Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: implement expansion template pod status #2598

Merged
merged 22 commits into from
Apr 5, 2023
Merged

feat: implement expansion template pod status #2598

merged 22 commits into from
Apr 5, 2023

Conversation

davis-haba
Copy link
Contributor

Signed-off-by: davis-haba davishaba@google.com

Implements byPod status for ExpansionTemplates.

Fixes: #2302

@davis-haba davis-haba changed the title implement expansion template pod status [feat] implement expansion template pod status Feb 23, 2023
maxsmythe
maxsmythe reviewed Feb 25, 2023
View reviewed changes
Copy link
Contributor

@maxsmythe maxsmythe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Directionally, this is looking really good. Have a few nit comments (and it looks like this may still be WIP)

apis/addtoscheme_status_v1alpha1.go Outdated Show resolved Hide resolved
apis/expansion/unversioned/expansiontemplate_types.go Outdated Show resolved Hide resolved
apis/expansion/v1alpha1/expansiontemplate_types.go Outdated Show resolved Hide resolved
apis/status/v1alpha1/expansiontemplatepodstatus_types.go Outdated Show resolved Hide resolved
cmd/gator/test/test.go Outdated Show resolved Hide resolved
pkg/controller/expansionstatus/expansionstatus_controller.go Outdated Show resolved Hide resolved
pkg/expansion/system.go Outdated Show resolved Hide resolved
pkg/readiness/ready_tracker.go Outdated Show resolved Hide resolved
@JaydipGabani
Copy link
Contributor

@davis-haba I'd really appreciate if you can explain what is the need behind this PR. As I have not looked at how expansion templates work I do not have enough background. So I am a little confused and curious.

@maxsmythe
Copy link
Contributor

Davis can probably give better context, but it's similar to the reasoning behind constraint/constrainttemplate/mutator statuses (make the ingestion state of a config across the fleet of pods visible)

@davis-haba davis-haba changed the title [feat] implement expansion template pod status feat: implement expansion template pod status Mar 3, 2023
@codecov-commenter
Copy link

codecov-commenter commented Mar 4, 2023
edited
Loading

Codecov Report

Patch coverage: 39.52% and project coverage change: -0.42 ⚠️

Comparison is base (143e8cf) 53.27% compared to head (c03e842) 52.85%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2598      +/-   ##
==========================================
- Coverage   53.27%   52.85%   -0.42%     
==========================================
  Files         120      123       +3     
  Lines       10594    10926     +332     
==========================================
+ Hits         5644     5775     +131     
- Misses       4515     4695     +180     
- Partials      435      456      +21
Flag Coverage Δ
unittests 52.85% <39.52%> (-0.42%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
apis/status/v1beta1/zz_generated.deepcopy.go 0.00% <0.00%> (ø)
pkg/webhook/policy.go 37.76% <0.00%> (-1.32%) ⬇️
...status/v1beta1/expansiontemplatepodstatus_types.go 8.69% <8.69%> (ø)
apis/status/v1beta1/util.go 76.31% <25.00%> (ø)
pkg/controller/expansion/stats_reporter.go 54.05% <45.83%> (ø)
pkg/controller/expansion/expansion_controller.go 55.47% <61.22%> (ø)
pkg/readiness/ready_tracker.go 69.19% <65.30%> (-0.46%) ⬇️
apis/status/v1beta1/constraintpodstatus_types.go 80.64% <100.00%> (ø)
...tatus/v1beta1/constrainttemplatepodstatus_types.go 73.91% <100.00%> (ø)
apis/status/v1beta1/mutatorpodstatus_types.go 80.00% <100.00%> (ø)
... and 2 more

... and 3 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@davis-haba
Copy link
Contributor Author

davis-haba commented Mar 10, 2023
edited
Loading

@JaydipGabani

@davis-haba I'd really appreciate if you can explain what is the need behind this PR. As I have not looked at how expansion templates work I do not have enough background. So I am a little confused and curious.

The byPod status, present on Constraints, Mutators, and now ExpansionTemplates, is designed to report the status of each resource as observed by each Pod.

