Skip to content

feat: enforce singleton Gpu CR#58

Merged
vrdc-sap merged 2 commits into
kyma-project:mainfrom
vrdc-sap:vr-enforce-singleton-gpu-cr
May 26, 2026
Merged

feat: enforce singleton Gpu CR#58
vrdc-sap merged 2 commits into
kyma-project:mainfrom
vrdc-sap:vr-enforce-singleton-gpu-cr

Conversation

@vrdc-sap
Copy link
Copy Markdown
Collaborator

@vrdc-sap vrdc-sap commented May 25, 2026

Description

Changes proposed in this pull request:

  • enforce singleton Gpu CR

Related issue(s)
Make gpu cr singleton

@hyperspace-insights
Copy link
Copy Markdown
Contributor

hyperspace-insights Bot commented May 25, 2026

Summary

The following content is AI-generated and provides a summary of the pull request:

Enforce Singleton GPU CR

New Feature

✨ Enforces that only a single Gpu custom resource named "gpu" can exist per cluster. This is achieved via a CEL validation rule on the CRD as the primary gate, with an additional controller-side defense-in-depth check for scenarios where CEL admission is not in effect.

Changes

  • api/v1beta1/gpu_types.go: Added a +kubebuilder:validation:XValidation marker to enforce that the Gpu CR name must be "gpu". Updated the type comment to reflect the singleton naming requirement.
  • config/crd/bases/gpu.kyma-project.io_gpus.yaml: Regenerated CRD manifest to include the x-kubernetes-validations rule rejecting any Gpu resource not named "gpu". Updated the description accordingly.
  • internal/controller/gpu_controller.go: Added the expectedCRName = "gpu" constant and a reconciler-side singleton check that marks misnamed CRs with a ForbiddenCRName condition and skips further reconciliation.
  • internal/controller/conditions.go: Added the reasonForbiddenName = "ForbiddenCRName" condition reason constant alongside alignment formatting of existing constants.
  • internal/controller/gpu_controller_test.go: Updated test GPU name from "test-gpu" to "gpu" to match the singleton requirement. Added a new singleton enforcement test verifying that creating a Gpu CR with any other name is rejected with the expected CEL error message.

Jira Issues

GitHub Issues:

  • #55: Make gpu cr singleton
  • 🔄 Regenerate and Update Summary
  • ✏️ Insert as PR Description (deletes this comment)
  • 🗑️ Delete comment
PR Bot Information

Version: 1.20.51

hyperspace-insights[bot]
hyperspace-insights Bot reviewed May 25, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@hyperspace-insights hyperspace-insights Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR is well-structured and achieves its goal cleanly. The one substantive issue posted is that a rogue CR with a finalizer (added manually or through a future code change) could trigger reconcileDelete and invoke Installer.Uninstall, potentially uninstalling the legitimate GPU Operator — the singleton guard needs to be moved above (or merged with) the deletion-timestamp check to fully protect the deletion path.

PR Bot Information

Version: 1.20.51

  • Correlation ID: 00681b13-103c-4d43-9e40-d84d88791988
  • Agent Instructions:
  • LLM: anthropic--claude-4.6-sonnet
  • Event Trigger: pull_request.opened
  • File Content Strategy: Full file content

Comment thread internal/controller/gpu_controller.go
@vrdc-sap vrdc-sap merged commit 4db7a7a into kyma-project:main May 26, 2026
8 checks passed
@vrdc-sap vrdc-sap deleted the vr-enforce-singleton-gpu-cr branch May 26, 2026 11:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hyperspace-insights hyperspace-insights[bot] hyperspace-insights[bot] left review comments

@dusglumac dusglumac dusglumac approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vrdc-sap @dusglumac