util/client.go: add method to specify pod security admission level by s-urbaniak · Pull Request #26938 · openshift/origin

s-urbaniak · 2022-03-28T12:13:49Z

/cc @stlaz @tkashem @soltysh @deads2k

stlaz · 2022-03-28T13:24:39Z

/retest
infra issues

go.mod

s-urbaniak · 2022-03-29T08:54:06Z

/hold

s-urbaniak · 2022-03-29T08:54:14Z

holding to verify e2e tests

s-urbaniak · 2022-03-29T09:10:13Z

/hold cancel

s-urbaniak · 2022-03-29T10:02:48Z

/hold

s-urbaniak · 2022-03-29T11:35:51Z

This is blocked until we have the newest k8s bump available in origin. The bump was reverted in #26939 because SDN e2e tests broke. There is work in progress in openshift/kubernetes#1228 to unskip those tests. Once merged we can continue here.

deads2k · 2022-03-29T12:18:26Z

test/extended/util/client.go


+// NewCLIWithPodSecurityEnforceLevel initializes the CLI the same way as `NewCLI()`
+// but the given pod security level is applied to the created e2e test namespace.
+func NewCLIWithPodSecurityEnforceLevel(project string, level admissionapi.Level) *CLI {


non-binding, but if it were me, I would have three methods: NewCLIWithRestrictedNamespace, NewCLIWithBaselineNamespace, NewCLIWithPrivilegedNamespace

deads2k · 2022-03-29T12:18:40Z

/approve

s-urbaniak · 2022-03-31T09:42:47Z

/hold

s-urbaniak · 2022-03-31T09:42:53Z

blocked by #26955

test/extended/util/client.go

openshift-bot · 2022-04-07T18:49:18Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-07T20:22:10Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-07T20:46:16Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-07T23:58:55Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

stlaz · 2022-04-08T10:13:34Z

test/extended/util/client.go

 	"fmt"
 	"io"
 	"io/ioutil"
+	"k8s.io/client-go/util/retry"


let's see how CI goes, i don't want to risk another e2e failure rush. i'll address in a followup

stlaz · 2022-04-08T10:13:51Z

/lgtm

openshift-ci · 2022-04-08T10:14:35Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deads2k, s-urbaniak, soltysh, stlaz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~OWNERS~~ [deads2k,soltysh]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

stlaz · 2022-04-08T11:20:17Z

/retest-required

openshift-bot · 2022-04-08T11:30:54Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-08T13:11:58Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-08T14:42:55Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-08T16:39:58Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-08T17:18:55Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-08T17:57:56Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-08T21:38:55Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-09T00:29:13Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-09T01:05:13Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-09T01:41:13Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-bot · 2022-04-09T02:41:15Z

/retest-required

Please review the full test history for this PR and help us cut down flakes.

openshift-ci · 2022-04-09T04:28:33Z

@s-urbaniak: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-aws-single-node	`2d3a370`	link	false	`/test e2e-aws-single-node`
ci/prow/e2e-agnostic-cmd	`2d3a370`	link	false	`/test e2e-agnostic-cmd`
ci/prow/e2e-aws-single-node-upgrade	`2d3a370`	link	false	`/test e2e-aws-single-node-upgrade`

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

openshift-ci bot requested review from deads2k, soltysh, stlaz and tkashem March 28, 2022 12:13

s-urbaniak force-pushed the pod-security-levels branch from 1f5505b to d61cf48 Compare March 28, 2022 12:16

openshift-ci bot added the vendor-update Touching vendor dir or related files label Mar 28, 2022

openshift-ci bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 28, 2022

stlaz reviewed Mar 29, 2022

View reviewed changes

go.mod Outdated Show resolved Hide resolved

s-urbaniak force-pushed the pod-security-levels branch 2 times, most recently from 71a3443 to f0b7d3c Compare March 29, 2022 08:53

openshift-ci bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 29, 2022

openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 29, 2022

openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 29, 2022

openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 29, 2022

deads2k reviewed Mar 29, 2022

View reviewed changes

openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 29, 2022

s-urbaniak force-pushed the pod-security-levels branch from f0b7d3c to bb6b5aa Compare March 31, 2022 09:42

s-urbaniak force-pushed the pod-security-levels branch from bb6b5aa to 3f37075 Compare April 5, 2022 07:56

stlaz reviewed Apr 5, 2022

View reviewed changes

test/extended/util/client.go Outdated Show resolved Hide resolved

s-urbaniak force-pushed the pod-security-levels branch 2 times, most recently from 8e2908c to 221096d Compare April 5, 2022 08:15

openshift-ci bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 7, 2022

s-urbaniak added 2 commits April 8, 2022 11:08

util/client.go: add method to specify pod security admission level

e10df4d

go mod tidy, go mod vendor

2d3a370

s-urbaniak force-pushed the pod-security-levels branch from 0da2730 to 2d3a370 Compare April 8, 2022 09:11

openshift-ci bot removed lgtm Indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Apr 8, 2022

stlaz reviewed Apr 8, 2022

View reviewed changes

openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Apr 8, 2022

openshift-merge-robot merged commit 9e11596 into openshift:master Apr 9, 2022

s-urbaniak deleted the pod-security-levels branch April 9, 2022 06:06

s-urbaniak mentioned this pull request Apr 11, 2022

actually set default PSa labels if unset #27000

Merged

Comments

Conversation

s-urbaniak commented Mar 28, 2022

Uh oh!

stlaz commented Mar 28, 2022

Uh oh!

Uh oh!

s-urbaniak commented Mar 29, 2022

Uh oh!

s-urbaniak commented Mar 29, 2022

Uh oh!

s-urbaniak commented Mar 29, 2022

Uh oh!

s-urbaniak commented Mar 29, 2022

Uh oh!

s-urbaniak commented Mar 29, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

deads2k Mar 29, 2022

Choose a reason for hiding this comment

Uh oh!

deads2k commented Mar 29, 2022

Uh oh!

s-urbaniak commented Mar 31, 2022

Uh oh!

s-urbaniak commented Mar 31, 2022

Uh oh!

Uh oh!

openshift-bot commented Apr 7, 2022

Uh oh!

openshift-bot commented Apr 7, 2022

Uh oh!

openshift-bot commented Apr 7, 2022

Uh oh!

openshift-bot commented Apr 7, 2022

Uh oh!

stlaz Apr 8, 2022

Choose a reason for hiding this comment

Uh oh!

s-urbaniak Apr 8, 2022

Choose a reason for hiding this comment

Uh oh!

stlaz commented Apr 8, 2022

Uh oh!

openshift-ci bot commented Apr 8, 2022

Uh oh!

stlaz commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 8, 2022

Uh oh!

openshift-bot commented Apr 9, 2022

Uh oh!

openshift-bot commented Apr 9, 2022

Uh oh!

openshift-bot commented Apr 9, 2022

Uh oh!

openshift-bot commented Apr 9, 2022

Uh oh!

openshift-ci bot commented Apr 9, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

s-urbaniak commented Mar 29, 2022 •

edited

Loading