From d9428224eacd970daad81470e41f1347bf0ccdb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Fri, 8 Sep 2023 08:45:04 +0200 Subject: [PATCH 01/12] adds cluster-inventory build and pull jobs --- .../cluster-inventory/cluster-inventory.yaml | 105 ++++++++++++++++++ templates/data/cluster-inventory-data.yaml | 43 +++++++ 2 files changed, 148 insertions(+) create mode 100644 prow/jobs/cluster-inventory/cluster-inventory.yaml create mode 100644 templates/data/cluster-inventory-data.yaml diff --git a/prow/jobs/cluster-inventory/cluster-inventory.yaml b/prow/jobs/cluster-inventory/cluster-inventory.yaml new file mode 100644 index 000000000000..a78d6aaa56c0 --- /dev/null +++ b/prow/jobs/cluster-inventory/cluster-inventory.yaml @@ -0,0 +1,105 @@ +# Code generated by rendertemplates. DO NOT EDIT. + + +presubmits: # runs on PRs + kyma-project/cluster-inventory: + - name: pull-cluster-inventory-build + annotations: + description: "run cluster-inventory build" + owner: "framefrog" + labels: + prow.k8s.io/pubsub.project: "sap-kyma-prow" + prow.k8s.io/pubsub.runID: "pull-cluster-inventory-build" + prow.k8s.io/pubsub.topic: "prowjobs" + preset-sa-kyma-push-images: "true" + always_run: true + skip_report: false + decorate: true + cluster: untrusted-workload + max_concurrency: 10 + spec: + containers: + - image: "eu.gcr.io/sap-kyma-neighbors-dev/image-builder:v20230313-8dfce5f0b" + securityContext: + privileged: false + seccompProfile: + type: RuntimeDefault + allowPrivilegeEscalation: false + command: + - "/image-builder" + args: + - "--name=cluster-inventory" + - "--config=/config/kaniko-build-config.yaml" + - "--dockerfile=Dockerfile" + resources: + requests: + memory: 1.5Gi + cpu: 1 + volumeMounts: + - name: config + mountPath: /config + readOnly: true + - name: signify-secret + mountPath: /secret + readOnly: true + volumes: + - name: config + configMap: + name: kaniko-build-config + - name: signify-secret + secret: + secretName: signify-dev-secret + +postsubmits: # runs on main + kyma-project/cluster-inventory: + - name: main-cluster-inventory-build + annotations: + description: "build cluster-inventory" + owner: "framefrog" + labels: + prow.k8s.io/pubsub.project: "sap-kyma-prow" + prow.k8s.io/pubsub.runID: "main-cluster-inventory-build" + prow.k8s.io/pubsub.topic: "prowjobs" + preset-sa-kyma-push-images: "true" + preset-signify-prod-secret: "true" + always_run: true + skip_report: false + decorate: true + cluster: trusted-workload + max_concurrency: 10 + branches: + - ^main$ + spec: + containers: + - image: "eu.gcr.io/sap-kyma-neighbors-dev/image-builder:v20230313-8dfce5f0b" + securityContext: + privileged: false + seccompProfile: + type: RuntimeDefault + allowPrivilegeEscalation: false + command: + - "/image-builder" + args: + - "--name=cluster-inventory" + - "--config=/config/kaniko-build-config.yaml" + - "--dockerfile=Dockerfile" + - "--tag=latest" + resources: + requests: + memory: 1.5Gi + cpu: 1 + volumeMounts: + - name: config + mountPath: /config + readOnly: true + - name: signify-secret + mountPath: /secret + readOnly: true + volumes: + - name: config + configMap: + name: kaniko-build-config + - name: signify-secret + secret: + secretName: signify-dev-secret + \ No newline at end of file diff --git a/templates/data/cluster-inventory-data.yaml b/templates/data/cluster-inventory-data.yaml new file mode 100644 index 000000000000..8e0bd66f5dd8 --- /dev/null +++ b/templates/data/cluster-inventory-data.yaml @@ -0,0 +1,43 @@ +templates: + - from: generic.tmpl + render: + - to: ../../prow/jobs/cluster-inventory/cluster-inventory.yaml + localSets: + jobConfig_default: + imagePullPolicy: "Always" + jobConfigs: + - repoName: kyma-project/cluster-inventory + jobs: + - jobConfig: + name: pull-cluster-inventory-build + annotations: + owner: framefrog + description: run cluster-inventory build + always_run: true + args: + - "--name=cluster-inventory" + - "--config=/config/kaniko-build-config.yaml" + - "--dockerfile=Dockerfile" + inheritedConfigs: + global: + - kaniko_buildpack + - jobConfig_presubmit + - jobConfig: + name: main-cluster-inventory-build + annotations: + owner: framefrog + description: build cluster-inventory + labels: + preset-signify-prod-secret: "true" + branches: + - ^main$ # any pr against main triggers this + always_run: true + args: + - "--name=cluster-inventory" + - "--config=/config/kaniko-build-config.yaml" + - "--dockerfile=Dockerfile" + - "--tag=latest" + inheritedConfigs: + global: + - kaniko_buildpack + - jobConfig_postsubmit From 1176180c435a34491aa438814f6c796b1b0964da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 09:09:31 +0200 Subject: [PATCH 02/12] adds pjtester --- pjtester.yaml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 pjtester.yaml diff --git a/pjtester.yaml b/pjtester.yaml new file mode 100644 index 000000000000..627a79094169 --- /dev/null +++ b/pjtester.yaml @@ -0,0 +1,5 @@ +pjConfigs: + prowJobs: + kyma-project: + cluster-inventory: + - pjName: "main-cluster-inventory-build" From 1999607f90ce5262097fa49340204db394eedd72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 09:10:23 +0200 Subject: [PATCH 03/12] moves pjtester to vpath directory --- pjtester.yaml => vpath/pjtester.