Workload webhook should update the pod spec on the pod, not the workload definition #41

hessjcg · 2022-10-10T18:33:25Z

When applying the proxy container to an existing workload, the container should be applied to the PodSpec on the Pod owned by a workload (Deployment, StatefulSet, etc.) As implemented now, the container gets applied to the PodSpec of the workload.

This feature will be complete when

the workload webhook updates the pod for a pod owned by a workload
unit tests properly check the webhook method
e2e tests properly check the pod
integration tests checking the current behavior are modified

…d's PodSpec

…p 1) (#112) Begin to inline test cases that are no longer common between integration and e2e tests. Refactor tests and test helpers so that they are more in alignment with go style. Make TestCaseClient more like a single-responsibility thing.

…#113) TestModifiesNewDeployment and TestModifiesExistingDeployment test case implementation was shared between e2e and integration tests. That will no longer work.

…step 2.5) (#123) Conventionally, context.Context must be a parameter instead of a member of a struct. This updates uses of TestCaseClient to bring it into alignment with convention.

…p 3) (#114) Convert e2e tests to table test for all workload types. Remove unused test helpers and clean up imports.

Remove the "workloads" webhook add the Kubernetes boilerplate for a new webhook that modifies pods.

…tep 6) (#117) This change removes all the old logic that modified the PodTemplateSpec of an existing workload. Also it adjusts the state logic in the reconcile controller to so that it only reads, does not update Workloads created by customers. The reconcile loop will only update the status on the AuthProxyWorkload so that the status includes all listed deployments. And adds support for ReplicaSet workloads, so that our operator can better traverse the ownership hierarchy of a pod.

…tep 7) (#118) The proxy configuration is now only applied when a pod is created. The old algorithm allowed updates to the PodSpec to apply changes after the pod was created. This PR simplifies the logic that applies the proxy configuration to a PodSpec, mainly removing the code that would update the pod spec multiple times.

…tep 8) (#119) Implement the new algorithm in the AuthProxyWorkload reconcile controller, as well as in the pod webhook. Fixes #41

hessjcg added type: feature request ‘Nice-to-have’ improvement, new feature or different behavior or design. priority: p0 labels Oct 10, 2022

blunderbuss-gcf bot assigned hessjcg Oct 10, 2022

hessjcg removed their assignment Oct 10, 2022

hessjcg added this to the v0.5 public preview milestone Oct 10, 2022

hessjcg self-assigned this Oct 10, 2022

hessjcg modified the milestones: v0.5 public preview, v0.2 More proxy features Oct 21, 2022

hessjcg added priority: p0 Highest priority. Critical issue. P0 implies highest priority. and removed priority: p0 labels Oct 28, 2022

hessjcg added a commit that referenced this issue Nov 4, 2022

feat: GH-41 add the proxy container to the pod instead of the workloa…

94e9e32

…d's PodSpec

hessjcg added a commit that referenced this issue Nov 18, 2022

test: reenable tests that were skipped during the implementation of #41

1daff1a

hessjcg added a commit that referenced this issue Nov 18, 2022

test: reenable tests that were skipped during the implementation of #41

f07d96c

hessjcg added a commit that referenced this issue Nov 28, 2022

test: reenable tests that were skipped during the implementation of #41

75940b9

hessjcg added a commit that referenced this issue Nov 29, 2022

test: reenable tests that were skipped during the implementation of #41

c409084

hessjcg added a commit that referenced this issue Nov 29, 2022

test: reenable tests that were skipped during the implementation of #41

242faae

hessjcg added a commit that referenced this issue Nov 29, 2022

test: reenable tests that were skipped during the implementation of #41

7799e97

hessjcg added a commit that referenced this issue Nov 30, 2022

test: reenable tests that were skipped during the implementation of #41

c1334a5

hessjcg added a commit that referenced this issue Dec 1, 2022

test: reenable tests that were skipped during the implementation of #41

a4265d4

hessjcg added a commit that referenced this issue Dec 1, 2022

test: reenable tests that were skipped during the implementation of #41

887f967

hessjcg added a commit that referenced this issue Dec 1, 2022

test: reenable tests that were skipped during the implementation of #41

49f5a76

hessjcg added a commit that referenced this issue Dec 1, 2022

test: reenable tests that were skipped during the implementation of #41

3db331e

hessjcg added a commit that referenced this issue Dec 1, 2022

test: reenable tests that were skipped during the implementation of #41

8673070

hessjcg added a commit that referenced this issue Dec 1, 2022

test: reenable tests that were skipped during the implementation of #41

73fe2a1

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

6bcf91f

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

78625f8

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

2a8f146

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

d67ef7f

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

76a48ed

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

211ba31

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

8c44d29

hessjcg added a commit that referenced this issue Dec 2, 2022

test: reenable tests that were skipped during the implementation of #41

35b885e

hessjcg added a commit that referenced this issue Dec 3, 2022

test: reenable tests that were skipped during the implementation of #41

ac46372

hessjcg added a commit that referenced this issue Dec 3, 2022

test: reenable tests that were skipped during the implementation of #41

66690ef

hessjcg added a commit that referenced this issue Dec 5, 2022

test: convert e2e tests to table test for all workload types (#41 ste…

09f29ec

…p 3) (#114) Convert e2e tests to table test for all workload types. Remove unused test helpers and clean up imports.

hessjcg added a commit that referenced this issue Dec 5, 2022

test: reenable tests that were skipped during the implementation of #41

4a2338b

hessjcg added a commit that referenced this issue Dec 5, 2022

test: reenable tests that were skipped during the implementation of #41

0654c11

hessjcg added a commit that referenced this issue Dec 5, 2022

test: reenable tests that were skipped during the implementation of #41

c7dd6b5

hessjcg added a commit that referenced this issue Dec 5, 2022

feat: add pod webhook boilerplate (#41 step 4) (#115)

9d3971c

Remove the "workloads" webhook add the Kubernetes boilerplate for a new webhook that modifies pods.

release-please bot mentioned this issue Dec 5, 2022

chore(main): release 0.0.1 #85

Closed

hessjcg added a commit that referenced this issue Dec 5, 2022

test: reenable tests that were skipped during the implementation of #41

dcb7c41

hessjcg added a commit that referenced this issue Dec 5, 2022

test: reenable tests that were skipped during the implementation of #41

2d2b59f

hessjcg added a commit that referenced this issue Dec 5, 2022

test: reenable tests that were skipped during the implementation of #41

ee2db46

hessjcg added a commit that referenced this issue Dec 6, 2022

test: reenable tests that were skipped during the implementation of #41

fcfc4d7

hessjcg added a commit that referenced this issue Dec 6, 2022

test: reenable tests that were skipped during the implementation of #41

0c1239a

hessjcg added a commit that referenced this issue Dec 6, 2022

test: reenable tests that were skipped during the implementation of #41

fddfb67

hessjcg added a commit that referenced this issue Dec 6, 2022

test: reenable tests that were skipped during the implementation of #41

0e02815

hessjcg added a commit that referenced this issue Dec 6, 2022

test: reenable tests that were skipped during the implementation of #41

b0e7892

hessjcg mentioned this issue Dec 7, 2022

feat: Finish pod webhook and workload reconcile implementation (#41 step 8) #119

Merged

hessjcg added a commit that referenced this issue Dec 7, 2022

test: reenable tests that were skipped during the implementation of #41

c7c5f0f

hessjcg closed this as completed in #119 Dec 7, 2022

hessjcg added a commit that referenced this issue Dec 7, 2022

feat: Finish pod webhook and workload reconcile implementation (#41 s…

3be65d5

…tep 8) (#119) Implement the new algorithm in the AuthProxyWorkload reconcile controller, as well as in the pod webhook. Fixes #41

This was referenced Dec 7, 2022

chore(main): release 0.0.2 #131

Closed

chore(main): release 0.0.3 #134

Merged

thomas-riccardi mentioned this issue Jul 24, 2023

Feature request: Support more Workload kinds: argo rollouts? #397

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Workload webhook should update the pod spec on the pod, not the workload definition #41

Workload webhook should update the pod spec on the pod, not the workload definition #41

hessjcg commented Oct 10, 2022

Workload webhook should update the pod spec on the pod, not the workload definition #41

Workload webhook should update the pod spec on the pod, not the workload definition #41

Comments

hessjcg commented Oct 10, 2022