OCPBUGS-44641: GCP placing *.apps record in wrong managed zone #9216
Conversation
openshift-ci-robot
added
jira/severity-low
|
@barbacbd: This pull request references Jira Issue OCPBUGS-44641, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/cc @patrickdillon |
|
/label platform/google |
** The *.apps record is not being placed in the correct DNS Managed Zone. The existing managed zone should be used only during xpn installs. The ingress operator was supplied with the incorrect managed zone information.
barbacbd
force-pushed
the
OCPBUGS-44641
branch
from
f7729c1
to
7cf7241
Compare
pkg/asset/manifests/dns.go
Outdated
| @@ -67,6 +67,8 @@ func (*DNS) Dependencies() []asset.Asset { | |||
| } | |||
|
|
|||
| // Generate generates the DNS config and its CRD. | |||
| // | |||
| //nolint:gocyclo | |||
There was a problem hiding this comment.
Nit: it's nice to add a reason why it's ok to silence the linter.
There was a problem hiding this comment.
The way to fix this linting issue is to move the code into its own function, especially if you make the changes to check the PrivateVisabilityConfig of the zone
There was a problem hiding this comment.
I agree with this change: we should only do this for xpn installs, but it doesn't fix the bug in question. To fix the bug, you need to look at the zone.PrivateVisibilityConfig.Networks on the returned zone and ensure that it contains the network(s?) from the install config.
pkg/asset/manifests/dns.go
Outdated
| @@ -67,6 +67,8 @@ func (*DNS) Dependencies() []asset.Asset { | |||
| } | |||
|
|
|||
| // Generate generates the DNS config and its CRD. | |||
| // | |||
| //nolint:gocyclo | |||
There was a problem hiding this comment.
The way to fix this linting issue is to move the code into its own function, especially if you make the changes to check the PrivateVisabilityConfig of the zone
…twork that is expected to be used for installations.
openshift-ci
bot
added
the
qe-approved
|
@barbacbd: This pull request references Jira Issue OCPBUGS-44641, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: jianli-wei The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| if err != nil { | ||
| return "", fmt.Errorf("failed to get private zone for %q: %w", installConfig.Config.BaseDomain, err) | ||
| } | ||
| if zone != nil { |
There was a problem hiding this comment.
So the GetDNSZone call can return nil even if there weren't any errors?
There was a problem hiding this comment.
Yes, it returns nil when there are no zones found. It is not an error to find no zones. This is an indicator that a zone must be created.
pkg/asset/manifests/dns.go
Outdated
| expectedNetworkURL := fmt.Sprintf( | ||
| "https://www.googleapis.com/compute/v1/projects/%s/global/networks/%s", | ||
| installConfig.Config.GCP.NetworkProjectID, | ||
| installConfig.Config.GCP.Network, | ||
| ) |
There was a problem hiding this comment.
This is repeated in the capi code so maybe it's a candidate for a small shared function?
…with the network provided.
barbacbd
force-pushed
the
OCPBUGS-44641
branch
from
c9598d2
to
c6d93c8
Compare
|
/retest-required |
|
@barbacbd: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
** The *.apps record is not being placed in the correct DNS Managed Zone. The existing managed zone should be used only during xpn installs. The ingress operator was supplied with the incorrect managed zone information.