Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding preset to use Azure resources, moving 2022 master job to azure #32998

Merged
merged 1 commit into from
Jul 17, 2024
Merged

Adding preset to use Azure resources, moving 2022 master job to azure #32998

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions ...g/jobs/kubernetes-sigs/cluster-api-provider-azure/cluster-api-provider-azure-presets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,3 +38,33 @@ presets:
- mountPath: /var/run/secrets/azure-token/serviceaccount
name: azure-token
readOnly: true
- labels:
preset-azure-community: "true"
env: # below env values are not secrets
- name: AZURE_CLIENT_IDs
value: "34d8e06d-d198-477e-b166-6936e58d90ae"
- name: AZURE_SUBSCRIPTION_ID
value: "46678f10-4bbb-447e-98e8-d2829589f2d8"
- name: AZURE_TENANT_ID
value: "d1aa7522-0959-442e-80ee-8c4f7fb4c184"
- name: AZURE_FEDERATED_TOKEN_FILE
value: "/var/run/secrets/azure-token/serviceaccount/token"
- name: AZURE_STORAGE_ACCOUNT
value: "k8sprowstoragecomm"
- name: REGISTRY
value: "capzcicommunity.azurecr.io"
- name: USE_LOCAL_KIND_REGISTRY
value: "false"
volumes:
- name: azure-token
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 86400
path: token
audience: api://AzureADTokenExchange
volumeMounts:
- mountPath: /var/run/secrets/azure-token/serviceaccount
name: azure-token
readOnly: true
14 changes: 1 addition & 13 deletions config/jobs/kubernetes-sigs/sig-windows/release-master-windows-presubmits.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -424,6 +424,7 @@ presubmits:
preset-capz-windows-common: "true"
preset-capz-containerd-1-7-latest: "true"
preset-capz-windows-2022: "true"
preset-azure-community: "true"
extra_refs:
- org: kubernetes-sigs
repo: cluster-api-provider-azure
Expand Down Expand Up @@ -455,19 +456,6 @@ presubmits:
env:
- name: GINKGO_FOCUS
value: \[sig-windows\] # run just a subset to speed up testing time
volumeMounts:
- mountPath: /var/run/secrets/azure-token/serviceaccount
name: azure-token
readOnly: true
volumes:
- name: azure-token
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 86400
path: token
audience: api://AzureADTokenExchange
annotations:
testgrid-dashboards: sig-windows-presubmit
testgrid-tab-name: pull-e2e-capz-windows-extension-community
Expand Down
9 changes: 5 additions & 4 deletions config/jobs/kubernetes-sigs/sig-windows/release-master-windows.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -230,18 +230,17 @@ periodics:
testgrid-dashboards: sig-windows-master-release, sig-windows-signal
testgrid-tab-name: capz-windows-containerd-master-serial-slow-hpa
- name: ci-kubernetes-e2e-capz-master-windows-2022
cluster: k8s-infra-prow-build
interval: 3h
decorate: true
decoration_config:
timeout: 4h
labels:
preset-dind-enabled: "true"
preset-kind-volume-mounts: "true"
preset-azure-cred-wi: "true"
preset-azure-anonymous-pull: "true" # Sets REGISTRY which is needed when building CCM/CNM images
preset-azure-community: "true"
preset-capz-windows-common: "true"
preset-capz-containerd-1-7-latest: "true"
preset-windows-private-registry-cred: "true"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a note this will break the test Kubernetes e2e suite.[It] [sig-node] Container Runtime blackbox test when running a container with a new image should be able to pull from private registry with secret [NodeConformance] we are tracking fixing this in kubernetes-sigs/windows-testing#446

preset-capz-windows-2022: "true"
extra_refs:
- org: kubernetes-sigs
Expand All @@ -259,7 +258,6 @@ periodics:
path_alias: sigs.k8s.io/cloud-provider-azure
workdir: false
spec:
serviceAccountName: prowjob-default-sa
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What was the reasoning behind dropping this? We dont need this anymore?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understood we only needed this to "simulate" the community infra service account config, and once we migrated this is the configuration we will expect by default.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its not needed in the community cluster, the default service account will work

containers:
- image: gcr.io/k8s-staging-test-infra/kubekins-e2e:v20240705-131cd74733-master
command:
Expand All @@ -273,6 +271,9 @@ periodics:
requests:
cpu: 2
memory: "9Gi"
limits:
cpu: 2
memory: "9Gi"
annotations:
testgrid-alert-email: kubernetes-provider-azure@googlegroups.com, sig-windows-leads@kubernetes.io
testgrid-dashboards: sig-windows-master-release
Expand Down