Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 1970331: pkg/securitycontextconstraints: wait for MCS/UID labels on namespaces, bump verbosity on errors #66

Merged
merged 5 commits into from Oct 21, 2021
Merged

Bug 1970331: pkg/securitycontextconstraints: wait for MCS/UID labels on namespaces, bump verbosity on errors #66

merged 5 commits into from Oct 21, 2021

Conversation

s-urbaniak
Copy link
Contributor

@s-urbaniak
pkg/securitycontextconstraints: bump verbosity level in case of errors
1ff2c95 
Currently, errors during provisioner creation go unnoticed.
This fixes it by bymping logging verbosity.
@openshift-ci openshift-ci bot requested review from deads2k and stlaz October 20, 2021 14:02
@s-urbaniak s-urbaniak changed the title pkg/securitycontextconstraints: wait for MCS/UID labels on namespaces, bump verbosity on errors Bug 1970331: pkg/securitycontextconstraints: wait for MCS/UID labels on namespaces, bump verbosity on errors Oct 20, 2021
@s-urbaniak
Copy link
Contributor Author

/bugzilla refresh

@openshift-ci openshift-ci bot added the bugzilla/severity-high Referenced Bugzilla bug's severity is high for the branch this PR is targeting. label Oct 20, 2021
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 20, 2021

@s-urbaniak: This pull request references Bugzilla bug 1970331, which is invalid:

  • expected the bug to target the "4.10.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot added the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label Oct 20, 2021
@s-urbaniak
Copy link
Contributor Author

/bugzilla refresh

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 20, 2021

@s-urbaniak: An error was encountered querying GitHub for users with public email (liyao@redhat.com) for bug 1970331 on the Bugzilla server at https://bugzilla.redhat.com. No known errors were detected, please see the full error message for details.

Full error message. non-200 OK status code: 403 Forbidden body: "{\n \"documentation_url\": \"https://docs.github.com/en/free-pro-team@latest/rest/overview/resources-in-the-rest-api#secondary-rate-limits\",\n \"message\": \"You have exceeded a secondary rate limit. Please wait a few minutes before you try again.\"\n}\n"

Please contact an administrator to resolve this issue, then request a bug refresh with /bugzilla refresh.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 20, 2021

@s-urbaniak: This pull request references Bugzilla bug 1970331, which is invalid:

  • expected the bug to target the "4.10.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 1970331: pkg/securitycontextconstraints: wait for MCS/UID labels on namespaces, bump verbosity on errors

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@s-urbaniak
Copy link
Contributor Author

/bugzilla refresh

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 20, 2021

@s-urbaniak: This pull request references Bugzilla bug 1970331, which is valid.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (4.10.0) matches configured target release for branch (4.10.0)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

No GitHub users were found matching the public email listed for the QA contact in Bugzilla (liyao@redhat.com), skipping review request.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot added bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. and removed bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. labels Oct 20, 2021
@s-urbaniak s-urbaniak force-pushed the wait-for-labels branch 3 times, most recently from 2c953fd to 87840ab Compare October 21, 2021 10:10
stlaz
stlaz reviewed Oct 21, 2021
View reviewed changes
Copy link
Member

@stlaz stlaz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nits

pkg/securitycontextconstraints/sccadmission/admission_test.go Outdated Show resolved Hide resolved
pkg/securitycontextconstraints/sccmatching/matcher.go Show resolved Hide resolved
@deads2k
Copy link
Contributor

deads2k commented Oct 21, 2021

This looks like a solid idea. Great find. I'll leave the detailed review and lgtm to

/assign @stlaz
/approve

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 21, 2021
@s-urbaniak s-urbaniak force-pushed the wait-for-labels branch 4 times, most recently from 97f3646 to 3fea71e Compare October 21, 2021 13:56
@s-urbaniak
pkg/securitycontextconstraints: wait for namespaces and MCS/UID labels
257b812 
Wait for namespaces and labels to appear within 10 seconds else fail admission.
@stlaz
Copy link
Member

stlaz commented Oct 21, 2021

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 21, 2021
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 21, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deads2k, s-urbaniak, stlaz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot merged commit 7d72604 into openshift:master Oct 21, 2021
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 21, 2021

@s-urbaniak: All pull requests linked via external trackers have merged:

Bugzilla bug 1970331 has been moved to the MODIFIED state.

In response to this:

Bug 1970331: pkg/securitycontextconstraints: wait for MCS/UID labels on namespaces, bump verbosity on errors

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@s-urbaniak s-urbaniak deleted the wait-for-labels branch October 21, 2021 14:09
@s-urbaniak s-urbaniak mentioned this pull request Oct 21, 2021
Closed
@openshift-ci openshift-ci bot mentioned this pull request Oct 21, 2021
Merged
@s-urbaniak
Copy link
Contributor Author

/cherry-pick release-4.9

@s-urbaniak
Copy link
Contributor Author

/cherry-pick release-4.8

@openshift-cherrypick-robot
Copy link

@s-urbaniak: #66 failed to apply on top of branch "release-4.9":

Applying: pkg/securitycontextconstraints: bump verbosity level in case of errors
Applying: pkg/securitycontextconstraints: wait for namespaces and MCS/UID labels
Applying: pkg/securitycontextconstraints/sccadmission: wire context
Using index info to reconstruct a base tree...
M	pkg/securitycontextconstraints/sccadmission/admission.go
M	pkg/securitycontextconstraints/sccadmission/admission_test.go
Falling back to patching base and 3-way merge...
Auto-merging pkg/securitycontextconstraints/sccadmission/admission_test.go
Auto-merging pkg/securitycontextconstraints/sccadmission/admission.go
CONFLICT (content): Merge conflict in pkg/securitycontextconstraints/sccadmission/admission.go
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0003 pkg/securitycontextconstraints/sccadmission: wire context
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release-4.9

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot
Copy link

@s-urbaniak: #66 failed to apply on top of branch "release-4.8":

Applying: pkg/securitycontextconstraints: bump verbosity level in case of errors
Applying: pkg/securitycontextconstraints: wait for namespaces and MCS/UID labels
Applying: pkg/securitycontextconstraints/sccadmission: wire context
Using index info to reconstruct a base tree...
M	pkg/securitycontextconstraints/sccadmission/admission.go
M	pkg/securitycontextconstraints/sccadmission/admission_test.go
M	pkg/securitycontextconstraints/sccmatching/matcher.go
Falling back to patching base and 3-way merge...
Auto-merging pkg/securitycontextconstraints/sccmatching/matcher.go
Auto-merging pkg/securitycontextconstraints/sccadmission/admission_test.go
Auto-merging pkg/securitycontextconstraints/sccadmission/admission.go
CONFLICT (content): Merge conflict in pkg/securitycontextconstraints/sccadmission/admission.go
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0003 pkg/securitycontextconstraints/sccadmission: wire context
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release-4.8

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stlaz stlaz stlaz left review comments

@deads2k deads2k Awaiting requested review from deads2k

Assignees

@stlaz stlaz

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/severity-high Referenced Bugzilla bug's severity is high for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@s-urbaniak @deads2k @stlaz @openshift-cherrypick-robot @openshift-merge-robot