Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Another alternative would be to use the service UID, which is also unique over time (but less readable).
If I delete a service and then quickly create a new one with the same namespace/name - what do we want to have happen to the securityGroup?
I think we want the securityGroup to not overlap in this case (so the old one can be cleaned up in parallel with the new one being created, without conflicts).
... So I think this means that this function should return
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That make sense. The service.UID is less readable.
How about "fmt.Sprintf("lb-sg-%s-%s-%s", clusterName, service.Namespace, service.Name, service.UID)"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's now very long - is there any length limit that we need to worry about here? A quick look at the code seems to imply that the name is limited to 255 chars, so I think we're ok on length.
Another (better?) option would be to use the securityGroup "description" field (also 255 chars) rather than trying to mash all our user-friendly text in the name field. That way we can have spaces, etc and change the specific text over time without worrying about wider impact.
Personally, I think the user is going to have a pretty good idea of which cluster a securityGroup is related to, and will be able to quickly find the relevant Service based on context, ports referred to, etc without needing any additional help. I agree that the UID is less readable though - so I agree that either your long-name version or the above name+description version is better than my original short-name-only version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's right, I will check the size of its name.