This test depends on CDI support in a runtime and doesn't work
with the out-of-the box Containerd. Marking it as a NodeSpecialFeature
should fix Containerd CI job failures.
update pod replacement policy feature flag comment and refactor the e2e test for pod replacement policy
minor fixes for pod replacement policy and e2e test
fix wrong assertions for pod replacement policy e2e test
more fixes to pod replacement policy e2e test
refactor PodReplacementPolicy e2e test to use finalizers
fix unit tests when pod replacement policy feature flag is promoted to beta
fix podgc controller unit tests when pod replacement feature is enabled
fix lint issue in pod replacement policy e2e test
assert no error in defer function for removing finalizer in pod replacement policy e2e test
implement test using a sh trap for pod replacement policy
reduce sleep after SIGTERM in pod replacement policy e2e test to 5s
Linting together with an upcoming klog update finds this problem:
test/images/sample-device-plugin/sampledeviceplugin.go:165:4: printf: k8s.io/klog/v2.Errorf does not support error-wrapping directive %w (govet)
klog.Errorf("Failed to add watch to %q: %w", triggerPath, err)
^
* Use k8s.io/utils/ptr in pkg/proxy
* Replace pointer.String(), pointer.StringPtr(), and pointer.Bool() with ptr.To()
* Replace pointer.Int32(constexpr) with ptr.To[int32](constexpr)
* Replace pointer.Int32(int32(var)) with ptr.To(int32(var))
* Replace remaining pointer.Int32() cases with ptr.To
* Replace 'tcpProtocol := v1.ProtocolTCP; ... &tcpProtocol', etc with ptr.To(v1.ProtocolTCP)
* Replace 'nodeName = testHostname; ... &nodeName' with ptr.To(testHostname)
* Use ptr.To for SessionAffinityConfig.ClientIP.TimeoutSeconds
* Use ptr.To for InternalTrafficPolicy
* Use ptr.To for LoadBalancer.Ingress.IPMode
This commit fixes a GCE instance test for a scenario where instance does
not exist in the cloud. In the `gce_instances.go` we have a code that
handles such a scenario and strips off the error, i.e.
```
if providerID, err = cloudprovider.GetInstanceProviderID(ctx, g, types.NodeName(node.Name)); err != nil {
if err == cloudprovider.InstanceNotFound {
return false, nil
}
return false, err
}
```
but nevertheless the test was expecing a non-empty error string. This
issue got exposed when implementation of `GetInstanceProviderID` in the
`cloud-provider/cloud.go` changed to return `InstanceNotFound` as-is and
not as a custom string.
Signed-off-by: Mat Kowalski <mko@redhat.com>
Simiarly to the function `ensureNodeExistsByProviderID`,
`shutdownInCloudProvider` should have a logic where in case of an empty
providerID we get it using the name of the node. This is to support
scenarios when the function is called with Node object that has a name
but does not have any provider ID.
Currently in such a scenario we have an error as it is not possible to
call `InstanceShutdownByProviderID` with empty value. With this change
in such a scenario we will first obtain a correct provider ID and only
afterwards check the shutdown status.
Signed-off-by: Mat Kowalski <mko@redhat.com>
when the KUBE_WATCHLIST_INCONSISTENCY_DETECTOR environment variable was set
then the reflector performs a data consistency check.
The consistency check is meant to be enforced only in the CI, not in production.
The check ensures that data retrieved by the watch-list api call
is exactly the same as data received by the standard list api call.
note that the new env var is set in the same places
the ENABLE_CACHE_MUTATION_DETECTOR is set.
- Update unit tests in certs_test.go related to the "renew" CLI command.
- In /init, (d *initData) Client(), make sure that the new logic
for bootstrapping an "admin.conf" user is performed, by calling
EnsureAdminClusterRoleBinding() from the phases backend. Add a
"adminKubeConfigBootstrapped" flag that helps call this logic only
once per "kubeadm init" binary execution.
- In /phases/init include a new subphase for generating
the "super-admin.conf" file.
- In /phases/reset make sure the file "super-admin.conf" is
cleaned if present. Update unit tests.
- Register the new file in /certs/renewal, so that the
file is renewed if present. If not present the common message "MISSING"
is shown. Same for other certs/kubeconfig files.
- In /kubeconfig, update the spec for admin.conf to use
the "kubeadm:cluster-admins" Group. A new spec is added for
the "super-admin.conf" file that uses the "system:masters" Group.
- Add a new function EnsureAdminClusterRoleBinding() that includes
logic to ensure that admin.conf contains a User that is properly
bound on the "cluster-admin" built-in ClusterRole. This requires
bootstrapping using the "system:masters" containing "super-admin.conf".
Add detailed unit tests for this new logic.
- In /upgrade#PerformPostUpgradeTasks() add logic to create the
"admin.conf" and "super-admin.conf" with the new, updated specs.
Add detailed unit tests for this new logic.
- In /upgrade#StaticPodControlPlane() ensure that renewal of
"super-admin.conf" is performed if the file exists.
Update unit tests.
