Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate to using kubebuilder. #41

Merged
merged 5 commits into from Feb 1, 2019

Conversation

Projects
None yet
2 participants
@maxsmythe
Copy link
Contributor

commented Jan 12, 2019

Note that the authorization server use case is a bit tricky as kubebuilder assumes that the Kubernetes API Server is available. To circumvent this, I kept a portion of the old webhook server code to function as a standalone server.

Most of the new files are generated by kubebuilder, as is the directory structure. This includes the Dockerfile and Makefile.

Also, secrets should be automatically generated by the server and the webhooks automatically registered (in the non-standalone case).

Apologies for the massive change but there wasn't a gradual way to do this.

@rite2nikhil

This comment has been minimized.

Copy link
Contributor

commented Jan 14, 2019

@maxsmythe lgtm, you will have to get the CLA and DCO checked passed.

@maxsmythe

This comment has been minimized.

Copy link
Contributor Author

commented Jan 14, 2019

ack.

Two sticking points...

I forgot to add the --authorization-mode flag to that mode's example yaml. Will fix shortly.

Second, I'm unsure what Docker repo to use. Didn't want to leave the old pointer, as it would be out of date, but the new one is not publicly shared. Should I just up the version tag on the old repo and you can rebuild/push?

@rite2nikhil

This comment has been minimized.

Copy link
Contributor

commented Jan 14, 2019

@maxsmythe sure, what is the long term plan for authorization standalone server after this change ?

@maxsmythe

This comment has been minimized.

Copy link
Contributor Author

commented Jan 15, 2019

Good question. I think some of that depends on how the vision for the project develops.

Personally, I'm leaning toward making sure we write something general enough that the authorization server can effectively become a consumer of the project's API. This would give us a builtin litmus test to make sure we are choosing the right kinds of abstractions.

If it turns out the differing requirements of the standalone server complicate the CI/CD pipeline or add unnecessary friction, we could explore splitting it to its own repo.

maxsmythe added some commits Jan 12, 2019

Migrate to using kubebuilder.
Note that the authorization server use case is a bit tricky as
kubebuilder assumes that the Kubernetes API Server is available.
To circumvent this, I kept a portion of the old webhook server
code to function as a standalone server.

Most of the new files are generated by kubebuilder, as is the
directory structure. This includes the Dockerfile and Makefile.

Also, secrets should be automatically generated by the server
and the webhooks automatically registered (in the non-standalone
case).

Apologies for the massive change but there wasn't a gradual way
to do this.

Signed-off-by: Max Smythe <smythe@google.com>
Tweak Docker repo. Fix Flags.
Signed-off-by: Max Smythe <smythe@google.com>
Fix location of video link in README.
Signed-off-by: Max Smythe <smythe@google.com>
Fix newline spacing in README.
Signed-off-by: Max Smythe <smythe@google.com>
@maxsmythe

This comment has been minimized.

Copy link
Contributor Author

commented Jan 30, 2019

If this still works for everyone, can we merge?

@rite2nikhil

This comment has been minimized.

Copy link
Contributor

commented Jan 31, 2019

Please merge

@maxsmythe

This comment has been minimized.

Copy link
Contributor Author

commented Feb 1, 2019

Thanks! I don't have access to merge, so whoever can push the button :)

@rite2nikhil rite2nikhil merged commit a9d974f into open-policy-agent:master Feb 1, 2019

2 checks passed

DCO DCO
Details
cla/linuxfoundation maxsmythe authorized
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.