Fix CSR validation failure for missing status conditions #1229
Conversation
|
/test vsphere-e2e-operator |
openshift-ci
bot
added
do-not-merge/work-in-progress
|
/retest |
mansikulkarni96
changed the title
mansikulkarni96
changed the title
mansikulkarni96
force-pushed
the
csr-check
branch
from
b04df72
to
149aa90
Compare
mansikulkarni96
changed the title
test/e2e/validation_test.go
Outdated
| @@ -665,6 +665,10 @@ func (tc *testContext) findNodeCSRs(nodeName string) ([]certificates.Certificate | |||
| return nil, errors.Wrap(err, "unable to get CSR list") | |||
| } | |||
| for _, c := range csrs.Items { | |||
| // skip the CSR if it's status has not been reported | |||
| if len(c.Status.Conditions) == 0 { | |||
There was a problem hiding this comment.
Conditions may be nil. Consider
if c.Status.Conditions == nil || len(c.Status.Conditions) == 0 {
...
}
|
Thanks for working on this, LGTM so far. Will this be a temp workaround until we or the cloud team find a permanent fix? |
mansikulkarni96
force-pushed
the
csr-check
branch
from
35c76c1
to
11c6c29
Compare
That is correct @alinaryan |
mansikulkarni96
requested review from
jrvaldes
and removed request for
sebsoto and
aravindhp
test/e2e/validation_test.go
Outdated
| @@ -665,6 +665,10 @@ func (tc *testContext) findNodeCSRs(nodeName string) ([]certificates.Certificate | |||
| return nil, errors.Wrap(err, "unable to get CSR list") | |||
| } | |||
| for _, c := range csrs.Items { | |||
| // skip the CSR if it's status has not been reported | |||
There was a problem hiding this comment.
Please add the suspected reason here and in the commit message.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: aravindhp, mansikulkarni96 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
LGTM |
mansikulkarni96
force-pushed
the
csr-check
branch
from
11c6c29
to
bb755a3
Compare
|
/lgtm |
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
mansikulkarni96
force-pushed
the
csr-check
branch
2 times, most recently
from
5a25635
to
dfaf333
Compare
This commit aims to fix the issue with failing CSR validation of CSR that have a missing status condition. In some cases, a CSR is left in pending state when a new CSR is created for a node too quickly before updating the status of the existing one. Such a CSR cannot be approved but it does not affect node configuration and is safe to be ignored.
|
Blocked by OCPBUGS-2175 |
|
/retest |
|
/hold Revision 3685963 was retested 3 times: holding |
openshift-ci
bot
added
the
do-not-merge/hold
|
/test azure-e2e-operator |
|
/retest ci/prow/aws-e2e-operator |
|
@JacobTanenbaum: The
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/test aws-e2e-operator |
|
/test gcp-e2e-operator |
6 similar comments
|
/test gcp-e2e-operator |
|
/test gcp-e2e-operator |
|
/test gcp-e2e-operator |
|
/test gcp-e2e-operator |
|
/test gcp-e2e-operator |
|
/test gcp-e2e-operator |
|
/retest |
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
|
/retest |
|
@mansikulkarni96 the aws-e2e-operator job failed twice in the setup phase. Is this a new issue with AWS or a known flake? |
|
There are issues creating EC2 instance, both jobs failed with different reasons though. Investigating. |
|
/retest |
|
/override ci/prow/aws-e2e-operator The test past previously we are now seeing a flake on AWS cluster installs. |
|
@aravindhp: Overrode contexts on behalf of aravindhp: ci/prow/aws-e2e-operator In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@mansikulkarni96: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This PR aims to fix the issue with failing CSR validation of CSR's that have a missing status condition.
These CSR's cannot be approved, hence they need to be skipped.
Latest failure: https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/openshift_windows-machine-config-operator/1258/pull-ci-openshift-windows-machine-config-operator-master-vsphere-e2e-operator/1577062440414220288
csr.json: https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/origin-ci-test/pr-logs/pull/openshift_windows-machine-config-operator/1258/pull-ci-openshift-windows-machine-config-operator-master-vsphere-e2e-operator/1577062440414220288/artifacts/vsphere-e2e-operator/gather-extra/artifacts/csr.json
"status": {}