Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Supporting disabling admission rules based on resource annotation #5516

Closed
JorTurFer opened this issue Feb 16, 2024 · 3 comments · Fixed by #5536
Closed

Supporting disabling admission rules based on resource annotation #5516

JorTurFer opened this issue Feb 16, 2024 · 3 comments · Fixed by #5536
Labels
feature-request All issues for new features that have not been committed to good first issue Good for newcomers help wanted Looking for support from community

Comments

@JorTurFer
Copy link
Member

JorTurFer commented Feb 16, 2024
edited
Loading

Proposal

We are improving to admission coverage to prevent misconfigurations, but this also can block some users in specific scenarios. Maybe we should introduce a system to disable specific rules based on resource annotations, transferring the ownership of which rules has to apply to the users.

I'm thinking about something like:

annotations:	
	validations.keda.sh/shared-ownership: false

This could disable the check for already managed workload
or

annotations:	
	validations.keda.sh/fallback: false

To covert his new validation: #5515

This could extend users capabilities to exclude (under their own risks) some validations without totally disabling admission validations
@JorTurFer JorTurFer added needs-discussion feature-request All issues for new features that have not been committed to labels Feb 16, 2024
@zroubalik
Copy link
Member

I like it, also an anotation to disable validation for that particular resource. Related to this, I want to emphasize the need for correct validation and check in the controller for some options, to not depend only on the webhook.

@zroubalik zroubalik added help wanted Looking for support from community good first issue Good for newcomers and removed needs-discussion labels Feb 16, 2024
@JorTurFer
Copy link
Member Author

I want to emphasize the need for correct validation and check in the controller for some options, to not depend only on the webhook

I agree with you, but I won't invest so much effort adding a good information in operator side. I mean, if we can expose useful information in both places it's nice, but it adding extended info in operator side requires a significant effort, I'd not invest on it because there is already and admission validation (for the extended information)

@zroubalik
Copy link
Member

Yeah, I mean the existing stuff, or a new fundamental features that requires some check to work correctly (a new field on SO/SJ spec or so).

@junekhan junekhan mentioned this issue Feb 27, 2024
Merged
7 tasks
@github-project-automation github-project-automation bot moved this from To Triage to Ready To Ship in Roadmap - KEDA Core Apr 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature-request All issues for new features that have not been committed to good first issue Good for newcomers help wanted Looking for support from community
Projects
Roadmap - KEDA Core
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add annotation on hpa to disable ownership validation junekhan/keda
2 participants
@zroubalik @JorTurFer