fix(check-cluster-profiles-config): read secrets from config file#5312
fix(check-cluster-profiles-config): read secrets from config file#5312psalajova wants to merge 1 commit into
Conversation
|
Pipeline controller notification For optional jobs, comment This repository is configured in: automatic mode |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Repository YAML (base), Central YAML (inherited) Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (2)
🔗 Linked repositories identifiedCodeRabbit considers these linked repositories for cross-repo context during reviews:
🚧 Files skipped from review as they are similar to previous changes (2)
📝 WalkthroughWalkthroughThe validator now reads each cluster profile’s secret name directly, reports missing secret fields, and checks referenced Kubernetes Secrets in the ChangesCluster Secret Validation
Estimated code review effort: 3 (Moderate) | ~20 minutes Important Pre-merge checks failedPlease resolve all errors before merging. Addressing warnings is optional. ❌ Failed checks (1 error, 1 warning)
✅ Passed checks (15 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
2ef37b8 to
b4cc950
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: psalajova The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@psalajova: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
check-cluster-profiles-configpresubmit queried the live config resolver for secret names, which fails with 404 for newly introduced profiles. Fix: Read secret names from the config file under validation instead, since every non-set profile already declaressecret:there.https://redhat.atlassian.net/browse/DPTP-5051
Updates
check-cluster-profiles-configto validate Kubernetes Secret references directly from the cluster profile configuration being checked (instead of resolving against the live config-resolver). This avoids spurious 404 failures when new profiles are introduced that declare their secrets only in the config under validation, and it now flags an explicit validation error when a profile omits the secret field. Added test coverage for the success path (Secret exists), skipped profiles, missing Secrets, and missing/empty secret declarations.