This commit fixes a GCE instance test for a scenario where instance does
not exist in the cloud. In the `gce_instances.go` we have a code that
handles such a scenario and strips off the error, i.e.
```
if providerID, err = cloudprovider.GetInstanceProviderID(ctx, g, types.NodeName(node.Name)); err != nil {
if err == cloudprovider.InstanceNotFound {
return false, nil
}
return false, err
}
```
but nevertheless the test was expecing a non-empty error string. This
issue got exposed when implementation of `GetInstanceProviderID` in the
`cloud-provider/cloud.go` changed to return `InstanceNotFound` as-is and
not as a custom string.
Signed-off-by: Mat Kowalski <mko@redhat.com>
Simiarly to the function `ensureNodeExistsByProviderID`,
`shutdownInCloudProvider` should have a logic where in case of an empty
providerID we get it using the name of the node. This is to support
scenarios when the function is called with Node object that has a name
but does not have any provider ID.
Currently in such a scenario we have an error as it is not possible to
call `InstanceShutdownByProviderID` with empty value. With this change
in such a scenario we will first obtain a correct provider ID and only
afterwards check the shutdown status.
Signed-off-by: Mat Kowalski <mko@redhat.com>
It looks like the test or the branch is never executed, because it wouldn't
pass: a []v1.NodeIP is value is never the same as []string. Found by the
upcoming ginkgolinter update.
ERROR: test/e2e_node/pod_host_ips.go:167:45: ginkgo-linter: use Equal with different types: Comparing []k8s.io/api/core/v1.HostIP with []string; either change the expected value type if possible, or use the BeEquivalentTo() matcher, instead of Equal() (ginkgolinter)
ERROR: gomega.Expect(p.Status.HostIPs).Should(gomega.Equal(nodeIPs))
ERROR: ^
It looks like the test is never executed, because it wouldn't pass: an int32
value is never the same as an int 0. Found by the upcoming ginkgolinter update.
After enabling PersistentVolumeLastPhaseTransitionTime feature, any
test that compares PV objects that transitioned phase needs to handle
timestamp values correctly.
Either the tests should avoid phase transitions if not needed or the
test needs to set the same timestamp on new PV object so it's not
changed and can be checked for equality later, the latter is used in
this commit.
Container runtimes like CRI-O actually show the image identifier in the
`ImageID` field rather than the repo digest. For the digest we already
have the `Image` field. We still allow the digest in the `ImageID` field
for historic reasons.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
when the KUBE_WATCHLIST_INCONSISTENCY_DETECTOR environment variable was set
then the reflector performs a data consistency check.
The consistency check is meant to be enforced only in the CI, not in production.
The check ensures that data retrieved by the watch-list api call
is exactly the same as data received by the standard list api call.
note that the new env var is set in the same places
the ENABLE_CACHE_MUTATION_DETECTOR is set.
- Update unit tests in certs_test.go related to the "renew" CLI command.
- In /init, (d *initData) Client(), make sure that the new logic
for bootstrapping an "admin.conf" user is performed, by calling
EnsureAdminClusterRoleBinding() from the phases backend. Add a
"adminKubeConfigBootstrapped" flag that helps call this logic only
once per "kubeadm init" binary execution.
- In /phases/init include a new subphase for generating
the "super-admin.conf" file.
- In /phases/reset make sure the file "super-admin.conf" is
cleaned if present. Update unit tests.
- Register the new file in /certs/renewal, so that the
file is renewed if present. If not present the common message "MISSING"
is shown. Same for other certs/kubeconfig files.
- In /kubeconfig, update the spec for admin.conf to use
the "kubeadm:cluster-admins" Group. A new spec is added for
the "super-admin.conf" file that uses the "system:masters" Group.
- Add a new function EnsureAdminClusterRoleBinding() that includes
logic to ensure that admin.conf contains a User that is properly
bound on the "cluster-admin" built-in ClusterRole. This requires
bootstrapping using the "system:masters" containing "super-admin.conf".
Add detailed unit tests for this new logic.
- In /upgrade#PerformPostUpgradeTasks() add logic to create the
"admin.conf" and "super-admin.conf" with the new, updated specs.
Add detailed unit tests for this new logic.
- In /upgrade#StaticPodControlPlane() ensure that renewal of
"super-admin.conf" is performed if the file exists.
Update unit tests.
