[AIP-409] userlabel , owner reference webhook 테스트를 위해 label은 v2, owner reference는 어노테이션으로 붙입니다.#38
Open
taehyeong10 wants to merge 12 commits intoten1010-io:staging/projectfrom
Open
Conversation
#2) * feat: add UserOwner mutating webhook to inject AipubUser ownerReference on CREATE Ports the UserOwnerReferenceMutateService from the Python admission controller. On CREATE of any namespaced resource, resolves the requesting user to an AipubUser CR and injects a non-controlling ownerReference for ownership tracking. Co-Authored-By: Claude Opus 4.6 <[email protected]> * refactor: rename to AipubAdmissionReviewController with chained handler support Renames the endpoint to /api/v1/admissionreviews/aipub to accommodate future user-related mutations (label, transfer, authority_review). The controller runs all matching handlers sequentially instead of picking just one. Co-Authored-By: Claude Opus 4.6 <[email protected]> * refactor: change endpoint to /api/v1/userrelationship/mutate Co-Authored-By: Claude Opus 4.6 <[email protected]> * feat: add UserLabel mutating webhook to inject user labels on CREATE Ports UserLabelMutateService from the Python admission controller. On CREATE of namespaced resources, adds aipub.ten1010.io/username and aipub.ten1010.io/userid labels. For aipub-members, labels come from the AipubUser CR. For system-created child resources, labels are propagated from the controller owner object via K8s API lookup. Co-Authored-By: Claude Opus 4.6 <[email protected]> * refactor: rename apiClient to k8sApiClient for clarity Distinguishes the Kubernetes API client from the AIPub backend client. Co-Authored-By: Claude Opus 4.6 <[email protected]> * feat: add ApiResourceDiscovery and k8s-dev local test environment Replace static KIND_TO_PLURAL map with ApiResourceDiscovery that queries K8s discovery API at startup, matching the Python APIResourceManager approach. Add k8s-dev directory with Kind + Keycloak OIDC setup for local testing of ownerReference and label injection. Co-Authored-By: Claude Opus 4.6 <[email protected]> * feat: merge AIP-409 changes (label constants, composite handler, V2 handler) Merge unique changes from feature/AIP-409 into user-owner-reference: - LabelConstants: add OBJECT_OWN_USERNAME_KEY, OBJECT_OWN_USERID_KEY - V1AdmissionReviewUtils: support patch merging across multiple handlers - CompositeReviewHandler: run all matching handlers instead of first-only - UserInfoAnalyzer: support nullable AipubUser lookup - UserLabelReviewHandlerV2: simple label injection (AIP-409 version) Co-Authored-By: Claude Opus 4.6 <[email protected]> * fix: patch individual label keys instead of replacing entire labels map Matches Python implementation behavior - upsert only username/userid keys without overwriting other labels added by prior webhook handlers. Co-Authored-By: Claude Opus 4.6 <[email protected]> * setup * fix bug --------- Co-authored-by: Claude Opus 4.6 <[email protected]>
fix details for converting
* add yml for webhook register * fix namespace
taehyeong10
changed the title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.