Remove crd conversion webhook #5065
Conversation
nshankar13
requested review from
shashankram,
snehachhabria,
nojnhuh,
draychev,
jaellio,
trstringer,
keithmattix and
steeling
as code owners
| if err := crdconversion.NewConversionWebhook(ctx, crdClient, certManager, osmNamespace); err != nil { | ||
| events.GenericEventRecorder().FatalEvent(err, events.InitializationError, fmt.Sprintf("Error creating crd conversion webhook: %s", err)) | ||
| } | ||
|
|
||
| version.SetMetric() |
There was a problem hiding this comment.
Can you remove the reconciler as well?
There was a problem hiding this comment.
@steeling looks like we also add the reconcile label to the mutatingwebhook and validatingwebhook, should we handle the reconciler removal in a follow up PR? Or will removing the conversionwebhook while keeping the reconciler introduce bugs?
There was a problem hiding this comment.
we should delete it for all. it's broken on upgrades in that an old reconciler will stomp over any changes we try to make
shashankram
added
the
do-not-merge/hold
There was a problem hiding this comment.
Thanks for working on a fix for the upgrade issue.
I want to ensure we address a couple of things before we make a decision on completely removing the CRD conversion framework.
- Does this actually fix the bug. If yes, kindly provide a repro for the issue and add a e2e test to prove this is the correct fix.
- Have a proposal on how CRD schema changes are to be handled. Completely removing this will only push this problem down the road for someone else that needs to update the CRD schema to worry about. I don't believe this is the correct approach to solving this problem.
- Instead of deleting the framework, add a feature flag to optionally turn it on, as it may be desirable to re-integrate this in the future. We do not know of how we can seamlessly handle CRD conversions when the API schema changes, so I am uncomfortable trading 1 bug fix without a concrete proposal to address future needs, which will arise.
Overall, I'd like to be more cautious on making such changes without a definitive way to repro and verify the fix while addressing future extensibility.
I have a repro for this, happy to demo it, although adding a test for this would be difficult (but not impossible). I think we should move forward with the fix now, and can circle back to an E2E test in the future. For those wondering the steps are simple:
There's a proposal here with the full description
I disagree with adding a feature flag for this. Version control makes it trivial to bring it back if we desire, by simply reverting this PR. In the proposal I demonstrate how and why we won't need a conversion webhook, and that there are a lot of (unsafe) misconceptions about how the webhook works.
|
@steeling Thanks for sharing your proposal, looking at it now. Also please share a repro script and link it to the bug if possible. |
shashankram
dismissed
their stale review
Unblocking this based on offline discussions.
nshankar13
force-pushed
the
remove_conversion_webhook
branch
5 times, most recently
from
9f4c9ea to
9e4ab55
Compare
Codecov Report
@@ Coverage Diff @@
## main #5065 +/- ##
==========================================
+ Coverage 68.83% 69.00% +0.16%
==========================================
Files 214 204 -10
Lines 16025 15745 -280
==========================================
- Hits 11031 10865 -166
+ Misses 4934 4821 -113
+ Partials 60 59 -1
Flags with carried forward coverage won't be shown. Click here to find out more.
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
nshankar13
force-pushed
the
remove_conversion_webhook
branch
from
9e4ab55 to
278514c
Compare
nshankar13
force-pushed
the
remove_conversion_webhook
branch
from
278514c to
37c6c3a
Compare
nshankar13
force-pushed
the
remove_conversion_webhook
branch
2 times, most recently
from
30c9774 to
8b06752
Compare
Signed-off-by: nshankar13 <[email protected]>
nshankar13
force-pushed
the
remove_conversion_webhook
branch
from
8b06752 to
c5ea9ed
Compare
Remove crd conversion webhook (openservicemesh#5065) Signed-off-by: nshankar13 <[email protected]>
Remove crd conversion webhook (openservicemesh#5065) Signed-off-by: nshankar13 <[email protected]> Add health handler Signed-off-by: nshankar13 <[email protected]>
Remove crd conversion webhook (openservicemesh#5065) Signed-off-by: nshankar13 <[email protected]> Add health handler Signed-off-by: nshankar13 <[email protected]>
* [backport] cherry-pick 68e99eb to release-v1.1 Remove crd conversion webhook (#5065) Signed-off-by: nshankar13 <[email protected]> Add health handler Signed-off-by: nshankar13 <[email protected]> * health handler Signed-off-by: nshankar13 <[email protected]> * pin linter to v1.46.0 Signed-off-by: nshankar13 <[email protected]> Signed-off-by: nshankar13 <[email protected]>
Signed-off-by: James Sturtevant <[email protected]>
Signed-off-by: James Sturtevant <[email protected]>
Signed-off-by: James Sturtevant <[email protected]>
Signed-off-by: nshankar13 [email protected]
Description: Resolves issue: #4967
As discussed in the issue, the crd conversion webhook currently does not act differently than how k8s would update CRDs with the conversion strategy set to
None. Typically, the conversionwebhook is necessary for schema changes between CRDs on upgrades (for instance, if the fieldfoowas renamed to the fieldbar). However, we can handle these scenarios separately down the road if the need arises.Testing done: Tested upgrading from v1.0.0 to a v1.2.1-test version built from this branch and the upgrades succeeded.
OSM successfully upgraded mesh [osm] in namespace [osm-system]Affected area:
Please answer the following questions with yes/no.
Does this change contain code from or inspired by another project?
Is this a breaking change?
Has documentation corresponding to this change been updated in the osm-docs repo (if applicable)?