feat: shortName for the CRDs. #896
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #896 +/- ##
==========================================
+ Coverage 70.53% 70.65% +0.11%
==========================================
Files 30 30
Lines 2559 2559
==========================================
+ Hits 1805 1808 +3
+ Misses 584 582 -2
+ Partials 170 169 -1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
On second thought, I wonder if there's a possibility to have them pronounceable. |
config/crd/bases/policies.kubewarden.io_admissionpolicygroups.yaml
Outdated
Show resolved
Hide resolved
jvanz
force-pushed
the
shortnames
branch
3 times, most recently
from
51f93fb to
2b5f5fe
Compare
| @@ -77,12 +77,13 @@ type ClusterAdmissionPolicySpec struct { | |||
| // ClusterAdmissionPolicy is the Schema for the clusteradmissionpolicies API | |||
| // +kubebuilder:object:root=true | |||
| // +kubebuilder:subresource:status | |||
| // +kubebuilder:resource:scope=Cluster | |||
| // +kubebuilder:resource:scope=Cluster,shortName=cap | |||
There was a problem hiding this comment.
@kubewarden/kubewarden-developers I've needed to update v1alpha2 CRDs because controller-gen change the order of it process the files to extract the kubebuilder markers each time it runs. Therefore, each time it runs the CRDs generation is different. When the v1alpha2 CRDs types are the last one to be processed, the shortNames are not define.
There was a problem hiding this comment.
I've opened an issue asking if this is expected or it is a bug.
There was a problem hiding this comment.
Can't we drop these alpha resources? They are not used since a long time...
There was a problem hiding this comment.
+1 on dropping the alpha resources.
There was a problem hiding this comment.
I thoug about that as well. I've even use the //+kubebuilder:skip to ignore the v1alpha2. But than I've wondered, what happens if someone is still using the alpha version? The conversion will happen out of the box for resources already installed? Because of that, I've decided to mark the alpha version as deprecated first. But if we can drop it with no issue, I prefer removing it as well.
There was a problem hiding this comment.
I think we need more care on how we will remove the CRDs. I've did the following test:
- Start clean cluster
- Install kubewarden-crds version
0.1.4and kubewarden-controller version0.4.6. These are versions before the CRDsv1and Kubewardenv1.0.0release - Install a
v1alpha2policy. See below the policy used - Upgrade to
v1.0.0of the crds and controller helm charts - Upgrade to latest crds and controller helm charts
- Change my local kubewarden-crds helm chart removing the
v1alpha2version - Try to upgrade the crds using my local helm chart
I can see this error:
Error: UPGRADE FAILED: cannot patch "clusteradmissionpolicies.policies.kubewarden.io" with kind CustomResourceDefinition: CustomResourceDefinition.apiextensions.k8s.io "clusteradmissionpolicies.policies.kubewarden.io" is invalid: status.storedVersions[0]: Invalid value: "v1alpha2": must appear in spec.versions
Therefore, even if the policies have been migrated to v1 during the upgrade path. The storedVersion fields is still telling that we have v1alpha2 installed. This is the field description:
storedVersions lists all versions of CustomResources that were ever persisted. Tracking these versions allows a migration path for stored versions in etcd. The field is mutable so a migration controller can finish a migration to another version (ensuring no old objects are left in storage), and then remove the rest of the versions from this list. Versions may not be removed from
spec.versionswhile they exist in this list.
Considering this documentation. I guess our controller needs to updates this field to allow the removal of the old CRD.
In case you want to setup a similar testing environment. This is the commands used to create a cluster with old kubewarden stack version:
minikube delete --all && \
minikube start && \
helm install --wait --namespace cert-manager --create-namespace --set crds.enabled=true cert-manager jetstack/cert-manager && \
helm install --wait -n kubewarden --create-namespace kubewarden-crds kubewarden/kubewarden-crds --version 0.1.4 && \
helm install --wait -n kubewarden kubewarden-controller kubewarden/kubewarden-controller --version 0.4.6 && \
k8s apply -f policy.yaml && \
k8s get clusteradmissionpolicy pod-privileged -o yaml The policy definition:
apiVersion: policies.kubewarden.io/v1alpha2
kind: ClusterAdmissionPolicy
metadata:
name: privileged-pods
spec:
module: registry://ghcr.io/kubewarden/policies/pod-privileged:v0.3.2
rules:
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["pods"]
operations:
- CREATE
- UPDATE
mutating: falseThere was a problem hiding this comment.
Considering the previous comment. I suggest to keep the v1alpha2 for now, mark it as deprecated and create an issue to attack the old CRD removal.
Adds shortName for the Kubewarden CRDs. This allows users to get Kubewarden types using acronymous and making the commands smaller to type. Signed-off-by: José Guilherme Vanz <[email protected]>
Description
Adds shortName for the Kubewarden CRDs. This allows users to get Kubewarden types using acronymous and making the commands smaller to type.
@kubewarden/kubewarden-developers I'm creating this PR as draft because I would like to investigate why
controller-genis not updating the CRDs with theshortNamesfor some CRDs. However, I would like to know if you are fine with the proposedshortNames. I've prefixed all of them withkto flag this is akubewardenresource.