-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change Constraint Template CRD to apiextensions.k8s.io/v1 #114
Change Constraint Template CRD to apiextensions.k8s.io/v1 #114
Conversation
Codecov Report
@@ Coverage Diff @@
## master #114 +/- ##
=======================================
Coverage 43.89% 43.89%
=======================================
Files 27 27
Lines 2383 2383
=======================================
Hits 1046 1046
Misses 1017 1017
Partials 320 320
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report at Codecov.
|
I don't think this entirely fixes open-policy-agent/gatekeeper#550 until the rest of the work has been done? Definitely change the wording in the description so GitHub doesn't try to autoclose that issue. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we need to also set x-preserve for the JSON schemas
dcddaff
to
d50a5ea
Compare
v1beta1 CRDs will not be supported in upcoming k8s versions, so all our CRDs will have to be v1. This makes our toolchain output a v1 CRD for the Constraint Template kind. Contributes to open-policy-agent/gatekeeper#550 Signed-off-by: juliankatz <juliankatz@google.com>
d50a5ea
to
6370717
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This fixes the unit tests, which are currently broken. Somehow, I was able to merge my previous PR (open-policy-agent#114) with these tests broken. They passed in the GitHub actions, but are failing for me when I run them locally (without the change in this PR). I'm not sure how that happened. I tried upgrading all the way to controller-runtime 3.0.0, but the developers of that seem to have changed the way the package is delivered. Now, only the binary seems to available for download, instead of a folder full of binaries. Notably, this leaves out the binaries for the API server components (etcd, for example) that are used during unit test runs. Contributes to open-policy-agent/gatekeeper#550 Signed-off-by: juliankatz <juliankatz@google.com>
This fixes the unit tests, which are currently broken. Somehow, I was able to merge my previous PR (#114) with these tests broken. They passed in the GitHub actions, but are failing for me when I run them locally (without the change in this PR). I'm not sure how that happened. I tried upgrading all the way to controller-runtime 3.0.0, but the developers of that seem to have changed the way the package is delivered. Now, only the binary seems to available for download, instead of a folder full of binaries. Notably, this leaves out the binaries for the API server components (etcd, for example) that are used during unit test runs. Contributes to open-policy-agent/gatekeeper#550 Signed-off-by: juliankatz <juliankatz@google.com>
This PR changes the flags passed to controller-gen to generate v1 CRDs for the CRDs defined in this repository. It also includes changes from open-policy-agent/frameworks#114, which update the ConstraintTemplate CRD to v1. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
This PR changes the flags passed to controller-gen to generate v1 CRDs for the CRDs defined in this repository. It also includes changes from open-policy-agent/frameworks#114, which update the ConstraintTemplate CRD to v1, and open-policy-agent/frameworks#117, which allowed Gatekeeper to add the Operations field to byPodStatus, which isn't built in to the byPodStatus golang struct. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
This PR changes the flags passed to controller-gen to generate v1 CRDs for the CRDs defined in this repository. It also includes changes from open-policy-agent/frameworks#114, which update the ConstraintTemplate CRD to v1, and open-policy-agent/frameworks#117, which allowed Gatekeeper to add the Operations field to byPodStatus, which isn't built in to the byPodStatus golang struct. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
This PR changes the flags passed to controller-gen to generate v1 CRDs for the CRDs defined in this repository. It also includes changes from open-policy-agent/frameworks#114, which update the ConstraintTemplate CRD to v1, and open-policy-agent/frameworks#117, which allowed Gatekeeper to add the Operations field to byPodStatus, which isn't built in to the byPodStatus golang struct. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
Kubernetes v1 CRDs require structural schemas. This means that, where possible, JSONSchemas should identify the type of a field. Fields without this type information will require the key: value pair of x-kubernetes-unknown-fields: true to be set. This signals the API server to save the content found in that field to etcd without validation. This PR adds the remaining type information to the MatchSchema() function, rendering its output structural. This func's output is what populates the `match` section of the CRD for a Constraint kind. It also imports Constraint Framework, including the updates made in open-policy-agent/frameworks#114. This change transforms the schema information provided by users in a v1beta1 ConstraintTemplate to be structural. Contributes to #550 Signed-off-by: juliankatz <juliankatz@google.com>
This PR changes the flags passed to controller-gen to generate v1 CRDs for the CRDs defined in this repository. It also includes changes from open-policy-agent/frameworks#114, which update the ConstraintTemplate CRD to v1, and open-policy-agent/frameworks#117, which allowed Gatekeeper to add the Operations field to byPodStatus, which isn't built in to the byPodStatus golang struct. Contributes to open-policy-agent#550 Signed-off-by: juliankatz <juliankatz@google.com>
This PR changes the flags passed to controller-gen to generate v1 CRDs for the CRDs defined in this repository. It also includes changes from open-policy-agent/frameworks#114, which update the ConstraintTemplate CRD to v1, and open-policy-agent/frameworks#117, which allowed Gatekeeper to add the Operations field to byPodStatus, which isn't built in to the byPodStatus golang struct. Contributes to #550 Signed-off-by: juliankatz <juliankatz@google.com>
v1beta1 CRDs will not be supported in upcoming k8s versions, so all our
CRDs will have to be v1. This makes our toolchain output a v1 CRD for
the Constraint Template kind.
Contributes to open-policy-agent/gatekeeper#550
Signed-off-by: juliankatz juliankatz@google.com