V1 constrainttemplate docs #1492
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes open-policy-agent#1476 Signed-off-by: juliankatz <juliankatz@google.com>
… v1-constrainttemplate-docs Signed-off-by: juliankatz <juliankatz@google.com>
julianKatz
requested review from
maxsmythe,
ritazh,
shomron,
willbeason and
sozercan
ritazh
reviewed
Aug 12, 2021
maxsmythe
reviewed
Aug 12, 2021
website/docs/constrainttemplates.md
Outdated
|
|
||
| ## `v1` Constraint Template | ||
|
|
||
| In release version (some version goes here), Gatekeeper included the `v1` version of `ConstraintTemplate`. Unlike past versions of `ConstraintTemplate`, `v1` requires the Constraint schema section to be [structural](https://kubernetes.io/blog/2019/06/20/crd-structural-schema/). |
There was a problem hiding this comment.
(some version goes here) -> definitely put the version here before submitting :p
There was a problem hiding this comment.
Also, let's lead with some of the benefits of structural schemas:
- We're aligning with the direction K8s is headed in
- It makes the expectation of what parameters are provided more explicit
- It helps detect errors like a typo in the parameters, which could lead to underenforcement.
It's okay to just mention the benefits here and elaborate later.
There was a problem hiding this comment.
I forgot to add some of the things max suggested here. Will do now
ritazh
reviewed
Aug 12, 2021
| # Note that "labels" is now an array item, rather than an object | ||
| - labels: ["gatekeeper"] | ||
| EOF | ||
| The K8sRequiredLabels "ns-must-have-gk" is invalid: spec.parameters: Invalid value: "array": spec.parameters in body must be of type object: "array" |
… v1-constrainttemplate-docs Signed-off-by: juliankatz <juliankatz@google.com>
Signed-off-by: juliankatz <juliankatz@google.com>
… v1-constrainttemplate-docs Signed-off-by: juliankatz <juliankatz@google.com>
Signed-off-by: juliankatz <juliankatz@google.com>
Signed-off-by: juliankatz <juliankatz@google.com>
Signed-off-by: juliankatz <juliankatz@google.com>
|
@maxsmythe @ritazh This is ready for re-review. Thanks! |
ritazh
approved these changes
Aug 17, 2021
… v1-constrainttemplate-docs Signed-off-by: juliankatz <juliankatz@google.com>
Signed-off-by: juliankatz <juliankatz@google.com>
…tekeeper into v1-constrainttemplate-docs Signed-off-by: juliankatz <juliankatz@google.com>
Signed-off-by: juliankatz <juliankatz@google.com>
… v1-constrainttemplate-docs Signed-off-by: juliankatz <juliankatz@google.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add docs page about v1 Constraint Templates
Fixes #1476
Signed-off-by: juliankatz juliankatz@google.com