From 698f172d5b18ae490a041875dd7fc200e83edd70 Mon Sep 17 00:00:00 2001 From: Eric Fried Date: Thu, 1 Jun 2023 15:34:08 -0500 Subject: [PATCH] Hive/master: Use latest HCP for e2e-pool Convert `e2e-pool` from using the CI-owned 4.12 ClusterPool to requesting a hosted control plane (hypershift) cluster at the `latest` release (currently 4.13). Leaving `e2e` alone for now, as it improves our coverage to have it continue testing on a "classic" hub at 4.12. HIVE-2234 --- .../openshift/hive/openshift-hive-master.yaml | 28 +++++++------------ .../openshift-hive-master-presubmits.yaml | 28 +++++++++++++------ 2 files changed, 29 insertions(+), 27 deletions(-) diff --git a/ci-operator/config/openshift/hive/openshift-hive-master.yaml b/ci-operator/config/openshift/hive/openshift-hive-master.yaml index 68d5c696581fe..4cc9ce541e7f9 100644 --- a/ci-operator/config/openshift/hive/openshift-hive-master.yaml +++ b/ci-operator/config/openshift/hive/openshift-hive-master.yaml @@ -125,28 +125,20 @@ tests: cpu: 100m workflow: generic-claim - as: e2e-pool - cluster_claim: - architecture: amd64 - as: unused - cloud: aws - labels: - region: us-east-1 - owner: openshift-ci - product: ocp - timeout: 1h0m0s - version: "4.12" skip_if_only_changed: ^docs/|\.md$|^(?:.*/)?(?:\.gitignore|OWNERS|PROJECT|LICENSE)$ steps: + cluster_profile: aws-2 test: - as: test cli: latest commands: | # Creds for the `ci` user in the hive-team cluster - # TODO: Get a CI-owned account: DPTP-2348 - export AWS_ACCESS_KEY_ID=$(cat /tmp/secret/hive-aws-creds/AWS_ACCESS_KEY_ID) - export AWS_SECRET_ACCESS_KEY=$(cat /tmp/secret/hive-aws-creds/AWS_SECRET_ACCESS_KEY) - # Override default location for pull secret - export PULL_SECRET_FILE=/tmp/secret/pull-secret/.dockerconfigjson + export AWS_ACCESS_KEY_ID=$(cat /tmp/hivesecret/hive-aws-creds/AWS_ACCESS_KEY_ID) + export AWS_SECRET_ACCESS_KEY=$(cat /tmp/hivesecret/hive-aws-creds/AWS_SECRET_ACCESS_KEY) + export PULL_SECRET_FILE=/tmp/consolidated-pull-secret + # The pull secret on the right gives us access to the release image. + # The one on the left gives us access to the images it points to. + jq -s '.[0] * .[1]' /tmp/hivesecret/pull-secret/.dockerconfigjson /tmp/secret/pull-secret-build-farm.json > $PULL_SECRET_FILE # Our AWS account is set up with this domain: export BASE_DOMAIN=new-installer.openshift.com # Configure a cluster name that our monitor/reaper can use to @@ -160,10 +152,10 @@ tests: USE_MANAGED_DNS=false CLOUD=aws make test-e2e-pool credentials: - - mount_path: /tmp/secret/hive-aws-creds + - mount_path: /tmp/hivesecret/hive-aws-creds name: hive-aws-creds namespace: test-credentials - - mount_path: /tmp/secret/pull-secret + - mount_path: /tmp/hivesecret/pull-secret name: ci-pull-credentials namespace: test-credentials dependencies: @@ -176,7 +168,7 @@ tests: resources: requests: cpu: 100m - workflow: generic-claim + workflow: hypershift-hostedcluster-workflow - as: e2e-gcp optional: true run_if_changed: gcp diff --git a/ci-operator/jobs/openshift/hive/openshift-hive-master-presubmits.yaml b/ci-operator/jobs/openshift/hive/openshift-hive-master-presubmits.yaml index 02945f8a4179f..24387690c1936 100644 --- a/ci-operator/jobs/openshift/hive/openshift-hive-master-presubmits.yaml +++ b/ci-operator/jobs/openshift/hive/openshift-hive-master-presubmits.yaml @@ -286,12 +286,14 @@ presubmits: branches: - ^master$ - ^master- - cluster: build05 + cluster: build03 context: ci/prow/e2e-pool decorate: true decoration_config: skip_cloning: true labels: + ci-operator.openshift.io/cloud: aws + ci-operator.openshift.io/cloud-cluster-profile: aws-2 ci.openshift.io/generator: prowgen job-release: "4.13" pj-rehearse.openshift.io/can-be-rehearsed: "true" @@ -302,10 +304,11 @@ presubmits: containers: - args: - --gcs-upload-secret=/secrets/gcs/service-account.json - - --hive-kubeconfig=/secrets/hive-hive-credentials/kubeconfig - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials - --report-credentials-file=/etc/report/credentials - --secret-dir=/secrets/ci-pull-credentials + - --secret-dir=/usr/local/e2e-pool-cluster-profile - --target=e2e-pool command: - ci-operator @@ -316,15 +319,17 @@ presubmits: requests: cpu: 10m volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true - mountPath: /secrets/ci-pull-credentials name: ci-pull-credentials readOnly: true + - mountPath: /usr/local/e2e-pool-cluster-profile + name: cluster-profile - mountPath: /secrets/gcs name: gcs-credentials readOnly: true - - mountPath: /secrets/hive-hive-credentials - name: hive-hive-credentials - readOnly: true - mountPath: /etc/pull-secret name: pull-secret readOnly: true @@ -333,12 +338,18 @@ presubmits: readOnly: true serviceAccountName: ci-operator volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials - name: ci-pull-credentials secret: secretName: ci-pull-credentials - - name: hive-hive-credentials + - name: cluster-profile secret: - secretName: hive-hive-credentials + secretName: cluster-secrets-aws-2 - name: pull-secret secret: secretName: registry-pull-credentials @@ -347,7 +358,7 @@ presubmits: secretName: result-aggregator trigger: (?m)^/test( | .* )e2e-pool,?($|\s.*) - agent: kubernetes - always_run: false + always_run: true branches: - ^master$ - ^master- @@ -362,7 +373,6 @@ presubmits: pj-rehearse.openshift.io/can-be-rehearsed: "true" name: pull-ci-openshift-hive-master-images rerun_command: /test images - skip_if_only_changed: ^docs/|\.md$|^(?:.*/)?(?:\.gitignore|OWNERS|PROJECT|LICENSE)$ spec: containers: - args: