Label values cannot contain characters such as "."

[jastang]

Issue According to the k8s documentation on label syntax, the . character should be allowed in label values. However, this is not supported for KCC resource definitions.

Environment kubectl version

Client Version: version.Info{Major:"1", Minor:"16", GitVersion:"v1.16.3", GitCommit:"b3cbbae08ec52a7fc73d334838e18d17e8512749", GitTreeState:"clean", BuildDate:"2019-11-14T04:25:00Z", GoVersion:"go1.12.13", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"14+", GitVersion:"v1.14.10-gke.17", GitCommit:"bdceba0734835c6cb1acbd1c447caf17d8613b44", GitTreeState:"clean", BuildDate:"2020-01-17T23:10:13Z", GoVersion:"go1.12.12b4", Compiler:"gc", Platform:"linux/amd64"}

KCC Version: 1.4.0

Steps to Reproduce N.B. This was observed for kind:BigQueryTable, but I did not test other resource types. Apply the following YAML (assumes the dataset exists)

apiVersion: bigquery.cnrm.cloud.google.com/v1beta1
kind: BigQueryTable
metadata:
  name: manifest
  labels:
    source: ftp.ncbi.nlm.nih.gov
spec:
  datasetRef:
    name: pubmed

Observed Behaviour

status:
  conditions:
  - lastTransitionTime: "2020-03-08T15:40:57Z"
    message: 'Update call failed: error applying desired state: googleapi: Error 400:
      Label value "ftp.ncbi.nlm.nih.gov" has invalid characters., invalid'
    reason: UpdateFailed
    status: "False"
    type: Ready

Expected Behaviour The Object Detail YAML in the GKE Object Browser should contain no errors.

[spew]

Unfortunately BigQueryTable does not support periods in the labels. When ConfigConnector tries to create the associated BigQuery it ends up using the GCP APIs for BigQuery. In the future, we intend to improve ConfigConnector such that it will let you know when you try to apply / create a new resource if the labels are not compatible with GCP.

You can see the guidelines for GCP labels here: https://cloud.google.com/blog/products/gcp/labelling-and-grouping-your-google-cloud-platform-resources

• Each label must be a key-value pair.
• Keys must have a minimum length of 1 character and a maximum length of 63 characters, and cannot be empty. Values can be empty, and have a maximum length of 63 characters.
• Keys and values can contain only lowercase letters, numeric characters, underscores, and dashes. All characters must use UTF-8 encoding, and can include international characters.
• The key portion of a label must be unique. However, you can use the same key with multiple resources. Keys must start with a lowercase letter or international character.

[spew]

ConfigConnector should be enhanced to block or translate labels which will be invalid on GCP.

[kibbles-n-bytes]

Note that Config Connector will treat labels with prefixes (i.e. my.prefix/key: value) as Kubernetes-specific and will not map them to the underlying GCP API. If this is acceptable for your use case, you can add a prefix to your desired keys.

[alteredego]

Would it be possible to (optionally) convert invalid label keys to valid ones by making them lowercase and replacing "." with "_", or to (optionally) ignore invalid labels entirely, rather than to reject the creation of the resource?

I have come across a problem with a deployment tool Octopus Deploy that adds various labels to kubernetes resources starting with "Octopus.*" naming structure (in order to track what was deployed and what needs to be removed), which of-course fails when the label key validation takes place.