Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revisit Policy status, policy mode status and conditions and refactor the policy subreconciler #804

Open
fabriziosestito opened this issue Jul 9, 2024 · 1 comment
Labels
kind/tech-debt kind/to-be-refined status/waiting-feedback Label to help visualize issue waiting for feedback from someone

Comments

@fabriziosestito
Copy link
Contributor

fabriziosestito commented Jul 9, 2024

Status

At the time of writing, the policy status is composed by [PolicyModeStatus](https://github.com/kubewarden/kubewarden-controller/blob/a331d8d2d4ccd26396935fd9333118c85185280a/api/policies/v1/policy.go#L31) and [PolicyStatusEnum](https://github.com/kubewarden/kubewarden-controller/blob/a331d8d2d4ccd26396935fd9333118c85185280a/api/policies/v1/policy.go#L11). Unfortunately this adds complexity in the reconciliation loop and it could be ambiguous for the user.
Instead, we could merge PolicyModeStatus with PolicyStatusEnum having two different final active states PolicyStatusActiveMonitor and PolicyStatusActiveProtect.

Condition

Also, we could revisit the PolicyConditionType. We could either remove them or refactor them to be more explicit. See: https://maelvls.dev/kubernetes-conditions/

Reconciler

The policy subreconciler reconciliation loop could be simplified using the new statuses/conditions.

  • we could remove the reconcilePolicy and refactor the setPolicyStatus methods, as the first could be part of the reconcile method and the second one does not set the policy status, but it changes the policy mode status instead. The status change is also spread in the reconcilePolicy and reconcile methods.
  • investigate why we need to store the reconcileErr and return it after the status update.

This is related to: #743, #616

@fabriziosestito
Copy link
Contributor Author

Also we need to investigate this error

2024-07-19T15:03:43+02:00     ERROR   Reconciler error        {"controller": "policyserver", "controllerGroup": "policies.kubewarden.io", "controllerKind": "PolicyServer", "PolicyServer": {"name":"policy-server-u0y4ypm0"}, "namespace": "", "name": "policy-server-u0y4ypm0", "reconcileID": "44def5e9-383a-4e85-9ed3-770d384c7ac2", "error": "update policy server status error: Operation cannot be fulfilled on policyservers.policies.kubewarden.io \"policy-server-u0y4ypm0\": the object has been modified; please apply your changes to the latest version and try again"}
  sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler
        /home/lain/.asdf/installs/golang/1.22.3/packages/pkg/mod/sigs.k8s.io/controller-runtime@v0.18.4/pkg/internal/controller/controller.go:324
  sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem
        /home/lain/.asdf/installs/golang/1.22.3/packages/pkg/mod/sigs.k8s.io/controller-runtime@v0.18.4/pkg/internal/controller/controller.go:261
  sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2
        /home/lain/.asdf/installs/golang/1.22.3/packages/pkg/mod/sigs.k8s.io/controller-runtime@v0.18.4/pkg/internal/controller/controller.go:222

which might be related.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/tech-debt kind/to-be-refined status/waiting-feedback Label to help visualize issue waiting for feedback from someone
Projects
Status: No status
Development

No branches or pull requests

1 participant