Move patchMerge tag locations (from key to slice) #46547
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
aaronlevy
changed the title
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: aaronlevy Assign the PR to them by writing
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
kind/api-change
|
@aaronlevy: The following test(s) failed:
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
k8s-github-robot
added
the
needs-rebase
|
@aaronlevy PR needs rebase |
|
Can you please add regression tests? |
|
@kubernetes/sig-api-machinery-pr-reviews |
k8s-ci-robot
added
the
sig/api-machinery
|
@sttts you've been in the generators recently. Just a bug before? |
|
@deads2k that's not even generation, isn't it? examples/deepcopy-gen/vendor/k8s.io/apimachinery/third_party/forked/golang/json/fields.go reads the tags. |
|
Openapi-gen (now in another repo) references those tags: https://github.com/kubernetes/kube-openapi/search?utf8=%E2%9C%93&q=merge&type= |
|
/cc @mbohlool can you comment here? |
|
This is the content of the API which is not really controlled by api-machinery and OpenAPI generator. The generator uses those comment tags (that should be in sync with struct tags) to generate OpenAPI extensions (and I guess kubectl consume those extensions). As long as you move both struct and comment tag to the correct field, it should be fine. @mengqiy should be able to comment on kubectl usage of those extensions. |
| MatchExpressions []NodeSelectorRequirement `json:"matchExpressions" protobuf:"bytes,1,rep,name=matchExpressions"` | ||
| // +patchMergeKey=key | ||
| // +patchStrategy=merge | ||
| MatchExpressions []NodeSelectorRequirement `json:"matchExpressions" patchStrategy:"merge" patchMergeKey:"key" protobuf:"bytes,1,rep,name=matchExpressions"` |
There was a problem hiding this comment.
has this field shipped in a previous release this way? if so, clients are computing patches without a merge strategy (meaning they expect the server to replace the contents of the slice with whatever is given), and servers are applying patches without a merge strategy
a new client with this merge strategy would compute a patch that would only send a changed item to the server. if that patch were sent to an old server, the old server would replace the entire slice with the patch content (e.g. drop all the unchanged items)
an old client without this merge strategy would send the full contents of the slice if any item changed, not compute removals. if that patch were sent to a new server, the new server would merge in the items in the slice to the existing slice (e.g. make it impossible for an old client to remove items from the slice by patching).
There was a problem hiding this comment.
@liggitt I agree that the behavior with skewed versions would be as you describe (I didn't check when this code went in, but it's definitely shipped).
On the other hand, client's expectations (based on the misplaced annotations) is that it should perform merges based on those keys. So I suppose the question is whether we would be willing to tolerate different (and admittedly slightly worse) broken behavior when using skewed clients/servers in exchange for fixing the behavior to match expectations.
Otherwise I think this is going to be broken forever and the correct fix is to just remove the misplaced annotations so that it doesn't confuse people.
cc @aaronlevy
There was a problem hiding this comment.
I agree the misleading annotations should be removed.
There was a problem hiding this comment.
We need some way to change and make our API correct without cycling the version of everything that has a PodSpec in it.
One way of doing this is to have the client send the merge key and strategy that it actually used to calculate the patch as part of the patch itself. The server would also send the recommended merge keys / strategies to the client as part of the open API before the client calculates the patch.
This would require supporting 2 versions of the strategy / key
- "static / implicit" (will never change and even if it doesn't do the right thing)
- "dynamic / explicit" (explicitly communicated by the patch author and recommended by the server)
New clients:
- Fetch merge strategy / key obtained from open API
- Already exists, but need to come up with way to make this deviate from the static tags
- Calculate patch request using this strategy / key
- In progress, hopefully 1.9
- Include strategy / key in the patch request
- Server applies patch using the provided strategy / key
Old clients:
- Use merge strategy / key obtained from tribal knowledge
- Calculate patch request using this strategy / key
- Don't include information about what the strategy / key is in the patch
- Server applies patch using implicit legacy key
There was a problem hiding this comment.
I have an open proposal kubernetes/community#476 that has been summarized above,
trying to solve this issue without breaking backward compatibility.
There was a problem hiding this comment.
@pwittrock @mengqiy @liggitt That sounds like an interesting (and big) change. For the sake of this issue (which I've taken over in #50257) should we just remove the offending directives? Or should we keep these "wrong" ones in forever... (they have no effect and are therefore misleading to users)
There was a problem hiding this comment.
Removing the offending tags should have no effects. I'm OK to remove them.
There was a problem hiding this comment.
I agree. Deciding whether and how to actually set those fields to use a merge strategy can be decided separately.
There was a problem hiding this comment.
SG, updated #50257 to only remove the bad labels.
Directives were misplaced for the following types: - MatchExpressions - Taints - Tolerations Per the discussion in kubernetes#46547, we cannot fix these because it would cause backwards-compatibility problems. Instead, remove the incorrect ones so they don't mislead users. This has no impact on behavior.
Automatic merge from submit-queue (batch tested with PRs 50257, 50247, 50665, 50554, 51077) Remove incorrect patch-merge directives. **What this PR does / why we need it**: Directives were misplaced for the following types: - MatchExpressions - Taints - Tolerations Per the discussion in #46547, we cannot fix these because it would cause backwards-compatibility problems. Instead, remove the incorrect ones so they don't mislead users. This has no impact on behavior. **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # **Special notes for your reviewer**: Takes over from #46547 by @aaronlevy **Release note**: ```release-note NONE ```
|
Adding do-not-merge/release-note-label-needed because the release note process has not been followed. |
k8s-github-robot
added
the
do-not-merge/release-note-label-needed
|
Any reason to keep this open for discussion sake, or should I go ahead and close? |
|
This PR hasn't been active in 60 days. It will be closed in 29 days (Dec 17, 2017). cc @aaronlevy @sttts You can add 'keep-open' label to prevent this from happening, or add a comment to keep it open another 90 days |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
lifecycle/rotten
|
/close |
What this PR does / why we need it:
It looks like for a few api types the patchMerge tags were placed on the "key" of the object, rather than on slices of that object (like most other patchMerge tags). I would expect that the patchMergeKey and patchMergeStrategy would be set for the slice, rather than directly on the object key.
This was surfaced by some (brief) tests trying to merge tolerations via
kubectl apply. I was expecting new/existing tolerations to be merged, but instead the existing tolerations were being replaced.I might be misunderstanding the intention here, but when I looked into the object definitions, I was expecting to see the merge tags on the slices themselves (e.g. podSpec
[]Toleration)