Skip to content

Commit

Permalink
Wire in field dropping for CRDs
Browse files Browse the repository at this point in the history 
Kubernetes-commit: ce513803ca9f367b8a4cc10590e70ec785d487f7
  • Loading branch information
@jpbetz @k8s-publishing-bot
jpbetz authored and k8s-publishing-bot committed Dec 15, 2023
1 parent 249827f commit 2d320bc
Show file tree
Hide file tree
Showing 2 changed files with 87 additions and 0 deletions.
2 changes: 2 additions & 0 deletions pkg/registry/customresourcedefinition/strategy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,7 @@ func (strategy) PrepareForCreate(ctx context.Context, obj runtime.Object) {
break
}
}
dropDisabledFields(crd, nil)
}

// PrepareForUpdate clears fields that are not allowed to be set by end users on update.
Expand Down Expand Up @@ -108,6 +109,7 @@ func (strategy) PrepareForUpdate(ctx context.Context, obj, old runtime.Object) {
break
}
}
dropDisabledFields(newCRD, oldCRD)
}

// Validate validates a new CustomResourceDefinition.
Expand Down
85 changes: 85 additions & 0 deletions test/integration/ratcheting_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (
"time"

jsonpatch "github.com/evanphx/json-patch"

apiextensionsinternal "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions"
apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
structuralschema "k8s.io/apiextensions-apiserver/pkg/apiserver/schema"
Expand Down Expand Up @@ -1949,3 +1950,87 @@ func BenchmarkRatcheting(b *testing.B) {
})
}
}

func TestRatchetingDropFields(t *testing.T) {
tearDown, apiExtensionClient, _, err := fixtures.StartDefaultServerWithClients(t)
if err != nil {
t.Fatal(err)
}
defer tearDown()

group := myCRDV1Beta1.Group
version := myCRDV1Beta1.Version
resource := myCRDV1Beta1.Resource
kind := fakeRESTMapper[myCRDV1Beta1]

myCRD := &apiextensionsv1.CustomResourceDefinition{
ObjectMeta: metav1.ObjectMeta{Name: resource + "." + group},
Spec: apiextensionsv1.CustomResourceDefinitionSpec{
Group: group,
Versions: []apiextensionsv1.CustomResourceDefinitionVersion{{
Name: version,
Served: true,
Storage: true,
Schema: &apiextensionsv1.CustomResourceValidation{
OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
Type: "object",
Properties: map[string]apiextensionsv1.JSONSchemaProps{
"spec": {
Type: "object",
Properties: map[string]apiextensionsv1.JSONSchemaProps{
"field": {
Type: "string",
XValidations: []apiextensionsv1.ValidationRule{
{
Rule: "self == oldSelf",
OptionalOldSelf: ptr(true),
},
},
},
},
},
},
},
},
}},
Names: apiextensionsv1.CustomResourceDefinitionNames{
Plural: resource,
Kind: kind,
ListKind: kind + "List",
},
Scope: apiextensionsv1.NamespaceScoped,
},
}

created, err := apiExtensionClient.ApiextensionsV1().CustomResourceDefinitions().Create(context.TODO(), myCRD, metav1.CreateOptions{})
if err != nil {
t.Fatal(err)
}
if created.Spec.Versions[0].Schema.OpenAPIV3Schema.Properties["spec"].Properties["field"].XValidations[0].OptionalOldSelf != nil {
t.Errorf("Expected OpeiontalOldSelf field to be dropped for create when feature gate is disabled")
}

var updated *apiextensionsv1.CustomResourceDefinition
err = wait.PollUntilContextTimeout(context.TODO(), 100*time.Millisecond, 5*time.Second, true, func(ctx context.Context) (bool, error) {
existing, err := apiExtensionClient.ApiextensionsV1().CustomResourceDefinitions().Get(context.TODO(), created.Name, metav1.GetOptions{})
if err != nil {
return false, err
}
existing.Spec.Versions[0].Schema.OpenAPIV3Schema.Properties["spec"].Properties["field"].XValidations[0].OptionalOldSelf = ptr(true)
updated, err = apiExtensionClient.ApiextensionsV1().CustomResourceDefinitions().Update(context.TODO(), existing, metav1.UpdateOptions{})
if err != nil {
if apierrors.IsConflict(err) {
return false, nil
}
return false, err
}
return true, nil
})
if err != nil {
t.Fatalf("unexpected error waiting for CRD update: %v", err)
}

if updated.Spec.Versions[0].Schema.OpenAPIV3Schema.Properties["spec"].Properties["field"].XValidations[0].OptionalOldSelf != nil {
t.Errorf("Expected OpeiontalOldSelf field to be dropped for update when feature gate is disabled")
}
}

0 comments on commit 2d320bc

Please sign in to comment.