Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set PreserveUnknownFields: false in v1 CRDs #124

Merged
merged 3 commits into from
Jun 18, 2021
Merged

Set PreserveUnknownFields: false in v1 CRDs #124

merged 3 commits into from
Jun 18, 2021

Conversation

julianKatz
Copy link
Contributor

@julianKatz julianKatz commented Jun 10, 2021
edited

Our CRDs were previously of version v1beta1. In v1beta1,
spec.PreserveUnknownFields defaulted to true. As we did not set this
value explicitly, the value was set to true.

We've now updated our CRDs to v1. In v1, spec.PreserveUnknownFields
defaults to false. In fact, it is being deprecated in favor of the more
targeted x-kubernetes-preserve-unknown-fields field.

Despite this new default, spec.PreserveUnknownFields remains true for
our CRDs, even after applying the new v1 versions. This does not cause
any bad behavior, but is incorrect. The simple fix is to set
spec.PreserveUnknownFields to false in all our CRDs.

As the Constraint kind CRD is generated in code, I've added this field
in constraint/pkg/client/crd_helpers.go.

The ConstraintTemplate CRD is generated using controller-gen, but
v0.5.0 of the tool doesn't include an annotation for that, presumably
because it's not longer the supported path for disabling pruning. So, I've
achieved the desired effect with a simple kustomize patch.

Contributes to open-policy-agent/gatekeeper#550

Signed-off-by: juliankatz juliankatz@google.com

@julianKatz
Set PreserveUnknownFields: false in ConstraintTemplate v1 CRD
2073faf 
Our CRDs were previously of version v1beta1.  In v1beta1,
spec.PreserveUnknownFields defaulted to `true`.  As we did not set this
value explicitly, the value was set to `true`.

We've now updated our CRDs to v1.  In v1, spec.PreserveUnknownFields
defaults to false.  In fact, it is being deprecated in favor of the more
targeted x-kubernetes-preserve-unknown-fields field.

Despite this new default, spec.PreserveUnknownFields remains `true` for
our CRDs, even after applying the new v1 versions.  This does not cause
any bad behavior, but is incorrect.

To fix this, we must set spec.PreserveUnknownFields to false in our
CRDs.  `controller-gen` v0.5.0 doesn't include an annotation for that,
presumably because it's not longer the supported path for disabling
pruning.  So, I've achieved the desired effect with a simple kustomize
patch.

Contributes to open-policy-agent/gatekeeper#550

Signed-off-by: juliankatz <juliankatz@google.com>
@julianKatz julianKatz force-pushed the PreserveUnknownFields-false-with-kustomize branch from d89d10d to 2073faf Compare June 10, 2021 20:43
maxsmythe
maxsmythe reviewed Jun 10, 2021
View reviewed changes
Copy link
Contributor

@maxsmythe maxsmythe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we set this for the other CRDs as well?

@julianKatz
Also set PreserveUnknownFields: false in Constraint kind CRD
54e5427 
Signed-off-by: juliankatz <juliankatz@google.com>
@codecov-commenter
Copy link

codecov-commenter commented Jun 10, 2021
edited

Codecov Report

Merging #124 (8f1e1db) into master (5c03494) will increase coverage by 0.04%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #124      +/-   ##
==========================================
+ Coverage   44.26%   44.31%   +0.04%     
==========================================
  Files          30       30              
  Lines        2417     2419       +2     
==========================================
+ Hits         1070     1072       +2     
  Misses       1022     1022              
  Partials      325      325
Flag Coverage Δ
unittests 44.31% <ø> (+0.04%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
...nt/frameworks/constraint/pkg/client/crd_helpers.go 89.58% <0.00%> (+0.22%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 878a63a...8f1e1db. Read the comment docs.

@julianKatz julianKatz changed the title Set PreserveUnknownFields: false in ConstraintTemplate v1 CRD Set PreserveUnknownFields: false in v1 CRDs Jun 10, 2021
@julianKatz
Copy link
Contributor Author

Should we set this for the other CRDs as well?

I've added the field to the code that generates Constraint kind CRDs. I'll make a PR in g8r as well.

@julianKatz julianKatz mentioned this pull request Jun 10, 2021
Merged
@julianKatz
Preserve --> preserve
8f1e1db 
Signed-off-by: juliankatz <juliankatz@google.com>
maxsmythe
maxsmythe approved these changes Jun 10, 2021
View reviewed changes
Copy link
Contributor

@maxsmythe maxsmythe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ritazh @shomron @sozercan LGTY?

@maxsmythe
Copy link
Contributor

@ritazh @shomron @sozercan poke

@maxsmythe maxsmythe merged commit 1a90d7c into open-policy-agent:master Jun 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ritazh ritazh ritazh approved these changes

@maxsmythe maxsmythe maxsmythe approved these changes

@shomron shomron Awaiting requested review from shomron

@sozercan sozercan Awaiting requested review from sozercan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@julianKatz @codecov-commenter @maxsmythe @ritazh