OCPBUGS-45895: allow reconciling existing Secrets #2539
Conversation
openshift-ci-robot
added
jira/severity-moderate
|
@rexagod: This pull request references Jira Issue OCPBUGS-45895, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
bot
added
the
approved
|
/jira refresh |
openshift-ci-robot
added
jira/valid-bug
|
@rexagod: This pull request references Jira Issue OCPBUGS-45895, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
rexagod
force-pushed
the
OCPBUGS-45895
branch
from
d5d9b9f to
fc606f7
Compare
rexagod
force-pushed
the
OCPBUGS-45895
branch
from
f6d2966 to
8ba4e67
Compare
|
I'm currently having some problems with |
rexagod
force-pushed
the
OCPBUGS-45895
branch
from
8ba4e67 to
a81fdf4
Compare
|
/retest-required |
machine424
left a comment
machine424
left a comment
There was a problem hiding this comment.
thanks for the test, some suggestions.
|
/label qe-approved |
openshift-ci
bot
added
the
qe-approved
|
@rexagod: This pull request references Jira Issue OCPBUGS-45895, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: rexagod The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
rexagod
force-pushed
the
OCPBUGS-45895
branch
5 times, most recently
from
34754e6 to
b088579
Compare
|
|
machine424
left a comment
machine424
left a comment
There was a problem hiding this comment.
Thanks again, we're almost ready to merge this, just some final suggestions
test/e2e/reconcile_objects_test.go
Outdated
| `) | ||
| f.MustCreateOrUpdateConfigMap(t, userWorkloadConfigMap) | ||
| defer f.MustDeleteConfigMap(t, userWorkloadConfigMap) | ||
| for _, secret := range []types.NamespacedName{ |
There was a problem hiding this comment.
maybe we can just check that len(syncedSecrets)>5 or something to be sure the check isn't no-op?
There was a problem hiding this comment.
Used a require.NotEmpty(t, syncedSecrets) right after we fill syncedSecrets to ensure it's not empty.
There was a problem hiding this comment.
then I don't see why this f.AssertSecretExists is needed.
test/e2e/reconcile_objects_test.go
Outdated
| require.NotEmpty(t, syncedSecrets) | ||
|
|
||
| // Update the aforementioned secrets' data. | ||
| for _, secret := range append(syncedSecrets, unsyncedSecrets...) { |
There was a problem hiding this comment.
maybe we can just have secrets instead of syncedSecrets with all the secrets and only do the skipping below.
There was a problem hiding this comment.
Not sure what this means, could you please elaborate a bit? There's no secrets IIUC but only syncedSecrets and unsyncedSecrets.
There was a problem hiding this comment.
I meant we can only have secrets with all secrets and loop over them only once and then use the slices.Contains check to see whether we want to // Check if the secrets were reconciled as expected. or // Check if the secrets were reconciled unexpectedly.. so we only have one check loop.
(this is a nit, I just find it more readable that way)
|
🤦🏼 So I just noticed I had a patch on local for this that I never pushed, I did that now, and I think some of the review comments are addressed by it. I'll go over them again to make sure I act on them. |
rexagod
force-pushed
the
OCPBUGS-45895
branch
3 times, most recently
from
c2589f3 to
b5e48bd
Compare
| "k8s.io/apimachinery/pkg/types" | ||
| ) | ||
|
|
||
| func TestSecretsReconciliation(t *testing.T) { |
There was a problem hiding this comment.
let's add a short comment about the overall logic in the test
| func TestSecretsReconciliation(t *testing.T) { | ||
| // Create assets under both scenarios for us to work with. | ||
| setupUserWorkloadAssetsWithTeardownHook(t, f) | ||
| userWorkloadConfigMap := f.BuildUserWorkloadConfigMap(t, `alertmanager: |
There was a problem hiding this comment.
good catch, I think this config should make CMO produce all/most of the secrets.
|
Need to test this out on a cluster, will request a review once that's green. |
|
/retest |
1 similar comment
|
/retest |
|
/retest-required |
openshift-merge-robot
added
the
needs-rebase
|
This needs to be updated a bit, will request a review once I clean this up. |
Until now, CMO did not reconcile existing secrets, even if their data changed. This changes that behavior. Signed-off-by: Pranshu Srivastava <[email protected]>
openshift-merge-robot
removed
the
needs-rebase
|
@rexagod: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
openshift-merge-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
5 participants
Until now, CMO did not reconcile existing secrets, even if their data changed. This changes that behavior.