PODAUTO-228: Upstream rebase to 2.15.1 #35
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jkyros
commented
Sep 4, 2024
•
jkyros
commented
- Create a rebase tree using rebasebot:
- Check all "numbered carry PRs", rebasebot likes to drop them regardles (looked like they were all legit drops)
- Update .ci-operator.yaml to reference rhel-9-release-golang-1.22-openshift-4.17 (moving to go 1.22)
- Squash duplicate carry commits (OWNERS, .ci-operator.yaml, e2e hacks)
- Add verify history drop commit to use upstream's release/v2.15 branch as the merge base
- Cherry-picked kafka: allow disabling kerberos FAST in sarama client kedacore/keda#6189 into 2.15.1 so we can use it until it ships upstream
- Push to own fork, open PR
Signed-off-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* bump deps Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * code-generators Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * styles Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix test Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * downgrade pending k8s dep Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
Bumps [helm/kind-action](https://github.com/helm/kind-action) from 1.8.0 to 1.10.0. - [Release notes](https://github.com/helm/kind-action/releases) - [Commits](helm/kind-action@v1.8.0...v1.10.0) --- updated-dependencies: - dependency-name: helm/kind-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Module `github.com/xdg/scram` was renamed to `github.com/xdg-go/scram` in October 2018. Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
This commit fixs issue kedacore#5760. where OP was facing problem with +srv schema Signed-off-by: Rishikesh Betigeri <53863619+Rishikesh01@users.noreply.github.com>
* added custom time horizon in gcp scaler Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * add custom duration in other gcp stackdriver Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * Update CHANGELOG.md Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Signed-off-by: Yashveer <101015836+Yaxhveer@users.noreply.github.com> --------- Signed-off-by: Yaxhveer <yaxhcod@gmail.com> Signed-off-by: Yashveer <101015836+Yaxhveer@users.noreply.github.com> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es>
Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
…e#5782) * chore: Remove deprecated AAD-Pod-Identity and AWS-KIAM auths Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix CI Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix CI Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
…tResetPolicy (kedacore#5689) Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
…core#5746) Signed-off-by: Simon Kobler <github@kobler.me> Signed-off-by: Simon Kobler <32038731+KoblerS@users.noreply.github.com> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Co-authored-by: Simon Kobler <github@kobler.me>
Signed-off-by: Guillaume Jacquet <guillaume.jacquet@gmail.com>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com>
* added regex pre check before building image Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * refactored Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * corrected Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * corrected changelog Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated the workflow Signed-off-by: Yaxhveer <yaxhcod@gmail.com> * updated the workflow Signed-off-by: Yaxhveer <yaxhcod@gmail.com> --------- Signed-off-by: Yaxhveer <yaxhcod@gmail.com>
Signed-off-by: Andrea Scarpino <andrea@scarpino.dev>
* test: Run e2e tests against Kubernetes v1.28-v1.30 Signed-off-by: Tom Kerkhove <kerkhove.tom@gmail.com> * test: Run e2e tests against Kubernetes v1.28-v1.30 Signed-off-by: Tom Kerkhove <kerkhove.tom@gmail.com> * Update CHANGELOG.md Signed-off-by: Tom Kerkhove <kerkhove.tom@gmail.com> --------- Signed-off-by: Tom Kerkhove <kerkhove.tom@gmail.com>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
Signed-off-by: Jan Wozniak <wozniak.jan@gmail.com>
…dacore#5851) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.19.0 to 0.21.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@d710430...fd25fed) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Yury Akudovich <yorik13@gmail.com>
Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
Signed-off-by: SpiritZhou <iammrzhouzhenghan@gmail.com>
Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl>
* Remove deprecated cortexOrgId in prometheus scaler Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg> * Move to breaking changes Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg> --------- Signed-off-by: dttung2905 <ttdao.2015@accountancy.smu.edu.sg>
…nalMetric` (kedacore#6010) Signed-off-by: Max Cao <macao@redhat.com>
* Prepare v2.15 Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> * Update roadmap Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> --------- Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl>
* fix: JetSteam scaler detects leader changes correctly (kedacore#6043) Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * bump deps & k8s to v0.29.7 (kedacore#6035) Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Co-authored-by: Jorge Turrado Ferrero <Jorge_turrado@hotmail.es> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix: Hashicorp Vault PKI doesn't fail with due to KeyPair mismatch (kedacore#6029) Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * update changelog Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> * fix style Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> --------- Signed-off-by: Jorge Turrado <jorge_turrado@hotmail.es> Signed-off-by: Zbynek Roubalik <zroubalik@gmail.com> Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl> Co-authored-by: Zbynek Roubalik <zroubalik@gmail.com>
|
@jkyros: This pull request references PODAUTO-228 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci-robot
added
the
jira/valid-reference
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jkyros The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
Made it past the azure test, but it looks like we failed the Let's see if that's a flake... |
Signed-off-by: John Kyros <jkyros@redhat.com>
This is used by CPaaS where Cachito will make a cached copy of anything needed during the build so that an offline brew build can succeed.
* hack/cma-verify-history.sh: checks history to make sure to use rebasebot-friendly commit messages
jkyros
force-pushed
the
keda-rebase-2.15.1
branch
from
ec83452
to
6d156cb
Compare
|
@jkyros: This pull request references PODAUTO-228 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.18.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
* Allow privileged pods in OpenShift test namespaces The way the e2e test suite is set up, there are several pods that are to running with more privilege than our "restricted" SCC provides. Long-term I don't think there is anything in here that *requires* the privilege, but we'll need to do some testing and find out. In the mean time, this injects an adjusted pod admission policy into each test namespace via the centralized namespace creation helper function so that those privileged pods can run in the test namespaces. * Specify securityContext for privileged e2e pods The e2e test suite here is used to running in a "vanilla kube" environment that does not have OpenShift/OpenShift CI restrictions. This becomes a problem when one of the test containers attempts to do something privileged (like bind to a privileged port) and is denied. This just adds securityContexts to the pods that require privilege so that they can get assigned a proper SCC and successfully run. The securityContext addition is limited to only the tests that OpenShift runs (internal, sequential, cpu/memory/kafka scalers) because we haven't tested the others. * Allow e2e test image overrides for OpenShift CI The e2e test suite references multiple images spread across multiple public registries (ghcr.io,docker.io,k8s.io) and some of those registries have pull limits, which will cause our tests to fail. We also cache some of these upstream images in our CI system, and so it is beneficial to be able to reference our cached copy rather than have to pull it from "the internet" every time. Anyway, the way that the e2e tests are set up, all those images are hard-coded in each of the manifests, which are just vars that exist in each test's .go file. They are not templated. There is, however a central helper function that applies all these resources (using kubectl). So, in order for us to be able to override the image list for CI, this temporarily: - adds an image rewrite map that specifies replacement images for images we might have difficulty pulling - adds a helper function that will let those replacement images be specified by environment variables for use in CI until we can figure out a more elegant refactor. * Account for OpenShift CI in Prometheus build test There is a test in the prometheus sequential suite that checks the git commit hash of the current code and compares it to the containers running in the test to make sure that the test version matches the code version. This version is injected as GIT_COMMIT during the docker builds in the Makefile, but it does not get injected when the containers are build in OpenShift CI. I would like to find a way to inject it via CI, but until then we are supplying a dummy string "dummy-ci-commit-value" that is at least "yes you are running against a CI payload we built, and not one that you pulled from upstream". Eventually when we figure out how to make all the variables available in CI and inject them, this can go away because then the commits will match.
* Pull test container dockerfile out of CI and into keda repo Previously we were building the test container in CI from a dockerfile_literal, which was kind of hacky and more difficult to manage than it being here in the keda repo. This pulls that dockerfile out of CI and into a Dockerfile.tests which we now just reference from CI. * Add Makefile targets to makefile for OpenShift tests We kind of stuffed those tests into CI quick so we had something, and when we did we didn't heavily consider ergonomics. Now that we find ourselves having to enable additional tests for fixes and new features, it will be much easier in the long run if we can manage the test targets here in the repo so we don't have to put in a separate PR to the release repo to see if our changes work. This adds some e2e-test-openshift* makefile targets that we can point and whatever we need to, and once CI is updated, it can just call those targets, whatever they happen to entail. * Reenable CPU scaler test Now that we figured out how the CPU test was broken, we can add it back in to the testing since it's supported. This adds the cpu test into the e2e-test-openshift Makefile target, so when CI calls it, it will run with the rest of the scaler tests Signed-off-by: John Kyros <jkyros@redhat.com>
This excludes deps and tests from snyk scans to cut down on noise. This also excludes the tests/ directory as it contains some launcher .go files that don't end in _test.go, but are part of the testing suite and are not shipped with the final product.
There are a ton of credentials in our test suite because of how keda works, but every last one of them is fake/useless. This just excludes our test files from the scanner so they will stop generating false-positives. The preferred method to deal with them is to comment the exact line as "# notasecret" but that's not feasible given the size of the test suite and the number of fake credentials. This should stop the scary false positive ALERT! emails. Signed-off-by: John Kyros <jkyros@redhat.com>
Signed-off-by: John Kyros <jkyros@redhat.com>
…rt 2) Enable cron E2E tests Signed-off-by: Joel Smith <joelsmith@redhat.com>
Our sarama client has kerberos FAST negotiation turned on by default, but there are KDCs that can't handle FAST negotiation and will fail. There is an option to configure this on the sarama client, but we didn't expose it anywhere, so users couldn't get to it. This just adds an additional auth parameter to AuthConfig to expose that configuration option so users who need to shut off FAST are able to do so. Signed-off-by: John Kyros <jkyros@redhat.com>
…e/v2.15 branch instead of main
So upstream the tests are gated by the launcher, but we aren't using the launcher, because it doesn't work in our environment. I think we should probably make our own similar-ish launcher so these hacks don't keep getting worse over time, but for now we're just going to work around the azure tests. Signed-off-by: John Kyros <jkyros@redhat.com>
jkyros
force-pushed
the
keda-rebase-2.15.1
branch
from
6d156cb
to
6d2c1eb
Compare
|
@jkyros: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.