From 2e8f61a575821bc50b7824de807a23581e77f4f7 Mon Sep 17 00:00:00 2001 From: Markus Rudy Date: Fri, 12 Jun 2026 13:20:16 +0200 Subject: [PATCH] genpolicy: add missing probe fields This commit adds fields for readiness/liveness/startup probes that were missing so far, and adds probes to the ignored_fields test to ensure these stay supported. None of these fields has an influence on the generated policy, they just allow parsing valid k8s yaml. Co-authored-by: Spyros Seimenis Signed-off-by: Markus Rudy --- src/tools/genpolicy/src/pod.rs | 15 +++++++++++++++ .../createcontainer/ignored_fields/pod.yaml | 18 ++++++++++++++++++ 2 files changed, 33 insertions(+) diff --git a/src/tools/genpolicy/src/pod.rs b/src/tools/genpolicy/src/pod.rs index 5ff1d70c29..09482ed799 100644 --- a/src/tools/genpolicy/src/pod.rs +++ b/src/tools/genpolicy/src/pod.rs @@ -299,6 +299,9 @@ struct Probe { #[serde(skip_serializing_if = "Option::is_none")] periodSeconds: Option, + #[serde(skip_serializing_if = "Option::is_none")] + terminationGracePeriodSeconds: Option, + #[serde(skip_serializing_if = "Option::is_none")] failureThreshold: Option, @@ -310,6 +313,9 @@ struct Probe { #[serde(skip_serializing_if = "Option::is_none")] tcpSocket: Option, + + #[serde(skip_serializing_if = "Option::is_none")] + grpc: Option, // TODO: additional fields. } @@ -322,6 +328,15 @@ struct TCPSocketAction { host: Option, } +/// See Reference / Kubernetes API / Workload Resources / Pod. +#[derive(Clone, Debug, Serialize, Deserialize)] +struct GRPCAction { + port: u16, + + #[serde(skip_serializing_if = "Option::is_none")] + service: Option, +} + /// See Reference / Kubernetes API / Workload Resources / Pod. #[derive(Clone, Debug, Serialize, Deserialize)] struct HTTPGetAction { diff --git a/src/tools/genpolicy/tests/policy/testdata/createcontainer/ignored_fields/pod.yaml b/src/tools/genpolicy/tests/policy/testdata/createcontainer/ignored_fields/pod.yaml index b68cc506c0..cbe5744098 100644 --- a/src/tools/genpolicy/tests/policy/testdata/createcontainer/ignored_fields/pod.yaml +++ b/src/tools/genpolicy/tests/policy/testdata/createcontainer/ignored_fields/pod.yaml @@ -7,6 +7,24 @@ spec: containers: - name: redis image: registry.k8s.io/pause:3.6@sha256:3d380ca8864549e74af4b29c10f9cb0956236dfb01c40ca076fb6c37253234db + readinessProbe: + grpc: + port: 2379 + service: BarService + initialDelaySeconds: 10 + successThreshold: 3 + livenessProbe: + tcpSocket: + host: foo.bar + port: 8080 + periodSeconds: 10 + failureThreshold: 2 + startupProbe: + httpGet: + path: /healthz + port: liveness-port + terminationGracePeriodSeconds: 60 + timeoutSeconds: 10 priority: 1 schedulerName: test-scheduler-name affinity: