Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow NetworkPolicy.spec updates #47123

Merged
merged 1 commit into from
Jul 8, 2017
Merged

Allow NetworkPolicy.spec updates #47123

merged 1 commit into from
Jul 8, 2017

Conversation

danwinship
Copy link
Contributor

@danwinship danwinship commented Jun 7, 2017
edited
Loading

ValidateNetworkPolicyUpdate currently prohibits changes to spec in an existing NetworkPolicy. We were going to fix this for 1.7 but I forgot to submit this PR after the main PR merged. Too late for 1.7? @thockin @caseydavenport @cmluciano

This only changes networking.NetworkPolicy validation at the moment... Should I change extensions.NetworkPolicy validation too?

Fixes #35911

We should add a test to the e2e NetworkPolicy test for this too if this is going to merge.

Release note:

As part of the NetworkPolicy "v1" changes, it is also now
possible to update the spec field of an existing
NetworkPolicy. (Previously you had to delete and recreate a
NetworkPolicy if you wanted to change it.)

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jun 7, 2017
@k8s-github-robot k8s-github-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. release-note Denotes a PR that will be considered when it comes time to generate release notes. labels Jun 7, 2017
@thockin
Copy link
Member

thockin commented Jun 7, 2017

I am OK with this change in semantic, but are implementations ready for updates, since it has never happened before? My inclination would be to leave this out of 1.7, and broach it in 1.8.

Thoughts?

@dchen1107

@thockin
Copy link
Member

thockin commented Jun 7, 2017

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 7, 2017
@thockin
Copy link
Member

thockin commented Jun 7, 2017

(approved but no milestone)

@k8s-github-robot k8s-github-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 7, 2017
@danwinship
Copy link
Contributor Author

OpenShift's code purports to handle updates, though obviously it's untested.

I'm fine leaving this until 1.8. It's not really that hard for people to delete+recreate instead.

@caseydavenport
Copy link
Member

Calico code supports updates, though clearly it hasn't been tested e2e.

I'm happy to leave this until v1.8.

@danwinship danwinship mentioned this pull request Jun 7, 2017
Closed
23 tasks
@danwinship
Copy link
Contributor Author

should update test/e2e/network_policy.go before this actually lands
/lgtm cancel

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 12, 2017
@thockin
Copy link
Member

thockin commented Jul 1, 2017

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 1, 2017
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danwinship, thockin

Associated issue: 35911

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@tgraf
Copy link
Contributor

tgraf commented Jul 6, 2017

👍 Cilium supports updates as well.

@cmluciano
Copy link

@danwinship Do we still want to cherrypick for a 1.7.X release as well?

@danwinship
Copy link
Contributor Author

I'm assuming we don't at this point

@cmluciano
Copy link

/retest

not sure what is holding up the federation test

@cmluciano
Copy link

/retest

@cmluciano
Copy link

/retest

federation suite is fixed

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit 62ba00e into kubernetes:master Jul 8, 2017
@danwinship danwinship deleted the networkpolicy-update branch November 30, 2017 16:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@caseydavenport caseydavenport

@thockin thockin

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

NetworkPolicy does not allow update on Spec
7 participants
@danwinship @thockin @caseydavenport @k8s-github-robot @tgraf @cmluciano @k8s-ci-robot