From 5afff0a5134a420a9ce02825f26b556ce3070af4 Mon Sep 17 00:00:00 2001 From: Caleb Schoepp Date: Tue, 5 Nov 2024 11:18:29 -0700 Subject: [PATCH] WIP: Attempting to fix main Signed-off-by: Caleb Schoepp --- .../crd/bases/core.spinkube.dev_spinapps.yaml | 54 +++++++++++++++++-- .../controller/spinapp_controller_test.go | 7 ++- .../spinappexecutor_controller_test.go | 7 ++- 3 files changed, 62 insertions(+), 6 deletions(-) diff --git a/config/crd/bases/core.spinkube.dev_spinapps.yaml b/config/crd/bases/core.spinkube.dev_spinapps.yaml index 82215fa..5f74967 100644 --- a/config/crd/bases/core.spinkube.dev_spinapps.yaml +++ b/config/crd/bases/core.spinkube.dev_spinapps.yaml @@ -770,6 +770,7 @@ spec: storage type: string fsType: + default: ext4 description: |- fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -782,6 +783,7 @@ spec: disk (only in managed availability set). defaults to shared' type: string readOnly: + default: false description: |- readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. @@ -1384,7 +1386,7 @@ spec: set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default). type: string volumeMode: description: |- @@ -1607,6 +1609,41 @@ spec: required: - path type: object + image: + description: |- + image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. + The volume is resolved at pod startup depending on which PullPolicy value is provided: + + - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + + The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. + A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. + The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. + The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. + The volume will be mounted read-only (ro) and non-executable files (noexec). + Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). + The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. + properties: + pullPolicy: + description: |- + Policy for pulling OCI objects. Possible values are: + Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. + Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. + IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. + Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. + type: string + reference: + description: |- + Required: Image or artifact reference to be used. + Behaves in the same way as pod.spec.containers[*].image. + Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. + More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management to default or override + container images in workload controllers like Deployments and StatefulSets. + type: string + type: object iscsi: description: |- iscsi represents an ISCSI Disk resource that is attached to a @@ -1638,6 +1675,7 @@ spec: description: iqn is the target iSCSI Qualified Name. type: string iscsiInterface: + default: default description: |- iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp). @@ -1787,10 +1825,13 @@ spec: format: int32 type: integer sources: - description: sources is the list of volume projections + description: |- + sources is the list of volume projections. Each entry in this list + handles one source. items: - description: Projection that may be projected along with - other supported volume types + description: |- + Projection that may be projected along with other supported volume types. + Exactly one of these fields must be set. properties: clusterTrustBundle: description: |- @@ -2170,6 +2211,7 @@ spec: More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: + default: /etc/ceph/keyring description: |- keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. @@ -2184,6 +2226,7 @@ spec: type: array x-kubernetes-list-type: atomic pool: + default: rbd description: |- pool is the rados pool name. Default is rbd. @@ -2214,6 +2257,7 @@ spec: type: object x-kubernetes-map-type: atomic user: + default: admin description: |- user is the rados user name. Default is admin. @@ -2228,6 +2272,7 @@ spec: attached and mounted on Kubernetes nodes. properties: fsType: + default: xfs description: |- fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. @@ -2268,6 +2313,7 @@ spec: with Gateway, default false type: boolean storageMode: + default: ThinProvisioned description: |- storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. diff --git a/internal/controller/spinapp_controller_test.go b/internal/controller/spinapp_controller_test.go index 78edcac..54d2eb5 100644 --- a/internal/controller/spinapp_controller_test.go +++ b/internal/controller/spinapp_controller_test.go @@ -22,6 +22,7 @@ import ( "k8s.io/client-go/rest" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" + controllerconfig "sigs.k8s.io/controller-runtime/pkg/config" "sigs.k8s.io/controller-runtime/pkg/envtest" "sigs.k8s.io/controller-runtime/pkg/log/zap" "sigs.k8s.io/controller-runtime/pkg/manager" @@ -94,13 +95,17 @@ func setupController(t *testing.T) (*envTestState, ctrl.Manager, *SpinAppReconci } logger := zap.New(zap.UseFlagOptions(&opts)) + // B/c of https://github.com/kubernetes-sigs/controller-runtime/issues/2937 + skipNameValidation := true + mgr, err := ctrl.NewManager(envTest.cfg, manager.Options{ Metrics: metricsserver.Options{BindAddress: "0"}, Scheme: envTest.scheme, // Provide a real logger to controllers - this means that when tests fail we // get to see the controller logs that lead to the failure - if we decide this // is too noisy then we can gate this behind an env var like SPINKUBE_TEST_LOGS. - Logger: logger, + Logger: logger, + Controller: controllerconfig.Controller{SkipNameValidation: &skipNameValidation}, }) require.NoError(t, err) diff --git a/internal/controller/spinappexecutor_controller_test.go b/internal/controller/spinappexecutor_controller_test.go index f5e5b2b..773d544 100644 --- a/internal/controller/spinappexecutor_controller_test.go +++ b/internal/controller/spinappexecutor_controller_test.go @@ -28,6 +28,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client/fake" + controllerconfig "sigs.k8s.io/controller-runtime/pkg/config" "sigs.k8s.io/controller-runtime/pkg/log/zap" "sigs.k8s.io/controller-runtime/pkg/manager" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" @@ -43,13 +44,17 @@ func setupExecutorController(t *testing.T) (*envTestState, ctrl.Manager, *SpinAp } logger := zap.New(zap.UseFlagOptions(&opts)) + // B/c of https://github.com/kubernetes-sigs/controller-runtime/issues/2937 + skipNameValidation := true + mgr, err := ctrl.NewManager(envTest.cfg, manager.Options{ Metrics: metricsserver.Options{BindAddress: "0"}, Scheme: envTest.scheme, // Provide a real logger to controllers - this means that when tests fail we // get to see the controller logs that lead to the failure - if we decide this // is too noisy then we can gate this behind an env var like SPINKUBE_TEST_LOGS. - Logger: logger, + Logger: logger, + Controller: controllerconfig.Controller{SkipNameValidation: &skipNameValidation}, }) require.NoError(t, err)