From f18bf16c56ac22724ab00f292acccfcf3c5e72fc Mon Sep 17 00:00:00 2001 From: Maciej Szulik Date: Sat, 11 Apr 2020 06:43:58 +0200 Subject: [PATCH 1/3] Bug 1820687: allow patch for updating namespace --- .../namespace-security-allocation-controller-clusterrole.yaml | 1 + pkg/operator/v411_00_assets/bindata.go | 1 + 2 files changed, 2 insertions(+) diff --git a/bindata/v4.1.0/kube-controller-manager/namespace-security-allocation-controller-clusterrole.yaml b/bindata/v4.1.0/kube-controller-manager/namespace-security-allocation-controller-clusterrole.yaml index b2d5bc4dd..645f6f94b 100644 --- a/bindata/v4.1.0/kube-controller-manager/namespace-security-allocation-controller-clusterrole.yaml +++ b/bindata/v4.1.0/kube-controller-manager/namespace-security-allocation-controller-clusterrole.yaml @@ -23,6 +23,7 @@ rules: - list - update - watch + - patch - apiGroups: - "" resources: diff --git a/pkg/operator/v411_00_assets/bindata.go b/pkg/operator/v411_00_assets/bindata.go index 94954611b..31401fa09 100644 --- a/pkg/operator/v411_00_assets/bindata.go +++ b/pkg/operator/v411_00_assets/bindata.go @@ -568,6 +568,7 @@ rules: - list - update - watch + - patch - apiGroups: - "" resources: From fab897dcd2011a418d5110c930e480a7582a5948 Mon Sep 17 00:00:00 2001 From: Maciej Szulik Date: Tue, 14 Apr 2020 15:47:37 +0200 Subject: [PATCH 2/3] Switch from prints to proper logging --- test/e2e/satokensigner_test.go | 3 +++ test/library/cluster_operator.go | 7 +++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/test/e2e/satokensigner_test.go b/test/e2e/satokensigner_test.go index 69ed36a11..fc0a5b7d2 100644 --- a/test/e2e/satokensigner_test.go +++ b/test/e2e/satokensigner_test.go @@ -27,17 +27,20 @@ func TestSATokenSignerControllerSyncCerts(t *testing.T) { ctx := context.Background() // wait for the operator readiness + t.Logf("Waiting for true, false, false") test.WaitForKubeControllerManagerClusterOperator(t, ctx, configClient, configv1.ConditionTrue, configv1.ConditionFalse, configv1.ConditionFalse) err = kubeClient.Secrets(operatorclient.TargetNamespace).Delete(ctx, "service-account-private-key", metav1.DeleteOptions{}) require.NoError(t, err) // wait for the operator reporting progressing + t.Logf("Waiting for true, true, false") test.WaitForKubeControllerManagerClusterOperator(t, ctx, configClient, configv1.ConditionTrue, configv1.ConditionTrue, configv1.ConditionFalse) // and check for secret being synced from next-service-private-key _, err = kubeClient.Secrets(operatorclient.TargetNamespace).Get(ctx, "service-account-private-key", metav1.GetOptions{}) require.NoError(t, err) + t.Logf("Waiting for true, false, false") test.WaitForKubeControllerManagerClusterOperator(t, ctx, configClient, configv1.ConditionTrue, configv1.ConditionFalse, configv1.ConditionFalse) } diff --git a/test/library/cluster_operator.go b/test/library/cluster_operator.go index cd6804500..a637d1be2 100644 --- a/test/library/cluster_operator.go +++ b/test/library/cluster_operator.go @@ -2,7 +2,6 @@ package library import ( "context" - "fmt" "testing" "time" @@ -26,11 +25,11 @@ func WaitForKubeControllerManagerClusterOperator(t *testing.T, ctx context.Conte err := wait.Poll(WaitPollInterval, WaitPollTimeout, func() (bool, error) { clusterOperator, err := client.ClusterOperators().Get(ctx, "kube-controller-manager", metav1.GetOptions{}) if errors.IsNotFound(err) { - fmt.Println("ClusterOperator/kube-controller-manager does not yet exist.") + t.Log("ClusterOperator/kube-controller-manager does not yet exist.") return false, nil } if err != nil { - fmt.Println("Unable to retrieve ClusterOperator/kube-controller-manager:", err) + t.Log("Unable to retrieve