-
Notifications
You must be signed in to change notification settings - Fork 593
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Move CRD validation that's possible to be done in CEL, from webhook to CRD Validation Expressions #5062
Comments
I want to handle the error "plugin name cannot be empty". Thanks |
Could we really remove the the checks in admission webhooks when moved the checks to CELs? The feature gate |
@randmonkey As per https://docs.konghq.com/kubernetes-ingress-controller/latest/reference/version-compatibility/#general we're support k8s 1.25+ with KIC v3 so we should be good in this regard. |
I've gone through the code in If you happen to find any please, feel free to re-open this. 1 lesson from reading that code though, is that we have Gateway API related code in admission webhook which most likely should land in controller's code (in order to reconcile those objects into appropriate status conditions). Started team discussion on this: https://kongstrong.slack.com/archives/C011RQPHDC7/p1700161029335029 which will probably result in a net new issue to remove those validations from admission webhook. |
Problem statement
KIC seems to not only have started using https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#validation-rules which are available in Kubernetes 1.25+.
This issue tracks the migration of webhook validation to CRD Validation Expressions where possible.
Acceptance criteria
The text was updated successfully, but these errors were encountered: