-
Notifications
You must be signed in to change notification settings - Fork 40k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
apiextensions: validation for customresources #47263
apiextensions: validation for customresources #47263
Conversation
Hi @nikhita. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
1cdc672
to
6ef70fe
Compare
5044557
to
5e1c126
Compare
5e1c126
to
3bf86ac
Compare
3bf86ac
to
c70f918
Compare
4ce3290
to
8192977
Compare
This will not pass tests until kubernetes/gengo#61 is merged. |
8192977
to
604f48b
Compare
in, out := unwrapAlias(a), unwrapAlias(b) | ||
switch { | ||
case in == out: | ||
return true | ||
case in.Kind == out.Kind: | ||
// if the type exists already, return early to avoid recursion | ||
if existingTypes[in] { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also here: alreadyVisitedTypes
} | ||
|
||
func (s JSON) MarshalJSON() ([]byte, error) { | ||
if len(s.Raw) > 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
note that you're compressing empty into "null". That's reasonable given the rest of the API, it just catches my eye.
func Convert_v1beta1_JSON_To_apiextensions_JSON(in *JSON, out *apiextensions.JSON, s conversion.Scope) error { | ||
if in != nil { | ||
var i interface{} | ||
if err := json.Unmarshal(in.Raw, &i); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This makes sense. The end result is a protobuf shell with a delicious json nougat-y center, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
exactly :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes :)
As the JSON protobuf change is squashed already, here are the relevant lines of code:
@smarterclayton ^^^ |
This looks fairly straightforward. protobuf wrapping a limited json field with simple deserialization and a little validation. This may actually have been what the service catalog was looking for a while back. |
} | ||
|
||
// JSONSchemaProps is a JSON-Schema following Specification Draft 4 (http://json-schema.org/). | ||
type JSONSchemaProps struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe move this into its own types.go file - types_jsonschema.go
Looks like I expected. This has high level approval from me. |
Remove protobuf generation because of the interface type Add custom fuzzer funcs Add custom marshalling Add custom conversion functions move jsonschema types to separate file
update generated proto
* convert our types to openAPI types * update strategy to include crd * use strategy to validate customresource * add helper funcs * Fix conversion of empty ref field * add validation for forbidden fields * add defaulting for schema field * Validate CRD Schema
Update test schema Add polling for TestCRValidationOnCRDUpdate Add tests for forbidden fields Enable featureGate for CustomResourceValidation
update feature gates for generic apiserver Add apiextensions-apiserver features to golint_failures Ignore alpha feature if gate is disabled
73203bd
to
6ba1523
Compare
/lgtm |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, nikhita, smarterclayton, sttts Associated issue: 49747 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
@nikhita: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
Automatic merge from submit-queue |
Proposal: kubernetes/community#708
Additional discussion: #49879, #50625
Release note:
/cc @sttts @deads2k