ClusterOperator/kube-controller-manager:", err) return false, err } conditions := clusterOperator.Status.Conditions @@ -38,7 +37,7 @@ func WaitForKubeControllerManagerClusterOperator(t *testing.T, ctx context.Conte progressingOK := clusteroperatorhelpers.IsStatusConditionPresentAndEqual(conditions, configv1.OperatorProgressing, progressing) degradedOK := clusteroperatorhelpers.IsStatusConditionPresentAndEqual(conditions, configv1.OperatorDegraded, degraded) done := availableOK && progressingOK && degradedOK - fmt.Printf("ClusterOperator/kube-controller-manager: AvailableOK: %v ProgressingOK: %v DegradedOK: %v\n", availableOK, progressingOK, degradedOK) + t.Logf("ClusterOperator/kube-controller-manager: AvailableOK: %v ProgressingOK: %v DegradedOK: %v", availableOK, progressingOK, degradedOK) return done, nil }) if err != nil { From b35d8f91a96832a229d642ef31c33162359b3bd4 Mon Sep 17 00:00:00 2001 From: Maciej Szulik Date: Wed, 15 Apr 2020 13:23:13 +0200 Subject: [PATCH 3/3] Bump initContainer timeout and squash both wait-for-port loops into one --- .../v4.1.0/kube-controller-manager/pod.yaml | 20 ++++--------------- pkg/operator/v411_00_assets/bindata.go | 20 ++++--------------- 2 files changed, 8 insertions(+), 32 deletions(-) diff --git a/bindata/v4.1.0/kube-controller-manager/pod.yaml b/bindata/v4.1.0/kube-controller-manager/pod.yaml index cd2d3fb98..0b0ad74d2 100644 --- a/bindata/v4.1.0/kube-controller-manager/pod.yaml +++ b/bindata/v4.1.0/kube-controller-manager/pod.yaml @@ -11,27 +11,15 @@ metadata: revision: "REVISION" spec: initContainers: - - name: wait-for-host-port + - name: wait-for-host-ports terminationMessagePolicy: FallbackToLogsOnError image: ${IMAGE} imagePullPolicy: IfNotPresent - command: ['/usr/bin/timeout', '30', "/bin/bash", "-c"] + command: ['/usr/bin/timeout', '65', '/bin/bash', '-ec'] # a bit more than 60s for TIME_WAIT, 5s extra cri-o's graceful termination period args: - | - echo -n "Waiting for port :10257 to be released." - while [ -n "$(lsof -ni :10257)" ]; do - echo -n "." - sleep 1 - done - - name: wait-for-cpc-host-port - terminationMessagePolicy: FallbackToLogsOnError - image: ${IMAGE} - imagePullPolicy: IfNotPresent - command: ['/usr/bin/timeout', '30', "/bin/bash", "-c"] - args: - - | - echo -n "Waiting for port :10357 to be released." - while [ -n "$(lsof -ni :10357)" ]; do + echo -n "Waiting for port :10257 and :10357 to be released." + while [ -n "$(lsof -ni :10257)$(lsof -ni :10357)" ]; do echo -n "." sleep 1 done diff --git a/pkg/operator/v411_00_assets/bindata.go b/pkg/operator/v411_00_assets/bindata.go index 31401fa09..7f1122579 100644 --- a/pkg/operator/v411_00_assets/bindata.go +++ b/pkg/operator/v411_00_assets/bindata.go @@ -689,27 +689,15 @@ metadata: revision: "REVISION" spec: initContainers: - - name: wait-for-host-port + - name: wait-for-host-ports terminationMessagePolicy: FallbackToLogsOnError image: ${IMAGE} imagePullPolicy: IfNotPresent - command: ['/usr/bin/timeout', '30', "/bin/bash", "-c"] + command: ['/usr/bin/timeout', '65', '/bin/bash', '-ec'] # a bit more than 60s for TIME_WAIT, 5s extra cri-o's graceful termination period args: - | - echo -n "Waiting for port :10257 to be released." - while [ -n "$(lsof -ni :10257)" ]; do - echo -n "." - sleep 1 - done - - name: wait-for-cpc-host-port - terminationMessagePolicy: FallbackToLogsOnError - image: ${IMAGE} - imagePullPolicy: IfNotPresent - command: ['/usr/bin/timeout', '30', "/bin/bash", "-c"] - args: - - | - echo -n "Waiting for port :10357 to be released." - while [ -n "$(lsof -ni :10357)" ]; do + echo -n "Waiting for port :10257 and :10357 to be released." + while [ -n "$(lsof -ni :10257)$(lsof -ni :10357)" ]; do echo -n "." sleep 1 done