Debug log membership verification

asmcli/lib/checks.sh

@@ -88,23 +88,28 @@ is_managed_cas_installed() {
 }
 
 is_cluster_registered() {
+  debug "is_cluster_registered()"
   local VERIFIED_REGISTRATION; VERIFIED_REGISTRATION="$(context_get-option "VERIFIED_REGISTRATION")"
   if [[ "${VERIFIED_REGISTRATION}" -eq 1 ]]; then return; fi
 
   info "Verifying cluster registration."
 
   if ! is_membership_crd_installed; then
+    debug "Couldn't find membership CRD."
     false
     return
   fi
 
   local MEMBERSHIP_DATA IDENTITY_PROVIDER
   MEMBERSHIP_DATA="$(retry 2 kubectl get memberships.hub.gke.io membership -ojson 2>/dev/null)"
+  debug "${MEMBERSHIP_DATA}"
 
   # expected value is the project id to which the cluster is registered
   IDENTITY_PROVIDER="$(echo "${MEMBERSHIP_DATA}" \
     | jq .spec.identity_provider \
     | sed -E 's/.*projects\/|\/locations.*//g')"
+  debug "${IDENTITY_PROVIDER}"
+
   if [[ -z "${IDENTITY_PROVIDER}" || "${IDENTITY_PROVIDER}" == 'null' ]]; then
     { read -r -d '' MSG; fatal "${MSG}"; } <<EOF || true
 Cluster has memberships.hub.gke.io CRD but no identity provider specified.
@@ -123,12 +128,16 @@ EOF
   LOCATION="$(echo "${MEMBERSHIP_DATA}" \
     | jq -r .spec.owner.id \
     | sed -E 's/.*locations\/|\/memberships.*//g')"
+  debug "${LOCATION}"
   MEMBERSHIP="$(echo "${MEMBERSHIP_DATA}" \
     | jq -r .spec.owner.id \
     | sed -E 's/.*memberships\///g')"
+  debug "${MEMBERSHIP}"
   WANT="name.*projects/${FLEET_ID}/locations/${LOCATION}/memberships/${MEMBERSHIP}"
   G_DATA="$(gcloud container hub memberships list --project "${FLEET_ID}" --format=json)"
+  debug "${G_DATA}"
   LIST="$(echo "${G_DATA}" | grep "${WANT}")"
+  debug "${LIST}"
 
   if [[ "${IDENTITY_PROVIDER}" != "${FLEET_ID}" ]] && \
      [[ "${IDENTITY_PROVIDER}" != "${FLEET_HOST_PROJECT_NUMBER}" ]] || \
@@ -183,20 +192,22 @@ is_workload_identity_enabled() {
 
 is_membership_crd_installed() {
   local OUTPUT
-  if ! OUTPUT="$(retry 2 kubectl get crd memberships.hub.gke.io -ojsonpath="{..metadata.name}" 2>/dev/null)"; then
+  if ! OUTPUT="$(kubectl get crd memberships.hub.gke.io -ojsonpath="{..metadata.name}" 2>/dev/null)"; then
     false
     return
   fi
+  debug "${OUTPUT}"
 
   if [[ "$(echo "${OUTPUT}" | grep -w -c memberships || true)" -eq 0 ]]; then
     false
     return
   fi
 
-  if ! OUTPUT="$(retry 2 kubectl get memberships.hub.gke.io -ojsonpath="{..metadata.name}" 2>/dev/null)"; then
+  if ! OUTPUT="$(kubectl get memberships.hub.gke.io -ojsonpath="{..metadata.name}" 2>/dev/null)"; then
     false
     return
   fi
+  debug "${OUTPUT}"
 
   if [[ "$(echo "${OUTPUT}" | grep -w -c membership || true)" -eq 0 ]]; then
     false

asmcli/lib/util.sh

@@ -49,6 +49,8 @@ run_command() {
 # re-get credentials in case something caused the k8s IP to change.
 #######
 retry() {
+  local CMD="'$*'"
+  debug "Attempting to run \`${CMD}\`."
   local MAX_TRIES; MAX_TRIES="${1}";
   shift 1
   for i in $(seq 0 "${MAX_TRIES}"); do
@@ -59,7 +61,6 @@ retry() {
     warn "Failed, retrying...($((i+1)) of ${MAX_TRIES})"
     sleep 2
   done
-  local CMD="'$*'"
   warn "Command $CMD failed."
   false
 }

asmcli/tests/setup_longterm_cluster

@@ -66,6 +66,7 @@ setup_cluster() {
 
   echo "Performing necessary cluster setup on ${cluster}"
 
+  _DEBUG=1 \
   _CI_I_AM_A_TEST_ROBOT=1 \
   ../asmcli \
     install \