Upgrade CRDs (apiextensions) from v1beta1 to v1#11477
Merged
Conversation
This comment has been minimized.
This comment has been minimized.
12 tasks
8646a39 to
45b4703
Compare
45b4703 to
9f4bac9
Compare
This comment has been minimized.
This comment has been minimized.
9f4bac9 to
cccf294
Compare
This comment has been minimized.
This comment has been minimized.
1 similar comment
This comment has been minimized.
This comment has been minimized.
f179c99 to
4314e82
Compare
This comment has been minimized.
This comment has been minimized.
4314e82 to
f13f109
Compare
This comment has been minimized.
This comment has been minimized.
f13f109 to
788166f
Compare
This comment has been minimized.
This comment has been minimized.
Member
|
CI has passed! 🎉 |
780e98c to
7e27a91
Compare
This provides coverage for both v1 and v1beta1 variants. Signed-off-by: Chris Tarazi <chris@isovalent.com>
This commit fixes occurrences of the wrong policy file referenced in the expectations, resulting in misleading error messages in the test output. Also, this fixes up an incorrect error message when we expect a policy to fail to apply. Signed-off-by: Chris Tarazi <chris@isovalent.com>
Our policies were written under an incorrect format, where we were setting a top-level description instead of using the already existing spec.description field. Since upgrading our CRDs to v1, this causes validation errors when applying these YAMLs: ``` $ kubectl apply -f test/k8sT/manifests/cnp-update-allow-all.yaml error: error validating "test/k8sT/manifests/cnp-update-allow-all.yaml": error validating data: ValidationError(CiliumNetworkPolicy): unknown field "description" in io.cilium.v2.CiliumNetworkPolicy; if you choose to ignore these errors, turn validation off with --validate=false ``` This commit migrates our use of the incorrect field to the correct location. Note that policies can still be created with a top-level description field due to support from our fork of controller-tools, see commit: christarazi/controller-tools@e0828e0 Support for the top-level description field will likely be removed in future versions of Cilium. Related: #13155 Signed-off-by: Chris Tarazi <chris@isovalent.com>
3614f47 to
99920c0
Compare
Member
|
Added the following to d592e8c: diff --git a/pkg/k8s/apis/cilium.io/v2/client/register.go b/pkg/k8s/apis/cilium.io/v2/client/register.go
index ee24493cb..b2d7adc2f 100644
--- a/pkg/k8s/apis/cilium.io/v2/client/register.go
+++ b/pkg/k8s/apis/cilium.io/v2/client/register.go
@@ -336,6 +336,12 @@ func updateV1CRD(
clusterCRD.ObjectMeta.Labels = crd.ObjectMeta.Labels
clusterCRD.Spec = crd.Spec
+ // Even though v1 CRDs omit this field by default (which also
+ // means it's false) it is still carried over from the previous
+ // CRD. Therefore, we must set this to false explicitly because
+ // the apiserver will carry over the old value (true).
+ clusterCRD.Spec.PreserveUnknownFields = false
+
_, err := client.CustomResourceDefinitions().Update(
context.TODO(),
clusterCRD, |
Member
|
test-me-please |
joestringer
approved these changes
Sep 15, 2020
Member
joestringer
left a comment
There was a problem hiding this comment.
LGTM. I only looked at my code owners. I did not look at the CRD definition examples.
christarazi
added a commit
to christarazi/cilium
that referenced
this pull request
Sep 23, 2020
This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: cilium#11477 (comment) Updates: cilium#12737 Signed-off-by: Chris Tarazi <chris@isovalent.com>
qmonnet
pushed a commit
that referenced
this pull request
Sep 24, 2020
This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com>
vadorovsky
pushed a commit
that referenced
this pull request
Sep 25, 2020
[ upstream commit 5c6aad6 ] This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
vadorovsky
pushed a commit
that referenced
this pull request
Sep 25, 2020
[ upstream commit 5c6aad6 ] This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
vadorovsky
pushed a commit
that referenced
this pull request
Sep 29, 2020
[ upstream commit 5c6aad6 ] This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
vadorovsky
pushed a commit
that referenced
this pull request
Sep 29, 2020
[ upstream commit 5c6aad6 ] This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
aanm
pushed a commit
that referenced
this pull request
Sep 29, 2020
[ upstream commit 5c6aad6 ] This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
joestringer
pushed a commit
that referenced
this pull request
Sep 29, 2020
[ upstream commit 5c6aad6 ] This commit removes the ability to delete CRDs from Cilium because that would delete all the CRs in the cluster. Follow-up from: #11477 (comment) Updates: #12737 Signed-off-by: Chris Tarazi <chris@isovalent.com> Signed-off-by: Michal Rostecki <mrostecki@opensuse.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR is the final piece of the CRD work to fully automate CRD generation and validation.
Depends on #11476
This is required for support of K8s
1.191.22:Related: #13155
Fixes: #11142
Fixes: #12516