Strict mode for certain namespaces
joaoqalves opened this issue · 0 comments
Background
Currently, Noe follows the "Robustness Principle" or Postel's Law:
"Be conservative in what you send, be liberal in what you accept"
Pull request #10 is an instance of that approach. We've traded off a "perfect allocation" of images to the correct node Operating System — and that may even fail at run time — for the convenience of running images whose manifests do not fully inform these fields.
Problem
In some cases, where teams have complete control of the image build process, they want to ensure all their images are multi-architecture compliant. Hence, they prefer to trade off convenience for correctness, and to have all the respective architectures running a specific image.
For cluster operators and teams that provide cluster-wide features, this issue is even more critical.
Proposal
I propose to add a flag to Noe, for a strict mode that requires Operating System and Architecture fields to be present in the manifest. The interface would be a list of namespaces where we want to enforce this strict mode. Example:
--strict role-binding-operator,platform-services