search

openshift / api

Canonical location of the OpenShift API definition.
http://www.openshift.org
Apache License 2.0
95 stars 510 forks source link

OCPBUGS-35906: a rule to check if the featureSet is one of the known set of features #1952

Closed p0lyn0mial closed 1 month ago

p0lyn0mial commented 2 months ago

In the past, there was an admission plugin for checking if the value of the featureSet field matched a known one.

With https://github.com/openshift/kubernetes/pull/1944, the validation was moved to CEL and the check was dropped. This PR adds the missing check.

NOTE that there was an additional check that allowed updates to FG even with an invalid featureSet if the field wasn't modified. I haven't found a way to move this to CEL for kube < 1.30.

The validation was moved in 4.16, and setting an invalid value breaks an operator and prevents upgrades. This PR allows transitioning from an invalid value to unblock upgrades.

For full backward compatibility we would have to bring back the admission plugin for 4.16 and use for 4.17 use optionalOldSelf.

openshift-ci[bot] commented 2 months ago

Hello @p0lyn0mial! Some important instructions when contributing to openshift/api: API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

openshift-ci-robot commented 2 months ago

@p0lyn0mial: This pull request references Jira Issue OCPBUGS-35906, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to [this](https://github.com/openshift/api/pull/1952): >In the past, there was an admission plugin for checking if the value of the featureSet field matched a known one. > >With https://github.com/openshift/kubernetes/pull/1944, the validation was moved to CEL and the check was dropped. >This PR adds the missing check. > >NOTE that there was an additional check that allowed updates to FG even with an invalid featureSet if the field wasn't modified. I haven't found a way to move this to CEL for kube < 1.30. > >The validation was moved in 4.16, and setting an invalid value breaks an operator and prevents upgrades. This PR allows transitioning from an invalid value to unblock upgrades. Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fapi). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
p0lyn0mial commented 2 months ago

/assign @deads2k

deads2k commented 2 months ago

add testing

p0lyn0mial commented 2 months ago

@deads2k added the missing test cases, PTAL.

deads2k commented 2 months ago

Setting different values caused failures, so this is ok.

/lgtm /approve

openshift-ci[bot] commented 2 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deads2k, p0lyn0mial

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/api/blob/master/OWNERS)~~ [deads2k] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
p0lyn0mial commented 2 months ago

/jira refresh

openshift-ci-robot commented 2 months ago

@p0lyn0mial: This pull request references Jira Issue OCPBUGS-35906, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

In response to [this](https://github.com/openshift/api/pull/1952#issuecomment-2262408498): >/jira refresh Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fapi). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
p0lyn0mial commented 2 months ago

/jira refresh

openshift-ci-robot commented 2 months ago

@p0lyn0mial: This pull request references Jira Issue OCPBUGS-35906, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug * bug is open, matching expected state (open) * bug target version (4.17.0) matches configured target version for branch (4.17.0) * bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact: /cc @gangwgr

In response to [this](https://github.com/openshift/api/pull/1952#issuecomment-2262413893): >/jira refresh Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fapi). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
p0lyn0mial commented 2 months ago

/test e2e-aws-ovn-techpreview

p0lyn0mial commented 2 months ago

/cherry-pick release-4.16

openshift-cherrypick-robot commented 2 months ago

@p0lyn0mial: once the present PR merges, I will cherry-pick it on top of release-4.16 in a new PR and assign it to you.

In response to [this](https://github.com/openshift/api/pull/1952#issuecomment-2262523834): >/cherry-pick release-4.16 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
openshift-ci-robot commented 2 months ago

/retest-required

Remaining retests: 0 against base HEAD c299a673ec729b7e63a6c363d67e961454218e09 and 2 for PR HEAD 213d2faf133a9b931e48d50a8e382a3c8c3e7809 in total

openshift-ci-robot commented 1 month ago

/retest-required

Remaining retests: 0 against base HEAD 1cd5e299324762879b66c5f5c1c279a98367ee60 and 1 for PR HEAD 213d2faf133a9b931e48d50a8e382a3c8c3e7809 in total

openshift-ci-robot commented 1 month ago

/retest-required

Remaining retests: 0 against base HEAD 868ddb3cbdfc21a20dc5e68f32626e624c816ab6 and 0 for PR HEAD 213d2faf133a9b931e48d50a8e382a3c8c3e7809 in total

openshift-ci[bot] commented 1 month ago

@p0lyn0mial: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
openshift-ci-robot commented 1 month ago

@p0lyn0mial: Jira Issue OCPBUGS-35906: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-35906 has been moved to the MODIFIED state.

In response to [this](https://github.com/openshift/api/pull/1952): >In the past, there was an admission plugin for checking if the value of the featureSet field matched a known one. > >With https://github.com/openshift/kubernetes/pull/1944, the validation was moved to CEL and the check was dropped. >This PR adds the missing check. > >NOTE that there was an additional check that allowed updates to FG even with an invalid featureSet if the field wasn't modified. I haven't found a way to move this to CEL for kube < 1.30. > >The validation was moved in 4.16, and setting an invalid value breaks an operator and prevents upgrades. This PR allows transitioning from an invalid value to unblock upgrades. > >For full backward compatibility we would have to bring back the admission plugin for 4.16 and use for 4.17 use `optionalOldSelf`. Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fapi). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
openshift-cherrypick-robot commented 1 month ago

@p0lyn0mial: new pull request created: #1985

In response to [this](https://github.com/openshift/api/pull/1952#issuecomment-2262523834): >/cherry-pick release-4.16 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
openshift-bot commented 1 month ago

[ART PR BUILD NOTIFIER]

Distgit: ose-cluster-config-api This PR has been included in build ose-cluster-config-api-container-v4.18.0-202408020343.p0.g0271697.assembly.stream.el9. All builds following this will include this PR.