[PoC] feat: add targetRef field to ZTunnel CRD #1259
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1259 +/- ##
===========================================
+ Coverage 65.19% 77.10% +11.90%
===========================================
Files 39 44 +5
Lines 2497 2878 +381
===========================================
+ Hits 1628 2219 +591
+ Misses 721 548 -173
+ Partials 148 111 -37 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
dgn
force-pushed
the
ztunnel-targetref
branch
5 times, most recently
from
bcd9f0d to
b655b0e
Compare
|
This should support most use cases including RevisionBased update strategies already. Another thing we could add is making the This could be inferred at install time by looking for a |
| return fmt.Errorf("failed to apply profile: %w", err) | ||
| } | ||
|
|
||
| // Apply values from referenced IstioRevision first |
There was a problem hiding this comment.
Maybe it would make sense to warn users when setting the same config in both ztunnel and Istio to different values?
There was a problem hiding this comment.
I don't think we need to warn users - their settings will always take precedence. By default, they should only configure the version and targetRef
There was a problem hiding this comment.
Yeah, a warning might imply that something is wrong. Can we add a log message saying that user setting from ztunnel are used?
There was a problem hiding this comment.
hmm. as we're just merging the fields I don't think we have the ability to give that sort of granular feedback. or rather, we'd have to add a bunch of logic in order to do that. maybe just documenting the behavior is enough?
| BeforeAll(func() { | ||
| common.CreateIstio(k, version.Name, ` | ||
| values: | ||
| global: |
There was a problem hiding this comment.
Should this be added to samples?
There was a problem hiding this comment.
I'm not sure about the global setting. I will add the targetRef to the sample though
api/v1alpha1/ztunnel_types.go
Outdated
| State ZTunnelConditionReason `json:"state,omitempty"` | ||
|
|
||
| // IstioRevision stores the name of the referenced IstioRevision | ||
| IstioRevision string `json:"istioRevision"` |
There was a problem hiding this comment.
Do we have to use omitempty here (if users does not specify targetRef in spec)?
| return fmt.Errorf("failed to apply profile: %w", err) | ||
| } | ||
|
|
||
| // Apply values from referenced IstioRevision first |
There was a problem hiding this comment.
Yeah, a warning might imply that something is wrong. Can we add a log message saying that user setting from ztunnel are used?
| return podAnnotations[constants.IstioRevLabel] | ||
| } | ||
|
|
||
| func GetIstioRevisionFromTargetReference(ctx context.Context, client client.Client, ref v1.TargetReference) (*v1.IstioRevision, error) { |
There was a problem hiding this comment.
It would be good to include unit tests for this API.
| var revisionName string | ||
| switch ref.Kind { | ||
| case v1.IstioRevisionKind: | ||
| revisionName = ref.Name |
There was a problem hiding this comment.
Should we add input validation for targetReference?
| ztunnels := v1alpha1.ZTunnelList{} | ||
| err := r.Client.List(ctx, &ztunnels, &client.ListOptions{}) | ||
| if err != nil { | ||
| return nil |
There was a problem hiding this comment.
Shall we add a log message here when err != nil?
| version: %s | ||
| namespace: %s | ||
| targetRef: | ||
| kind: Istio |
There was a problem hiding this comment.
Do you think we will require a test case without the targetRef?
This is a good idea. |
|
|
||
| // The Istio control plane that this ZTunnel instance is associated with. Valid references are Istio and IstioRevision resources, Istio resources are always resolved to their current active revision. | ||
| // Values relevant for ZTunnel will be copied from the referenced IstioRevision resource, these are `spec.values.global`, `spec.values.meshConfig`, `spec.values.revision`. | ||
| TargetRef *v1.TargetReference `json:"targetRef,omitempty"` |
There was a problem hiding this comment.
Probably we should add a comment here saying that if users specify targetRef along with additional config, the user values will take precedence.
|
Hi @dgn, do you think it could be useful to add info about this API change into ZTunnel CRD docs too? |
This adds a `targetRef` field to the ZTunnel CRD, allowing users to keep their ZTunnel config in sync with what they already defined in the `Istio` or `IstioRevision` CRD. Signed-off-by: Daniel Grimm <[email protected]>
dgn
force-pushed
the
ztunnel-targetref
branch
from
88ed7f4 to
926dd12
Compare
5 participants
This adds a
targetReffield to the ZTunnel CRD, allowing users to keep their ZTunnel config in sync with what they already defined in theIstioorIstioRevisionCRD.