-
Notifications
You must be signed in to change notification settings - Fork 769
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: upgrading to 0.30 api, creating v1 or v1beta1 VAP/VAPB #3472
Merged
Merged
Changes from 21 commits
Commits
Show all changes
22 commits
Select commit
Hold shift + click to select a range
4d3f669
upgrading to 0.30 api, creating v1 or v1beta1 VAP/VAPB
JaydipGabani 9298580
adding config to enable beta api in kind cluster for 1.28, 1.29. fixi…
JaydipGabani f43b6bf
fixing lint
JaydipGabani 9f58850
adding tests
JaydipGabani ef94027
upgrading to 0.30 api, creating v1 or v1beta1 VAP/VAPB
JaydipGabani f6b9ebe
adding config to enable beta api in kind cluster for 1.28, 1.29. fixi…
JaydipGabani c5793ea
fixing lint
JaydipGabani 3a0eede
adding tests
JaydipGabani bb19964
using runtime.Object for VAP/VAPB versions
JaydipGabani f8791e6
merging with master
JaydipGabani 1dff1e5
converting v1beta1 to v1 without unstructured
JaydipGabani de48c99
removing toolchain from go.mod
JaydipGabani 1e26786
removing lib file
JaydipGabani ed5c510
checking for VAP API availability only when generation is on
JaydipGabani fe4998e
addressing nits
JaydipGabani 3a77ea3
adding read lock while checking for vap api availability
JaydipGabani a63f998
Merge branch 'master' into k130
JaydipGabani 6cb62fa
adding label-selector in mutation for backward comp check
JaydipGabani 7e39997
Merge branch 'k130' of github.com:JaydipGabani/gatekeeper into k130
JaydipGabani f3a4977
using interim variables for read lock
JaydipGabani 2f0b758
adding todo to use r.scheme.convert
JaydipGabani 5b3ffa0
addressing nits
JaydipGabani File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is adding this backwards compatible?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@maxsmythe I think so, this page says
atomic can apply to any list. It is coming through bumping k8s api - https://github.com/kubernetes/apimachinery/blob/v0.30.3/pkg/apis/meta/v1/types.go#L1250There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Backwards compatibility means that applying this tag will not change merge behavior.
In other words, we should be sure that
kubectl applylogic prior to this tag being added and post this tag being added are unchanged.Because this potentially affects backwards compatibility, we should be certain that this is the case. We should not rely on speculation. In other words, we should do more research than just inferring from a vague statement in the docs.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I found
By default, Server-Side Apply treats custom resources as unstructured data. All keys are treated the same as struct fields, and all lists are considered atomic., here. So before this change, the list was being treated asatomicforpatchStratagy=merge. wdyt?How do I test for backward compatibility for this change?
I tested with deploying CRDs before this change and creating mutators, then I upgraded the CRDs with this change and applied mutators But I think this may be wrong way to test for backward compat, I am not sure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I also see this
If listType is missing, the API server interprets a patchStrategy=merge marker as a listType=map and the corresponding patchMergeKey marker as a listMapKey.on the same page, so now I am cofused.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I asked in slack - https://kubernetes.slack.com/archives/C0123CNN8F3/p1722991068800879, waiting for response.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I got the response -
atomic is the default- https://kubernetes.slack.com/archives/C0123CNN8F3/p1722991724774759?thread_ts=1722991068.800879&cid=C0123CNN8F3.@maxsmythe let me know if this resolves your concerns.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am pasting the response for reference here about this change -
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Adding more context:
This
x-kubernetes-list-type: atomicis getting added for list fields undermetav1.labelSelectorandmetav1.namespaceSelectorformutators. This change is coming from here, where markerlistType=atomicis getting added tomatchExpressionandvaluesfield. controller-runtime is looking at this markers and adding the field to manifets.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"By default, Server-Side Apply treats custom resources as unstructured data. All keys are treated the same as struct fields, and all lists are considered atomic." Sounds conclusive to me (from your first reply)