Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Give the ability to patch nodes to openshift-sdn #175

Merged
merged 1 commit into from May 24, 2019
Merged

Give the ability to patch nodes to openshift-sdn #175

merged 1 commit into from May 24, 2019

Conversation

rcarrillocruz
Copy link
Contributor

This is needed for SDN-260, which is about tainting
nodes with a too small MTU, thus the need for update permission.

@openshift-ci-robot openshift-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label May 22, 2019
@squeed
Copy link
Contributor

squeed commented May 22, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels May 22, 2019
@danwinship
Copy link
Contributor

/hold
is there no more-targeted permission we can give, rather than the ability to update all fields of all nodes?

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 22, 2019
@rcarrillocruz
Copy link
Contributor Author

/retest

@squeed
Copy link
Contributor

squeed commented May 22, 2019

/hold
is there no more-targeted permission we can give, rather than the ability to update all fields of all nodes?

Not that I could see. Taints are part of the Spec, not the Status.

@danwinship
Copy link
Contributor

It's not possible to give a node permission to update its own node but not other nodes?

@rcarrillocruz
Copy link
Contributor Author

Not really finding how to achieve that from RBAC docs.
The closest seems 'resourceName', however I don't think we can set 'update on Nodes with resourceName=foo", since the resourceName of the node is not static.

@rcarrillocruz
Copy link
Contributor Author

/retest

@danwinship
Copy link
Contributor

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 23, 2019
@squeed
Copy link
Contributor

squeed commented May 23, 2019

/hold
We decided this should be patch.

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 23, 2019
@rcarrillocruz rcarrillocruz force-pushed the openshift_sdn_nodes_update_perm branch from 5db2dfb to 908e817 Compare May 24, 2019 09:22
@openshift-ci-robot openshift-ci-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed lgtm Indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels May 24, 2019
@rcarrillocruz rcarrillocruz changed the title Give the ability to update nodes to openshift-sdn Give the ability to patch nodes to openshift-sdn May 24, 2019
@rcarrillocruz
Give the ability to patch nodes to openshift-sdn
7fa0b57 
This is needed for SDN-260, which is about tainting
nodes with a too small MTU, thus the need for patch permission.
@rcarrillocruz rcarrillocruz force-pushed the openshift_sdn_nodes_update_perm branch from 908e817 to 7fa0b57 Compare May 24, 2019 09:24
@openshift-ci-robot openshift-ci-robot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels May 24, 2019
@squeed
Copy link
Contributor

squeed commented May 24, 2019

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 24, 2019
@squeed
Copy link
Contributor

squeed commented May 24, 2019

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label May 24, 2019
@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rcarrillocruz, squeed

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-merge-robot openshift-merge-robot merged commit 559cf3c into openshift:master May 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danwinship danwinship Awaiting requested review from danwinship

@JacobTanenbaum JacobTanenbaum Awaiting requested review from JacobTanenbaum

Assignees

@squeed squeed

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@rcarrillocruz @squeed @danwinship @openshift-ci-robot @openshift-bot @openshift-merge-robot