-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[release-4.14] OCPBUGS-37823: GCP passthrough permissions check to ignore problematic permissions. #741
Conversation
Currently, the GCP passthrough permissions check generates a list of required permissions from the credential requests, queries and caches a list of valid permissions for the project, filters the required list to only include those that are valid, and then ensures the provided service account has the filtered list of permissions on the project. However, for whatever reason, sometimes the check errors stating that the permission is invalid. This change attempts to discover when this happens and removes the problematic permission from the cached list of valid permissions. This enables the check to function properly for the remaining duration of the cache.
@openshift-cherrypick-robot: Jira Issue OCPBUGS-37288 has been cloned as Jira Issue OCPBUGS-37823. Will retitle bug to link to clone. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-37823, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## release-4.14 #741 +/- ##
================================================
- Coverage 48.35% 48.34% -0.02%
================================================
Files 96 96
Lines 11758 11762 +4
================================================
Hits 5686 5686
- Misses 5439 5443 +4
Partials 633 633
|
/assign |
/jira refresh |
@jstuever: This pull request references Jira Issue OCPBUGS-37823, which is valid. The bug has been moved to the POST state. 7 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
/lgtm |
/label backport-risk-assessed |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jstuever, openshift-cherrypick-robot The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/test security |
/override ci/prow/security |
@jstuever: Overrode contexts on behalf of jstuever: ci/prow/security In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Verified with cluster-bot build 4.14.0-0.ci.test-2024-08-13-032243-ci-ln-rcb1c0t-latest. |
@openshift-cherrypick-robot: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
cb6aa58
into
openshift:release-4.14
@openshift-cherrypick-robot: Jira Issue OCPBUGS-37823: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-37823 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
[ART PR BUILD NOTIFIER] Distgit: ose-cloud-credential-operator |
This is an automated cherry-pick of #730
/assign openshift-cherrypick-robot