enhancement_template: add API extension sections #933
Conversation
sttts
force-pushed
the
sttts-api-extensions-template
branch
2 times, most recently
from
8ab6b6d
to
d7a0ce6
Compare
There was a problem hiding this comment.
my main struggle w/ this right now is it feels like most of the guidance/sections are applicable to the case of someone adding a new webhook or maybe a finalizer, but as an EP author i'm not sure that's obvious (that the sections don't apply to them).
I assume we also want guidance for people adding new api resource types, or new fields to an existing type, but if that's not what your updates are concerned with, i think it would help to clarify in the new sections exactly what kind of "api extensions" we are talking about.
| @@ -8,6 +8,8 @@ reviewers: | |||
| approvers: | |||
| - TBD | |||
| - "@oscardoe" | |||
| api-approvers: | |||
| - TBD | |||
There was a problem hiding this comment.
should this be optional (only applicable if the EP defines a new api or updates an existing one)?
There was a problem hiding this comment.
Would like to link to the list of possible approvers. https://github.com/openshift/api/blob/master/OWNERS is not that. An OWNERS_ALIASES file might work as in upstream.
There was a problem hiding this comment.
We're planning to change the way we list reviewers generally, to include the scope of review being requested and other details to help the final approver ensure that all areas are covered. I think we can address the question of how to find people for different types of reviews as part of that change.
guidelines/enhancement_template.md
Outdated
| Examples: | ||
| - adds a finalizer to namespaces. Namespace cannot be deleted without our controller running. | ||
| - restricts the label format for objects to X. | ||
| - defaults field Y on object kind Z. |
There was a problem hiding this comment.
would you also expect new resource types, and/or new fields being added to existing resource types, to be described here?
(I would, though they also tend to end up in the implementation details section currently)
There was a problem hiding this comment.
this is about touching types that are not owned by the enhancement author. E.g. istio injecting a side-car into a pod.
There was a problem hiding this comment.
hm, I don't see why "who owns the api" vs "who is writing the EP" matters? That may affect who needs to review it, but not what the design needs to cover.
what matters is the kind of change you are proposing to the product, and the effects it may have that need to be considered.
For which it seems like "api" changes need to be broken down into a few categories, e.g.:
- new api type
- updating existing api type (e.g. new fields)
- adding a webhook (not sure if conversion vs admission need to be divided)
- adding/changing validations on an apitype (adding is usually not allowed, of course)
- adding/changing rbac associated w/ an api type
i'm not saying you need to cover all of them in your changes here, but i think it's important we make it clear which kinds of changes these new sections are applicable to.
guidelines/enhancement_template.md
Outdated
| @@ -265,6 +278,78 @@ enhancement: | |||
| - Will any other components on the node change? For example, changes to CSI, CRI | |||
| or CNI may require updating that component before the kubelet. | |||
|
|
|||
| ### Impact of API Extensions | |||
|
|
|||
| Describe the API extensions here in detail, especially their impact on a cluster: | |||
There was a problem hiding this comment.
this seems very focused on the case where a new api resource type is being added, but doesn't cover the case where someone is trying to extend an existing api with new fields or behavior.
how are "api extensions" defined?
- new resource type?
- new field on a resource type?
- new webhook on an existing type (or being added as part of adding a new resource type)?
There was a problem hiding this comment.
actually i guess it's focused on the case where a new webhook or finalizer is being added?
There was a problem hiding this comment.
As stated above API Extensions is everything impacting APIs: webhooks, finalizers, CRDs.
The effect of a new API field being added should be describe throughout the enhancement discussing that kind of extension of the existing API, no?
guidelines/enhancement_template.md
Outdated
| Describe the API extensions here in detail, especially their impact on a cluster: | ||
|
|
||
| - what are the SLIs (Service Level Indicators) an administrator or support can use to | ||
| - determine the health of the API extensions |
There was a problem hiding this comment.
this could use a more explicit example for people to follow, e.g. "when api extension $foo was added, the following SLI was introduced...."
if i'm adding a new config resource for builds(for example), i am not clear what it would mean to add a new SLI for that resource, or if such a thing is even really applicable to that api change.
| @@ -115,6 +117,16 @@ bogged down. | |||
|
|
|||
| Include a story on how this proposal will be operationalized: lifecycled, monitored and remediated at scale. | |||
|
|
|||
| ### API Extensions | |||
There was a problem hiding this comment.
Q: why is this section so far from the Impact of API Extensions section? Is there a reason to seperate them? Does doing so impact readability?
There was a problem hiding this comment.
the impact is in the details part, the listing is here, for easier reviewing.
guidelines/enhancement_template.md
Outdated
| #### Failure Modes | ||
|
|
||
| - describe the possible failure modes of the API extensions | ||
| - describe how a failure or behaviour of the extension will impact the overall cluster health |
There was a problem hiding this comment.
Do we need "or behaviour" here? We're just talking about failure modes no?
There was a problem hiding this comment.
there might be behaviours, like slowing down requests or adding finalizers, that influence cluster health.
guidelines/enhancement_template.md
Outdated
| @@ -265,6 +278,78 @@ enhancement: | |||
| - Will any other components on the node change? For example, changes to CSI, CRI | |||
| or CNI may require updating that component before the kubelet. | |||
|
|
|||
| ### Impact of API Extensions | |||
|
|
|||
| Describe the API extensions here in detail, especially their impact on a cluster: | |||
There was a problem hiding this comment.
As stated above API Extensions is everything impacting APIs: webhooks, finalizers, CRDs.
The effect of a new API field being added should be describe throughout the enhancement discussing that kind of extension of the existing API, no?
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: soltysh The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
| ### API Extensions | ||
|
|
||
| API Extensions are CRDs, admission and conversion webhooks, aggregated API servers, | ||
| finalizers, i.e. those mechanisms that change the OCP API surface and behaviour. |
There was a problem hiding this comment.
I commented on this elsewhere:
#933 (comment)
but at least one of these things (CRDs) is really not like the others, in terms of the "impacts that need to be considered".
Since this update to the template seems primarily concerned with the effects/implications of webhooks, aggregated apiservers, and finalizers, can we remove CRDs (and by implication, updates to existing CRDs or other api types) from this list of what an "api extension" is?
I think the other guidance in this template will make more sense for people writing EPs, if it is clear it does not apply to adding or changing a CRD.
There was a problem hiding this comment.
(I think a future update to this template that covered "stuff to think about when adding/updating an api" would also be welcome, but i don't want to hold this up waiting for that. That update would include things like "are you going to have an instance of this resource in every namespace? that is a bad idea" and "what is the rbac model for this new api type?")
There was a problem hiding this comment.
CRDs certainly have less operation impact. But listing them is a good idea IMO.
I fear a little that we have to try to keep the balance. We can add more and more to stop certain common mistakes from happening. But the risk is that ppl neglect certain sections because there are just too many. I notice this a lot with the risk, test and version skew section at the bottom. Often they are not seriously filled in.
There was a problem hiding this comment.
can we give more guidance about when those sections are applicable? my fear is that someone adding a new CRD is going to have no idea what to put in the "SLI" section (i don't really know what we'd expect them to put there)
There was a problem hiding this comment.
added few examples for CRDs.
| @@ -8,6 +8,8 @@ reviewers: | |||
| approvers: | |||
| - TBD | |||
| - "@oscardoe" | |||
| api-approvers: | |||
| - TBD | |||
There was a problem hiding this comment.
We're planning to change the way we list reviewers generally, to include the scope of review being requested and other details to help the final approver ensure that all areas are covered. I think we can address the question of how to find people for different types of reviews as part of that change.
|
@dhellmann @bparees what is missing from your side to get this merged? |
sttts
force-pushed
the
sttts-api-extensions-template
branch
from
d6c03fc
to
8d07520
Compare
I'm happy with this draft. |
|
i still feel like most of what is being asked for in the new sections isn't applicable if you're "only" adding a new CRD (or adding a field to one), but i won't hold this up over it, we can see how teams do at filling it out and then iterate. |
|
/lgtm |
I don't disagree. The reason is probably that CRDs have less impact on operations. Webhooks are much more critiical. |
Implement the enhancement template part of #908.