Skip to content

add basic plumbing for provider startup checks. #62

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 23, 2025
Merged

add basic plumbing for provider startup checks. #62

merged 1 commit into from
Jul 23, 2025

Conversation

jastang
Copy link
Member

@jastang jastang commented Jul 23, 2025
edited
Loading

Description of your changes

Similar to crossplane-contrib/provider-upjet-aws#1818, this PR proposes a simple approach to enable custom startup checks on the provider by updating the main.go.tmpl. As a concrete example, users may run their workloads in highly regulated environments where the provider should not start if the environment is not properly configured.

This implements the default path, which is a no-op. It uses a combination of an init() hook and go build tags to:

  • minimize code branching (build-time isolation)
  • ensure critical checks run before anything else (fail fast)
  • not require access to additional flags, env, or setup

A (simplified) example of an alternative implementation is building images with a compliance check (e.g. running in a FIPS-enabled host). What that would look like is:

  • add internal/bootcheck/fips.go
    • add the build tags and adjust the default as needed.
         //go:build fips
     // +build fips
  • build the images as before with GO_TAGS=fips to produce images targeting that specific compliance check.

I have:

  • Read and followed Crossplane's [contribution process].
  • Run make reviewable to ensure this PR is ready for review.
  • Added backport release-x.y labels to auto-backport this PR if necessary.

How has this code been tested

local build and install.
[contribution process]: https://git.io/fj2m9

@jastang
add basic plumbing for provider startup checks.
2858a9c 
Signed-off-by: Jason Tang <jason@upbound.io>
@jastang jastang marked this pull request as ready for review July 23, 2025 19:37
@jastang jastang merged commit 4bdc713 into main Jul 23, 2025
8 checks passed
@jastang jastang deleted the bootcheck branch July 23, 2025 20:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeanduplessis jeanduplessis jeanduplessis approved these changes

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar is a code owner

@sergenyalcin sergenyalcin Awaiting requested review from sergenyalcin sergenyalcin is a code owner

@turkenf turkenf Awaiting requested review from turkenf turkenf is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jastang @jeanduplessis