HCP validation on remote cluster#125
Merged
Merged
Conversation
Signed-off-by: mjiao <manjun.jiao@gmail.com>
Signed-off-by: mjiao <manjun.jiao@gmail.com>
Contributor
Author
|
/retest |
mjiao
changed the title
Contributor
Author
|
/retest |
2 similar comments
Contributor
Author
|
/retest |
Contributor
Author
|
/retest |
…cluster When hubKubeconfigSecretName is set, endpoint-tests, endpoint-tests-expected-status, and rate-limit-test tasks execute curl from a temporary pod on the remote cluster using oc run, so MetalLB IPs that are only routable on the remote network can be reached. Both pipelines now pass hubKubeconfigSecretName to all test task invocations. Signed-off-by: mjiao <manjun.jiao@gmail.com>
…ub access When hubKubeconfigSecretName is set, the wait-cluster-ready task creates a passthrough Route for the hosted cluster's kube-apiserver on the remote hub, rewrites the kubeconfig to use the Route hostname, and patches the Secret so all downstream tasks get the rewritten version automatically. Signed-off-by: mjiao <manjun.jiao@gmail.com>
…m tasks The HyperShift operator reconciles the admin-kubeconfig Secret back to the original API server LB IP, so patching the Secret does not persist. Instead, wait-cluster-ready now writes a rewrite helper script to the shared workspace, and all 17 downstream tasks source it after extracting the hosted kubeconfig. Signed-off-by: mjiao <manjun.jiao@gmail.com>
When using a remote hub, tasks that create ConfigMaps or Secrets for downstream pipeline tasks must use the in-cluster SA (pipeline cluster), not the hub kubeconfig. Fixes get-all-accesses, validate-and-create-configmap, and create-eic-route tasks. Signed-off-by: mjiao <manjun.jiao@gmail.com>
Add enable-monitoring to get-all-accesses runAfter and verify-monitoring to fix-endpointslice runAfter so the monitoring branch merges back into the main pipeline graph. Signed-off-by: mjiao <manjun.jiao@gmail.com>
The remote exec path installs oc but never creates the kubectl symlink, so kubeconfig extraction via kubectl fails. Signed-off-by: mjiao <manjun.jiao@gmail.com>
The oc run commands inherit the pipeline pod's namespace context which does not exist on the remote hub cluster. Signed-off-by: mjiao <manjun.jiao@gmail.com>
Contributor
Author
|
/retest |
With multiple istio-ingressgateway pods behind load balancing, 6 parallel requests may not trigger the rate limit on any single pod. Signed-off-by: mjiao <manjun.jiao@gmail.com>
curl --write-out outputs body + status code together, so the HTTP_STATUS variable contains JSON body followed by 429, causing the integer comparison to fail with a syntax error. Signed-off-by: mjiao <manjun.jiao@gmail.com>
grep -oE '[0-9]{3}' matches any 3-digit substring including parts
of pod names and timestamps. Use grep -xE to match only lines that
are exactly a 3-digit HTTP status code.
Signed-off-by: mjiao <manjun.jiao@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.