Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow cluster creation by a normal ACS user #357

Merged
merged 3 commits into from
Jun 5, 2024
Merged

Allow cluster creation by a normal ACS user #357

merged 3 commits into from
Jun 5, 2024

Conversation

vishesh92
Copy link
Member

Issue #, if available: Fixes #303

Description of changes:

  • Domain information is not required for a normal user account. So, if the credentials don't have access to listDomains, it will no longer fail.
  • If the user sets expunge to true when it doesn't have the capability, the request fails. This PR includes changes which first checks if the user has access to expunge volumes or not and then set the expunge parameter accordingly.

Testing performed:
Launched and removed a test cluster with a normal user account.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels May 23, 2024
@netlify Netlify
Copy link

netlify bot commented May 23, 2024
edited
Loading

Deploy Preview for kubernetes-sigs-cluster-api-cloudstack ready!

Name Link
🔨 Latest commit 927ca0a
🔍 Latest deploy log https://app.netlify.com/sites/kubernetes-sigs-cluster-api-cloudstack/deploys/665f59f03df4150008099b2f
😎 Deploy Preview https://deploy-preview-357--kubernetes-sigs-cluster-api-cloudstack.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@vishesh92
Copy link
Member Author

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label May 23, 2024
@vishesh92 vishesh92 changed the title Allow creation normal user Allow cluster creation by a normal ACS user May 23, 2024
@kubernetes-sigs kubernetes-sigs deleted a comment from blueorangutan May 23, 2024
@vishesh92 vishesh92 force-pushed the allow-creation-normal-user branch from cae8d4f to f8e540a Compare May 23, 2024 19:59
@blueorangutan
Copy link

Test Results : (tid-429)
Environment: kvm Rocky8(x3), Advanced Networking with Management Server Rocky8
Kubernetes Version: v1.27.2
Kubernetes Version upgrade from: v1.26.5
Kubernetes Version upgrade to: v1.27.2
CloudStack Version: 4.19
Template: ubuntu-2004-kube
E2E Test Run Logs: https://github.com/blueorangutan/capc-prs/releases/download/capc-pr-ci-cd/capc-e2e-artifacts-pr357-sl-429.zip



Summarizing 4 Failures:
 [FAIL] When testing resource cleanup [AfterEach] Should create a new network when the specified network does not exist
 /jenkins/workspace/capc-e2e-new/test/e2e/resource_cleanup.go:101
 [FAIL] When testing affinity group [It] Should have host affinity group when affinity is pro
 /jenkins/workspace/capc-e2e-new/test/e2e/common.go:332
 [FAIL] When testing Kubernetes version upgrades [It] Should successfully upgrade kubernetes versions when there is a change in relevant fields
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/machinedeployment_helpers.go:127
 [TIMEDOUT] When testing app deployment to the workload cluster with slow network [ToxiProxy] [It] Should be able to download an HTML from the app deployed to the workload cluster
 /jenkins/workspace/capc-e2e-new/test/e2e/deploy_app_toxi.go:95

Ran 28 of 29 Specs in 10814.723 seconds
FAIL! - Suite Timeout Elapsed -- 24 Passed | 4 Failed | 0 Pending | 1 Skipped
--- FAIL: TestE2E (10814.72s)
FAIL

@blueorangutan
Copy link

Test Results : (tid-430)
Environment: kvm Rocky8(x3), Advanced Networking with Management Server Rocky8
Kubernetes Version: v1.27.2
Kubernetes Version upgrade from: v1.26.5
Kubernetes Version upgrade to: v1.27.2
CloudStack Version: 4.19
Template: ubuntu-2004-kube
E2E Test Run Logs: https://github.com/blueorangutan/capc-prs/releases/download/capc-pr-ci-cd/capc-e2e-artifacts-pr357-sl-430.zip



Summarizing 4 Failures:
 [FAIL] When testing affinity group [It] Should have host affinity group when affinity is pro
 /jenkins/workspace/capc-e2e-new/test/e2e/common.go:332
 [FAIL] When testing resource cleanup [BeforeEach] Should create a new network when the specified network does not exist
 /jenkins/workspace/capc-e2e-new/test/e2e/resource_cleanup.go:62
 [FAIL] When testing Kubernetes version upgrades [It] Should successfully upgrade kubernetes versions when there is a change in relevant fields
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/machinedeployment_helpers.go:127
 [FAIL] with two clusters [It] should successfully add and remove a second cluster without breaking the first cluster
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/clusterctl/clusterctl_helpers.go:345

Ran 28 of 29 Specs in 10660.938 seconds
FAIL! -- 24 Passed | 4 Failed | 0 Pending | 1 Skipped
--- FAIL: TestE2E (10660.94s)
FAIL

@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels May 24, 2024
@vishesh92 vishesh92 requested review from rohityadavcloud, g-gaston and weizhouapache and removed request for chrisdoherty4 and davidjumani May 24, 2024 08:18
@weizhouapache
Copy link
Collaborator

/run-e2e -c 4.19

@blueorangutan
Copy link

@weizhouapache a jenkins job has been kicked to run test with following paramaters:

  • kubernetes version: 1.27.2
  • CloudStack version: 4.19
  • hypervisor: kvm
  • template: ubuntu-2004-kube
  • Kubernetes upgrade from: 1.26.5 to 1.27.2

@blueorangutan
Copy link

Test Results : (tid-438)
Environment: kvm Rocky8(x3), Advanced Networking with Management Server Rocky8
Kubernetes Version: v1.27.2
Kubernetes Version upgrade from: v1.26.5
Kubernetes Version upgrade to: v1.27.2
CloudStack Version: 4.19
Template: ubuntu-2004-kube
E2E Test Run Logs: https://github.com/blueorangutan/capc-prs/releases/download/capc-pr-ci-cd/capc-e2e-artifacts-pr357-sl-438.zip



Summarizing 4 Failures:
 [FAIL] When testing affinity group [It] Should have host affinity group when affinity is pro
 /jenkins/workspace/capc-e2e-new/test/e2e/common.go:332
 [FAIL] When testing Kubernetes version upgrades [It] Should successfully upgrade kubernetes versions when there is a change in relevant fields
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/machinedeployment_helpers.go:127
 [FAIL] When testing subdomain [It] Should create a cluster in a subdomain
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/clusterctl/clusterctl_helpers.go:345
 [TIMEDOUT] When the specified resource does not exist When starting with a healthy cluster [BeforeEach] Should fail to upgrade worker machine due to insufficient compute resources
 /jenkins/workspace/capc-e2e-new/test/e2e/invalid_resource.go:111

Ran 27 of 29 Specs in 10816.279 seconds
FAIL! - Suite Timeout Elapsed -- 23 Passed | 4 Failed | 0 Pending | 2 Skipped
--- FAIL: TestE2E (10816.28s)
FAIL

@weizhouapache
Copy link
Collaborator

/run-e2e -c 4.18

@blueorangutan
Copy link

@weizhouapache a jenkins job has been kicked to run test with following paramaters:

  • kubernetes version: 1.27.2
  • CloudStack version: 4.18
  • hypervisor: kvm
  • template: ubuntu-2004-kube
  • Kubernetes upgrade from: 1.26.5 to 1.27.2

@weizhouapache
Copy link
Collaborator

/run-e2e -c 4.19

@blueorangutan
Copy link

@weizhouapache a jenkins job has been kicked to run test with following paramaters:

  • kubernetes version: 1.27.2
  • CloudStack version: 4.19
  • hypervisor: kvm
  • template: ubuntu-2004-kube
  • Kubernetes upgrade from: 1.26.5 to 1.27.2

@vishesh92 vishesh92 force-pushed the allow-creation-normal-user branch from 4d6f23b to c33b90e Compare May 28, 2024 19:46
@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels May 28, 2024
@blueorangutan
Copy link

