Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

List applying policies in JobSink .status.policies #8062

Closed
creydr opened this issue Jul 2, 2024 · 3 comments · Fixed by #8064
Closed

List applying policies in JobSink .status.policies #8062

creydr opened this issue Jul 2, 2024 · 3 comments · Fixed by #8064
Assignees
@rahulii
Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. triage/accepted Issues which should be fixed (post-triage)

Comments

@creydr
Copy link
Member

creydr commented Jul 2, 2024

As the Eventing Authorization feature track describes, target resources of EventPolicies, will reflect in their status, which EventPolicy is applied to them.

For example:

apiVersion: sinks.knative.dev/v1alpha1
kind: JobSink
metadata:
  name: my-jobsink
spec:
  ...
status:
  ...
  policies:
    - name: event-policy
      apiVersion: v1alpha1
    - name: another-event-policy
      apiVersion: v1alpha1

  conditions:
    - type: Ready
      status: "True"
    - type: EventPoliciesReady
      status: "True"

As the JobSink should support EventPolicies, wee need to do the following:

  • Update the JobSink type and CRD to have the .status.policies (check on 59aed17, how this was done for the Broker resource for an example)
  • Update the JobSink reconciler to show applying policies in the JobSinks .status.policies and set the JobSink EventPoliciesReady condition. Also watch EventPolicies for changes.
  • Set EventPoliciesReady condition to true, in case no policy applies, and set message according to the default-authorization-mode (e.g. Default authorization mode is 'allow-all'). Check the Default Authorization Mode section in the feature track for additional information.

Prerequisites:

Additional hints for new contributors before starting with this issue:

  1. When the issue has the Draft status, the issue is subject to change and thus should not be started to be worked on
  2. Make sure you've read and understood the CONTRIBUTING.md guidelines
  3. Make sure you're able to run Knative Eventing locally and run at least the unit tests.
  4. Feel free to raise any questions you have either directly here in the issue, in the #knative-eventing Slack channel or join the Eventing Workgroup Meeting
  5. When you feel comfortable with this issue, feel free to assign it to you (e.g. by commenting /assign). Please be aware that we might unassign you, if we don't see any progress from your side to give other contributors also a chance to work on this issue.
@creydr creydr added good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. triage/accepted Issues which should be fixed (post-triage) labels Jul 2, 2024
@creydr
Copy link
Member Author

creydr commented Jul 2, 2024

/assign @rahulii

@knative-prow Knative Prow
Copy link

knative-prow bot commented Jul 2, 2024

@creydr: GitHub didn't allow me to assign the following users: rahulii.

Note that only knative members with read permissions, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time.
For more information please see the contributor guide

In response to this:

/assign @rahulii

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@rahulii
Copy link
Contributor

rahulii commented Jul 2, 2024

/assign

@rahulii rahulii mentioned this issue Jul 2, 2024
Merged
5 tasks
@creydr creydr mentioned this issue Aug 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rahulii rahulii

Labels
good first issue Denotes an issue ready for a new contributor, according to the "help wanted" guidelines. help wanted Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines. triage/accepted Issues which should be fixed (post-triage)
Projects
Eventing Authorization
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

List applying policies in job sink rahulii/eventing
2 participants
@creydr @rahulii