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename pjtester.yaml => vpath/pjtester.yaml (100%) diff --git a/pjtester.yaml b/vpath/pjtester.yaml similarity index 100% rename from pjtester.yaml rename to vpath/pjtester.yaml From 04ae9fb08c74d0175a85e333c3193739824bf569 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 09:24:23 +0200 Subject: [PATCH 04/12] pjtester indentation + second job --- vpath/pjtester.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vpath/pjtester.yaml b/vpath/pjtester.yaml index 627a79094169..1933d75748bb 100644 --- a/vpath/pjtester.yaml +++ b/vpath/pjtester.yaml @@ -1,5 +1,5 @@ -pjConfigs: prowJobs: kyma-project: cluster-inventory: - - pjName: "main-cluster-inventory-build" + - pjName: "main-cluster-inventory-build" + - pjName: "pull-cluster-inventory-build" From fd8c956db190767ed4e9e424991c38097159f794 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 09:29:47 +0200 Subject: [PATCH 05/12] fixes pjtester --- vpath/pjtester.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/vpath/pjtester.yaml b/vpath/pjtester.yaml index 1933d75748bb..ab291e2974de 100644 --- a/vpath/pjtester.yaml +++ b/vpath/pjtester.yaml @@ -1,3 +1,4 @@ +pjConfigs: prowJobs: kyma-project: cluster-inventory: From a20cf26dcbb321f9a1ef6028e7f5e9ec691c1635 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 10:19:29 +0200 Subject: [PATCH 06/12] adds prNumber:23 --- vpath/pjtester.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/vpath/pjtester.yaml b/vpath/pjtester.yaml index ab291e2974de..203c1cde4fc4 100644 --- a/vpath/pjtester.yaml +++ b/vpath/pjtester.yaml @@ -1,4 +1,8 @@ pjConfigs: + prConfig: + kyma-project: + cluster-inventory: + prNumber: 23 prowJobs: kyma-project: cluster-inventory: From 782baed2bc9077cf952202699bf610fea7edb959 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 10:31:29 +0200 Subject: [PATCH 07/12] pjtester - move prConfigs outside of pjConfigs --- vpath/pjtester.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vpath/pjtester.yaml b/vpath/pjtester.yaml index 203c1cde4fc4..6d71adaf8050 100644 --- a/vpath/pjtester.yaml +++ b/vpath/pjtester.yaml @@ -1,10 +1,10 @@ pjConfigs: - prConfig: - kyma-project: - cluster-inventory: - prNumber: 23 prowJobs: kyma-project: cluster-inventory: - pjName: "main-cluster-inventory-build" - pjName: "pull-cluster-inventory-build" +prConfigs: + kyma-project: + cluster-inventory: + prNumber: 23 From ae2d52aeacac70a15070b3505a5d6e3676fe88d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 12:51:24 +0200 Subject: [PATCH 08/12] sets preset-signify-prod-secret to false for pjtester --- templates/data/cluster-inventory-data.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/data/cluster-inventory-data.yaml b/templates/data/cluster-inventory-data.yaml index 8e0bd66f5dd8..9d522fffdc07 100644 --- a/templates/data/cluster-inventory-data.yaml +++ b/templates/data/cluster-inventory-data.yaml @@ -28,7 +28,7 @@ templates: owner: framefrog description: build cluster-inventory labels: - preset-signify-prod-secret: "true" + preset-signify-prod-secret: "false" branches: - ^main$ # any pr against main triggers this always_run: true From e8c1637e3a3fb3a05cad92d1384b7c51d7a83322 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 13:48:57 +0200 Subject: [PATCH 09/12] make jobs after the previous change --- prow/jobs/cluster-inventory/cluster-inventory.