Register direct controller in init()

[yuwenma]

Change description

Currently, developers need to register each direct controller in multiple places, and needs to list their dedicated GVK values.

This PR proposes two changes:

1. Register the direct controller's "Model" via go init. This should simplify the code and increase the readability as: developing a direct controller starts from register a Model --> the Model implements a Adapter --> the Adapter implements crud + export.
2. Introduce a new CRD label cnrm.cloud.google.com/directcrd=true, so developers do not need to list the new resource GVK in both CC registry and the e2e test base workflow. This label approach is the same as the TF and DCL based CRDs. Direct controller will be the default controller to use. If using TF/DCL controller, developers need to use the corresponding CRD labels. KCC_USE_DIRECT_RECONCILERS flag will override the TF/DCL label to force using the direct controller.

How to use

• Register your direct controller in pkg/controller/direct/register/register.go

import  _ "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct/apikeys"

• Register your direct controller Model to directbase.ControllerBuilder

func init() {
	directbase.ControllerBuilder.RegisterModel(krm.APIKeysKeyGVK, func (config *controller.Config) directbase.Model)
}

[yuwenma]

This file is no longer needed since the direct controller e2e test will be covered in tests-e2e-fixtures.

[justinsb]

Are we able to turn on the golden checks in tests-e2e-fixtures? That's the big advantage of these tests, they are actually much stricter....

[yuwenma]

Are we able to turn on the golden checks in tests-e2e-fixtures?

I think we should. Do you happen to know why we don't add the golden check in tests-e2e-fixtures previously?

[yuwenma]

I plan to turn on the stricter golden check on the generic e2e fixtures (that would be in a separate PR). Right now, I put back the direct e2e path.

[justinsb]

Looks good, a few nits/suggestions

[justinsb]

Nit: cnrm.cloud.google.com/direct (it's the controller that's direct, not really the CRD). Or it could just the default if we don't specify tf2crd or dcl2crd ?

[yuwenma]

I'll change this to "cnrm.cloud.google.com/direct". And +1 to make the direct as default eventually.

[yuwenma]

I rethink about this. I think we can be more "direct aggressive" here (and we should be good if we do):

• By default we expect a resource to use direct controller
• if to use TF/DCL controller, the CRD has to have the corresponding label.(current behavior)

[justinsb]

I like this!

[justinsb]

Might be easier to have a directbase.ControllerBuilder.IsDirect helper, than to require the additional label.

[yuwenma]

I don't have a preference. This is just to keep the same code style as below (line 232 and line 241).

[yuwenma]

so as the function name "Add" vs "AddController"

[justinsb]

Are we able to turn on the golden checks in tests-e2e-fixtures? That's the big advantage of these tests, they are actually much stricter....

[gemmahou]

I noticed the vcr test failed due to test timeout on "apikeyskey". Unsure if that's related to this PR, but we can fix it by

1. Regenerate the vcr log and make sure the "replay" pass locally
2. Skip this test, and I'll regenerate the log later and re-enable it. An example: https://github.com/GoogleCloudPlatform/k8s-config-connector/blob/master/config/tests/samples/create/harness.go#L681-L682, we'll need to comment out this test from the allow list.

[acpana]

With this change, can we still have resources in transition? For instance, for ApiKey AFAICT, we didn't actually make the switch to a direct CRD but I could be wrong.

What I like about the current state of the world is that we can turn on TF/ DCL based resources to use the DirectController via the feature flag (KCC_USE_DIRECT_RECONCILERS) and have developers iterate between the behavior of a TF/ DCL based controller and a direct one. Can we preserve that somehow?

[yuwenma]

With this change, can we still have resources in transition?

Yes, we can. The KCC_USE_DIRECT_RECONCILERS should still work as it is.

[acpana]

I think in the end state we don't have direct tests specifically but I think these can be useful for folks, especially as they iterate on a resource conversion.

[yuwenma]

The KCC_USE_DIRECT_RECONCILERS flag shall still work (which gives developers the testing approach during the resource conversion). For release, we can purely rely on the CRD annotations to tell whether a direct or TF controller shall manage a resource kind (and eventually direct will be the default so it does not need a annotation).

[yuwenma]

One thing I'm not sure (as @justinsb pointed out) is that if we can turn on golden checks for all e2e-fixture tests. Maybe we can try the strict rules and see how big the fix need to be. But anyways, I plan to keep the tests-e2e-dierct.sh for now until the generic e2e has the golden check.

[yuwenma]

Just a note for reviewers: The previous code only turn on LLM in direct controller, all other resources that already have direct controller and API are only turning on via the KCC_USE_DIRECT_RECONCILERS flag.
When those resources are ready for direct controller, we can simply remove their "cnrm.cloud.google.com/tf2crd=true" label.

cc @justinsb @acpana

[justinsb]

Cool!

[justinsb]

Cool!

[justinsb]

Nit: IIRC crd.GroupVersionKind() is problematic, ideally ControllerBuilder would record the GVK

[justinsb]

Thanks @yuwenma

/approve
/lgtm

[google-oss-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: justinsb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [justinsb]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment