-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Automated cherry pick of #43493 #43776
Automated cherry pick of #43493 #43776
Conversation
The 'parent' PR of a cherry-pick PR must have one of the "release-note" or "release-note-action-required" labels, or this PR must follow the standard/parent release note labeling requirement. (release-note-experimental must be explicit for cherry-picks) |
/assign enisoc |
/release-note Better messaging when GKE certificate signing fails. |
/assign @enisoc |
/unassign @roberthbailey |
/release-note |
e525447
to
55e71fe
Compare
Ran |
api/openapi-spec/swagger.json
Outdated
@@ -2,7 +2,7 @@ | |||
"swagger": "2.0", | |||
"info": { | |||
"title": "Kubernetes", | |||
"version": "v1.6.0" | |||
"version": "v1.6.1" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why is this part of your PR?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The Jenkins verification on this PR failed due to hack/verify-federation-openapi-spec.sh
, so I ran ./hack/update-openapi-spec.sh
and amended the commit. I'm not sure if the verify failure would have sorted itself out without any intervention, but I can pull that change back out so it's purely a cherry-pick of the master commit.
This is my first cherry-pick, so apologies if I've bungled the process.
On errors, the GKE signing API can respond with a JSON body that contains an error message explaining the failure. If we're able to extract it, use that message when reporting the error instead of the generic error returned by the webhook library. Also, always add an event to the CSR object on signing errors.
55e71fe
to
bf41fe0
Compare
I have reverted the |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: enisoc, pipejakob
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
@k8s-bot gci gce e2e test this |
@k8s-bot verification test this |
@k8s-bot verify test this |
@k8s-bot kops aws e2e test this |
Automatic merge from submit-queue |
…ick-of-#43493-upstream-release-1.6 Automatic merge from submit-queue Automated cherry pick of kubernetes#43493 Cherry pick of kubernetes#43493 on release-1.6. kubernetes#43493: Better messaging when GKE certificate signing fails.
Cherry pick of #43493 on release-1.6.
#43493: Better messaging when GKE certificate signing fails.