Skip to content

fix: skip UUID annotation webhook for clusters with nil topology #860

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 15, 2024
Merged

fix: skip UUID annotation webhook for clusters with nil topology #860

merged 2 commits into from
Aug 15, 2024

Conversation

dkoshkin
Copy link
Contributor

What problem does this PR solve?:
We only want this webhook to run on Clusters that are created with cluster topology. This also fixes an issue when an existing Cluster that was created before deploying CAREN and this webhook is moved to the bootstrap cluster.
Currently it fails the move with

  2024-08-14 11:14:55 ERR     err="unable to pivot to the to-cluster: error setting Cluster.Spec.Paused=true: action failed after 10 attempts: error patching Cluster default/e2e-preprovisioned-upgrade-573225644: admission webhook "cluster-validator.caren.nutanix.com" denied the request: missing cluster UUID annotation caren.nutanix.com/cluster-uuid"

Which issue(s) this PR fixes:
Fixes #

How Has This Been Tested?:

Special notes for your reviewer:

I'm also now wondering if we want the validate to fail when the annotation is missing. Its possible that an existing Cluster that was created using another ClusterClass that does not use CAREN and then when CAREN gets installed, it prevents those existing Clusters from being updated because of a missing annotation that won't even be used.
Should this webhook be smarter and only validate and default Clusters that are referencing a CC that is using CAREN?

@dkoshkin dkoshkin self-assigned this Aug 15, 2024
@github-actions github-actions bot added the fix label Aug 15, 2024
@jimmidyson
Copy link
Member

I'm also now wondering if we want the validate to fail when the annotation is missing. Its possible that an existing Cluster that was created using another ClusterClass that does not use CAREN and then when CAREN gets installed, it prevents those existing Clusters from being updated because of a missing annotation that won't even be used.

I've updated the webhook to handle this use case by adding the annotation on update to clusters that use topology but do not have a UUID annotation already set. This wil handle clusters that are migrated to CAREN as well.

Should this webhook be smarter and only validate and default Clusters that are referencing a CC that is using CAREN?

This is pretty hard to figure out tbh so I don't think so, for now at least. Adding the annotation doesn't harm anything.

Ultimately I feel that this stable UUID should be part of CAPI core as an official annotation and will open an issue there to see if we can get traction.

@jimmidyson jimmidyson requested a review from faiq August 15, 2024 09:27
@jimmidyson jimmidyson merged commit 1c5952e into main Aug 15, 2024
15 checks passed
@jimmidyson jimmidyson deleted the dkoshkin/fix-labeler-webhook branch August 15, 2024 09:54
@jimmidyson jimmidyson mentioned this pull request Aug 15, 2024
Merged
jimmidyson added a commit that referenced this pull request Aug 15, 2024
@jimmidyson
release(main): v0.14.1 (#862)
d7cf7bf 
🤖 I have created a release *beep* *boop*
---


## 0.14.1 (2024-08-15)

<!-- Release notes generated using configuration in .github/release.yaml
at main -->

## What's Changed
### Fixes 🔧
* fix: delete correct cluster-autoscaler HCP by @dkoshkin in
#859
* fix: skip UUID annotation webhook for clusters with nil topology by
@dkoshkin in
#860
### Other Changes
* docs: Update release process for adding release series metadata by
@jimmidyson in
#861


**Full Changelog**:
v0.14.0...v0.14.1

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhrabovcin mhrabovcin mhrabovcin approved these changes

@jimmidyson jimmidyson jimmidyson approved these changes

@faiq faiq Awaiting requested review from faiq

Assignees

@dkoshkin dkoshkin

Labels
fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dkoshkin @jimmidyson @mhrabovcin