mockkubeapiserver: Refactor storage to be pluggable

[justinsb]

This helps if we want e.g. to capture all the objects easily.

[yuwenma]

Since we found a data race in the previous memorystorage, can we try go test -race and validate the new change passes the data race? (I think so because we keep the storage mutex in each CRUD method)

[yuwenma]

Just curious, why do we want to setup the generation here?
I saw it is optional and in k-d-p there seems to be also no specific logic around generation.

[justinsb]

Good question :-) I think I added it because otherwise kstatus will not consider the deployment ready (which makes our golden tests unhappy / means that they don't converge)

[yuwenma]

Ah, makes sense.

[yuwenma]

good to learn this label!

[justinsb]

Yeah, I think it is legacy, but ... it's there. I think we prefer field selectors now: https://kubernetes.io/docs/concepts/overview/working-with-objects/field-selectors/

Only a handful of fieldSelectors are implemented for some objects (though I think it would be cool if we supported arbitrary CEL expressions). fieldSelector for metadata.name is implemented everywhere I believe, because that is how we can watch one object (you can only pass the watch parameter to LIST requests, IIRC)

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: justinsb, yuwenma

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [justinsb]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[yuwenma]

I like this style in storage, and the hook (I misread the rationale of Hook until seeing the "CRDHook")

[yuwenma]

What is the expected behavior of "delete CRD". Is this for the case when CRD belongs to a versioned manifest?

[justinsb]

If a CRD is deleted, we should unregister it from the apiserver, so it isn't discoverable, you can't query it etc. That's ... not implemented yet!

[yuwenma]

I missed the atomic in the previous review. This is cool.

[justinsb]

Yes, in general it's premature optimization vs sync.Mutex, but here I find it more ergonomic (as well as being possibly more efficient)

[yuwenma]

Just to make sure I understand the code correctly: this "ADDED" is a no-op and here we mainly use the watchCallback (next line), right?

[justinsb]

This is the "real" watch code, the hooks are a sort of "fast-path built-in watch". When you start a watch with kube-apiserver with resourceVersion unspecified, you get a synthetic ADDED event for every object that exists at that time.

It's actually a streaming LIST (which is otherwise missing from kube), and a little more efficient on the client (at least) in terms of memory, because you only have to process one object at a time, instead of a whole page of objects. The downside is that it's hard to tell when the initial LIST is over, and you have all the objects. In the past few versions of kube-apiserver, they added a bookmark notification when the initial list was completed, which is how you can tell. Maybe I should add bookmark notifications :-) More info here: https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/3157-watch-list/README.md

[yuwenma]

/lgtm