-
Notifications
You must be signed in to change notification settings - Fork 480
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move validation to be part of the CRD #3319
Comments
Hi @jaronoff97 I am an Outreachy applicant, and I would like to work on this issue. I'll review the project and keep you updated on my progress. In the meantime, I would appreciate any insights or guidance you could provide to help me address this issue. |
@mercybassey sounds good! one issue with this is that feature went beta in Kubernetes 1.25 and stable in kubernetes 1.29 (link) and right now our minimum supported version is 1.23. We will probably need to bump that minimum version as part of this. We have an open issue here for that #2798 |
@jaronoff97 Thank you for the update! I’d like to clarify if I can go ahead with migrating the validation rules to the CRDs while keeping an eye on the progress of issue #2798 regarding the version bump. |
Assuming the @mercybassey if you want to work on this, I'd limit the scope to just adding the existing webhook validations as validation rules, without removing the former. You can start by familiarizing yourself with the webhook logic, how we define and annotate our CRDs using kubebuilder, and kubebuilder's own documentation. What you want for CRD validation rules is the Here's also a tutorial showing how to use CEL with kubebuilder in practice. |
Thank you for your guidance. I'll start working on it right away. |
@mercybassey Are you still planning on contributing to this issue? If not, let me know as I'd like to take a shot at this ;) |
You can go ahead. |
I've created a first draft PR to illustrate my solution. I'd like some feedback on the work I've done so far before continuing, just to know if I'm on the right track: #3580. The changes I've implemented so far are equivalent to logic found in the collector_webhook.go file, specifically in these lines: L62, L65, L187 and L192. If I understood correctly, given that #2798 has been closed, we should also remove the equivalent logic from the webhooks, is that correct? If someone can confirm I'm on the right path, next steps should be to move as much logic as possible from these files into their respective CRD definitions. I'd also like to have some input on whether it would be better to have one PR for each file or do everything at once in a single PR.
|
@jbiers #3580 looks good to me, that's exactly what we want. If you want to make similar changes for other CRDs, I'd prefer to review a separate PR for each CRD, and possibly make the changes even more granular depending on how complex they are. Keep in mind that we'll also need to test these rules, which will require a real API Server, and therefore also envtest.
That is not the case. We currently support K8s 1.23, which doesn't have CEL at all. For the time being, we'll need to maintain both approaches. |
Component(s)
collector, auto-instrumentation, target allocator, opamp
Is your feature request related to a problem? Please describe.
CRDs can have validation rules now, it would be great to move our existing webhooks (for whatever we can) into these.
Describe the solution you'd like
Migrate to the kubebuilder's support for CRD validation rules. This would probably require us to bump our min supported version ...
Describe alternatives you've considered
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: