search

openshift / cloud-credential-operator

Manage cloud provider credentials as Kubernetes CRDs
Apache License 2.0
62 stars 143 forks source link

[release-4.14] OCPBUGS-37823: GCP passthrough permissions check to ignore problematic permissions. #741

Closed openshift-cherrypick-robot closed 1 month ago

openshift-cherrypick-robot commented 1 month ago

This is an automated cherry-pick of #730

/assign openshift-cherrypick-robot

openshift-ci-robot commented 1 month ago

@openshift-cherrypick-robot: Jira Issue OCPBUGS-37288 has been cloned as Jira Issue OCPBUGS-37823. Will retitle bug to link to clone. /retitle [release-4.14] OCPBUGS-37823: GCP passthrough permissions check to ignore problematic permissions.

In response to [this](https://github.com/openshift/cloud-credential-operator/pull/741): >This is an automated cherry-pick of #730 > >/assign openshift-cherrypick-robot Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fcloud-credential-operator). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
openshift-ci-robot commented 1 month ago

@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-37823, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to [this](https://github.com/openshift/cloud-credential-operator/pull/741): >This is an automated cherry-pick of #730 > >/assign openshift-cherrypick-robot Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fcloud-credential-operator). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
codecov[bot] commented 1 month ago

Codecov Report

Attention: Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.

Project coverage is 48.34%. Comparing base (e12d56a) to head (9bb5819). Report is 2 commits behind head on release-4.14.

Files Patch % Lines
pkg/operator/utils/gcp/utils.go 0.00% 4 Missing :warning:
Additional details and impacted files [![Impacted file tree graph](https://app.codecov.io/gh/openshift/cloud-credential-operator/pull/741/graphs/tree.svg?width=650&height=150&src=pr&token=MSJhsyXrnA&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=openshift)](https://app.codecov.io/gh/openshift/cloud-credential-operator/pull/741?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=openshift) ```diff @@ Coverage Diff @@ ## release-4.14 #741 +/- ## ================================================ - Coverage 48.35% 48.34% -0.02% ================================================ Files 96 96 Lines 11758 11762 +4 ================================================ Hits 5686 5686 - Misses 5439 5443 +4 Partials 633 633 ``` | [Files](https://app.codecov.io/gh/openshift/cloud-credential-operator/pull/741?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=openshift) | Coverage Δ | | |---|---|---| | [pkg/operator/utils/gcp/utils.go](https://app.codecov.io/gh/openshift/cloud-credential-operator/pull/741?src=pr&el=tree&filepath=pkg%2Foperator%2Futils%2Fgcp%2Futils.go&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=openshift#diff-cGtnL29wZXJhdG9yL3V0aWxzL2djcC91dGlscy5nbw==) | `69.89% <0.00%> (-3.15%)` | :arrow_down: |
jstuever commented 1 month ago

/assign

jstuever commented 1 month ago

/jira refresh

openshift-ci-robot commented 1 month ago

@jstuever: This pull request references Jira Issue OCPBUGS-37823, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug * bug is open, matching expected state (open) * bug target version (4.14.z) matches configured target version for branch (4.14.z) * bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST) * release note text is set and does not match the template * dependent bug [Jira Issue OCPBUGS-37288](https://issues.redhat.com//browse/OCPBUGS-37288) is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA)) * dependent [Jira Issue OCPBUGS-37288](https://issues.redhat.com//browse/OCPBUGS-37288) targets the "4.15.z" version, which is one of the valid target versions: 4.15.0, 4.15.z * bug has dependents

Requesting review from QA contact: /cc @jianping-shu

In response to [this](https://github.com/openshift/cloud-credential-operator/pull/741#issuecomment-2284638149): >/jira refresh Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fcloud-credential-operator). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
jstuever commented 1 month ago

/lgtm /approve

jstuever commented 1 month ago

/label backport-risk-assessed

openshift-ci[bot] commented 1 month ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jstuever, openshift-cherrypick-robot

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/cloud-credential-operator/blob/release-4.14/OWNERS)~~ [jstuever] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
jstuever commented 1 month ago

/test security

jstuever commented 1 month ago

/override ci/prow/security There is another jira bug to handle this issue.

openshift-ci[bot] commented 1 month ago

@jstuever: Overrode contexts on behalf of jstuever: ci/prow/security

In response to [this](https://github.com/openshift/cloud-credential-operator/pull/741#issuecomment-2284687638): >/override ci/prow/security >There is another jira bug to handle this issue. Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
jianping-shu commented 1 month ago

Verified with cluster-bot build 4.14.0-0.ci.test-2024-08-13-032243-ci-ln-rcb1c0t-latest. The GCP cluster with Passthrough mode installed successfully and healthy. The GCP cluster with default mode (i.e. Mint) installed successfully and healthy. /label cherry-pick-approved

openshift-ci-robot commented 1 month ago

/retest-required

Remaining retests: 0 against base HEAD bd316800a4d3d9d371beb79ac0a84d1038b52123 and 2 for PR HEAD 9bb5819f646e46e5b1199f524a43da08527914ce in total

openshift-ci[bot] commented 1 month ago

@openshift-cherrypick-robot: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 9bb5819f646e46e5b1199f524a43da08527914ce link false /test security

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
openshift-ci-robot commented 1 month ago

@openshift-cherrypick-robot: Jira Issue OCPBUGS-37823: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-37823 has been moved to the MODIFIED state.

In response to [this](https://github.com/openshift/cloud-credential-operator/pull/741): >This is an automated cherry-pick of #730 > >/assign openshift-cherrypick-robot Instructions for interacting with me using PR comments are available [here](https://prow.ci.openshift.org/command-help?repo=openshift%2Fcloud-credential-operator). If you have questions or suggestions related to my behavior, please file an issue against the [openshift-eng/jira-lifecycle-plugin](https://github.com/openshift-eng/jira-lifecycle-plugin/issues/new) repository.
openshift-bot commented 4 weeks ago

[ART PR BUILD NOTIFIER]

Distgit: ose-cloud-credential-operator This PR has been included in build ose-cloud-credential-operator-container-v4.14.0-202408150010.p0.gcb6aa58.assembly.stream.el8. All builds following this will include this PR.