Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate outputs for describe versus get of Kyverno resources #1221

Closed
chipzoller opened this issue Oct 30, 2020 · 3 comments
Closed

Separate outputs for describe versus get of Kyverno resources #1221

chipzoller opened this issue Oct 30, 2020 · 3 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@chipzoller
Copy link
Contributor

chipzoller commented Oct 30, 2020
edited
Loading

Is your feature request related to a problem? Please describe.
In Kubernetes, the command describe is typically a flattened output of a given resource where a get -o yaml fetches the entire resource definition in the API server. In the current case, the outputs of, example, kubectl describe cpol require-labels is almost identical to kubectl get cpol require-labels -o yaml. The describe command should produce more concise, condensed output which can be used to more easily understand the object.

Describe

$ k describe cpol require-labels
 
Name:         require-labels
Namespace:
Labels:       <none>
Annotations:  pod-policies.kyverno.io/autogen-controllers: DaemonSet,Deployment,Job,StatefulSet,CronJob
API Version:  kyverno.io/v1
Kind:         ClusterPolicy
Metadata:
  Creation Timestamp:  2020-10-30T14:56:57Z
  Generation:          1
  Managed Fields:
    API Version:  kyverno.io/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:spec:
        .:
        f:validationFailureAction:
    Manager:      kubectl-create
    Operation:    Update
    Time:         2020-10-30T14:56:57Z
    API Version:  kyverno.io/v1
    Fields Type:  FieldsV1
    fieldsV1:
      f:spec:
        f:rules:
      f:status:
        .:
        f:averageExecutionTime:
        f:resourcesBlockedCount:
        f:ruleStatus:
        f:rulesAppliedCount:
        f:rulesFailedCount:
    Manager:         kyverno
    Operation:       Update
    Time:            2020-10-30T16:41:28Z
  Resource Version:  12825
  Self Link:         /apis/kyverno.io/v1/clusterpolicies/require-labels
  UID:               4dd344fc-90a5-4434-9296-90c558717f43
Spec:
  Background:  true
  Rules:
    Match:
      Resources:
        Kinds:
          Pod
    Name:  check-for-labels
    Validate:
      Message:  label `app.kubernetes.io/name` is required
      Pattern:
        Metadata:
          Labels:
            app.kubernetes.io/name:  ?*
    Match:
      Resources:
        Kinds:
          DaemonSet
          Deployment
          Job
          StatefulSet
    Name:  autogen-check-for-labels
    Validate:
      Message:  label `app.kubernetes.io/name` is required
      Pattern:
        Spec:
          Template:
            Metadata:
              Labels:
                app.kubernetes.io/name:  ?*
    Match:
      Resources:
        Kinds:
          CronJob
    Name:  autogen-cronjob-check-for-labels
    Validate:
      Message:  label `app.kubernetes.io/name` is required
      Pattern:
        Spec:
          Job Template:
            Spec:
              Template:
                Metadata:
                  Labels:
                    app.kubernetes.io/name:  ?*
  Validation Failure Action:                 enforce
Status:
  Average Execution Time:   2.66695ms
  Resources Blocked Count:  3
  Rule Status:
    Average Execution Time:   2.55995ms
    Failed Count:             2
    Resources Blocked Count:  2
    Rule Name:                autogen-check-for-labels
    Applied Count:            2
    Average Execution Time:   107µs
    Failed Count:             1
    Resources Blocked Count:  1
    Rule Name:                check-for-labels
  Rules Applied Count:        2
  Rules Failed Count:         3
Events:                       <none>

Get

$ k get cpol require-labels -o yaml

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  annotations:
    pod-policies.kyverno.io/autogen-controllers: DaemonSet,Deployment,Job,StatefulSet,CronJob
  creationTimestamp: "2020-10-30T14:56:57Z"
  generation: 1
  managedFields:
  - apiVersion: kyverno.io/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:spec:
        .: {}
        f:validationFailureAction: {}
    manager: kubectl-create
    operation: Update
    time: "2020-10-30T14:56:57Z"
  - apiVersion: kyverno.io/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:spec:
        f:rules: {}
      f:status:
        .: {}
        f:averageExecutionTime: {}
        f:resourcesBlockedCount: {}
        f:ruleStatus: {}
        f:rulesAppliedCount: {}
        f:rulesFailedCount: {}
    manager: kyverno
    operation: Update
    time: "2020-10-30T16:38:28Z"
  name: require-labels
  resourceVersion: "12499"
  selfLink: /apis/kyverno.io/v1/clusterpolicies/require-labels
  uid: 4dd344fc-90a5-4434-9296-90c558717f43
spec:
  background: true
  rules:
  - match:
      resources:
        kinds:
        - Pod
    name: check-for-labels
    validate:
      message: label `app.kubernetes.io/name` is required
      pattern:
        metadata:
          labels:
            app.kubernetes.io/name: ?*
  - match:
      resources:
        kinds:
        - DaemonSet
        - Deployment
        - Job
        - StatefulSet
    name: autogen-check-for-labels
    validate:
      message: label `app.kubernetes.io/name` is required
      pattern:
        spec:
          template:
            metadata:
              labels:
                app.kubernetes.io/name: ?*
  - match:
      resources:
        kinds:
        - CronJob
    name: autogen-cronjob-check-for-labels
    validate:
      message: label `app.kubernetes.io/name` is required
      pattern:
        spec:
          jobTemplate:
            spec:
              template:
                metadata:
                  labels:
                    app.kubernetes.io/name: ?*
  validationFailureAction: enforce
status:
  averageExecutionTime: 2.66695ms
  resourcesBlockedCount: 3
  ruleStatus:
  - averageExecutionTime: 2.55995ms
    failedCount: 2
    resourcesBlockedCount: 2
    ruleName: autogen-check-for-labels
  - appliedCount: 2
    averageExecutionTime: 107µs
    failedCount: 1
    resourcesBlockedCount: 1
    ruleName: check-for-labels
  rulesAppliedCount: 2
  rulesFailedCount: 3

Describe the solution you'd like
Consider providing a more condensed output for the describe of a resource which is far less verbose than printing the full API definition of said resource.

Additional context
For comparison, check out the difference between the format of a describe command and a get -o yaml command of the same Service resource.

Describe

$ k -n kyverno describe svc/kyverno-svc
Name:              kyverno-svc
Namespace:         kyverno
Labels:            app.kubernetes.io/instance=kyverno
                   app.kubernetes.io/managed-by=Helm
                   app.kubernetes.io/name=kyverno
                   helm.sh/chart=kyverno-1.2.1
Annotations:       meta.helm.sh/release-name: kyverno
                   meta.helm.sh/release-namespace: kyverno
Selector:          app.kubernetes.io/instance=kyverno,app.kubernetes.io/name=kyverno
Type:              ClusterIP
IP:                10.101.226.187
Port:              https  443/TCP
TargetPort:        https/TCP
Endpoints:         10.1.0.6:9443
Session Affinity:  None
Events:            <none>

Get

$  k -n kyverno get svc/kyverno-svc -o yaml
apiVersion: v1
kind: Service
metadata:
  annotations:
    meta.helm.sh/release-name: kyverno
    meta.helm.sh/release-namespace: kyverno
  creationTimestamp: "2020-10-30T14:37:06Z"
  labels:
    app.kubernetes.io/instance: kyverno
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: kyverno
    helm.sh/chart: kyverno-1.2.1
  managedFields:
  - apiVersion: v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:meta.helm.sh/release-name: {}
          f:meta.helm.sh/release-namespace: {}
        f:labels:
          .: {}
          f:app.kubernetes.io/instance: {}
          f:app.kubernetes.io/managed-by: {}
          f:app.kubernetes.io/name: {}
          f:helm.sh/chart: {}
      f:spec:
        f:ports:
          .: {}
          k:{"port":443,"protocol":"TCP"}:
            .: {}
            f:name: {}
            f:port: {}
            f:protocol: {}
            f:targetPort: {}
        f:selector:
          .: {}
          f:app.kubernetes.io/instance: {}
          f:app.kubernetes.io/name: {}
        f:sessionAffinity: {}
        f:type: {}
    manager: Go-http-client
    operation: Update
    time: "2020-10-30T14:37:06Z"
  name: kyverno-svc
  namespace: kyverno
  resourceVersion: "4825"
  selfLink: /api/v1/namespaces/kyverno/services/kyverno-svc
  uid: fd084dcb-cc46-4136-a22b-5753b673cf1a
spec:
  clusterIP: 10.101.226.187
  ports:
  - name: https
    port: 443
    protocol: TCP
    targetPort: https
  selector:
    app.kubernetes.io/instance: kyverno
    app.kubernetes.io/name: kyverno
  sessionAffinity: None
  type: ClusterIP
status:
  loadBalancer: {}
@chipzoller chipzoller added the enhancement New feature or request label Oct 30, 2020
@JimBugwadia JimBugwadia added the help wanted Extra attention is needed label Nov 3, 2020
@JimBugwadia
Copy link
Member

The requirements are clear, but we need to check if there is a way to do this for CRDs:

Here are some related issues to investigate:

kubernetes/kubernetes#76789
kubernetes/enhancements#515

@chipzoller
Copy link
Contributor Author

Is this valuable enough to keep or should we just close?

@chipzoller
Copy link
Contributor Author

Close for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JimBugwadia @chipzoller