feat: support sidecar initContainers #624
Conversation
|
Thanks @ihor-hrytskiv for the PR and contribution! 😄 @hessjcg is OOO this week, but will review this first thing next week when he is back |
|
Hi, nice work, @ihor-hrytskiv. Thank you for contributing. I would like to suggest a bigger change: Instead of creating a new option in the custom resource for sidecar container, the operator should check the Kubernetes API version. The operator always use InitContainer sidecars if they are supported. I will review the code in more detail over the next few days. I think there may an issue with the logic to maintain the list of ports in use. I'll more review comments soon. -Jonathan |
Hi @hessjcg, thanks, I'll try to add this functionality as soon as possible |
ihor-hrytskiv
force-pushed
the
feat/run-as-initcontainer
branch
from
f78e9dd to
99e4680
Compare
|
Hi @hessjcg, take a look please |
hessjcg
left a comment
hessjcg
left a comment
There was a problem hiding this comment.
Nice work. I pushed a commit that updates the integration tests so that they run on the k8s versions 1.28 and latest. I'm going to work on running the end-to-end tests now.
Makefile
Outdated
|
|
||
| KUSTOMIZE_VERSION=v4.5.2# don't manage with renovate, this repo has non-standard tags | ||
|
|
||
| ENVTEST_K8S_VERSION=1.28.x |
There was a problem hiding this comment.
Instead of hardcoding the envtest k8s version here, let's add new make target go_test_k8s_1_28 which will run the integration tests using K8s 1.28.x.
| nonAuthProxyContainers = append(nonAuthProxyContainers, containers[i]) | ||
| } | ||
| } | ||
| allContainers := append(podSpec.Containers, podSpec.InitContainers...) |
@hessjcg We no longer run integration tests on forks due to the security issues with the So there are two options here:
|
|
@jackwotherspoon, Good point. I'm going to run the e2e tests in my dev environment, and if they pass, then I will merge and monitor the e2e tests on main. I would like to build a way to run e2e tests on PRs again, but that will have to wait. |
|
E2E tests passed: E2E Test Github Action. I'm going to approve and merge this PR. |
|
After upgrading to version 1.6.0, I got a lot of runtime validation errors on startup ( I'm using istio and maybe this is the case, since the deployment is modified several times. Especially since csql tries to start the first istio-init container, before istio-init. The new approach doesn't work like that right away. UPD. My hypothesis turned out to be correct. After disabling Istio, the proxy container was up properly. I think we should let the user choose the mode of operation himself, as it was in the first commit (sidecarType) ... |
|
@utmaks Thanks for raising this! 😄 Do you mind creating a new issue on this repo so we can get this addressed and fixed. Thanks in advance. |
4 participants
This is a proposal to solve the issue #381. If you approve this design, or if we choose another, I will write tests to cover the code.