New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Get rid of server-side apply #139
Conversation
f4ea437
to
c8cc989
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this mostly makes sense to me, just a question about the ConfigMap function
pkg/controllers/resourceapply.go
Outdated
} | ||
|
||
// ApplyConfigMap merges objectmeta, requires data | ||
func ApplyConfigMap(ctx context.Context, client coreclientv1.Client, recorder record.EventRecorder, required *corev1.ConfigMap) (bool, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do ConfigMaps not use the spechash annotation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yep, in OpenShift they don't have it: https://github.com/openshift/library-go/blob/master/pkg/operator/resource/resourceapply/core.go#L159-L235
I decided to keep it consistent with the library-go implementation.
pkg/controllers/resourceapply.go
Outdated
@@ -0,0 +1,210 @@ | |||
package controllers |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it worth moving this file to a subpackage called resourceapply
to match library-go?
Are there any tests we can copy over from library go?
Would also be good to have links to the original source of these functions
If we are keeping it within this package, these functions do not need to be exported, please make them private
// Manually changing the port number | ||
ports := []corev1.ContainerPort{ | ||
{ | ||
ContainerPort: 11258, | ||
Name: "http", | ||
Protocol: corev1.ProtocolTCP, | ||
}, | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This does not demonstrate the change that you've introduced within this PR. As the port number is specified in the resource already, the server side apply would have overwritten this value.
I would suggest adding a secondary port and then using the test to expect that the extra port is then removed.
At the moment this test will pass with or without your code changes
Eventually(recorder.Events).Should(Receive(ContainSubstring("Resource was successfully updated"))) | ||
|
||
// Manually inserting a new label | ||
dep.Labels["my-label"] = "someValue" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would prefer to use constants for these so that we don't have to declare them twice, here and on line 764
Expect(dep.Labels["my-label"]).To(Equal("someValue")) | ||
}) | ||
|
||
It("Expect to have modified system label reverted back", func() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This test should also pass with the SSA implementation, do we not have something covering this already?
b948e2d
to
56fe92b
Compare
} else if err != nil { | ||
r.Recorder.Event(resource, corev1.EventTypeWarning, "Update failed", err.Error()) | ||
return false, err | ||
switch t := resource.(type) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm thinking about moving this switch to 'resourceapply' package as a separate function. WDYT?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1
50ec09b
to
03e5236
Compare
/retest |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: JoelSpeed The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me, just one question about exporting the whole bunch of different fuctions from resourceapply
module. Might it make sense to export only ApplyResource
out of it?
/test e2e-azure-ccm |
These tests allow to make sure that the operator applies the resources as required by OpenShift: users are allowed to add custom labels and annotations, but everything else will be overwritten by the operator. Since we use Server-Side Apply mechanism that sometimes doesn't comply with these requirements, it should be replaced to prevent collisions.
/lgtm |
@Fedosin: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
8 similar comments
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
/retest-required Please review the full test history for this PR and help us cut down flakes. |
Currently the operator uses Server-Side Apply (SSA)[1] to manage its resources. Unfortunately, this approach has some drawbacks as it allows users to modify resources independently from the operator.
To prevent this behavior, this commit adds custom apply functions inspired by ones from resourseapply module in library-go[2].
[1] https://kubernetes.io/docs/reference/using-api/server-side-apply/
[2] https://github.com/openshift/library-go/tree/master/pkg/operator/resource/resourceapply