Skip to content

Update the GCP provider to allow users to skip firewall actions #911

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
barbacbd wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update the GCP provider to allow users to skip firewall actions #911

barbacbd wants to merge 1 commit into from
+224 −39

Conversation

@barbacbd
Copy link

@barbacbd barbacbd commented Oct 21, 2025

cluster:
Update the scripts to include the new variables

providers/gce:

Update the config to include the new ManageFirewallRules boolean setting. This variable will allow users to skip the creation, deletion, and updates to firewall rules when set to false. Users may not want or have the ability to add the permissions to perform these actions on their service account. When this is the case the firewall rules should be pre created and managed by someone with permissions to achieve the same goal.

@k8s-ci-robot k8s-ci-robot added the needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. label Oct 21, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Oct 21, 2025

This issue is currently awaiting triage.

If the repository mantainers determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Oct 21, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Oct 21, 2025

Hi @barbacbd. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot k8s-ci-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 21, 2025
@k8s-triage-robot
Copy link

k8s-triage-robot commented Oct 21, 2025

Unknown CLA label state. Rechecking for CLA labels.

Send feedback to sig-contributor-experience at kubernetes/community.

/check-cla
/easycla

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Oct 21, 2025
@theobarberbany
Copy link
Contributor

theobarberbany commented Oct 21, 2025

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Oct 21, 2025
@barbacbd barbacbd changed the title CORS-4264: Update the GCP provider to allow users to skip firewall actions Update the GCP provider to allow users to skip firewall actions Oct 22, 2025
JoelSpeed
JoelSpeed reviewed Oct 23, 2025
View reviewed changes
@bowei
Copy link
Member

bowei commented Oct 23, 2025

/assign