Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enrich the error returned from Request.Watch method #126265

Merged
merged 1 commit into from
Aug 30, 2024
Merged

Enrich the error returned from Request.Watch method #126265

merged 1 commit into from
Aug 30, 2024
+16 −29

Conversation

tnqn
Copy link
Member

@tnqn tnqn commented Jul 22, 2024
edited
Loading

What type of PR is this?

/kind cleanup

What this PR does / why we need it:

The Error method of the error returned from Request.Watch was "unknown" even the server returned clear message in the Status struct. It was because Request.Watch used the Result's err member directly, which is an unstructured error from the response which the Result object may use if the caller did not return a structured error.

The patch fixes it by calling the Result's Error method instead, which returns the structured error when it's present.

It also removes a duplicate test case and remove the wrong expectation about events.

Testing with the following code:

watcher, err := k8sClient.CoreV1().Secrets(secretMeta.Namespace).Watch(context.TODO(), metav1.SingleObject(*secretMeta))
if err != nil {
	klog.ErrorS(err, "Watch Secret error")
}

Before:

E0722 03:35:57.609475       1 controller.go:302] "Watch Secret error" err="unknown (get secrets)"

After:

E0722 04:14:05.895487       1 controller.go:302] "Watch Secret error" err="secrets \"foo\" is forbidden: User \"system:serviceaccount:kube-system:antrea-agent\" cannot watch resource \"secrets\" in API group \"\" in the namespace \"kube-system\""

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?

NONE

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. release-note-none Denotes a PR that doesn't merit a release note. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Jul 22, 2024
@k8s-ci-robot k8s-ci-robot added sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Jul 22, 2024
@tnqn
Copy link
Member Author

tnqn commented Jul 22, 2024

/retest

@tnqn
Copy link
Member Author

tnqn commented Jul 22, 2024

cc @aojea @sttts

@fedebongio
Copy link
Contributor

/sig auth
/cc @enj @deads2k @liggitt

Thanks for the PR. Adding SIG Auth people because we want to be very careful about anything additional we put in the logs.

@k8s-ci-robot k8s-ci-robot added the sig/auth Categorizes an issue or PR as relevant to SIG Auth. label Jul 23, 2024
@tnqn
Enrich the error returned from Request.Watch method
596c569 
The Error method of the error returned from Request.Watch was "unknown"
even the server returned clear message in the Status struct. It was
because Request.Watch used the Result's err member directly, which is an
unstructured error from the response which the Result object may use if
the caller did not return a structured error.

The patch fixes it by calling the Result's Error method instead, which
returns the structured error when it's present.

It also removes the wrong expectation about events.
@cici37
Copy link
Contributor

cici37 commented Jul 25, 2024

/triage accepted

@k8s-ci-robot k8s-ci-robot added triage/accepted Indicates an issue or PR is ready to be actively worked on. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Jul 25, 2024
@tnqn
Copy link
Member Author

tnqn commented Aug 14, 2024

@liggitt could you please take another look?

@liggitt
Copy link
Member

liggitt commented Aug 30, 2024

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Aug 30, 2024
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 1fc4936b6b01cf734a51d56d43a8a828e381f73c

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: liggitt, tnqn

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 30, 2024
@k8s-ci-robot k8s-ci-robot merged commit fd58143 into kubernetes:master Aug 30, 2024
14 checks passed
@k8s-ci-robot k8s-ci-robot added this to the v1.32 milestone Aug 30, 2024
@tnqn tnqn deleted the fix-watch-error branch August 30, 2024 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@liggitt liggitt liggitt left review comments

@cjcullen cjcullen Awaiting requested review from cjcullen

@lojies lojies Awaiting requested review from lojies

@deads2k deads2k Awaiting requested review from deads2k

@enj enj Awaiting requested review from enj

Assignees

@liggitt liggitt

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. release-note-none Denotes a PR that doesn't merit a release note. sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. sig/auth Categorizes an issue or PR as relevant to SIG Auth. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
SIG Auth
Archived in project
Milestone
v1.32
Development

Successfully merging this pull request may close these issues.
5 participants
@tnqn @fedebongio @cici37 @liggitt @k8s-ci-robot