Skip to content

Provider side namespace management #345

Merged
mjudeikis merged 4 commits into
kbind-dev:mainfrom
mjudeikis:mjudeikis/provider.side.namespace
Oct 21, 2025
Merged

Provider side namespace management #345
mjudeikis merged 4 commits into
kbind-dev:mainfrom
mjudeikis:mjudeikis/provider.side.namespace

Conversation

@mjudeikis

@mjudeikis mjudeikis commented Oct 20, 2025

Copy link
Copy Markdown
Contributor

Summary

This PR adds namespace management for the provider side, allowing the pre-creation and ownership of APIServiceNamespace on the provider side. Allows cases where the namespace does not exist on the consumer side but needs to be seeded from the provider.

In addition fixex few reconcile bugs where konnector was stuck.

What Type of PR Is This?

/kind feature
/kind bug

Related Issue(s)

Fixes #

Release Notes

Add provider-side namespace management. 

Summary by CodeRabbit

  • New Features

    • Added a namespaces field to APIServiceExportRequest to declare associated namespaces; each entry requires a name.
    • Namespaces are immutable after creation to ensure stable configuration.
    • Field available in both v1alpha1 and v1alpha2.
  • Chores

    • Updated the published schema version for APIServiceExportRequest; v1alpha2 is now stored by the API machinery.

@mjudeikis mjudeikis requested a review from a team as a code owner October 20, 2025 11:21
@coderabbitai

coderabbitai Bot commented Oct 20, 2025

Copy link
Copy Markdown

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (8)
  • backend/controllers/clusterbinding/clusterbinding_controller.go is excluded by none and included by none
  • backend/controllers/serviceexportrequest/serviceexportrequest_reconcile.go is excluded by none and included by none
  • backend/controllers/servicenamespace/servicenamespace_reconcile.go is excluded by none and included by none
  • contrib/kcp/README.md is excluded by none and included by none
  • pkg/konnector/controllers/cluster/namespacelifecycle/namespacelifecycle_controller.go is excluded by none and included by none
  • pkg/konnector/controllers/cluster/serviceexport/spec/spec_controller.go is excluded by none and included by none
  • test/e2e/bind/happy-case_test.go is excluded by none and included by none
  • test/e2e/framework/kcp.go is excluded by none and included by none

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

📝 Walkthrough

Walkthrough

Added an immutable namespaces array field to the APIServiceExportRequest spec for v1alpha1 and v1alpha2 across CRD and APIResourceSchema files; updated an APIExport schema reference version and set v1alpha2 as storage=true in one schema file. (≤50 words)

Changes

Cohort / File(s) Summary
APIServiceExportRequest APIResourceSchema updates
contrib/kcp/deploy/resources/apiresourceschema-apiserviceexportrequests.kube-bind.io.yaml
Added spec.properties.namespaces for v1alpha1 and v1alpha2: array of objects with required name (string) and descriptions. Added x-kubernetes-validations rule enforcing immutability (self == oldSelf). Set v1alpha2 storage: true (v1alpha1 remains storage: false).
APIServiceExportRequest CRD updates
deploy/crd/kube-bind.io_apiserviceexportrequests.yaml
Added spec.properties.namespaces for v1alpha1 and v1alpha2 with items as objects requiring name (string), descriptive text, and an immutability validation (self == oldSelf). No other schema behavior changes.
APIExport schema reference update
contrib/kcp/deploy/resources/apiexport-kube-bind.io.yaml
Updated APIExport schema reference for apiserviceexportrequests from v250929-62fc678.apiserviceexportrequests.kube-bind.io to v251020-7892cc6.apiserviceexportrequests.kube-bind.io. No other edits.

Sequence Diagram(s)

(No sequence diagrams generated — changes are schema/manifest updates without control-flow or runtime behavior modifications.)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20–30 minutes

Possibly related PRs

  • Update docs for v0.5 #324 — Related changes to kube-bind API resource schemas and APIExport schema references; likely touches the same schema/versioning areas.

Suggested reviewers

  • xrstf
  • moadqassem

Poem

Namespaces declared, steadfast in their place,
Schema updated with precise, immutable grace.
Versions aligned; a reference moved along,
Manifests tidy, concise, and strong.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Title Check ✅ Passed The pull request title "Provider side namespace management" directly aligns with the core changes in this pull request. The changeset adds a new namespaces field to the APIServiceExportRequest custom resource definition across both v1alpha1 and v1alpha2 versions, with immutability validation rules and supporting schema updates. This precisely matches the title's description of provider-side namespace management. The title is concise, specific, and avoids vague terminology, making it clear for teammates scanning the repository history.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.
Description Check ✅ Passed The pull request description follows the required template structure and includes all primary sections: Summary, What Type of PR Is This (with appropriate /kind tags), Related Issue(s), and Release Notes. The Summary section provides clear context about the feature being added (provider-side namespace management) and mentions associated bug fixes. The PR is properly tagged as both /kind feature and /kind bug, and includes a meaningful release note rather than leaving it as "NONE". The description is substantive and communicates the intent of the changes. The only minor issue is that the Related Issue(s) section shows "Fixes #" without an actual issue number, but this does not significantly detract from the overall completeness of the description.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mjudeikis mjudeikis force-pushed the mjudeikis/provider.side.namespace branch from 147a35b to ac02a91 Compare October 20, 2025 14:00

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 10c28b8 and ac02a91.

