CORS-2933: IBMCloud: Basic service endpoint override#7632
CORS-2933: IBMCloud: Basic service endpoint override#7632openshift-merge-bot[bot] merged 2 commits intoopenshift:masterfrom
Conversation
cjschaef
force-pushed
the
splat-1097
branch
4 times, most recently
from
e26a23b to
03a6738
Compare
| } | ||
| } | ||
|
|
||
| // TODO(cjschaef): See about performing additional endpoint validation (all vs. subsets, regional endpoint validation, etc.) |
There was a problem hiding this comment.
what is the status of this TODO?
There was a problem hiding this comment.
I was expecting to follow up on this later, as I wait for details from other development teams on possible configurations, environments, etc. that would determine if we wish to perform additional validation, or leave the endpoint override possibilities broader, as the are currently.
I can get a Jira open to track that work, and link it here, if that makes sense.
There was a problem hiding this comment.
I removed the TODO, as we will be leaving the configuration options more broad, due to the variety of environments/restrictions we can cover.
| config.Provider.VPCEndpointOverride = suffixRegex.ReplaceAllString(endpoint.URL, "${1}") | ||
| case ibmcloud.IBMCloudServiceResourceManager: | ||
| config.Provider.RMEndpointOverride = endpoint.URL | ||
| } |
There was a problem hiding this comment.
would there be any value in logging when this switch falls through?
There was a problem hiding this comment.
Maybe. Other endpoints the CCM doesn't use (COS, DNS Services, etc.), would fall through, so we'd ignore them in terms of building the CCM config.
But perhaps logging the "ignored" overrides could be helpful if the user has incorrectly configured those required for the CCM, but I'd expect the validation steps should filter those issues out
https://github.com/openshift/installer/pull/7632/files#diff-e6306df593d77282680d1864f5e1504e044abdbe681195fbcbeaab0cc3c45cc2R437
I'll add a default log call I think though.
pkg/tfvars/ibmcloud/ibmcloud.go
Outdated
|
|
||
| // Following the format provided by the IBM Cloud Terraform Provider documentation: | ||
| // https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/guides/custom-service-endpoints#file-structure-for-endpoints-file | ||
| endpointContents := make(map[string]map[string]map[string]string) |
There was a problem hiding this comment.
this seems like a fairly complex way of representing this data structure. would it be possible to create a type representing it?
There was a problem hiding this comment.
Sure, I'll see about doing that instead, to get the JSON format correct.
There was a problem hiding this comment.
I made the design a bit better I hope.
| httpsScheme := "https" | ||
|
|
||
| // Regexp for a trailing API version in URL path ('/v1', '/v22/', etc.) | ||
| versionPath := regexp.MustCompile(`(/v\d+[/]{0,1})$`) |
There was a problem hiding this comment.
would it make sense to compile this regex once as in line 93?
There was a problem hiding this comment.
Oh yeah, I can move that.
/retest |
cjschaef
force-pushed
the
splat-1097
branch
2 times, most recently
from
a85470d to
334255e
Compare
|
/retitle CORS-2934: IBMCloud: Basic service endpoint override |
openshift-ci
bot
changed the title
|
@cjschaef: This pull request references CORS-2934 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.15.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
jira/valid-reference
cjschaef
force-pushed
the
splat-1097
branch
3 times, most recently
from
4e2f04f to
24036a9
Compare
|
/retest-required |
|
/retest |
1 similar comment
|
/retest |
|
/retest-required |
|
I am updating to pull in the changes from Done and fixed bootstrap destroy issue, requiring endpoint override solution. |
cjschaef
force-pushed
the
splat-1097
branch
3 times, most recently
from
d4c8a5b to
1e746f9
Compare
|
/retest |
2 similar comments
|
/retest |
|
/retest |
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
openshift-merge-robot
added
the
needs-rebase
openshift-merge-robot
removed
the
needs-rebase
|
I've rebased and pulled in a new |
r4f4
left a comment
r4f4
left a comment
There was a problem hiding this comment.
We usually prefer that vendoring changes are in their own commit. It also helps with code reviews, since we can skip them when looking at the commits until all the other parts have been reviewed.
I really wish this whole feature was not in a single commit but broken down into multiple logical units. For examples, 1 commit for terraform configs changes, 1 commit for adding a new field to install-config, 1 commit for replacing existing errors.Wrap by fmt.Errorf, etc. It would make reviewing much easier.
There was a problem hiding this comment.
It would be nice to add a comment explaining why it's ok to silence the linter
| _, err = http.Head(endpoint) //nolint:gosec | |
| _, err = http.Head(endpoint) //nolint:gosec // reason goes here |
There was a problem hiding this comment.
Is this change related to this PR?
There was a problem hiding this comment.
No, I was cleaning up the reference as I found null isn't desired for string.
I will drop and fix later.
|
I can attempt to break the PR up into multiple PR's if that helps then. I would open separate PR's then from this PR, as not to change this one until I know those are valid/expected. |
That would be nice but if you're aiming to get this merged before FF, just breaking this PR down into commits is enough. Unless you think some part of this work can be merged independently, in which case a separate PR might help to push those along. |
|
Okay, I went with that, and updated this PR with those changes (3 commits, without the other cleanup changes). I've opened a separate draft PR for those cleanup related changes. |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: patrickdillon The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
This LGTM |
openshift-merge-robot
added
the
needs-rebase
|
I'll see about rebasing and rebuilding the go mod conflicts. UpdatedI dropped the go mod changes, as the |
Adding support to terraform to allow overrides of IBM Cloud service endpoints. This is a hard requirement for disconnected cluster support, to allow use of non-default endpoints for IBM Cloud services. Related: https://issues.redhat.com/browse/CORS-2933
Adding support to allow overrides of IBM Cloud service endpoints in installconfig. This is a hard requirement for disconnected cluster support, to allow use of non-default endpoints for IBM Cloud services. Related: https://issues.redhat.com/browse/CORS-2933
openshift-merge-robot
removed
the
needs-rebase
|
@cjschaef: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
[ART PR BUILD NOTIFIER] This PR has been included in build ose-installer-altinfra-container-v4.15.0-202311271609.p0.g29ce6ef.assembly.stream for distgit ose-installer-altinfra. |
8 participants
Adding basic support to allow overrides of IBM Cloud service endpoints. This is a hard requirement for disconnected cluster support, to allow use of non-default endpoints for IBM Cloud services.