diff --git a/ci-operator/config/openshift/os/openshift-os-master.yaml b/ci-operator/config/openshift/os/openshift-os-master.yaml index be3aa4bb93d97..27d6c5bc5fb5e 100644 --- a/ci-operator/config/openshift/os/openshift-os-master.yaml +++ b/ci-operator/config/openshift/os/openshift-os-master.yaml @@ -67,32 +67,20 @@ tests: from: src skip_if_only_changed: ^docs/|\.md$|^(?:.*/)?(?:\.gitignore|OWNERS|PROJECT|LICENSE)$ - as: build-test-qemu - commands: /src/ci/build-test-qemu.sh - container: - from: build-test-qemu-img - skip_if_only_changed: ^docs/|\.md$|^(?:.*/)?(?:\.gitignore|OWNERS|PROJECT|LICENSE)$ -- as: periodic-os-build cluster: build02 - cron: '@daily' steps: + cluster_profile: gcp test: - - as: oc-login + - as: test cli: latest commands: | #!/bin/bash - set -euo pipefail - # To inject the oc CLI, ci-operator builds a new container from the - # provided container dependency (from:) and pushes it to the namespace - # Imagestream before creating a new pod to run the commands in. Because - # of the size of the coreos-assembler image, this adds quite some time - # to the process. So lets use a much smaller Fedora base image. - oc login https://api.ci.l2s4.p1.openshiftapps.com:6443 --token="$(cat /service-account-token/image-pusher-service-account-token)" - oc registry login --registry=registry.ci.openshift.org --to="$SHARED_DIR/dockercfg.json" + /src/ci/derived-image-test.sh credentials: - mount_path: /service-account-token name: rhcos-devel-image-pusher-service-account-token namespace: test-credentials - from: fedora + from: build-test-qemu-img resources: limits: devices.kubevirt.io/kvm: "1" @@ -100,36 +88,24 @@ tests: cpu: 1000m devices.kubevirt.io/kvm: "1" memory: 3Gi - - as: build-test-and-push-img + timeout: 3h0m0s + workflow: ipi-gcp +- as: periodic-os-build + cluster: build02 + cron: '@daily' + steps: + cluster_profile: gcp + test: + - as: test + cli: latest commands: | #!/bin/bash - set -xeuo pipefail - - # We can't use PULL_BASE_REF or OPENSHIFT_BUILD_REFERENCE to get the - # branch since this is a periodic job which originates from - # openshift/release, not the openshift/os repository. We then strip - # release- from the branch name so we're left with the number (e.g., - # release-4.11 -> 4.11). - BRANCH="$(echo "$JOB_SPEC" | jq -r '.extra_refs[0].base_ref | sub("release-"; "")')" - - # Ensure we have a known directory for cosa to build in - export COSA_DIR="/tmp/cosa" - mkdir -p "$COSA_DIR" - - # Run the cosa build / test - /src/ci/build-test-qemu.sh - - export REGISTRY_AUTH_FILE="$SHARED_DIR/dockercfg.json" - # Ensure we're in the designated cosa directory so the push-container commands work - cd "$COSA_DIR" - # Tags with the cosa build ID / arch - cosa push-container registry.ci.openshift.org/rhcos-devel/rhel-coreos - cosa push-container "registry.ci.openshift.org/rhcos-devel/rhel-coreos:${BRANCH}" - - # Only push latest tag on master branch - if [[ "$BRANCH" == "master" ]]; then - cosa push-container registry.ci.openshift.org/rhcos-devel/rhel-coreos:latest - fi + /src/ci/derived-image-test.sh + /src/ci/tag-final-image.sh + credentials: + - mount_path: /service-account-token + name: rhcos-devel-image-pusher-service-account-token + namespace: test-credentials from: build-test-qemu-img resources: limits: @@ -139,6 +115,7 @@ tests: devices.kubevirt.io/kvm: "1" memory: 3Gi timeout: 3h0m0s + workflow: ipi-gcp zz_generated_metadata: branch: master org: openshift diff --git a/ci-operator/jobs/openshift/os/openshift-os-master-periodics.yaml b/ci-operator/jobs/openshift/os/openshift-os-master-periodics.yaml index 28171007bbb6b..76f3a9e783cae 100644 --- a/ci-operator/jobs/openshift/os/openshift-os-master-periodics.yaml +++ b/ci-operator/jobs/openshift/os/openshift-os-master-periodics.yaml @@ -10,6 +10,8 @@ periodics: org: openshift repo: os labels: + ci-operator.openshift.io/cloud: gcp + ci-operator.openshift.io/cloud-cluster-profile: gcp ci-operator.openshift.io/cluster: build02 ci.openshift.io/generator: prowgen pj-rehearse.openshift.io/can-be-rehearsed: "true" @@ -26,8 +28,10 @@ periodics: - args: - --gcs-upload-secret=/secrets/gcs/service-account.json - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials - --report-credentials-file=/etc/report/credentials - --secret-dir=/secrets/ci-pull-credentials + - --secret-dir=/usr/local/periodic-os-build-cluster-profile - --target=periodic-os-build command: - ci-operator @@ -38,9 +42,14 @@ periodics: requests: cpu: 10m volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true - mountPath: /secrets/ci-pull-credentials name: ci-pull-credentials readOnly: true + - mountPath: /usr/local/periodic-os-build-cluster-profile + name: cluster-profile - mountPath: /secrets/gcs name: gcs-credentials readOnly: true @@ -52,9 +61,22 @@ periodics: readOnly: true serviceAccountName: ci-operator volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials - name: ci-pull-credentials secret: secretName: ci-pull-credentials + - name: cluster-profile + projected: + sources: + - secret: + name: cluster-secrets-gcp + - configMap: + name: cluster-profile-gcp - name: pull-secret secret: secretName: registry-pull-credentials diff --git a/ci-operator/jobs/openshift/os/openshift-os-master-presubmits.yaml b/ci-operator/jobs/openshift/os/openshift-os-master-presubmits.yaml index 11676307c3574..2ca739717617f 100644 --- a/ci-operator/jobs/openshift/os/openshift-os-master-presubmits.yaml +++ b/ci-operator/jobs/openshift/os/openshift-os-master-presubmits.yaml @@ -11,6 +11,9 @@ presubmits: decoration_config: skip_cloning: true labels: + ci-operator.openshift.io/cloud: gcp + ci-operator.openshift.io/cloud-cluster-profile: gcp + ci-operator.openshift.io/cluster: build02 ci.openshift.io/generator: prowgen devices.kubevirt.io/kvm: "1" pj-rehearse.openshift.io/can-be-rehearsed: "true" @@ -22,7 +25,10 @@ presubmits: - args: - --gcs-upload-secret=/secrets/gcs/service-account.json - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --secret-dir=/usr/local/build-test-qemu-cluster-profile - --target=build-test-qemu command: - ci-operator @@ -33,6 +39,14 @@ presubmits: requests: cpu: 10m volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /usr/local/build-test-qemu-cluster-profile + name: cluster-profile - mountPath: /secrets/gcs name: gcs-credentials readOnly: true @@ -44,6 +58,22 @@ presubmits: readOnly: true serviceAccountName: ci-operator volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: cluster-profile + projected: + sources: + - secret: + name: cluster-secrets-gcp + - configMap: + name: cluster-profile-gcp - name: pull-secret secret: secretName: registry-pull-credentials