Skip to content

[CFP-39876]: Add namespace filtering conditions to ServiceImport controller#44040

Merged
MrFreezeex merged 1 commit intocilium:mainfrom
jimassa:topic/jimassa/cm-ns-mcsapi-conditions
Feb 12, 2026
Merged

[CFP-39876]: Add namespace filtering conditions to ServiceImport controller#44040
MrFreezeex merged 1 commit intocilium:mainfrom
jimassa:topic/jimassa/cm-ns-mcsapi-conditions

Conversation

@jimassa
Copy link
Copy Markdown
Contributor

@jimassa jimassa commented Jan 27, 2026
edited
Loading

Summary

Add namespace global status checking to the MCS-API ServiceImport controller. This implements the MCS-API portion of the ClusterMesh global namespace filtering feature as described in CFP-39876.

Follow-up of:

Changes

  • Set Invalid condition on ServiceExport when namespace is not global
  • Set NamespaceNotGlobal condition on ServiceImport when namespace is not global
  • Service controller directly checks namespace global status and skips/deletes derived Service for non-global namespaces"

And add pkg/clustermesh/mcsapi/service_controller.go and pkg/clustermesh/mcsapi/service_controller_test.go to the list of modified files.

CFP Requirements Addressed

Per the CFP MCS Support section:

  1. ServiceExport: Reports a Condition signaling the namespace is local and service is not exported
  2. ServiceImport: Still created but reports a Condition signaling service cannot be imported
  3. Derived Service: Not created (and existing ones deleted) for non-global namespaces

Files Changed

  • pkg/clustermesh/mcsapi/cell.go - Add namespace manager dependency
  • pkg/clustermesh/mcsapi/serviceimport_controller.go - Add namespace filtering logic and conditions
  • pkg/clustermesh/mcsapi/serviceimport_controller_test.go - Add tests for non-global namespace handling
  • pkg/clustermesh/mcsapi/service_controller.go – namespace filtering in derived service controller
  • pkg/clustermesh/mcsapi/service_controller_test.go – tests for non-global namespace handling

Test plan

  • Unit tests pass for ServiceImport controller with non-global namespace
  • Integration tests with actual cluster

@jimassa jimassa requested review from a team as code owners January 27, 2026 19:21
@jimassa jimassa requested review from MrFreezeex and joamaki January 27, 2026 19:21
@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Jan 27, 2026
@github-actions github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Jan 27, 2026
@jimassa jimassa marked this pull request as draft January 27, 2026 19:21
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch from 85f805a to ae1b98c Compare January 27, 2026 19:31
@jimassa jimassa marked this pull request as ready for review January 27, 2026 22:53
@jimassa jimassa marked this pull request as draft January 27, 2026 22:53
@anubhabMajumdar anubhabMajumdar mentioned this pull request Jan 29, 2026
Merged
8 tasks
@jimassa jimassa marked this pull request as ready for review February 2, 2026 11:57
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch from ae1b98c to 79eaee9 Compare February 2, 2026 11:58
@jimassa jimassa changed the title mcsapi: Add namespace filtering conditions to ServiceImport controller [CFP-39876]: Add namespace filtering conditions to ServiceImport controller Feb 2, 2026
@anubhabMajumdar
Copy link
Copy Markdown
Contributor

anubhabMajumdar commented Feb 2, 2026

/test

1 similar comment
@joamaki
Copy link
Copy Markdown
Contributor

joamaki commented Feb 3, 2026

/test

@joamaki joamaki added the release-note/minor This PR changes functionality that users may find relevant to operating Cilium. label Feb 3, 2026
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Feb 3, 2026
MrFreezeex
MrFreezeex requested changes Feb 4, 2026
View reviewed changes
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch 2 times, most recently from 38cbb06 to 25e2ebd Compare February 5, 2026 11:17
@ldelossa ldelossa added the area/agent Cilium agent related. label Feb 5, 2026
@ldelossa
Copy link
Copy Markdown
Contributor

ldelossa commented Feb 5, 2026

/test

@ldelossa ldelossa requested a review from MrFreezeex February 5, 2026 15:18
@ldelossa ldelossa enabled auto-merge February 5, 2026 16:08
@ldelossa
Copy link
Copy Markdown
Contributor

ldelossa commented Feb 5, 2026

Marking 'merge when ready' barring @MrFreezeex 's final re-review.

MrFreezeex
MrFreezeex requested changes Feb 5, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@MrFreezeex MrFreezeex left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the iteration I left a few more comments and I also realized that the actual code was not tackling this point yet:
"Derived Service: Not created (and existing ones deleted) for non-global namespaces"

@MrFreezeex MrFreezeex disabled auto-merge February 5, 2026 16:30
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch from 25e2ebd to 48ca5aa Compare February 5, 2026 17:24
@anubhabMajumdar
Copy link
Copy Markdown
Contributor

anubhabMajumdar commented Feb 5, 2026

/test

@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch 2 times, most recently from 7394c5f to 48bad65 Compare February 6, 2026 15:44
MrFreezeex
MrFreezeex requested changes Feb 6, 2026
View reviewed changes
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch from 48bad65 to 5119e86 Compare February 6, 2026 17:40
MrFreezeex
MrFreezeex reviewed Feb 8, 2026
View reviewed changes
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch 3 times, most recently from 1339357 to aedfbdd Compare February 9, 2026 21:02
@pchaigno pchaigno requested a review from MrFreezeex February 11, 2026 13:32
@pchaigno
Copy link
Copy Markdown
Member

pchaigno commented Feb 11, 2026

/test

@anubhabMajumdar
Copy link
Copy Markdown
Contributor

anubhabMajumdar commented Feb 12, 2026

/ci-clustermesh

MrFreezeex
MrFreezeex reviewed Feb 12, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@MrFreezeex MrFreezeex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! I have more small comment inline but otherwise lgtm!

@jimassa
mcsapi: Add namespace filtering conditions to ServiceImport controller
f6f0e9f 
Add namespace global status checking to the ServiceImport controller:
- Set Invalid condition on ServiceExport when namespace is not global
- Set NamespaceNotGlobal condition on ServiceImport when namespace is not global
- Signal service controller to skip/delete derived Service for non-global namespaces
  by setting SupportedIPFamilies annotation to empty

This implements the MCS-API portion of the ClusterMesh global namespace
filtering feature as described in CFP-39876.

Signed-off-by: Jacques Massa <jac.massa0908@gmail.com>
@jimassa jimassa force-pushed the topic/jimassa/cm-ns-mcsapi-conditions branch from aedfbdd to f6f0e9f Compare February 12, 2026 20:36
@MrFreezeex
Copy link
Copy Markdown
Member

MrFreezeex commented Feb 12, 2026

/test

@MrFreezeex MrFreezeex enabled auto-merge February 12, 2026 20:40
@MrFreezeex MrFreezeex added this pull request to the merge queue Feb 12, 2026
@maintainer-s-little-helper maintainer-s-little-helper bot added the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Feb 12, 2026
Merged via the queue into cilium:main with commit d10b038 Feb 12, 2026
75 of 77 checks passed
@jimassa jimassa deleted the topic/jimassa/cm-ns-mcsapi-conditions branch February 13, 2026 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joamaki joamaki joamaki approved these changes

@MrFreezeex MrFreezeex MrFreezeex approved these changes

Assignees

No one assigned

Labels

area/agent Cilium agent related. kind/community-contribution This was a contribution made by a community member. ready-to-merge This PR has passed all tests and received consensus from code owners to merge. release-note/minor This PR changes functionality that users may find relevant to operating Cilium.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@jimassa @anubhabMajumdar @joamaki @ldelossa @pchaigno @MrFreezeex