fix(gateway): handle implicit kuma.io/service in pod annotation #10076
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist prior to review
Fix #10072
As @Icarus9913 noticed in his PR #10073 we end up with
kuma.io/tags: "null"
which we then unmarshal to map and try to set value to nil map.Why do we end up with
kuma.io/tags: "null"
?It's because for gateway instance we now have "implicit"
kuma.io/service
tag. It should not be set by user. To handle this, we created a method calledresolveGatewayInstanceServiceTag
inGatewayInstanceReconciler
which resolves this implicit tag. This however was only called in selector func ofSelectGateway
. If there was at least one gateway, we would resolve this, if not then we wouldn't. If gateway was missing, we would then go tocreateOrUpdateDeployment
and write tags to an annotation. This is how ended up with "null".It also has a bug that if the function was called multiple times (multiple gateways) we would emit a warning.
I'm not a fan of modifying Kube object and not storing the state (because of bugs like this), so I changed the logic a bit to separate validation if a user set a tag and to constructing a map of tags.
Additionally, I added a check to not crash a cp if for some reason we ended up in this situation again.
I tested it manually. It's hard to write E2E for this, because even if we crash a cp it would recover. I think we should consider adding restart policy never to our CP in E2E test, but it's out of scope.
syscall.Mkfifo
have equivalent implementation on the other OS --ci/
labels to run additional/fewer testsUPGRADE.md
? --