CORS-4055: migrate CCO permission check to AWS SDK v2 #10262
CORS-4055: migrate CCO permission check to AWS SDK v2 #10262tthvo wants to merge 3 commits intoopenshift:mainfrom
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@tthvo: This pull request references CORS-4055 which is a valid jira issue. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
/label platform/aws |
openshift-ci
bot
requested review from
barbacbd,
patrickdillon and
yunjiang29
|
/retest |
|
@tthvo: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
go get github.com/openshift/cloud-credential-operator@a3e50aeacc55
The PR is an incremental step to migrate AWS API calls to AWS SDK v2. This only focuses on CCO helpers in the pkg/asset and dependent pkg(s). We import CCO code to reuse its helpers to perform permission as a preflight validation.
This commit openshift/cloud-credential-operator@a3e50ae is the one. It includes full AWS SDK v2 migration + a fix for custom endpoint. Newer changes in the CCO are not needed (and to avoid breaking azure) :D |
|
/payload-job periodic-ci-openshift-openshift-tests-private-release-4.22-amd64-nightly-aws-ipi-private-shared-vpc-phz-sts-mini-perm-f7 |
|
@tthvo: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/10ded310-fc7f-11f0-9f61-65f7f9c64201-0 |
|
/payload-job periodic-ci-openshift-openshift-tests-private-release-4.22-arm64-nightly-aws-ipi-disc-priv-sts-ep-mini-perm-f14 |
|
@tthvo: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/241aaee0-fc7f-11f0-954b-15d5d7ca3408-0 |
|
/test aws-private |
|
Payload testing with STS and pre-merge with Mint looks good 👀 Mint and Passthrough mode goes through the same permission-check code base in cloud-credential-operator, but with different permission set. |
|
/verified by presubmit and payload testing |
openshift-ci-robot
added
the
verified
|
@tthvo: This PR has been marked as verified by DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
2 participants
The PR is an incremental step to migrate AWS API calls to AWS SDK v2. This only focuses on CCO helpers in the pkg/asset and dependent pkg(s).
We import cloud-credential-operator (CCO) code to reuse its helpers to perform permission as a preflight validation.
Note: I only pinned the CCO version to one that has all the AWS SDK v2 changes. Latest CCO version has breaking changes to Azure client, which I hope to avoid.