-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Naming Policy #17
Conversation
f116f46
to
1748cc3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please validate the regular expressions beforehand, as commented.
Also, please add a user manual for this feature.
hooks/subnamespace.go
Outdated
return admission.Allowed("") | ||
} | ||
|
||
func (v *subNamespaceValidator) notMatchingNamingPolicy(ctx context.Context, sn *accuratev1.SubNamespace) (bool, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The regular expression should be pre-compiled when loaded from the configuration file,
so that no error would be returned during execution.
pkg/config/types.go
Outdated
Root string `json:"root,omitempty"` | ||
Match string `json:"match,omitempty"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These two are not expected to be empty, so omitempty
should be removed.
Thank you @ymmt2005 .
I added the description and example for the naming policy setting to values.yaml. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it would be useful to be able to refer to the group that matched root
pattern in match
pattern.
for example:
namingPolicies:
- root: app-(.*)
match: app-\1-.*
This way, we don't have to change our namingPolicies
as the number of teams increases.
What do you think?
hooks/subnamespace.go
Outdated
return admission.Denied(fmt.Sprintf("namespace %s is neither a root nor a sub namespace", ns.Name)) | ||
func (v *subNamespaceValidator) notMatchingNamingPolicy(ctx context.Context, sn *accuratev1.SubNamespace) (bool, error) { | ||
for _, policy := range v.namingPolicies { | ||
if policy.Root.MatchString(sn.Namespace) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think sn.Namespace
is the parent, not the root.
Is this correct?
hooks/subnamespace.go
Outdated
serv := mgr.GetWebhookServer() | ||
|
||
m := &subNamespaceMutator{ | ||
dec: dec, | ||
} | ||
serv.Register("/mutate-accurate-cybozu-com-v1-subnamespace", &webhook.Admission{Handler: m}) | ||
|
||
namingPolicyRegexps, err := compileNamingPolicies(namingPolicies) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
compile and validate policies in pkg/config.Config.Validate method.
docs/config.md
Outdated
# namingPolicies: | ||
# - root: foo | ||
# match: foo_.* | ||
# - root: bar | ||
# match: bar_.* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why don't we uncomment these lines?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
uncommented.
hooks/subnamespace.go
Outdated
|
||
func (v *subNamespaceValidator) notMatchingNamingPolicy(ctx context.Context, ns, root string) (bool, string, error) { | ||
for _, policy := range v.namingPolicies { | ||
matches := policy.Root.FindAllSubmatch([]byte(root), -1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be simpler if we use Regexp.Expand(String).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fixed it.
charts/accurate/values.yaml
Outdated
# - root: foo | ||
# match: foo_.* | ||
# - root: bar | ||
# match: bar_.* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we adopt the proposed spec from @zoetrope, this example should be updated too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I added an example.
hooks/subnamespace.go
Outdated
|
||
func (v *subNamespaceValidator) notMatchingNamingPolicy(ctx context.Context, ns, root string) (bool, string, error) { | ||
for _, policy := range v.namingPolicies { | ||
matches := policy.Root.FindAllSubmatchIndex([]byte(root), -1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why don't you use this?
https://pkg.go.dev/regexp#Regexp.FindAllStringSubmatchIndex
hooks/subnamespace.go
Outdated
if len(matches) > 0 { | ||
m := []byte{} | ||
for _, match := range matches { | ||
m = policy.Root.Expand(m, []byte(policy.Match), []byte(root), match) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
config.yaml
Outdated
@@ -25,3 +25,5 @@ watches: | |||
kind: Secret | |||
- version: v1 | |||
kind: ResourceQuota | |||
|
|||
namingPolicies: [] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add comments just like in the other fields.
charts/accurate/Chart.yaml
Outdated
@@ -15,7 +15,7 @@ type: application | |||
# This is the chart version. This version number should be incremented each time you make changes | |||
# to the chart and its templates, including the app version. | |||
# Versions are expected to follow Semantic Versioning (https://semver.org/) | |||
version: 0.1.2 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I updated the chart version.
#32
Please fix it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@bells17 Can we remove config.yaml? |
@ymmt2005 Thank you for your reviewing and I removed config.yaml. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
#6