Mirror from OCM around 56 #80
Merged
Commits on Apr 18, 2023
-
This should make it slightly more re-usable in other controllers. In particular this allows the `instance` to be `nil`, which might be the case if the template was not created. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit c6dadad)
-
Add clientset to template-sync reconciler
This might be slightly more performant, and other things can use this clientset. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit c01cf0a)
-
Synchronously emit template events
Previously, the controller-runtime event recorder was used for these events. Other policy controllers have moved away from that, for various reasons. In this case, if a policy went from pending to noncompliant and back to pending, the "old" pending event would be re-used by the event recorder, and only the `lastTimestamp` would be updated. In this case, if a policy controller emitted a compliance event within the same second as the Pending event, the status-sync would see it as a tie, and use the hex-encoded nanoseconds in the event name. But the event name was not updated from the original instance when the policy was pending, so the events would be ordered incorrectly. Most error cases from this synchronous sending can be ignored because they are already error cases that would be requeued. Refs: - https://issues.redhat.com/browse/ACM-4699 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit f0e2c60)
Commits on Apr 21, 2023
-
Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit d6cb733)
-
The KinD tests action will now run the gosec-scan, and that target will fail if any vulnerabilities are found. The target was also configured to ignore the test code. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit 8c251da)
-
Add more information to the e2e-debug
Information about the gatekeeper pods might help if those tests fail. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit 0034b03)
-
Fix test assertion for duplicate events
The test is meant to ensure that the gatekeeper-sync is not emitting the same event multiple times in a row. But the assertion was failing sometimes because of duplicate events from template-errors. Those will sometimes occur during normal (correct) operation of the template-sync. Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com> (cherry picked from commit 906dcff)
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.