Skip to content

[release-1.34] Backport credential provider support #9512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-bot merged 6 commits into from
Nov 20, 2025
Merged

[release-1.34] Backport credential provider support #9512

openshift-merge-bot merged 6 commits into from
Nov 20, 2025

Conversation

@saschagrunert
Copy link
Member

@saschagrunert saschagrunert commented Oct 14, 2025
edited
Loading

What type of PR is this?

/kind feature

What this PR does / why we need it:

Which issue(s) this PR fixes:

None

Special notes for your reviewer:

I'm going to downgrade the go 1.25 requirement in cri-o/crio-credential-provider#43

Does this PR introduce a user-facing change?

Add support for the credential provider: https://github.com/cri-o/crio-credential-provider

@saschagrunert
Consume additional pull auth if available
eb5be37 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
@saschagrunert
Remove temporary auth files if used
88c1f61 
We now move the namespaced auth files to a unique location for singular
usage. This means that CRI-O can also remove the file afterwards, while
other parallel pulls can re-use the previous file location for parallel
pulls.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
@openshift-ci openshift-ci bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/feature Categorizes issue or PR as related to a new feature. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. labels Oct 14, 2025
@openshift-ci openshift-ci bot requested review from QiWang19 and bitoku October 14, 2025 13:58
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Oct 14, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: saschagrunert

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 14, 2025
@saschagrunert saschagrunert force-pushed the release-1.34-cred-provider branch 3 times, most recently from 951a6e7 to 942f649 Compare October 15, 2025 07:19
@codecov
Copy link

codecov bot commented Oct 15, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 58.13953% with 36 lines in your changes missing coverage. Please review.
✅ Project coverage is 67.04%. Comparing base (5780ac7) to head (9cad6a6).
⚠️ Report is 17 commits behind head on release-1.34.

Additional details and impacted files 
@@              Coverage Diff              @@
##           release-1.34    #9512   +/-   ##
=============================================
  Coverage         67.03%   67.04%           
=============================================
  Files               202      202           
  Lines             28085    28144   +59     
=============================================
+ Hits              18827    18868   +41     
- Misses             7683     7690    +7     
- Partials           1575     1586   +11
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@saschagrunert
Re-use public credential provider API
7dd254c 
Re-using the public auth and config API from the credential provider to
keep both projects in sync.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
@saschagrunert saschagrunert force-pushed the release-1.34-cred-provider branch from 942f649 to 7dd254c Compare October 15, 2025 07:25
@saschagrunert
Update golangci-lint and config
5a35fbc 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
@saschagrunert saschagrunert force-pushed the release-1.34-cred-provider branch from 330c07f to 5a35fbc Compare October 15, 2025 07:49
@saschagrunert saschagrunert changed the title WIP: [release-1.34] Backport credential provider support [release-1.34] Backport credential provider support Oct 15, 2025
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 15, 2025
@saschagrunert
Copy link
Member Author

saschagrunert commented Oct 15, 2025

@cri-o/cri-o-maintainers PTAL

bitoku
bitoku reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@bitoku bitoku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the version skew policy with cri-o and crio-credential-provider?

also can we wait for openshift/enhancements#1861 is approved?

@saschagrunert
Include 9509
278d64c 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
@saschagrunert
Copy link
Member Author

saschagrunert commented Oct 15, 2025

/test e2e-gcp-ovn

@saschagrunert
Pin credential provider version
9cad6a6 
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
@saschagrunert
Copy link
Member Author

saschagrunert commented Oct 21, 2025

/test e2e-gcp-ovn

@saschagrunert
Copy link
Member Author

saschagrunert commented Nov 20, 2025
edited
Loading

@bitoku the enhancement got merged, can we continue with that PR? Even if we slip the API, we can still deliver the RPM and this functionality as a preview to users.

@bitoku
Copy link
Contributor

bitoku commented Nov 20, 2025

/retest
/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Nov 20, 2025
@openshift-merge-bot openshift-merge-bot bot merged commit c8e8b46 into cri-o:release-1.34 Nov 20, 2025
66 of 68 checks passed
@saschagrunert saschagrunert deleted the release-1.34-cred-provider branch November 20, 2025 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bitoku bitoku bitoku left review comments

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@QiWang19 QiWang19 Awaiting requested review from QiWang19

Assignees

@bitoku bitoku

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@saschagrunert @bitoku