-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
⚠ (:warning:, major) Webhook support in envtest #787
⚠ (:warning:, major) Webhook support in envtest #787
Conversation
/assign DirectXMan12 gerred /hold @DirectXMan12 I want to add you as co-author, what mail should I use? :-) |
a0dce79
to
62590e8
Compare
/retest |
strange, the test failure seems like it should be unrelated but it fails consistently so I'll check it out... EDIT: Oh funny, that test started failing because I changed this |
44265a2
to
c0c55b0
Compare
@@ -96,6 +96,14 @@ func CacheTest(createCacheFunc func(config *rest.Config, opts cache.Options) (ca | |||
Expect(cfg).NotTo(BeNil()) | |||
|
|||
By("creating three pods") | |||
cl, err := client.New(cfg, client.Options{}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is because of #787 (comment)
c0c55b0
to
e4f7c03
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
left a few comments. generally looks good
pkg/envtest/webhook.go
Outdated
"k8s.io/apimachinery/pkg/util/wait" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
|
||
admissionreg "k8s.io/api/admissionregistration/v1beta1" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1.16 adds webhook/v1, should we update to that version to avoid the same issue we had with CRDs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what was that issue? I was talking with joe about proper support of v1 webhooks, I'll be creating an issue for that. But I assume this is something more subtle... :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was more suggesting we start with webhooks/v1 instead of v1beta1. If we don't, we might have to add support later in the future.
We had the same issue for envtest
CRD, and to be backward compatible we have to handle both versions, which makes the whole code a little tricky. #752
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh I see, yeah that makes sense to me if @DirectXMan12 is OK with that...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i agree with this. if there's an interface here too, can we introduce a helper that uses this interface? if not....ok then.
basically I want to abstract the version from the object as much as possible and generally select the client's storage version (as we would with CRDs).
generally 👍 on latest version selection from our level of abstraction, and binding CR release versions to certain core GVK versions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think probably the safest method here is some sort of helper that can deal with v1 and v1beta1 webhooks like we do with CRDs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
since we're prob stuck with v1beta1 for at least a bit longer
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(basically should be able to copy the code from the CRD handling logic, more-or-less)
e4f7c03
to
d0bf5bb
Compare
@vincepri @DirectXMan12 should be ready for re-review |
58e638f
to
0a2957d
Compare
/hold cancel |
/hold cancel |
0a2957d
to
1522566
Compare
987f485
to
898d49b
Compare
898d49b
to
fca2a6d
Compare
99e4cac
to
007c9a8
Compare
/retest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few nits. Other places LGTM
007c9a8
to
79ba043
Compare
@mengqiy thanks for the review, you can do another pass :) |
79ba043
to
f1ae851
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let's fix the namespace plugin backwards compat issue, then we can merge this
/retest |
88c1091
to
88442a4
Compare
@@ -9,7 +9,8 @@ var APIServerDefaultArgs = []string{ | |||
"--insecure-port={{ if .URL }}{{ .URL.Port }}{{ end }}", | |||
"--insecure-bind-address={{ if .URL }}{{ .URL.Hostname }}{{ end }}", | |||
"--secure-port={{ if .SecurePort }}{{ .SecurePort }}{{ end }}", | |||
"--admission-control=AlwaysAdmit", | |||
"--enable-admission-plugins=MutatingAdmissionWebhook,ValidatingAdmissionWebhook", | |||
"--disable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,TaintNodesByCondition,Priority,DefaultTolerationSeconds,DefaultStorageClass,StorageObjectInUseProtection,PersistentVolumeClaimResize,RuntimeClass,ResourceQuota", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is to be backward compatible
92e6872
to
606079a
Compare
/retest |
Co-authored-by: Solly Ross <sollyross@google.com>
606079a
to
528cd19
Compare
@alenkacz Don't forget to create the followup PR with the breaking change after this PR merges. |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alenkacz, mengqiy The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Ability to test webhooks with envtest
lots of code is reused from PoC done in #645
Fixes #563
Co-authored-by: Solly Ross sollyross@google.com