Skip to content

CORS-4259, CORS-4260: Move the gcp permission check to a common file in install config. #10018

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

CORS-4259, CORS-4260: Move the gcp permission check to a common file in install config. #10018

wants to merge 6 commits into from
+712,864 −207,386

Conversation

@barbacbd
Copy link
Contributor

No description provided.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Oct 15, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Oct 15, 2025
edited by openshift-ci bot
Loading

@barbacbd: This pull request references CORS-4259 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@barbacbd
Copy link
Contributor Author

/hold

This will require changes to CAPG version 1.10.x

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 15, 2025
@barbacbd
Copy link
Contributor Author

/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Oct 16, 2025
@barbacbd barbacbd changed the title CORS-4259: Move the gcp permission check to a common file in install config. CORS-4259, CORS-4260: Move the gcp permission check to a common file in install config. Oct 16, 2025
@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Oct 16, 2025
edited by openshift-ci bot
Loading

@barbacbd: This pull request references CORS-4259 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

This pull request references CORS-4260 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@barbacbd
Copy link
Contributor Author

/jira refresh

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Oct 16, 2025
edited by openshift-ci bot
Loading

@barbacbd: This pull request references CORS-4259 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set.

This pull request references CORS-4260 which is a valid jira issue.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@barbacbd
Copy link
Contributor Author

/jira refresh

@openshift-ci-robot
Copy link
Contributor

openshift-ci-robot commented Oct 16, 2025
edited by openshift-ci bot
Loading

@barbacbd: This pull request references CORS-4259 which is a valid jira issue.

This pull request references CORS-4260 which is a valid jira issue.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@barbacbd
Copy link
Contributor Author

/retest-required

@barbacbd
CORS-4259: Move the gcp permission check to a common file in install …
95951c8 
…config.

permissions.go:

** Function is moved to file in installconfig so that this can be used in other places.
@barbacbd
Update the main vendor for cluster api provider gcp. This currently p…
e2d1f87 
…ulls

in the latest from the release-1.10 branch for CAPG. We cannot currently
update to the main branch of CAPG because it requires CAPI 1.11. This would
be a breaking change.
@barbacbd
Update the CAPG infrastructure generated from the latest commit on CA…
8bc7c55 
…PG release-1.10.
@barbacbd
Updating CAPG in the cluster-api/providers/gcp directory
cce89ca 
to ensure ensure that all versions for CAPG are the same.
@barbacbd
Copy link
Contributor Author

/retest-required

tthvo
tthvo reviewed Oct 23, 2025
View reviewed changes
@barbacbd
CORS-4259: Use the firewall rule management policy
dc5d882 
** manifests/gcp/cluster.go

Update the capg spec to pass the firewall rule management policy
based on whether the user has the permissions to create firewall rules.
@barbacbd
CORS-4260: Remove xpn only checks for firewall permissions
45966d3
tthvo
tthvo reviewed Oct 23, 2025
View reviewed changes
Copy link
Member

@tthvo tthvo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good to me!

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 23, 2025
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 24, 2025

@barbacbd: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-gcp-custom-endpoints 45966d3 link false /test e2e-gcp-custom-endpoints
ci/prow/aws-private 45966d3 link false /test aws-private
ci/prow/e2e-aws-ovn-imdsv2 45966d3 link false /test e2e-aws-ovn-imdsv2
ci/prow/e2e-gcp-xpn-dedicated-dns-project 45966d3 link false /test e2e-gcp-xpn-dedicated-dns-project
ci/prow/e2e-azurestack 45966d3 link false /test e2e-azurestack
ci/prow/azure-ovn-marketplace-images 45966d3 link false /test azure-ovn-marketplace-images
ci/prow/azure-private 45966d3 link false /test azure-private
ci/prow/e2e-aws-ovn-heterogeneous 45966d3 link false /test e2e-aws-ovn-heterogeneous
ci/prow/e2e-azure-ovn-shared-vpc 45966d3 link false /test e2e-azure-ovn-shared-vpc
ci/prow/okd-scos-e2e-aws-ovn 45966d3 link false /test okd-scos-e2e-aws-ovn
ci/prow/e2e-aws-byo-subnet-role-security-groups 45966d3 link false /test e2e-aws-byo-subnet-role-security-groups
ci/prow/e2e-aws-ovn-edge-zones 45966d3 link false /test e2e-aws-ovn-edge-zones
ci/prow/e2e-gcp-secureboot 45966d3 link false /test e2e-gcp-secureboot

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@patrickdillon
Copy link
Contributor

/approve

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 27, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: patrickdillon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 27, 2025
@tthvo
Copy link
Member

tthvo commented Nov 3, 2025

/retest

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 3, 2025
@openshift-merge-robot
Copy link
Contributor

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andfasano andfasano Awaiting requested review from andfasano

@patrickdillon patrickdillon Awaiting requested review from patrickdillon

1 more reviewer

@tthvo tthvo tthvo left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@tthvo tthvo

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@barbacbd @openshift-ci-robot @patrickdillon @tthvo @openshift-merge-robot