Skip to content

CORS-4184: Add STS IAMCredentials and OAuth Service for GCP Endpoint Overrides #2444

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

CORS-4184: Add STS IAMCredentials and OAuth Service for GCP Endpoint Overrides #2444

wants to merge 1 commit into from
+87 −36

Conversation

barbacbd
Copy link
Contributor

** These services were a bit unconventional. The STS service is not called directly in CCO but through a WIF template. The OAuth Service is also a bit unconventional, as it is never called directly but will still require a GCP endpoint override to ensure that the traffic does not go to the default google endpoint.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Aug 12, 2025
@openshift-ci-robot
Copy link

openshift-ci-robot commented Aug 12, 2025
edited by openshift-ci bot
Loading

@barbacbd: This pull request references CORS-4184 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set.

In response to this:

** These services were a bit unconventional. The STS service is not called directly in CCO but through a WIF template. The OAuth Service is also a bit unconventional, as it is never called directly but will still require a GCP endpoint override to ensure that the traffic does not go to the default google endpoint.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Aug 12, 2025

Hello @barbacbd! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

@openshift-ci openshift-ci bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Aug 12, 2025
@openshift-ci openshift-ci bot requested review from cgwalters and JoelSpeed August 12, 2025 12:12
@JoelSpeed
Copy link
Contributor

Do these changes require any further implementation, or is it, once in the API, we are good to go?

@sadasu
Copy link
Contributor

sadasu commented Aug 12, 2025

/test e2e-aws-ovn

@barbacbd
Copy link
Contributor Author

Do these changes require any further implementation, or is it, once in the API, we are good to go?

The installer will require the api import update. Other than that they should be good to go. The CCO is the use case here, but that will grab the infrastructure config.

@barbacbd
Copy link
Contributor Author

/retest-required

@barbacbd
Copy link
Contributor Author

/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 12, 2025
@barbacbd barbacbd mentioned this pull request Aug 12, 2025
Open
@barbacbd
CORS-4184: Add STS IAMCredentials and OAuth Service for GCP Endpoint …
82bc5fe 
…Overrides

** These services were a bit unconventional. The STS and IAMCredential services are not called directly in CCO but through a WIF
template. The OAuth Service is also a bit unconventional, as it is never called directly but will still
require a GCP endpoint override to ensure that the traffic does not go to the default google endpoint.
@barbacbd
Copy link
Contributor Author

/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 12, 2025
@barbacbd barbacbd changed the title CORS-4184: Add STS and OAuth Service for GCP Endpoint Overrides CORS-4184: Add STS IAMCredentials and OAuth Service for GCP Endpoint Overrides Aug 13, 2025
@JoelSpeed
Copy link
Contributor

/lgtm
/retest-required

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Aug 13, 2025
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Aug 13, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: barbacbd, JoelSpeed

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 13, 2025
@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD 88b2b21 and 2 for PR HEAD 82bc5fe in total

2 similar comments
@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD 88b2b21 and 2 for PR HEAD 82bc5fe in total

@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD 88b2b21 and 2 for PR HEAD 82bc5fe in total

@JoelSpeed
Copy link
Contributor

/retest-required

@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD 88b2b21 and 2 for PR HEAD 82bc5fe in total

1 similar comment
@openshift-ci-robot
Copy link

/retest-required

Remaining retests: 0 against base HEAD 88b2b21 and 2 for PR HEAD 82bc5fe in total

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Aug 14, 2025

@barbacbd: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/okd-scos-e2e-aws-ovn 82bc5fe link false /test okd-scos-e2e-aws-ovn
ci/prow/e2e-aws-serial-techpreview-2of2 82bc5fe link true /test e2e-aws-serial-techpreview-2of2

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cgwalters cgwalters Awaiting requested review from cgwalters

@JoelSpeed JoelSpeed Awaiting requested review from JoelSpeed

Assignees

@JoelSpeed JoelSpeed

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@barbacbd @openshift-ci-robot @JoelSpeed @sadasu