Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vpa and vpacheckpoint CRDs have KubernetesAPIApprovalPolicyConformant condition from MissingAnnotation #3069

Closed
joelsmith opened this issue Apr 20, 2020 · 3 comments · Fixed by #3080
Closed

vpa and vpacheckpoint CRDs have KubernetesAPIApprovalPolicyConformant condition from MissingAnnotation #3069

joelsmith opened this issue Apr 20, 2020 · 3 comments · Fixed by #3080
Assignees
@bskiba
Labels
area/vertical-pod-autoscaler

Comments

@joelsmith
Copy link
Contributor

The CRDs for vpa and vpacheckpoint are missing annotations referring to their API review, which is causing the CRDs to have the condition KubernetesAPIApprovalPolicyConformant set to false with a reason of MissingAnnotation.

$ kubectl get crd verticalpodautoscalers.autoscaling.k8s.io -o yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  ..............8<...snip...8<........................
spec:
  ..............8<...snip...8<........................
status:
  acceptedNames:
    ..............8<...snip...8<........................
  conditions:
  - lastTransitionTime: "2020-04-16T06:49:00Z"
    message: protected groups must have approval annotation "api-approved.kubernetes.io",
      see https://github.com/kubernetes/enhancements/pull/1111
    reason: MissingAnnotation
    status: "False"
    type: KubernetesAPIApprovalPolicyConformant

You'll get similar output from kubectl get crd verticalpodautoscalercheckpoints.autoscaling.k8s.io

According to https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20190612-crd-group-protection.md (which was created by the kubernetes/enhancements#1111 PR referenced in the condition) an API review is required for these CRDs.

I spoke with @deads2k who said that if we have already done an API review, we just need to add the annotation to the CRD metadata with a link to the PR where the review was performed, but if we haven't, the API would need to get an API review and approval from the API team. Another option is to move the CRDs to groups to x-8s.io.
@joelsmith
Copy link
Contributor Author

/assign @bskiba

@bskiba
Copy link
Member

bskiba commented Apr 22, 2020
edited
Loading

Thanks Joel
FTR - I think currently you can use following annotation to suppress the warning.

 annotations:
    "api-approved.kubernetes.io": "unapproved.*"

I will proceed on getting the approval, since we have performed review of this API quite some time ago.

@bskiba
Copy link
Member

bskiba commented Apr 22, 2020

The relevant pr with API review is here: kubernetes/kubernetes#63797
There was also extensive discussion on the initial design proposal: kubernetes/community#338

@bskiba bskiba mentioned this issue Apr 22, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bskiba bskiba

Labels
area/vertical-pod-autoscaler
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add api-approved label to the Vertical Pod Autoscaler API bskiba/autoscaler
2 participants
@joelsmith @bskiba