Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support auto generation of Subscriptions identity service account and… #7338

Merged
merged 8 commits into from
Oct 16, 2023
Merged

Support auto generation of Subscriptions identity service account and… #7338

merged 8 commits into from
Oct 16, 2023

Conversation

xiangpingjiang
Copy link
Contributor

@xiangpingjiang xiangpingjiang commented Oct 6, 2023
edited
Loading

Fixes #7223

Proposed Changes

  • 🎁 Expose the name of the OIDC service account in the Subscriptions .status.auth.serviceAccountName
  • 🎁 Create the OIDC service account of the Subscriptions

Pre-review Checklist

  • At least 80% unit test coverage
  • E2E tests for any new behavior
  • Docs PR for any user-facing impact
  • Spec PR for any new API feature
  • Conformance test for any change to the spec

Release Note

Expose the SubscriptionsOIDC service account name in the Subscriptions.status.auth.serviceAccountName

Docs

@xiangpingjiang
Support auto generation of Subscriptions identity service account and…
37879fe 
… expose in AuthStatus

Signed-off-by: pingjiang <xiangpingjiang1998@gmail.com>
@knative-prow knative-prow bot added needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Oct 6, 2023
@knative-prow
Copy link

knative-prow bot commented Oct 6, 2023

Hi @xiangpingjiang. Thanks for your PR.

I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@xiangpingjiang
fix unit test
c9a58f4 
Signed-off-by: pingjiang <xiangpingjiang1998@gmail.com>
@xiangpingjiang xiangpingjiang marked this pull request as draft October 6, 2023 14:43
@knative-prow knative-prow bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 6, 2023
@xiangpingjiang xiangpingjiang changed the title Support auto generation of Subscriptions identity service account and… [WIP] Support auto generation of Subscriptions identity service account and… Oct 6, 2023
@xiangpingjiang
fix unit test
54834d6 
Signed-off-by: pingjiang <xiangpingjiang1998@gmail.com>
@xiangpingjiang
Copy link
Contributor Author

xiangpingjiang commented Oct 6, 2023
edited
Loading

hello @creydr
This unit test failed link, I think we need also disable OIDC for Subscription in WantStatusUpdates ,
But func WithSubscriptionOptionOIDCIdentityCreatedSucceededBecauseOIDCFeatureDisabled return SubscriptionOption, can't put in NewTrigger , do you have any ideas to solve this problem? Thanks

@creydr
Copy link
Member

creydr commented Oct 8, 2023

hello @creydr This unit test failed link, I think we need also disable OIDC for Subscription in WantStatusUpdates , But func WithSubscriptionOptionOIDCIdentityCreatedSucceededBecauseOIDCFeatureDisabled return SubscriptionOption, can't put in NewTrigger , do you have any ideas to solve this problem? Thanks

Hi @xiangpingjiang,
thanks for your PR. The problem is probably, because the tests uses the makeReadySubscription() function, which uses the eventingv1.TestHelper.ReadySubscriptionStatus(). And this function does not set the OIDCIdentityCreated status yet. So I guess, when you update the TestHelper.ReadySubscriptionStatus() function to mark the OIDCIdentityCreated status as succeeded too, it should work.

/ok-to-test

@knative-prow knative-prow bot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Oct 8, 2023
@xiangpingjiang
fix unit test
a754e2c 
Signed-off-by: pingjiang <xiangpingjiang1998@gmail.com>
@codecov
Copy link

codecov bot commented Oct 9, 2023
edited
Loading

Codecov Report

Attention: 11 lines in your changes are missing coverage. Please review.

Comparison is base (a0e4c18) 76.86% compared to head (cb12b81) 76.83%.
Report is 9 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7338      +/-   ##
==========================================
- Coverage   76.86%   76.83%   -0.04%     
==========================================
  Files         252      252              
  Lines       13727    13768      +41     
==========================================
+ Hits        10551    10578      +27     
- Misses       2650     2661      +11     
- Partials      526      529       +3
Files Coverage Δ
pkg/reconciler/subscription/subscription.go 84.10% <100.00%> (+0.64%) ⬆️
pkg/apis/eventing/v1/test_helper.go 91.56% <0.00%> (-1.12%) ⬇️
pkg/apis/messaging/v1/subscription_lifecycle.go 57.89% <50.00%> (-2.11%) ⬇️
pkg/reconciler/subscription/controller.go 89.09% <71.42%> (-10.91%) ⬇️

... and 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@xiangpingjiang xiangpingjiang marked this pull request as ready for review October 9, 2023 17:03
@xiangpingjiang xiangpingjiang changed the title [WIP] Support auto generation of Subscriptions identity service account and… Support auto generation of Subscriptions identity service account and… Oct 9, 2023
@knative-prow knative-prow bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 9, 2023
@creydr
Copy link
Member

creydr commented Oct 10, 2023

@xiangpingjiang Thanks for this PR. Is is ready for review?

@xiangpingjiang
Copy link
Contributor Author

@xiangpingjiang Thanks for this PR. Is is ready for review?

@creydr .
Yes, It's ready. Thanks

creydr
creydr requested changes Oct 10, 2023
View reviewed changes
Copy link
Member

@creydr creydr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot @xiangpingjiang for your PR 🎉 Looking good so far 👍
I just left a few comments.

pkg/apis/messaging/v1/subscription_lifecycle_test.go Outdated Show resolved Hide resolved
pkg/apis/messaging/v1/subscription_lifecycle_test.go Show resolved Hide resolved
pkg/reconciler/testing/v1/subscription.go Outdated Show resolved Hide resolved
pkg/reconciler/subscription/controller.go Outdated Show resolved Hide resolved
pkg/reconciler/subscription/subscription_test.go Outdated Show resolved Hide resolved
pkg/reconciler/subscription/subscription_test.go Outdated Show resolved Hide resolved
pkg/reconciler/subscription/subscription_test.go Outdated Show resolved Hide resolved
xiangpingjiang and others added 2 commits October 12, 2023 00:08
@xiangpingjiang
Merge branch 'knative:main' into subscriptions
88014a7
@xiangpingjiang
changes after rewiews
2972ed4 
Signed-off-by: pingjiang <xiangpingjiang1998@gmail.com>
@xiangpingjiang xiangpingjiang marked this pull request as draft October 12, 2023 16:15
@knative-prow knative-prow bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 12, 2023
@creydr
Copy link
Member

creydr commented Oct 13, 2023

/retest

@xiangpingjiang I saw you converted this into a draft again. Let me know when this is ready for review again

@creydr creydr mentioned this pull request Oct 13, 2023
Closed
@xiangpingjiang
add globalResync
008d695 
Signed-off-by: pingjiang <xiangpingjiang1998@gmail.com>
@xiangpingjiang xiangpingjiang marked this pull request as ready for review October 16, 2023 12:44
@knative-prow knative-prow bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 16, 2023
@knative-prow knative-prow bot requested a review from aliok October 16, 2023 12:44
creydr
creydr approved these changes Oct 16, 2023
View reviewed changes
Copy link
Member

@creydr creydr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for your contribution @xiangpingjiang 👍

/lgtm

@knative-prow knative-prow bot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Oct 16, 2023
@xiangpingjiang @creydr
Update pkg/reconciler/subscription/controller.go
cb12b81 
fix the linting

Co-authored-by: Christoph Stäbler <cstabler@redhat.com>
@knative-prow knative-prow bot removed the lgtm Indicates that a PR is ready to be merged. label Oct 16, 2023
creydr
creydr approved these changes Oct 16, 2023
View reviewed changes
Copy link
Member

@creydr creydr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@knative-prow knative-prow bot added the lgtm Indicates that a PR is ready to be merged. label Oct 16, 2023
@knative-prow
Copy link

knative-prow bot commented Oct 16, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: creydr, xiangpingjiang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow knative-prow bot merged commit 62ec33b into knative:main Oct 16, 2023
34 of 39 checks passed
@creydr creydr mentioned this pull request Oct 17, 2023
Merged
5 tasks
@xiangpingjiang xiangpingjiang deleted the subscriptions branch February 3, 2024 10:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@creydr creydr creydr approved these changes

@lionelvillard lionelvillard Awaiting requested review from lionelvillard

@matzew matzew Awaiting requested review from matzew

@lberk lberk Awaiting requested review from lberk

@odacremolbap odacremolbap Awaiting requested review from odacremolbap

@aliok aliok Awaiting requested review from aliok

Assignees

@creydr creydr

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support auto generation of Subscriptions identity service account and expose in AuthStatus
2 participants
@xiangpingjiang @creydr