Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow attaching to pods in kube integration tests #40971

Merged
merged 1 commit into from
Apr 27, 2024
Merged

allow attaching to pods in kube integration tests #40971

merged 1 commit into from
Apr 27, 2024

Conversation

capnspacehook
Copy link
Contributor

@capnspacehook capnspacehook commented Apr 26, 2024
edited
Loading

TestKube/EphemeralContainers creates an ephemeral container that runs a short lived command echo ... and has a moderator join the session. Most of the time the command in the container will have finished before the users have a chance to attach to it, but sometimes that's not the case.

Fixes #40969.

@capnspacehook capnspacehook added the no-changelog Indicates that a PR does not require a changelog entry label Apr 26, 2024
@capnspacehook capnspacehook requested a review from tigrato April 26, 2024 22:54
orca-security-us[bot]
orca-security-us bot reviewed Apr 26, 2024
View reviewed changes
Copy link

@orca-security-us orca-security-us bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Failed Failed Infrastructure as Code high 1   medium 3   low 1   info 1 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca
🛡️ The following IaC misconfigurations have been detected
NAME FILE
high Controller of pods with role that allows the creation or modification of other pods ...bac/ci-teleport.yaml View in code
medium RBAC Roles with Attach Permission ...bac/ci-teleport.yaml View in code
medium Controller of pods with role that allows attaching or executing commands inside a pod ...bac/ci-teleport.yaml View in code
medium RBAC Roles with Port-Forwarding Permission ...bac/ci-teleport.yaml View in code
low Controller of pods with impersonation privileges service account ...bac/ci-teleport.yaml View in code
info Ensure Administrative Boundaries Between Resources ...bac/ci-teleport.yaml View in code

@github-actions github-actions bot requested review from Joerger and smallinsky April 26, 2024 22:54
@capnspacehook capnspacehook added this pull request to the merge queue Apr 27, 2024
Merged via the queue into master with commit ebeee68 Apr 27, 2024
41 of 44 checks passed
@capnspacehook capnspacehook deleted the capnspacehook/kube-waiting-conts-attach-test-perms branch April 27, 2024 00:19
@public-teleport-github-review-bot
Copy link

@capnspacehook See the table below for backport results.

Branch Result
branch/v14 Failed
branch/v15 Create PR

@capnspacehook capnspacehook mentioned this pull request Apr 27, 2024
Merged
@capnspacehook capnspacehook mentioned this pull request May 1, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@orca-security-us orca-security-us[bot] orca-security-us[bot] left review comments

@tigrato tigrato tigrato approved these changes

@AntonAM AntonAM AntonAM approved these changes

Assignees
No one assigned
Labels
backport/branch/v14 backport/branch/v15 no-changelog Indicates that a PR does not require a changelog entry size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

TestKube/EphemeralContainers flakiness
3 participants
@capnspacehook @AntonAM @tigrato