Test Results : (tid-443)
Environment: kvm Rocky8(x3), Advanced Networking with Management Server Rocky8
Kubernetes Version: v1.27.2
Kubernetes Version upgrade from: v1.26.5
Kubernetes Version upgrade to: v1.27.2
CloudStack Version: 4.19
Template: ubuntu-2004-kube
E2E Test Run Logs: https://github.com/blueorangutan/capc-prs/releases/download/capc-pr-ci-cd/capc-e2e-artifacts-pr357-sl-443.zip



Summarizing 2 Failures:
 [FAIL] When testing affinity group [It] Should have host affinity group when affinity is pro
 /jenkins/workspace/capc-e2e-new/test/e2e/common.go:348
 [FAIL] When testing project [AfterEach] Should create a cluster in a project
 /jenkins/workspace/capc-e2e-new/test/e2e/project.go:103

Ran 29 of 30 Specs in 9626.760 seconds
FAIL! -- 27 Passed | 2 Failed | 0 Pending | 1 Skipped
--- FAIL: TestE2E (9626.76s)
FAIL

@weizhouapache
Copy link
Collaborator

Summarizing 2 Failures:
[FAIL] When testing affinity group [It] Should have host affinity group when affinity is pro
/jenkins/workspace/capc-e2e-new/test/e2e/common.go:348
[FAIL] When testing project [AfterEach] Should create a cluster in a project
/jenkins/workspace/capc-e2e-new/test/e2e/project.go:103

the only failure which occurred in previous tests is

 [FAIL] When testing affinity group [It] Should have host affinity group when affinity is pro
 /jenkins/workspace/capc-e2e-new/test/e2e/common.go:348

@weizhouapache
Copy link
Collaborator

/run-e2e -c 4.19

@blueorangutan
Copy link

@weizhouapache a jenkins job has been kicked to run test with following paramaters:

  • kubernetes version: 1.27.2
  • CloudStack version: 4.19
  • hypervisor: kvm
  • template: ubuntu-2004-kube
  • Kubernetes upgrade from: 1.26.5 to 1.27.2

@blueorangutan
Copy link

Test Results : (tid-454)
Environment: kvm Rocky8(x3), Advanced Networking with Management Server Rocky8
Kubernetes Version: v1.27.2
Kubernetes Version upgrade from: v1.26.5
Kubernetes Version upgrade to: v1.27.2
CloudStack Version: 4.19
Template: ubuntu-2004-kube
E2E Test Run Logs: https://github.com/blueorangutan/capc-prs/releases/download/capc-pr-ci-cd/capc-e2e-artifacts-pr357-sl-454.zip



Summarizing 3 Failures:
 [FAIL] When testing resource cleanup [AfterEach] Should create a new network when the specified network does not exist
 /jenkins/workspace/capc-e2e-new/test/e2e/resource_cleanup.go:101
 [FAIL] When testing app deployment to the workload cluster with slow network [ToxiProxy] [It] Should be able to download an HTML from the app deployed to the workload cluster
 /jenkins/workspace/capc-e2e-new/test/e2e/deploy_app_toxi.go:133
 [FAIL] When testing project [AfterEach] Should create a cluster in a project
 /jenkins/workspace/capc-e2e-new/test/e2e/project.go:103

Ran 29 of 30 Specs in 9303.941 seconds
FAIL! -- 26 Passed | 3 Failed | 0 Pending | 1 Skipped
--- FAIL: TestE2E (9303.94s)
FAIL

@weizhouapache
Copy link
Collaborator

Summarizing 3 Failures:
[FAIL] When testing resource cleanup [AfterEach] Should create a new network when the specified network does not exist
/jenkins/workspace/capc-e2e-new/test/e2e/resource_cleanup.go:101
[FAIL] When testing app deployment to the workload cluster with slow network [ToxiProxy] [It] Should be able to download an HTML from the app deployed to the workload cluster
/jenkins/workspace/capc-e2e-new/test/e2e/deploy_app_toxi.go:133
[FAIL] When testing project [AfterEach] Should create a cluster in a project
/jenkins/workspace/capc-e2e-new/test/e2e/project.go:103

the failures are inconsistent

@rohityadavcloud rohityadavcloud added this to the v0.5.0 milestone May 31, 2024
@rohityadavcloud
Copy link
Member

/approve

Didn't test it myself, this may need some manual QA if automated tests don't exist.

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rohityadavcloud, vishesh92

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [rohityadavcloud,vishesh92]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

g-gaston
g-gaston reviewed Jun 4, 2024
View reviewed changes
Copy link
Contributor

@g-gaston g-gaston left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good just one question

api/v1beta2/cloudstackfailuredomain_conversion.go Outdated Show resolved Hide resolved
@vishesh92 vishesh92 force-pushed the allow-creation-normal-user branch from c33b90e to 927ca0a Compare June 4, 2024 18:16
@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jun 4, 2024
@kubernetes-sigs kubernetes-sigs deleted a comment from blueorangutan Jun 5, 2024
@blueorangutan
Copy link

Test Results : (tid-477)
Environment: kvm Rocky8(x3), Advanced Networking with Management Server Rocky8
Kubernetes Version: v1.27.2
Kubernetes Version upgrade from: v1.26.5
Kubernetes Version upgrade to: v1.27.2
CloudStack Version: 4.19
Template: ubuntu-2004-kube
E2E Test Run Logs: https://github.com/blueorangutan/capc-prs/releases/download/capc-pr-ci-cd/capc-e2e-artifacts-pr357-sl-477.zip



Summarizing 8 Failures:
 [FAIL] When testing with disk offering [It] Should successfully create a cluster with disk offering
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [FAIL] When testing Kubernetes version upgrades [It] Should successfully upgrade kubernetes versions when there is a change in relevant fields
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [FAIL] When testing app deployment to the workload cluster [TC1][PR-Blocking] [It] Should be able to download an HTML from the app deployed to the workload cluster
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [FAIL] When testing node drain timeout [It] A node should be forcefully removed if it cannot be drained in time
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [FAIL] When testing app deployment to the workload cluster with slow network [ToxiProxy] [It] Should be able to download an HTML from the app deployed to the workload cluster
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [FAIL] When testing project [It] Should create a cluster in a project
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [FAIL] When testing subdomain [It] Should create a cluster in a subdomain
 /root/go/pkg/mod/sigs.k8s.io/cluster-api/[email protected]/framework/controlplane_helpers.go:193
 [TIMEDOUT] When testing with custom disk offering [It] Should successfully create a cluster with a custom disk offering
 /jenkins/workspace/capc-e2e-new/test/e2e/custom_disk_offering.go:61

Ran 8 of 30 Specs in 10816.265 seconds
FAIL! - Suite Timeout Elapsed -- 0 Passed | 8 Failed | 0 Pending | 22 Skipped
--- FAIL: TestE2E (10816.27s)
FAIL

g-gaston
g-gaston reviewed Jun 5, 2024
View reviewed changes
Copy link
Contributor

@g-gaston g-gaston left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 5, 2024
@k8s-ci-robot k8s-ci-robot merged commit ea9c5f6 into kubernetes-sigs:main Jun 5, 2024
10 checks passed
@vishesh92 vishesh92 deleted the allow-creation-normal-user branch June 5, 2024 19:42
@blueorangutan
Copy link

Tests were aborted.

hrak added a commit to Leaseweb/cluster-api-provider-cloudstack that referenced this pull request Sep 12, 2024
@hrak
fix: Allow normal ACS user to create a cluster
0c71016 
Upstream PR kubernetes-sigs#357
@hrak hrak mentioned this pull request Oct 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@g-gaston g-gaston g-gaston left review comments

@rohityadavcloud rohityadavcloud Awaiting requested review from rohityadavcloud

@weizhouapache weizhouapache Awaiting requested review from weizhouapache

Assignees

@g-gaston g-gaston

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release:must-have size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v0.5.0
Development

Successfully merging this pull request may close these issues.

Support CloudStack normal user account
6 participants
@vishesh92 @blueorangutan @weizhouapache @rohityadavcloud @k8s-ci-robot @g-gaston