refactor: policy common reconciliation logic in a subreconciler #796
Conversation
fabriziosestito
force-pushed
the
refactor/policy-reconciler
branch
2 times, most recently
from
b666f0d to
abf3dfe
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #796 +/- ##
==========================================
+ Coverage 70.02% 70.25% +0.22%
==========================================
Files 23 19 -4
Lines 1705 1708 +3
==========================================
+ Hits 1194 1200 +6
+ Misses 394 389 -5
- Partials 117 119 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
fabriziosestito
force-pushed
the
refactor/policy-reconciler
branch
3 times, most recently
from
aa89739 to
f42c548
Compare
fabriziosestito
force-pushed
the
refactor/policy-reconciler
branch
from
06c62b8 to
42bdfaf
Compare
| Scheme *runtime.Scheme | ||
| Reconciler admission.Reconciler | ||
| Log logr.Logger | ||
| Scheme *runtime.Scheme |
There was a problem hiding this comment.
Cannot we remove the Scheme field and get it, when necessary, from the client?
There was a problem hiding this comment.
This comes from the kubebuilder scaffolding. I could find the rationale here: kubernetes-sigs/kubebuilder#986
There was a problem hiding this comment.
I expected a different approach for the subreconciler pattern, one like the example from here:
subreconcilersForPolicy := []subreconciler.FnWithRequest{
r.setStatusToUnknown,
r.addFinalizer,
r.handleDelete,
r.updateStatus,
}
// Run all subreconcilers sequentially
for _, f := range subreconcilersForPolicy {
if r, err := f(ctx, req); subreconciler.ShouldHaltOrRequeue(r, err) {
return subreconciler.Evaluate(r, err)
}
}I don't consider it a blocker though.
We need to also update docs/crds/Makefile for make generate to work, the resulting crd docs are part of the release artifacts.
This example is using a helper library. I linked the blog post to show the pattern of splitting and sharing reconciliation methods, if you look at the first example in the blog post a subreconciler is just a method. I personally don't want to introduce a dependency to a library, which is an opinionated take on the pattern just for this, but I am open to consider it in the future if the code becomes more complex (for instance, it could be useful when we will add the Policy Groups).
Done in: 5900152 |
…PolicySubReconciler Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
…ciler Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
…ret validation in the policy server reconciler, move validation to policyserver webhook Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
Signed-off-by: Fabrizio Sestito <fabrizio.sestito@suse.com>
fabriziosestito
force-pushed
the
refactor/policy-reconciler
branch
from
5900152 to
0005c69
Compare
|
I think we're good to go. Ship it 🚀 |
Description
This PR refactors and groups the common policy reconciliation logic in a subreconciler, removing the
admissionpackage and theReconciler"god class" leftover.To learn more about the subreconciler pattern, refer to this
It also removes the packages
policyserverandnamingand fixes some issues with thesetPolicyStatuserror handling:kubewarden-controller/internal/controller/policy_utils.go
Line 43 in 220be72
Fixes #774, fixes #773