Skip to content

Commit 9483496

Browse files
cici37cici37
committed
Updates on resource constraints.
1 parent aa4a1c6 commit 9483496

File tree

1 file changed

+6
-6
lines changed
  • keps/sig-api-machinery/3488-cel-admission-control

1 file changed

+6
-6
lines changed

keps/sig-api-machinery/3488-cel-admission-control/README.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1165,7 +1165,7 @@ Constraints](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api
11651165

11661166
- CEL estimated cost limits
11671167
- CEL runtime cost limits
1168-
- Go context cancelation as a way of halting CEL execution if the request
1168+
- Go context cancellation as a way of halting CEL execution if the request
11691169
context is canceled for any reason.
11701170

11711171
Estimated cost is, unfortunately, not something we can offer for admission with
@@ -1174,19 +1174,19 @@ Constraints](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api
11741174
for the same cases where we provide informational type checking, in which case
11751175
we can report any cost limit violations in the same way we report type checking
11761176
violations. Note that for built-in types, where `max{Length,Items,Properties}`
1177-
value valiations are not available, estimated cost calculations will not be
1178-
nearly as helpful or actionable. I recommend we do not attempt any estimated
1179-
cost calculations on built-in types until the value validations are available.
1177+
value validations are not available, estimated cost calculations will not be
1178+
nearly as helpful or actionable. We do not plan to enforce any estimated
1179+
cost calculations on ValidatingAdmissionPolicy.
11801180

1181-
Runtime cost limits can should be established and enforced. Exceeding the cost
1181+
Runtime cost limits should be established and enforced. Exceeding the cost
11821182
limit will trigger the `FailurePolicy`, so this will need to be documented, but
11831183
unlike webhooks, runtime cost is deterministic (it is purely a function of the
11841184
input data and the CEL expression and is independent of underlying hardware or
11851185
system load), making it less of a concern for control plane availability than
11861186
webhook timeouts.
11871187

11881188
The request's Go context will be passed in to all CEL evaluations such that
1189-
cancelation halts CEL evaluation, if, for any reason, the context is canceled.
1189+
cancellation halts CEL evaluation, if, for any reason, the context is canceled.
11901190

11911191
#### Safety Features
11921192

0 commit comments

Comments
 (0)