Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature - Add checks for k8s version when Kyverno starts #831

Merged
merged 17 commits into from
May 19, 2020
Merged

Feature - Add checks for k8s version when Kyverno starts #831

merged 17 commits into from
May 19, 2020

Conversation

yindia
Copy link
Contributor

@yindia yindia commented Apr 29, 2020
edited

Status Type Env Vars Change Issue
Ready Feature No #771

Problem

Prior to Kubernetes 1.14, there is no option to tune timeout for webhookconfigurations. We need to add strict checks on the supported version of clusters:

  • Prior to k8s 1.14, Kyverno only supports the generate feature. Mutate / Validate policy should be ignored in these versions of clusters.
  • Add support matrix on "supported features" VS "k8s versions".

Solution

We are adding additional check for Kubernetes version and added timeout middleware

Other changes

@yindia yindia requested a review from realshuting May 11, 2020 13:09
@realshuting
Copy link
Member

realshuting commented May 13, 2020
edited

@shravanshetty1 Can you also help to review this PR :)

shravanshetty1
shravanshetty1 suggested changes May 13, 2020
View reviewed changes
Copy link
Contributor

@shravanshetty1 shravanshetty1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All existing middlewares and future middlewares should be a part of the middleware package.

Also existing logic regarding webhookTimeout needs to be removed - and needs to be tested with the older version of kubernetes as stated in issue #771

pkg/webhooks/server.go Outdated Show resolved Hide resolved
pkg/webhooks/middleware.go Outdated Show resolved Hide resolved
@shravanshetty1
Copy link
Contributor

Also mutate and validate is not allowed before kubernetes 1.14 - hence we should refactor the code to handle this and any future cases where based on version we dont want to support some features.

@yindia yindia changed the title Fix 771 Add checks for k8s version when Kyverno starts May 15, 2020
@yindia yindia changed the title Add checks for k8s version when Kyverno starts Feature - Add checks for k8s version when Kyverno starts May 15, 2020
@yindia yindia requested review from realshuting and removed request for realshuting May 16, 2020 07:03
realshuting
realshuting requested changes May 17, 2020
View reviewed changes
pkg/webhooks/server.go Outdated Show resolved Hide resolved
pkg/webhooks/server.go Outdated Show resolved Hide resolved
Yuvraj added 2 commits May 17, 2020 14:10
@yindia yindia requested a review from realshuting May 17, 2020 21:11
@yindia yindia requested a review from realshuting May 18, 2020 19:27
realshuting
realshuting requested changes May 18, 2020
View reviewed changes
pkg/webhooks/server.go Outdated Show resolved Hide resolved
pkg/webhooks/server.go Outdated Show resolved Hide resolved
pkg/webhooks/server.go Show resolved Hide resolved
@yindia yindia requested a review from realshuting May 18, 2020 19:54
realshuting
realshuting requested changes May 18, 2020
View reviewed changes
pkg/webhooks/server.go Outdated Show resolved Hide resolved
pkg/webhooks/server.go Outdated Show resolved Hide resolved
@yindia yindia requested a review from realshuting May 18, 2020 22:29
realshuting
realshuting reviewed May 18, 2020
View reviewed changes
pkg/webhooks/server.go Outdated Show resolved Hide resolved
@yindia yindia requested a review from realshuting May 18, 2020 23:36
@realshuting realshuting merged commit 277402b into kyverno:master May 19, 2020
@realshuting realshuting mentioned this pull request May 19, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shravanshetty1 shravanshetty1 shravanshetty1 requested changes

@realshuting realshuting realshuting approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@yindia @realshuting @shravanshetty1