List inbuilt sources if CRD access is restricted #948
Conversation
Fixes knative#947 - Identify restricted access error - If server returns restricted access error, fallback to listing only eventing inbuilt sources using their GVKs. - List any inbuilt source (ApiServerSource) object and read the error to know if eventing is installed for `kn source list-types`.
knative-prow-robot
added
the
do-not-merge/work-in-progress
knative-prow-robot
added
the
approved
There was a problem hiding this comment.
@navidshaikh: 3 warnings.
In response to this:
Description
- Identify restricted access error
- If server returns restricted access error, fallback to listing
only eventing inbuilt sources using their GVKs.- List any inbuilt source (ApiServerSource) object and read the error
to know if eventing is installed forkn source list-types.Changes
- Add
IsForbiddenErrorin kn error factory- Add
ListSourcesUsingGVKsto dynamic client- Add
BuiltInSourcesGVKstopkg/sources/v1alpha2/client.gowhich returns inbuilt source GVKsReference
Fixes #947
/lint
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
knative-prow-robot
added
the
size/L
navidshaikh
force-pushed
the
pr/source-list
branch
from
e2f6ca3 to
a0e527b
Compare
|
@rhuss @maximilien @daisy-ycguo: I will add the tests if the approach looks good. |
| // Clear the Group and Version for list if there are multiple types of source objects found | ||
| // Keep the source's GVK if there is only one type of source objects found or requested via --type filter | ||
| if numberOfSourceTypesFound > 1 { | ||
| sourceList.SetGroupVersionKind(schema.GroupVersionKind{Group: "", Version: "", Kind: "List"}) |
There was a problem hiding this comment.
I'm not sure whether we should set or not-set the GVK based on the result. This might lead to unexpected behaviour depending on the context where you run it. I think its better to just leave out the GVK on the list (or maybe even better, but not sure if this works), just return a slice of Unstructed instead of an UnstructuredList
There was a problem hiding this comment.
This was done to show proper values if json or yaml format of list is requested and the list contains multiple types of source objects.
There was a problem hiding this comment.
We'd need GVK set for the (list) object here as (json/yaml) printers require it. The question was which version/group to set if there are different types of sources found, so we set cleared group and version values and set List for kind.
If there is only one type of source object found OR user requested single type using --type filter, we keep the GVK intact.
There was a problem hiding this comment.
Yes, but imagine the situation that by accident you have only one source of one type. If you list those, you the GVK set. Some time later another source of another type is added. Suddenly know the GVK gets removed or changed to an artificial "List". I think as we are dealing with a heterogenous list, that, by accident, can be also homogenous, we should treat it as a heterogenous list always. I would not mind to introduce a new type here, like we did for the Export, with an client.knative.dev group and a v1alpha1 version for now, but then use it all the time.
There was a problem hiding this comment.
I would not mind to introduce a new type here, like we did for the Export, with an client.knative.dev group and a v1alpha1 version for now, but then use it all the time.
yea, we could do that, however for the other point about list of single source type, I think setting exact source type for single-type-of-source list is explicit and we could scope the client custom type for list only if there multiple types of sources.
There was a problem hiding this comment.
Added #953 to track adding setting this custom client type for list. We can refine in next iteration.
navidshaikh
changed the title
knative-prow-robot
removed
the
do-not-merge/work-in-progress
| } | ||
|
|
||
| // ListSourcesUsingGVKs returns list of available source objects using given list of GVKs | ||
| func (c *knDynamicClient) ListSourcesUsingGVKs(gvks *[]schema.GroupVersionKind, types ...WithType) (*unstructured.UnstructuredList, error) { |
There was a problem hiding this comment.
I wonder what is the best function behavior when gvks is nil: a) to return a nil list or b) to ignore gvks and use types to filter. The current behavior is a).
Yet when types is nil, the current behavior is b) to ignore types and use gvks to filter, not a) to return a nil list. It makes me a little weird.
Of course it doesn't affect the current functions. For future usage, maybe change to the same behavior when either of these two parameters is nil.
There was a problem hiding this comment.
We use types only to subset the found source types. If gvks list is nil, it returns nil. Does this answer your question ?
|
The following is the coverage report on the affected files.
|
|
/retest |
|
/test pull-knative-client-integration-tests |
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: navidshaikh, rhuss The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
navidshaikh
added
the
backport/candidate
* List inbuilt sources if CRD access is restricted Fixes knative#947 - Identify restricted access error - If server returns restricted access error, fallback to listing only eventing inbuilt sources using their GVKs. - List any inbuilt source (ApiServerSource) object and read the error to know if eventing is installed for `kn source list-types`. * Fix golint warnings * Remove unused imports * Verify each built in source before listing source types * Improve the check if sources are not installed in the cluster * Update finding forbidden error * Update finding errors * Add unit tests for IsForbiddenError util * Add unit tests * Add tests for dynamic pkg library * Add unit tests for case when no sources are installed * Update test name
* fix(docs): Fix tekton task link in README (#934) * Fix missing NAMESPACE column header (#951) * Fix missing NAMESPACE column header * Fix missing namespace column header for 'kn source list -A' * List inbuilt sources if CRD access is restricted (#948) * List inbuilt sources if CRD access is restricted Fixes #947 - Identify restricted access error - If server returns restricted access error, fallback to listing only eventing inbuilt sources using their GVKs. - List any inbuilt source (ApiServerSource) object and read the error to know if eventing is installed for `kn source list-types`. * Fix golint warnings * Remove unused imports * Verify each built in source before listing source types * Improve the check if sources are not installed in the cluster * Update finding forbidden error * Update finding errors * Add unit tests for IsForbiddenError util * Add unit tests * Add tests for dynamic pkg library * Add unit tests for case when no sources are installed * Update test name * Use Tekton Catalog GA structure for tasks (#966) * fix: `kn source list` command print spelling problems (#963) * Fix exit code on service delete and revision delete (#971) * Fix exit code 0 upon service delete * Mentioned bug fix in CHANGELOG.adoc * Add error check test for service not found * Fix for kn revision delete failure exit code and add test cases * Testing changes in test cases for failure in intergration tests * Fix test case error causing integration test failure * fix(volume): Generate volume name compliant with DNS Label names (#975) * fix(volume): Volume names to not contain dots Replace non alphanumberic characters with hyphen as the volumen name must be a DNS_LABEL (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-label-names) ref: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.18/#volume-v1-core * Generate volume name compliant with DNS Label names Volume names to follow the DNS label standard as defined in RFC 1123. This means the name must: - contain at most 63 characters - contain only lowercase alphanumeric characters or '-' - start with an alphanumeric character - end with an alphanumeric character * Set client custom GVK for source list for machine readable output (#980) - Use custom GVK {Group: client.knative.dev, Version: v1alpha1, Kind: SourceList} - Source list may contain different source types CO and machine readable output (using -o) requires List object to have GVK set, since the list contains different types of source COs, we set a custom client GVK on it. Fixes #953 * Update CHANGELOG for v0.16.1 Co-authored-by: kaustubh <[email protected]> Co-authored-by: Chris Suszynski <[email protected]> Co-authored-by: tianfeiyu <[email protected]> Co-authored-by: Himanshu Ranjan <[email protected]>
* List inbuilt sources if CRD access is restricted Fixes knative#947 - Identify restricted access error - If server returns restricted access error, fallback to listing only eventing inbuilt sources using their GVKs. - List any inbuilt source (ApiServerSource) object and read the error to know if eventing is installed for `kn source list-types`. * Fix golint warnings * Remove unused imports * Verify each built in source before listing source types * Improve the check if sources are not installed in the cluster * Update finding forbidden error * Update finding errors * Add unit tests for IsForbiddenError util * Add unit tests * Add tests for dynamic pkg library * Add unit tests for case when no sources are installed * Update test name
navidshaikh
added
backported-to/0.16
and removed
backport/candidate
Description
only eventing inbuilt sources using their GVKs.
to know if eventing is installed for
kn source list-types.Changes
isForbiddenErrorin kn error factoryListSourcesUsingGVKsto dynamic clientBuiltInSourcesGVKstopkg/sources/v1alpha2/client.gowhich returns inbuilt source GVKsReference
Fixes #947
/lint