docs: add necessary feature gate information for KEP-5073 - Declarative Validation of K8s Native Types With validation-gen #49732
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
added
the
size/S
👷 Deploy Preview for kubernetes-io-vnext-staging processing.
|
✅ Pull request preview available for checkingBuilt without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
aaron-prindle
force-pushed
the
kep-5073-add-feature-gate-pr
branch
from
f5d6b34 to
5f3a129
Compare
k8s-ci-robot
added
area/blog
aaron-prindle
force-pushed
the
kep-5073-add-feature-gate-pr
branch
2 times, most recently
from
bf7a05d to
5b0e9a8
Compare
k8s-ci-robot
added
size/M
|
Hello @aaron-prindle 👋 please take a look at Documenting for a release - PR Ready for Review to get your PR ready for review before Tuesday 25th March 2025 18:00 PDT. Thank you! |
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
@hacktivist123 thanks for the information here. This PR is ready for review and I have changed the status to such. The docs mention:
I am not sure if our feature has an assigned documentation person, do you happen to know who that might be or if we assign that person? I'm going to tag @sftim for now to attempt to get into a review queue but happy to change it if there is a more appropriate person for review. Thanks! /assign @sftim |
k8s-ci-robot
removed
language/pl
There was a problem hiding this comment.
I think we should merge this PR (which adds descriptions for feature gates) after the docs have merged into the v1.33, so that the feature gate descriptions can link to those docs.
@aaron-prindle do you have plans to write documentation about declarative validation rules? I imagine some will be needed.
| defaultValue: true | ||
| fromVersion: "1.33" | ||
| --- | ||
| Enables running declarative validation of APIs, where declared. When enabled, APIs with |
There was a problem hiding this comment.
Is this in-tree APIs or extension APIs from CRDs or aggregated external APIs or some mix of the other.
There was a problem hiding this comment.
This is for the in-tree APIs that currently have a declarative validation migration/declaration in place (more fields/whole-types will be converted over time in v1.34+). Currently this is ReplicationSet.[Replias|MinReadySeconds]
I've updated the text to state this now (see below), thanks!
Enables declarative validation of in-tree Kubernetes APIs. When enabled, APIs with declarative validation rules (defined using IDL tags in the Go code) will have both the generated declarative validation code and the original hand-written validation code executed. ...
| Enables running declarative validation of APIs, where declared. When enabled, APIs with | ||
| declarative validation rules will validate objects using the generated | ||
| declarative validation code and compare the results to the regular imperative validation. | ||
| See DeclarativeValidationTakeover for more. |
There was a problem hiding this comment.
See DeclarativeValidationTakeover for more.
Change this to a hyperlink to the documentation (which you, or a colleague from the SIG, will need to write).
There was a problem hiding this comment.
I am happy to write this documentation but I am currently a bit confused as I was intending for this to essentially just link to the other feature gate documentation that is already a part of this PR. I have added such a link now:
The original hand-written validation are still the authoritative validations when this is enabled but this can be changed if the DeclarativeValidationTakeover feature gate is enabled in addition to this gate. ...
Can you clarify what we hope for this additional documentation to have? Our current plan was to add more docs for v1.34 as we build out more validators but it is possible to add such docs now as well. Thanks!
...n/docs/reference/command-line-tools-reference/feature-gates/DeclarativeValidationTakeover.md
Outdated
Show resolved
Hide resolved
| defaultValue: false | ||
| fromVersion: "1.33" | ||
| --- | ||
| When enabled, declarative validation errors are returned directly to the caller, |
There was a problem hiding this comment.
Change ”declarative validation“ to a link to the docs for this (which you, or a colleague from the SIG, will need to write).
There was a problem hiding this comment.
I have tentatively pointed this to link to the DeclarativeValidation feature gate file (already a part of this PR). I'm happy to write this additional documentation but our current plan was to add such docs in v1.34 so going to hold off for now as we discuss a bit more
aaron-prindle
force-pushed
the
kep-5073-add-feature-gate-pr
branch
5 times, most recently
from
bf4af71 to
fb7aa40
Compare
k8s-ci-robot
added
size/S
aaron-prindle
force-pushed
the
kep-5073-add-feature-gate-pr
branch
from
fb7aa40 to
64d9c00
Compare
There was not plans to write this documentation for the v1.33 release, initially the idea was to only add the feature gate documentation in v1.33. Declarative Validation is a maintainer+developer facing feature primarily, not an end-user facing feature (it unlocks some end users features but not in the near term). In v1.34 the plan was to add a full set of kubernetes developer facing documentation that explains:
The plan was to do this in v1.34 when we have upstreamed more of the validators to k/k and have documented the plan for how we want developers using declarative validation for new k8s native APIs/fields as well as where we want to focus the k8s dev community on the migration (we are hoping to get the community to aid in the migration and document how they can be most effective) |
aaron-prindle
force-pushed
the
kep-5073-add-feature-gate-pr
branch
from
64d9c00 to
e193bee
Compare
|
/cc @jpbetz |
...n/docs/reference/command-line-tools-reference/feature-gates/DeclarativeValidationTakeover.md
Outdated
Show resolved
Hide resolved
…ve Validation of K8s Native Types With validation-gen
aaron-prindle
force-pushed
the
kep-5073-add-feature-gate-pr
branch
from
e193bee to
fc8270a
Compare
|
/approve |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 3e8bf15161b422ea05926784183524a01d45a8cb
|
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: jpbetz The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@sftim would it be possible to merge the feature gate PR as is for now w/o the additional documentation mentioned? Currently the plan from folks working on Declarative Validation was for additional documentation to land once we have added some additional Validators upstream and then we can document the usage of those additional validators in our initial documentation piece. We plan to add the documentation noted in the comments above in a future PR |
We ask for documentation the first time a feature gate is added, unless the feature gate doesn't have an effect (in which case, usually the project should revert the feature gate in the code). If someone is writing an extension API server, and they want to use this, what do they need to know? We should aim to document a minimum useful level of detail. |
This one is tricky. The feature gate switches the implementation of validation (for only 2 fields in ReplicationController in 1.33). When the feature gates are on there is an additional metric. The feature gate docs plus the metrics docs feel like they explain this reasonably well. The apiserver, as a library, cannot reasonably use it yet because the validation tags implemented are only sufficient for the fields we've migrated so far. I agree with the sentiment that we should document features as we go. I'm struggling a bit to find a somewhere we could write something meaningful. We're adding I was expecting us to do the bulk of declarative validation in the code and in the contrib repository (for guides on how to migrate). Should we introduce a new page for "apiserver development" or "extension apiserver internals"? Does that fit into the website? |
|
I agree that this doesn't seem to need much documentation, but I think it needs some.
Maybe just a stub. We already have https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/ and that page could link to the stub. We don't need any documentation aimed at people contributing to Kubernetes itself (but if we did, it would live within https://k8s.dev/docs/ anyway and not on this site).
|
@sftim - I have submitted a PR to add documentation that addresses the questions in the quoted comment and links this documentation in the suggested page. Link to the PR is here: #50265 |
PR related to docs changes necessary for KEP 5073
KEP Issue: kubernetes/enhancements#5073
KEP PR: kubernetes/enhancements#5074
KEP Implementation PRs:
(related: kubernetes/enhancements#5073 (comment))