Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🌱 pkg/../types_apiexport: add name, namespace #2222

Merged
merged 5 commits into from
Oct 28, 2022
Merged

🌱 pkg/../types_apiexport: add name, namespace #2222

merged 5 commits into from
Oct 28, 2022

Conversation

s-urbaniak
Copy link
Contributor

Summary

This adds name,namespace fields to permission claims so we can work independently on reverse permission claim authz and narrowly scoped permissionclaims by @nrb.

Related issue(s)

Relates to #2089
Relates to #1937

@openshift-ci openshift-ci bot requested review from ncdc and stevekuznetsov October 19, 2022 09:00
@openshift-ci openshift-ci bot added the kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API label Oct 19, 2022
@fgiloux fgiloux mentioned this pull request Oct 20, 2022
Merged
@s-urbaniak s-urbaniak force-pushed the claim-names branch 7 times, most recently from b85e80b to 296e804 Compare October 24, 2022 09:30
@s-urbaniak
Copy link
Contributor Author

CI / e2e-sharded - Failing

I cannot reproduce this locally 🤔

@stevekuznetsov
Copy link
Contributor

Does it fail 100% in CI?

@s-urbaniak
Copy link
Contributor Author

s-urbaniak commented Oct 24, 2022
edited
Loading

@stevekuznetsov so far twice but only on github 🤔 A local ARTIFACT_DIR=$PWD/artifacts UNSAFE_E2E_HACK_DISABLE_ETCD_FSYNC=true E2E_PARALLELISM=8 make test-e2e-sharded WHAT=./test/e2e/virtual/apiexport TEST_ARGS="-run TestAPIExportAPIBindingsAccess -v" yielded a success.

@stevekuznetsov
Copy link
Contributor

CI is unhappy, #2278 , below

 1 files have incorrect boilerplate headers:
pkg/apis/test/pattern.go 

 go module files are out of date

@stevekuznetsov
Copy link
Contributor

Flake on #2281
/retest
/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 28, 2022
@ncdc
Copy link
Member

ncdc commented Oct 28, 2022

/approve

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 28, 2022

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ncdc, stevekuznetsov

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 28, 2022
@openshift-merge-robot openshift-merge-robot merged commit 3583793 into kcp-dev:main Oct 28, 2022
sttts
sttts reviewed Oct 28, 2022
View reviewed changes
pkg/apis/apis/v1alpha1/types_apiexport.go
// This is mutually exclusive with resourceSelector.
// +required
// +kubebuilder:default=false
All bool `json:"all"`
Copy link
Member

@sttts sttts Oct 28, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not omitempty? IMO having "all" all the time is ugly.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed, set +optional and omitemtpy

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note: omitempty implies +optional. I debugged half of a day in controller-tools to find out.

sttts
sttts reviewed Oct 28, 2022
View reviewed changes
pkg/apis/apis/v1alpha1/types_apiexport.go
// If "name" is unset, all objects from the namespace are being claimed.
//
// +required
Namespace string `json:"namespace"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why not omit empty?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and why not optional?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

being required does not extend to more selector types.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed, however how do we want to validate this, using CEL?

@s-urbaniak s-urbaniak mentioned this pull request Oct 31, 2022
Merged
@s-urbaniak s-urbaniak deleted the claim-names branch October 31, 2022 11:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nrb nrb nrb left review comments

@sttts sttts sttts left review comments

@stevekuznetsov stevekuznetsov stevekuznetsov left review comments

@ncdc ncdc Awaiting requested review from ncdc

Assignees

@stevekuznetsov stevekuznetsov

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@s-urbaniak @stevekuznetsov @ncdc @nrb @sttts @openshift-merge-robot