Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add kube-score/skip annotation #624

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Add kube-score/skip annotation #624

wants to merge 6 commits into from

Conversation

romnn
Copy link

@romnn romnn commented Oct 8, 2024
edited
Loading

Thank you very much for this fantastic tool!!

I came across the use case to disable all checks for a file, more precisely the Helm test-connnection pod often found in Helm charts.

This PR proposes skipping all checks for a file ("kube-score/skip": "true") and checks ("kube-score/ignore": "*") using annotations. The root level annotation is checked on a per-file basis during parsing and tracked in the FileLocation, which allows further differentiation between ignored checks and skipped files. Additionally, nested annotations are checked on a per-check basis similar to the kube-score/ignore annotation.

I greatly appreciate any feedback if this is something you agree could be useful.
Best, Roman

Note: Unfortunately, the tests do not pass due an unrelated issue that I am not familiar with, once this is resolved I plan to merge the fix back into this PR.

RELNOTE: Add support for `"kube-score/skip": "true"` and`"kube-score/ignore": "*"` annotations.

@vercel Vercel
Copy link

vercel bot commented Oct 8, 2024

@romnn is attempting to deploy a commit to the Gustav Westling's projects Team on Vercel.

A member of the Team first needs to authorize it.

@zegl
Copy link
Owner

zegl commented Oct 13, 2024

Hey @romnn, thanks for the PR. What would be the difference between the "kube-score/skip": "true" and the "kube-score/ignore": "*" annotation? How come we need to do both? Could you please share some examples?

@romnn
Copy link
Author

romnn commented Oct 13, 2024

Thanks for the response and good question! They are equivalent in that both skip all checks for a resource, so supporting only one of them is also an option.

"kube-score/ignore": "*" is a very simple implementation, where "*" just matches each check in the ScoredObject.isEnabled function. Hence, it works on a per-check basis. "kube-score/skip": "true" is a root level annotation and is tracked during parsing on a per-file basis, which required more changes.

There are some subtle differences:

  • "kube-score/skip": "true" will output SKPPED for the file once, while "kube-score/ignore": "*" will output SKIPPED for each check that would normally be performed for the resource.
  • "kube-score/skip": "true is only checked for root-level annotations, while "kube-score/ignore": "*" can be applied to nested resource annotations

I agree that there could be some confusion around this. Both are intuitive in my opinion, but "kube-score/ignore": "*" uses an already existing annotation which could maybe be easier for adoption.

I'd gladly hear your opinion on this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@romnn @zegl