-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[TEP-0091] add KMS field #5891
[TEP-0091] add KMS field #5891
Conversation
Skipping CI for Draft Pull Request. |
25ec971
to
4387863
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Is there a tracking issue we can associate this with? |
Yes! I have this issue to track all the PRs and milestones |
4387863
to
085f468
Compare
/retest |
085f468
to
4481093
Compare
/retest |
@@ -95,7 +95,7 @@ func TestVerificationPolicy_Invalid(t *testing.T) { | |||
}, | |||
}, | |||
}, | |||
want: apis.ErrMissingOneOf("key[0].data", "key[0].secretref"), | |||
want: apis.ErrMissingOneOf("data", "kms", "secretref").ViaFieldIndex("key", 0), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we make these test cases less fragile? If the given error changes in the implementation, this test will start failing. Maybe there's a way to untie them such that the test case is less fragile?
For example, what if someone has good reason to change the case from kms
to KMS
in the implementation -- as written, they now have to change the test code as well -- but this is not a functional change, it's just a change in the error message. Can we test for functional change instead of error message?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This comment also applies to the ordering of the error message in index 0
. Can we be order-independent such that the test remains valid even if the order of validation changes in the implementation?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is how we return err for validation in current code base, take this for example:
pipeline/pkg/apis/pipeline/v1beta1/pipelineref_validation.go
Lines 37 to 54 in 17b705c
if ref.Name != "" { | |
errs = errs.Also(apis.ErrMultipleOneOf("name", "resolver")) | |
} | |
if ref.Bundle != "" { | |
errs = errs.Also(apis.ErrMultipleOneOf("bundle", "resolver")) | |
} | |
} | |
if ref.Params != nil { | |
if ref.Name != "" { | |
errs = errs.Also(apis.ErrMultipleOneOf("name", "params")) | |
} | |
if ref.Bundle != "" { | |
errs = errs.Also(apis.ErrMultipleOneOf("bundle", "params")) | |
} | |
if ref.Resolver == "" { | |
errs = errs.Also(apis.ErrMissingField("resolver")) | |
} | |
errs = errs.Also(ValidateParameters(ctx, ref.Params)) |
I think we should keep it consistent until we want to change them all
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I almost have the opposite take from Bendory-- I often give the feedback he is giving, but here I think it actually makes sense to include the text of the error message rather than apis.ErrMultipleOneOf
. The reason is that sometimes these helper functions can lead to confusing error message strings, and you don't really realize what output the user is actually seeing until it's reflected in a test. This does have the downside of brittle tests, though.
Re: consistency, I think the section you're referring to is in non-test code, while the comment David is making is a separate point about brittleness of tests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I almost have the opposite take from Bendory-- I often give the feedback he is giving, but here I think it actually makes sense to include the text of the error message rather than
apis.ErrMultipleOneOf
. The reason is that sometimes these helper functions can lead to confusing error message strings, and you don't really realize what output the user is actually seeing until it's reflected in a test. This does have the downside of brittle tests, though.Re: consistency, I think the section you're referring to is in non-test code, while the comment David is making is a separate point about brittleness of tests.
Are you suggesting we should avoid using apis.ErrMissingOneOf
?. It seems convenient and also used a lot in other validation functions. https://github.com/tektoncd/pipeline/search?q=apis.ErrMissingOneOf
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Only in tests. For example, in #5673 I noted a confusing error message "expected exactly one, got both: spec.taskRef.name, spec.taskRef.params, spec.taskRef.resolver", which comes from ErrMultipleOneOf
. These helpers are super useful in validation code but in tests IMO it's useful to be able to see the string error message the user encounters so you can check that it's not confusing.
The downside as David pointed out is that if you change "kms" in the code to "KMS", your tests will fail, but not in a way that gives you useful signal about the code. (The comment about indexing here I'm not sure I agree with, since the "0" refers to the index of the problematic field in the test data rather than an artifact of validation ordering.)
I may be going more in depth than is necessary; feel free to use your best judgment here although I'd just note our tests aren't actually that consistent (example)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ohh I see your point. Thanks!
72a590b
to
634649c
Compare
/test pull-tekton-pipeline-go-coverage-df |
@chitrangpatel: The specified target(s) for
The following commands are available to trigger optional jobs:
Use In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
634649c
to
387c0d2
Compare
387c0d2
to
0203a59
Compare
@@ -95,7 +95,7 @@ func TestVerificationPolicy_Invalid(t *testing.T) { | |||
}, | |||
}, | |||
}, | |||
want: apis.ErrMissingOneOf("key[0].data", "key[0].secretref"), | |||
want: apis.ErrMissingOneOf("data", "kms", "secretref").ViaFieldIndex("key", 0), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I almost have the opposite take from Bendory-- I often give the feedback he is giving, but here I think it actually makes sense to include the text of the error message rather than apis.ErrMultipleOneOf
. The reason is that sometimes these helper functions can lead to confusing error message strings, and you don't really realize what output the user is actually seeing until it's reflected in a test. This does have the downside of brittle tests, though.
Re: consistency, I think the section you're referring to is in non-test code, while the comment David is making is a separate point about brittleness of tests.
This commit add KMS into v1alpha1.VerificationPolicy and validation. KMS field is used to configure the KMS path and can be used to resolve keys stored in key management system by cloud providers. Before this commit we only support loading keys from file or raw data. Signed-off-by: Yongxuan Zhang yongxuanzhang@google.com
0203a59
to
7ca8a5c
Compare
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dibyom, wlynch The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/lgtm I wouldn't actually use a release note here because you're introducing a field that isn't usable yet, so I'm not sure there's actionable info for users. |
/retest |
Changes
This commit add KMS into v1alpha1.VerificationPolicy and validation. KMS field is used to configure the KMS path and can be used to resolve keys stored in key management system by cloud providers. Before this commit we only support loading keys from file or raw data.
/kind feature
Signed-off-by: Yongxuan Zhang yongxuanzhang@google.com
Submitter Checklist
As the author of this PR, please check off the items in this checklist:
functionality, content, code)
/kind <type>
. Valid types are bug, cleanup, design, documentation, feature, flake, misc, question, tepRelease Notes