Bug 1908217: server-side apply e2e: fix oauthclientauthorization race with KCM #25780
Conversation
openshift-ci-robot
added
bugzilla/severity-unspecified
|
@stlaz: This pull request references Bugzilla bug 1908217, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/bugzilla refresh |
openshift-ci-robot
added
bugzilla/severity-low
|
@stlaz: This pull request references Bugzilla bug 1908217, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
When the oauthclientauthorization is created, it checks the SA from its clientName for tokens and fails if there are none. The server-side apply test creates an SA but does not wait for it to be populated with tokens which may cause the test to fail when it gets to creating the oauthauthorization object too early.
stlaz
force-pushed
the
ssa_oauthclientauthorization
branch
from
e2e1b0b
to
c56104b
Compare
|
/lgtm |
| name, _, err := unstructured.NestedString(unstructuredObj, "metadata", "name") | ||
| o.Expect(err).NotTo(o.HaveOccurred()) | ||
| err = wait.PollImmediate(time.Second, 15*time.Second, func() (bool, error) { | ||
| sa, err := saClient.Get(context.Background(), name, metav1.GetOptions{}) |
There was a problem hiding this comment.
isn't there a variant of PollImmediate with context?
There was a problem hiding this comment.
I couldn't find one in k8s.io/apimachinery/pkg/util/wait/wait.go
|
|
||
| // waitForSATokens waits for the kube-controller-manager to populate the SA from the unstructured object | ||
| // to be populated with a secret defining its tokens | ||
| func waitForSATokens(saClient corev1client.ServiceAccountInterface, unstructuredObj map[string]interface{}) { |
There was a problem hiding this comment.
odd interface. Would be simpler with just the name as string, and the string extracted at the call site.
There was a problem hiding this comment.
The function is very specific to this test case, I merely extracted the necessary steps not to pollute the code above.
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: marun, stlaz, sttts The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
|
/retest Please review the full test history for this PR and help us cut down flakes. |
|
@stlaz: All pull requests linked via external trackers have merged: Bugzilla bug 1908217 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/cherry-pick release-4.6 |
|
@sttts: new pull request created: #25908 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
When the oauthclientauthorization is created, it checks the SA from
its clientName for tokens and fails if there are none.
The server-side apply test creates an SA but does not wait for it to
be populated with tokens which may cause the test to fail when
it gets to creating the oauthauthorization object too early.
/assign @marun