Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(kuma-cp): allow using Dataplane kind in top level targetRef in all policies #12659

Merged
merged 14 commits into from
Jan 31, 2025
Merged

feat(kuma-cp): allow using Dataplane kind in top level targetRef in all policies #12659

merged 14 commits into from
Jan 31, 2025

Conversation

Automaat
Copy link
Contributor

Motivation

As in pr title, we want to use top level targetRef kind Dataplane in all policies

@Automaat Automaat requested a review from a team as a code owner January 24, 2025 08:42
@github-actions GitHub Actions
Copy link
Contributor

Reviewer Checklist

🔍 Each of these sections need to be checked by the reviewer of the PR 🔍:
If something doesn't apply please check the box and add a justification if the reason is non obvious.

  • Is the PR title satisfactory? Is this part of a larger feature and should be grouped using > Changelog?
  • PR description is clear and complete. It Links to relevant issue as well as docs and UI issues
  • This will not break child repos: it doesn't hardcode values (.e.g "kumahq" as an image registry)
  • IPv6 is taken into account (.e.g: no string concatenation of host port)
  • Tests (Unit test, E2E tests, manual test on universal and k8s)
    • Don't forget ci/ labels to run additional/fewer tests
  • Does this contain a change that needs to be notified to users? In this case, UPGRADE.md should be updated.
  • Does it need to be backported according to the backporting policy? (this GH action will add "backport" label based on these file globs, if you want to prevent it from adding the "backport" label use no-backport-autolabel label)

@Automaat
feat(kuma-cp): code review
9e29103 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat
Merge remote-tracking branch 'origin/master' into feat/allow-using-da…
a4a0729 
…taplane-kind
@Automaat
chore(e2e): use descriptor for policy validation
659ccde 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat
Merge remote-tracking branch 'origin/master' into feat/allow-using-da…
4967a71 
…taplane-kind

# Conflicts:
#	pkg/plugins/policies/meshtimeout/api/v1alpha1/validator.go
#	pkg/plugins/policies/meshtrafficpermission/api/v1alpha1/validator.go
@lobkovilya
Copy link
Contributor

wait, but the stuff in ResourceDescriptor is static and depends on the policy type, right? we should allow/disallow sectionName based on the actual presence of from or rules. For example, if MeshTimeout has only to and ResourceDescriptor.HasFromTargetRef is true we still shouldn't allow sectionName

@jakubdyszkiewicz jakubdyszkiewicz removed their request for review January 28, 2025 16:06
@Automaat
chore(e2e): code review
1bbc414 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat
Copy link
Contributor Author

@lobkovilya I've circled back to isInboundPolicy option

@lobkovilya
Copy link
Contributor

probably you need to add some unit tests in validation, as there were no failures with incorrect approach

@Automaat
Copy link
Contributor Author

@lobkovilya I've added this test previosly:

kuma/pkg/core/resources/apis/mesh/validators_test.go

Lines 1030 to 1040 in 1bbc414

opts: &ValidateTargetRefOpts{
SupportedKinds: []common_api.TargetRefKind{
common_api.Dataplane,
},
},
expected: `
violations:
- field: targetRef.sectionName
message: can only be used with inbound policies
`,
}),

@lobkovilya
Copy link
Contributor

No I mean initially you've passed IsInboundPolicy: true to the validator without checking len(r.Spec.From) > 0). We agreed that it was incorrect, and I think that some tests should've failed. But since no tests failed I assume we're missing some tests, right?

lobkovilya
lobkovilya previously approved these changes Jan 30, 2025
View reviewed changes
@Automaat Automaat enabled auto-merge (squash) January 30, 2025 07:16
@Automaat
feat(kuma-cp): fix e2e tests
d15bd5a 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat
feat(kuma-cp): refactor
b493c82 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat
feat(kuma-cp): refactor
709886d 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat
feat(kuma-cp): fix check
e8f1828 
Signed-off-by: Marcin Skalski <[email protected]>
@Automaat Automaat merged commit d7ec0a2 into kumahq:master Jan 31, 2025
13 checks passed
@Automaat Automaat deleted the feat/allow-using-dataplane-kind branch January 31, 2025 10:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lobkovilya lobkovilya lobkovilya approved these changes

@slonka slonka Awaiting requested review from slonka slonka is a code owner automatically assigned from kumahq/kuma-maintainers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Automaat @lobkovilya