allow namespace-scoped parametersRef #543
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
kind/feature
k8s-ci-robot
added
the
approved
k8s-ci-robot
added
the
size/M
hbagdi
force-pushed
the
param-ref-namespace
branch
from
8c7a057 to
c7b00fa
Compare
hbagdi
force-pushed
the
param-ref-namespace
branch
from
c7b00fa to
f259f11
Compare
robscott
reviewed
Feb 11, 2021
This patch adds a namespace field to the parametersRef reference. This allows cluster-scoped GatewayClass resource to reference a namespaced-scoped parameters resource. This is in-line with upstream KEP 2365: https://github.com/kubernetes/enhancements/blob/master/keps/prod-readiness/sig-network/2365.yaml Why is it done the way it is done? - Namespace field was not added to LocalObjectReference because that type is referenced in a lot of places. We don't want to add in an optional namespace field in all these places and increase security issues with cross-namespace references. - ObjectReference was not used because upstream discourages its use: https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. Instead, a new type was introduced as per upstream's guidance. - A new "Cluster" field was added as advised upstream: kubernetes/enhancements#2366 (comment)
hbagdi
force-pushed
the
param-ref-namespace
branch
from
f259f11 to
266d0da
Compare
|
Thanks! /lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hbagdi, robscott The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch adds a namespace field to the parametersRef reference.
This allows cluster-scoped GatewayClass resource to reference a
namespaced-scoped parameters resource.
This is in-line with upstream KEP 2365:
https://github.com/kubernetes/enhancements/blob/master/keps/prod-readiness/sig-network/2365.yaml
Why is it done the way it is done?
type is referenced in a lot of places. We don't want to add in an
optional namespace field in all these places and increase security
issues with cross-namespace references.
https://pkg.go.dev/k8s.io/api/core/v1#ObjectReference. Instead, a new type was
introduced as per upstream's guidance.
Adding KEP 2365: IngressClass Namespaced Params kubernetes/enhancements#2366 (comment)
What type of PR is this?
/kind feature
What this PR does / why we need it:
This patch adds a namespace field to the parametersRef reference.
This allows cluster-scoped GatewayClass resource to reference a
namespaced-scoped parameters resource.
Which issue(s) this PR fixes:
Fixes #524
Close #523
Does this PR introduce a user-facing change?: