pkg: validate: validate Username not empty in ImageStatus #250
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
👍 |
runcom
force-pushed
the
validate-image-status-username
branch
2 times, most recently
from
33877da to
c817f49
Compare
|
@feiskyer @Random-Liu do you know why the test pull the image but show an empty Username field in status? |
|
@runcom 1002 is actually a Uid instead of username, could we change the validation to check Uid instead? |
|
Yup, blame on me |
|
We need a test for Username as well, I'll add one |
|
@feiskyer actually, there's no UID field in image status, that's why I was asking |
runcom
force-pushed
the
validate-image-status-username
branch
from
c817f49 to
c5e0aa9
Compare
|
blame on me again, I've fixed the PR, thanks! |
runcom
force-pushed
the
validate-image-status-username
branch
3 times, most recently
from
9713118 to
23d2b64
Compare
|
ready now |
|
Can we put the Dockerfile into this repo? I can build one and push to gcr kubernetes test image repo. |
|
Yup, I can do it, can we do the same for the PR I've opened in kubernetes/kubernetes as well? @Random-Liu |
runcom
force-pushed
the
validate-image-status-username
branch
from
23d2b64 to
718162d
Compare
k8s-ci-robot
added
size/L
|
@Random-Liu this PR now contains your PR #252 - I've added the Dockerfile under |
|
#252 is merged. Please update your PR and I'll review. :) |
runcom
force-pushed
the
validate-image-status-username
branch
from
718162d to
6445f59
Compare
k8s-ci-robot
added
size/M
runcom
force-pushed
the
validate-image-status-username
branch
2 times, most recently
from
fdeed0e to
ef01abf
Compare
|
@Random-Liu updated, please push test images on gcr.io or otherwise this will fail :) |
| @@ -0,0 +1,24 @@ | |||
| # Copyright 2018 The Kubernetes Authors. | |||
There was a problem hiding this comment.
I got this:
Makefile:23: *** non-numeric first argument to 'word' function: '{1..4}'. Stop.
There was a problem hiding this comment.
should be fixed now.
runcom
force-pushed
the
validate-image-status-username
branch
from
ef01abf to
98fcad9
Compare
k8s-ci-robot
added
size/L
|
@Random-Liu PTAL again please |
pkg/validate/image.go
Outdated
| @@ -36,6 +37,15 @@ const ( | |||
|
|
|||
| // digested reference for test image | |||
| testImageWithDigest = "gcr.io/cri-tools/test-image-digest@sha256:9179135b4b4cc5a8721e09379244807553c318d92fa3111a65133241551ca343" | |||
|
|
|||
| testImageUserUID = "gcr.io/cri-tools/test-user-uid" | |||
There was a problem hiding this comment.
s/test-user-uid/test-image-user-uid
and also the following images.
pkg/validate/image.go
Outdated
| }, | ||
| { | ||
| description: "Username only", | ||
| image: testImageUserUID, |
|
@runcom Image pushed. |
Kubernetes rely on that Username field to provide RunAsUser, we need to validate runtimes correctly return it. We had recently an issue in CRI-O for that. Signed-off-by: Antonio Murdaca <[email protected]>
runcom
force-pushed
the
validate-image-status-username
branch
from
98fcad9 to
e082452
Compare
|
@Random-Liu took care of your comments and this is now green |
k8s-ci-robot
added
the
lgtm
Kubernetes rely on that Username field to provide RunAsUser, we need to
validate runtimes correctly return it. We had recently an issue in
CRI-O for that.
@feiskyer @mrunalp PTAL
Signed-off-by: Antonio Murdaca [email protected]