Generate OpenAPI schemas for all CRDs using controller-gen#3340
Open
ferrohd wants to merge 3 commits intotektoncd:mainfrom
Open
Generate OpenAPI schemas for all CRDs using controller-gen#3340ferrohd wants to merge 3 commits intotektoncd:mainfrom
ferrohd wants to merge 3 commits intotektoncd:mainfrom
Conversation
Add controller-gen / kubebuilder markers to all 15 CRD root types and their list types so that controller-gen can produce fully-typed OpenAPI v3 schemas instead of the current bare x-kubernetes-preserve-unknown-fields. Markers added per root type: +kubebuilder:object:root=true +kubebuilder:resource:scope=Cluster (with shortName where applicable) +kubebuilder:subresource:status +kubebuilder:printcolumn (Version, Ready, Reason) Escape-hatch fields that embed full k8s API types or opaque external types are annotated with PreserveUnknownFields + Schemaless to keep the generated CRD size manageable: - AdditionalOptions (Deployments, ConfigMaps, StatefulSets, HPAs) - TektonInstallerSet manifests (mf.Slice / unstructured) - TektonPrunerConfig (external pruner config) - SchedulerConfig (external kueue config) The custom BoolValue type is annotated with +kubebuilder:validation:Type=string.
Add controller-gen v0.17.3 as a Makefile-managed tool binary alongside
ko and kustomize, with two new targets:
make generate-crds - runs controller-gen to produce CRD YAMLs from
Go types into config/base/generated-crds/
make sync-helm-crds - runs generate-crds then hack/sync-helm-crds.sh
hack/sync-helm-crds.sh takes the generated CRDs, injects the standard
version/release labels, copies them to config/{base,kubernetes/base,
openshift/base}/ with copyright headers, and assembles the Helm chart
kubernetes-crds.yaml / openshift-crds.yaml with their respective
{{- if }} conditionals.
Output of 'make sync-helm-crds' using the markers and toolchain from
the previous commits.
Every CRD now carries a typed spec/status schema derived from the Go
structs instead of the previous bare:
openAPIV3Schema:
type: object
x-kubernetes-preserve-unknown-fields: true
This enables server-side validation, kubectl explain, IDE autocompletion
and proper field pruning for all operator.tekton.dev resources.
Files updated:
- config/base/generated-crds/ (raw controller-gen output)
- config/base/300-*_crd.yaml (kustomize source-of-truth, 12 CRDs)
- config/kubernetes/base/300-* (dashboard CRD)
- config/openshift/base/300-* (addon + OPAC CRDs)
- charts/tekton-operator/templates/ (Helm chart, 13 k8s + 14 ocp CRDs)
tekton-robot
added
the
release-note
Contributor
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
tekton-robot
added
the
size/XXL
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes
Replace the hand-written CRDs that used a bare
x-kubernetes-preserve-unknown-fields: truewith nospec/statusschema, with fully-typed OpenAPI v3 schemas generated from the Go types usingcontroller-gen.Problem: Every CRD in this project had no resource metadata defined — just
type: objectwith preserve-unknown-fields. This meant no server-side validation, nokubectl explain, no IDE autocompletion, and no field pruning.Solution: Use
controller-gento generate proper schemas from the existing Go types (which are already richly typed), then sync them into the config/ directories and Helm chart.Commit breakdown
Add kubebuilder markers to CRD Go types: Adds
+kubebuilder:object:root,+kubebuilder:resource:scope=Cluster,+kubebuilder:subresource:status, and+kubebuilder:printcolumnmarkers to all 15 root types and list types. Escape-hatch fields that embed full k8s API types (AdditionalOptions, mf.Slice, external configs) are marked withPreserveUnknownFields + Schemalessto keep CRD size manageable.Add controller-gen toolchain and CRD sync script: Adds
controller-genv0.17.3 to the Makefile (make generate-crds,make sync-helm-crds) and ahack/sync-helm-crds.shscript that syncs generated CRDs intoconfig/{base,kubernetes/base,openshift/base}/and assembles the Helm chart CRD template files with proper conditionals and labels.Regenerate CRD manifests: Mechanical output of
make sync-helm-crds. All 15 CRDs now carry typed spec/status schemas.What this enables
kubectl explain: users can discover the API from the CLINotes
AdditionalOptionsfields (Deployments, ConfigMaps, StatefulSets, HPAs) and a few external types (pruner config, scheduler config, mf.Slice manifests) retainx-kubernetes-preserve-unknown-fieldssince they intentionally accept arbitrary k8s objects.Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
make test lintbefore submitting a PRSee the contribution guide for more details.
Release Notes