-
Notifications
You must be signed in to change notification settings - Fork 38.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added ':' in environment variable name valid characters list #69415
Conversation
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA. It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/sig cli |
I have signed CLA. |
/ok-to-test You need to sign the CLA if you want your code to be merged. |
I think this is relaxing (rather than tightening) the behavior, so it shouldn't be a compatibility problem. We've had some problems using colons in some arguments in the past, can you maybe add a test in test/cmd? Also, I suspect we might want to relax the regex even more, since I suspect this won't be enough to fix the issue you're trying to fix (the example does include a whitespace). |
/cc @kubernetes/api-reviewers |
Rollback is unsafe as soon as someone makes a env named with a ":". |
That's a good point. I think |
Oh, OK no, this is not just for kubectl, this is changing the apimachinery check. |
Yes, this is an API change.
…On Thu, Oct 4, 2018 at 2:25 PM Antoine Pelisse ***@***.***> wrote:
Oh, OK no, this is not just for kubectl, this is changing the apimachinery
check.
—
You are receiving this because you are on a team that was mentioned.
Reply to this email directly, view it on GitHub
<#69415 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAngls3vpaeDFFXWNFDKQNzCFMMxyvRGks5uhnzbgaJpZM4XHqxe>
.
|
is this something we can't accept, or a release-note might be OK? |
We have relaxed this in the past (it was once very strict). This is a POSIX compatible change though. This is strictly rollback-unsafe, but I'd say it's relatively low-risk. How do we want to manage these? Do we say no to this forever? Do we replace If we do this, we should also update the comments in pkg/apis/core/types.go and staging/src/k8s.io/api/core/v1/types.go |
I'd go with this, strongly suggest in the release note to delay using this variables (which people can't use today anyway) before they are confident they won't have to fallback their apiserver. |
That works for me, fix the release note & I'll approve. (also looks like CLA needs signing) |
Things that need to be fixed on this PR:
|
I signed it |
@bgrant0607 I meant that 1.x release would tolerate and use any extended values it finds in etcd, but would not allow use of extended values in API mutations. I.e. if I upgrade to 1.y and rollback to 1.x or if I have version skew it will be OK. Agree re: kubelet |
I'd envision a rollout like this: In version X:
In some later version, the restrictions on create and update (2a,2b) can be removed.
This is the same process we have to follow when allowing a new enum value (e.g. adding "SCTP" as a valid port protocol). In this case, it appears kubelets do not validate envvar names coming from the API, and only warn on invalid envvar names resulting from secret/configmap -> envvar mappings. That means we could relax validation in 1.14, and remove create/update restrictions in 1.15. |
@vithati any appetite for trying to get this into 1.14 ? |
Hi @vithati Is there any news about the PR? |
/priority awaiting-more-evidence |
I am not able to get time to work on the changes. Can someone take this up? |
/remove-area conformance |
@vithati I would like to resume working on this PR. Let me know if that's okay with you. |
/close in favor of #83032 |
@liggitt: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
What this PR does / why we need it:
This PR changes allows ':' in environment variable name for the containers. This is bug fix of issue
kubernetes/kubectl#47
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes kubernetes/kubectl#47
Special notes for your reviewer:
Release note: