From 10c33968f00bedf67b19e3578d1fc528109a6b72 Mon Sep 17 00:00:00 2001 From: Marco Braga Date: Thu, 29 Aug 2024 21:41:42 -0300 Subject: [PATCH] OCPBUGS-36293? installer/presubmit: add aws job to disalbe BYO IP Introduce a periodic on installer to force disable the step config of BYO Public IPv4 Pool on install-config.yaml. This new job is optional and can be used to validate the variant of an installation without BYO Public IPv4 configuration on CAPA - the default CI AWS workflows are enforcing Public IPv4 to save costs of IPv4 charges. --- .../installer/openshift-installer-master.yaml | 21 ++ .../openshift-installer-master__altinfra.yaml | 17 -- ...openshift-installer-master-presubmits.yaml | 245 ++++++++++++------ 3 files changed, 183 insertions(+), 100 deletions(-) diff --git a/ci-operator/config/openshift/installer/openshift-installer-master.yaml b/ci-operator/config/openshift/installer/openshift-installer-master.yaml index 49343a330bbf8..6d6c04e350eb6 100644 --- a/ci-operator/config/openshift/installer/openshift-installer-master.yaml +++ b/ci-operator/config/openshift/installer/openshift-installer-master.yaml @@ -1046,6 +1046,27 @@ tests: and configmaps into the build pod workflow: openshift-e2e-gcp-ovn timeout: 6h0m0s +- always_run: false + as: e2e-aws-ovn-public-ipv4-pool + optional: true + steps: + cluster_profile: aws + env: + AWS_PUBLIC_IPV4_POOL_ID: ipv4pool-ec2-0768267342e327ea9 + leases: + - env: LEASED_RESOURCE + resource_type: aws-3-quota-slice + workflow: openshift-e2e-aws + timeout: 6h0m0s +- always_run: false + as: e2e-aws-ovn-public-ipv4-pool-disabled + optional: true + steps: + cluster_profile: aws + env: + AWS_PUBLIC_IPV4_POOL_ID: none + workflow: openshift-e2e-aws + timeout: 6h0m0s zz_generated_metadata: branch: master org: openshift diff --git a/ci-operator/config/openshift/installer/openshift-installer-master__altinfra.yaml b/ci-operator/config/openshift/installer/openshift-installer-master__altinfra.yaml index 6413da7e65431..488f0a4e70543 100644 --- a/ci-operator/config/openshift/installer/openshift-installer-master__altinfra.yaml +++ b/ci-operator/config/openshift/installer/openshift-installer-master__altinfra.yaml @@ -146,23 +146,6 @@ tests: FEATURE_SET: CustomNoUpgrade workflow: openshift-e2e-aws-proxy timeout: 6h0m0s -- always_run: false - as: e2e-aws-ovn-public-ipv4-pool - optional: true - steps: - cluster_profile: aws - env: - FEATURE_GATES: '["ClusterAPIInstall=true"]' - FEATURE_SET: CustomNoUpgrade - USER_TAGS: | - keyA valueA - keyB valueB - keyC valueC - leases: - - env: LEASED_RESOURCE - resource_type: aws-3-quota-slice - workflow: openshift-e2e-aws - timeout: 6h0m0s - always_run: false as: e2e-aws-ovn-shared-vpc optional: true diff --git a/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml b/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml index 976d877afe0cc..e14cb1f79cb11 100644 --- a/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml +++ b/ci-operator/jobs/openshift/installer/openshift-installer-master-presubmits.yaml @@ -499,89 +499,6 @@ presubmits: secret: secretName: result-aggregator trigger: (?m)^/test( | .* )altinfra-e2e-aws-ovn-proxy,?($|\s.*) - - agent: kubernetes - always_run: false - branches: - - ^master$ - - ^master- - cluster: build05 - context: ci/prow/altinfra-e2e-aws-ovn-public-ipv4-pool - decorate: true - decoration_config: - timeout: 6h0m0s - labels: - ci-operator.openshift.io/cloud: aws - ci-operator.openshift.io/cloud-cluster-profile: aws - ci-operator.openshift.io/variant: altinfra - ci.openshift.io/generator: prowgen - pj-rehearse.openshift.io/can-be-rehearsed: "true" - name: pull-ci-openshift-installer-master-altinfra-e2e-aws-ovn-public-ipv4-pool - optional: true - rerun_command: /test altinfra-e2e-aws-ovn-public-ipv4-pool - spec: - containers: - - args: - - --gcs-upload-secret=/secrets/gcs/service-account.json - - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson - - --lease-server-credentials-file=/etc/boskos/credentials - - --report-credentials-file=/etc/report/credentials - - --secret-dir=/secrets/ci-pull-credentials - - --secret-dir=/usr/local/e2e-aws-ovn-public-ipv4-pool-cluster-profile - - --target=e2e-aws-ovn-public-ipv4-pool - - --variant=altinfra - command: - - ci-operator - image: ci-operator:latest - imagePullPolicy: Always - name: "" - resources: - requests: - cpu: 10m - volumeMounts: - - mountPath: /etc/boskos - name: boskos - readOnly: true - - mountPath: /secrets/ci-pull-credentials - name: ci-pull-credentials - readOnly: true - - mountPath: /usr/local/e2e-aws-ovn-public-ipv4-pool-cluster-profile - name: cluster-profile - - mountPath: /secrets/gcs - name: gcs-credentials - readOnly: true - - mountPath: /secrets/manifest-tool - name: manifest-tool-local-pusher - readOnly: true - - mountPath: /etc/pull-secret - name: pull-secret - readOnly: true - - mountPath: /etc/report - name: result-aggregator - readOnly: true - serviceAccountName: ci-operator - volumes: - - name: boskos - secret: - items: - - key: credentials - path: credentials - secretName: boskos-credentials - - name: ci-pull-credentials - secret: - secretName: ci-pull-credentials - - name: cluster-profile - secret: - secretName: cluster-secrets-aws - - name: manifest-tool-local-pusher - secret: - secretName: manifest-tool-local-pusher - - name: pull-secret - secret: - secretName: registry-pull-credentials - - name: result-aggregator - secret: - secretName: result-aggregator - trigger: (?m)^/test( | .* )altinfra-e2e-aws-ovn-public-ipv4-pool,?($|\s.*) - agent: kubernetes always_run: false branches: @@ -4261,6 +4178,168 @@ presubmits: secret: secretName: result-aggregator trigger: (?m)^/test( | .* )e2e-aws-ovn-proxy,?($|\s.*) + - agent: kubernetes + always_run: false + branches: + - ^master$ + - ^master- + cluster: build05 + context: ci/prow/e2e-aws-ovn-public-ipv4-pool + decorate: true + decoration_config: + timeout: 6h0m0s + labels: + ci-operator.openshift.io/cloud: aws + ci-operator.openshift.io/cloud-cluster-profile: aws + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: pull-ci-openshift-installer-master-e2e-aws-ovn-public-ipv4-pool + optional: true + rerun_command: /test e2e-aws-ovn-public-ipv4-pool + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --secret-dir=/usr/local/e2e-aws-ovn-public-ipv4-pool-cluster-profile + - --target=e2e-aws-ovn-public-ipv4-pool + command: + - ci-operator + image: ci-operator:latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /usr/local/e2e-aws-ovn-public-ipv4-pool-cluster-profile + name: cluster-profile + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: cluster-profile + secret: + secretName: cluster-secrets-aws + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator + trigger: (?m)^/test( | .* )e2e-aws-ovn-public-ipv4-pool,?($|\s.*) + - agent: kubernetes + always_run: false + branches: + - ^master$ + - ^master- + cluster: build05 + context: ci/prow/e2e-aws-ovn-public-ipv4-pool-disabled + decorate: true + decoration_config: + timeout: 6h0m0s + labels: + ci-operator.openshift.io/cloud: aws + ci-operator.openshift.io/cloud-cluster-profile: aws + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: pull-ci-openshift-installer-master-e2e-aws-ovn-public-ipv4-pool-disabled + optional: true + rerun_command: /test e2e-aws-ovn-public-ipv4-pool-disabled + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --secret-dir=/usr/local/e2e-aws-ovn-public-ipv4-pool-disabled-cluster-profile + - --target=e2e-aws-ovn-public-ipv4-pool-disabled + command: + - ci-operator + image: ci-operator:latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /usr/local/e2e-aws-ovn-public-ipv4-pool-disabled-cluster-profile + name: cluster-profile + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: cluster-profile + secret: + secretName: cluster-secrets-aws + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator + trigger: (?m)^/test( | .* )e2e-aws-ovn-public-ipv4-pool-disabled,?($|\s.*) - agent: kubernetes always_run: false branches: