Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hardens TestAggregatedAPIServer #110194

Merged
merged 1 commit into from May 25, 2022
Merged

hardens TestAggregatedAPIServer #110194

merged 1 commit into from May 25, 2022

Conversation

p0lyn0mial
Copy link
Contributor

What type of PR is this?

/kind cleanup

What this PR does / why we need it:

Since ClientCAs are provided by client-ca::kube-system::extension-apiserver-authentication::client-ca-file controller
we need to wait until it picks up the configmap (via a lister) before checking the CAs otherwise the response might contain an empty result.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?

NONE

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels May 24, 2022
@k8s-ci-robot
Copy link
Contributor

@p0lyn0mial: This issue is currently awaiting triage.

If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added the needs-priority Indicates a PR lacks a `priority/foo` label and requires one. label May 24, 2022
@p0lyn0mial
Copy link
Contributor Author

/assign @aojea @wojtek-t

@k8s-ci-robot k8s-ci-robot added area/test sig/testing Categorizes an issue or PR as relevant to SIG Testing. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels May 24, 2022
p0lyn0mial
p0lyn0mial commented May 24, 2022
View reviewed changes
test/integration/examples/apiserver_test.go Outdated
// Now we want to verify that the client CA bundles properly reflect the values for the cluster-authentication
firstKubeCANames, err := cert.GetClientCANamesForURL(kubeClientConfig.Host)
var firstKubeCANames []string
err = wait.Poll(200*time.Millisecond, 10*time.Second, func() (done bool, err error) {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm okay with wait.ForeverTestTimeout as well.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like short intervals on active loops, they add a lot of load for little benefit, can we use a time.Second instead?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It depends how fast it generally happens. If it generally takes 100ms, let's make it short so that we don't artifically make tests longer.
If it takes say 1-2s, then those short intervals didn't make sense.

[And yes - please change to ForeverTestTimeout.

@aojea
Copy link
Member

aojea commented May 24, 2022

/approve
just the nit of the interval, we shouldn't be creating so many TCP connections per second because it can exhaust ports (the TCP TIME_WAIT state takes one minute to be able to reuse the port IIRC), but it is all over the framework so 🤷

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 24, 2022
@p0lyn0mial
hardens TestAggregatedAPIServer
c4e337c 
Since ClientCAs are provided by "client-ca::kube-system::extension-apiserver-authentication::client-ca-file" controller
we need to wait until it picks up the configmap (via a lister) before checking the CAs otherwise the response might contain an empty result.
@p0lyn0mial p0lyn0mial force-pushed the hardens-test-aggregated-api-server branch from 2a053b4 to c4e337c Compare May 25, 2022 10:41
@p0lyn0mial
Copy link
Contributor Author

updated, thanks for reviewing!

@wojtek-t
Copy link
Member

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 25, 2022
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aojea, p0lyn0mial, wojtek-t

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 072148d into kubernetes:master May 25, 2022
@k8s-ci-robot k8s-ci-robot added this to the v1.25 milestone May 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wojtek-t wojtek-t wojtek-t left review comments

@aojea aojea Awaiting requested review from aojea

@johnSchnake johnSchnake Awaiting requested review from johnSchnake

Assignees

@aojea aojea

@wojtek-t wojtek-t

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/test cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. release-note-none Denotes a PR that doesn't merit a release note. sig/testing Categorizes an issue or PR as relevant to SIG Testing. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
v1.25
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@p0lyn0mial @k8s-ci-robot @aojea @wojtek-t