kuma icon indicating copy to clipboard operation
kuma copied to clipboard
verified publisher icon kumahq

Validate kuma.io-scoped annotations

Open jpeach opened this issue 4 years ago • 22 comments

Summary

We should add Kubernetes validation for annotations with a leading kuma.io. For any annotation that begins with the *.kuma.io/ prefix, validate that it's a known and supported Kuma annotation. This helps users catch typographic errors, and preserves the project's ability to use new annotations in this scope without the risk of a collisions.

jpeach avatar Jul 08 '21 21:07 jpeach

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

github-actions[bot] avatar Dec 31 '21 08:12 github-actions[bot]

I'm working on this issue and I managed to write a validation hook.

Next up I have to validate the list of annotations against the global list of valid annotations. I looked around in pkg/plugins/runtime/k8s/metadata/annotations.go. Are there any helper methods to perform a reverse search on the list of valid annotations?

Also, are we looking to validate values of these annotations as well?

PrayagS avatar Feb 25 '22 09:02 PrayagS

Are there any helper methods to perform a reverse search on the list of valid annotations?

No you'll probably want to introduce a map for this

Also, are we looking to validate values of these annotations as well?

It would be good to do both labels and annotations (the doc should be a good way to check what works on labels vs annotations)

lahabana avatar Feb 25 '22 11:02 lahabana

No you'll probably want to introduce a map for this.

Thanks for confirming.

both labels and annotations

Shouldn't there be a separate issue for labels? I was asking about values actually. Something like this: Kong/kubernetes-ingress-controller#1340. To spot wrong annotation values passed by the user and notifying them because the end result won't be the same as they expected.

PrayagS avatar Feb 25 '22 11:02 PrayagS

In my opinion, it makes sense to cover both labels and annotations for this issue.

I think validating values can be a separate discussion/issue, at least a separate PR.

michaelbeaumont avatar Feb 25 '22 13:02 michaelbeaumont

Just pushed a PR for this. One thing I realized that I added this just for pods 😅.

Which other resource kinds should have this? And in that case, I'm assuming I'll also need to change the configuration for the webhook. As for now, it would be great if you folks can go through the current code and point out any changes if required.

PrayagS avatar Mar 14 '22 18:03 PrayagS

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

github-actions[bot] avatar Apr 14 '22 08:04 github-actions[bot]

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

github-actions[bot] avatar May 15 '22 08:05 github-actions[bot]

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

github-actions[bot] avatar Jun 16 '22 08:06 github-actions[bot]

This issue was inactive for 30 days it will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant please comment on it promptly or attend the next triage meeting.

github-actions[bot] avatar Jul 17 '22 08:07 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Oct 17 '22 08:10 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Jan 17 '23 08:01 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Apr 18 '23 07:04 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Jul 18 '23 07:07 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Oct 17 '23 07:10 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Jan 16 '24 07:01 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Apr 22 '24 07:04 github-actions[bot]

This issue was inactive for 90 days. It will be reviewed in the next triage meeting and might be closed. If you think this issue is still relevant, please comment on it or attend the next triage meeting.

github-actions[bot] avatar Jul 22 '24 07:07 github-actions[bot]