select an RBAC version for kubefed it knows how to speak #50537
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-github-robot
added
the
size/S
liggitt
added
kind/failing-test
k8s-github-robot
added
size/M
|
Thanks! To clarify the clientset that kubefed is using needs to know about these versions (for ex: be able to convert internal Role struct to v1.Role struct). kubefed does not have any version specific logic, right? |
| @@ -285,27 +288,47 @@ func getRBACVersion(discoveryclient discovery.CachedDiscoveryInterface) (*schema | |||
| return nil, fmt.Errorf("Couldn't get clientset to create RBAC roles in the host cluster: %v", err) | |||
| } | |||
|
|
|||
| // These are the RBAC versions we can speak | |||
| knownVersions := map[schema.GroupVersion]bool{ | |||
There was a problem hiding this comment.
This is a generic problem we need to solve for all API resources that kubefed creates.
Filed #50540
There was a problem hiding this comment.
do you do discovery the same way for other resources, and work with internal versions and expect to be able to convert to the server's preferred version?
There was a problem hiding this comment.
I don't think we try to discover group versions for other resources. However, we do work with internal versions the same way, but that doesn't qualify to this list I guess.
There was a problem hiding this comment.
So at other places, we assume that the server supports a specific version (like extensions/v1beta1.Deployments?). Why not do the same here?
Whenever we will add a new version, we will likely miss adding it here anyways.
There was a problem hiding this comment.
Probably because kubefed tried to support clusters with only alpha or only beta RBAC. I'm not opposed to fixing the version to v1beta1 for now, and moving to v1 later when v1beta1 is deprecated, though I'd keep this PR and the associated pick small, then change approaches going forward in 1.8
There was a problem hiding this comment.
Doing it as a follow up sgtm
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: liggitt, nikhiljindal Associated issue: 50534 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-github-robot
added
approved
Exactly, it's all about the conversion. Your choices are either to work with external versions (like kubectl does when it just passes through a manifest given to it with |
liggitt
added
release-note
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
@liggitt: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
Unrelated unit test failure. /retest |
|
Automatic merge from submit-queue (batch tested with PRs 50537, 49699, 50160, 49025, 50205) |
wojtek-t
added
the
cherry-pick-approved
|
Commit found in the "release-1.7" branch appears to be this PR. Removing the "cherrypick-candidate" label. If this is an error find help to get your PR picked. |
kubefed tries to speak whatever version of RBAC the server has, regardless of whether it knows about that version or not. the version discovery it does has to select a version both it and the server speak.
related to #50534