Skip to content

NO-JIRA: Revert "OCPBUGS-87110 Scope minted AWS IAM policies to cluster-owned resources"#1060

Merged
openshift-merge-bot[bot] merged 1 commit into
openshift:release-4.21from
amitesh1201:revert-1046-release-4.21
Jul 8, 2026
Merged

NO-JIRA: Revert "OCPBUGS-87110 Scope minted AWS IAM policies to cluster-owned resources"#1060
openshift-merge-bot[bot] merged 1 commit into
openshift:release-4.21from
amitesh1201:revert-1046-release-4.21

Conversation

@amitesh1201

@amitesh1201 amitesh1201 commented Jul 7, 2026

Copy link
Copy Markdown

Summary

This reverts commit 11ebb51 (PR #1046).

Why

PR #1043 (cherry-picked as #1046 to this branch) caused regressions in the
e2e-aws-csi job — all snapshot-related tests have been permafailing since Jun 29.

  • OCPBUGS-96892 — aws-csi tests fail to create snapshots
  • OCPBUGS-97745 — required origin presubmit aws-csi permafail

Unreverting

A corrected version of the feature is being investigated in PR #1054.

cc @nrb @dlom @neisw

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Jul 7, 2026
@openshift-ci-robot

Copy link
Copy Markdown
Contributor

@amitesh1201: This pull request explicitly references no jira issue.

Details

In response to this:

Summary

This reverts commit 11ebb51 (PR #1046).

Manual backport of #1057 to release-4.21.

Why

PR #1043 (cherry-picked as #1046 to this branch) caused regressions in the
e2e-aws-csi job — all snapshot-related tests have been permafailing since Jun 29.

  • OCPBUGS-96892 — aws-csi tests fail to create snapshots
  • OCPBUGS-97745 — required origin presubmit aws-csi permafail

Unreverting

A corrected version of the feature is being investigated in PR #1054.

cc @nrb @dlom @neisw

Made with Cursor

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci Bot requested review from dlom and suhanime July 7, 2026 10:02
@codecov

codecov Bot commented Jul 7, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 46.58%. Comparing base (bea106c) to head (7249cde).
⚠️ Report is 2 commits behind head on release-4.21.

Additional details and impacted files

Impacted file tree graph

@@               Coverage Diff                @@
##           release-4.21    #1060      +/-   ##
================================================
- Coverage         46.83%   46.58%   -0.26%     
================================================
  Files                98       98              
  Lines             12229    12181      -48     
================================================
- Hits               5728     5674      -54     
- Misses             5850     5857       +7     
+ Partials            651      650       -1     
Files with missing lines Coverage Δ
pkg/aws/actuator/actuator.go 67.79% <100.00%> (-1.46%) ⬇️
pkg/aws/utils.go 83.87% <ø> (-2.25%) ⬇️

... and 1 file with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@dlom

dlom commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

/override ci/prow/security

@dlom

dlom commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

/test e2e-hypershift

@openshift-ci

openshift-ci Bot commented Jul 7, 2026

Copy link
Copy Markdown
Contributor

@dlom: Overrode contexts on behalf of dlom: ci/prow/security

Details

In response to this:

/override ci/prow/security

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/lgtm

@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/approve

@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/label backport-risk-assessed

@openshift-ci openshift-ci Bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Jul 8, 2026
@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/verfied by previous known good state

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Jul 8, 2026
@openshift-ci

openshift-ci Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: amitesh1201, dlom

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 8, 2026
@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/override ci/prow/e2e-hypershift

@openshift-ci

openshift-ci Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

@dlom: Overrode contexts on behalf of dlom: ci/prow/e2e-hypershift

Details

In response to this:

/override ci/prow/e2e-hypershift

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci

openshift-ci Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

@amitesh1201: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-hypershift 7249cde link true /test e2e-hypershift
ci/prow/security 7249cde link true /test security

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/verfied by previous known good state

@dlom

dlom commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

/verified by known good previous state

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Jul 8, 2026
@openshift-ci-robot

Copy link
Copy Markdown
Contributor

@dlom: This PR has been marked as verified by known good previous state.

Details

In response to this:

/verified by known good previous state

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@amitesh1201 amitesh1201 changed the title NO-JIRA: Revert "OCPBUGS-87110: Scope minted AWS IAM policies to cluster-owned resources" NO-JIRA: Revert "OCPBUGS-87110 Scope minted AWS IAM policies to cluster-owned resources" Jul 8, 2026
@JoelSpeed

Copy link
Copy Markdown
Contributor

/label jira/valid-bug

This is a revert of an regression that we need to merge promptly to catch dev cut-off today

@openshift-ci openshift-ci Bot added the jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. label Jul 8, 2026
@openshift-merge-bot openshift-merge-bot Bot merged commit bd0a578 into openshift:release-4.21 Jul 8, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants