Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix ExtensionsExtender to generate auditlog extension only if auditlog data exists #562

Merged
merged 10 commits into from
Dec 16, 2024
Merged

Fix ExtensionsExtender to generate auditlog extension only if auditlog data exists #562

merged 10 commits into from
Dec 16, 2024

Conversation

koala7659
Copy link
Contributor

@koala7659 koala7659 commented Dec 10, 2024
edited
Loading

Fix for a bug in Extension Extender for a situation when auditog configuration is not configured for given runtime region.

In such a case for created shoot we do not specify auditConfig.auditPolicy fields but we a attempting to add auditlog extension with empty data - so we have invalid and not expected extension for non existing auditLog configuration.

As a result generated shoot input is rejected and shoot creation fails with error:

{"level":"error","ts":"2024-12-10T14:43:27Z","msg":"Failed to create new gardener Shoot","runtimeID":"78b263d1-ecec-4373-abf4-d7993481261b","shootName":"c-4c21fef","requestID":28,"error":"admission webhook \"validator.shoot-auditlog-admission.extensions.gardener.cloud\" denied the request: [serviceURL: Required value: serviceURL must not be empty, tenantID: Required value: tenantID must not be empty]",",

Fix for Shoot creation and update when auditLogData for given Runtime region is empty.

  • When creating a Shoot AuditLog extension is not added for new Shoot
  • When updating a Shoot without AuditLog extension - empty AuditLog extension is not added to existing shoot extensions
  • When updating a Shoot with existing AuditLog extension - the old extension remains in the list of existing shoot extensions

@koala7659 koala7659 requested a review from a team as a code owner December 10, 2024 16:07
@koala7659 koala7659 changed the title Fix ExtensionsExtender to generate auditlog extension only if auditlog data exists [WIP]Fix ExtensionsExtender to generate auditlog extension only if auditlog data exists Dec 10, 2024
@kyma-bot kyma-bot added cla: yes Indicates the PR's author has signed the CLA. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Dec 10, 2024
@koala7659 koala7659 self-assigned this Dec 10, 2024
@koala7659
Create unit test for case where extender should not update Auditlog e…
754e3e4 
…xtension when provided input auditLogData is empty
@kyma-bot kyma-bot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Dec 11, 2024
@kyma-bot kyma-bot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Dec 11, 2024
@koala7659 koala7659 removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Dec 11, 2024
@koala7659 koala7659 changed the title [WIP]Fix ExtensionsExtender to generate auditlog extension only if auditlog data exists Fix ExtensionsExtender to generate auditlog extension only if auditlog data exists Dec 11, 2024
@kyma-bot kyma-bot added the lgtm Looks good to me! label Dec 16, 2024
@akgalwas akgalwas enabled auto-merge (squash) December 16, 2024 07:42
@kyma-bot kyma-bot merged commit 1a337af into kyma-project:main Dec 16, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akgalwas akgalwas akgalwas approved these changes

Assignees

@akgalwas akgalwas

@koala7659 koala7659

Labels
cla: yes Indicates the PR's author has signed the CLA. lgtm Looks good to me! size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@koala7659 @akgalwas @kyma-bot