Run Gateway API conformance with admission webhook
Closed this issue · 1 comments
Problem statement
Currently, KIC runs Gateway API conformance tests by running the KIC process locally with admission webhook disabled, ref:
kubernetes-ingress-controller/Makefile
Lines 381 to 393 in e7b3048
This might cause some objects to be rejected but not caught in tests.
This in turn can be caught in KGO's conformance tests because it deploys KIC (ControlPlane) with admission webhook enabled.
Exemplar failures in KGO conformance suite caused by this issue:
=== RUN TestGatewayConformance/HTTPRouteInvalidBackendRefUnknownKind
conformance.go:64: 2024-05-29T11:09:25.315046+02:00: Applying tests/httproute-invalid-backendref-unknown-kind.yaml
apply.go:273: 2024-05-29T11:09:25.318422+02:00: Creating invalid-backend-ref-unknown-kind HTTPRoute
apply.go:275:
Error Trace: /Users/patryk.malek@konghq.com/.gvm/pkgsets/go1.22.3/global/pkg/mod/sigs.k8s.io/gateway-api@v1.1.0/conformance/utils/kubernetes/apply.go:275
/Users/patryk.malek@konghq.com/.gvm/pkgsets/go1.22.3/global/pkg/mod/sigs.k8s.io/gateway-api@v1.1.0/conformance/utils/suite/conformance.go:65
/Users/patryk.malek@konghq.com/.gvm/pkgsets/go1.22.3/global/pkg/mod/sigs.k8s.io/gateway-api@v1.1.0/conformance/utils/suite/suite.go:391
Error: Received unexpected error:
admission webhook "httproutes.validation.ingress-controller.konghq.com" denied the request: HTTPRoute spec did not pass validation: rules[0].backendRefs[0]: unknownkind.example.com is not a supported group for httproute backendRefs, only core is supported
Test: TestGatewayConformance/HTTPRouteInvalidBackendRefUnknownKind
Messages: error creating resource
--- FAIL: TestGatewayConformance/HTTPRouteInvalidBackendRefUnknownKind (0.01s)
Proposed solution
Enable admission webhook when running KIC's Gateway API conformance tests.
After a decision made today on sync meeting, we're not going to go this way. Gateway API conformance suite will remain running without the webhook as the validation rules in admission webhook are here to stay.