Enable security limits around init containers #9973
Conversation
smarterclayton
force-pushed
the
init_containers
branch
2 times, most recently
from
0a46ccc to
e66c44c
Compare
|
[test] |
|
Flake #9976 |
smarterclayton
force-pushed
the
init_containers
branch
from
e66c44c to
ce6c548
Compare
|
[test] On Thu, Jul 21, 2016 at 12:05 PM, OpenShift Bot notifications@github.com
|
|
Flake #9987 [test] |
|
Flake docker hang in extended [test] |
|
[test] failure to reach COPR for openvswitch |
|
[test] #9355 and conformance crapped the bed |
|
[test] extended tests run forever On Fri, Jul 22, 2016 at 4:45 AM, OpenShift Bot notifications@github.com
|
|
[test] extended tests run forever |
|
[test] device mapper known flake On Fri, Jul 22, 2016 at 2:15 PM, OpenShift Bot notifications@github.com
|
| @@ -155,54 +155,61 @@ func (a *clusterResourceOverridePlugin) Admit(attr admission.Attributes) error { | |||
|
|
|||
| // Reuse LimitRanger logic to apply limit/req defaults from the project. Ignore validation | |||
| // errors, assume that LimitRanger will run after this plugin to validate. | |||
| glog.V(5).Infof("%s: initial pod limits are: %#v", api.PluginName, pod.Spec.Containers[0].Resources) | |||
| glog.V(5).Infof("%s: initial pod limits are: %#v", api.PluginName, pod.Spec) | |||
There was a problem hiding this comment.
Is there a tool to go from this output in a log to something more readable?
There was a problem hiding this comment.
Not that I'm aware of, since this can be across multiple containers, init containers, requests, and limits (and potentially annotations). Might be nice in the future.
smarterclayton
force-pushed
the
init_containers
branch
from
ce6c548 to
dca0ef3
Compare
|
[test] #9959
|
| @@ -46,6 +50,18 @@ func (p *TestPod) WithBuild(t *testing.T, build *buildapi.Build, version string) | |||
| return p.WithAnnotation(buildapi.BuildAnnotation, build.Name).WithEnvVar("BUILD", string(encodedBuild)) | |||
| } | |||
|
|
|||
| func (p *TestPod) InitEnvValue(name string) string { | |||
There was a problem hiding this comment.
Used anywhere or just here for future work? Didn't see it being called.
There was a problem hiding this comment.
just copied to make sure it wasn't inconsistent.
|
2 questions (log statement and nil check) then LGTM |
smarterclayton
force-pushed
the
init_containers
branch
from
dca0ef3 to
38120a8
Compare
|
Updated, [merge] |
|
continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/6867/) (Image: devenv-rhel7_4664) |
|
Evaluated for origin merge up to 38120a8 |
|
[test] #9959 |
|
[test] conformance hang On Mon, Jul 25, 2016 at 6:30 PM, OpenShift Bot notifications@github.com
|
|
Evaluated for origin test up to 38120a8 |
|
continuous-integration/openshift-jenkins/test SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/6867/) |
[test]