Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 2074558: osd: only set kek to env var on encryption scenario #365

Merged
merged 1 commit into from Apr 14, 2022
Merged

Bug 2074558: osd: only set kek to env var on encryption scenario #365

merged 1 commit into from Apr 14, 2022

Conversation

leseb
Copy link

@leseb leseb commented Apr 12, 2022

There is a corner case where an env variable populated with the prepare
job could influence and trigger some encryption code. We have an env
variable to discover whether the prepare job will encrypt a drive or not
so let's use that instead of running code as a noop and sometimes
trigger a corner case. In this scenario, the prepare job had an "IBM_"
env variable present in the OS image (IBM OS) so the setKEKinEnv()
function would get called for no reason.

Signed-off-by: Sébastien Han seb@redhat.com
(cherry picked from commit 6bc7827)
(cherry picked from commit 8b1b68c)

Description of your changes:

Which issue is resolved by this Pull Request:
Resolves #

Checklist:

  • Commit Message Formatting: Commit titles and messages follow guidelines in the developer guide.
  • Skip Tests for Docs: Add the flag for skipping the build if this is only a documentation change. See here for the flag.
  • Skip Unrelated Tests: Add a flag to run tests for a specific storage provider. See test options.
  • Reviewed the developer guide on Submitting a Pull Request
  • Documentation has been updated, if necessary.
  • Unit tests have been added, if necessary.
  • Integration tests have been added, if necessary.
  • Pending release notes updated with breaking and/or notable changes, if necessary.
  • Upgrade from previous release is tested and upgrade user guide is updated, if necessary.
  • Code generation (make codegen) has been run to update object specifications, if necessary.

@leseb
osd: only set kek to env var on encryption scenario
22ef2d3 
There is a corner case where an env variable populated with the prepare
job could influence and trigger some encryption code. We have an env
variable to discover whether the prepare job will encrypt a drive or not
so let's use that instead of running code as a noop and sometimes
trigger a corner case. In this scenario, the prepare job had an "IBM_"
env variable present in the OS image (IBM OS) so the setKEKinEnv()
  function would get called for no reason.

Signed-off-by: Sébastien Han <seb@redhat.com>
(cherry picked from commit 6bc7827)
(cherry picked from commit 8b1b68c)
@openshift-ci openshift-ci bot added bugzilla/severity-medium Referenced Bugzilla bug's severity is medium for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. labels Apr 12, 2022
@openshift-ci
Copy link

openshift-ci bot commented Apr 12, 2022

@leseb: This pull request references Bugzilla bug 2073920, which is valid. The bug has been updated to refer to the pull request using the external bug tracker.

2 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @nehaberry

In response to this:

Bug 2073920: osd: only set kek to env var on encryption scenario

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link

openshift-ci bot commented Apr 12, 2022

@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: nehaberry.

Note that only red-hat-storage members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

@leseb: This pull request references Bugzilla bug 2073920, which is valid. The bug has been updated to refer to the pull request using the external bug tracker.

2 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @nehaberry

In response to this:

Bug 2073920: osd: only set kek to env var on encryption scenario

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 12, 2022
@agarwal-mudit agarwal-mudit changed the title Bug 2073920: osd: only set kek to env var on encryption scenario Bug 2074558: osd: only set kek to env var on encryption scenario Apr 14, 2022
@openshift-ci openshift-ci bot added bugzilla/severity-unspecified Referenced Bugzilla bug's severity is unspecified for the PR. and removed bugzilla/severity-medium Referenced Bugzilla bug's severity is medium for the branch this PR is targeting. labels Apr 14, 2022
@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

@leseb: This pull request references Bugzilla bug 2074558, which is valid.

2 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @nehaberry

In response to this:

Bug 2074558: osd: only set kek to env var on encryption scenario

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: nehaberry.

Note that only red-hat-storage members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

@leseb: This pull request references Bugzilla bug 2074558, which is valid.

2 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @nehaberry

In response to this:

Bug 2074558: osd: only set kek to env var on encryption scenario

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@agarwal-mudit
Copy link
Member

/bugzilla refresh

@openshift-ci openshift-ci bot added bugzilla/severity-medium Referenced Bugzilla bug's severity is medium for the branch this PR is targeting. and removed bugzilla/severity-unspecified Referenced Bugzilla bug's severity is unspecified for the PR. labels Apr 14, 2022
@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

@agarwal-mudit: This pull request references Bugzilla bug 2074558, which is valid.

2 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @nehaberry

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

@openshift-ci[bot]: GitHub didn't allow me to request PR reviews from the following users: nehaberry.

Note that only red-hat-storage members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

@agarwal-mudit: This pull request references Bugzilla bug 2074558, which is valid.

2 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Requesting review from QA contact:
/cc @nehaberry

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@agarwal-mudit
Copy link
Member

@leseb this can be merged now

@leseb
Copy link
Author

leseb commented Apr 14, 2022

/lgtm

@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

@leseb: you cannot LGTM your own PR.

In response to this:

/lgtm

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@leseb
Copy link
Author

leseb commented Apr 14, 2022

/approve

@BlaineEXE
Copy link

Should we ignore the golang lint issues?

@leseb
Copy link
Author

leseb commented Apr 14, 2022

Should we ignore the golang lint issues?

Weird let me check.

@BlaineEXE
Copy link

/lgtm

If we can figure out the lint issues, that might be good to do now so we don't have to keep ignoring the linter in future PRs. But since it might be time sensitive, that might be a tradeoff we have to make.

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Apr 14, 2022
@travisn
Copy link

travisn commented Apr 14, 2022

/approve
/lgtm

@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: leseb, travisn

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@leseb leseb merged commit 8b03c5a into release-4.10 Apr 14, 2022
34 of 36 checks passed
@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2022

@leseb: All pull requests linked via external trackers have merged:

Bugzilla bug 2074558 has been moved to the MODIFIED state.

In response to this:

Bug 2074558: osd: only set kek to env var on encryption scenario

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@leseb leseb deleted the bz-2073920 branch April 14, 2022 15:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@travisn travisn

@BlaineEXE BlaineEXE

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/severity-medium Referenced Bugzilla bug's severity is medium for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
4 participants
@leseb @agarwal-mudit @BlaineEXE @travisn