API: Use new token generation SSP API and remove feature gate #3087
Conversation
kubevirt-bot
added
release-note
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
akrejcir
force-pushed
the
ssp-remove-vm-proxy-feature-gate
branch
from
33a9922
to
25eac49
Compare
Pull Request Test Coverage Report for Build 11124276641Details
💛 - Coveralls |
Good point, I did not consider update. Does HCO have functionality to run some logic only during update? It would be good, if we can copy the value of the feature gate to the new field in |
HCO does have code that only run during upgrade, but we need to avoid modifying the HyperConverged spec. Another alternative is the mutation webhook. @tiraboschi WDYT? |
|
hco-e2e-kv-smoke-gcp lane succeeded. |
|
@hco-bot: Overrode contexts on behalf of hco-bot: ci/prow/hco-e2e-kv-smoke-azure In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
In |
kubevirt-bot
added
the
needs-rebase
Thanks, I will add a patch there. |
akrejcir
force-pushed
the
ssp-remove-vm-proxy-feature-gate
branch
from
25eac49
to
cf2b009
Compare
kubevirt-bot
added
size/L
and removed
needs-rebase
akrejcir
force-pushed
the
ssp-remove-vm-proxy-feature-gate
branch
from
cf2b009
to
4355973
Compare
|
hco-e2e-kv-smoke-gcp lane succeeded. |
|
@hco-bot: Overrode contexts on behalf of hco-bot: ci/prow/hco-e2e-kv-smoke-azure In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
akrejcir
force-pushed
the
ssp-remove-vm-proxy-feature-gate
branch
3 times, most recently
from
e44cc2f
to
7dc0c86
Compare
|
@akrejcir: The following test failed, say
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
hco-e2e-kv-smoke-gcp lane succeeded. |
|
@hco-bot: Overrode contexts on behalf of hco-bot: ci/prow/hco-e2e-kv-smoke-azure In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
The token generation API was stabilized in the SSP, and feature gate was removed: kubevirt/ssp-operator#1018 This commit removes the same feature gate from HCO, and adds a new field in the .spec to enable this feature. Signed-off-by: Andrej Krejcir <akrejcir@redhat.com>
akrejcir
force-pushed
the
ssp-remove-vm-proxy-feature-gate
branch
from
7dc0c86
to
25f2d24
Compare
|
|
hco-e2e-upgrade-prev-operator-sdk-sno-aws lane succeeded. |
|
@hco-bot: Overrode contexts on behalf of hco-bot: ci/prow/hco-e2e-operator-sdk-gcp, ci/prow/hco-e2e-upgrade-operator-sdk-sno-azure, ci/prow/hco-e2e-upgrade-prev-operator-sdk-azure, ci/prow/hco-e2e-upgrade-prev-operator-sdk-sno-azure In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
hco-e2e-consecutive-operator-sdk-upgrades-azure lane succeeded. |
|
@hco-bot: Overrode contexts on behalf of hco-bot: ci/prow/hco-e2e-consecutive-operator-sdk-upgrades-aws, ci/prow/hco-e2e-operator-sdk-sno-aws In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@akrejcir: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/retest |
|
Can you please take another look? |
|
hco-e2e-kv-smoke-gcp lane succeeded. |
|
@hco-bot: Overrode contexts on behalf of hco-bot: ci/prow/hco-e2e-kv-smoke-azure In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
| }, | ||
| { | ||
| "semverRange": "<1.14.0", | ||
| "jsonPatch": [ | ||
| { | ||
| "op": "test", | ||
| "path": "/spec/featureGates/deployVmConsoleProxy", | ||
| "value": false | ||
| }, | ||
| { | ||
| "op": "add", | ||
| "path": "/spec/enableTokenGenerationApi", | ||
| "value": false | ||
| } | ||
| ] |
There was a problem hiding this comment.
@tiraboschi @akrejcir - are we sure about this logic? the deprecated feature gate is false by default. And we want this field to be true by default.
I'm not sure I have good solution for this - we can't tell if the feature gate is false on purpose or was just left with its default value.
My concern we will carry this potential wrong value for all future upgrades.
There was a problem hiding this comment.
I wanted to do this update with minimal surprise for the user.
The problem is, as you've written, that we don't know if user decided to disable the feature, or just left it default.
If it was intentionally disabled, it would be a surprise to enable it on update.
But maybe we can enable it by default, and add a note to the documentation.
|
I'm not sure about this PR. Do we really need a new enabler field to replace the existing feature gate? The term "feature gate" is wrongly used in HCO anyway, and we need to treat the feature gates as "enablers". I think this change will just create mess. We want to introduce a new API, to fix the wrong feature gate naming anyway. I suggest to just replace the default value to true. |
|
And @akrejcir - sorry for the late response. |
Thanks for the feedback. I don't have any opinion on HCO API change. |
I agree with this:
We need to understand if we simply want to propose a new default for future fresh deployments or if we want also to "silently" change it for all the cluster on upgrades. |
What this PR does / why we need it:
The token generation API was stabilized in the SSP, and feature gate was removed:
kubevirt/ssp-operator#1018
This PR removes the same feature gate from HCO, and adds a new field in the .spec to enable this feature.
Reviewer Checklist
Jira Ticket:
Release note: