This repository was archived by the owner on Jun 22, 2023. It is now read-only.

feat(validation): Add catalog entry validation in controller #5

Open

varshaprasad96 wants to merge 14 commits into kcp-dev:main from varshaprasad96:hack/cotalog-controller

Contributor

varshaprasad96 commented Aug 31, 2022 •

edited by dinhxuanvu

Loading

Validate export references in entry spec
Aggregate PermissionClaims and API resources info from
referenced APIExport to entry status

Signed-off-by: Vu Dinh vudinh@outlook.com

Contributor Author

varshaprasad96 commented Aug 31, 2022

This is based on the CE api defined in commit (6f259d6) and is subject to change. Please hold from reviewing as this is not complete yet.
/hold

varshaprasad96 added the do-not-merge/hold label

Member

ncdc commented Sep 13, 2022

If you don't mind, please pause working on this until we have solidified the API. Thanks!

dinhxuanvu force-pushed the hack/cotalog-controller branch from 106c7b4 to 7ee76a1 Compare

September 28, 2022 15:07

dinhxuanvu changed the title ~~WIP: Hack/catalog controller~~ [WIP]: feat(validation): Add catalog entry validation in controller

dinhxuanvu changed the title ~~[WIP]: feat(validation): Add catalog entry validation in controller~~ [WIP] feat(validation): Add catalog entry validation in controller

dinhxuanvu force-pushed the hack/cotalog-controller branch from 5215e6b to 0af5f63 Compare

October 6, 2022 15:53

varshaprasad96 mentioned this pull request

Open

5 tasks

dinhxuanvu force-pushed the hack/cotalog-controller branch 3 times, most recently from b488298 to 0b17ed1 Compare

October 18, 2022 20:26

dinhxuanvu marked this pull request as ready for review

October 18, 2022 20:27

dinhxuanvu mentioned this pull request

Revert KB default scaffolding #9

Merged

dinhxuanvu changed the title ~~[WIP] feat(validation): Add catalog entry validation in controller~~ feat(validation): Add catalog entry validation in controller

dinhxuanvu removed the do-not-merge/hold label

varshaprasad96 and others added 2 commits

November 10, 2022 20:06


          Hack: reconciler logic for verifying if APIExport exists

2e1b9ef


          Add CatalogEntry validation in controller

114c40d

1. Validate export references in entry spec
2. Aggregate PermissionClaims and API resources info from
referenced APIExport to entry status

Signed-off-by: Vu Dinh <vudinh@outlook.com>

dinhxuanvu force-pushed the hack/cotalog-controller branch from 0b17ed1 to a953022 Compare

November 11, 2022 01:13


          Add e2e test cases to test controller validation process

70824d8

Signed-off-by: Vu Dinh <vudinh@outlook.com>

dinhxuanvu force-pushed the hack/cotalog-controller branch from a953022 to 70824d8 Compare

November 11, 2022 20:52

varshaprasad96 and others added 2 commits

November 11, 2022 12:58


          fix syntax errors

2b7e9a8


          Fix e2e test cases

6e38f56

Signed-off-by: Vu Dinh <vudinh@outlook.com>

varshaprasad96 force-pushed the hack/cotalog-controller branch from 1f2341d to 6e38f56 Compare

November 12, 2022 07:22

varshaprasad96 and others added 7 commits

November 18, 2022 02:29


          Fix Makefile changes

964495e


          Fix Makefiles and few kcp resources files

35deac4

Signed-off-by: Vu Dinh <vudinh@outlook.com>


          Fix image-related issues on Makefile and deployment

1e73061

Signed-off-by: Vu Dinh <vudinh@outlook.com>


          Add permission model to apiexport

ad144e4


          Fix e2e test cases implementation details

8f8c76b

Signed-off-by: Vu Dinh <vudinh@outlook.com>


          Add log level for debugging

7e871ba

Signed-off-by: Vu Dinh <vudinh@outlook.com>


          Check if rbac is working

f11c245


          Fix resource crd issue

ae3b39e

Signed-off-by: Vu Dinh <vudinh@outlook.com>

ncdc suggested changes

View reviewed changes

controllers/catalogentry_controller.go

    
              	exportPermissionClaims := []apisv1alpha1.PermissionClaim{}

              	invalidExports := []string{}

              	for _, exportRef := range catalogEntry.Spec.Exports {

              		// TODO: verify if path contains the entire heirarchy or just the clusterName.

Member

ncdc Nov 30, 2022

Path should be the full hierachy/absolute path

controllers/catalogentry_controller.go

    
              		)

              		logger.V(2).Info("reconciling CatalogEntry")

              		export := apisv1alpha1.APIExport{}

              		err := r.Get(logicalcluster.WithCluster(ctx, logicalcluster.New(path)), types.NamespacedName{Name: name, Namespace: req.Namespace}, &export)

Member

ncdc Nov 30, 2022

Suggested change

      
            		err := r.Get(logicalcluster.WithCluster(ctx, logicalcluster.New(path)), types.NamespacedName{Name: name, Namespace: req.Namespace}, &export)
          
            		err := r.Get(logicalcluster.WithCluster(ctx, logicalcluster.New(path)), types.NamespacedName{Name: name}, &export)

Member

ncdc Nov 30, 2022

APIExports are cluster-scoped

controllers/catalogentry_controller.go

Comment on lines +113 to +115

    
              			// Error reading the object - requeue the request.

              			logger.Error(err, "failed to get resource")

              			continue

Member

ncdc Nov 30, 2022

This doesn't actually requeue like the comment says

controllers/catalogentry_controller.go

Comment on lines +139 to +145

    
              		cond := conditionsapi.Condition{

              			Type:               catalogv1alpha1.APIExportValidType,

              			Status:             corev1.ConditionTrue,

              			Severity:           conditionsapi.ConditionSeverityNone,

              			LastTransitionTime: metav1.Now(),

              		}

              		conditions.Set(catalogEntry, &cond)

Member

ncdc Nov 30, 2022

You should be able to use conditions.MarkTrue() here

controllers/catalogentry_controller.go

Comment on lines +147 to +155

    
              		message := fmt.Sprintf("invalid export(s): %s", strings.Join(invalidExports, " ,"))

              		invalidCond := conditionsapi.Condition{

              			Type:               catalogv1alpha1.APIExportValidType,

              			Status:             corev1.ConditionFalse,

              			Severity:           conditionsapi.ConditionSeverityError,

              			LastTransitionTime: metav1.Now(),

              			Message:            message,

              		}

              		conditions.Set(catalogEntry, &invalidCond)

Member

ncdc Nov 30, 2022

You should be able to use conditions.MarkFalse() here

test/e2e/controller_test.go

    
              		return nil, fmt.Errorf("could not create CatalogEntry %q|%q: %v", workspaceCluster, entryName, err)

              	}

              	t.Logf("waiting for CatalogEntry %q|%q to be found", workspaceCluster, entryName)

Member

ncdc Nov 30, 2022

Suggested change

      
            	t.Logf("waiting for CatalogEntry %q|%q to be found", workspaceCluster, entryName)
          
            	t.Logf("waiting for CatalogEntry %q|%q to have APIExportValid condition", workspaceCluster, entryName)

test/e2e/controller_test.go

    
              		}

              		return true, nil

              	}); err != nil {

              		return nil, fmt.Errorf("CatalogEntry %q|%q not found: %v", workspaceCluster, entryName, err)

Member

ncdc Nov 30, 2022

Suggested change

      
            		return nil, fmt.Errorf("CatalogEntry %q|%q not found: %v", workspaceCluster, entryName, err)
          
            		return nil, fmt.Errorf("error waiting for CatalogEntry %q|%q status: %v", workspaceCluster, entryName, err)

test/e2e/controller_test.go

    
              	t.Logf("waiting for CatalogEntry %q|%q to be found", workspaceCluster, entryName)

              	var catalogEntry catalogv1alpha1.CatalogEntry

              	if err := wait.PollImmediate(100*time.Millisecond, wait.ForeverTestTimeout, func() (done bool, err error) {

Member

ncdc Nov 30, 2022

I would move this into the Test() functions themselves

test/e2e/controller_test.go

    
              		if err != nil {

              			t.Fatalf("unable to create CatalogEntry: %v", err)

              		}

Member

ncdc Nov 30, 2022

Insert polling loop to get entry and expect conditions.IsTrue(entry, catalogv1alpha1.APIExportValidType)

test/e2e/controller_test.go

    
              		if err != nil {

              			t.Fatalf("catalogEntry %q failed to be reconciled in cluster %q: %v", entry.GetName(), workspaceCluster, err)

              		}

Member

ncdc Nov 30, 2022

Insert polling loop


          Fix path cannot be added error

83778de

varshaprasad96 mentioned this pull request

Add CLI command for binding a catalog entry to a workspace #6

Merged

Contributor

openshift-merge-robot commented Dec 10, 2022

@varshaprasad96: PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

openshift-merge-robot added the needs-rebase label

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels