✨ Update .spec.config unmarshalling to accept yaml and json inputs

[perdasilva]

Description

Changes

1. Makes ClusterExtension .spec.config.inline.Raw support both yaml and json input by switching to k8s.io/yaml to unmarshall the content
2. Adds additional unit tests to exercise ClusterExtension .spec.config.inline.Raw input validation
3. Updates the ClusterExtension .spec.config and .spec.config.inline doc strings to call out that it accepts arbitrary yaml/json objects that are validated at runtime by a schema provided by the underlying bundle

Motivation

Ensure ClusterExtension .spec.config.inline can handle both JSON and YAML formats, which are supported by Kubernetes and that validation is carried out whether the input passed through client- and/or server-side validation before reaching the controller or not.

Additionally, to ensure that the api documentation highlights that configuration schema is defined by the bundle and the input is validated at runtime against that schema.

Reviewer Checklist

• API Go Documentation
• Tests: Unit Tests (and E2E Tests, if appropriate)
• Comprehensive Commit Messages
• Links to related GitHub Issue(s)

[netlify]

✅ Deploy Preview for olmv1 ready!

Name	Link
🔨 Latest commit	aefe385
🔍 Latest deploy log	https://app.netlify.com/projects/olmv1/deploys/68f26b968c93cc0008b3b13b
😎 Deploy Preview	https://deploy-preview-2266--olmv1.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[camilamacedo86]

/lgtm

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.20%. Comparing base (292c0db) to head (d2944a8).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2266      +/-   ##
==========================================
+ Coverage   73.00%   73.20%   +0.19%     
==========================================
  Files          88       88              
  Lines        8743     8762      +19     
==========================================
+ Hits         6383     6414      +31     
+ Misses       1947     1938       -9     
+ Partials      413      410       -3     

Flag	Coverage Δ
e2e	39.32% <0.00%> (-0.10%)	⬇️
experimental-e2e	46.77% <16.00%> (-0.03%)	⬇️
unit	58.27% <100.00%> (+0.15%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[pedjak]

I think same test names should be adjusted.

[pedjak]

IMHO, we cannot get an error here at parsing because k8s api-server reject invalid payload. Hence, it is enough to do:

_ = yaml.Unmarshal(ext.Spec.Config.Inline.Raw, &cfg);

See similar approach at Flux HelmRelease resource.

[perdasilva]

We can still get an error here because we aren't unmarshalling to a map[string]interface{}. But this does points to another issue with the error message: the input could still be valid JSON/YAML just not valid registry+v1 configuration.

[perdasilva]

Another case where it could produce an error is if you do something like kubectl create --raw ... I think...but that's an edge case

[perdasilva]

I'd also like to follow this PR up with some kind of ingress/validation tests. I'm wondering if those would be too heavy to be in the e2e suite (in the sense that the cost of execution is kinda of high - deploy cluster, etc.). But, I'm not sure if there's an easy way to exercise validation outside of the e2e suite. Any ideas?

[pedjak]

We can still get an error here because we aren't unmarshalling to a map[string]interface{}. But this does points to another issue with the error message: the input could still be valid JSON/YAML just not valid registry+v1 configuration.

why do we unmarshall to a private type here? We should document this in the API, because it looks that inline field can be an arbitrary thing.

[perdasilva]

it's arbitrary from the API side but it will be specific to the underlying bundle type:

• Helm -> values files and gated by values.json.schema
• registry+v1 -> its own internal configuration structure
• -> whatever it uses

[perdasilva]

I've updated the API documentation to reflect this.

[pedjak]

I've updated the API documentation to reflect this.

Can you be more specific here, instead of stating

 inline accepts arbitrary JSON/YAML objects whose validation is carried out at runtime against the schema provided by the bundle if one is provided.

so that we can help users to understand better what can be put there. Something along your previous comment:

Helm -> values files and gated by values.json.schema
registry+v1 -> its own internal configuration structure

with documenting how this registry+v1 structure looks like helps more.

[pedjak]

Improves the unmarshalling of .spec.config by ensuring both yaml and json definitions are acceptable by using k8s.io/yaml package.

Are we solving here a bug or there is in user facing experience?

[perdasilva]

Are we solving here a bug or there is in user facing experience?

I had the same question. I originally had 🐛 but then because its not released made it ✨ - but I don't have a strong opinion. Happy to switch to 🐛 if this makes more sense.

[camilamacedo86]

It would be nice we ensure good titles and the right emojis since that is the info that generates our release notes. So, whatever we add as PR title will be our release notes.

[perdasilva]

It would be nice we ensure good titles and the right emojis since that is the info that generates our release notes. So, whatever we add as PR title will be our release notes.

No doubt. The question is which is the right emoji?

[camilamacedo86]

If is a bug 🐛
But it seems to me like an enhancement, so I would keep ✨ as it is.
I am OK with both, I have no strong opnion here

[pedjak]

No doubt. The question is which is the right emoji?

@perdasilva Can you perhaps rephrase PR title and description to highlight the concrete improvement?

[camilamacedo86]

/lgtm

[camilamacedo86]

/lgtm

[pedjak]

Can we be more specific here, instead of stating

 inline accepts arbitrary JSON/YAML objects whose validation is carried out at runtime against the schema provided by the bundle if one is provided.

so that we can help users to understand better what can be put there. Something along your previous comment:

Helm -> values files and gated by values.json.schema
registry+v1 -> its own internal configuration structure

with documenting how this registry+v1 structure looks like helps more.

[perdasilva]

I kept those out of the documentation on purpose because I don't think we want to make the bundle format a user concern and we don't yet support the Helm format anyway.

Maybe there's a better way to communicate that the configuration schema is optionally provided by the bundle and the input is validated against that, but I'm struggling to find it. Maybe you could suggest changes and we could iterate together on that?

I don't think we should call out formats here though. The mental model is:

• bundles optionally provide a config schema
• users can set the configuration for the bundle through .spec.config
• the user input is validated at runtime against the configuration schema provided by the bundle
• if the bundle does not provide a configuration schema the process will continue on a best-effort basis (enforcing configuration schema is a catalog policy concern at this time)

Would even the list above be an improvement?

[pedjak]

Would even the list above be an improvement?

IMHO, yes.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: camilamacedo86, pedjak
Once this PR has been reviewed and has the lgtm label, please assign michaelryanpeter, thetechnick for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• api/OWNERS
• docs/OWNERS
• helm/OWNERS [camilamacedo86]
• internal/operator-controller/OWNERS
• manifests/OWNERS [camilamacedo86]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

New changes are detected. LGTM label has been removed.