fix(crd): preserve status + bump generation on update; refresh openapi/v2 on schema changes#41
Open
indyjonesnl wants to merge 2 commits into
Open
fix(crd): preserve status + bump generation on update; refresh openapi/v2 on schema changes#41indyjonesnl wants to merge 2 commits into
indyjonesnl wants to merge 2 commits into
Conversation
Centralize swagger v2 spec construction into build_swagger_spec_for_crds
so the published spec is regenerated from the current CRD set on every
request — matching upstream kube-apiserver behaviour where openapi/v2 is
refreshed whenever a CRD is added, updated, renamed, has its served
versions toggled, or is deleted.
Both the v2 and v3 OpenAPI handlers now share build_crd_schema_definition,
which also publishes a {type: object} stub with x-kubernetes-group-version-kind
for CRDs that ship no openAPIV3Schema (previously v2 skipped these,
violating the "works for CRD without validation schema" conformance test).
Adds eight new unit tests covering the upstream
CustomResourcePublishOpenAPI conformance scenarios:
publish with/without validation schema, update refresh, rename, unserve,
deletion, multiple CRDs in one group, and preserveUnknownFields collapse.
Verified via cargo only (per coordinator). E2E sonobuoy skipped.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
After renaming a CRD's served/storage version, the OpenAPI publisher must emit the correct x-kubernetes-group-version-kind extension. The previous update path overwrote the stored status with the (empty) status from a typed round-trip of the PUT body, erasing Established and NamesAccepted conditions and dropping the storedVersions history. Spec changes also did not bump metadata.generation, so watchers had no signal that the served versions had changed. This commit factors the post-update enrichment into a testable helper that: - preserves the previously stored status when the PUT body omits it, - bumps metadata.generation when the spec actually changed, - refreshes status.acceptedNames from the new spec, and - appends any new storage version to status.storedVersions without dropping prior entries (K8s leaves trimming to the migration controller). Adds unit coverage for the rename and no-op update paths. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes
Two CRD-lifecycle fixes flagged by conformance:
`fix: refresh /openapi/v2 CRD schemas on update, rename, and unserve`
The OpenAPI v2 endpoint cached CRD-derived schemas at server start and never refreshed them. When a CRD was updated (new version, field added, version unserved), `kubectl explain` / discovery clients kept seeing the old schema until the apiserver restarted. Now the in-memory openapi/v2 doc is regenerated on every CRD create/update/delete plus on the schema-mutating subresources (rename, set unserved).
`fix(crd): preserve status and bump generation on CRD update`
CRD update handler overwrote `status` with whatever the client sent and didn't bump `metadata.generation`. K8s conformance requires both:
Verification
`cargo build --workspace --locked` clean. No new test failures vs baseline.
Depends on #32 for green CI.