Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Spike: Create admission webhook for CRD validation #1039

Open
nilsgstrabo opened this issue Jan 19, 2024 · 0 comments
Open

Spike: Create admission webhook for CRD validation #1039

nilsgstrabo opened this issue Jan 19, 2024 · 0 comments

Comments

@nilsgstrabo
Copy link
Contributor

nilsgstrabo commented Jan 19, 2024

Today, validation of RadixRegistration, RadixApplication and RadixDeployment is done by pipeline og radix-api by directly calling function in the radixvalidators package. When we update the validation rules, we must also update the reference in radix-api and rebuild. the validation functions also require various configurations, like DNSAlias reserved list, which means that we must pass a lot of unnessesary information through envvars to the callers.

An admission webhook will remove the need for calling the methods directly and passing configuration to the callers. It is the webhook's responsibility to perform validation. If a caller (pipeline runner or radix-api) tries to create or update a resource with invalid config, the webhook will reject it.

The Kubebuilder project has a CLI that we can use to create webhooks

Timebox: 2 days 1-2 pers

@Richard87 Richard87 added the 🤔 refinement needed This needs more details label Jan 31, 2024
@emirgens emirgens changed the title Create admission webhook for CRD validation Spike: Create admission webhook for CRD validation Mar 19, 2024
@emirgens emirgens removed the 🤔 refinement needed This needs more details label Mar 19, 2024
@satr satr self-assigned this Aug 12, 2024
@satr satr removed their assignment Sep 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants