Skip to content

🌱 Try to fix test flake in which secret is not yet available #5563

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🌱 Try to fix test flake in which secret is not yet available #5563

wants to merge 1 commit into from

Conversation

AndiDog
Copy link
Contributor

@AndiDog AndiDog commented Jun 24, 2025

What type of PR is this?

/kind flake

What this PR does / why we need it:

There seems to be one flake that keeps reappearing:

=== RUN   TestAWSMachinePoolReconciler/Reconciling_an_AWSMachinePool/ReconcileLaunchTemplate_not_mocked/launch_template_and_ASG_created_from_zero,_then_bootstrap_config_reference_changes
E0624 07:12:01.962501   46441 awsmachinepool_controller.go:341] "failed to reconcile launch template" err="failed to retrieve bootstrap data secret bootstrap-data-new for AWSMachinePool default/test: Secret \"bootstrap-data-new\" not found"
    awsmachinepool_controller_test.go:966: 
        Expected success, but got an error:
            <*errors.withStack | 0xc002129788>: 
            failed to retrieve bootstrap data secret bootstrap-data-new for AWSMachinePool default/test: Secret "bootstrap-data-new" not found
            {
                error: <*errors.withMessage | 0xc0025847c0>{
                    cause: <*errors.StatusError | 0xc0021214a0>{
                        ErrStatus: {
                            TypeMeta: {Kind: "", APIVersion: ""},
                            ListMeta: {
                                SelfLink: "",
                                ResourceVersion: "",
                                Continue: "",
                                RemainingItemCount: nil,
                            },
                            Status: "Failure",
                            Message: "Secret \"bootstrap-data-new\" not found",
                            Reason: "NotFound",
                            Details: {
                                Name: "bootstrap-data-new",
                                Group: "",
                                Kind: "Secret",
                                UID: "",
                                Causes: nil,
                                RetryAfterSeconds: 0,
                            },
                            Code: 404,
                        },
                    },
                    msg: "failed to retrieve bootstrap data secret bootstrap-data-new for AWSMachinePool default/test",
                },
                stack: [0x24c366e, 0x2547151, 0x26e6bbe, 0x26fb374, 0x556854, 0x480101],
            }

This change tries to work around by waiting for the Secret to be available.

Special notes for your reviewer:

I couldn't reproduce the flake locally, so this is a guess.

Checklist:

  • squashed commits
  • includes documentation
  • includes emoji in title
  • adds unit tests
  • adds or updates e2e tests

Release note:

NONE

@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. kind/flake Categorizes issue or PR as related to a flaky test. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. needs-priority labels Jun 24, 2025
@k8s-ci-robot k8s-ci-robot requested review from faiq and richardcase June 24, 2025 08:13
@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jun 24, 2025
@AndiDog
Copy link
Contributor Author

AndiDog commented Jun 24, 2025

/test pull-cluster-api-provider-aws-e2e-blocking

@dlipovetsky
Copy link
Contributor

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dlipovetsky

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 24, 2025
dlipovetsky
dlipovetsky reviewed Jun 24, 2025
View reviewed changes
exp/controllers/awsmachinepool_controller_test.go
@@ -913,6 +913,12 @@ func TestAWSMachinePoolReconciler(t *testing.T) {
},
}
g.Expect(testEnv.Create(ctx, newBootstrapSecret)).To(Succeed())
g.Eventually(func(gomega Gomega) {
gomega.Expect(testEnv.Client.Get(ctx, client.ObjectKey{
Copy link
Contributor

@dlipovetsky dlipovetsky Jun 24, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't look right now, but I'm wondering if this is a cached client? 🤔

That would explain the failure to get the Secret just after it has been created.

We should use a "direct" or "uncached" client in tests.

kubernetes-sigs/controller-runtime#343 (comment)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm indeed we use the manager client

	return &TestEnvironment{
		Manager: mgr,
		Client:  mgr.GetClient(), // <----------
		Config:  mgr.GetConfig(),
		env:     t.env,
	}, nil

which may be a cache:

GetClient returns a client configured with the Config. This client may not be a fully "direct" client -- it may read from a cache, for instance.

But we're testing the reconciler here which uses its caching client. Should we override that to a direct client in tests? I'm not even sure that's possible (we'd need a SetClient or some option to avoid caching?).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we want to copy-paste CAPI's CreateAndWait to denote the intent

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But we're testing the reconciler here which uses its caching client.

Yes, but in production, if the Secret is unavailable, the request would be requeued. That doesn't happen under test: we fail immediately. So one way to ensure that the reconcile is ready to run is to use a direct client.

I think switching to a direct client is something we want to do across all tests, so that's out of scope for this PR.

Maybe we want to copy-paste CAPI's CreateAndWait to denote the intent

That's a good idea.

@AndiDog
Copy link
Contributor Author

AndiDog commented Jun 24, 2025

/hold

for the direct/caching client question

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 24, 2025
@damdo
Copy link
Member

damdo commented Jun 25, 2025

@AndiDog is this fixing any of these by any chance? E2E Test Stabilization & Improvement

@AndiDog
Copy link
Contributor Author

AndiDog commented Jun 25, 2025

@AndiDog is this fixing any of these by any chance? E2E Test Stabilization & Improvement

I didn't find it listed there, and it's no E2E test

@damdo
Copy link
Member

damdo commented Jun 25, 2025

Got it thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlipovetsky dlipovetsky dlipovetsky left review comments

@faiq faiq Awaiting requested review from faiq

@richardcase richardcase Awaiting requested review from richardcase

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. kind/flake Categorizes issue or PR as related to a flaky test. needs-priority release-note-none Denotes a PR that doesn't merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@AndiDog @dlipovetsky @k8s-ci-robot @damdo