Remove existing Secret files in (deprovision) Pod#2430
Remove existing Secret files in (deprovision) Pod#24302uasimojo wants to merge 1 commit intoopenshift:mce-2.4from
Conversation
For Pods with `restartPolicy: OnFailure`, a failed container may be rerun in the same Pod, which will reuse the same file system as the initial run. When we project Secrets (for credentials, certs, etc) to directories in such containers, those writes can fail the second time around because the file already exists. Fix by removing the file, if it exists, before we write it. Note that at the time of this commit, this only affects deprovision pods: - imageset pods don't use ProjectToDir - provision pods have `restartPolicy: Never` HIVE-2604 (cherry picked from commit 4af190c) Conflicts: contrib/pkg/utils/generic.go
openshift-ci
bot
added
the
approved
|
/assign @dlom Manual backport, just had to get around a var name change. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## mce-2.4 #2430 +/- ##
===========================================
- Coverage 57.59% 57.58% -0.01%
===========================================
Files 187 187
Lines 25853 25855 +2
===========================================
Hits 14889 14889
- Misses 9715 9717 +2
Partials 1249 1249
|
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: 2uasimojo, dlom The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/override ci/prow/security Backport of #2387, if that happens. |
|
@2uasimojo: Overrode contexts on behalf of 2uasimojo: ci/prow/security DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
openshift-merge-robot
added
the
needs-rebase
|
@2uasimojo: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
4 participants
For Pods with
restartPolicy: OnFailure, a failed container may be rerun in the same Pod, which will reuse the same file system as the initial run. When we project Secrets (for credentials, certs, etc) to directories in such containers, those writes can fail the second time around because the file already exists. Fix by removing the file, if it exists, before we write it.Note that at the time of this commit, this only affects deprovision pods:
restartPolicy: NeverHIVE-2604
(cherry picked from commit 4af190c)
Conflicts:
contrib/pkg/utils/generic.go