Conditions/network crds#1010
Open
SchSeba wants to merge 10 commits intok8snetworkplumbingwg:masterfrom
Open
Conversation
|
Thanks for your PR,
To skip the vendors CIs, Maintainers can use one of:
|
Summary of ChangesHello @SchSeba, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly improves the observability and operational transparency of the SR-IOV Network Operator by integrating standard Kubernetes Conditions into the status of its Custom Resource Definitions. This change provides a consistent, machine-readable way for users and automated systems to monitor the health, progress, and state of network configurations, aligning the operator with Kubernetes best practices for API object status management. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a significant improvement by adding standard Kubernetes conditions to the network CRDs, which greatly enhances observability and aligns with best practices. The implementation is well-structured, introducing a new status package for handling condition updates and providing comprehensive tests. I've found one issue in the generic network controller that could lead to incorrect status reporting after a resource is successfully created.
SchSeba
added a commit
to SchSeba/sriov-network-operator-1
that referenced
this pull request
Jan 11, 2026
After successfully creating a NetworkAttachmentDefinition, the controller was incorrectly calling updateConditions with nadFound=false, which set the status to 'waiting for namespace' instead of 'ready'. This fix: 1. Changes nadFound from false to true after successful NAD creation 2. Changes err to nil (since there's no error on success) 3. Adds a unit test that specifically verifies conditions are set to Ready=True immediately after NAD creation The bug was reported by Gemini code review on PR k8snetworkplumbingwg#1010. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
zeeke
reviewed
Jan 15, 2026
Member
zeeke
left a comment
zeeke
left a comment
There was a problem hiding this comment.
Left a few comments
This work makes the operator way more usable!
Comment on lines
189
to
237
| // SetCondition sets a condition with the given type, status, reason, and message | ||
| func (p *Patcher) SetCondition(conditions *[]metav1.Condition, conditionType string, status metav1.ConditionStatus, reason, message string, generation int64) { | ||
| condition := metav1.Condition{ | ||
| Type: conditionType, | ||
| Status: status, | ||
| Reason: reason, | ||
| Message: message, | ||
| ObservedGeneration: generation, | ||
| } | ||
| meta.SetStatusCondition(conditions, condition) | ||
| } | ||
|
|
||
| // IsConditionTrue checks if a condition exists and has status True | ||
| func (p *Patcher) IsConditionTrue(conditions []metav1.Condition, conditionType string) bool { | ||
| condition := meta.FindStatusCondition(conditions, conditionType) | ||
| return condition != nil && condition.Status == metav1.ConditionTrue | ||
| } | ||
|
|
||
| // IsConditionFalse checks if a condition exists and has status False | ||
| func (p *Patcher) IsConditionFalse(conditions []metav1.Condition, conditionType string) bool { | ||
| condition := meta.FindStatusCondition(conditions, conditionType) | ||
| return condition != nil && condition.Status == metav1.ConditionFalse | ||
| } | ||
|
|
||
| // IsConditionUnknown checks if a condition exists and has status Unknown | ||
| func (p *Patcher) IsConditionUnknown(conditions []metav1.Condition, conditionType string) bool { | ||
| condition := meta.FindStatusCondition(conditions, conditionType) | ||
| return condition != nil && condition.Status == metav1.ConditionUnknown | ||
| } | ||
|
|
||
| // FindCondition returns the condition with the given type, or nil if not found | ||
| func (p *Patcher) FindCondition(conditions []metav1.Condition, conditionType string) *metav1.Condition { | ||
| return meta.FindStatusCondition(conditions, conditionType) | ||
| } | ||
|
|
||
| // RemoveCondition removes the condition with the given type | ||
| func (p *Patcher) RemoveCondition(conditions *[]metav1.Condition, conditionType string) { | ||
| meta.RemoveStatusCondition(conditions, conditionType) | ||
| } | ||
|
|
||
| // HasConditionChanged checks if the new condition differs from the existing one | ||
| // Returns true if the condition doesn't exist or if status, reason, or message differ | ||
| func (p *Patcher) HasConditionChanged(conditions []metav1.Condition, conditionType string, status metav1.ConditionStatus, reason, message string) bool { | ||
| existing := meta.FindStatusCondition(conditions, conditionType) | ||
| if existing == nil { | ||
| return true | ||
| } | ||
| return existing.Status != status || existing.Reason != reason || existing.Message != message | ||
| } |
Member
There was a problem hiding this comment.
can we remove these methods from the patcher object and interface?
They can live as public utility functions, making the interface with fewer methods
pkg/status/transitions.go
Outdated
Comment on lines
63
to
65
| if t.OldStatus == metav1.ConditionTrue && t.NewStatus != metav1.ConditionTrue { | ||
| return EventTypeWarning | ||
| } |
Member
There was a problem hiding this comment.
this assumption might be too greedy:
conditions like ConditionDrainDegraded or DrainProcessing are ok to go from True -> False.
