Comments (14)
liggitt
commented on May 28, 2024
1
cc @thockin
/sig api-machinery
even though these list types accurately reflect the structure / validation in built-in types, fields used as map keys must be required or defaulted when used in a CRD schema
from kubernetes.
pmalek
commented on May 28, 2024
1
@thockin Not sure what's up with jq: Unknown option -ojson as there are no calls to jq that would be used when install code-generator and generating CRDs.
I'd assume this was a problem with using yq v3 instead of v4 which has a different set of flags.
In any case we've merged Kong/gateway-operator#230 to make sure to make no assumptions about the yq (which is used for the above) that's installed on the system.
I believe the culprit of this is as @thockin suggested Name not being required but also removing the omitempty json tag since that's rendering the required tag noop.
I've pushed #124553 as an attempt to fix this.
from kubernetes.
liggitt
commented on May 28, 2024
/transfer kubernetes
from kubernetes.
k8s-ci-robot
commented on May 28, 2024
This issue is currently awaiting triage.
If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.
The triage/accepted label can be added by org members by writing /triage accepted in a comment.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
from kubernetes.
thockin
commented on May 28, 2024
@pmalek If you add // +required to LocalObjectRef.Name, does the error go away? Or maybe that's imposing too much - can you point me at your CRD and I can poke around?
I'm not sure if the right answer is to make it required -- it SEEMS correct, considering it is the only field in the type :) -- or to rmeove that listMap (despite being correct in context)
from kubernetes.
pmalek
commented on May 28, 2024
One of the types can be found here : https://github.com/Kong/gateway-operator/blob/main/api%2Fv1beta1%2Fdataplane_types.go
I can do some testing when I find a moment.
from kubernetes.
thockin
commented on May 28, 2024
Which type in particular?
from kubernetes.
pmalek
commented on May 28, 2024
The embedded PodTemplateSpec here https://github.com/Kong/gateway-operator/blob/main/api%2Fv1beta1%2Fshared_types.go#L35 seems to be causing issues.
from kubernetes.
thockin
commented on May 28, 2024
I'm trying to repro real quickly, but I can't get it to build.
$ make generate
bash: line 1: mise: command not found
mise - https://github.com/jdx/mise - not found. Please install it.
make: *** [Makefile:45: mise] Error 1
So I installed mise into /tmp
$ PATH="$PATH:/tmp" make generate
bash: line 1: yq: command not found
mise /tmp/gateway-operator/bin/plugins/kube-controller-tools/bin/install failed
mise /tmp/gateway-operator/bin/plugins/kube-controller-tools/bin/install exited with non-zero status: exit code 1
mise Run with --verbose or MISE_VERBOSE=1 for more information
make: *** [Makefile:64: controller-gen] Error 1
OK, so I installed yq:
$ sudo apt-get install yq
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
yq
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/29.8 kB of archives.
After this operation, 73.7 kB of additional disk space will be used.
Selecting previously unselected package yq.
(Reading database ... 357393 files and directories currently installed.)
Preparing to unpack .../archives/yq_3.1.0-3_all.deb ...
Unpacking yq (3.1.0-3) ...
Setting up yq (3.1.0-3) ...
But still no luck:
$ PATH="$PATH:/tmp" make generate
jq: Unknown option -ojson
Use jq --help for help with command-line options,
or see the jq manpage, or online docs at https://jqlang.github.io/jq
mise /tmp/gateway-operator/bin/plugins/kube-controller-tools/bin/install failed
mise /tmp/gateway-operator/bin/plugins/kube-controller-tools/bin/install exited with non-zero status: exit code 1
mise Run with --verbose or MISE_VERBOSE=1 for more information
make: *** [Makefile:64: controller-gen] Error 1
I am out of time for the moment.
from kubernetes.
rashedkvm
commented on May 28, 2024
Even though marked as +optional it is behaving as required due to the map
https://github.com/kubernetes/api/blob/fb932d2704f6db73ad667467c071fa0021b4f11a/core/v1/types.go#L3706-L3711. I believe the same issue is observed in few other types as well.
From my CR, validation errors
6:10:07PM: ^ Reconcile failed: (message: kapp: Error: create customresourcedefinition/podintents.conventions.carto.run (apiextensions.k8s.io/v1) cluster:
Creating resource customresourcedefinition/podintents.conventions.carto.run (apiextensions.k8s.io/v1) cluster:
API server says:
CustomResourceDefinition.apiextensions.k8s.io "podintents.conventions.carto.run" is invalid:
- spec.validation.openAPIV3Schema.properties[spec].properties[template].properties[spec].properties[imagePullSecrets].items.properties[name].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
- spec.validation.openAPIV3Schema.properties[spec].properties[template].properties[spec].properties[hostAliases].items.properties[ip].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
- spec.validation.openAPIV3Schema.properties[status].properties[template].properties[spec].properties[hostAliases].items.properties[ip].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
- spec.validation.openAPIV3Schema.properties[status].properties[template].properties[spec].properties[imagePullSecrets].items.properties[name].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
(reason: Invalid))
kapp: Error: waiting on reconcile packageinstall/cartographer-conventions-controller (packaging.carvel.dev/v1alpha1) namespace: default:
Finished unsuccessfully (Reconcile failed: (message: kapp: Error: create customresourcedefinition/podintents.conventions.carto.run (apiextensions.k8s.io/v1) cluster:
Creating resource customresourcedefinition/podintents.conventions.carto.run (apiextensions.k8s.io/v1) cluster:
API server says:
CustomResourceDefinition.apiextensions.k8s.io "podintents.conventions.carto.run" is invalid:
- spec.validation.openAPIV3Schema.properties[spec].properties[template].properties[spec].properties[imagePullSecrets].items.properties[name].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
- spec.validation.openAPIV3Schema.properties[spec].properties[template].properties[spec].properties[hostAliases].items.properties[ip].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
- spec.validation.openAPIV3Schema.properties[status].properties[template].properties[spec].properties[hostAliases].items.properties[ip].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
- spec.validation.openAPIV3Schema.properties[status].properties[template].properties[spec].properties[imagePullSecrets].items.properties[name].default: Required value: this property is in x-kubernetes-list-map-keys
- so it must have a default or be a required property
(reason: Invalid)))
Error: Process completed with exit code 1.
