Package Pipeline - Support declaring k8s version as dependency
Feature Request
Why
In some edge cases, Big Bang packages require testing against a specific k8s version. For example, the kyverno-policies
package currently requires a version of k8s that is pre 1.32
, otherwise its package tests will fail on the Upgrade
stage. This undocumented dependency has snuck up on us a couple of times in the last several k8s upgrades, leading to several patch releases of kyverno-policies
being published with SKIP UPGRADE
enabled.
A workaround would be to update the disallow-deprecated-apis
policy before the k8s upgrade takes place that removes the api resource in question. A solution would be to have some kind of process to declare that a package has a dependency on a specific k8s version, or a range of versions.
Proposed Solution
By adding a kubernetes: version: <x.x.x>
constraint to the <package-repo>/tests/dependencies.yaml
file and parsing that in the bigbang-package.yaml
pipeline, we could warn/alert when a package is being tested against an undesired k8s version in our pipelines. The same effect could also be achieved by adding kubeVersion
to package Chart.yaml
files when necessary.
Optionally, we could even take in the kubernetes version declared in dependencies.yaml
and dynamically test packages against the k8s version declared (which could serve as a way to workaround the scenario describe above). The k8s version declared in dependencies.yaml
for each release could also serve as historical reference for what k8s version each version of each package was tested against.
End Goal
Ideally, we want to prevent k8s version changes in the bigbang-package
pipeline from being disruptive to package developers. Before k8s version changes are introduced into the bigbang-package
pipeline, some kind of check must be performed that predicts if a k8s version change would disrupt package developers.