Propagate content_path_prefix overrides to pulp-web ConfigMap#1650
Propagate content_path_prefix overrides to pulp-web ConfigMap#1650mouchar wants to merge 3 commits into
Conversation
The pulp-web ConfigMap was only ever created; subsequent edits to inputs that affect the rendered nginx.conf (e.g. CONTENT_PATH_PREFIX set via custom_pulp_settings) were silently ignored. Reconcile the ConfigMap on every loop and hash its data into a pod-template annotation so the pulp-web pods are rolled when the config changes (the key is mounted via subPath and kubelet does not auto-update those mounts). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The old "go.kubebuilder.io/test-tools" tarballs were retired upstream,
so `make testbin` had been broken for a while. Switch to the kubebuilder-
recommended flow that drives everything through setup-envtest:
* Derive ENVTEST_K8S_VERSION from k8s.io/api in go.mod (1.24.2 -> 1.35).
* Derive ENVTEST_VERSION from controller-runtime in go.mod and pin
setup-envtest to that branch (release-0.23) instead of @latest.
* Rewrite testbin to call `setup-envtest use --bin-dir $(LOCALBIN)`;
no sudo, no /usr/local/kubebuilder.
* Add an envtest-path helper for IDE / raw `go test` users.
Make raw `go test ./...` and IDE runs work without exporting
KUBEBUILDER_ASSETS by populating envtest.Environment.BinaryAssetsDirectory
from bin/k8s/<version>-<os>-<arch>, matching current kubebuilder
scaffolding. `make test` continues to override it with KUBEBUILDER_ASSETS
when invoked through make.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Verify that overriding CONTENT_PATH_PREFIX via custom_pulp_settings:
* flips the `location` directive in the rendered nginx.conf, and
* shifts the pulp-web pod-template hash annotation so the Deployment
gets rolled (necessary because nginx.conf is mounted via subPath
and kubelet does not auto-update those mounts).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: mouchar The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
Hi @mouchar. Thanks for your PR. I'm waiting for a pulp member to verify that this patch is reasonable to test. If it is, they should reply with Regular contributors should join the org to skip this step. Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
1 participant
Summary
When
CONTENT_PATH_PREFIXis overridden via thecustom_pulp_settingsConfigMap, the pulp-serverSecret(settings.py) and Ingress/Route paths reconcile correctly, but the pulp-web<pulp>-configmap(nginx.conf) was created once and then never updated. The result: nginx kept proxying the old prefix even after the user updated the override, and the in-tree// TODO: check pulp-web configmap changeconfirmed this was unfinished work.This branch:
controllers.ReconcileObject(..., PulpConfigMap{})pattern already used for telemetry and worker-probe ConfigMaps.repo-manager.pulpproject.org/web-config-hashannotation on the pod template. Thenginx.confkey is mounted viasubPath, and kubelet does not auto-propagate updates to subPath ConfigMap mounts, so a rollout has to be triggered explicitly. The annotation shifts the Deployment spec hash, and the existingCheckDeploymentSpecpath takes care of the rollout.make testbinhad been broken because the oldgo.kubebuilder.io/test-toolstarballs were retired upstream. Switched to the kubebuilder-recommended flow driven entirely throughsetup-envtest:ENVTEST_K8S_VERSIONis derived fromk8s.io/apiingo.mod(v0.35.x→1.35).ENVTEST_VERSIONis derived fromcontroller-runtimeingo.mod, andsetup-envtestis pinned to that release branch (release-0.23) instead of@latest.testbinnow runssetup-envtest use --bin-dir $(LOCALBIN); no sudo, no/usr/local/kubebuilder.envtest-pathhelper prints theKUBEBUILDER_ASSETSexport for rawgo test/ IDE users.suite_test.goauto-discoversbin/k8s/<ver>-<os>-<arch>viaBinaryAssetsDirectory, matching current kubebuilder scaffolding.content_path_prefixvalue produces a differentnginx.confand a different pod-template hash than rendering with another. Runs in ~2s without envtest.Other ingress modes are already covered by their existing
ReconcileObjectcalls (controllers/repo_manager/ingress.gofor nginx and others,controllers/ocp/ingress.gofor OCP Ingress,controllers/ocp/route.gofor OCP Route). The pulp-web ConfigMap was the only path that wasn't reconciling on drift.Test plan
go build ./...andgo vet ./...go test ./controllers/repo_manager/ -run TestPulpWebContentPathPrefixPropagationpasses in ~2s without envtestmake testbininstalls envtest binaries from a clean state (nobin/k8s, nosetup-envtest)make test— full envtest suite passes (12 passed, 0 failed, 1 skipped)go test ./controllers/repo_manager/ -run TestAPIs(noKUBEBUILDER_ASSETS) also passes thanks to theBinaryAssetsDirectoryfallbackcontent_path_prefixin acustom_pulp_settingsConfigMap, confirm the<pulp>-configmapConfigMap and pulp-web pods are rolled, and that nginx serves the new path🤖 Generated with Claude Code