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prow/jobs/cluster-inventory/cluster-inventory.yaml b/prow/jobs/cluster-inventory/cluster-inventory.yaml index a78d6aaa56c0..3480913edc11 100644 --- a/prow/jobs/cluster-inventory/cluster-inventory.yaml +++ b/prow/jobs/cluster-inventory/cluster-inventory.yaml @@ -61,7 +61,7 @@ postsubmits: # runs on main prow.k8s.io/pubsub.runID: "main-cluster-inventory-build" prow.k8s.io/pubsub.topic: "prowjobs" preset-sa-kyma-push-images: "true" - preset-signify-prod-secret: "true" + preset-signify-prod-secret: "false" always_run: true skip_report: false decorate: true From b376ade03089c0ea6915ad9800e4432e898a2163 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 15:24:35 +0200 Subject: [PATCH 10/12] switches to presubmit in order to be able to test the job with pjtester --- prow/jobs/cluster-inventory/cluster-inventory.yaml | 5 +---- templates/data/cluster-inventory-data.yaml | 4 ++-- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/prow/jobs/cluster-inventory/cluster-inventory.yaml b/prow/jobs/cluster-inventory/cluster-inventory.yaml index 3480913edc11..acf6abf4f8e3 100644 --- a/prow/jobs/cluster-inventory/cluster-inventory.yaml +++ b/prow/jobs/cluster-inventory/cluster-inventory.yaml @@ -49,9 +49,6 @@ presubmits: # runs on PRs - name: signify-secret secret: secretName: signify-dev-secret - -postsubmits: # runs on main - kyma-project/cluster-inventory: - name: main-cluster-inventory-build annotations: description: "build cluster-inventory" @@ -65,7 +62,7 @@ postsubmits: # runs on main always_run: true skip_report: false decorate: true - cluster: trusted-workload + cluster: untrusted-workload max_concurrency: 10 branches: - ^main$ diff --git a/templates/data/cluster-inventory-data.yaml b/templates/data/cluster-inventory-data.yaml index 9d522fffdc07..942fe40a21db 100644 --- a/templates/data/cluster-inventory-data.yaml +++ b/templates/data/cluster-inventory-data.yaml @@ -28,7 +28,7 @@ templates: owner: framefrog description: build cluster-inventory labels: - preset-signify-prod-secret: "false" + preset-signify-prod-secret: "false" #TODO: change to "true" after finishing tests with pjTester branches: - ^main$ # any pr against main triggers this always_run: true @@ -40,4 +40,4 @@ templates: inheritedConfigs: global: - kaniko_buildpack - - jobConfig_postsubmit + - jobConfig_presubmit #TODO: change to "postsubmit" after finishing tests with pjTester From d95d056616ff577ddfd36e9d6f4ae83ddb8c6472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 15:47:23 +0200 Subject: [PATCH 11/12] reverts hacks done for the sake of pjtester --- prow/jobs/cluster-inventory/cluster-inventory.yaml | 7 +++++-- templates/data/cluster-inventory-data.yaml | 4 ++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/prow/jobs/cluster-inventory/cluster-inventory.yaml b/prow/jobs/cluster-inventory/cluster-inventory.yaml index acf6abf4f8e3..a78d6aaa56c0 100644 --- a/prow/jobs/cluster-inventory/cluster-inventory.yaml +++ b/prow/jobs/cluster-inventory/cluster-inventory.yaml @@ -49,6 +49,9 @@ presubmits: # runs on PRs - name: signify-secret secret: secretName: signify-dev-secret + +postsubmits: # runs on main + kyma-project/cluster-inventory: - name: main-cluster-inventory-build annotations: description: "build cluster-inventory" @@ -58,11 +61,11 @@ presubmits: # runs on PRs prow.k8s.io/pubsub.runID: "main-cluster-inventory-build" prow.k8s.io/pubsub.topic: "prowjobs" preset-sa-kyma-push-images: "true" - preset-signify-prod-secret: "false" + preset-signify-prod-secret: "true" always_run: true skip_report: false decorate: true - cluster: untrusted-workload + cluster: trusted-workload max_concurrency: 10 branches: - ^main$ diff --git a/templates/data/cluster-inventory-data.yaml b/templates/data/cluster-inventory-data.yaml index 942fe40a21db..8e0bd66f5dd8 100644 --- a/templates/data/cluster-inventory-data.yaml +++ b/templates/data/cluster-inventory-data.yaml @@ -28,7 +28,7 @@ templates: owner: framefrog description: build cluster-inventory labels: - preset-signify-prod-secret: "false" #TODO: change to "true" after finishing tests with pjTester + preset-signify-prod-secret: "true" branches: - ^main$ # any pr against main triggers this always_run: true @@ -40,4 +40,4 @@ templates: inheritedConfigs: global: - kaniko_buildpack - - jobConfig_presubmit #TODO: change to "postsubmit" after finishing tests with pjTester + - jobConfig_postsubmit From bb5a201dd6d990cbfc34574ae8eb99ee8f93e92c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Drzewiecki?= Date: Mon, 11 Sep 2023 15:47:47 +0200 Subject: [PATCH 12/12] removes pjtester --- vpath/pjtester.yaml | 10 ---------- 1 file changed, 10 deletions(-) delete mode 100644 vpath/pjtester.yaml diff --git a/vpath/pjtester.yaml b/vpath/pjtester.yaml deleted file mode 100644 index 6d71adaf8050..000000000000 --- a/vpath/pjtester.yaml +++ /dev/null @@ -1,10 +0,0 @@ -pjConfigs: - prowJobs: - kyma-project: - cluster-inventory: - - pjName: "main-cluster-inventory-build" - - pjName: "pull-cluster-inventory-build" -prConfigs: - kyma-project: - cluster-inventory: - prNumber: 23