For example, suppose you have 3 validation webhook replicas. You might be interested in guaranteeing that all 3 of the replicas have all of the necessary ExpansionTemplates or Constraints registered. If only 2/3 of them have a config registered, this could lead to under-enforcement or nondeterministic behavior.

The design doc has much more detail if you're interested.

@davis-haba
implement expansion template pod status
5920c95 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
appease linter, fix tests
3587840 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
gofumpt et status controller
6bf3fab 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
controller tests
14ce870 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
address comments
d1a8fae 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
remove dead code
70d76d3 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
fix expansion tests
97c3727 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
readiness test for expansion
1dc7a4c 
Signed-off-by: davis-haba <davishaba@google.com>
maxsmythe
maxsmythe reviewed Mar 24, 2023
View reviewed changes
test/bats/test.bats Outdated Show resolved Hide resolved
maxsmythe
maxsmythe reviewed Mar 24, 2023
View reviewed changes
Copy link
Contributor

@maxsmythe maxsmythe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM barring a nit. Waiting on testing TODOs otherwise.

@davis-haba
cleanup tests
85b5e6c 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
fix linter
51a3cec 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
fix helm kustomization for expansion status
b2196b7 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
add byPod json annotation to ExpansionTEmplateStatus.ByPod
e3dfede 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
revert auto indent
4f44f81 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
fix kustomize
50d6127 
Signed-off-by: davis-haba <davishaba@google.com>
maxsmythe
maxsmythe approved these changes Mar 24, 2023
View reviewed changes
Copy link
Contributor

@maxsmythe maxsmythe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

davis-haba and others added 3 commits March 27, 2023 13:57
@davis-haba @ritazh
Update apis/status/v1beta1/expansiontemplatepodstatus_types.go
f5a7567 
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Davis Haba <52938648+davis-haba@users.noreply.github.com>
@davis-haba @ritazh
Update apis/expansion/unversioned/expansiontemplate_types.go
95754ee 
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Davis Haba <52938648+davis-haba@users.noreply.github.com>
@davis-haba @ritazh
Update apis/status/v1beta1/expansiontemplatepodstatus_types.go
80b2608 
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Davis Haba <52938648+davis-haba@users.noreply.github.com>
@davis-haba
Copy link
Contributor Author

@ritazh
I accepted your comment suggestions (thanks btw).

Was there anything else to address?

ritazh
ritazh approved these changes Apr 3, 2023
View reviewed changes
Copy link
Member

@ritazh ritazh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

davis-haba and others added 3 commits April 4, 2023 17:03
@davis-haba @ritazh
Update apis/expansion/v1alpha1/expansiontemplate_types.go
4edaeb5 
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Davis Haba <52938648+davis-haba@users.noreply.github.com>
@davis-haba
make manifests
35fe404 
Signed-off-by: davis-haba <davishaba@google.com>
@davis-haba
Merge branch 'master' into expansion-status
c03e842
@davis-haba davis-haba merged commit 7c519b4 into open-policy-agent:master Apr 5, 2023
salaxander pushed a commit to salaxander/gatekeeper that referenced this pull request Apr 5, 2023
@davis-haba @ritazh
feat: implement expansion template pod status (open-policy-agent#2598)
9f8685d 
Signed-off-by: Davis Haba <52938648+davis-haba@users.noreply.github.com>
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Xander Grzywinski <xandergr@microsoft.com>
salaxander pushed a commit to salaxander/gatekeeper that referenced this pull request Apr 5, 2023
@davis-haba @ritazh
feat: implement expansion template pod status (open-policy-agent#2598)
c1aa612 
Signed-off-by: Davis Haba <52938648+davis-haba@users.noreply.github.com>
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
Signed-off-by: Xander Grzywinski <xandergr@microsoft.com>
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ritazh ritazh ritazh approved these changes

@maxsmythe maxsmythe maxsmythe approved these changes

@sozercan sozercan Awaiting requested review from sozercan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add status to ExpansionTemplates
5 participants
@davis-haba @JaydipGabani @maxsmythe @codecov-commenter @ritazh