Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

In s390x publish centos9 and kubevirtci jobs, do GCS calls without auth where possible #3945

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

In s390x publish centos9 and kubevirtci jobs, do GCS calls without auth where possible #3945

wants to merge 1 commit into from

Conversation

chandramerla
Copy link
Contributor

What this PR does / why we need it:
In s390x publish centos9 and kubevirtci jobs, do GCS calls to check for existence and contents of the publicly available files under kubevirt-prow/release/kubevirt/kubevirtci/ without authentication

As there are limits to number of refresh tokens that are issued per client-user combination in GCS, and beyond limits it may make old token to stop working, so we are reducing the token usage with this fix.
Ref: https://developers.google.com/identity/protocols/oauth2#5.-refresh-the-access-token,-if-necessary.
#3812

This PR is adds to the previous PR 3812 to fix the issue

This should address prow job failures like:
periodic-kubevirtci-bump-centos-base-s390x/1871405677058985984
publish-kubevirtci-s390x/1886882224930820096

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:
@brianmcarey As you suggested earlier, I'm using the curl without auth for publicly available URLs. Apologies for implementing it late. Please review.

Checklist

This checklist is not enforcing, but it's a reminder of items that could be relevant to every PR.
Approvers are expected to review this list.

Release note:

NONE

@kubevirt-bot kubevirt-bot added the dco-signoff: yes Indicates the PR's author has DCO signed all their commits. label Feb 7, 2025
@kubevirt-bot kubevirt-bot requested review from enp0s3 and qinqon February 7, 2025 13:22
@kubevirt-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign dhiller for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@chandramerla
Copy link
Contributor Author

/cc @brianmcarey

@chandramerla
Allow cat and stat functions of gcs_restapi.sh to be called without a…
4007b80 
…uthentication

Signed-off-by: chandramerla <Chandra.Merla@ibm.com>
@chandramerla chandramerla force-pushed the use-curl-for-s390x-gcs-calls branch from c89d9e8 to 4007b80 Compare February 7, 2025 19:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@enp0s3 enp0s3 Awaiting requested review from enp0s3

@qinqon qinqon Awaiting requested review from qinqon

@brianmcarey brianmcarey Awaiting requested review from brianmcarey

Assignees
No one assigned
Labels
dco-signoff: yes Indicates the PR's author has DCO signed all their commits. size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chandramerla @kubevirt-bot