New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WIP] OCPCLOUD-2558: Support external cloud authentication providers #28774
base: master
Are you sure you want to change the base?
Conversation
@sunzhaohua2: This pull request references OCPCLOUD-2558 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "4.16.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: sunzhaohua2 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
defer iamClient.DetachRolePolicy(roleName, policyArn) | ||
|
||
g.By("Create a new app using the image on ECR") | ||
err = oc.AsAdmin().WithoutNamespace().Run("new-app").Args("--name=hello-ecr", "--image=301721915996.dkr.ecr."+region+".amazonaws.com/hello-ecr:latest", "--allow-missing-images", "-n", oc.Namespace()).Execute() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to upload an image to the CI account for this test right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes, need to upload an image to the CI account, do you know who we should contact?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should contact #forum-ocp-testplatform and ask if they can help with this
exutil.SkipTestIfSupportedPlatformNotMatched(oc, "gcp") | ||
|
||
g.By("Create a new app using the image on GCR") | ||
err := oc.AsAdmin().WithoutNamespace().Run("new-app").Args("--name=hello-gcr", "--image=gcr.io/openshift-qe/hello-gcr:latest", "--allow-missing-images", "-n", oc.Namespace()).Execute() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can the CI nodes pull this or do we need to upload something to the CI account?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
roleAssignmentName, scope = exutil.GrantRoleToPrincipalIDByResourceGroup(az, principalId, "os4-common", "7f951dda-4ed3-4680-a7ca-43fe172d538d") | ||
|
||
g.By("Create a new app using the image on ACR") | ||
err = oc.AsAdmin().WithoutNamespace().Run("new-app").Args("--name=hello-acr", "--image=zhsunregistry.azurecr.io/hello-acr:latest", "--allow-missing-images", "-n", oc.Namespace()).Execute() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As with others, do we need to upload something?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can't see the new tests in the JUnit output, are they showing for you? |
Seems need to run
|
Great, can see now that the test is failing, so lets try to get the images uploaded so we can get this to pass, thanks! |
g.By("Wait the pod to be running") | ||
ecrPodLabel := exutil.ParseLabelsOrDie("deployment=hello-ecr") | ||
_, err = exutil.WaitForPods(oc.KubeClient().CoreV1().Pods(oc.Namespace()), ecrPodLabel, exutil.CheckPodIsRunning, 1, 4*time.Minute) | ||
o.Expect(err).NotTo(o.HaveOccurred()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might be useful to add additional error detail when these errors are checked, something like below might help
o.Expect(err).NotTo(o.HaveOccurred()) | |
o.Expect(err).NotTo(o.HaveOccurred(), "ECR private image pod was not running after 4 minutes") |
asked here https://redhat-internal.slack.com/archives/CBN38N3MW/p1715133269211149 |
cc5b585
to
52c34a9
Compare
Job Failure Risk Analysis for sha: 52c34a9
|
@sunzhaohua2: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
/test e2e-gcp-fips-serial |
52c34a9
to
ea95b62
Compare
Job Failure Risk Analysis for sha: ea95b62
|
ea95b62
to
8f4fa63
Compare
/test e2e-azure-fips-serial |
@sunzhaohua2: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
/payload-job periodic-ci-openshift-release-master-ci-4.17-e2e-azure-ovn-serial |
@JoelSpeed: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/06908cd0-174a-11ef-9adf-a5c46a74c547-0 |
Job Failure Risk Analysis for sha: 8f4fa63
|
8f4fa63
to
7e362f5
Compare
/payload-job periodic-ci-openshift-release-master-nightly-4.17-e2e-gcp-ovn-serial |
@sunzhaohua2: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/2b85aa90-17e3-11ef-8a5a-54c02cf856df-0 |
Job Failure Risk Analysis for sha: 7e362f5
|
/payload-job periodic-ci-openshift-release-master-nightly-4.17-e2e-aws-ovn-serial |
@sunzhaohua2: trigger 1 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/9e14bdf0-1804-11ef-8b77-f885f8f851e4-0 |
7e362f5
to
4c2c273
Compare
/retest |
Job Failure Risk Analysis for sha: 4c2c273
|
@sunzhaohua2: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Local test result:
AWS
GCP
Azure