profile
viewpoint

push eventadshmh/test-infra

Kubernetes Prow Robot

commit sha 9adac595866dc2ac17610147d4c477638ec9ba8c

Merge pull request #15019 from justaugustus/118-milestone [1.18] releng: Update milestoneappliers for 1.18

view details

Sally O'Malley

commit sha e7f202f64e113f7ad16f9a1cc415c79fbf4f179c

redhat-openshift add aws upgrade fips 4.4

view details

Kamil Domański

commit sha 278fc912a75062a9712691010bdd46ee7d841cc8

Allow PR mixing DCO sign-off and trusted commits Current logic requires one of the following: - all commits have DCO sign-off - all commits come from trusted users This change allows PRs that contain a mix of commits that are either signed-off or come from trusted users. Signed-off-by: Kamil Domański <kamil@domanski.co>

view details

Jeremy Lewi

commit sha be97ed89b514e3b15ccf45fbca4303b6b79400cf

Move and fix kubeflow-periodic-v07 tests * The branch name had an unintentional backtick in the name * v0.7-branch now exists on kubeflow/kfctl so that's where tests should be defined. Related to: kubeflow/testing#498

view details

feifei.zhang@huawei.com

commit sha e64d0d01042af020f8370314864a6c08eaf3249e

fix golint failures

view details

Kubernetes Prow Robot

commit sha 4beb96650aaee54c274a42fb0ca011333808b6f5

Merge pull request #15186 from FayerZhang/master fix golint failures

view details

Yuan (Bob) Gong

commit sha 65d551dd699eaf95440da73d5acf8aff03218816

Always enable kubeflow-pipelines-frontend-test

view details

Arash Deshmeh

commit sha 61c35a95935d93d7bef8ebe770cb38aa53b32f7b

Check config for duplication in extra_refs Prow config now provides a validation function for presubmit jobs to allow checking for duplications in extra_refs field due to either: a) Specifying the repo for which the job is configured, or b) duplication among extra_refs entries. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha 2a07eff0a554fc4d88089eb5a801bcb047a00a4c

Check for extra_refs duplications in checkconfig The checkconfig command now validates the extra_refs field in presubmit jobs to make sure there are no duplications, including the specification of the repo for which the job is configured. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Kubernetes Prow Robot

commit sha 3cec89b11d563dbe77846ce7a0278610c4ca257b

Run ./hack/update-deps.sh --patch

view details

Kubernetes Prow Robot

commit sha 79a554669ddba91a972abbdc2b35c65b7fdd0445

Merge pull request #15381 from Bobgy/patch-1 Always enable kubeflow-pipelines-frontend-test

view details

Kubernetes Prow Robot

commit sha 33a0091843c1d89f3d9e61a561c07ac14f52b9d9

Merge pull request #15324 from dims/switch-to-newer-kind-fix-bazel-build-issue Switch to newer kind - fix bazel build issue

view details

Kubernetes Prow Robot

commit sha c5d343529cab6e28abfeed56d1bd4839e442e597

Merge pull request #15376 from mm4tt/kubemark_5K_presubmit_fix Bump gcp-nodes for kubemark 5K presubmit

view details

Peter Rifel

commit sha 09e47f7fe809d8b4bea91222b92de7a6b0a3aa9a

Kops - Increase instance type used by VPC CNI test The default t2.mediums were hitting their ENI per instance and IP per ENI limit. See https://prow.k8s.io/view/gcs/kubernetes-jenkins/logs/ci-kubernetes-e2e-kops-aws-vpc-cni/1196585826587250690 Example: `I1119 00:42:58.498] pod "hostpath-symlink-prep-provisioning-7575" failed with status: {Phase:Failed Conditions:[] Message:Pod Node didn't have enough resource: pods, requested: 1, used: 17, capacity: 17 Reason:OutOfpods NominatedNodeName: HostIP: PodIP: PodIPs:[] StartTime:2019-11-19 00:42:51 +0000 UTC InitContainerStatuses:[] ContainerStatuses:[] QOSClass: EphemeralContainerStatuses:[]}`

view details

Steve Kuznetsov

commit sha 704d2d480d36f85139b2510733d49138cc1f97f2

Revert "Merge pull request #14963 from wking/require-blocking-bugzilla" This reverts commit 660c33c4283cd8ecd9deade18c2c2f1fc38de88c, reversing changes made to 4ab1254b17178ffd0d0757f1d034acb21f4ccb50. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Alvaro Aleman

commit sha 4e280bd882a9e3f275631d9b79a35c49de5e42c2

Git MergeAndCheckout: Allow not providing headSHAs

view details

Alvaro Aleman

commit sha 7db801ad926da7427564678f356fa80c6894f6c5

Basic inrepoconfig implementation

view details

Alvaro Aleman

commit sha 9310ce35a5ec2a72df2c221cff1f3e021823b80e

Fake ProwYAMLGetter in tests

view details

W. Trevor King

commit sha 684bf4614b57077b5ec6fed2e9316597cb3f2e13

Revert "Revert "Merge pull request #14963 from wking/require-blocking-bugzilla"" This reverts commit 704d2d480d36f85139b2510733d49138cc1f97f2, #15386. OCS wants the guard in the mid/long term, but not right now. To unblock them for the next few hours, we reverted the blocking-bug requirement. Now I'm about to add an opt-out knob, so revert the reversion ;).

view details

Kubernetes Prow Robot

commit sha 84f3016278e15f9dd0cf8c998e95fa8654360af7

Merge pull request #15386 from stevekuznetsov/skuznets/revert-bugzilla-change Revert "Merge pull request #14963 from wking/require-blocking-bugzilla"

view details

push time in 4 days

pull request commentkubernetes/test-infra

handle invalid assign/review comment

/retest

Failure does not seem related (perhaps a flake?).

adshmh

comment created time in 5 days

pull request commentkubernetes/test-infra

handle invalid assign/review comment

/cc @stevekuznetsov

adshmh

comment created time in 6 days

PR opened kubernetes/test-infra

handle invalid assign/review comment

Fixes #15811

+369 -23

0 comment

5 changed files

pr created time in 6 days

issue commentkubernetes/test-infra

Bad `/assign` causes "Error handling GenericCommentEvent" instead of user feedback

After running a few tests, it seems GitHub API will ignore requests for assignment if the user cannot be assigned the issue. The plugin uses the API's response which lists the assigned users to figure out the list of ignored users and adds a comment accordingly.

However, if any of the specified users do not exist (or, interestingly, are an organisation account), GitHub API will return 404, which the plugin does not handle for assignment (for reviews it handles 422 code by making separate requests per login)

The please take a look fails because please is currently an organisation account (perhaps this is what changed, triggering a 404 response from GitHub API).

petr-muller

comment created time in 6 days

create barnchadshmh/test-infra

branch : 15811-handle-bad-assign-comment

created branch time in 6 days

Pull request review commentkubernetes/test-infra

Remove release-note-none on PR w/deprecation label

 const ( 	releaseNoteFormat       = `Adding the "%s" label because no release-note block was detected, please follow our [release note process](https://git.k8s.io/community/contributors/guide/release-notes.md) to remove it.` 	parentReleaseNoteFormat = `All 'parent' PRs of a cherry-pick PR must have one of the %q or %q labels, or this PR must follow the standard/parent release note labeling requirement.` -	actionRequiredNote = "action required"+	actionRequiredNote           = "action required"+	deprecationLabel             = "kind/deprecation"+	releaseNoteDeprecationFormat = `Adding the "%s" label and removing any existing "%s" label because there is a "%s" label on the PR.`

Thank you for the review. Fixed.

adshmh

comment created time in 13 days

Pull request review commentkubernetes/test-infra

Remove release-note-none on PR w/deprecation label

 const ( 	releaseNoteFormat       = `Adding the "%s" label because no release-note block was detected, please follow our [release note process](https://git.k8s.io/community/contributors/guide/release-notes.md) to remove it.` 	parentReleaseNoteFormat = `All 'parent' PRs of a cherry-pick PR must have one of the %q or %q labels, or this PR must follow the standard/parent release note labeling requirement.` -	actionRequiredNote = "action required"+	actionRequiredNote           = "action required"+	deprecationLabel             = "kind/deprecation"

Thank you for the review. Fixed.

adshmh

comment created time in 13 days

push eventadshmh/test-infra

Antonio Ojea

commit sha 8bc0cc656ece476024832a76fdba7a4d9a44cd70

Run kind ipv6 tests on presubmits

view details

geojaz

commit sha a818777ba4ebb75e006ed6c4265ac82833b51d09

Turns on docs-no-retest plugin for kops

view details

Linus Arver

commit sha 85fcf2a1da64c298bee9fb133ec2e6d7fcfbebca

add pull-k8sio-backup presubmit check This checks the backup_tools scripts by testing them. Specifically, it runs the backup_test.sh script, which performs the backup from us.gcr.io/k8s-gcr-backup-test-prod to us.gcr.io/k8s-gcr-backup-test-prod-bak for a set of chosen images. Both this test and the real backup logic in backup_prod.sh share the same "build_gcrane" and "copy_with_date" functions --- the main difference is the repositories where the backups happen and the images that are backed up.

view details

vpickard

commit sha af278f1b94e789007b5c88de15c4730b40e6c1fa

Add E2E jobs for CPUManager and TopologyManager Add 2 new presubmit jobs so that we can manually trigger CPUManager and TopologyManager E2E tests on PRs. Signed-off-by: vpickard <vpickard@redhat.com>

view details

vpickard

commit sha 269a77f45853cfbd4289f220bade5576fce71cfe

Fix testgrid dashboards for new E2E jobs Fix testgrid for new E2E jobs for CPUManager and TopologyManager Signed-off-by: vpickard <vpickard@redhat.com>

view details

njuettner

commit sha 9449be241e0eabb6092c14004246e552865be258

External-DNS image pushing

view details

Alvaro Aleman

commit sha 8fd934671e6e504345e961b1dd42f000208329f0

Use 100QPS for all kube clients

view details

Cong Liu

commit sha e58783aff7d64773a5d6733ece43727fad144db4

Update scheduler benchmark job to select tests to run. We are in the progress of changing the way of running scheduler benchmark tests. As part of this, we create a new set of tests with different test prefixes. However, we do not want to run the new ones just yet until we have everything working e2e. This change makes sure the benchrmark test jobs only run the existing tests.

view details

vpickard

commit sha daa427666831a5f65923250e153e90ff65d2fd31

Address review comments for E2E TopologyManager Address review comments. Also, instead of creating 2 new job config files, just add to the existing presubmit config file. Signed-off-by: vpickard <vpickard@redhat.com>

view details

Cole Wagner

commit sha b10c39480afdf92514eeb91b377fe3754e2c3472

Link to SA secret creation script in self-CD docs.

view details

Ciprian Hacman

commit sha cbf03a184ee1054b28132293eed2e67c31a02318

Add periodic e2e test for containerd in Kops

view details

Ciprian Hacman

commit sha cec5c5e57c4cd00b833707ca94fee175263cc1aa

Use RHEL8 and Calico with periodic e2e test for containerd

view details

Ben Moss

commit sha 9fbf3a66225d907050ef838a9ba1355905244498

Remove CFCR Windows test results These aren't being published anymore

view details

Aaron Crickenberger

commit sha f9754be7f3e9035db7cb97deed6061a55280d755

Run triage job every 30m Worst runtime over the last two weeks has been 20m

view details

Ciprian Hacman

commit sha 81135cacdd1b8c016370d911f69922903dff4047

Dump contained journal

view details

Peter Rifel

commit sha 1a98a1696be1cf9007e628e4e4f7666307d66bda

Fix image used by some kops presubmit jobs The old image has not been updated in almost a year [0] and is still running Go 1.11: ``` docker run --entrypoint=/usr/local/go/bin/go gcr.io/k8s-testimages/gcloud-in-go:v20190125-cc5d6ecff3 version go version go1.11.5 linux/amd64 ``` We have open PRs [1] which are not compatible with go 1.11 which is causing their presubmits to fail. This switches those jobs to use the same kubekins image as the E2E jobs. I see other projects using the same kubekins-e2e image for non-e2e jobs as well [2]. The new image has Go 1.13 as we expect: ``` docker run --entrypoint=/usr/local/go/bin/go gcr.io/k8s-testimages/kubekins-e2e:v20191219-72db7a6-experimental version go version go1.13.4 linux/amd64 ``` [0] https://console.cloud.google.com/gcr/images/k8s-testimages/GLOBAL/gcloud-in-go?gcrImageListsize=30 [1] https://github.com/kubernetes/kops/pull/8203 [2] https://github.com/kubernetes/test-infra/blob/c628c3674eb0c9292812d760232afcdbb7c79c99/config/jobs/kubernetes-sigs/cluster-api-provider-aws/cluster-api-provider-aws-presubmits.yaml#L23

view details

Peter Rifel

commit sha f133012f5327879f9666981b0af28c51aaae30bb

Kops - fix staging image push directory This needs to be a path in the project rather than the bucket. For example, CAPA uses `.` [0] and the job [1] uses the cloudbuild.yaml file in the project root [2] [0] https://github.com/kubernetes/test-infra/blob/c628c3674eb0c9292812d760232afcdbb7c79c99/config/jobs/image-pushing/k8s-staging-cluster-api.yaml#L58 [1] https://prow.k8s.io/view/gcs/kubernetes-jenkins/logs/post-cluster-api-provider-aws-push-images/1209125473993363457 [2] https://github.com/kubernetes-sigs/cluster-api-provider-aws/commit/7c7572e27fc19e7f91253d14b9d5af292f28872c

view details

Kubernetes Prow Robot

commit sha 778df65d167c239576f22b779267b7415fd54aaa

Merge pull request #15677 from benmoss/patch-1 Remove CFCR Windows test results

view details

Kubernetes Prow Robot

commit sha ec0fe6bd3603dd927cced9b398a8b3a951ab1157

Merge pull request #15682 from spiffxp/triage-every-30m Run triage job every 30m

view details

Willem Pienaar

commit sha 937f3215e3ed1d7aabefad78b48bd0bb22dfee2e

Add Feast to Prow project list

view details

push time in 13 days

pull request commentkubernetes/test-infra

Record and publish ghproxy github request timeout

Note: I have used the name "github_request_timeouts", but currently this covers all GitHub request errors. I think either the metric's name needs to be changed or a checking of the error needs to be done to only count actual timeout errors, but not sure which is the intended behaviour.

adshmh

comment created time in 13 days

create barnchadshmh/test-infra

branch : 15600-ghproxy-record-timeouts

created branch time in 13 days

Pull request review commentkubernetes/test-infra

Remove release-note-none on PR w/deprecation label

 func handlePR(gc githubClient, log *logrus.Entry, pr *github.PullRequestEvent) e 		} 	} +	if labelToAdd == releaseNoteNone && prLabels.Has(deprecationNote) {+		labelToAdd = ReleaseNoteLabelNeeded

Thank you for the review. Fixed.

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Remove release-note-none on PR w/deprecation label

 const ( 	releaseNoteFormat       = `Adding the "%s" label because no release-note block was detected, please follow our [release note process](https://git.k8s.io/community/contributors/guide/release-notes.md) to remove it.` 	parentReleaseNoteFormat = `All 'parent' PRs of a cherry-pick PR must have one of the %q or %q labels, or this PR must follow the standard/parent release note labeling requirement.` -	actionRequiredNote = "action required"+	actionRequiredNote           = "action required"+	deprecationNote              = "kind/deprecation"

Thanks for the review. Fixed.

adshmh

comment created time in a month

push eventadshmh/test-infra

Helder Santana

commit sha de69a71a6b042c29079ecb921771a9b97019d5f5

Enable Slack reporter for k8s Prow Crier deployment

view details

Helder Santana

commit sha 52afa3106e3db8e623abf61eef9f5d9734027308

Add missing argument to container configuration

view details

Sally O'Malley

commit sha e7f202f64e113f7ad16f9a1cc415c79fbf4f179c

redhat-openshift add aws upgrade fips 4.4

view details

W. Trevor King

commit sha 684bf4614b57077b5ec6fed2e9316597cb3f2e13

Revert "Revert "Merge pull request #14963 from wking/require-blocking-bugzilla"" This reverts commit 704d2d480d36f85139b2510733d49138cc1f97f2, #15386. OCS wants the guard in the mid/long term, but not right now. To unblock them for the next few hours, we reverted the blocking-bug requirement. Now I'm about to add an opt-out knob, so revert the reversion ;).

view details

adisky

commit sha 68d81891ddd9326a26861fabd5817fb494fd8792

Enable release notes plugin cloud-provider-openstack This PR enables release notes plugin for cloud-provider-openstack repo

view details

Jefftree

commit sha a8e1b8b9e26ab829b5c9ad69ea5d1b598a1f7128

Add network proxy e2e job

view details

Yang Lu

commit sha 99a10135138ad9efb38ecf9e9c88c110ec91294f

Add DaemonRestart test to windows gce serial testgrid

view details

Kubernetes Prow Robot

commit sha c9891e8055ac54f01b39c65605303829712737ff

Run ./hack/update-deps.sh --patch

view details

Alvaro Aleman

commit sha 38738616489514c38242b91dd4d2c290f3ca09d2

Tide: Dont let broken prs break the whole subpool

view details

Patrick Lang

commit sha 8819c4262cf2eadf2afe31b9ec81004eccfb1659

Adding others on Azure team to approve updates to Windows jobs running on shared subscription

view details

Sean Chase

commit sha cc58080f9c15b8c3cd3e89e038af2a658b8ab203

Add "dry-run" feature and testing to script Transfigure now: - Runs config tests in kubernetes/test-infra for its results - Has a "test"-only feature that allows you to skip pushing a PR

view details

Yang Li

commit sha 4615766f3115255767aeef564211e1c2a39a42f5

prow/deck: reversed the paging links on job history page so users can move their mouse less often

view details

Matthias Bertschy

commit sha c710b00434d3bbe6ef1be401a4cc41e48e2651c7

Prune empty pull requests in QueryPullRequests

view details

Ernest Wong

commit sha 5805083a947637cb4288d120507e2bbb9b4d5e2f

Enable Availability Zones e2e job for Azure Disk CSI driver

view details

Hongkai Liu

commit sha 33983cedbe3cc80ca3bc33adda4ae9ff03a18703

Add basic auth support of boskos

view details

Kubernetes Prow Robot

commit sha 9a9346d96b22ea6fbd97ee626fd5b711177898d2

Update prow to v20191204-d7993c80e, and other images as necessary.

view details

Steve Kuznetsov

commit sha 05274aebd9c95efbdd458476438725fb00aecd6e

git: store org and repo separately in a repo client This fixes a bug where the repository used for a push remote contained the org and repo incorrectly without having to split the formatted text after joining it to populate the field. Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Kubernetes Prow Robot

commit sha 06b224b18e6b52bf7701b3c256a355ed5341b0fb

Merge pull request #15450 from k8s-ci-robot/autobump Update prow to v20191203-ef445ba16, and other images as necessary.

view details

Steve Kuznetsov

commit sha 3fb967183f14a9099de88485595d40e541b2ad06

git: introduce an interface for repository clients Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Kubernetes Prow Robot

commit sha a3f3e16860d4807a15f061496a8d463d2903196f

Merge pull request #15458 from hongkailiu/boskosBasicAuth Add basic auth support of boskos

view details

push time in a month

Pull request review commentkubernetes/test-infra

Use an options object for GCS credentials

+/*+Copyright 2018 The Kubernetes Authors.++Licensed under the Apache License, Version 2.0 (the "License");+you may not use this file except in compliance with the License.+You may obtain a copy of the License at++    http://www.apache.org/licenses/LICENSE-2.0++Unless required by applicable law or agreed to in writing, software+distributed under the License is distributed on an "AS IS" BASIS,+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+See the License for the specific language governing permissions and+limitations under the License.+*/++package flagutil++import (+	"context"+	"flag"+	"fmt"++	"k8s.io/test-infra/pkg/io"+)++type StorageClientOptions struct {+	// The following are used for reading/writing to GCS.+	GCSCredentialsFile   string+	GCSOptionDescription string

Thank you for the review. Fixed.

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Use an options object for GCS credentials

+/*+Copyright 2018 The Kubernetes Authors.++Licensed under the Apache License, Version 2.0 (the "License");+you may not use this file except in compliance with the License.+You may obtain a copy of the License at++    http://www.apache.org/licenses/LICENSE-2.0++Unless required by applicable law or agreed to in writing, software+distributed under the License is distributed on an "AS IS" BASIS,+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+See the License for the specific language governing permissions and+limitations under the License.+*/++package flagutil++import (+	"context"+	"flag"+	"fmt"++	"k8s.io/test-infra/pkg/io"+)++type StorageClientOptions struct {+	// The following are used for reading/writing to GCS.+	GCSCredentialsFile   string+	GCSOptionDescription string+}++// AddFlags injects status client options into the given FlagSet.+func (o *StorageClientOptions) AddFlags(fs *flag.FlagSet) {+	comment := o.GCSOptionDescription+	if comment == "" {+		comment = "File where Google Cloud authentication credentials are stored. Required for GCS writes."+	}+	fs.StringVar(&o.GCSCredentialsFile, "gcs-credentials-file", "", comment)+}++func (o *StorageClientOptions) HasCredentials() bool {+	return o.GCSCredentialsFile != ""+}++// Validate validates options.+func (o *StorageClientOptions) Validate(dryRun bool) error {+	return nil+}++// StorageClient returns a Storage client.+func (o *StorageClientOptions) StorageClient(ctx context.Context) (io.Opener, error) {+	opener, err := io.NewOpener(ctx, o.GCSCredentialsFile)+	if err != nil {+		gcsMessage := ""+		if o.GCSCredentialsFile != "" {+			gcsMessage = fmt.Sprintf(" gcs-credentials-file: %s", o.GCSCredentialsFile)+		}+		return opener, fmt.Errorf("error creating opener%s: %w", gcsMessage, err)

Thanks for the review. Done.

adshmh

comment created time in a month

push eventadshmh/test-infra

Peter Rifel

commit sha b36de51d4da64e857348d35ecbd3a43122df7ef5

Kops - enable milestone_applier plugin

view details

Ernest Wong

commit sha 947ef685b94cb0211bb0416bc1a62bd371dd7aad

s/acsengine/aksengine

view details

Antonio Ojea

commit sha c625d1129d54aa4db27caa494470a1ef9c77009a

Add kind ipv6 conformance presubmit jobs Serial jobs take more tha 1.30 hours to run and are not ideal to run as presubmit because of that. However, we need signal on them to detect early possible breakages in conformance. We add one presubmit job whithout serial tests that run on changes on the "test" folder. We add an optional presubmit job that run ALL conformance tests.

view details

Ernest Wong

commit sha 0f0c0ddf722b1129349cb3f402e1d39941b5ea15

Enable privileged mode for blobfuse csi driver

view details

Ernest Wong

commit sha 5fe2a4208847516575df17ead7bb66121a10eead

Set k8s/k8s as the default working directory

view details

Kubernetes Prow Robot

commit sha de5d368429a4835edd6bca90b1146b5e7e61b389

Update prow to v20191219-ecbeba384, and other images as necessary.

view details

Kubernetes Prow Robot

commit sha b8438ff629468ff54d8a4c1a663b96f383a6c758

Merge pull request #15651 from k8s-ci-robot/autobump Update prow to v20191219-ecbeba384, and other images as necessary.

view details

Kubernetes Prow Robot

commit sha 4b51c9ef2fd43188916370c0a7b84dcd7d418ccd

Merge pull request #15659 from chewong/enable-privilege-mode Enable privileged mode for blobfuse csi driver

view details

Kubernetes Prow Robot

commit sha e34087c828a7a713650f2663ebea47b7c7c52220

Merge pull request #15655 from aojea/revkv6 Run kind ipv6 conformance serial tests on presubmits

view details

Aradhana Singh

commit sha 0ff5a25f1c447bc7dc2f9bcc6339212f5e2f4f6e

removed option to specify github teams for "needs-sig" label (#15399) * removed option to specify github teams for "needs-sig" label when needs-sig label is applied, two options are available. The first option, github teams need to be specified and for the second one, sig label needs to be specified manually. This PR removes the option of adding github teams(option 1) from the usage of needs-sig label. * this removes team from being mentioned and only suggests to add a label when no sig labels are not added on an issue

view details

Kubernetes Prow Robot

commit sha 69b9962ed786d5d5ac7c65a4da0c039b3c9934a0

Merge pull request #15647 from rifelpet/kops-milestones Kops - Enable Milestone Applier plugin

view details

Yang Lu

commit sha f539df343af73112c60688777615aa2ca360b912

Debug prow job

view details

Kubernetes Prow Robot

commit sha 3169be43974c6fc3f377b6e5dd97728fb437d603

Merge pull request #15668 from YangLu1031/master Add windows load test presubmit job for debug

view details

Ciprian Hacman

commit sha c3fc8a2b8fd50097140d6124c83929636b75a2a8

Add pre-submit staticcheck test for Kops

view details

Peter Rifel

commit sha 689b3fa555e5883559074b7f1d737efcedd523d2

[aws-janitor] Cleanup EC2 Network Interfaces The aws-janitor jobs have been failing to cleanup resources from Kops E2E tests using the AWS VPC CNI. Security groups and subnets can't be deleted because they have dependent objects. While I don't have access to the AWS account to confirm, lingering Network Interfaces would seem likely given that the CNI provisions additional ENIs to EC2 instances. This should at least help in troubleshooting what is causing the ENIs to not be cleaned up automatically as well as to what they might still be attached.

view details

Kubernetes Prow Robot

commit sha fe232fcba9acb757332cf79679fe5344861f48d3

Merge pull request #15671 from rifelpet/aws-janitor-eni [aws-janitor] Cleanup EC2 Network Interfaces

view details

Kubernetes Prow Robot

commit sha 7d2dc9beb8378766b6d8b2d12ca532a7387dbdc5

Merge pull request #15605 from chewong/aksengine-flags Azure: s/acsengine/aksengine

view details

eric-hole

commit sha acd512de37431eda33dbc0b0fc48f1b60ebfed96

Syncs the OWNERS files for kops jobs with the kops repo.

view details

Kubernetes Prow Robot

commit sha e816c11483a48a996396bbb6a8cacddc34e8f48c

Merge pull request #15673 from geojaz/owners/kops Syncs the OWNERS files for kops jobs with the kops repo.

view details

Kubernetes Prow Robot

commit sha de81526abe72a131437497533b8977a31d55060a

Merge pull request #15670 from hakman/kops-verify-staticcheck Add pre-submit staticcheck test for Kops

view details

push time in a month

pull request commentkubernetes/test-infra

Use an options object for GCS credentials

@stevekuznetsov I limited the scope to the credentials file for the first draft, but it may be possible to factor out all statusURI, historyURI, etc. used by controllers (tide uses 2, other controllers use only 1).

adshmh

comment created time in a month

PR opened kubernetes/test-infra

Use an options object for GCS credentials

Part of work on #13084

+214 -44

0 comment

11 changed files

pr created time in a month

create barnchadshmh/test-infra

branch : DRY-gcs-state-file

created branch time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

 type options struct {  	tokenBurst    int 	tokensPerHour int++	// The following are used for reading/writing to GCS.+	gcsCredentialsFile string

Thanks for catching that. Yes, I will include that in the patch.

adshmh

comment created time in a month

issue commentkubernetes/test-infra

kubernetes/website specifies branch protection with `protect: false`

Would it be a good solution if tide only generated configuration warnings on startup and on any configuration changes?

Alternatively, would it make sense to move all configuration warnings to some new command and remove all (most?) such warnings from other components?

cjwagner

comment created time in a month

push eventadshmh/test-infra

Sally O'Malley

commit sha e7f202f64e113f7ad16f9a1cc415c79fbf4f179c

redhat-openshift add aws upgrade fips 4.4

view details

Sean Chase

commit sha 928e7d455a834691095139c4d95249f9f3f9bb97

Document Transfigure Adds another example, presubmit job for testing your TestGrid config.

view details

Ernest Wong

commit sha b715533e672d8f9858ff8fd39eeef2bd6ad41a7a

Change log path for Azure DIsk periodic jobs

view details

Steve Kuznetsov

commit sha e6827d52136777139d737343bef35859161863fb

boskos: parse flags before using them Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Kubernetes Prow Robot

commit sha 28f7cbc540e140d0df3431425d8c257f6016eb9e

Merge pull request #15586 from stevekuznetsov/skuznets/boskos-flag-parse boskos: parse flags before using them

view details

Ernest Wong

commit sha 3f81a2da31e5f7ef9521561127faa174e950c0b6

Convert additional acsengine-* flags to aksengine-*

view details

Manuel Alejandro de Brito Fontes

commit sha 7a4c834c3d1bcf631dbd4210fe1d106cbbc7b98c

Update ingress-nginx jobs

view details

Kubernetes Prow Robot

commit sha 3798c18f28a8ee48f102c28d7e15761e64e767f4

Merge pull request #15587 from aledbf/ingress-nginx Update ingress-nginx jobs

view details

Kubernetes Prow Robot

commit sha 28fabb11e5b80ba0367d79c11484f382a4dc5dcd

Update prow to v20191212-28f7cbc54, and other images as necessary.

view details

Kubernetes Prow Robot

commit sha 72cf33e87a9c5c18ab9ce8f3d35892381110355f

Merge pull request #15573 from k8s-ci-robot/autobump Update prow to v20191212-70b0b49fe, and other images as necessary.

view details

Kubernetes Prow Robot

commit sha ed38893c63de58511268221cfdf8c11e251224bc

Merge pull request #15561 from chases2/transfigure-docs Document Transfigure

view details

Steve Kuznetsov

commit sha 6350a4da6048e61f0de4bae4861b474260777693

boskos: ranch: log lock acquire time Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Michelle Au

commit sha c05c9e7d723b1e3661cc43ef2c76a11826df913a

fix sig-storage ci config

view details

Ernest Wong

commit sha 1fb4567160759f9f6abf159054c41cfb905aefcc

Skip a test case for kubernetes-e2e-azure-disk-vmss-1-14

view details

Kubernetes Prow Robot

commit sha 78c32e52a63b36336817714f26af6a7184e393f6

Merge pull request #15592 from msau42/fix-storage-ci fix sig-storage ci config

view details

Manuel Alejandro de Brito Fontes

commit sha bc972168609b59b49e2dddf77f00344d8481608d

Update ingress-nginx e2e image to use kind v0.6.1

view details

Kubernetes Prow Robot

commit sha 9f320127fac5933d68849240028ef80a4dbf9f54

Merge pull request #15593 from aledbf/ingress-ngin Update ingress-nginx e2e image to use kind v0.6.1

view details

Kubernetes Prow Robot

commit sha b429717f07b227d277f5e817404e46a25e729dc3

Merge pull request #15583 from chewong/fix-typo Change log path for Azure DIsk periodic jobs

view details

Travis Clarke

commit sha 3a7d9f2cb75bee26324c82ff10671bfa9c537235

Crier: skip reporting when Spec.Report is false

view details

Kubernetes Prow Robot

commit sha 637088b7bcd9fa5d3df3c17707cbd1c8c66bbbbc

Merge pull request #15595 from clarketm/slack-report Crier: skip reporting when Spec.Report=false

view details

push time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

+/*+Copyright 2018 The Kubernetes Authors.++Licensed under the Apache License, Version 2.0 (the "License");+you may not use this file except in compliance with the License.+You may obtain a copy of the License at++    http://www.apache.org/licenses/LICENSE-2.0++Unless required by applicable law or agreed to in writing, software+distributed under the License is distributed on an "AS IS" BASIS,+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+See the License for the specific language governing permissions and+limitations under the License.+*/++package statusreconciler++import (+	"context"+	"io/ioutil"++	"github.com/sirupsen/logrus"+	"k8s.io/test-infra/pkg/io"+	"k8s.io/test-infra/prow/config"+	"sigs.k8s.io/yaml"+)++type storedState struct {+	config.Config+}++type statusClient interface {+	Load() (chan config.Delta, error)+	Save() error+}++type statusController struct {+	logger        *logrus.Entry+	opener        io.Opener+	statusURI     string+	configPath    string+	jobConfigPath string++	storedState+	config.Agent+}++func (s *statusController) Load() (chan config.Delta, error) {+	s.Agent = config.Agent{}+	state, err := s.loadState()+	if err == nil {+		s.Agent.Set(&state.Config)+	}+	changes := make(chan config.Delta)+	s.Agent.Subscribe(changes)++	if err := s.Agent.Start(s.configPath, s.jobConfigPath); err != nil {+		s.logger.WithError(err).Fatal("Error starting config agent.")+		return nil, err+	}+	return changes, nil+}++func (s *statusController) Save() error {+	if s.statusURI == "" {+		return nil+	}+	entry := s.logger.WithField("path", s.statusURI)+	current := s.Agent.Config()+	buf, err := yaml.Marshal(current)+	if err != nil {+		entry.WithError(err).Warn("Cannot marshal state")+		return err+	}+	writer, err := s.opener.Writer(context.Background(), s.statusURI)

Thank you for the review. Done.

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

 func main() { 		logrus.WithError(err).Fatal("Error getting kube client.") 	} -	c := statusreconciler.NewController(o.continueOnError, sets.NewString(o.addedPresubmitBlacklist.Strings()...), prowJobClient, githubClient, configAgent, pluginAgent)+	opener, err := io.NewOpener(context.Background(), o.gcsCredentialsFile)

Thank you for the review on the deadlock possibility. Done.

Regarding the opener, both Load and Save operations close the files they open. The opener itself uses is a GCS client which says does not need to be closed on program exit. Do you recommend updating the pkg/io/opener.go itself to add a Close method?

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

+/*+Copyright 2018 The Kubernetes Authors.++Licensed under the Apache License, Version 2.0 (the "License");+you may not use this file except in compliance with the License.+You may obtain a copy of the License at++    http://www.apache.org/licenses/LICENSE-2.0++Unless required by applicable law or agreed to in writing, software+distributed under the License is distributed on an "AS IS" BASIS,+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.+See the License for the specific language governing permissions and+limitations under the License.+*/++package statusreconciler++import (+	"context"+	"io/ioutil"++	"github.com/sirupsen/logrus"+	"k8s.io/test-infra/pkg/io"

Thank you for the review. Done.

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

 type Agent struct { 	subscriptions []DeltaChan } +func lastConfigModTime(prowConfig, jobConfig string) (time.Time, error) {+	// Check if the file changed to see if it needs to be re-read.+	// os.Stat follows symbolic links, which is how ConfigMaps work.+	prowStat, err := os.Stat(prowConfig)+	if err != nil {+		logrus.WithField("prowConfig", prowConfig).WithError(err).Error("Error loading prow config.")+		return time.Time{}, err+	}+	recentModTime := prowStat.ModTime()+	// TODO(krzyzacy): allow empty jobConfig till fully migrate config to subdirs+	if jobConfig != "" {+		jobConfigStat, err := os.Stat(jobConfig)+		if err != nil {+			logrus.WithField("jobConfig", jobConfig).WithError(err).Error("Error loading job configs.")+			return time.Time{}, err+		}++		if jobConfigStat.ModTime().After(recentModTime) {+			recentModTime = jobConfigStat.ModTime()+		}+	}+	return recentModTime, nil+}+ // Start will begin polling the config file at the path. If the first load // fails, Start will return the error and abort. Future load failures will log // the failure message but continue attempting to load. func (ca *Agent) Start(prowConfig, jobConfig string) error {+	lastModTime, err := lastConfigModTime(prowConfig, jobConfig)+	if err != nil {+		lastModTime = time.Now()

Thank you for the review. Done.

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

 import (  	"github.com/sirupsen/logrus" 	"k8s.io/apimachinery/pkg/util/sets"+	"k8s.io/test-infra/prow/config"

Thank you for the review. Done.

adshmh

comment created time in a month

Pull request review commentkubernetes/test-infra

Persist state in statusreconciler

 import (  	"github.com/sirupsen/logrus" 	"k8s.io/apimachinery/pkg/util/sets"+	"k8s.io/test-infra/prow/config"

Thank you for the review. Done.

adshmh

comment created time in a month

PR opened kubernetes/test-infra

Persist state in statusreconciler

status-reconciler now saves the last known configuration at every sync and loads it at startup time. Fixes #13084

+501 -32

0 comment

7 changed files

pr created time in a month

push eventadshmh/test-infra

Arash Deshmeh

commit sha e3ea3a0866505bfd0edffa483fb48f174ed29419

Fix config agent's redundant notification on Start This change prevents config Agent from sending more than one notification to each of its subscribers upon calling Start. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha a02aee045af85a75a939b3c548c425d1db0c4944

Save last known config in status-reconciler Status-reconciler now saves the last known state, i.e. configuration, in the specified status file, which can reside on either a local filesystem or on GCS. Upon start, status-reconciler compares this last known configuration to the current configuration, thus reacting to changes it may not have otherwise observed. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

push time in a month

push eventadshmh/test-infra

Arash Deshmeh

commit sha 9859184d84610040987bac9f50bc1cc4ab8adea2

Add saving status capability to statusreconciler Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha 26546ff0ea7e07922439cc2b56d0a864d5af7cb2

Fix config agent's redundant notification on Start This change prevents config Agent from sending more than one notification to each of its subscribers upon calling Start. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha eb0dd36cda007f123e99aff9afda83d8ba4e1748

Save last known config in status-reconciler Status-reconciler now saves the last known state, i.e. configuration, in the specified status file, which can reside on either a local filesystem or on GCS. Upon start, status-reconciler compares this last known configuration to the current configuration, thus reacting to changes it may not have otherwise observed. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

push time in a month

create barnchadshmh/test-infra

branch : 13084-statusreconciler-persist-state

created branch time in a month

PR opened kubernetes/test-infra

Remove release-note-none on PR w/deprecation label

The releasenote plugin now reacts to "kind/deprecation" label:

  1. If there is a "release-note-none" label, it is removed and a "do-not-merge/release-note-needed" label is added along with a comment explaining the reason.
  2. Setting the "release-note-none" label is not allowed on a PR which has the "kind/deprecation" label.

Fixes #15293

+44 -5

0 comment

2 changed files

pr created time in 2 months

pull request commentkubernetes/test-infra

Expose PR's changed files to (Pre|Post)Submit jobs through downward api

/remove-lifecycle rotten

adshmh

comment created time in 2 months

pull request commentkubernetes/test-infra

Consolidate warnings on branches w/required contexts

This is to complete the work from #13926

adshmh

comment created time in 2 months

pull request commentkubernetes/test-infra

Warn only once on unprotected branches

@stevekuznetsov I had left this warning (due to contexts required by presubmits) out of the PR to reduce its scope. I have submitted another PR to fix this: #15441

adshmh

comment created time in 2 months

PR opened kubernetes/test-infra

Consolidate warnings on branches w/required contexts

Branchprotector and Tide now consolidate warnings on unprotected branches which have one or more required contexts. These warnings are combined with the existing aggregated warning on unprotected branches.

+132 -15

0 comment

4 changed files

pr created time in 2 months

create barnchadshmh/test-infra

branch : consolidate-protection-warnings

created branch time in 2 months

push eventadshmh/test-infra

Ace Eldeib

commit sha bc1b22e1ebc239ebfa12b90c5e74499ceade9528

fix: kind preset for all k8s versions

view details

Carlos Panato

commit sha 696480ffc9df803ead596ee7518393e1ebdb83c6

releng: Enable Code Thaw for 1.17

view details

Carlos Panato

commit sha 2a9fdaae7880648e4dd3a16e77971bce6bc3e0f8

releng: Update milestone_applier config to v1.17 for release repos - kubernetes/kubernetes - kubernetes/release - kubernetes/sig-release Signed-off-by: Carlos Panato <ctadeu@gmail.com>

view details

Kubernetes Prow Robot

commit sha 3c601c08b538a295132e311e86b8d5dd8cc355b5

Merge pull request #15369 from cpanato/thaw-1.17 Enable Code Thaw for 1.17

view details

Stephen Augustus

commit sha 27e249582604358a7bd4766f5d3301a8b01f27ca

[1.18] releng: Update milestoneappliers for 1.18 Signed-off-by: Stephen Augustus <saugustus@vmware.com>

view details

Kubernetes Prow Robot

commit sha dbac0880fa9f8e935084fde3f23790cd047f20e7

Merge pull request #15348 from alexeldeib/ace/fixe2e fix: add kind volume preset to kubebuilder

view details

Kubernetes Prow Robot

commit sha 9adac595866dc2ac17610147d4c477638ec9ba8c

Merge pull request #15019 from justaugustus/118-milestone [1.18] releng: Update milestoneappliers for 1.18

view details

feifei.zhang@huawei.com

commit sha e64d0d01042af020f8370314864a6c08eaf3249e

fix golint failures

view details

Kubernetes Prow Robot

commit sha 4beb96650aaee54c274a42fb0ca011333808b6f5

Merge pull request #15186 from FayerZhang/master fix golint failures

view details

Arash Deshmeh

commit sha 61c35a95935d93d7bef8ebe770cb38aa53b32f7b

Check config for duplication in extra_refs Prow config now provides a validation function for presubmit jobs to allow checking for duplications in extra_refs field due to either: a) Specifying the repo for which the job is configured, or b) duplication among extra_refs entries. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha 2a07eff0a554fc4d88089eb5a801bcb047a00a4c

Check for extra_refs duplications in checkconfig The checkconfig command now validates the extra_refs field in presubmit jobs to make sure there are no duplications, including the specification of the repo for which the job is configured. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

push time in 2 months

Pull request review commentkubernetes/test-infra

Warn only once on unprotected branches

 func TestConfig_GetBranchProtection(t *testing.T) { 		}) 	} }++func TestReposWithDisabledPolicy(t *testing.T) {+	testCases := []struct {+		name              string+		config            Config+		expectedRepoWarns []string+	}{+		{+			name: "Warning is generated for repos with disabled policies",+			config: Config{+				ProwConfig: ProwConfig{+					BranchProtection: BranchProtection{+						Policy: Policy{+							Protect: no,+							RequiredStatusChecks: &ContextPolicy{+								Contexts: []string{"hello", "world"},+							},+						},+						AllowDisabledPolicies: true,+						Orgs: map[string]Org{+							"org1": {+								Repos: map[string]Repo{+									"repo1": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: yes,+												},+											},+										},+									},+									"repo2": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: yes,+												},+											},+										},+									},+								},+							},+						},+					},+				},+			},+			expectedRepoWarns: []string{"org1/repo1", "org1/repo2"},+		},+		{+			name: "No warnings if disabled policies are not allowed",

Thanks. Added the test cases.

adshmh

comment created time in 2 months

Pull request review commentkubernetes/test-infra

Warn only once on unprotected branches

 func TestConfig_GetBranchProtection(t *testing.T) { 		}) 	} }++func TestReposWithDisabledPolicy(t *testing.T) {+	testCases := []struct {+		name              string+		config            Config+		expectedRepoWarns []string+	}{+		{+			name: "Warning is generated for repos with disabled policies",+			config: Config{+				ProwConfig: ProwConfig{+					BranchProtection: BranchProtection{+						Policy: Policy{+							Protect: no,+							RequiredStatusChecks: &ContextPolicy{+								Contexts: []string{"hello", "world"},+							},+						},+						AllowDisabledPolicies: true,+						Orgs: map[string]Org{+							"org1": {+								Repos: map[string]Repo{+									"repo1": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: yes,

Thanks for the review. I have removed the branch part of the config to emphasise this is a warning at the repo level.

adshmh

comment created time in 2 months

Pull request review commentkubernetes/test-infra

Warn only once on unprotected branches

 func (c *Config) GetPolicy(org, repo, branch string, b Branch) (*Policy, error) 	return &policy, nil } +func isUnprotected(policy Policy, allowDisabledPolicies bool) bool {+	if allowDisabledPolicies && policy.Protect != nil && !*policy.Protect {+		policy.Protect = nil+		if policy.defined() {+			return true+		}+	}+	return false+}++func (c *Config) reposWithDisabledPolicy() []string {+	repoWarns := sets.NewString()+	for orgName, org := range c.BranchProtection.Orgs {+		for repoName := range org.Repos {+			repoPolicy := c.BranchProtection.GetOrg(orgName).GetRepo(repoName)+			if isUnprotected(repoPolicy.Policy, c.BranchProtection.AllowDisabledPolicies) {+				repoWarns.Insert(fmt.Sprintf("%s/%s", orgName, repoName))+			}+		}+	}+	return repoWarns.List()+}++func (c *Config) unprotectedBranches() []string {+	branchWarns := sets.NewString()+	for orgName, org := range c.BranchProtection.Orgs {+		for repoName, repo := range org.Repos {+			for branchName := range repo.Branches {+				b, err := c.BranchProtection.GetOrg(orgName).GetRepo(repoName).GetBranch(branchName)+				if err != nil {+					continue+				}+				policy, err := c.GetPolicy(orgName, repoName, branchName, *b)+				if err != nil {+					continue+				}+				if policy != nil && isUnprotected(*policy, c.BranchProtection.AllowDisabledPolicies) {+					branchWarns.Insert(fmt.Sprintf("%s/%s", orgName, repoName))

Thank you for the review. I have updated the PR.

adshmh

comment created time in 2 months

push eventadshmh/test-infra

Kubernetes Prow Robot

commit sha c4f4b5ab1ddd5bdf6b786d8f61a0ebcf3ab24870

Merge pull request #14762 from k8s-ci-robot/autobump Update prow to v20191014-5b6eb77e5, and other images as necessary.

view details

Alvaro Aleman

commit sha 30b3088e3e8792c99fbb3c4465fca6a0361524c4

Override plugin: Use GetPresubmits

view details

Erick Fejta

commit sha 7e2bc64866efd0e3f7f1394fea93b1bb3cc05704

Use legacy_resolver for prometheus_operator

view details

Alvaro Aleman

commit sha ad8c456d48410a49c5234fdf8e21d33a34a48bb7

Revert "Revert "Merge pull request #14748 from alvaroaleman/fix-access-default-decoration-config"" This reverts commit 5b25b5cee5b46fcbee701cb429c1754598270e43.

view details

Benjamin Elder

commit sha 104a0b1d17a87586b548f5ea4066eab7a0996641

don't touch binfmt_misc in prow

view details

Kubernetes Prow Robot

commit sha 4ade4a9c65f99e55b6fd4618111a4996e0ccca9e

Merge pull request #14766 from fejta/oncall Use legacy_resolver for prometheus_operator

view details

Kubernetes Prow Robot

commit sha 724802bfa5542d4d93764a61f4546b1f2e31d2b3

Merge pull request #14765 from alvaroaleman/override-use-get-presubmits Override plugin: Use GetPresubmits

view details

Kubernetes Prow Robot

commit sha 9a9c89077c130b72964b7812ad2d402731429493

Merge pull request #14767 from alvaroaleman/vert-default-decoration-configs Re-Introduce default_decoration_configs

view details

Anish Ramasekar

commit sha 50043bb0238e20efd2914698f75dab1eb7dddbb0

add testgrid-alert-email for dual-stack

view details

Kubernetes Prow Robot

commit sha 456ae688b3168481a131141959c648375b60b382

Merge pull request #14771 from aramase/dualstack-email add testgrid-alert-email for dual-stack

view details

Stephen Augustus

commit sha 1d246bbea27e366324cee4f67d1567b888b94e70

releng: Add shadow kubernetes build jobs Here we add a set of "shadow jobs" (ci-kubernetes-shadow-build and ci-kubernetes-shadow-build-fast), which mirror the configs of ci-kubernetes-build and ci-kubernetes-build-fast, save a few configuration details. The intent here is to begin getting signal by pushing builds to the community-hosted GCP project (k8s-staging-release-test) instead of the Google-hosted one. Having artifacts in the community-hosted GCP project will also enable us to begin testing flows like building, signing, and publishing debs/rpms. Signed-off-by: Stephen Augustus <saugustus@vmware.com>

view details

Stephen Augustus

commit sha 3c02fbea438c9f7e5646bec198c515cd436ed483

releng: Fix ci-release-build-packages-debs command The deb building tool was refactored, so the tool name change and flag changes were causing the test job to fail. This should fix it. Signed-off-by: Stephen Augustus <saugustus@vmware.com>

view details

Kubernetes Prow Robot

commit sha 87f764370df9a69bc668462ab0c62812401993cf

Merge pull request #14774 from justaugustus/debs releng: Fix ci-release-build-packages-debs command

view details

Alvaro Aleman

commit sha e3afc2ce4adabf7f2bf7083e57222f4f1665916f

Revert "Revert "Merge pull request #14235 from alvaroaleman/tide-use-lister"" This reverts commit ac21b42d03125cfd8f97f3ff77d7ebb9a8b6e1da.

view details

Alvaro Aleman

commit sha f343e0222c58bdf768fc192425a8f85bf6760066

Correctly set prowjob namespace

view details

Jakub Pierewoj

commit sha ef5f73e5cd4852800d419d7a5ed16cee35b3d12e

Remove using system_pod_metrics override in scalability tests System pod metrics is enabled by default now, there is no need for specifying this override.

view details

Kubernetes Prow Robot

commit sha f48605a5a8416cabfe48f344f687f243eb0820c8

Merge pull request #14775 from pierewoj/master Remove using system_pod_metrics override in scalability tests

view details

Jakub Pierewoj

commit sha 72f3e133e69643e8926ea793b51dd1aafdeecc30

Use main cluster kubeconfig in kubemark dump-logs Logexporter pods in kubemark should be created in the main (non-kubemark) cluster. To achieve this, we set kubeconfig to target main cluster for the dump-logs. After log dumping it finished, kubeconfig will target kubecmark cluster again. Testing: * ran kubetest locally, verified that logexporter pods are deployed to the main cluster

view details

Jordan Liggitt

commit sha 706f5871dfc9866aa0942950879751f40f12200c

Allow /hold with reason

view details

Kubernetes Prow Robot

commit sha e425d88528acab1c2f7e129ef2929acd9f0a3e13

Merge pull request #14779 from alvaroaleman/vert-tide-lister Re-Add: Tide: Use a lister for prowjobs

view details

push time in 2 months

Pull request review commentkubernetes/test-infra

Use git client in tide to get the list of files changed by each PR

 func (f *fgc) GetPullRequestChanges(org, repo string, number int) ([]github.Pull 		nil } +func getGitClient() (*localgit.LocalGit, *git.Client, error) {

Thank you for the review. I have updated the PR.

adshmh

comment created time in 2 months

Pull request review commentkubernetes/test-infra

Use git client in tide to get the list of files changed by each PR

 func (r *Repo) MergeCommitsExistBetween(target, head string) (bool, error) { 	} 	return len(b) != 0, nil }++// DiffThreeDot does a three dot diff to get all the changes introduced by a+// commit/branch since it was last synced with the base branch.+// For more details, see:+// https://help.github.com/en/articles/about-comparing-branches-in-pull-requests+func (r *Repo) DiffThreeDot(base, head string) ([]string, error) {+	r.logger.Infof("DiffThreeDot base %s with head %s'.", base, head)

Thank you for the review. I have updated the PR.

adshmh

comment created time in 2 months

push eventadshmh/test-infra

James Munnelly

commit sha 99ed6564690bcd394d2d0cd6201e0d8e7ccd0b6a

Add cert-manager master branch jobs to testgrid Signed-off-by: James Munnelly <james.munnelly@jetstack.io>

view details

James Munnelly

commit sha 3e0b3388c8b1dad57c1d9e6e60e263d31dc4b176

Add jetstack as an acceptable testgrid 'company' Signed-off-by: James Munnelly <james.munnelly@jetstack.io>

view details

Matt Matejczyk

commit sha e4f667a035c00ae62dac8769ed7fe41eea7860e7

Revert "Use boskos for k8s.io/perf-tests presubmits" This reverts commit edc776c08afaab33642e096040860a69c57378a1. Boskos is broken due to https://github.com/kubernetes/test-infra/issues/14697 Will re-enable once it gets fixed. Ref. https://github.com/kubernetes/perf-tests/issues/650

view details

Kubernetes Prow Robot

commit sha 87d6f4ae83794115fccadbfb87d3e7b9b9835246

Merge pull request #14699 from mm4tt/perf-tests-boskos-revert Revert "Use boskos for k8s.io/perf-tests presubmits"

view details

James Munnelly

commit sha e6fcf8abc78f05a20b13397705f9bae9f246c232

Remove JoshVanL from OWNERS until he is an org-member

view details

Kubernetes Prow Robot

commit sha 6f3341f986fc0cde88553d2e9d27e901c5b9f937

Merge pull request #14696 from fabriziopandini/add-kubeadm-jobs add kubeadm jobs

view details

fabriziopandini

commit sha 40940f49b9a17ca7a137f305cbad106231cf2782

add dind to pull-kubeadm-operator-verify

view details

Kubernetes Prow Robot

commit sha 79cab2a262e5a5f3059d200a77e9da73b87d0b64

Merge pull request #14694 from fabriziopandini/pull-kubeadm-operator-verify-add-dind add dind to pull-kubeadm-operator-verify

view details

fabriziopandini

commit sha e34e7858df885f1c00de6f08350bb03d602c57be

fix-pull-kubeadm-operator-verify

view details

Kubernetes Prow Robot

commit sha 723ca7ced9d0528f865b961c3d9f96b8eead2e5a

Merge pull request #14700 from fabriziopandini/fix-pull-kubeadm-operator-verify fix pull-kubeadm-operator-verify

view details

Kubernetes Prow Robot

commit sha 2b8fec5112c43b1aae29bd0f9422eda08772735a

Merge pull request #14693 from tioxy/kops_verify_generated_image Change kops-verify-generated job image

view details

Lubomir I. Ivanov

commit sha 1fe267963e12193dc00e1b2443b76ed2f18347cc

testgrid: remove the sig-cluster-lifecycle-upgrade-skew dashboard These tests are not maintained by sig-cluster-lifecycle and they are GKE upgrade specific. Change their dashboard to google-gke-upgrade, where the rest of the GKE upgrade jobs reside.

view details

Lubomir I. Ivanov

commit sha c573f630c2f494d8cf1690c3e64183c30d29210e

testgrid: rename sig-cluster-lifecycle-misc to gce-misc This file contains: - ci-kubernetes-e2e-gce-ha-master - ci-kubernetes-e2e-gce-min-node-permissions these Jobs are already part of the google-gce dashboard and should not be under kubernetes/sig-cluster-lifecycle.

view details

Kubernetes Prow Robot

commit sha 4d493e504aff93da43754df12f675de3e5e2af82

Update prow to v20191010-78fe9feb7, and other images as necessary.

view details

Lubomir I. Ivanov

commit sha 0b3a47beaed2e58626525636038b411551740044

move: GCE/GKE tests outside of cluster-lifecycle These files contain jobs that are GKE/GCE (GCP) specific. It makes sense for them to be moved in the sig-cloud-provider/gcp folder and owned by the SIG Cloud Provider sub-project.

view details

Kubernetes Prow Robot

commit sha 2459f63aabd26f43e10232d7df676bd5d5d5fb38

Merge pull request #14684 from k8s-ci-robot/autobump Update prow to v20191010-78fe9feb7, and other images as necessary.

view details

Kubernetes Prow Robot

commit sha 2d51b9495add12509f785b5788390c3a5ad022f2

Merge pull request #14698 from munnerz/testgrid-cert-manager testgrid: add cert-manager master branch jobs

view details

Kubernetes Prow Robot

commit sha ee7ff3d731b5c0c7c37f8b2cea5aa8514ff05456

Merge pull request #14701 from neolit123/kubeadm-e2e move: GCE/GKE tests outside of cluster-lifecycle

view details

Steve Kuznetsov

commit sha bf95c2c983a621ac3b59a59e6f80cfb4e4780a6e

Expose primary ref completion functions Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Kubernetes Prow Robot

commit sha 63449e8df732a9b803d44f576d208bb3bf066cbe

Merge pull request #14706 from stevekuznetsov/skuznets/expose-more-methods Expose primary ref completion functions

view details

push time in 2 months

Pull request review commenttektoncd/pipeline

Tag published images

 spec:       done        # Publish images and create release.yaml-      ko resolve --preserve-import-paths -f /workspace/go/src/github.com/tektoncd/pipeline/config/ > /workspace/output/bucket/latest/release.yaml+      ko resolve --preserve-import-paths -t $(inputs.params.versionTag) -f /workspace/go/src/github.com/tektoncd/pipeline/config/ > /workspace/output/bucket/latest/release.yaml

Thank you for the reviews. I will submit another PR to remove the gcloud tagging.

adshmh

comment created time in 2 months

Pull request review commentkubernetes/test-infra

Use git client in tide to get the list of files changed by each PR

 func (c *changedFilesAgent) prChanges(pr *PullRequest) config.ChangedFilesProvid 		} 		c.RUnlock() -		// We need to query the changes from GitHub.-		changes, err := c.ghc.GetPullRequestChanges(-			string(pr.Repository.Owner.Login),-			string(pr.Repository.Name),-			int(pr.Number),-		)+		cloneRef := fmt.Sprintf("%s/%s", org, repo)+		r, err := c.gc.Clone(cloneRef) 		if err != nil {-			return nil, fmt.Errorf("error getting PR changes for #%d: %v", int(pr.Number), err)+			return nil, fmt.Errorf("error cloning repo %s: %v", cloneRef, err) 		}-		changedFiles = make([]string, 0, len(changes))-		for _, change := range changes {-			changedFiles = append(changedFiles, change.Filename)+		changedFiles, err = r.DiffThreeDot(string(pr.BaseRef.Name), string(pr.HeadRefOID))

Thank you for pointing this out. I did some tests with cloning a github repo and using three dot diff between master and a PR's headRefOID, and it seems that changes can be obtained this way. Could I be missing some cases? (alternatively, if that seems a better approach, I can simply add a call to CheckoutPullRequest before calling on the Diff method).

adshmh

comment created time in 3 months

Pull request review commentkubernetes/test-infra

Use git client in tide to get the list of files changed by each PR

 func (c *changedFilesAgent) prChanges(pr *PullRequest) config.ChangedFilesProvid 		} 		c.RUnlock() -		// We need to query the changes from GitHub.-		changes, err := c.ghc.GetPullRequestChanges(-			string(pr.Repository.Owner.Login),-			string(pr.Repository.Name),-			int(pr.Number),-		)+		cloneRef := fmt.Sprintf("%s/%s", org, repo)+		r, err := c.gc.Clone(cloneRef)

Thank you for the review. I will update the PR.

adshmh

comment created time in 3 months

PR opened tektoncd/pipeline

Tag published images

<!-- 🎉🎉🎉 Thank you for the PR!!! 🎉🎉🎉 -->

Changes

To make it easier to identify the installed version of tekton pipeline, built images are now individually tagged with the specified release. Partly addresses #1232.

This PR uses ko to tag the built images. Unfortunatelty, ko does not specify the image tag on the output (only specifies the digest). Therefore, what remains to be done is either: a) log an issue against ko to include the tags, or b) manually process the output of ko and append tags

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you review them:

See the contribution guide for more details.

Double check this list of stuff that's easy to miss:

Reviewer Notes

If API changes are included, additive changes must be approved by at least two OWNERS and backwards incompatible changes must be approved by more than 50% of the OWNERS, and they must first be added in a backwards compatible way.

Release Notes

Describe any user facing changes here, or delete this block.

Examples of user facing changes:
- API changes
- Bug fixes
- Any changes in behavior

+1 -1

0 comment

1 changed file

pr created time in 3 months

push eventadshmh/pipeline

Arash Deshmeh

commit sha 5487bbbed63b9a4939ec6d7c39d0254d130b4d84

Tag published images To make it easier to identify the installed version of tekton pipeline, built images are now individually tagged with the specified release. Partly addresses #1232. This PR uses ko to tag the built images. Unfortunatelty, ko does not specify the image tag on the output (only specifies the digest). Therefore, what remains to be done is either: a) log an issue against ko to include the tags, or b) manually process the output of ko and append tags Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

push time in 3 months

create barnchadshmh/pipeline

branch : 1232-releases-image-tags-include-version

created branch time in 3 months

pull request commentkubernetes/test-infra

Retire optional contexts removed from repos

I think we only want to do this when the tide configuration is set to not skip unknown contexts

Thank you for the review. I have updated the PR to retire removed contexts only when 'skip_unknown_contexts' is not set.

adshmh

comment created time in 3 months

push eventadshmh/test-infra

Petr Muller

commit sha 3349e02b6907eb70350121fc63456c25d5608063

github: Add UpdateRepo() method

view details

Petr Muller

commit sha 56ce7ad384b2e9e64cab1da7f073684da2e1ec20

peribolos: Add feature to update existing GitHub repos

view details

Petr Muller

commit sha 2828c7175f86bb3337bceb8dfa7aaf63c66ccab3

peribolos: Prevent unsupported API call to unarchive a repo

view details

Linus Arver

commit sha d37fa12b82eaf953491a67a6fb4314164d92de7e

promoter: bump image The images are now referenced from the official prod registry us.gcr.io/k8s-artifacts-prod, instead of the staging GCR. We have to use a regional GCR for now (US region) because the global redirect mirror is not set up yet. There are 2 other associated changes here: (1) the promoter manifests are now broken up into pairs "promoter-manifest.yaml" and "images.yaml" in the k8s.io repo, and so the `run_if_changed` field is updated accordingly; (2) the new `-thin-manifest-dir` flag is used, which only accepts the more secure "thin" promoter manifests where the credentials are separated from the image description.

view details

Jakub Pierewoj

commit sha 5ef15044442ca5f8af0122d0cdb64c6e5b8010d5

Enable logexporter in kubermark periodic tests It should work now, since the fix for using main cluster KUBECONFIG when calling dump-logs was merged.

view details

Petr Muller

commit sha 17b193b0e826819c14f95d792b1942e60d511d45

Make repo archival and publish subject to explicit allow parameter

view details

Petr Muller

commit sha 22f777b41a2b9edaccf8ec16988154083caf466a

peribolos: update all allowed repo properties Previously, when a not allowed change was encountered, it prevented the whole repo update, even if other (allowed) changes were requested. This commit makes peribolos just remove the forbidden change from the update request, so the remaining changes can be made.

view details

Ernest Wong

commit sha c5327a5b378407e3897dd4e9072eaee46d30b471

Add log dumping feature in Azure Deployer

view details

Hongkai Liu

commit sha bdb960d8a2e140da93cf5fb864e88d10fbb8701d

Isolate censoring logger from Secret Agent This allows for the logger with censoring to be imported without the context of secret agent.

view details

Amit Watve

commit sha 38afae0fb27e68df75530e8e75554096c75f66cc

[Gerrit] Modify lastUpdate to be per project instead of global.

view details

Amit Watve

commit sha 5c5464f27db8fb9aec5e84668fa97c62864eeadc

Remove pointers to maps.

view details

Cole Wagner

commit sha 973e13c1124725b5f82a854b3a27e988093084e2

Fix pj-on-kind.sh to work without JOB_CONFIG.

view details

Kubernetes Prow Robot

commit sha a1a5b03d5644aaf935fbb9aa833c94bfde013d30

Merge pull request #14916 from cjwagner/pj-on-kind-no-job-config Fix pj-on-kind.sh to work without JOB_CONFIG.

view details

Travis Clarke

commit sha da52344181dc98cab313a0fa4db7753accf206ac

Reduce "JobAgent.update" to one sort operation

view details

Kubernetes Prow Robot

commit sha e9f2eb5b498003936ad687e26fb2d3b7a930277b

Merge pull request #14897 from listx/master promoter: bump image

view details

Linus Arver

commit sha 86c5048bca197c7cd9514cbe5c0e8a5bb60aead4

pull-k8sio-cip: fix invocation This should have been done as part of https://github.com/kubernetes/test-infra/pull/14897.

view details

Kubernetes Prow Robot

commit sha 6c4d596890c3d460a9c7310aa64d8ca0f5091661

Merge pull request #14919 from listx/bump pull-k8sio-cip: fix invocation

view details

Lun-kai Hsu

commit sha 46ae109a5ffb15f86e05e8c49c965f376c0d7f26

alert on kubeflow periodic

view details

Adrian Ludwin

commit sha e956f074983aa9fcf2ece2c8d1b88f8fc6459440

Try to fix HNC trigger

view details

Stephen Augustus

commit sha f6450ce31a76af3f931137fd1d92e83dd54d5173

releng: Move prototype Kubernetes builds to test-infra-trusted cluster We missed this in a previous PR, but these prototype build jobs should run in the test-infra-trusted cluster so that they have credentials to execute GCB runs on the k8s-staging-release-test GCP project. Signed-off-by: Stephen Augustus <saugustus@vmware.com>

view details

push time in 3 months

PR opened kubernetes/test-infra

Retire optional contexts removed from repos

status-reconciler now retires any optional contexts that are removed from repos, as these will otherwise block merges due to tide's skip-unknown-contexts being false by default.

Fixes #14705

+7 -3

0 comment

2 changed files

pr created time in 3 months

create barnchadshmh/test-infra

branch : 14705-retire-optional-removed-contexts

created branch time in 3 months

push eventadshmh/test-infra

Peter Rifel

commit sha c3aa4e89e06b719ea845ec3d7f83ac86a4e726ef

Update AMIs used by Kops periodic jobs

view details

Christoph Blecker

commit sha f6e04172672fac04aa2f0d2e5ddd1cbf95bdd74c

Add goose plugin

view details

Alvaro Aleman

commit sha b7e08fb7134bf6a536034a354eff16225756a04b

Config-{Forker,Rotator}: Use PresubmitsStatic() instead of directly accessing config

view details

Alvaro Aleman

commit sha 893a659c61670a89fca608aeb807ef6c01a3ec5c

Statusreconciler: Use PresubmitsStatic()

view details

Alvaro Aleman

commit sha 73ab64437f2b4ce3d8563d86ff0ab8b161ccd459

Testgrid configurator: Use PresubmitsStatic()

view details

Alvaro Aleman

commit sha dacf56e4686c5aeafa7fdb03de129f3b835b8154

Checkconfig: Use PresubmitsStatic

view details

Alvaro Aleman

commit sha 822140ac44eea191d7a663a1d91a0c31ec992951

Mkpj: Use PresubmitsStatic()

view details

Alvaro Aleman

commit sha a325c40bce47bbf40a85165bd98a3fb62d4e5586

Gerrit adapter: Use PresubmitsStatic()

view details

Alvaro Aleman

commit sha 18246a367a24f65d43b449a6f045838025bff0da

Extract presubmit validation

view details

Justin SB

commit sha 4198f2dfb0d0602a10d1de9488f132b22a256291

kops-verify-generated job Create a job that verifies that generated code/artifacts are up to date for kops PRs.

view details

Alvaro Aleman

commit sha 4b554160e85d8221b4946f3298c2b64ca403cbb3

Extract presubmit defaulting

view details

Alvaro Aleman

commit sha 5e09933d726b4c2e0505422dfd22cbe076a73668

Extract postsubmit defaulting

view details

Alvaro Aleman

commit sha be0670c3d63e18b40b52801d985595355918ff49

Extract periodics defaulting

view details

Cole Wagner

commit sha ade9d35b0719b804e33bf0f1b9285972132cbf30

Create an image to provide Prow autobump using the old bash scripts."

view details

Cole Wagner

commit sha e98b33c03fd1810902c888466dcde0415b11beef

Move experiment/prow-autobump to prow/cmd/autobump and build with bazel instead of cloudbuild.

view details

Matt Matejczyk

commit sha edc776c08afaab33642e096040860a69c57378a1

Use boskos for k8s.io/perf-tests presubmits Ref. https://github.com/kubernetes/perf-tests/issues/650

view details

Kubernetes Prow Robot

commit sha 0492f1d6ebc23b10ebe8a756e81fcbacf85ac92a

Merge pull request #14668 from cjwagner/back-to-the-bashics Add a simple generalized autobumper for Prow.

view details

Alvaro Aleman

commit sha f93c5a579a7acb35fea0584d531ec892af2e3042

Extract postsubmit validation

view details

Alvaro Aleman

commit sha 273c4f92ee8925ab15fd339480b46db7a0d652ec

Extract periodic validation

view details

Kubernetes Prow Robot

commit sha 0112de737ddd4d4e8505c298866593b2d87c12d4

Update prow to v20191009-0492f1d6e, and other images as necessary.

view details

push time in 3 months

Pull request review commentkubernetes/test-infra

Peribolos skip team repo if permissions invalid

 func configureTeamRepos(client teamRepoClient, githubTeams map[string]github.Tea  	actions := map[string]github.RepoPermissionLevel{} 	for wantRepo, wantPermission := range want {-		if havePermission, haveRepo := have[wantRepo]; haveRepo && havePermission == wantPermission {-			// nothing to do-			continue+		if havePermission, haveRepo := have[wantRepo]; haveRepo {+			if havePermission == github.None {

Thank you for the review. Since the 'have' items come from GitHub teams API, I thought only repos on which the team has some level of access will be listed, therefore 'none' in the above (should?) only refer to 'unparsable' case, otherwise the repo would not have been listed at all. Does that seem incorrect?

That line is an attempt to avoid updating permission levels according to 'want', if the existing permission, i.e. 'have', cannot be understood (as would be with 'Maintain' and 'Triage' levels).

Regarding the skip behaviour, do you mean it is preferable to just fail updating the team, rather than skipping the updating of its permission level on a repo?

adshmh

comment created time in 3 months

pull request commentkubernetes/test-infra

Peribolos skip team repo if permissions invalid

  • This is related to #14325. However, that issue is logged for when Peribolos is dumping the org structure. This PR is to prevent updating a team's repo if the existing permission level reported by GitHub API cannot be parsed (i.e. 'none' permission level)

  • Peribolos currently uses 'none' level in the org config file to remove repos from a team, i.e. cannot remove a repo from a team by not listing it in config. Therefore, dumping an org using Peribolos and then re-applying it will result in removal of repos with 'Triage' and 'Maintain' permission levels from the team. I have not modified that logic to avoid changing existing behaviour.

adshmh

comment created time in 3 months

PR opened kubernetes/test-infra

Peribolos skip team repo if permissions invalid

See #14325

Peribolos will now skip updating a repo for a team if the existing permission level for the team on the repo is 'none'. This is to avoid overwriting any of the team's repos if the existing permission level cannot be parsed, e.g. with new 'Triage' and 'Maintain' levels not yet exposed by GitHub API v3.

Signed-off-by: Arash Deshmeh adeshmeh@ca.ibm.com

+27 -3

0 comment

2 changed files

pr created time in 3 months

issue commentkubernetes/test-infra

Peribolos does not support new Github team repo permissions

This happens because GitHub API calls on ListTeamRepos returns false for all permission levels, i.e. push, pull, admin, when a team has the Maintainer role.

I couldn't find any v3 API calls that returns the beta new roles on a repository, but v4, i.e. graphql endpoint, does seem to report Maintainer or Triage levels

Peribolos does not currently use graphql endpoint, but perhaps it can be updated to do so. This could also mean fewer, ideally a single, calls to get the organisation structure, thus saving tokens.

I'd be happy to submit a patch if this sounds like a good approach.

coverprice

comment created time in 4 months

fork adshmh/pipeline

A K8s-native Pipeline resource.

https://tekton.dev

fork in 4 months

Pull request review commentkubernetes/test-infra

allow owners/github teams to override contexts

 func authorized(gc githubClient, log *logrus.Entry, org, repo, user string) bool 	return ok } +func authorizedTopLevelOwner(oc ownersClient, allowTopLevelOwners bool, log *logrus.Entry, org, repo, user string, pr *github.PullRequest) bool {+	if allowTopLevelOwners {+		owners, err := oc.LoadRepoOwners(org, repo, pr.Base.Ref)+		if err != nil {+			log.WithError(err).Warnf("cannot determine whether %s is a top level owner of %s/%s", user, org, repo)+			return false+		}++		if owners.TopLevelApprovers().Has(user) {

Thank you for catching that. Updated the PR.

adshmh

comment created time in 4 months

Pull request review commentkubernetes/test-infra

allow owners/github teams to override contexts

 func authorized(gc githubClient, log *logrus.Entry, org, repo, user string) bool 	return ok } +func authorizedTopLevelOwner(oc ownersClient, allowTopLevelOwners bool, log *logrus.Entry, org, repo, user string, pr *github.PullRequest) bool {+	if allowTopLevelOwners {+		owners, err := oc.LoadRepoOwners(org, repo, pr.Base.Ref)+		if err != nil {+			log.WithError(err).Warnf("cannot determine whether %s is a top level owner of %s/%s", user, org, repo)+			return false+		}++		if owners.TopLevelApprovers().Has(user) {+			return true+		}+	}+	return false+}++func validateGitHubTeamSlugs(teamSlugs map[string][]string, org, repo string, githubTeams []github.Team) error {+	slugs := sets.NewString()+	for _, team := range githubTeams {+		slugs.Insert(team.Slug)+	}++	repoRef := fmt.Sprintf("%s/%s", org, repo)+	invalidSlugs := sets.NewString()+	for _, slug := range teamSlugs[repoRef] {+		if !slugs.Has(slug) {+			invalidSlugs.Insert(slug)

Thanks, updated the PR.

adshmh

comment created time in 4 months

Pull request review commentkubernetes/test-infra

allow owners/github teams to override contexts

 func handle(oc overrideClient, log *logrus.Entry, e *github.GenericCommentEvent) 		return oc.CreateComment(org, repo, number, plugins.FormatResponseRaw(e.Body, e.HTMLURL, user, resp)) 	} +	if !authorized && !authorizedTopLevelOwner(oc, options.AllowTopLevelOwners, log, org, repo, user, pr) {+		resp := fmt.Sprintf("%s unauthorized: /override is restricted to repo administrators or top level code owners", user)

Thank you for the review. I have updated the PR.

adshmh

comment created time in 4 months

Pull request review commentkubernetes/test-infra

allow owners/github teams to override contexts

 func authorized(gc githubClient, log *logrus.Entry, org, repo, user string) bool 	return ok } +func authorizedTopLevelOwner(oc ownersClient, allowTopLevelOwners bool, log *logrus.Entry, org, repo, user string, pr *github.PullRequest) bool {+	if allowTopLevelOwners {+		owners, err := oc.LoadRepoOwners(org, repo, pr.Base.Ref)+		if err != nil {+			log.WithError(err).Warnf("cannot determine whether %s is a top level owner of %s/%s", user, org, repo)+			return false+		}++		if owners.TopLevelApprovers().Has(user) {+			return true+		}+	}+	return false+}++func validateGitHubTeamSlugs(teamSlugs map[string][]string, org, repo string, githubTeams []github.Team) error {+	slugs := sets.NewString()+	for _, team := range githubTeams {+		slugs.Insert(team.Slug)+	}++	repoRef := fmt.Sprintf("%s/%s", org, repo)+	invalidSlugs := sets.NewString()+	for _, slug := range teamSlugs[repoRef] {+		if !slugs.Has(slug) {+			invalidSlugs.Insert(slug)+		}+	}+	if invalidSlugs.Len() > 0 {+		return fmt.Errorf("invalid team slug(s): %s", strings.Join(invalidSlugs.List(), ","))+	}+	return nil+}++func authorizedGitHubTeamMember(gc githubClient, log *logrus.Entry, teamSlugs map[string][]string, org, repo, user string) bool {+	repoRef := fmt.Sprintf("%s/%s", org, repo)+	teams, err := gc.ListTeams(org)+	if err != nil {+		log.WithError(err).Warnf("cannot get list of teams for org %s", org)+		return false+	}+	if err := validateGitHubTeamSlugs(teamSlugs, org, repo, teams); err != nil {

Thank you for the review. Yes, the validation only generates a warning to make sure an invalid team slug, e.g. a misspelling of a team's name, does not result in unexpected authorisation failure. I have updated the PR and added a test case to explicitly check for this.

adshmh

comment created time in 4 months

push eventadshmh/test-infra

Travis Clarke

commit sha 8dc8dcc48bf5c5e73196ad647693ea4e1aa6061e

frontend: deck config snippet implementation

view details

Travis Clarke

commit sha 6699060850f30f0b11f3069701eb86c6676285ed

backend: deck config snippet implementation

view details

Travis Clarke

commit sha 6c573ac3583cd8a79a1442afc706c6ee28f77159

deps: deck config snippet implementation

view details

Stephen Augustus

commit sha 7feee39850387e4ed9c0b1d8f54ea4d28f204532

capi: Add image pushing job for capz Signed-off-by: Stephen Augustus <saugustus@vmware.com>

view details

Patrick Ohly

commit sha 8a1c49f7a4d428f06c46e058d140bb61503ea956

kubernetes-csi: dind image bump

view details

Patrick Ohly

commit sha f3075e4edca560facf5447d15e051d92cc5d12cb

kubernetes-csi: clean up skipped branches Some of these branches have been removed from the repos and those that remain shouldn't be the target of a pull request, so we don't need to list them.

view details

Patrick Ohly

commit sha 16698a5e53ebfede197312419e9b141b9f92db63

kubernetes-csi: add dashboard annotations for all pull jobs The pull jobs for repos that get tested with multiple Kubernetes versions didn't have dashboard annotations. Those are preferred over explicitly configuring the dashboard.

view details

Patrick Ohly

commit sha 78da628e35469cdfa4a7226893b457e82eac9a2f

kubernetes-csi: avoid overriding Kubernetes version for single-Kubernetes repos The original intention was to let repos which only need to be tested against a single Kubernetes release choose that release themselves. The comment for `single_kubernetes_repos` still describes that behavior. https://github.com/kubernetes/test-infra/pull/13434 changed that so that 1.15 is used for all of these repos because of some issues with external-snapshotter. external-snapshotter now has 1.15 in its own prow.sh, so we don't need the override anymore in the test job and can revert to the original behavior.

view details

Patrick Ohly

commit sha 8dc06c2c5f4589ee6051a59dd86a2cb9cc955b29

kubernetes-csi: test snapshotter, resizer and liveness with different Kubernetes versions All are now part of all csi-driver-host-path deployments for Kubernetes 1.13 and later and their functionality may differ depending on the Kubernetes version. Therefore it makes sense to enable the full test matrix instead of testing with just one Kubernetes version.

view details

Patrick Ohly

commit sha 56b4e0d82f2777adef28383ffba58306ef07b2c0

testgrid: remove whitelisting of kubernetes-csi repos All of them are in testgrid now.

view details

Alvaro Aleman

commit sha c09cdf52d514221ac9d0564cceb2642d72d7d3a0

Tide: Use GetPresubmits

view details

Alvaro Aleman

commit sha 771f297f655cec52eb1ca131950ae86ad877b7ab

Tide: Re-Use subpools baseSha for contextPolicy

view details

Alvaro Aleman

commit sha 935f1483213e49b26bddbde688176f7c2bfd3885

Tide: De-Duplicate changes in batchChanges

view details

Alvaro Aleman

commit sha 64187ce6c2d32a88831e303534079d39e2affe3f

Tide: Don't shadow presubmits var in presubmityByPull

view details

Alvaro Aleman

commit sha 855db848b05cb256dbb5d07910508706d8892534

Avoid using a global for FakeInRepoConfig

view details

Justin SB

commit sha dae7c7ec9e4e3a850c140aaccf17d52f175e6bb9

kubetest: pass the cluster-tag to aws e2e This enables the correct tagging of volumes, as used by https://github.com/kubernetes/kubernetes/pull/83301

view details

Benjamin Elder

commit sha c59df6cd1a4d42c5753c32090e34916d08df45c2

bentheelder is oncall tomorrow, add to OWNERS

view details

Katharine Berry

commit sha 98327d480c33f2d0742a70599d9136e071bd3172

Don't try loading the remote config for runlocal. This can't possibly work - prow can't parse config prow has already parsed. Also, the /plugin-config endpoint is busted anyway.

view details

Katharine Berry

commit sha 96a1feb851f1c5b1bd1456e13c8acf5f8d17f32e

Force spyglass logs to soft wrap at end of line.

view details

Katharine Berry

commit sha e87b228f2d77834f7fa32d1d6d91c182a1454701

install the tool that makes this legible, I guess.

view details

push time in 4 months

Pull request review commentkubernetes/test-infra

allow owners/github teams to override contexts

 func authorized(gc githubClient, log *logrus.Entry, org, repo, user string) bool 	return ok } +func authorizedTopLevelOwner(oc ownersClient, allowTopLevelOwners bool, log *logrus.Entry, org, repo, user string, pr *github.PullRequest) bool {+	if allowTopLevelOwners {+		owners, err := oc.LoadRepoOwners(org, repo, pr.Base.Ref)+		if err != nil {+			log.WithError(err).Warnf("cannot determine whether %s is a top level owner of %s/%s", user, org, repo)+			return false+		}++		if owners.TopLevelApprovers().Has(user) {+			return true+		}+	}+	return false+}++func validateGitHubTeamSlugs(teamSlugs map[string][]string, org, repo string, githubTeams []github.Team) error {+	slugs := sets.NewString()+	for _, team := range githubTeams {+		slugs.Insert(team.Slug)+	}++	repoRef := fmt.Sprintf("%s/%s", org, repo)+	invalidSlugs := sets.NewString()+	for _, slug := range teamSlugs[repoRef] {+		if !slugs.Has(slug) {+			invalidSlugs.Insert(slug)+		}+	}+	if invalidSlugs.Len() > 0 {+		return fmt.Errorf("invalid team slug(s): %s", strings.Join(invalidSlugs.List(), ","))+	}+	return nil+}++func authorizedGitHubTeamMember(gc githubClient, log *logrus.Entry, teamSlugs map[string][]string, org, repo, user string) bool {+	repoRef := fmt.Sprintf("%s/%s", org, repo)+	teams, err := gc.ListTeams(org)

Thank you for the review. This was based on my interpretation of the comments on the issue that this was intended to allow override regardless of GitHub's teams' access to a repo, i.e. not necessarily follow GitHub teams' permissions on repositories. Could you please advise if only teams that manage a repo should be allowed to override?

adshmh

comment created time in 4 months

Pull request review commentkubernetes/test-infra

Use git client in tide to get the list of files changed by each PR

 func (r *Repo) MergeCommitsExistBetween(target, head string) (bool, error) { 	} 	return len(b) != 0, nil }++// ThreeDotDiff does a three dot diff to get all the changes introduced by a+// commit/branch since it was last synced with the base branch.+// For more details, see:+// https://help.github.com/en/articles/about-comparing-branches-in-pull-requests+func (r *Repo) ThreeDotDiff(base, head string) ([]string, error) {

Thank you for the review. Yes, I think DiffThreeDot reads better as well.

adshmh

comment created time in 4 months

Pull request review commentkubernetes/test-infra

Use git client in tide to get the list of files changed by each PR

 func retryCmd(l *logrus.Entry, dir, cmd string, arg ...string) ([]byte, error) {  func (r *Repo) Diff(head, sha string) (changes []string, err error) {

Thanks for the review. Updated the PR.

adshmh

comment created time in 4 months

push eventadshmh/test-infra

Katharine Berry

commit sha 7d8150288533d6ca182addeecb2c86a5dd078a37

don't pass --namespace to sinker

view details

Kubernetes Prow Robot

commit sha 4c871f02efffa9a6cd424644c0b0d1e8abe29907

Merge pull request #13944 from Katharine/unbreak-sinker Don't pass --namespace to sinker

view details

Linus Arver

commit sha 9d9216ae3a3eb9b067e2d1f66304c4585a586821

bump promoter images

view details

Haowei Cai

commit sha bba87db3c3cfae81ab5089fe5cf915f9b99ce793

remove CRD beta features from alpha jobs

view details

Miranda Christ

commit sha 4eb2b31e58c3938a66611379dbb8d557586a912a

Update GitHub OAuth docs

view details

Kubernetes Prow Robot

commit sha 93d008efd532653dfda076b09f6b8c3fd3496e50

Merge pull request #13946 from listx/bump bump promoter images

view details

Linus Arver

commit sha 3d8899a3bb8ff9a537aab4587b7fa32a0d8bd9fb

pull-k8sio-cip: add comment describing this job

view details

Linus Arver

commit sha 12b46b76425037f92a2ac1e23579aaf6f064163b

promoter: add e2e presubmit job

view details

Kubernetes Prow Robot

commit sha 6758a9c2679bf57883413f752c4fc1d68918b574

Merge pull request #13819 from mirandachrist/docs Update GitHub OAuth docs

view details

Kubernetes Prow Robot

commit sha 068e83ba2f8e9261c0af4cee598c70b92775945f

Merge pull request #13935 from krzyzacy/revert-plank-patch Revert #13908

view details

Steve Kuznetsov

commit sha 19349b8da524838f6a186553c18eaaeebe1a8286

Ping the on-call alias when sending alerts Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>

view details

Kubernetes Prow Robot

commit sha cbe738ab76475b644206a62a74d01ecfcd13f937

Merge pull request #13949 from stevekuznetsov/skuznets/ping-oncall Ping the on-call alias when sending alerts

view details

Mateusz Szostok

commit sha bbbdb42d28e9b90393bc623c6dc937366f2fc667

Add e2e test pipeline for Service Catalog

view details

Aaron Crickenberger

commit sha 2dfc4d0765b9ac67447e374dddd40b0b5c9e9754

cherry-pick: metrics - upgrade py2 -> py3

view details

Aaron Crickenberger

commit sha 172dff48deb7f732878002ca92f0b00e1ad6568c

Update bigquery image to support python3 Specifically - update to ubuntu:18.04 so python3 == python3.6 (was 3.5 on 16.04) - drop python-yaml, we now use ruamel.yaml installed via pip - other arbitrary bumps to stay current that worked locally - pip installs - gcloud version - add a README.md

view details

Kubernetes Prow Robot

commit sha 95e572a5564a4ff4e285ed4a4bff38ef191a9765

Merge pull request #13912 from spiffxp/metrics-py3 metrics - upgrade py2 -> py3 (take 2)

view details

Kubernetes Prow Robot

commit sha 7a17c3a8dd48b4733c6c660ae8f24b982ec5d399

Merge pull request #13932 from chases2/move-config-tests Moving config_test.go to config/tests

view details

Aaron Crickenberger

commit sha a4b980951903143998c22094b95352bfb7b53f18

Bump image for metrics-bigquery job

view details

Erick Fejta

commit sha 8556bb9c60684521f0f8410e0207f27049068572

Update pypi requirements.txt

view details

Kubernetes Prow Robot

commit sha 30835d80214c523a85bfd61ef2a407c930a50205

Merge pull request #13955 from fejta/py Update pypi requirements.txt

view details

push time in 4 months

PR opened kubernetes/test-infra

allow owners/github teams to override contexts

Allow top level repo OWNERS and specified GitHub team(s) members to override contexts.

Fixes #14205

+391 -7

0 comment

10 changed files

pr created time in 4 months

push eventadshmh/test-infra

Arash Deshmeh

commit sha 7fd7e4bcf8f4123cacbea2a37b26ce0cea18f182

Consolidate warnings on unprotected branches BranchProtection config does not generate warning on every unprotected branch anymore to avoid spamming the log. Instead the warnings are aggregated for each affected repo. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha 20dbdb00b17b6cc6d3bdd791c6959334e1c1b998

Tide and Branchprotector warn once on unprotected branches Tide and BranchProtector generate warnings about repos with unprotected branches only once per repo. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

push time in 4 months

Pull request review commentkubernetes/test-infra

Warn only once on unprotected branches

 func main() { 	if err != nil { 		logrus.WithError(err).Fatalf("Failed to load --config-path=%s", o.config) 	}+	branchWarns, repoWarns := cfg.BranchProtectionWarnings()

Thank you for the review. Updated the PR.

adshmh

comment created time in 4 months

Pull request review commentkubernetes/test-infra

Warn only once on unprotected branches

 func TestConfig_GetBranchProtection(t *testing.T) { 		}) 	} }++func TestBranchProtectionWarnings(t *testing.T) {+	testCases := []struct {+		name                string+		config              Config+		expectedBranchWarns []string+		expectedRepoWarns   []string+	}{+		{+			name: "Repos with unprotected branches are added to the warning list",+			config: Config{+				ProwConfig: ProwConfig{+					BranchProtection: BranchProtection{+						Policy: Policy{+							RequiredStatusChecks: &ContextPolicy{+								Contexts: []string{"hello", "world"},+							},+						},+						AllowDisabledPolicies: true,+						Orgs: map[string]Org{+							"org1": {+								Repos: map[string]Repo{+									"repo1": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: no,+												},+											},+										},+									},+									"repo2": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: no,+												},+											},+										},+									},+								},+							},+						},+					},+				},+			},+			expectedBranchWarns: []string{"org1/repo1", "org1/repo2"},+		},+		{+			name: "Warn only once about repos with multiple unprotected branches",+			config: Config{+				ProwConfig: ProwConfig{+					BranchProtection: BranchProtection{+						Policy: Policy{+							RequiredStatusChecks: &ContextPolicy{+								Contexts: []string{"hello", "world"},+							},+						},+						AllowDisabledPolicies: true,+						Orgs: map[string]Org{+							"org1": {+								Repos: map[string]Repo{+									"repo1": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: no,+												},+											},+											"branch2": {+												Policy{+													Protect: no,+												},+											},+										},+									},+									"repo2": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: no,+												},+											},+										},+									},+								},+							},+						},+					},+				},+			},+			expectedBranchWarns: []string{"org1/repo1", "org1/repo2"},+		},+		{+			name: "Warning is generated for repos with disabled policies",+			config: Config{+				ProwConfig: ProwConfig{+					BranchProtection: BranchProtection{+						Policy: Policy{+							Protect: no,+							RequiredStatusChecks: &ContextPolicy{+								Contexts: []string{"hello", "world"},+							},+						},+						AllowDisabledPolicies: true,+						Orgs: map[string]Org{+							"org1": {+								Repos: map[string]Repo{+									"repo1": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: yes,+												},+											},+										},+									},+									"repo2": {+										Branches: map[string]Branch{+											"branch1": {+												Policy{+													Protect: yes,+												},+											},+										},+									},+								},+							},+						},+					},+				},+			},+			expectedRepoWarns: []string{"org1/repo1", "org1/repo2"},+		},+	}++	for _, tc := range testCases {+		t.Run(tc.name, func(t *testing.T) {+			branchWarns, repoWarns := tc.config.BranchProtectionWarnings()+			t.Logf("DEBUG: %v", branchWarns)

Thanks. No, it wasn't. Fixed.

adshmh

comment created time in 4 months

push eventadshmh/test-infra

Hrishikesh Barman

commit sha 8cb0a57abd350ac4cdb06fe8fbfff6a292c4d5e3

Updated config-bootstrapper docs Signed-off-by: Hrishikesh Barman <hrishikeshbman@gmail.com>

view details

Hrishikesh Barman

commit sha 3e36fffc0fd939bc2bf221de0780ce805e452db2

added requested changes and usage Signed-off-by: Hrishikesh Barman <hrishikeshbman@gmail.com>

view details

Antonio Ojea

commit sha dc4d1de65d8538c6532443ad2f9ec6e5e7ad44c0

Set up kind jobs for 1.15 release

view details

Travis Clarke

commit sha beb83f5206f8ea53f053862890e89a576560bf0e

experiment/get_job_pods - upgrade py2 -> py3

view details

Travis Clarke

commit sha fc24268668fc58ba3b4bfba19a7648e0ab75cfa5

experiment/maintainence - upgrade py2 -> py3

view details

Davanum Srinivas

commit sha f3afdd1ff0b19f65fa3b04f08956e406c0024585

Remove additional processes for local-up-cluster Change-Id: Idb166465d7cabad662ba3d2f8d283dde531f0dc9

view details

Nikhita Raghunath

commit sha 5d731b5d34739315dcbb538580d0ef8bf4815dfa

retitle: enable allow_closed_issues option

view details

Arash Deshmeh

commit sha d43e10a91a75be4ddffc802588cd3e2e181b8a13

Add RepoPermissions to github User type The field permissions has been added to the github User type, thus included in the results returned from the ListCollaborators method. This is required by the branch protector to check the validity of the restrictions section of branch protection requests. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha aa4a6acf68fbec29b05e3c18869f701c811277ce

Add ListRepoTeams to GitHub client Add Permission field to Team and add the capability to return the list of teams with access to a repository from GitHub client. This is needed by branch protector to validate branch protection requests before sending them. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha 776308ab94ae3955768f63be9bf155b565354115

Validate branch protection requests for user/team authorization Branch protector verifies that any teams or collaborators specified in restrictions section of the branch protection request have either write or admin access to the repository. Requests with unauthorized collaborators or teams will be dropped before being submitted to github. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Arash Deshmeh

commit sha c9d6dff90c756b496f4cc4d44d4eee3342e5cbfd

Use a feature flag for branchprotector request verification The feature to check whether a collaborator/team specified in the restrictions section is authorized for the target branch is now hidden behind a feature flag to avoid API token usage if the feature is not needed. Signed-off-by: Arash Deshmeh <adeshmeh@ca.ibm.com>

view details

Sean Chase

commit sha 9d5b868d4cec8ca03116cfda8f8a7ec269ebe64d

Sharding Testgrid Config: sig-cl... sig-cli sig-cluster-lifecycle sig-instrumentation

view details

Nikhita Raghunath

commit sha fc17771552d42a516fb77b79bb2acb87c74192be

Add pull-kubernetes-{dependencies,verify} jobs for 1.16

view details

Martin André

commit sha 18ed0b9eb2ba3975b2d6059b6a21a63bb1d548a0

Only check for added owners Removing owners from the OWNERS file shouldn't flag them as untrusted. Nor should owners from the lines around ones that were edited in the patch. The verify-owners check should typically only flag added entries.

view details

Sen Lu

commit sha d0453f4fc1a1feb805186d8550c41c87ccdebc0c

Revert "Revert "Use patch instead of replace for prowjobs in plank"" This reverts commit c89268be382ab2557608c5c31438ec3e9b5aeb8f.

view details

Aaron Crickenberger

commit sha 459ecb9095747fb5e71661456af940e972897aca

swap periodic bazel jobs for postsubmits in sig-release boards There are postsubmit and periodic variants of bazel test and build jobs on sig-release dashboards. The postsubmits are currently in the -blocking and -all boards, and the periodics in -all. Jobs on release-blocking boards are expected to run at least every 3 hours. The postsubmits fail to meet this expectation since they tend to go quiet on the weekend when no commits are coming in. Reconcile to the following state for all but master - postsubmit bazel-foo goes to sig-release-1.y-all - periodic bazel-foo goes to sig-release-1.y-blocking, -all, google-unit For master: - postsubmit bazel-foo goes to google-unit - periodic bazel-foo goes to sig-release-master-blocking, -all, google-unit - bazel-foo-canary untouched, just field reordering I also adjusted the ordering of `name:` and `annotation:` fields for human readability

view details

Sen Lu

commit sha bd42e59c508ad4bc042eeae23705dfb2572068f3

update content type for patch method

view details

Hongkai Liu

commit sha 8c8767a6cb2c62b943cd256fe438113ccc8f9d21

Add more panels into ghproxy board

view details

Michelle Au

commit sha b1c1e9b72ea802ecccfb394ad0b5b06479228969

Disable csi-hostpath-v0 tests on alpha jobs and cleanup volume beta features

view details

John Howard

commit sha 8e84dc8a87cc37d0df6c0415bc285989d0ad9a4c

Update Istio testgrid configs

view details

push time in 4 months

Pull request review commentkubernetes/test-infra

Warn only once on unprotected branches

 func (c *Config) GetPolicy(org, repo, branch string, b Branch) (*Policy, error) 		old, policy.Protect = policy.Protect, old 		switch { 		case policy.defined() && c.BranchProtection.AllowDisabledPolicies:-			logrus.Warnf("%s/%s=%s defines a policy but has protect: false", org, repo, branch)+			unprotectedRepo = true 			policy = Policy{ 				Protect: policy.Protect, 			} 		case policy.defined():-			return nil, fmt.Errorf("%s/%s=%s defines a policy, which requires protect: true", org, repo, branch)+			return nil, false, fmt.Errorf("%s/%s=%s defines a policy, which requires protect: true", org, repo, branch) 		} 		policy.Protect = old 	}  	if !policy.defined() {-		return nil, nil+		return nil, false, nil+	}+	return &policy, unprotectedRepo, nil+}++// BranchProtectionWarnings returns two sets of strings:+// - The list of repos with unprotected branches,+// - The list of repos with disabled policies, i.e. Protect set to false,+//     because any branches not explicitly specified in the configuration will be unprotected.+func (c *Config) BranchProtectionWarnings() ([]string, []string) {+	branchWarns := sets.NewString()+	repoWarns := sets.NewString()+	for orgName, org := range c.BranchProtection.Orgs {+		for repoName, repo := range org.Repos {+			repoRef := fmt.Sprintf("%s/%s", orgName, repoName)+			repoPolicy := c.BranchProtection.GetOrg(orgName).GetRepo(repoName)+			if repoPolicy.Protect != nil && !*repoPolicy.Protect {+				if c.BranchProtection.AllowDisabledPolicies {+					repoWarns.Insert(repoRef)+				}+			}+			for branchName := range repo.Branches {+				b, err := repoPolicy.GetBranch(branchName)+				if err != nil {+					continue+				}+				_, unprotectedRepo, err := c.getBranchPolicy(orgName, repoName, branchName, *b)

Thanks for the review. Done.

adshmh

comment created time in 4 months

more