🐛 Fakeclient: Honor AllowUnconditionalUpdate and AllowCreateOnUpdate for resources that support it #926
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
k8s-ci-robot
added
the
size/M
|
Ok, so it turns out that this behavior is resource dependent and whether or not the resource is configured to allow "Unconditional Updates". ConfigMap happens to be one of the resources that does this: https://github.com/kubernetes/kubernetes/blob/37d9c22abe5921da1d9c61bc92d054eebfb01515/pkg/registry/core/configmap/strategy.go#L99-L101 Open to ideas on if (and potentially how) we'd want to replicate this, since the current behavior is definitely broken for ConfigMaps, but is correct for resources that are configured to return false for |
|
IMHO doing |
|
Following up with a bit of additional context from the Slack thread on this topic The per-resource behavior for update when ResourceVersion is not set is dependent on the value passed back by the I've yet to find any way to introspect this value from the scheme or openapi data published. I don't think we really want to import the registry code into controller-runtime, which leaves us with the following options that were proposed by @alvaroaleman on how we should support this in the fake client: Since this only applies to built-in types, replicating this via hard-coding is probably not the worst thing we could do, we could also likely implement it in a way that we'd only have to special case the types that return |
Who is responsible for keeping this in sync? I worry about it changing from allowed to disallowed and folks who write their tests get runtime errors.
This has the added benefit of always forcing the user to do something that will work on clusters even if in future versions this method returns a different answer for a given internal type. |
I don't expect it to affect many resources, but I have yet to dig into the exact numbers yet, and I wouldn't expect it to change for any resources (outside of an update to the apiversion for the resource), since it would be a breaking change to k8s itself if it does.
Considering this would be a breaking change with k8s itself, I wouldn't expect future versions to return a different answer for a given internal type outside of an apiversion update for that resource. I'm not a huge fan of trying to replicate the behavior, but if we don't then the alternative is a fake client that is of less value to users otherwise. Telling users to update their code (that is doing something completely valid against a real API server) to be able to use the fake client doesn't seem like the right approach to me, especially since the behavior that we are discussing was just recently introduced and breaks existing consumers. |
|
I just went through k/k to determine which resources would be affected, and it is more than I would have expected. I also documented the list of resources that allow for Create on Update while I was trolling the code.
There is also another method for registry strategy |
|
As an interesting side note, since there is only a single storage version, these settings apply for all resources regardless of user-provided version for a particular api group and type |
|
Additional data point: kubernetes/kubernetes#21330 My take away from that issue is that we shouldn't expect any new resources to set AllowUnconditionalUpdate, but the current resources that allow it will likely keep allowing it until v2 of their resource is released. |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
@detiber it would be good if this would get finished. Do you think you will be able to do that? Otherwise we should maybe create an issue to see if someone from the community can pick it up? |
|
@alvaroaleman I should be able to pick this back up next week, thanks for the reminder. |
k8s-ci-robot
added
size/L
|
@alvaroaleman updated, ptal. |
- Add support for honoring AllowUnconditionalUpdate - Add support for honoring AllowCreateOnUpdate
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alvaroaleman, detiber The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
detiber
changed the title
As of v0.6.0, the fake client is rejecting Updates where the ResourceVersion is not set on the object where previously it did not.
It looks like this was introduced as part of #832 to reject Updates where the ResourceVersion does not match, however it didn't special case the case where ResourceVersion is not set on the resource provided to Update but the existing resource has ResourceVersion set.
This PR adds support for calling Update without a Resource version for resources that allow unconditional updates and calling Update for resources that allow create on update if they do not already exist.