Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🐛 Make MachineSpec Version validation consistent with KCP #3147

Conversation

CecileRobertMichon
Copy link
Contributor

@CecileRobertMichon CecileRobertMichon commented Jun 4, 2020

What this PR does / why we need it: Makes MachineSpec Version validation consistent with KCP version validation. For both KCP and Machine Spec.Version, the version will be defaulted to have a "v prefix if the user doesn't pass it in with the prefix to avoid this being a breaking change.

⚠️ The v prefix is now required for MachineSpec.Version and will be defaulted if not provided.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #3128

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jun 4, 2020
@k8s-ci-robot k8s-ci-robot requested review from benmoss and ncdc June 4, 2020 22:18
@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jun 4, 2020
@CecileRobertMichon CecileRobertMichon force-pushed the mp-version-validation branch 2 times, most recently from 85c5468 to 0dc37b1 Compare June 4, 2020 23:08
@vincepri
Copy link
Member

vincepri commented Jun 4, 2020

/milestone v0.3.7

@k8s-ci-robot k8s-ci-robot added this to the v0.3.7 milestone Jun 4, 2020
@detiber
Copy link
Member

detiber commented Jun 5, 2020

/hold
It looks like this would break any existing reconciliation of resources that may already exist with the previous validation.

Would it be better to update KCP to allow a non-'v' prefixed version and add a TODO item for when we are ready to introduce breaking changes with v1alpha4 to add validation with 'v' that way we could handle the conversion automatically through a conversion webhook?

Alternatively, we could probably add the v prefix as part of the defaulting webhook, which should run prior to any defaulting webhooks we have, but that would likely require us to do the validation in a webhook rather than as part of the openapi spec, since I believe that validation is processed prior to defaulting webhooks being run.

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 5, 2020
@vincepri
Copy link
Member

vincepri commented Jun 5, 2020

IIRC defaulting webhooks should run before any validation, but I don't remember about OpenAPI validation  — we should add a test for this

@CecileRobertMichon
Copy link
Contributor Author

CecileRobertMichon commented Jun 5, 2020

openapi validation will run before any webhooks. It is a breaking change, just like #2691 was (CAPZ e2e tests were broken by that change when it was merged actually). Right now we're inconsistent though, so this was aiming to bring that consistency back, with #2691 (comment) in mind.

I personally don't agree with breaking the user to make them learn and I would prefer to change KCP to be tolerant to non-v prefixed versions (I actually don't know if that's even a kubeadm requirement), but since that decision was already taken in #2691 I didn't want to reverse it.

@randomvariable do you remember why that stricter validation had to be added in the first place? Semver validation was already added in #2647 and #2674

@vincepri
Copy link
Member

vincepri commented Jun 5, 2020

If we move the regex to a Go-regex and use it in the validation webook + defaulting webhook that fixes the Machine version, we should be good. In v1alpha4 we can drop this behavior and standardize on the openapi-regex

@CecileRobertMichon
Copy link
Contributor Author

CecileRobertMichon commented Jun 5, 2020

@vincepri should I also do this for KCP? Also do you know why the v is required?

@vincepri
Copy link
Member

vincepri commented Jun 5, 2020

Today, the leading v is required in KCP

@CecileRobertMichon
Copy link
Contributor Author

Today, the leading v is required in KCP

I know it's required since #2691 but my question was more why does it need to be required? ie. would it have a negative impact to relax that requirement by only checking for a valid semver version?

@vincepri
Copy link
Member

vincepri commented Jun 5, 2020

Ah got it, apologies I got distracted and understood something else. IIRC the decision was to make it consistent within the whole codebase when dealing with upgrades. We've found for example that most of the container images have leading v everywhere as well, and we ended up defaulting everywhere.

I'm open to revisit that decision, a lot has changed since then.

@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jun 5, 2020
@CecileRobertMichon
Copy link
Contributor Author

@detiber @vincepri updated the PR to do regex validation in the webhooks with defaulting in place for both KCP and Machine. Let me know what you think.

@CecileRobertMichon
Copy link
Contributor Author

Seeing test failures in machinehealthcheck_controller_test, seems related to https://kubernetes.slack.com/archives/C8TSNPY4T/p1591379760446600

@vincepri
Copy link
Member

vincepri commented Jun 5, 2020

@CecileRobertMichon is this rebased on latest master?

@CecileRobertMichon
Copy link
Contributor Author

@vincepri yes it is

@detiber
Copy link
Member

detiber commented Jun 8, 2020

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 8, 2020
Copy link
Member

@vincepri vincepri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 8, 2020
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: CecileRobertMichon, vincepri

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Machine and KubeadmControlPlane disagree on k8s version validation
4 participants