Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] add 'safe' slug scheme #744

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

[WIP] add 'safe' slug scheme #744

wants to merge 1 commit into from

Conversation

minrk
Copy link
Member

@minrk minrk commented Jun 8, 2023

closes #737
closes #498

implements scheme described here.

  • always produces valid values
  • uses names, etc. as-is, when valid (no more -2d)
  • uses stripped name--hash when needed
  • new behavior is opt-in for backward-compatibility via KubeSpawner.slug_scheme = 'safe'

Potential issues to address:

  • escaping is applied to the final template result, rather than individual strings. This ensures correct values, but means the hash is a function of the full template string, not just the username (or servername). Dealing with length is tricky if we need to hash bits at a time.
  • Not everything is a kubernetes field, e.g. working directory should probably get special handling? It has different rules than the label fields
  • a breaking change for users to change schemes (just like changing the template config), but at least we don't make the change for them

Opened early as a demo for discussion, not tested yet.

@minrk
add 'safe' slug scheme
7bac57c 
- always produces valid values
- uses names, etc. as-is, when valid
- uses stripped name--hash when needed
minrk
minrk commented Jun 8, 2023
View reviewed changes
kubespawner/slugs.py
return True


def is_valid_object_name(s):
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function ended up not being used because instead of multiple is_valid args, is_valid_default is used, which validates the subset of object names and labels (same as object name with max length of 63 instead of 255)

@yuvipanda yuvipanda mentioned this pull request Sep 7, 2023
Open
@Ph0tonic
Copy link

Hi,
Any status on this PR ? It would be great to have this merged, can I help with it ?
Thanks

Ph0tonic
Ph0tonic reviewed Jan 16, 2024
View reviewed changes
Copy link

@Ph0tonic Ph0tonic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few suggestions an questions.

kubespawner/spawner.py
rendered = template.format(
userid=self.user.id,
username=safe_username,
username=username,
escaped_username=safe_username,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we really need this extra parameter ?

kubespawner/spawner.py
unescaped_servername=raw_servername,
escaped_servername=safe_servername,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same, do we really need this extra parameter ?

kubespawner/spawner.py
@@ -1809,18 +1836,32 @@ def _expand_user_properties(self, template):
safe_username = escapism.escape(
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we remove this legacy_escaped_username now, as it is not used anymore ?

kubespawner/spawner.py
Comment on lines +1845 to +1846
username = safe_username
servername = safe_servername
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we could also move the code generating username and servername inside the if, we do not need to compute these steps if we are not using this non safe slug.

@Ph0tonic
Copy link

Ph0tonic commented Apr 9, 2024

Hi,
Any status update on this PR ? May I help with anything ?
\cc @minrk

@manics manics mentioned this pull request Apr 24, 2024
Merged
@consideRatio consideRatio mentioned this pull request Apr 28, 2024
Open
@consideRatio
Copy link
Member

consideRatio commented May 4, 2024
edited

@minrk I looked at this in order to help nudge it towards merge, but I see that its a very breaking PR to enable this for an existing hub as for example pvc_name is gets changed.

        if self.enable_user_namespaces:
            self.namespace = self._expand_user_properties(self.user_namespace_template)
        self.pod_name = self._expand_user_properties(self.pod_name_template)
        self.dns_name = self.dns_name_template.format(namespace=self.namespace, name=self.pod_name)
        self.secret_name = self._expand_user_properties(self.secret_name_template)
        self.pvc_name = self._expand_user_properties(self.pvc_name_template)
        if self.working_dir:
            self.working_dir = self._expand_user_properties(self.working_dir)

The changes to the labels are far less breaking as it won't affect kubespawner/z2jh/binderhub/grafana-dashboards etc - and only be breaking for external software considering the labels.

I'm not landing in a concrete action point here, just summarizing this realization.

@minrk
Copy link
Member Author

minrk commented May 6, 2024

@consideRatio yeah, I think that's exactly why I didn't finish this. I think the new scheme is fine and works better, but figuring out the transition is the hard part.

@Ph0tonic Ph0tonic mentioned this pull request May 6, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ph0tonic Ph0tonic Ph0tonic left review comments

Assignees
No one assigned
Labels
new
Projects
None yet
Milestone
No milestone
3 participants
@minrk @Ph0tonic @consideRatio