-
Notifications
You must be signed in to change notification settings - Fork 591
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Determine credential type from label #4825
Conversation
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #4825 +/- ##
=======================================
+ Coverage 77.7% 77.9% +0.2%
=======================================
Files 164 165 +1
Lines 18399 18455 +56
=======================================
+ Hits 14298 14389 +91
+ Misses 3281 3256 -25
+ Partials 820 810 -10
☔ View full report in Codecov by Sentry. |
13dc7ee
to
4fef47b
Compare
4fef47b
to
56e6d15
Compare
Observed a flake in https:/Kong/kubernetes-ingress-controller/actions/runs/6511654773/attempts/1?pr=4825 but Github isn't showing any artifacts in the summary 😢
|
internal/admission/validation/consumers/credentials/validation.go
Outdated
Show resolved
Hide resolved
Should be fixed by #4871 |
c14822d
to
236697d
Compare
236697d
to
3da7474
Compare
cb16248
to
899b80b
Compare
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
credential type instead of the `kongCredType` field. This allows controller | ||
compontents to avoid caching unnecessary Secrets. The `kongCredType` field is | ||
still supported but is now deprecated. A script to generate commands to | ||
update Secrets is available at https:/Kong/kubernetes-ingress-controller/issues/2502#issuecomment-1758213596 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suggest we track changing this changelog entry to reference a proper docs link (or an equivalent) rather than a github issue link
* feat(credentials) accept label credential type * pr: remove bad copy/paste resource failure * pr: reuse credential type code and add unit * pr: log instead of failure, align test with new error * use correct label in changelog --------- Co-authored-by: Grzegorz Burzyński <[email protected]>
I'd assume we need to add validation to webhook to check secrets with the introduced label? (so that eventually we'd only check those instead of inspecting fields?) |
Yeah, that should do the job: #4896 |
What this PR does / why we need it:
Adds a label alternative to the
kongCredType
Secret field. Settingkonghq.com/credential: CREDTYPE
is now equivalent to setting akongCredType=CREDTYPE
Secret field.Which issue this PR fixes:
Fix #2502
Special notes for your reviewer:
#2502 (comment) contains a migration script that will eventually go in docs. There isn't a clear place in 3.x docs to stick an upgrade section, so #4854 to follow up. As a stopgap, the changelog links to the comment.
Adds new system, does not remove old system. Not sure we want to single release breaking change this; I think we can do the final removal after 3.0 unless we want to bundle as many breaking changes at once, even if they're larger ones that didn't previously have a deprecation period: #4853
PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR