New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCPBUGS-22749: Adjust NAD name by using unique-names-generator #13263
OCPBUGS-22749: Adjust NAD name by using unique-names-generator #13263
Conversation
@hstastna: This pull request references CNV-32926 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.15.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
40b0edc
to
103aa9b
Compare
@avivtur @metalice @pcbailey @upalatucci @vojtechszocs please review |
1 similar comment
@avivtur @metalice @pcbailey @upalatucci @vojtechszocs please review |
Adjust the NetworkAttachmentDefinition name after its creation to make sure the name will be unique, to prevent creating a network shared between isolated namespaces. Fixes https://issues.redhat.com/browse/CNV-32926
103aa9b
to
6e77a4a
Compare
@metalice I've played with the code and it started to work even without adding the package anywhere. Weird that it didn't work previously. |
/retest |
2 similar comments
/retest |
/retest |
@avivtur @metalice @pcbailey @upalatucci @vojtechszocs please review |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hstastna, pcbailey The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/jira refresh |
@hstastna: This pull request references CNV-32926 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.15.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/jira refresh |
@hstastna: This pull request references CNV-32926 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@hstastna: This pull request references CNV-32926 which is a valid jira issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@hstastna: This pull request references Jira Issue OCPBUGS-22749, which is valid. 3 validation(s) were run on this bug
No GitHub users were found matching the public email listed for the QA contact in Jira (ycui@redhat.com), skipping review request. The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/hold Revision 6e77a4a was retested 3 times: holding |
/retest |
/hold cancel |
/retest |
/hold Revision 6e77a4a was retested 3 times: holding |
/hold cancel |
@hstastna: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
@hstastna: Jira Issue OCPBUGS-22749: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-22749 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Fix included in accepted release 4.15.0-0.nightly-2023-11-04-080954 |
Fix included in accepted release 4.15.0-0.nightly-2024-02-12-213938 |
Fixes:
https://issues.redhat.com/browse/OCPBUGS-22749
Analysis / Root cause:
By using the "Create Network Attachment Definition" dialog, an administrator may create two NADs in two different namespaces that would be connected to a single L2 network. There is nothing in the UI that indicates that namespace isolation is breached.
Solution Description:
Adjust the NetworkAttachmentDefinition name after its creation to make sure the name will be unique, to prevent creating a network shared between isolated namespaces. Use
unique-names-generator
package to generate the unique names that are appended to the name filled in the form for creating NADs.Screen shots / Gifs for design review:
Before:
NADs with same names, shared NADs between the different namespaces can be created:
After:
Unique NADs names: