Skip to content

Make sure the webhook is always registered before allowing user to create resources #1113

New issue
New issue
Closed
#1894
Closed
Make sure the webhook is always registered before allowing user to create resources#1113
#1894
Assignees
vdemeester
Labels
kind/featureCategorizes issue or PR as related to a new feature.kind/questionIssues or PRs that are questions around the project or a particular featurepriority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.
Milestone
Pipelines 0.11 🐱
@vdemeester

Description

@vdemeester
vdemeester
opened on Jul 23, 2019

As of today, knative/pkg's code is the one responsible to register the webhook on kubernetes. This means, the following are possible :

  • The webhook fails to start (for any reason), it does not get registered, thus it's not applied
  • The webhook takes time to start (slow network, …), it's not registered quickly enough, a user can create resources

In all those cases, the user can end up creating resources that are either not valid or not mutated (with defaults values)

There is two way to fix these cases:

  1. Move the webhook registration in the yamls, so that the webhook is registered as soon as the CRDs are created, before it started, and thus it will fail if the webhook is not running
  2. Having the controller validate

I have a very very high preference for solution 1. .

Metadata

Metadata

Assignees

Labels

kind/featureCategorizes issue or PR as related to a new feature.kind/questionIssues or PRs that are questions around the project or a particular featurepriority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions