CRD Controller

[joejulian]

The whole CRD landscape is so fraught with potential problems. See helm/community/hips/hip-0011 for a verbose and well written description of them.

I'd like to propose a CRD admission controller that's responsible for ensuring safe migrations. It could do things like:

• query the api server metrics to see what GVKs are in use and reject removals of apis that are in use
• compare field changes to reject incompatible changes within a version
• reject CRD upgrades that would delete instances of that GVK
• reject CRDs that reference a conversion webhook where that webhook service is not ready
• reject CRDs that change the storage version without defining a conversion webhook

Each of these rules could be overridden in some way (probably annotations).

With that safety net in place, a crd-controller that performs crd maintenance using the same gitops patterns as the rest of the flux toolset would seem more in line with the philosophies of fluxcd.