-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use groupUIDNameMapping for LDAP sync/prune with Openshift groups #16071
Use groupUIDNameMapping for LDAP sync/prune with Openshift groups #16071
Conversation
/test extended_ldap_groups |
Seems like there should be a test for this scenario |
Definitely. But I have not even tested locally yet 😄 |
/retest Flake on kubernetes/kubernetes#51704 and #16025 |
@@ -230,13 +231,28 @@ func (o *SyncOptions) Complete(typeArg, whitelistFile, blacklistFile, configFile | |||
} | |||
|
|||
// buildOpenShiftGroupNameList builds a list of OpenShift names from file and args | |||
func buildOpenShiftGroupNameList(args []string, file string) ([]string, error) { | |||
// nameMapping is used to override the OpenShift names built from file and args |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
bad godoc
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Er what should I say instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
doesn't match func name
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is the second line of the go doc. The first line correctly states buildOpenShiftGroupNameList
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh wow am bad at reading diffs
/retest |
@enj what's the status of this PR ? |
/test extended_ldap_groups |
When syncing LDAP groups with --type=openshift or when pruning groups, the LDAPGroupUIDToOpenShiftGroupNameMapping should be taken into consideration since: 1. The system of truth in both flows is openshift groups 2. The mapping was probably used to name said openshift groups Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1484831 Signed-off-by: Monis Khan <mkhan@redhat.com>
110b644
to
c3c59c2
Compare
/test extended_ldap_groups |
Running both of my added tests on master results in the expect error |
@stevekuznetsov now the CI is being hateful: /retest |
/shrug |
/lgtm |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: enj, simo5, stevekuznetsov The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
/retest |
Failed on #16323 |
/retest |
/shrug cancel |
/unshrug |
@stevekuznetsov: ¯\_(ツ)_/¯ In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Automatic merge from submit-queue (batch tested with PRs 16150, 16284, 16296, 16071) |
When syncing LDAP groups with --type=openshift or when pruning groups, the
LDAPGroupUIDToOpenShiftGroupNameMapping
should be taken into consideration since:Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1484831
Signed-off-by: Monis Khan mkhan@redhat.com
@openshift/sig-security @stevekuznetsov