Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

audit followup: inconsistent role bindings for k8s-infra-prow-viewers on e2e projects #1661

Closed
thockin opened this issue Feb 16, 2021 · 7 comments
Closed

audit followup: inconsistent role bindings for k8s-infra-prow-viewers on e2e projects #1661

thockin opened this issue Feb 16, 2021 · 7 comments
Assignees
@spiffxp
Labels
area/audit Audit of project resources, audit followup issues, code in audit/ area/prow Setting up or working with prow in general, prow.k8s.io, prow build clusters kind/bug Categorizes issue or PR as related to a bug. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/testing Categorizes an issue or PR as relevant to SIG Testing.
Milestone
v1.21

Comments

@thockin
Copy link
Member

thockin commented Feb 16, 2021

k8s-infra-e2e-boskos-scale-06 thru 30 do not have the following IAM binding (or maybe the issue is that 01-05 do have it)

    {
      "members": [
        "group:k8s-infra-prow-viewers@kubernetes.io"
      ],
      "role": "roles/viewer"
    }
@spiffxp
Copy link
Member

spiffxp commented Feb 17, 2021

/sig testing
/area prow
/priority important-soon
/milestone v1.21
/assign
this requires a re-run of infra/gcp/prow/ensure-e2e-projects.sh

@k8s-ci-robot k8s-ci-robot added sig/testing Categorizes an issue or PR as relevant to SIG Testing. area/prow Setting up or working with prow in general, prow.k8s.io, prow build clusters labels Feb 17, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.21 milestone Feb 17, 2021
@k8s-ci-robot k8s-ci-robot added the priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Feb 17, 2021
@spiffxp
Copy link
Member

spiffxp commented Feb 17, 2021

/kind bug

@k8s-ci-robot k8s-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Feb 17, 2021
@spiffxp
Copy link
Member

spiffxp commented Feb 17, 2021

/retitle audit followup: some boskos-scale projects missing IAM

@k8s-ci-robot k8s-ci-robot changed the title Some boskos-scale projects missing IAM audit followup: some boskos-scale projects missing IAM Feb 17, 2021
@spiffxp
Copy link
Member

spiffxp commented Feb 25, 2021

#1061 switched from using role/viewer to the custom role prow.viewer, so have role/viewer is the detritus that should be cleaned up

This was referenced Feb 25, 2021
Closed
Closed
@spiffxp spiffxp changed the title audit followup: some boskos-scale projects missing IAM audit followup: inconsistent role bindings for k8s-infra-prow-viewers on e2e projects Feb 25, 2021
This was referenced Feb 25, 2021
Merged
Merged
@spiffxp
Copy link
Member

spiffxp commented Mar 3, 2021

Confirmed consistent in #1748

Removing old role cleanup code in #1737

Then can call this done

@ameukam ameukam added the area/audit Audit of project resources, audit followup issues, code in audit/ label Mar 25, 2021
@spiffxp
Copy link
Member

spiffxp commented Apr 6, 2021

/close
Per the comment above, this is done. Think I was waiting for #1737 to merge.

@k8s-ci-robot
Copy link
Contributor

@spiffxp: Closing this issue.

In response to this:

/close
Per the comment above, this is done. Think I was waiting for #1737 to merge.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@spiffxp spiffxp

Labels
area/audit Audit of project resources, audit followup issues, code in audit/ area/prow Setting up or working with prow in general, prow.k8s.io, prow build clusters kind/bug Categorizes issue or PR as related to a bug. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. sig/testing Categorizes an issue or PR as relevant to SIG Testing.
Projects
None yet
Milestone
v1.21
Development

No branches or pull requests
4 participants
@spiffxp @ameukam @thockin @k8s-ci-robot