fix: Add random string to e2e test role to avoid pipeline run conflicts

kubernetes-sigs / aws-iam-authenticator

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

Apache License 2.0

2.17k stars 416 forks source link

fix: Add random string to e2e test role to avoid pipeline run conflicts #714

Closed bryantbiggs closed 2 months ago

bryantbiggs commented 2 months ago

What this PR does / why we need it:

Add random string to e2e test role to avoid pipeline run conflicts. When running multiple e2e tests concurrently across PRs, using the same role name means that the first process to finish will delete the role and the other processes will lose permission and fail, or the role will not be found for use

Reference: https://github.com/search?q=repo%3Akubernetes-sigs%2Faws-iam-authenticator%20aws-iam-authenticator-test-role-&type=code

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged): Fixes #

bryantbiggs commented 2 months ago

cc @wongma7 / @jaidevmane for the various test failures due to the IAM role not found - there is a conflict when multiple e2e tests are run concurrently across workflows since the same role name is used "globally"

wongma7 commented 2 months ago

/lgtm /approve

thank you.

it may be hardcoded to avoid roles leaking or something like that. But that is easy to solve in other ways i.e. sweeping them up with ttl.

k8s-ci-robot commented 2 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bryantbiggs, wongma7

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/aws-iam-authenticator/blob/master/OWNERS)~~ [wongma7] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment