Skip to content

⚠️ Rename managedSecurityGroups.allNodesSecurityGroupRules#3155

Open
nikParasyr wants to merge 1 commit into
kubernetes-sigs:mainfrom
nikParasyr:v1beta2_sg
Open

⚠️ Rename managedSecurityGroups.allNodesSecurityGroupRules#3155
nikParasyr wants to merge 1 commit into
kubernetes-sigs:mainfrom
nikParasyr:v1beta2_sg

Conversation

@nikParasyr
Copy link
Copy Markdown
Contributor

@nikParasyr nikParasyr commented Apr 30, 2026

What this PR does / why we need it:
Rename spec.managedSecurityGroups.allNodesSecurityGroupRules to spec.managedSecurityGroups.clusterNodesSecurityGroupRules to clarify that these rules apply only to cluster nodes (control plane and workers), and not to other managed resources such as the bastion host.

Which issue(s) this PR fixes:
Fixes #3055

TODOs:

  • squashed commits
  • if necessary:
    • includes documentation
    • adds unit tests

/hold

@k8s-ci-robot k8s-ci-robot added do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Apr 30, 2026
@k8s-ci-robot k8s-ci-robot requested review from EmilienM and mandre April 30, 2026 15:58
@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 30, 2026
edited
Loading

Deploy Preview for kubernetes-sigs-cluster-api-openstack ready!

Name Link
🔨 Latest commit 72e6f32
🔍 Latest deploy log https://app.netlify.com/projects/kubernetes-sigs-cluster-api-openstack/deploys/6a0178999a027100085f261f
😎 Deploy Preview https://deploy-preview-3155--kubernetes-sigs-cluster-api-openstack.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Apr 30, 2026
@nikParasyr
Copy link
Copy Markdown
Contributor Author

nikParasyr commented May 3, 2026

/retest

@nikParasyr
Copy link
Copy Markdown
Contributor Author

nikParasyr commented May 4, 2026

/cc @lentzi90 @bnallapeta

bnallapeta
bnallapeta suggested changes May 7, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@bnallapeta bnallapeta left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

allNodesSecurityGroupRules

  • the same rename change has to occur in e2e and docs too.

Comment thread pkg/webhooks/openstackcluster_webhook.go Outdated
allErrs = append(allErrs, validateSecurityGroupRulesRemoteMutualExclusion(
msg.AllNodesSecurityGroupRules,
msg.ClusterNodesSecurityGroupRules,
field.NewPath("spec", "managedSecurityGroups", "allNodesSecurityGroupRules"),
Copy link
Copy Markdown
Contributor

@bnallapeta bnallapeta May 7, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need to replace ClusterNodesSecurityGroupRules here too?

Copy link
Copy Markdown
Contributor Author

@nikParasyr nikParasyr May 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe so yes, updated L277 as well to set it correctly.

@nikParasyr
Rename managedSecurityGroups.allNodesSecurityGroupRules
72e6f32 
Rename `spec.managedSecurityGroups.allNodesSecurityGroupRules` to
`spec.managedSecurityGroups.clusterNodesSecurityGroupRules` to
clarify that these rules apply only to cluster nodes (control plane
and workers), and not to other managed resources such as
the bastion host.
@nikParasyr
Copy link
Copy Markdown
Contributor Author

nikParasyr commented May 11, 2026

the same rename change has to occur in e2e and docs too.

@bnallapeta
e2e tests were updated already afaik with the exception of the v1beta1 template.
docs were indeed missing updates which i have now added

@nikParasyr nikParasyr requested a review from bnallapeta May 11, 2026 06:36
@nikParasyr nikParasyr mentioned this pull request May 11, 2026
Open
3 tasks
lentzi90
lentzi90 reviewed May 11, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@lentzi90 lentzi90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@k8s-ci-robot
Copy link
Copy Markdown
Contributor

k8s-ci-robot commented May 11, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lentzi90

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lentzi90 lentzi90 lentzi90 left review comments

@EmilienM EmilienM Awaiting requested review from EmilienM

@mandre mandre Awaiting requested review from mandre

@bnallapeta bnallapeta Awaiting requested review from bnallapeta

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

CAPO Roadmap
Status: Inbox

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

✨ v1beta2: Rename allNodesSecurityGroupRules to indicate that it only applies for control-plane/worker nodes

4 participants

@nikParasyr @k8s-ci-robot @lentzi90 @bnallapeta