Allow users to define cluster-scoped BuildTemplates #302
Comments
|
/assign @pivotal-nader-ziada |
|
I will work with the following assumptions:
This is more in line with the general pattern of Resources not allowed in both Cluster and Namespace scopes |
|
wouldnt that be a racy check?
…Sent from my iPhone
On Aug 20, 2018, at 9:58 AM, Nader Ziada ***@***.***> wrote:
I will work with the following assumptions:
We should reject a BuildTemplate with a conflicting name.
The create ClusterBuildTemplate also should check existing namespaces and give an error on conflict.
This is more in line with the general pattern of Resources not allowed in both Cluster and Namespace scopes
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
@cppforlife is there a better way to check? I was thinking it would read the list from the cache. |
|
@pivotal-nader-ziada no idea, i was thinking there would be more established way of doing this in kubernetes apis. i was just looking at how ClusterRole vs Role in kube rbac is referenced (https://kubernetes.io/docs/reference/access-authn-authz/rbac/). looks like they use may be adding |
|
@cppforlife Thanks, I like the idea of adding the |
|
Yes, kubernetes style is to make each resource collection independent. I'd
suggest having a kind and/or separate
`buildTemplate`/`clusterBuildTemplate` fields (only one of which can be set
at a time) rather than trying to prevent a naming collision between
cluster-level and namespace level build templates.
…On Mon, Aug 20, 2018 at 12:11 PM Nader Ziada ***@***.***> wrote:
@cppforlife <https://github.com/cppforlife> Thanks, I like the idea of
adding the templateKind
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#302 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AHlyN42K3z3HO2kXGhyb2qL6JQau9QCuks5uSwnGgaJpZM4WAIvJ>
.
--
Evan Anderson <argent@google.com>
|
|
Agreed, working on adding a template kind field to the build type instead of checking existing names as per @cppforlife and @evankanderson suggestion |
* add new CRD for cluster build template and update build type to include template kind * fix template name in e2e test * make webhook aware of cluster build template * add clusterbuildtemplate resource to rbac access * add nonNamespaced tag to codegen of clusterbuildtemplate * refactor and cleanup based on the review comments
…ive#310) * add new CRD for cluster build template and update build type to include template kind * fix template name in e2e test * make webhook aware of cluster build template * add clusterbuildtemplate resource to rbac access * add nonNamespaced tag to codegen of clusterbuildtemplate * refactor and cleanup based on the review comments
…ive#310) * add new CRD for cluster build template and update build type to include template kind * fix template name in e2e test * make webhook aware of cluster build template * add clusterbuildtemplate resource to rbac access * add nonNamespaced tag to codegen of clusterbuildtemplate * refactor and cleanup based on the review comments
Some cluster operators might want to provide and manage predefined build templates, available across all namespaces.
We should create a
ClusterBuildTemplateresource type which is available cluster-wide.Questions
BuildTemplatein their namespace with a conflicting name with an existingClusterBuildTemplateshould we allow that or reject it?template.name: 'some-namespace/the-template'to specify the namespaced template.ClusterBuildTemplatewould have to look for a conflicting name across all namespaces.I'm not familiar enough with Kubernetes API
ClusterFooidioms to know which is more consistent, hoping for pointers from those with more experience.The text was updated successfully, but these errors were encountered: