New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[windows] Test: Check for failed sandbox pod when testing for RunAsUserName #105943
[windows] Test: Check for failed sandbox pod when testing for RunAsUserName #105943
Conversation
/sig windows |
@jsturtevant: The provided milestone is not valid for this repository. Milestones in this repository: [ Use In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/triage accepted |
"involvedObject.namespace": podInvalid.Namespace, | ||
"reason": events.FailedCreatePodSandBox, | ||
}.AsSelector().String() | ||
hcsschimError := "The user name or password is incorrect." |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a module to get this error string from?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I searched hcsshim and did not find this error, It seems this is coming from the OS and hcsshim is wrapping it.
f5a0039
to
0ba2143
Compare
/milestone v1.23 |
Can we update the PR to also have a test case where only the RunAsUserName for a container is set to an invalid user? |
updated |
/label tide/merge-method-squash |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jsturtevant, marosset The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
…#105943-upstream-release-1.22 Automated cherry pick of #105943: Check for failed sandbox and failed workload containers
What type of PR is this?
/kind failing-test
What this PR does / why we need it:
With Hostprocess CRI updates the podsandbox was passed RunAsUserName to the security context in CRI and containerd (1.6+) was updated to use the CRI sandbox info: containerd/containerd#5865.
This puts the pod into pending state which is expected: #104635 (comment)
Which issue(s) this PR fixes:
Fixes #104635
Special notes for your reviewer:
It was decided to fix the test now, and create a new feature request to add additional information to pod sandbox failures to mark them in failed if the runtime knows it can: #104635 (comment)
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: