Wait for a stable cluster in the suite

[rhmdnd]

Some remediations are more invasive than others, and make changes to the
cluster that require time to propagate through the system. Before the
suite starts running subsequent scans, we should wait for it to become
stable so that we know the remediations at least applied properly, or at
the very least didn't make things worse.

[rhmdnd]

The assumption here is that we don't care about the command output, just that it doesn't timeout waiting for a stable cluster.

Using a client library here instead would be nice because it might give us more useful error messages without having to parse raw output.

[xiaojiey]

Per the testing for PR ComplianceAsCode/content#12220, the remediation took about 25-30 minutes for a 6 node cluster. Otherwise the ingress or apisever will be in updating status..

[JAORMX]

Could the cluster be modified to have a faster rollout? Machine config operate used to have such an option

[rhmdnd]

Yeah - that's a significant increase in our testing times. I'll do some digging around to see if there is a way to speed this up.

[openshift-ci]

@rhmdnd: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-aws-openshift-node-compliance	882969e	link	true	/test e2e-aws-openshift-node-compliance
ci/prow/e2e-aws-openshift-platform-compliance	882969e	link	true	/test e2e-aws-openshift-platform-compliance

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.