Allow StorageFactory to wrap encoders and decoders #40624
Conversation
|
This change is |
k8s-ci-robot
added
the
cncf-cla: yes
|
@enj since you also touched this code recently. This is to enable secret encryption and put the right hook in at the bottom of the stack. |
k8s-github-robot
added
size/L
smarterclayton
added
release-note-none
smarterclayton
force-pushed
the
storage_options
branch
from
f7df407
to
d0ccf37
Compare
smarterclayton
added
the
sig/api-machinery
| @@ -95,6 +107,34 @@ type groupResourceOverrides struct { | |||
| // of exposing one set of concepts. autoscaling.HPA and extensions.HPA as a for instance | |||
| // The order of the slice matters! It is the priority order of lookup for finding a storage location | |||
| cohabitatingResources []schema.GroupResource | |||
| // encoderChainFn is optional and may wrap the provided encoder prior to being serialized. | |||
| encoderChainFn func(runtime.Encoder) runtime.Encoder | |||
k8s-github-robot
added
the
approved
|
Any other comments? |
smarterclayton
force-pushed
the
storage_options
branch
from
d0ccf37
to
9a1df92
Compare
| } | ||
|
|
||
| // StorageCodecOptions are the arguments passed to newStorageCodecFn | ||
| type StorageCodecOptions struct { |
There was a problem hiding this comment.
This should be called StorageCodecConfig, compare the other structs in config.go.
There was a problem hiding this comment.
We have the Options concept as well inside the options subfolder.
| if len(exactResourceOverride.mediaType) != 0 { | ||
| etcdMediaType = exactResourceOverride.mediaType | ||
| // operate on copy | ||
| config := s.StorageConfig |
|
For naming consistency in genericapiserver: Otherwise, lgtm |
Prepares for allowing encryption at rest of resources as well as any other lower level optimization we might chose to implement. Also cleans up a bunch of ugly code.
smarterclayton
force-pushed
the
storage_options
branch
from
9a1df92
to
494eeaa
Compare
|
updated, applying label. |
smarterclayton
added
the
lgtm
|
Seems reasonable. I am assuming sometime in the future we will add a serializer that does encryption and decryption of specific objects? |
|
There are other issues afloat, but other things that might happen here would be an interceptor for fixes to apiVersion on disk, or potentially fixing issues as they come out of the objects |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED The following people have approved this PR: smarterclayton Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
smarterclayton
removed
the
approved
k8s-github-robot
added
the
approved
|
@k8s-bot gce etcd3 e2e test this |
|
Automatic merge from submit-queue (batch tested with PRs 39217, 40624) |
Prepares for allowing encryption at rest of resources as well as any
other lower level optimization we might chose to implement.
Also cleans up a bunch of ugly code.