Refactor the AuthStatus Logic in Eventing OIDC Feature Track

[xiangpingjiang]

Fixes #7377

Proposed Changes

Pre-review Checklist

• At least 80% unit test coverage
• E2E tests for any new behavior
• Docs PR for any user-facing impact
• Spec PR for any new API feature
• Conformance test for any change to the spec

Release Note

Refactor the AuthStatus Logic in Eventing OIDC Feature Track

Docs

[knative-prow]

Hi @xiangpingjiang. Thanks for your PR.

I'm waiting for a knative member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[codecov]

Codecov Report

Attention: 4 lines in your changes are missing coverage. Please review.

Comparison is base (67f382d) 76.79% compared to head (e9a9767) 76.70%.
Report is 9 commits behind head on main.

Files	Patch %	Lines
pkg/auth/serviceaccount.go	75.00%	3 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #7417      +/-   ##
==========================================
- Coverage   76.79%   76.70%   -0.09%     
==========================================
  Files         253      253              
  Lines       14098    14169      +71     
==========================================
+ Hits        10826    10868      +42     
- Misses       2732     2749      +17     
- Partials      540      552      +12     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Leo6Leo]

/ok-to-test

[xiangpingjiang]

/retest

[Leo6Leo]

Hey @xiangpingjiang, are you blocked on anything? Is this PR ready for review now?

[xiangpingjiang]

Hey @xiangpingjiang, are you blocked on anything? Is this PR ready for review now?

hello @Leo6Leo

I think it's ready for rewiew, just the upgrade-tests_eventing_main test sometimes fails, sometimes succeeds. Can I ignore it ?

[Leo6Leo]

@xiangpingjiang Sounds good, thanks for the PR! Will take a look at it!

[creydr]

Hello @xiangpingjiang,
thanks for working on this. I left a few comments (mostly about naming)

[creydr]

/retest

[Cali0707]

I really like how this is looking so far!

[Cali0707]

@xiangpingjiang would you be able to add a unit test or two for this function? That way we can catch any breaking changes earlier if this every gets updated

[xiangpingjiang]

@Cali0707 I will try to do that. SetupOIDCServiceAccount func rely on EnsureOIDCServiceAccountExistsForResource func, the EnsureOIDCServiceAccountExistsForResource didn't have unit test. Do I need add unit test for EnsureOIDCServiceAccountExistsForResource first ?

[Cali0707]

I think just SetupOIDCServiceAccount is totally fine, but if you wanted to add tests for both that would be great (just not necessary IMO)

[xiangpingjiang]

Hello @Cali0707
I added some unit test, please give me a review when you have time

[Cali0707]

/lgtm
/cc @creydr

[knative-prow]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: creydr, xiangpingjiang

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [creydr]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment