Skip to content

Commit

Permalink
Migrate Admission Controller Validation to CEL
Browse files Browse the repository at this point in the history 
Signed-off-by: Omer Aplatony <[email protected]>
  • Loading branch information
@omerap12
omerap12 committed Jan 14, 2025
1 parent 5cd491a commit b60d176
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 32 deletions.
13 changes: 13 additions & 0 deletions vertical-pod-autoscaler/deploy/vpa-v1-crd-gen.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -302,6 +302,7 @@ spec:
- name
type: object
type: array
maxItems: 1
resourcePolicy:
description: |-
Controls how the autoscaler computes recommended resources.
Expand All @@ -325,6 +326,7 @@ spec:
case the policy is used by the containers that don't have their own
policy specified.
type: string
maxLength: 253
controlledResources:
description: |-
Specifies the type of recommendations that will be computed
Expand All @@ -334,6 +336,7 @@ spec:
description: ResourceName is the name identifying various
resources in a ResourceList.
type: string
enum: ['RequestsAndLimits', 'RequestsOnly']
type: array
controlledValues:
description: |-
Expand Down Expand Up @@ -373,7 +376,13 @@ spec:
- "Off"
type: string
type: object
x-kubernetes-validations:
- rule: "size(self.containerName) > 0"
message: "ContainerName cannot be empty"
- rule: "!has(self.mode) || !has(self.controlledValues) || self.mode != 'Off' || self.controlledValues != 'RequestsAndLimits'"
message: "ControlledValues shouldn't be specified if container scaling mode is off"
type: array
maxItems: 100
type: object
targetRef:
description: |-
Expand Down Expand Up @@ -460,7 +469,11 @@ spec:
- Recreate
- Auto
type: string
default: "Auto"
type: object
x-kubernetes-validations:
- rule: "!has(self.minReplicas) || self.minReplicas > 0"
message: "MinReplicas has to be positive"
required:
- targetRef
type: object
Expand Down
32 changes: 0 additions & 32 deletions vertical-pod-autoscaler/pkg/admission-controller/resource/vpa/handler.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,25 +112,8 @@ func parseVPA(raw []byte) (*vpa_types.VerticalPodAutoscaler, error) {

// ValidateVPA checks the correctness of VPA Spec and returns an error if there is a problem.
func ValidateVPA(vpa *vpa_types.VerticalPodAutoscaler, isCreate bool) error {
if vpa.Spec.UpdatePolicy != nil {
mode := vpa.Spec.UpdatePolicy.UpdateMode
if mode == nil {
return fmt.Errorf("UpdateMode is required if UpdatePolicy is used")
}
if _, found := possibleUpdateModes[*mode]; !found {
return fmt.Errorf("unexpected UpdateMode value %s", *mode)
}

if minReplicas := vpa.Spec.UpdatePolicy.MinReplicas; minReplicas != nil && *minReplicas <= 0 {
return fmt.Errorf("MinReplicas has to be positive, got %v", *minReplicas)
}
}

if vpa.Spec.ResourcePolicy != nil {
for _, policy := range vpa.Spec.ResourcePolicy.ContainerPolicies {
if policy.ContainerName == "" {
return fmt.Errorf("ContainerPolicies.ContainerName is required")
}
mode := policy.Mode
if mode != nil {
if _, found := possibleScalingModes[*mode]; !found {
Expand All @@ -152,23 +135,8 @@ func ValidateVPA(vpa *vpa_types.VerticalPodAutoscaler, isCreate bool) error {
return fmt.Errorf("MaxAllowed: %v", err)
}
}
ControlledValues := policy.ControlledValues
if mode != nil && ControlledValues != nil {
if *mode == vpa_types.ContainerScalingModeOff && *ControlledValues == vpa_types.ContainerControlledValuesRequestsAndLimits {
return fmt.Errorf("ControlledValues shouldn't be specified if container scaling mode is off.")
}
}
}
}

if isCreate && vpa.Spec.TargetRef == nil {
return fmt.Errorf("TargetRef is required. If you're using v1beta1 version of the API, please migrate to v1")
}

if len(vpa.Spec.Recommenders) > 1 {
return fmt.Errorf("The current version of VPA object shouldn't specify more than one recommenders.")
}

return nil
}

Expand Down

0 comments on commit b60d176

Please sign in to comment.