Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

App CR should require one of serviceAccountName or cluster. #598

Open
GrahamDumpleton opened this issue Apr 4, 2022 · 4 comments · May be fixed by #1382
Open

App CR should require one of serviceAccountName or cluster. #598

GrahamDumpleton opened this issue Apr 4, 2022 · 4 comments · May be fixed by #1382
Labels
carvel-accepted This issue should be considered for future work and that the triage process has been completed enhancement This issue is a feature request good first issue An issue that will be a good candidate for a new contributor priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.

Comments

@GrahamDumpleton
Copy link

Describe the problem/challenge you have

Both serviceAccountName and cluster properties of the App CR are marked as optional. Anyone not understanding that one or the other is required may not even add either. When neither is added, then the App CR is still accepted and you end up with an error which you have to look in the App CR status of:

  status:
    conditions:
    - message: 'Preparing kapp: Expected service account or cluster specified'
      status: "True"
      type: ReconcileFailed

Further, when trying to delete the App in this situation it fails with it eventually exiting with the error:

kapp: Error: waiting on reconcile app/educates-training-platform (kappctrl.k14s.io/v1alpha1) namespace: default:
  Finished unsuccessfully (Reconcile failed:  (message: Preparing kapp: Expected service account or cluster specified))

resulting in you needing to manually delete the finalizer from the App resource.

The latter problem relates to issue #416.

Describe the solution you'd like

The CR definition should enforce that one or the other of serviceAccountName and cluster is required so that attempting to create an App CR with neither is rejected immediately.

My understanding is that this can be achieved in the CR schema by using:

anyOf:
- required:
  - serviceAccountName
- required:
  - cluster

Anything else you would like to add:

Having to look into the status of the App CR is non obvious so anything that avoids getting into that situation in the first place is a bonus. So failing early at the point of creating the App is better.

Vote on this request

This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.

👍 "I would like to see this addressed as soon as possible"
👎 "There are other more important things to focus on right now"

We are also happy to receive and review Pull Requests if you want to help working on this issue.
@GrahamDumpleton GrahamDumpleton added carvel-triage This issue has not yet been reviewed for validity enhancement This issue is a feature request labels Apr 4, 2022
@joe-kimmel-vmw joe-kimmel-vmw added priority/important-soon Must be staffed and worked on currently or soon. and removed carvel-triage This issue has not yet been reviewed for validity labels Apr 5, 2022
@cppforlife cppforlife added good first issue An issue that will be a good candidate for a new contributor priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete. and removed priority/important-soon Must be staffed and worked on currently or soon. labels Apr 6, 2022
@hemakshis
Copy link

Hi team, I would like to take up this issue.

@neil-hickey
Copy link
Contributor

hi @hemakshis ! Thanks for showing interest in taking this on.

This might be a helpful start:

https://github.com/vmware-tanzu/carvel-kapp-controller/blob/develop/pkg/apis/kappctrl/v1alpha1/types.go#L51-L55

  1. We use https://github.com/kubernetes-sigs/controller-tools to generate our crds, the script we use can be found here - https://github.com/vmware-tanzu/carvel-kapp-controller/blob/develop/hack/gen-crds.sh
  2. This uses kubebuilder underneath as a way to specify constraints (such as optional, nullable, int max etc ) on the structure of our custom resources.

Let us know how we can support you! You might also find our dev docs a good place to start on just getting this up and running.

@aaronshurley aaronshurley moved this to To Triage in Carvel Aug 18, 2022
@github-project-automation github-project-automation bot moved this to To Triage in Carvel Feb 14, 2023
@neil-hickey neil-hickey added the carvel-accepted This issue should be considered for future work and that the triage process has been completed label Feb 22, 2023
@neil-hickey neil-hickey moved this from To Triage to Unprioritized in Carvel Feb 22, 2023
@sarthaksarthak9
Copy link

@GrahamDumpleton could you pls provide the file where I need to commit changes

@GrahamDumpleton
Copy link
Author

@sarthaksarthak9 I have no idea as I don't know how kubebuilder is configured to specify such a constraint.

@GrahamDumpleton GrahamDumpleton mentioned this issue Nov 7, 2023
Open
@praveenrewar praveenrewar linked a pull request Nov 24, 2023 that will close this issue
[Add] CEL rule for validating App and PackageInstall Spec #1382
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
carvel-accepted This issue should be considered for future work and that the triage process has been completed enhancement This issue is a feature request good first issue An issue that will be a good candidate for a new contributor priority/important-longterm Important over the long term, but may not be staffed and/or may need multiple releases to complete.
Projects
Carvel
Status: Unprioritized
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Add] CEL rule for validating App and PackageInstall Spec varshaprasad96/kapp-controller
6 participants
@cppforlife @GrahamDumpleton @neil-hickey @hemakshis @joe-kimmel-vmw @sarthaksarthak9