KEP-3895: kubectl delete: Add interactive(-i) flag #3896
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-ci-robot
added
the
kind/kep
k8s-ci-robot
added
sig/cli
|
/cc @KnVerey @eddiezane |
|
/label tide/merge-method-squash |
k8s-ci-robot
added
the
tide/merge-method-squash
|
@soltysh @atiratree could you PTAL?. Thanks. |
| In order to overcome this limitation, this feature will use separate builder to show resources as preview. Current builder | ||
| will continue being used as deletion traverse, other builder will be used for preview. Builders must match in terms of | ||
| configurations to prevent such discrepancies and required tests will be added to assure that configurations are same or not. | ||
| Moreover, deletion will only be performed to the resources whose `uidMap` match the ones in the preview list. |
There was a problem hiding this comment.
| Moreover, deletion will only be performed to the resources whose `uidMap` match the ones in the preview list. | |
| Moreover, deletion will only be performed on the resources whose `.metadata.uid` match the ones gathered in the preview list, to ensure we remove only the resources a user explicitly agreed to. |
There was a problem hiding this comment.
Does this need a stronger guarantee like RV based matching?
There was a problem hiding this comment.
Thanks for review @enj.
We need to not delete the resources whose are not in the preview list(especially the cases where user types y after a couple of hours and preview list becomes stale most likely). And uid based check allows us to do it and this looks sufficient for our aim(Since kubectl delete does not know resource versions of resources, that might complicate the issue).
| --> | ||
| Only standard input via terminal will be supported because main motivation of this flag | ||
| is to provide a way to users. That would be a risk if there is exceptional inputs whose are available | ||
| for users that we can not handle. |
There was a problem hiding this comment.
I'd propose stating this something like:
This mechanism will apply only to client-side operation (kubectl delete) and as mentioned in non-goals section is not meant to solve server-side protection, which can be addressed using custom ValidatingAdmissionWebhook, for example.
k8s-ci-robot
added
the
lgtm
|
/assign @johnbelamaric |
| In order to overcome this limitation, this feature will use separate builder to show resources as preview. Current builder | ||
| will continue being used as deletion traverse, other builder will be used for preview. Builders must match in terms of | ||
| configurations to prevent such discrepancies and required tests will be added to assure that configurations are same or not. | ||
| Moreover, deletion will only be performed to the resources whose `uidMap` match the ones in the preview list. |
There was a problem hiding this comment.
Does this need a stronger guarantee like RV based matching?
| --> | ||
| - In terms of backwards compatibility, this flag's default will always be false. | ||
| - If user cancels deletion, exit code will be 0. | ||
| - This flag will not be used with `--raw` flag. |
There was a problem hiding this comment.
How does this change behave in regards to label based deletion, especially if the set of objects matched by the label changes?
There was a problem hiding this comment.
This problem is also true for default delete behavior(although agree that this is much more visible with this interactivity flag). We'll delete the resources whose are listed as preview and user confirms. If set of objects belonging to the some label is changed, user should execute kubectl delete again.
There was a problem hiding this comment.
Include the intended behavior in the KEP.
There was a problem hiding this comment.
Updated. Does it make sense?. Thanks.
| You can take a look at one potential example of such test in: | ||
| https://github.com/kubernetes/kubernetes/pull/97058/files#diff-7826f7adbc1996a05ab52e3f5f02429e94b68ce6bce0dc534d1be636154fded3R246-R282 | ||
| --> | ||
| No, users can only use this feature via enabling environment variable. |
There was a problem hiding this comment.
You need a test (likely an e2e) that shows that you cannot use the feature when the env var is not set.
There was a problem hiding this comment.
That is a good point and I'll add a test case for this. Do you want me to update also the KEP by mentioning this?
k8s-ci-robot
removed
the
lgtm
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ardaguclu, johnbelamaric, soltysh The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/lgtm |
k8s-ci-robot
added
the
lgtm
One-line PR description: Add interactive(-i) flag to kubectl delete command that will ask confirmation to user to proceed
Issue link: kubectl delete: Add interactive(-i) flag #3895
Other comments: kubectl delete: Introduce new interactive flag for interactive deletion kubernetes#114530