⚠️ types conversions from review

[grokspawn]

Fixes #1146
Replaces #1171

Description

Reviewer Checklist

• API Go Documentation
• Tests: Unit Tests (and E2E Tests, if appropriate)
• Comprehensive Commit Messages
• Links to related GitHub Issue(s)

[netlify]

✅ Deploy Preview for olmv1 ready!

Name	Link
🔨 Latest commit	86d2e02
🔍 Latest deploy log	https://app.netlify.com/sites/olmv1/deploys/66df389e600fad0008e3a616
😎 Deploy Preview	https://deploy-preview-1223--olmv1.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[grokspawn]

The original intent of #1146 is to make the PreflightConfig optional, but if present, to require that at least one of the preflight types has been provided (this currently is a set consisting only of CRDUpgradeSafetyPreflightConfig).

In order to enforce the 'any of' check for valid preflight types, the PreflightConfig field in ClusterExtensionInstallConfig had to remain an optional/pointer.

This CEL is a result of the decision to enforce at least one valid preflight type is present IFF the PreflightConfig is present.

[everettraven]

I recently ran into an issue when playing around with CEL in a CRD that came back saying that I had exceeded the CEL cost budget. I haven't been able to find if this is a cost budget for the entire CRD or an individual CEL expression but realizing that there even is one made me think that we are better off using the anyOf field in the CRD to enforce the "at least one of" clause (to limit the use of CEL to only where it is absolutely necessary).

Maybe @joelanford has some thoughts on this?

[everettraven]

Unfortunately there is no controller-gen support for automatically creating the anyOf, oneOf, etc. directives but maybe that is something we could try to contribute in the future?

[joelanford]

Oh yeah, if this is an area that we need "at least one" semantics and that's what anyOf does, let's do that instead.

[joelanford]

Example in rukpak that may help (it uses oneOf, not anyOf, but I assume it is otherwise an example of what we want to do.

https://github.com/operator-framework/rukpak/blob/5ffcfff615566f3a1a482a5f6649cd3e07f2427f/manifests/base/apis/crds/patches/bundledeployment_validation.yaml#L9-L20

[grokspawn]

Aside from preferential semantics, what's the difference between has(self.crdUpgradeSafety) || has(self.NewType || ... and anyOf? It feels like the only real difference is manual vs controller-gen maintenance.

[everettraven]

I think the biggest difference is there is no "cost budget" associated with the anyOf. That being said, I just played around with chaining has(...) OR statements in https://playcel.undistro.io/ and it doesn't look like there is a cost budget increase for the chaining and it stays statically at a cost of 1.

My original concern was that as the subset of fields grew so would our cost of evaluation, but that seems to not be the case.

With that in mind, I'm OK with CEL going in if you feel that we should use CEL here @grokspawn

[grokspawn]

The runtime-cost-budget suggest that the intent is to avoid runaway evaluation costs.
The resource use by validation functions says specifically

You are unlikely to encounter issues with the resource budget for validation if you only specify rules that always take the same amount of time regardless of how large their input is.

I don't believe that the anyOf approach has(self.property) [|| has(self.property2)... || has(self.propertyN)] suffers from a non-linear cost (internally, this should refer to a limited sequence of nil pointer checks with early escape), so I don't think that this rises to the level of something that we'd want to maintain via kustomize patch instead (with accompanying maxItems, maxProperties, maxLength presumably).

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 76.53%. Comparing base (f8c9077) to head (86d2e02).
Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1223   +/-   ##
=======================================
  Coverage   76.53%   76.53%           
=======================================
  Files          40       40           
  Lines        2340     2340           
=======================================
  Hits         1791     1791           
  Misses        392      392           
  Partials      157      157           

Flag	Coverage Δ
e2e	57.64% <ø> (ø)
unit	52.47% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[perdasilva]

/lgtm

[openshift-ci]

New changes are detected. LGTM label has been removed.