Collaborator
Author
There was a problem hiding this comment.
agree but I am not sure what is a better solution
- remove this event transition state
- move it to just Normal so it gets recorded
let me know what do you think and what you prefer
Member
There was a problem hiding this comment.
I'd go with EventTypeNormal for the moment. Then we can discuss about moving some events to warning later, in a subsequent PR
test/conformance/tests/fixtures.go
Outdated
Comment on lines
82
to
86
| func assertCondition(obj runtimeclient.Object, name, namespace, conditionType string, expectedStatus metav1.ConditionStatus) { | ||
| EventuallyWithOffset(1, func(g Gomega) { | ||
| err := clients.Get(context.Background(), | ||
| runtimeclient.ObjectKey{Name: name, Namespace: namespace}, obj) | ||
| g.Expect(err).ToNot(HaveOccurred()) |
Member
There was a problem hiding this comment.
what about removing name and namespace parameters and passing a valid obj?
Suggested change
| func assertCondition(obj runtimeclient.Object, name, namespace, conditionType string, expectedStatus metav1.ConditionStatus) { | |
| EventuallyWithOffset(1, func(g Gomega) { | |
| err := clients.Get(context.Background(), | |
| runtimeclient.ObjectKey{Name: name, Namespace: namespace}, obj) | |
| g.Expect(err).ToNot(HaveOccurred()) | |
| func assertCondition(obj runtimeclient.Object, conditionType string, expectedStatus metav1.ConditionStatus) { | |
| EventuallyWithOffset(1, func(g Gomega) { | |
| err := clients.Get(context.Background(), | |
| runtimeclient.ObjectKey{Name: obj.GetName(), Namespace: obj.GetNamespace()}, obj) | |
| g.Expect(err).ToNot(HaveOccurred()) |
SchSeba
force-pushed
the
conditions/network-crds
branch
from
8cbead0 to
76ef320
Compare
Pull Request Test Coverage Report for Build 22137972464Details
💛 - Coveralls |
Collaborator
Author
|
Hi @adrianchiris @zeeke when you have time please make another review |
Signed-off-by: Sebastian Sch <sebassch@gmail.com>
Add foundational condition support for SR-IOV Network Operator CRDs: - Define standard condition types (Ready, Progressing, Degraded) - Define drain-specific condition types (DrainProgressing, DrainDegraded, DrainComplete) - Add DrainState enum for tracking drain operation states - Add common condition reasons for various states - Add NetworkStatus type with Conditions field for network CRDs - Add ConditionsEqual helper for comparing conditions ignoring LastTransitionTime - Add SetConfigurationConditions and SetDrainConditions methods - Add comprehensive unit tests for condition handling This follows the Kubernetes API conventions for status conditions and provides the foundation for observability improvements across all SR-IOV CRDs. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
added a commit
to SchSeba/sriov-network-operator-1
that referenced
this pull request
Feb 18, 2026
After successfully creating a NetworkAttachmentDefinition, the controller was incorrectly calling updateConditions with nadFound=false, which set the status to 'waiting for namespace' instead of 'ready'. This fix: 1. Changes nadFound from false to true after successful NAD creation 2. Changes err to nil (since there's no error on success) 3. Adds a unit test that specifically verifies conditions are set to Ready=True immediately after NAD creation The bug was reported by Gemini code review on PR k8snetworkplumbingwg#1010. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
force-pushed
the
conditions/network-crds
branch
from
76ef320 to
ac21d5c
Compare
SchSeba
added a commit
to SchSeba/sriov-network-operator-1
that referenced
this pull request
Feb 18, 2026
After successfully creating a NetworkAttachmentDefinition, the controller was incorrectly calling updateConditions with nadFound=false, which set the status to 'waiting for namespace' instead of 'ready'. This fix: 1. Changes nadFound from false to true after successful NAD creation 2. Changes err to nil (since there's no error on success) 3. Adds a unit test that specifically verifies conditions are set to Ready=True immediately after NAD creation The bug was reported by Gemini code review on PR k8snetworkplumbingwg#1010. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
force-pushed
the
conditions/network-crds
branch
from
ac21d5c to
313f8b1
Compare
SchSeba
added a commit
to SchSeba/sriov-network-operator-1
that referenced
this pull request
Feb 18, 2026
After successfully creating a NetworkAttachmentDefinition, the controller was incorrectly calling updateConditions with nadFound=false, which set the status to 'waiting for namespace' instead of 'ready'. This fix: 1. Changes nadFound from false to true after successful NAD creation 2. Changes err to nil (since there's no error on success) 3. Adds a unit test that specifically verifies conditions are set to Ready=True immediately after NAD creation The bug was reported by Gemini code review on PR k8snetworkplumbingwg#1010. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
force-pushed
the
conditions/network-crds
branch
from
313f8b1 to
b390c64
Compare
