-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent double dollar expansion when it is not followed by an actual variable reference #101254
Prevent double dollar expansion when it is not followed by an actual variable reference #101254
Conversation
…variable reference
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA. It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
@MartinKanters: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Welcome @MartinKanters! |
Hi @MartinKanters. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: MartinKanters The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
I signed it |
This PR may require API review. If so, when the changes are ready, complete the pre-review checklist and request an API review. Status of requested reviews is tracked in the API Review project. |
/sig node |
This is not SIG Node. Arch, maybe? /sig architecture |
I'm concerned that this new behavior makes it more difficult to document how a conformant implementation behaves and to clearly express that to people reading that documentation. The existing behavior is simpler and I like simplicity. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This PR does not add many tests for single dollar signs inside environment values etc, and I think it should - that would exercise the code paths being altered.
(those tests would be useful regardless of whether we accept this change, actually)
I think the current documentation is pretty clear as to expected behavior and is therefore incorrect with the current behavior. As a user when reading the current documentation:
I do not expect $ to be escaped by $$. I expect There are currently unit tests that test the escaping of |
Let's make sure that after this merges, we test setting environment variable values to demonstrate what's expected including cases where the final value matches the input. Whether this PR goes through or not, it sounds like a docs clarification would help too. |
I agree with both of you, the documentation is really lacking here. I believe the solution of this PR is the intended (and logical) behavior. I was surprised to see testcases for the, in my opinion, illogical case. For example:
@sftim Do you mean that we should add other tests after this MR is merged, or do you mean that I should add extra unit tests? If so, could you give me a pointer to where I could add them? |
My interest in test cases is from SIG Docs' perspective: I'd like the set of tests to make it unambiguous what the defined behavior is, so that someone reading just the test code could accurately tech-review the related docs. |
I disagree with this change for three reasons:
The only place we are different, I think, is that we don't eat the V in
|
While that might be true that's not really a reason to have this behavior. Make has no relevance to this as far as I can tell so there is no reason to model the behavior after Make.
The change makes it so the escaping only happens when $ is combined with variable syntax (). So a literal $ should be fine? Unless there is a mistake in the change of course, but I don't know Go well enough to tell. It's at least not intended for literal $ to not be allowed.
It's a choice between current behavior that silently breaks applications and a breaking change to existing applications that might apply a workaround for this behavior, agreed. If this change is not allowed due to it being a breaking change, do you have any suggestions for improving the transparency and visibility of this behavior? The only reason we found why this was happening is because we opened a bug report, that's less than ideal. |
I agree with @rouke-broersma . And literal dollars should be fine: https://github.com/kubernetes/kubernetes/pull/101254/files#diff-a211abbb9a984354a16747c2ed3916eb807052dc6a9808089c797e3b117cc147R193-R195. I don't mind too much whether we merge this PR or not, I understand that breaking stuff for existing apps is never fun, but if this does not gets merged we should really try to improve the documentation a lot. It's not clear currently. |
We chose a model and syntax that was "familiar" and simple enough to understand, so it does have relevance. If it is meaningfully different, we have to explain why.
Ahh, I missed that. It's still a breaking change.
If I can rephrase: "It's a choice between current behavior that silently breaks SOME NEW applications and a breaking change to existing applications" Given this choice, I'll take "don't break existing users" every day of the week, and twice on Sunday.
Maybe it's too buried in docs. We can bring it forward more and be clearer on this quiet feature. We could do something like add a Condition or event or something that indicates "expansions were applied", but users would still have to seek this out (e.g. kubectl describe). Let's get creative - when it happened, where did you look? What would have been a good signal? |
If this does turn into primarily a discussion about docs, I recommend opening an actual issue - https://github.com/kubernetes/website/issues/new/choose |
Major versions can contain breaking changes, right? I agree that we should not introduce breaking changes for no reason, but this is a bugfix to me. The docs clearly say If we would have to describe the current behavior, it would become something like this:
For us, it happened when we were using Tekton Pipelines and a user tried to pass a parameter containing two dollar signs (not related to the var syntax). Tekton uses that in the As end users of a product built upon Kubernetes it was really hard to find the root cause. Especially because the docs are inconsistent with the behavior. In the end, I understand that you want to keep this behavior for the sake of not breaking existing users, but I hope that we made it clear that the current behavior is not logical. Especially for people not familiar with Make. |
Since there has never been one, we do not have firm doctrine. You can queue this up for kubernetes v2.0, but there are no plans to make a v2.0
We do have to describe the current behavior. I'm very sympathetic to the idea that this is a bug, but it has existed in the wild for over half a decade. https://www.hyrumslaw.com/
And where would you expect to look to find some feedback about this?
I understand your point, and I am never happy to be forced to keep something We can add technical mechanisms to raise visibility (e.g. events) but ultimately it is mainly a docs bug (and we should do as @sftim suggests) |
I understand, thanks for recognizing that it is/feels like a bug.
In this case you would have to ask the Tekton developers, but when I would encounter it myself, I guess I would start with googling and eventually perhaps end up on the Kubernetes reference documentation. An event which shows up in
I agree. Not sure if I'm able to help soon if at all. I'm quite busy and it doesn't help that I'm not a native speaker. Perhaps you could consider my suggestion in my last comment ;) |
The API-doc changes are in now. Should we close this? |
Sure, fine by me! |
/kind bug
/kind api-change
What this PR does / why we need it:
It prevents the unneeded expansion of double dollars signs when they are not part of a complete variable reference.
#101137
Which issue(s) this PR fixes:
Fixes #101137
Does this PR introduce a user-facing change?