Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG 1806438: Drop run-level #496

Merged
merged 1 commit into from Feb 26, 2020
Merged

BUG 1806438: Drop run-level #496

merged 1 commit into from Feb 26, 2020

Conversation

enxebre
Copy link
Member

@enxebre enxebre commented Feb 21, 2020

mao should follow normal admission control rules for a cluster.

@enxebre
Drop run-level
0ff1fd0 
mao should follow normal admission control rules for a cluster.
@openshift-ci-robot openshift-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Feb 21, 2020
@enxebre
Copy link
Member Author

enxebre commented Feb 21, 2020

/hold

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 21, 2020
@enxebre
Copy link
Member Author

enxebre commented Feb 21, 2020

/retest

2 similar comments
@enxebre
Copy link
Member Author

enxebre commented Feb 21, 2020

/retest

@enxebre
Copy link
Member Author

enxebre commented Feb 24, 2020

/retest

@enxebre enxebre changed the title Drop run-level BUG 1806438: Drop run-level Feb 24, 2020
@openshift-ci-robot
Copy link
Contributor

@enxebre: This pull request references Bugzilla bug 1806438, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

BUG 1806438: Drop run-level

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label Feb 24, 2020
@enxebre
Copy link
Member Author

enxebre commented Feb 24, 2020

/cherrypick release-4.4
/cherrypick release-4.3

@openshift-cherrypick-robot
Copy link

@enxebre: once the present PR merges, I will cherry-pick it on top of release-4.4 in a new PR and assign it to you.

In response to this:

/cherrypick release-4.4
/cherrypick release-4.3

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@enxebre
Copy link
Member Author

enxebre commented Feb 24, 2020

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 24, 2020
JoelSpeed
JoelSpeed approved these changes Feb 24, 2020
View reviewed changes
Copy link
Contributor

@JoelSpeed JoelSpeed left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

Doesn't seem to have broken the e2e so I guess this doesn't make a difference? (I'm assuming this change is tested by the e2e tests 🤔)

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label Feb 24, 2020
@enxebre
Copy link
Member Author

enxebre commented Feb 24, 2020

/test e2e-azure

bison
bison approved these changes Feb 26, 2020
View reviewed changes
Copy link
Contributor

@bison bison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

I wonder why it was like this originally.

@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bison

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 26, 2020
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

1 similar comment
@openshift-bot
Copy link
Contributor

/retest

Please review the full test history for this PR and help us cut down flakes.

@openshift-merge-robot openshift-merge-robot merged commit 9b0170a into openshift:master Feb 26, 2020
@openshift-ci-robot
Copy link
Contributor

@enxebre: All pull requests linked via external trackers have merged. Bugzilla bug 1806438 has been moved to the MODIFIED state.

In response to this:

BUG 1806438: Drop run-level

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Feb 26, 2020
Merged
@openshift-cherrypick-robot
Copy link

@enxebre: new pull request created: #499

In response to this:

/cherrypick release-4.4
/cherrypick release-4.3

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

enxebre added a commit to enxebre/machine-api-operator that referenced this pull request Mar 2, 2020
@enxebre
Remove explicit securityContext
0c7a935 
Without the runlabel openshift#496, we’ll run as a high user by default, no need to say run me as non root. Otherwise when removing the runlevel completely for the openshift-machine-api namespace openshift/cluster-autoscaler-operator#133 the kube controller manager complains with 'Error creating: pods "machine-api-operator-75c887884f-" is forbidden: unable to validate against any security context constraint: [spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999] spec.containers[1].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999]]' https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_cluster-autoscaler-operator/133/pull-ci-openshift-cluster-autoscaler-operator-master-e2e-aws/496/artifacts/e2e-aws/pods/openshift-kube-controller-manager_kube-controller-manager-ip-10-0-133-251.us-east-2.compute.internal_kube-controller-manager.log"
@enxebre enxebre mentioned this pull request Mar 2, 2020
Merged
enxebre added a commit to enxebre/machine-api-operator that referenced this pull request Mar 2, 2020
@enxebre
Remove explicit securityContext and add granular securitycontextconst…
1bed517 
…raints use permissions in machine-api-controllers clusterRole

Without the runlabel openshift#496, we’ll run as a high user by default, no need to say run me as non root. Otherwise when removing the runlevel completely for the openshift-machine-api namespace openshift/cluster-autoscaler-operator#133 the kube controller manager complains with 'Error creating: pods "machine-api-operator-75c887884f-" is forbidden: unable to validate against any security context constraint: [spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999] spec.containers[1].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999]]' https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_cluster-autoscaler-operator/133/pull-ci-openshift-cluster-autoscaler-operator-master-e2e-aws/496/artifacts/e2e-aws/pods/openshift-kube-controller-manager_kube-controller-manager-ip-10-0-133-251.us-east-2.compute.internal_kube-controller-manager.log"
enxebre added a commit to enxebre/machine-api-operator that referenced this pull request Mar 2, 2020
@enxebre
Remove explicit securityContext and add granular securitycontextconst…
d8314bb 
…raints use permissions in machine-api-controllers clusterRole

Without the runlabel openshift#496, we’ll run as a high user by default, no need to say run me as non root. Otherwise when removing the runlevel completely for the openshift-machine-api namespace openshift/cluster-autoscaler-operator#133 the kube controller manager complains with 'Error creating: pods "machine-api-operator-75c887884f-" is forbidden: unable to validate against any security context constraint: [spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999] spec.containers[1].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999]]' https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_cluster-autoscaler-operator/133/pull-ci-openshift-cluster-autoscaler-operator-master-e2e-aws/496/artifacts/e2e-aws/pods/openshift-kube-controller-manager_kube-controller-manager-ip-10-0-133-251.us-east-2.compute.internal_kube-controller-manager.log"
enxebre added a commit to enxebre/machine-api-operator that referenced this pull request Mar 3, 2020
@enxebre
Remove explicit securityContext and add granular securitycontextconst…
08a4e21 
…raints use permissions in machine-api-controllers clusterRole

Without the runlabel openshift#496, we’ll run as a high user by default, no need to say run me as non root. Otherwise when removing the runlevel completely for the openshift-machine-api namespace openshift/cluster-autoscaler-operator#133 the kube controller manager complains with 'Error creating: pods "machine-api-operator-75c887884f-" is forbidden: unable to validate against any security context constraint: [spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999] spec.containers[1].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999]]' https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_cluster-autoscaler-operator/133/pull-ci-openshift-cluster-autoscaler-operator-master-e2e-aws/496/artifacts/e2e-aws/pods/openshift-kube-controller-manager_kube-controller-manager-ip-10-0-133-251.us-east-2.compute.internal_kube-controller-manager.log"
openshift-cherrypick-robot pushed a commit to openshift-cherrypick-robot/machine-api-operator that referenced this pull request Mar 10, 2020
@enxebre
Remove explicit securityContext and add granular securitycontextconst…
70e470c 
…raints use permissions in machine-api-controllers clusterRole

Without the runlabel openshift#496, we’ll run as a high user by default, no need to say run me as non root. Otherwise when removing the runlevel completely for the openshift-machine-api namespace openshift/cluster-autoscaler-operator#133 the kube controller manager complains with 'Error creating: pods "machine-api-operator-75c887884f-" is forbidden: unable to validate against any security context constraint: [spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999] spec.containers[1].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999]]' https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_cluster-autoscaler-operator/133/pull-ci-openshift-cluster-autoscaler-operator-master-e2e-aws/496/artifacts/e2e-aws/pods/openshift-kube-controller-manager_kube-controller-manager-ip-10-0-133-251.us-east-2.compute.internal_kube-controller-manager.log"
@markmc markmc mentioned this pull request May 2, 2020
Closed
openshift-cherrypick-robot pushed a commit to openshift-cherrypick-robot/machine-api-operator that referenced this pull request Jul 7, 2020
@enxebre
Remove explicit securityContext and add granular securitycontextconst…
bf148ba 
…raints use permissions in machine-api-controllers clusterRole

Without the runlabel openshift#496, we’ll run as a high user by default, no need to say run me as non root. Otherwise when removing the runlevel completely for the openshift-machine-api namespace openshift/cluster-autoscaler-operator#133 the kube controller manager complains with 'Error creating: pods "machine-api-operator-75c887884f-" is forbidden: unable to validate against any security context constraint: [spec.containers[0].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999] spec.containers[1].securityContext.securityContext.runAsUser: Invalid value: 65534: must be in the ranges: [1000340000, 1000349999]]' https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_cluster-autoscaler-operator/133/pull-ci-openshift-cluster-autoscaler-operator-master-e2e-aws/496/artifacts/e2e-aws/pods/openshift-kube-controller-manager_kube-controller-manager-ip-10-0-133-251.us-east-2.compute.internal_kube-controller-manager.log"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bison bison bison approved these changes

@JoelSpeed JoelSpeed JoelSpeed approved these changes

@michaelgugino michaelgugino Awaiting requested review from michaelgugino

Assignees

@JoelSpeed JoelSpeed

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. lgtm Indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@enxebre @openshift-ci-robot @openshift-cherrypick-robot @openshift-bot @bison @JoelSpeed @openshift-merge-robot