New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1797624: loosen upgradeable condition to allow z-level upgrades #291
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems ok
@@ -31,7 +31,7 @@ func (e *Error) Cause() error { | |||
// Precondition defines the precondition check for a payload. | |||
type Precondition interface { | |||
// Run executes the precondition checks ands returns an error when the precondition fails. | |||
Run(context.Context) error | |||
Run(ctx context.Context, desiredVersion string) error |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably better to pass a concrete struct here like ReleaseContext struct { DesiredVersion types.Version }
} | ||
|
||
// if we are upgradeable==true we can always upgrade | ||
up := resourcemerge.FindOperatorStatusCondition(cv.Status.Conditions, configv1.OperatorUpgradeable) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Update the test cases
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cute. this was merged without tests initially :)
This might be slightly off-topic for this PR, but are there alerts that are fired for this condition and do we need to change the text for those alerts? |
119fcd5
to
c69dcbc
Compare
updated for comments, tests added. |
terraform /retest |
One issue with this is that currently we block things like 4.2.13 -> 4.2.14 when the registry is set Unmanaged: {
"conditions": [
{
"type": "Available",
"status": "True",
"lastTransitionTime": "2020-01-07T08:19:28Z",
"reason": "Unmanaged",
"message": "The registry configuration is set to unmanaged mode"
},
{
"type": "Progressing",
"status": "False",
"lastTransitionTime": "2020-01-07T08:19:28Z",
"reason": "Unmanaged",
"message": "The registry configuration is set to unmanaged mode"
},
{
"type": "Degraded",
"status": "False",
"lastTransitionTime": "2019-08-13T08:54:27Z",
"reason": "Unmanaged",
"message": "The registry configuration is set to unmanaged mode"
}
],
"versions": [
{
"name": "operator",
"version": "4.2.13"
}
],
...
} Setting |
Having an unmanaged component that blocks upgrades of any kind would really surprise me since it seems like they would always want to encourage updates that would allow the component to go back managed. z-level upgrades should basically always work or you will be blocking CVE updates. |
Not yet, but we have an internal ticket to add some. |
Sounds like rhbz#1791934 will be resolved by having the operator bump its |
terraform again /retest |
/approve |
return nil | ||
} | ||
|
||
currentMinor := getEffectiveMinor(cv.Status.History[0].Version) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of pulling this out of the cluster's ClusterVersion history, I'd rather pull it from the local state. But then you'd have to pipe it through to this precondition code. Including it in ReleaseContext
would be fine, although we'd want to rename to something more generic. Maybe just Context
(so precondition.Context
in external packages)? To get from the Operator
into the SyncWorker
... I dunno, seems like we could feed the context into NewSyncWorkerWithPreconditions
here? If that sounds plausible, I can work up a fixup commit that you could squash in here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not the way I would do it since we're already getting the information here (pre-existing gets) and you're already getting cached data, so it seems unnecessary and odd. Could you do it as a follow-up instead if you really want it after?
|
||
// if there is no difference in the minor version (4.y.z where 4.y is the same for current and desired), then we can still upgrade | ||
if currentMinor == desiredMinor { | ||
return nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We may want to build the *precondition.Error
above and log the fact that we're ignoring it due to the minor update here. Or maybe push out an Event, since once we actually start updating, we're going to replace the CVO Pod and lose the old CVO's logs? Leaving some breadcrumbs around this to make it less surprising would be nice, but is not something we need to block merging if it would be too difficult to implement.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that seems a little weird to do, since people are unlikely to wonder why their desired update was allowed and succeeded.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
that seems a little weird to do, since people are unlikely to wonder why their desired update was allowed and succeeded.
I can see component authors wondering why an update was initiated despite them having set Upgradeable=False
. But whatever, obviously not critical.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Was discussing bug https://bugzilla.redhat.com/show_bug.cgi?id=1822513 with @wking and he suggested I update here as a follow-up to this thread.
The bug's underlying cause is that currentMinor is always being pulled from cv.Status.History[0].Version (
currentMinor := getEffectiveMinor(cv.Status.History[0].Version) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@deads2k thoughts on the above?
If current and desired have the same 4.y, then the upgrade is allowed even if upgradeable==false. If the 4.y is different, then upgrades are not allowed. This permits CVE updates and fixes the current service-catalog upgrade problem.
c69dcbc
to
bcd58d8
Compare
/retest |
1 similar comment
/retest |
@deads2k: This pull request references Bugzilla bug 1797624, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/cherrypick release-4.3 |
@deads2k: once the present PR merges, I will cherry-pick it on top of release-4.3 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@deads2k: This pull request references Bugzilla bug 1797624, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, sdodson, wking The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest Please review the full test history for this PR and help us cut down flakes. |
9 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
@deads2k: All pull requests linked via external trackers have merged. Bugzilla bug 1797624 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@deads2k: new pull request created: #315 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Catching the message strings up with the softening from bcd58d8 (loosen upgradeable condition to allow z-level upgrades, 2020-01-02, openshift#291), addressing [1]. [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1823306
Catching the message strings up with the softening from bcd58d8 (loosen upgradeable condition to allow z-level upgrades, 2020-01-02, openshift#291), addressing [1]. [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1823306
Catching the message strings up with the softening from bcd58d8 (loosen upgradeable condition to allow z-level upgrades, 2020-01-02, openshift#291), addressing [1]. [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1823306
…gradeable_test To match our preferred spelling. The test file has had the outgoing spelling since it landed in bcd58d8 (loosen upgradeable condition to allow z-level upgrades, 2020-01-02, openshift#291).
If current and desired have the same 4.y, then the upgrade is allowed even
if upgradeable==false. If the 4.y is different, then upgrades are not allowed.
This permits CVE updates and fixes the current service-catalog upgrade problem.
Alternative to #285