Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix changes to immutable RBAC in Azure CSI #13250

Merged
merged 1 commit into from
Apr 11, 2024
Merged

Fix changes to immutable RBAC in Azure CSI #13250

merged 1 commit into from
Apr 11, 2024

Conversation

xrstf
Copy link
Contributor

@xrstf xrstf commented Apr 8, 2024
edited
Loading

What this PR does / why we need it:
In KKP 2.25 we updated the Azure CSI addon and thereby also fixed the ClusterRole name.

  • We added the Azure CSI in Add Azure CSI drivers (Azure Disk & Azure File) #10049, where the ClusterRole was still named csi-azuredisk-node-secret-role upstream and in KKP.
  • Update Azure CCM/CSI #11969 then updated the Azure CSI from 1.18 to 1.27 and even though I updated the source URL, I forgot to also update the RBAC fules. Upstream the ClusterRole was now named csi-azuredisk-node-role. Not updating the RBAC at least kept the addon apply-able.
  • In Support Kubernetes 1.29 #12936 I then finally updated all the manifests, introducing the breaking change to the ClusterRoleBinding.

This PR also fixes the migration logic for vsphere/hetzner, where currently both were tied to the same annotation check, meaning vSphere clusters would be migrated over and over again.

What type of PR is this?
/kind bug
/kind regression

Does this PR introduce a user-facing change? Then add your Release Note here:

Fix `csi` Addon not applying cleanly on Azure user clusters that were created with KKP <= 2.24.

Documentation:

NONE

@kubermatic-bot kubermatic-bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. dco-signoff: yes Denotes that all commits in the pull request have the valid DCO signoff message. do-not-merge/docs-needed Indicates that a PR should not merge because it's missing one of the documentation labels. sig/app-management Denotes a PR or issue as being assigned to SIG App Management. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Apr 8, 2024
@embik embik added the backport-needed Denotes a PR or issue that has not been fully backported. label Apr 8, 2024
@kubermatic-bot kubermatic-bot added the sig/cluster-management Denotes a PR or issue as being assigned to SIG Cluster Management. label Apr 8, 2024
@xrstf xrstf force-pushed the fix-azure-csi-addon branch 3 times, most recently from 2961b43 to c7d411b Compare April 8, 2024 16:15
@kubermatic-bot kubermatic-bot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Apr 8, 2024
@kubermatic-bot kubermatic-bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. release-note Denotes a PR that will be considered when it comes time to generate release notes. docs/none Denotes a PR that doesn't need documentation (changes). and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. do-not-merge/docs-needed Indicates that a PR should not merge because it's missing one of the documentation labels. labels Apr 9, 2024
@xrstf xrstf self-assigned this Apr 9, 2024
@xrstf xrstf changed the title WIP - Fix azure csi addon WIP - Fix changes to immutable RBAC in Azure CSI Apr 9, 2024
@xrstf
Copy link
Contributor Author

xrstf commented Apr 9, 2024

/test pre-kubermatic-e2e-azure-ubuntu-1.29

@xrstf xrstf changed the title WIP - Fix changes to immutable RBAC in Azure CSI Fix changes to immutable RBAC in Azure CSI Apr 9, 2024
@kubermatic-bot kubermatic-bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 9, 2024
@xrstf xrstf requested a review from embik April 10, 2024 08:12
embik
embik approved these changes Apr 11, 2024
View reviewed changes
Copy link
Member

@embik embik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@kubermatic-bot kubermatic-bot added the lgtm Indicates that a PR is ready to be merged. label Apr 11, 2024
@kubermatic-bot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 47e746b8a42e00e7c56df2acce1475240dc10466

@kubermatic-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: embik

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kubermatic-bot kubermatic-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 11, 2024
@kubermatic-bot kubermatic-bot merged commit ff0bc60 into kubermatic:main Apr 11, 2024
20 checks passed
@kubermatic-bot kubermatic-bot added this to the KKP 2.26 milestone Apr 11, 2024
@xrstf xrstf deleted the fix-azure-csi-addon branch April 11, 2024 17:07
@xrstf
Copy link
Contributor Author

xrstf commented Apr 11, 2024

/cherrypick release/v2.25

@kubermatic-bot kubermatic-bot mentioned this pull request Apr 11, 2024
Merged
@kubermatic-bot
Copy link
Contributor

@xrstf: new pull request created: #13283

In response to this:

/cherrypick release/v2.25

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@embik embik embik approved these changes

Assignees

@xrstf xrstf

@embik embik

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-needed Denotes a PR or issue that has not been fully backported. dco-signoff: yes Denotes that all commits in the pull request have the valid DCO signoff message. docs/none Denotes a PR that doesn't need documentation (changes). lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/app-management Denotes a PR or issue as being assigned to SIG App Management. sig/cluster-management Denotes a PR or issue as being assigned to SIG Cluster Management. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
KKP 2.26
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@xrstf @kubermatic-bot @embik