Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-4.9] Bug 2029504: encryption-controller: sync secrets conditionally #487

Merged
merged 2 commits into from Dec 9, 2021
Merged

[release-4.9] Bug 2029504: encryption-controller: sync secrets conditionally #487

merged 2 commits into from Dec 9, 2021

Conversation

dgrisonnet
Copy link
Member

@dgrisonnet dgrisonnet commented Dec 6, 2021
edited

Backport of #483 to release-4.9.

  1. If the Bugzilla associated with the PR has the "FastFix" keyword, the subjective assessment on the issue has already been done and a customer is impacted. These PRs should be prioritized for merge.
    • verified
    • does not apply
  2. The bug has significant impact either through severity, reduction in supportability, or number of users affected.
    • verified
    • does not apply
  3. For branches that are in the Maintenance lifecycle phase:
    • The bug is a critical fix, no reasonable workaround exists, and a recommendation for upgrade has been ruled out, or
    • The bug is a security related bug
    • Branch not in maintenance mode yet (current release + previous release for 90 days after current GA; everything older is in maintenance)
  4. The severity field of the bug must be set to accurately reflect criticality.
    • verified
  5. The PR was created with the cherry-pick bot OR the PR’s description is well formed with user-focused release notes that state the bug number, impact, cause, and resolution. Where appropriate, it should also contain information about how a user can identify whether a particular cluster is affected.
    • verified

@openshift-ci openshift-ci bot added bugzilla/severity-low Referenced Bugzilla bug's severity is low for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. labels Dec 6, 2021
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 6, 2021

@dgrisonnet: This pull request references Bugzilla bug 2029504, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

6 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (4.9.z) matches configured target release for branch (4.9.z)
  • bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)
  • dependent bug Bugzilla bug 1982726 is in the state VERIFIED, which is one of the valid states (VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE))
  • dependent Bugzilla bug 1982726 targets the "4.10.0" release, which is one of the valid target releases: 4.10.0
  • bug has dependents

Requesting review from QA contact:
/cc @gangwgr

In response to this:

[release-4.9] Bug 2029504: encryption-controller: sync secrets conditionally

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot requested a review from gangwgr December 6, 2021 16:56
@dgrisonnet
Copy link
Member Author

Hold until openshift/library-go#1247 is merged.

/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 6, 2021
@dgrisonnet dgrisonnet mentioned this pull request Dec 6, 2021
Merged
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 7, 2021

@dgrisonnet: This pull request references Bugzilla bug 2029504, which is valid.

6 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (4.9.z) matches configured target release for branch (4.9.z)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)
  • dependent bug Bugzilla bug 1982726 is in the state VERIFIED, which is one of the valid states (VERIFIED, RELEASE_PENDING, CLOSED (ERRATA), CLOSED (CURRENTRELEASE))
  • dependent Bugzilla bug 1982726 targets the "4.10.0" release, which is one of the valid target releases: 4.10.0
  • bug has dependents

Requesting review from QA contact:
/cc @gangwgr

In response to this:

[release-4.9] Bug 2029504: encryption-controller: sync secrets conditionally

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dgrisonnet
bump(library-go)
0fe3df7 
Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
@dgrisonnet
encryption-controller: sync secrets conditionally
3bc5174 
Update the version of library-go to include the latest changes that
allow the encryption controller to synchronize the encryption-config
secret only when the encryption controller should be run. This prevents
the secrets from being unnecessarily deleted in the apiserver namespace
whenever it doesn't exist in the config-managed namespace.

Signed-off-by: Damien Grisonnet <dgrisonn@redhat.com>
@dgrisonnet
Copy link
Member Author

/unhold
/assign @sttts

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Dec 7, 2021
@sttts
Copy link
Contributor

sttts commented Dec 7, 2021

/lgtm
/approve

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 7, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dgrisonnet, sttts

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Dec 7, 2021
@gangwgr
Copy link

gangwgr commented Dec 7, 2021

/label cherry-pick-approved

@openshift-ci openshift-ci bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Dec 7, 2021
@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

7 similar comments
@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@openshift-bot
Copy link
Contributor

/retest-required

Please review the full test history for this PR and help us cut down flakes.

@sttts sttts added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Dec 9, 2021
@openshift-merge-robot openshift-merge-robot merged commit 13dbfe9 into openshift:release-4.9 Dec 9, 2021
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 9, 2021

@dgrisonnet: Some pull requests linked via external trackers have merged:

The following pull requests linked via external trackers have not merged:

These pull request must merge or be unlinked from the Bugzilla bug in order for it to move to the next state. Once unlinked, request a bug refresh with /bugzilla refresh.

Bugzilla bug 2029504 has not been moved to the MODIFIED state.

In response to this:

[release-4.9] Bug 2029504: encryption-controller: sync secrets conditionally

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gangwgr gangwgr Awaiting requested review from gangwgr

@mfojtik mfojtik Awaiting requested review from mfojtik

@soltysh soltysh Awaiting requested review from soltysh

Assignees

@sttts sttts

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. bugzilla/severity-low Referenced Bugzilla bug's severity is low for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@dgrisonnet @sttts @gangwgr @openshift-bot @openshift-merge-robot