⛔ Files ignored due to path filters (14)
  • backend/controllers/serviceexport/serviceexport_controller.go is excluded by none and included by none
  • backend/controllers/serviceexport/serviceexport_reconcile.go is excluded by none and included by none
  • backend/controllers/serviceexportrequest/serviceexportrequest_reconcile.go is excluded by none and included by none
  • backend/controllers/servicenamespace/servicenamespace_reconcile.go is excluded by none and included by none
  • backend/server.go is excluded by none and included by none
  • contrib/kcp/README.md is excluded by none and included by none
  • pkg/konnector/controllers/cluster/claimedresources/claimedresources_reconciler.go is excluded by none and included by none
  • pkg/konnector/controllers/cluster/cluster_controller.go is excluded by none and included by none
  • pkg/konnector/controllers/cluster/namespacelifecycle/namespacelifecycle_controller.go is excluded by none and included by none
  • sdk/apis/kubebind/v1alpha2/apiserviceexport_types.go is excluded by none and included by none
  • sdk/apis/kubebind/v1alpha2/apiserviceexportrequest_types.go is excluded by none and included by none
  • sdk/apis/kubebind/v1alpha2/helpers/namespaces.go is excluded by none and included by none
  • sdk/apis/kubebind/v1alpha2/zz_generated.deepcopy.go is excluded by none and included by none
  • test/e2e/bind/happy-case_test.go is excluded by none and included by none
📒 Files selected for processing (2)
  • contrib/kcp/deploy/resources/apiresourceschema-apiserviceexportrequests.kube-bind.io.yaml (1 hunks)
  • deploy/crd/kube-bind.io_apiserviceexportrequests.yaml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: lint
  • GitHub Check: go-test-e2e
🔇 Additional comments (1)
deploy/crd/kube-bind.io_apiserviceexportrequests.yaml (1)

215-233: Verify the schema versioning strategy for the new namespaces field.

The namespaces field is present only in v1alpha2 (lines 215–233), while v1alpha1 (line 175) remains unchanged and continues to be served. Since v1alpha1 is still marked served: true, clients using the v1alpha1 API will not have access to the new namespaces field. Confirm that this is the intended behavior and does not break existing client expectations.

If v1alpha1 clients should also support the namespaces field, add it to the v1alpha1 schema as well (around line 101).

Also applies to: 175-175, 457-457

Comment thread deploy/crd/kube-bind.io_apiserviceexportrequests.yaml
Signed-off-by: Mangirdas Judeikis <mangirdas@judeikis.lt>
On-behalf-of: @SAP mangirdas.judeikis@sap.com
@mjudeikis mjudeikis force-pushed the mjudeikis/provider.side.namespace branch 2 times, most recently from 27c78b5 to 1468d61 Compare October 21, 2025 11:48
@mjudeikis mjudeikis force-pushed the mjudeikis/provider.side.namespace branch from 1468d61 to fa7fd4f Compare October 21, 2025 11:51
Comment thread backend/controllers/clusterbinding/clusterbinding_controller.go
Comment thread backend/controllers/serviceexportrequest/serviceexportrequest_reconcile.go Outdated
Comment thread backend/controllers/serviceexportrequest/serviceexportrequest_reconcile.go Outdated
Comment thread contrib/kcp/README.md Outdated
Comment thread contrib/kcp/README.md Outdated
@mjudeikis mjudeikis force-pushed the mjudeikis/provider.side.namespace branch from 9f53e4a to 6c83acc Compare October 21, 2025 12:54
Comment thread sdk/apis/kubebind/v1alpha2/apiserviceexport_types.go
Comment thread test/e2e/bind/happy-case_test.go Outdated
@mjudeikis mjudeikis force-pushed the mjudeikis/provider.side.namespace branch from 6c83acc to 26aed56 Compare October 21, 2025 13:18
@xrstf

xrstf commented Oct 21, 2025

Copy link
Copy Markdown
Contributor

/lgtm

@xrstf

xrstf commented Oct 21, 2025

Copy link
Copy Markdown
Contributor

/approve

@xrstf xrstf left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm just a Prow boy, living in a Prow world.

@mjudeikis mjudeikis enabled auto-merge (squash) October 21, 2025 13:41
@mjudeikis mjudeikis disabled auto-merge October 21, 2025 15:48
@mjudeikis mjudeikis merged commit a998472 into kbind-dev:main Oct 21, 2025
10 checks passed
@coderabbitai coderabbitai Bot mentioned this pull request Oct 21, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants