Skip to content

OSDOCS-1594 - Adding pod identity webhook content for ROSA #51026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 17, 2022
Merged

OSDOCS-1594 - Adding pod identity webhook content for ROSA #51026

merged 1 commit into from
Nov 17, 2022

Conversation

pneedle-rh
Copy link
Contributor

@pneedle-rh pneedle-rh commented Sep 29, 2022
edited
Loading

This applies to main, enterprise-4.12 and enterprise-4.11.

This relates to https://issues.redhat.com/browse/OSDOCS-1594. The PR adds an "Assuming an AWS IAM role for a service account" page to the ROSA documentation.

The preview is at https://51026--docspreview.netlify.app/openshift-rosa/latest/authentication/assuming-an-aws-iam-role-for-a-service-account.html.

@pneedle-rh pneedle-rh added this to the Continuous Release milestone Sep 29, 2022
@pneedle-rh pneedle-rh self-assigned this Sep 29, 2022
@openshift-ci openshift-ci bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 29, 2022
@ocpdocs-previewbot
Copy link

ocpdocs-previewbot commented Sep 29, 2022
edited
Loading

🤖 Updated build preview is available at:
https://51026--docspreview.netlify.app

Build log: https://circleci.com/gh/ocpdocs-previewbot/openshift-docs/3686

@pneedle-rh pneedle-rh force-pushed the osdocs-1594-add-pod-identity-webhook-content-rosa branch 3 times, most recently from d183388 to 29b740e Compare September 29, 2022 14:56
@openshift-ci openshift-ci bot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 29, 2022
@pneedle-rh pneedle-rh force-pushed the osdocs-1594-add-pod-identity-webhook-content-rosa branch 18 times, most recently from 6ce9e7c to 29dd7f5 Compare September 29, 2022 18:48
@pneedle-rh pneedle-rh changed the title [WIP] OSDOCS-1594 - Adding pod identity webhook content for ROSA OSDOCS-1594 - Adding pod identity webhook content for ROSA Nov 7, 2022
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Nov 7, 2022
@pneedle-rh pneedle-rh added the peer-review-needed Signifies that the peer review team needs to review this PR label Nov 7, 2022
@pneedle-rh
Copy link
Contributor Author

@sjenning and @michaelryanmcneill hi! Can you please review this PR from an SME perspective? Thanks!

@pneedle-rh
Copy link
Contributor Author

pneedle-rh commented Nov 7, 2022
edited
Loading

@michaelryanmcneill after some initial testing, I decided to create separate docs Jiras for your requests to add content for the optional annotations and the cross-account IAM permissions. We can address those items later, separately from this PR.

The Jiras are as follows:

  • OSDOCS-4492 - [Feature] Add regional endpoint annotations to the pod identity webhook content
  • OSDOCS-4493 - [Feature] Add a cross-account permissions section to the pod identity webhook content

In my testing, the regional endpoint annotation did not produce the corresponding environment variable in the pod. This might potentially relate to aws/amazon-eks-pod-identity-webhook#123. Additionally, I only have access to one AWS account, so I was not able to test the cross-account permissions functionality.

My view is that we should focus on reviewing and publishing the content that I have created for this initial PR and then those items can be tested and added later. In this PR, I have also added some commented out content in relation to the optional annotations for later use.

@jeana-redhat jeana-redhat added peer-review-in-progress Signifies that the peer review team is reviewing this PR and removed peer-review-needed Signifies that the peer review team needs to review this PR labels Nov 7, 2022
@jeana-redhat jeana-redhat self-requested a review November 7, 2022 15:27
jeana-redhat
jeana-redhat reviewed Nov 8, 2022
View reviewed changes
Copy link
Contributor

@jeana-redhat jeana-redhat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a really excellent presentation of a workflow that is not at all trivial to explain.

Most of my feedback here is pretty minor, and some is just checking for my own understanding since I will need to understand this later 🤓 Feel free to ping me on Slack if you want to talk about any of the things I brought up more synchronously.

@jeana-redhat jeana-redhat added peer-review-done Signifies that the peer review team has reviewed this PR and removed peer-review-in-progress Signifies that the peer review team is reviewing this PR labels Nov 8, 2022
@pneedle-rh pneedle-rh force-pushed the osdocs-1594-add-pod-identity-webhook-content-rosa branch 2 times, most recently from 9c4005a to 98053ee Compare November 16, 2022 13:04
@michaelryanmcneill
Copy link
Contributor

This looks great to me, thanks @pneedle-rh for all your hard work.

@pneedle-rh pneedle-rh force-pushed the osdocs-1594-add-pod-identity-webhook-content-rosa branch from 98053ee to 8b8430c Compare November 17, 2022 08:45
@pneedle-rh pneedle-rh force-pushed the osdocs-1594-add-pod-identity-webhook-content-rosa branch from 8b8430c to 7d6dff7 Compare November 17, 2022 10:01
@pneedle-rh pneedle-rh merged commit 7d035e0 into openshift:main Nov 17, 2022
@pneedle-rh
Copy link
Contributor Author

/cherrypick enterprise-4.12

@pneedle-rh
Copy link
Contributor Author

/cherrypick enterprise-4.11

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Nov 17, 2022
Merged
@openshift-cherrypick-robot
Copy link

@pneedle-rh: new pull request created: #52919

In response to this:

/cherrypick enterprise-4.12

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Nov 17, 2022
Merged
@openshift-cherrypick-robot
Copy link

@pneedle-rh: new pull request created: #52920

In response to this:

/cherrypick enterprise-4.11

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@bmcelvee bmcelvee mentioned this pull request Nov 18, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sjenning sjenning sjenning left review comments

@jeana-redhat jeana-redhat jeana-redhat left review comments

@jianping-shu jianping-shu jianping-shu left review comments

@michaelryanmcneill michaelryanmcneill michaelryanmcneill approved these changes

Assignees

@pneedle-rh pneedle-rh

Labels
branch/enterprise-4.11 branch/enterprise-4.12 peer-review-done Signifies that the peer review team has reviewed this PR size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
Continuous Release
Development

Successfully merging this pull request may close these issues.
7 participants
@pneedle-rh @ocpdocs-previewbot @michaelryanmcneill @openshift-cherrypick-robot @sjenning @jeana-redhat @jianping-shu