Add a new status package with utilities for managing CRD status updates: Patcher (patcher.go): - Provides retry logic for status updates with conflict handling - Supports both Update and Patch operations - Includes UpdateStatusWithEvents for automatic event emission - Embeds condition management methods for convenience - Uses interface for easy mocking in tests Transitions (transitions.go): - DetectTransitions compares old and new conditions - Returns structured Transition objects for each change - EventType() method returns appropriate event type (Normal/Warning) - EventReason() generates suitable event reason strings - Supports Added, Changed, Removed, and Unchanged transitions Tests: - Comprehensive unit tests for patcher operations - Tests for transition detection logic - Tests for event type and reason generation This package provides a reusable foundation for consistent status handling across all controllers in the operator. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
Update network CRD status types to include Kubernetes conditions: Network CRDs (SriovNetwork, SriovIBNetwork, OVSNetwork): - Embed NetworkStatus with Conditions field - Add kubebuilder printcolumns for Ready and Degraded status All conditions follow Kubernetes conventions with patchMergeKey and listType annotations for proper strategic merge patch support. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
Integrate condition management into network CRD controllers: Generic Network Controller: - Add StatusPatcher dependency for condition management - Add updateConditions method to set Ready/Degraded conditions - Set Ready=True, Degraded=False on successful NAD provisioning - Set Ready=False, Degraded=True when namespace not found - Set Ready=False, Degraded=True on provisioning failures - Handle ownership conflicts with appropriate conditions SriovNetwork, SriovIBNetwork, OVSNetwork Controllers: - Add StatusPatcher field to each controller - Pass StatusPatcher to generic reconciler - Add Get/SetConditions methods to helper.go for each type Tests: - Add condition tests for all three network types - Test Ready/Degraded states for successful provisioning - Test degraded states for missing namespaces - Test observedGeneration consistency - Test ownership conflict detection - Test cross-namespace targeting restrictions Signed-off-by: Sebastian Sch <sebassch@gmail.com>
Add condition assertions to conformance tests for network CRDs: Fixtures: - Add assertCondition helper for verifying condition status - Support SriovNetwork type validation Operator Tests (test_sriov_operator.go): - Verify SriovNetwork Ready=True after provisioning - Verify SriovNetwork Degraded=False when healthy - Add condition checks for various network configurations - Add condition validation for trust and spoofChk settings These tests ensure conditions are correctly set during real cluster operations and validate the end-to-end observability improvements. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
Update the kubernetes-conditions-integration.md design document to reflect the actual implementation details: - Add SriovNetworkNodePolicy as a supported CRD - Add drain-specific conditions (DrainProgressing, DrainDegraded, DrainComplete) - Document all condition reasons with actual constant names - Add NetworkStatus shared type used by network CRDs - Document pkg/status package with Patcher interface and transition detection - Add ConditionsEqual helper function documentation - Update API extension examples with actual struct definitions - Add matchedNodeCount/readyNodeCount to Policy and PoolConfig status - Add kubectl output examples showing new columns - Update implementation commits list - Mark document status as 'implemented' Signed-off-by: Sebastian Sch <sebassch@gmail.com>
- Remove SriovNetworkNodeState condition helpers from helper.go (not needed for network branch) - Remove unused import in helper.go - Remove SriovNetworkNodeState tests from conditions_test.go - Add findCondition helper to suite_test.go - Fix fixtures.go to only support SriovNetwork type - Regenerate CRDs and deepcopy for network types Signed-off-by: Sebastian Sch <sebassch@gmail.com>
The network controllers (SriovNetwork, SriovIBNetwork, OVSNetwork) were not receiving the StatusPatcher when created in main.go. This caused conditions to never be set on network CRDs, leading to E2E test failures. Fix by creating a globalStatusPatcher and passing it to all network controllers during initialization. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
After successfully creating a NetworkAttachmentDefinition, the controller was incorrectly calling updateConditions with nadFound=false, which set the status to 'waiting for namespace' instead of 'ready'. This fix: 1. Changes nadFound from false to true after successful NAD creation 2. Changes err to nil (since there's no error on success) 3. Adds a unit test that specifically verifies conditions are set to Ready=True immediately after NAD creation The bug was reported by Gemini code review on PR k8snetworkplumbingwg#1010. Signed-off-by: Sebastian Sch <sebassch@gmail.com>
SchSeba
force-pushed
the
conditions/network-crds
branch
from
b390c64 to
d520d6d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.