Feat: add ValidatingAdmissionPolicy to protect kagenti.io/type label#418
Draft
rh-dnagornuks wants to merge 6 commits into
Draft
Feat: add ValidatingAdmissionPolicy to protect kagenti.io/type label#418rh-dnagornuks wants to merge 6 commits into
rh-dnagornuks wants to merge 6 commits into
Conversation
rh-dnagornuks
force-pushed
the
vap-agent-label
branch
4 times, most recently
from
2d7af7f to
b31dd19
Compare
Adds a ValidatingAdmissionPolicy (agent-label-protection) that prevents manual application of the kagenti.io/type label on Deployments and StatefulSets. Only the operator's service account is allowed to set this label via an AgentRuntime CR. Users who attempt to add the label directly are rejected with a message directing them to create an AgentRuntime instead. The policy allows non-operator users to update workloads that already carry the label as long as they don't change its value. Signed-off-by: Daniels Nagornuks <dnagornu@redhat.com> Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com>
Removes manual kagenti.io/type labels from all E2E test fixtures (echoAgent, noProtoAgent, auditAgent, signedAgent, authBridgeAgent, authBridgeDisabledAgent) and adds AgentRuntime CRs to drive the label via the operator. Each test now deploys the workload without the protected label, creates an AgentRuntime, waits for the operator to apply kagenti.io/type, then proceeds with existing assertions. This aligns E2E tests with the new ValidatingAdmissionPolicy that prevents manual label application. Signed-off-by: Daniels Nagornuks <dnagornu@redhat.com> Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com>
The DefaultsConfigReconciler maintained config-hash annotations on workloads with kagenti.io/type that were not managed by an AgentRuntime CR. With the new ValidatingAdmissionPolicy enforcing that the label can only be set via an AgentRuntime, no unmanaged workloads can exist. The reconciler was effectively a no-op and is now removed along with its tests and the ComputeDefaultsOnlyHash helper. Signed-off-by: Daniels Nagornuks <dnagornu@redhat.com> Assisted-By: Claude (Anthropic AI) <noreply@anthropic.com>
Remove manual kagenti.io/type labeling from docs, samples, and
comments. All examples now use AgentRuntime CRs, matching the
ValidatingAdmissionPolicy that prevents direct label application.
Fix auto-created AgentCard naming to use the {name}-{kind}-card
pattern produced by AgentCardSync.
Signed-off-by: Daniels Nagornuks <dnagornu@redhat.com>
Exempt the kagenti-backend service account and the Helm-deployed operator SA (kagenti-system:controller-manager) from the agent label protection policy. Signed-off-by: Daniels Nagornuks <dnagornu@redhat.com>
Add ValidatingAdmissionPolicy and ValidatingAdmissionPolicyBinding as Helm chart templates. Signed-off-by: Daniels Nagornuks <dnagornu@redhat.com>
rh-dnagornuks
force-pushed
the
vap-agent-label
branch
from
b31dd19 to
3d61116
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The
kagenti.io/typelabel on Deployments and StatefulSets can currently be applied by any user, bypassing the AgentRuntime workflow. This PR adds a ValidatingAdmissionPolicy (VAP) that prevents direct application of the label — only the operator's service account (via the AgentRuntime controller) can set or change it. This enforces the intended enrollment flow: users create an AgentRuntime CR, and the controller applies the label. TheDefaultsConfigReconciler(which handled unmanaged labeled workloads) is removed since the VAP makes that path impossible. Documentation, samples, and E2E tests are updated to reflect the new enforcement.Changes
kagenti.io/typeunless the request is from the operator's service account or the label value is unchanged on an UPDATEkagenti.io/type; tests create an AgentRuntime CR and wait for the operator to apply the label before proceedingComputeDefaultsOnlyHashfunction (no longer reachable with VAP in place)kagenti.io/typefrom skill-discovery sample Deployment metadata{name}-{kind}-cardnaming patterndefaults_config_reconciler.goin controller and fixture commentsTesting
Related Issues
Resolves: RHAIENG-4934
Resolves: RHAIENG-4937
Made with Cursor