New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 2055821: Remove Azure mint mode support as Active Directory Graph API will be sunset #453
Bug 2055821: Remove Azure mint mode support as Active Directory Graph API will be sunset #453
Conversation
failing on installing yaml-patch binary otherwise
Stop trying to detect whether the creds in kube-system/azure-credentials are good enough for Minting new credentials. We now will only support Manual mode (where the annotator does nothing) and Passthrough mode where we will blindly annotate the Secret as 'passthrough'.
Update the Azure actuator to only support passthrough mode. Attempt to clean up previously created App Registrations / Service Principals, but treat failures to clean up as non-critical. In the event that we fail to clean up, set a new "OrphanedCloudResource" condition to document that we were unable to clean up. When successfully cleaning up, clear out the old AzureStatus fields. Add test cases covering the new OrphanedCloudResources condition.
@akhil-rane: No Bugzilla bug is referenced in the title of this pull request. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test e2e-azure |
Codecov Report
@@ Coverage Diff @@
## release-4.9 #453 +/- ##
===============================================
- Coverage 45.97% 45.38% -0.60%
===============================================
Files 74 71 -3
Lines 7747 7335 -412
===============================================
- Hits 3562 3329 -233
+ Misses 3691 3577 -114
+ Partials 494 429 -65
|
@akhil-rane: This pull request references Bugzilla bug 2055821, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@akhil-rane: This pull request references Bugzilla bug 2055821, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@akhil-rane: This pull request references Bugzilla bug 2055821, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@akhil-rane: This pull request references Bugzilla bug 2055821, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@akhil-rane: This pull request references Bugzilla bug 2055821, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@akhil-rane: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abutcher, akhil-rane The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/bugzilla refresh |
@akhil-rane: This pull request references Bugzilla bug 2055821, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/bugzilla refresh |
@akhil-rane: This pull request references Bugzilla bug 2055821, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 6 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign @lwan-wanglin |
/assign @jianping-shu |
Tested w/ CCO-173 testcases, passed |
/label cherry-pick-approved |
@jianping-shu Do we also need a test wherein a passthrough SP has permissions to delete SPs generated my mint mode? |
@akhil-rane I think it is already covered by OCP-47144 and OCP-47159 |
Sorry I missed it. Everything looks good! |
/label backport-risk-assessed |
@akhil-rane: All pull requests linked via external trackers have merged: Bugzilla bug 2055821 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/cherry-pick release-4.8 |
@2uasimojo: #453 failed to apply on top of branch "release-4.8":
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Migrate away from depending on the Azure Active Directory Graph API since it will be sunset in June 2022.