from kubernetes.
thockin
commented on May 28, 2024
debian yq is an alias to jq, but if I uninstall that, I just get yq: command not found and I can't figure how to get mise (never used it) to install whatever variant of yq it expects?
from kubernetes.
thockin
commented on May 28, 2024
Did you confirm that the +required actually satisfies your CRD?
from kubernetes.
pmalek
commented on May 28, 2024
... and I can't figure how to get mise (never used it) to install whatever variant of yq it expects?
mise plugin install --yes -q yq
mise install -q [email protected]
but that's already sorted out in latest main.
Did you confirm that the +required actually satisfies your CRD?
I've basically tried embedding
type MyType struct {
// ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images
// in pods that reference this ServiceAccount. ImagePullSecrets are distinct from Secrets because Secrets
// can be mounted in the pod, but ImagePullSecrets are only accessed by the kubelet.
// More info: https://kubernetes.io/docs/concepts/containers/images/#specifying-imagepullsecrets-on-a-pod
// +optional
// +listType=atomic
ImagePullSecrets []LocalObjectReference `json:"imagePullSecrets,omitempty" protobuf:"bytes,3,rep,name=imagePullSecrets"`
// ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
// If specified, these secrets will be passed to individual puller implementations for them to use.
// More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
// +listType=map
// +listMapKey=name
ImagePullSecretsPodSpec []LocalObjectReference `json:"imagePullSecretsPodSpec,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,15,rep,name=imagePullSecretsPodSpec"`
}
// LocalObjectReference contains enough information to let you locate the
// referenced object inside the same namespace.
// +structType=atomic
type LocalObjectReference struct {
// Name of the referent.
// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
// TODO: Add other useful fields. apiVersion, kind, uid?
// +required
Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
}
Which exist in k8s tree in PodTemplateSpec and then my changing the optional to required + removing omitempty I was able to apply the generated CRD without errors.
from kubernetes.
JorTurFer
commented on May 28, 2024
I'm bumping deps to v0.30.0 in KEDA and I'm facing the same issue during the CRD apply:
"CustomResourceDefinition.apiextensions.k8s.io \"scaledjobs.keda.sh\" is invalid: [spec.validation.openAPIV3Schema.properties[spec].properties[jobTargetRef].properties[template].properties[spec].properties[hostAliases].items.properties[ip].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property, spec.validation.openAPIV3Schema.properties[spec].properties[jobTargetRef].properties[template].properties[spec].properties[imagePullSecrets].items.properties[name].default: Required value: this property is in x-kubernetes-list-map-keys, so it must have a default or be a required property]"from kubernetes.
Related Issues (20)
- Kubernets service not distributing traffic in equally , seeing imbalance in traffic . HOT 14
- Publish Markdown for OpenAPI field descriptions using an extension HOT 4
- Enhancement: allow to filter what fields to return from the API HOT 3
- [Failing Test] ci-crio-cgroupv1-node-e2e-conformance (Swap Tests) HOT 3
- [Flaking Test] integration-master (goroutine leak detection) HOT 6
- [Flaking Test] ci-node-e2e (Container Lifecycle) HOT 11
- Migrate existing features to versioned feature gate HOT 4
- verification machinery for compatibility version HOT 3
- [Flaking Test] TestLog/stateful_set_logs_with_all_pods HOT 4
- Pod deleted during image pull still starts HOT 10
- ValidatingAdmissionPolicy objects have different runtime type compared to CRDValidationRules HOT 8
- `kube-proxy`'s `--healthz-bind-address` should support IPv4 and IPv6 simultaneously (dual stack) HOT 24
- Bug: securityContext appArmorProfile unconfined not working with containerd HOT 2
- The old pod log file is not deleted from the /var/log/pods/ directory HOT 13
- Job controller reports the count of terminating pods with unnecessary delay HOT 4
- tracking issue; bump pause to 3.10 HOT 4
- kubernetes-sigs / scheduler-plugins go.mod Error HOT 3
- post-kubernetes-push-image-pause failed to publish version 3.10 HOT 15
- Failure cluster [6bc9e9c5...] HOT 1
- Apiserver log "Forcing xxx watcher close due to unresponsiveness" meaning consultation HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes.