Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚠ (:warning:, major) Webhook support in envtest #787

Merged
merged 1 commit into from
Mar 5, 2020
Merged

⚠ (:warning:, major) Webhook support in envtest #787

merged 1 commit into from
Mar 5, 2020
+834 −4

Conversation

alenkacz
Copy link
Contributor

@alenkacz alenkacz commented Feb 1, 2020
edited
Loading

Ability to test webhooks with envtest

lots of code is reused from PoC done in #645

Fixes #563

Co-authored-by: Solly Ross sollyross@google.com

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Feb 1, 2020
@alenkacz
Copy link
Contributor Author

alenkacz commented Feb 1, 2020

/assign DirectXMan12 gerred

/hold

@DirectXMan12 I want to add you as co-author, what mail should I use? :-)

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 1, 2020
@alenkacz
Copy link
Contributor Author

alenkacz commented Feb 1, 2020

/retest

@alenkacz
Copy link
Contributor Author

alenkacz commented Feb 1, 2020
edited
Loading

strange, the test failure seems like it should be unrelated but it fails consistently so I'll check it out...

EDIT: Oh funny, that test started failing because I changed this --admission-control=AlwaysAdmit to --enable-admission-plugins=ValidatingAdmissionWebhook and the namespace really does not exist

@alenkacz alenkacz force-pushed the av/envtest-webhook branch 2 times, most recently from 44265a2 to c0c55b0 Compare February 3, 2020 10:40
alenkacz
alenkacz commented Feb 3, 2020
View reviewed changes
pkg/cache/cache_test.go
@@ -96,6 +96,14 @@ func CacheTest(createCacheFunc func(config *rest.Config, opts cache.Options) (ca
Expect(cfg).NotTo(BeNil())

By("creating three pods")
cl, err := client.New(cfg, client.Options{})
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is because of #787 (comment)

alenkacz
alenkacz commented Feb 3, 2020
View reviewed changes
pkg/envtest/server.go Outdated Show resolved Hide resolved
DirectXMan12
DirectXMan12 suggested changes Feb 3, 2020
View reviewed changes
Copy link
Contributor

@DirectXMan12 DirectXMan12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left a few comments. generally looks good

pkg/envtest/envtest_test.go Show resolved Hide resolved
pkg/envtest/server.go Outdated Show resolved Hide resolved
pkg/envtest/webhook.go Outdated Show resolved Hide resolved
pkg/envtest/envtest_suite_test.go Show resolved Hide resolved
vincepri
vincepri reviewed Feb 3, 2020
View reviewed changes
pkg/envtest/webhook.go Outdated
"k8s.io/apimachinery/pkg/util/wait"
"sigs.k8s.io/controller-runtime/pkg/client"

admissionreg "k8s.io/api/admissionregistration/v1beta1"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

1.16 adds webhook/v1, should we update to that version to avoid the same issue we had with CRDs?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what was that issue? I was talking with joe about proper support of v1 webhooks, I'll be creating an issue for that. But I assume this is something more subtle... :-)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was more suggesting we start with webhooks/v1 instead of v1beta1. If we don't, we might have to add support later in the future.

We had the same issue for envtest CRD, and to be backward compatible we have to handle both versions, which makes the whole code a little tricky. #752

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh I see, yeah that makes sense to me if @DirectXMan12 is OK with that...

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i agree with this. if there's an interface here too, can we introduce a helper that uses this interface? if not....ok then.

basically I want to abstract the version from the object as much as possible and generally select the client's storage version (as we would with CRDs).

generally 👍 on latest version selection from our level of abstraction, and binding CR release versions to certain core GVK versions.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think probably the safest method here is some sort of helper that can deal with v1 and v1beta1 webhooks like we do with CRDs

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since we're prob stuck with v1beta1 for at least a bit longer

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(basically should be able to copy the code from the CRD handling logic, more-or-less)

pkg/envtest/webhook.go Outdated Show resolved Hide resolved
@alenkacz
Copy link
Contributor Author

alenkacz commented Feb 4, 2020

@vincepri @DirectXMan12 should be ready for re-review

@alenkacz alenkacz force-pushed the av/envtest-webhook branch 2 times, most recently from 58e638f to 0a2957d Compare February 4, 2020 10:38
@alenkacz
Copy link
Contributor Author

alenkacz commented Feb 4, 2020
edited
Loading

/hold cancel

@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 4, 2020
@alenkacz
Copy link
Contributor Author

alenkacz commented Feb 4, 2020

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 4, 2020
gerred
gerred reviewed Feb 5, 2020
View reviewed changes
pkg/envtest/webhook.go Outdated Show resolved Hide resolved
@DirectXMan12 DirectXMan12 mentioned this pull request Feb 5, 2020
Closed
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 28, 2020
@alenkacz alenkacz changed the title WIP: ⚠ (:warning:, major) Webhook support in envtest ⚠ (:warning:, major) Webhook support in envtest Feb 28, 2020
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 28, 2020
@alenkacz alenkacz force-pushed the av/envtest-webhook branch 3 times, most recently from 99e4cac to 007c9a8 Compare February 28, 2020 11:02
@alenkacz
Copy link
Contributor Author

/retest

mengqiy
mengqiy reviewed Feb 28, 2020
View reviewed changes
Copy link
Member

@mengqiy mengqiy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few nits. Other places LGTM

pkg/envtest/envtest_suite_test.go Outdated Show resolved Hide resolved
pkg/envtest/webhook.go Outdated Show resolved Hide resolved
pkg/envtest/webhook.go Outdated Show resolved Hide resolved
pkg/envtest/webhook_test.go Outdated Show resolved Hide resolved
pkg/envtest/webhook_test.go Outdated Show resolved Hide resolved
pkg/envtest/webhook.go Show resolved Hide resolved
@alenkacz
Copy link
Contributor Author

@mengqiy thanks for the review, you can do another pass :)

DirectXMan12
DirectXMan12 suggested changes Mar 4, 2020
View reviewed changes
Copy link
Contributor

@DirectXMan12 DirectXMan12 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's fix the namespace plugin backwards compat issue, then we can merge this

@mengqiy
Copy link
Member

mengqiy commented Mar 4, 2020

/retest

@alenkacz alenkacz force-pushed the av/envtest-webhook branch 2 times, most recently from 88c1091 to 88442a4 Compare March 5, 2020 12:32
alenkacz
alenkacz commented Mar 5, 2020
View reviewed changes
pkg/internal/testing/integration/internal/apiserver.go Outdated
@@ -9,7 +9,8 @@ var APIServerDefaultArgs = []string{
"--insecure-port={{ if .URL }}{{ .URL.Port }}{{ end }}",
"--insecure-bind-address={{ if .URL }}{{ .URL.Hostname }}{{ end }}",
"--secure-port={{ if .SecurePort }}{{ .SecurePort }}{{ end }}",
"--admission-control=AlwaysAdmit",
"--enable-admission-plugins=MutatingAdmissionWebhook,ValidatingAdmissionWebhook",
"--disable-admission-plugins=NamespaceLifecycle,LimitRanger,ServiceAccount,TaintNodesByCondition,Priority,DefaultTolerationSeconds,DefaultStorageClass,StorageObjectInUseProtection,PersistentVolumeClaimResize,RuntimeClass,ResourceQuota",
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is to be backward compatible

@alenkacz alenkacz force-pushed the av/envtest-webhook branch 2 times, most recently from 92e6872 to 606079a Compare March 5, 2020 16:07
@alenkacz
Copy link
Contributor Author

alenkacz commented Mar 5, 2020

/retest

@alenkacz @DirectXMan12
Webhook support in envtest
528cd19 
Co-authored-by: Solly Ross <sollyross@google.com>
@mengqiy
Copy link
Member

mengqiy commented Mar 5, 2020

@alenkacz Don't forget to create the followup PR with the breaking change after this PR merges.
/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 5, 2020
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alenkacz, mengqiy

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 5, 2020
@k8s-ci-robot k8s-ci-robot merged commit bfc9827 into kubernetes-sigs:master Mar 5, 2020
@mengqiy mengqiy mentioned this pull request Apr 25, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gerred gerred gerred left review comments

@mengqiy mengqiy mengqiy left review comments

@vincepri vincepri vincepri left review comments

@DirectXMan12 DirectXMan12 DirectXMan12 requested changes

Assignees

@DirectXMan12 DirectXMan12

@gerred gerred

@mengqiy mengqiy

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
v0.5.x
Development

Successfully merging this pull request may close these issues.

Envtest does not register or run webhooks
6 participants
@alenkacz @mengqiy @k8s-ci-robot @DirectXMan12 @gerred @vincepri