Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate a schema for the ProwJob crd #19522

Merged
merged 18 commits into from
Sep 10, 2021
Merged

Generate a schema for the ProwJob crd #19522

merged 18 commits into from
Sep 10, 2021

Conversation

alvaroaleman
Copy link
Member

This PR adds codegeneration that uses controller-gen to generate a CRD
schema for ProwJobs based on the go types. This provides us with two
advantages:

  • It is not possible anymore to submit jobs with an invalid schema.
    Doing this could result in Prow going down completely.
  • kubectl explain can be used to get info about the fields in a
    prowjob

The only drawback of this change is that we lose the validation that .status.completionTime must be set if .status.state is in success, error, failure,as controller-gen doesn't seem to support cross-field validation.

Fixes #14925

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. area/config Issues or PRs related to code in /config area/prow Issues or PRs related to prow area/prow/bump Updates to the k8s prow cluster sig/testing Categorizes an issue or PR as relevant to SIG Testing. labels Oct 11, 2020
@alvaroaleman alvaroaleman force-pushed the crd-schema branch 2 times, most recently from 493cae1 to a83dcad Compare October 12, 2020 02:20
@alvaroaleman
Copy link
Member Author

/hold
It seems the generated schema is not actually valid:

The CustomResourceDefinition "prowjobs.prow.k8s.io" is invalid: 
* metadata.annotations: Too long: must have at most 262144 bytes
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[params].items.properties[value].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[params].items.properties[default].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[params].items.properties[value].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[conditions].items.properties[params].items.properties[value].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[taskSpec].properties[steps].items.properties[ports].items.properties[protocol].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[taskSpec].properties[stepTemplate].properties[ports].items.properties[protocol].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[taskSpec].properties[inputs].properties[params].items.properties[default].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[taskSpec].properties[params].items.properties[default].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[pipeline_run_spec].properties[pipelineSpec].properties[tasks].items.properties[taskSpec].properties[sidecars].items.properties[ports].items.properties[protocol].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property
* spec.validation.openAPIV3Schema.properties[spec].properties[pod_spec].properties[containers].items.properties[ports].items.properties[protocol].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property
* spec.validation.openAPIV3Schema.properties[spec].properties[pod_spec].properties[initContainers].items.properties[ports].items.properties[protocol].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property
* spec.validation.openAPIV3Schema.properties[spec].properties[decoration_config].properties[timeout].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"
* spec.validation.openAPIV3Schema.properties[spec].properties[decoration_config].properties[grace_period].type: Unsupported value: "Any": supported values: "array", "boolean", "integer", "number", "object", "string"

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 12, 2020
@alvaroaleman alvaroaleman mentioned this pull request Oct 12, 2020
Closed
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 15, 2020
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 4, 2021
@k8s-ci-robot k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 8, 2021
@alvaroaleman alvaroaleman mentioned this pull request Apr 23, 2021
Merged
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 7, 2021
@k8s-triage-robot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Aug 6, 2021
@alvaroaleman alvaroaleman mentioned this pull request Aug 24, 2021
Closed
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Aug 28, 2021
@alvaroaleman alvaroaleman force-pushed the crd-schema branch 2 times, most recently from 4f9f4c2 to dca7991 Compare August 28, 2021 01:25
@alvaroaleman
Copy link
Member Author

/label tide/merge-method-squash

@alvaroaleman
Copy link
Member Author

@chaodaiG @cjwagner ptal, I believe I have addressed all remarks now

chaodaiG
chaodaiG reviewed Sep 10, 2021
View reviewed changes
config/prow/cluster/BUILD.bazel
component(
"prowjob",
"customresourcedefinition",
args = ["--server-side=true"],
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: we're just speculating that this will work, but not sure. might suggest move this change to a separate PR just in case revert is needed we don't need to revert this large PR

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, not doing this will definitely not work as the PR changes the CRD file 😬

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

well, finger crossed then

chaodaiG
chaodaiG approved these changes Sep 10, 2021
View reviewed changes
Copy link
Contributor

@chaodaiG chaodaiG left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/hold

LGTM other than my nit

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 10, 2021
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Sep 10, 2021
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alvaroaleman, chaodaiG

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 10, 2021
@chaodaiG
Copy link
Contributor

/unhold

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 10, 2021
@k8s-ci-robot k8s-ci-robot merged commit 914737a into kubernetes:master Sep 10, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.23 milestone Sep 10, 2021
chaodaiG added a commit to chaodaiG/test-infra that referenced this pull request Sep 10, 2021
@chaodaiG
Revert "Generate a schema for the ProwJob crd (kubernetes#19522)"
0b1d48b 
This reverts commit 914737a.

Seems like server side apply didn't work:
https://prow.k8s.io/view/gs/kubernetes-jenkins/logs/post-test-infra-deploy-prow/1436369391678656512
k8s-ci-robot added a commit that referenced this pull request Sep 10, 2021
@k8s-ci-robot
Merge pull request #23547 from chaodaiG/revert-crd
dd2e904 
Revert "Generate a schema for the ProwJob crd (#19522)"
@chaodaiG chaodaiG mentioned this pull request Sep 10, 2021
Merged
alvaroaleman added a commit to alvaroaleman/test-infra that referenced this pull request Sep 16, 2021
@alvaroaleman
Revert "Revert "Generate a schema for the ProwJob crd (kubernetes#19522
e2f54b0 
…)""

This reverts commit 0b1d48b.
@alvaroaleman alvaroaleman mentioned this pull request Sep 16, 2021
Merged
@palnabarun palnabarun mentioned this pull request Nov 15, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chaodaiG chaodaiG chaodaiG approved these changes

@cblecker cblecker Awaiting requested review from cblecker

@cjwagner cjwagner Awaiting requested review from cjwagner

@wojtek-t wojtek-t Awaiting requested review from wojtek-t

Assignees

@chaodaiG chaodaiG

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/config Issues or PRs related to code in /config area/prow/bump Updates to the k8s prow cluster area/prow Issues or PRs related to prow cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. sig/testing Categorizes an issue or PR as relevant to SIG Testing. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. tide/merge-method-squash Denotes a PR that should be squashed by tide when it merges.
Projects
None yet
Milestone
v1.23
Development

Successfully merging this pull request may close these issues.

Improve admissions controller to prevent Prow jobs with bad config from taking down Prow.
7 participants
@alvaroaleman @fejta-bot @k8s-triage-robot @chaodaiG @cjwagner @jprzychodzen @k8s-ci-robot