Add webhookconfiguration options to tektonConfig additional options #2129
Conversation
tekton-robot
added
the
release-note
tekton-robot
added
the
needs-ok-to-test
|
Hi @jkhelil. Thanks for your PR. I'm waiting for a tektoncd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
tekton-robot
added
the
size/L
|
/ok-to-test |
tekton-robot
added
ok-to-test
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
docs/TektonPipeline.md
Outdated
| * `deployments` - additional deployments to be created by the operator | ||
| * `statefulsets` - additional statefulsets to be created by the operator | ||
| * `horizontalPodAutoscalers` - additional horizontalPodAutoscalers to be created by the operator | ||
| * `webhookConfigurationOptions` - additional options for pipelines webooks, To get detailed information about webhooks options visit https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/ |
There was a problem hiding this comment.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jkandasa The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
tekton-robot
added
the
approved
jkhelil
force-pushed
the
SRVKP-4442
branch
2 times, most recently
from
1f29b82 to
8c8cb88
Compare
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
docs/TektonConfig.md
Outdated
| @@ -650,3 +655,12 @@ The following fields are supported in `HorizontalPodAutoscaler` (aka HPA) | |||
| [schedule]:https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax | |||
| [priorityClassName]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#pod-priority | |||
| [priorityClass]: https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/#priorityclass | |||
|
|
|||
| ### webhookConfigurationOptions | |||
There was a problem hiding this comment.
Please use 4 number of ####, so that webhookConfigurationOptions should comes under Options header
Header can be webhookConfigurationOptions => Webhook Configuration Options
There was a problem hiding this comment.
also, this needs to be moved little above the links
docs/TektonPipeline.md
Outdated
| validation.webhook.pipeline.tekton.dev: | ||
| failurePolicy: "Ignore" | ||
| timeoutSeconds: 20 | ||
| SideEffects: None |
There was a problem hiding this comment.
please remove the changes from TektonPipeline.md
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
|
@piyush-garg @savitaashture can you have a fresh look please ? |
| @@ -115,6 +115,8 @@ func (tc *TektonConfig) Validate(ctx context.Context) (errs *apis.FieldError) { | |||
|
|
|||
| errs = errs.Also(tc.Spec.Pipeline.PipelineProperties.validate("spec.pipeline")) | |||
|
|
|||
| errs = errs.Also(tc.Spec.Pipeline.Options.validate("spec.pipeline.options")) | |||
There was a problem hiding this comment.
we should be doing here the config options one, and for others we should in respective valdations. I think we should validate this for all components
docs/TektonConfig.md
Outdated
| @@ -655,6 +664,14 @@ The following fields are supported in `HorizontalPodAutoscaler` (aka HPA) | |||
|
|
|||
| **NOTE**: If a Deployment or StatefulSet has a Horizontal Pod Autoscaling (HPA) and is in active state, Operator will not control the replicas to that resource. However if `status.desiredReplicas` and `spec.minReplicas` not present in HPA, operator takes the control. Also if HPA disabled, operator takes control. Even though the operator takes the control, the replicas value will be adjusted to the hpa's scaling range. | |||
|
|
|||
| #### webhookConfigurationOptions | |||
| Defines additional options for each webhooks. Use webhook name as a key to define options for a webhook. To get detailed information about webhooks options visit https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/ | |||
There was a problem hiding this comment.
we should add a note for if the webhook does not exist we that name, the configuration will be ignored
|
The following is the coverage report on the affected files.
|
|
@savitaashture @piyush-garg @jkandasa |
jkhelil
force-pushed
the
SRVKP-4442
branch
2 times, most recently
from
1f934c0 to
7fc18d5
Compare
|
The following is the coverage report on the affected files.
|
|
The following is the coverage report on the affected files.
|
docs/TektonConfig.md
Outdated
| the following options are supported for webhookConfigurationOptions | ||
| * `failurePolicy` - defines how unrecognized errors and timeout errors from the admission webhook are handled. Allowed values are `Ignore` or `Fail` | ||
| * `timeoutSeconds` - allows configuring how long the API server should wait for a webhook to respond before treating the call as a failure. | ||
| * `sideEffects` - indicates whether the webhook have a side effet. Allowed values are `None`, `NoneOnDryRun`, `Unknown`, or 'Some' |
There was a problem hiding this comment.
@jkhelil i see the valid values for sideEffects are None and NoneOnDryRun based on the official k8s doc https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#side-effects
Can you please recheck for Unknown, or 'Some'
There was a problem hiding this comment.
I see all the 4 values here https://github.com/kubernetes/api/blob/master/admissionregistration/v1beta1/types.go#L74-L87 but not sure why k8s doc did not list this 🤔
There was a problem hiding this comment.
I have picked the values from the code https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/admissionregistration/types.go#L122
and the values seems very old, so I am thinking the doc is not up to date
|
The following is the coverage report on the affected files.
|
|
LGTM Thank you @jkhelil |
|
The following is the coverage report on the affected files.
|
| errs = errs.Also(tc.Spec.Hub.Options.validate("spec.hub.options")) | ||
| errs = errs.Also(tc.Spec.Dashboard.Options.validate("spec.dashboard.options")) | ||
| errs = errs.Also(tc.Spec.Chain.Options.validate("spec.chain.options")) | ||
| errs = errs.Also(tc.Spec.Trigger.Options.validate("spec.trigger.options")) |
There was a problem hiding this comment.
dont we need to have one for config like errs = errs.Also(tc.Spec.Options.validate("spec.options"))
There was a problem hiding this comment.
@piyush-garg TektonConfigSpec struct doestnt have Options
|
/lgtm |
|
/retest |
Changes
Adds webhook configuration options(FailurePolicy, TimeoutSeconds, SideEffects) to tektonConfig additional options
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
make test lintbefore submitting a PRSee the contribution guide for more details.
Release Notes