }
 
     var existingDeployment = context.getSecondaryResource(Deployment.class).orElse(null);
@@ -100,7 +99,7 @@ public UpdateControl<WebPage> reconcile(WebPage webPage, Context<WebPage> contex
           desiredDeployment.getMetadata().getName(),
           ns);
       kubernetesClient.apps().deployments().inNamespace(ns).resource(desiredDeployment)
-          .createOr(Replaceable::update);
+          .serverSideApply();
     }
 
     var existingService = context.getSecondaryResource(Service.class).orElse(null);
@@ -110,14 +109,14 @@ public UpdateControl<WebPage> reconcile(WebPage webPage, Context<WebPage> contex
           desiredDeployment.getMetadata().getName(),
           ns);
       kubernetesClient.services().inNamespace(ns).resource(desiredService)
-          .createOr(Replaceable::update);
+          .serverSideApply();
     }
 
     var existingIngress = context.getSecondaryResource(Ingress.class);
     if (Boolean.TRUE.equals(webPage.getSpec().getExposed())) {
       var desiredIngress = makeDesiredIngress(webPage);
       if (existingIngress.isEmpty() || !match(desiredIngress, existingIngress.get())) {
-        kubernetesClient.resource(desiredIngress).inNamespace(ns).createOr(Replaceable::update);
+        kubernetesClient.resource(desiredIngress).inNamespace(ns).serverSideApply();
       }
     } else
       existingIngress.ifPresent(

sample-operators/webpage/src/test/java/io/javaoperatorsdk/operator/sample/WebPageOperatorE2E.java

@@ -26,10 +26,14 @@ public WebPageOperatorE2E() throws FileNotFoundException {}
   AbstractOperatorExtension operator =
       isLocal()
           ? LocallyRunOperatorExtension.builder()
+              .withConfigurationService(
+                  o -> o.withCloneSecondaryResourcesWhenGettingFromCache(false))
               .waitForNamespaceDeletion(false)
               .withReconciler(new WebPageReconciler(client))
               .build()
           : ClusterDeployedOperatorExtension.builder()
+              .withConfigurationService(
+                  o -> o.withCloneSecondaryResourcesWhenGettingFromCache(false))
               .waitForNamespaceDeletion(false)
               .withOperatorDeployment(client.load(new FileInputStream("k8s/operator.yaml")).items(),
                   resources -> {