From 5a8ba720243db873c902ae22b885d90578dcc1d8 Mon Sep 17 00:00:00 2001 From: Rita Zhang Date: Sun, 3 Feb 2019 11:08:37 -0800 Subject: [PATCH] Add pull-kubernetes-e2e-aks-engine-azure job to testgrid (#11017) * Add pull-kubernetes-e2e-aks-engine-azure to testgrid * Address review comments * Update generated-security-job * Add job to nonblocking tab --- .../generated-security-jobs.yaml | 62 ++++++++++++++++ config/jobs/kubernetes/sig-azure/OWNERS | 6 ++ .../sig-azure/sig-azure-config.yaml | 70 +++++++++++++++++++ gubernator/config.yaml | 1 + testgrid/config.yaml | 9 +++ 5 files changed, 148 insertions(+) create mode 100644 config/jobs/kubernetes/sig-azure/OWNERS create mode 100644 config/jobs/kubernetes/sig-azure/sig-azure-config.yaml diff --git a/config/jobs/kubernetes-security/generated-security-jobs.yaml b/config/jobs/kubernetes-security/generated-security-jobs.yaml index 4704734b1ac6..82ea899291dd 100644 --- a/config/jobs/kubernetes-security/generated-security-jobs.yaml +++ b/config/jobs/kubernetes-security/generated-security-jobs.yaml @@ -353,6 +353,68 @@ presubmits: defaultMode: 256 secretName: ssh-security trigger: (?m)^/test( | .* )pull-security-kubernetes-e2e-kops-aws,?($|\s.*) + - agent: kubernetes + always_run: false + branches: + - master + cluster: security + context: pull-security-kubernetes-e2e-aks-engine-azure + labels: + preset-azure-cred: "true" + preset-dind-enabled: "true" + preset-service-account: "true" + name: pull-security-kubernetes-e2e-aks-engine-azure + optional: true + rerun_command: /test pull-security-kubernetes-e2e-aks-engine-azure + spec: + containers: + - args: + - --ssh=/etc/ssh-security/ssh-security + - --job=$(JOB_NAME) + - --root=/go/src + - --service-account=/etc/service-account/service-account.json + - --repo=github.com/kubernetes-security/kubernetes=$(PULL_REFS) + - --upload=gs://kubernetes-security-prow/pr-logs + - --timeout=460 + - --scenario=kubernetes_e2e + - -- + - --gce-ssh= + - --test=true + - --up=true + - --down=true + - --deployment=acsengine + - --build=bazel + - --provider=skeleton + - --stage=gs://kubernetes-release-pull/ci/pull-kubernetes-e2e-aks-engine-azure + - --ginkgo-parallel=30 + - --acsengine-agentpoolcount=3 + - --acsengine-admin-username=azureuser + - --acsengine-creds=$AZURE_CREDENTIALS + - --acsengine-orchestratorRelease=1.13 + - --acsengine-mastervmsize=Standard_DS2_v2 + - --acsengine-agentvmsize=Standard_DS2_v2 + - --acsengine-hyperkube=True + - --acsengine-location=centralus + - --acsengine-public-key=$AZURE_SSH_PUBLIC_KEY_FILE + - --acsengine-template-url=https://raw.githubusercontent.com/Azure/aks-engine/77bd48385ba12314f1d7df36b4e0b4d53ceac0a2/examples/kubernetes.json + - --acsengine-download-url=https://github.com/Azure/aks-engine/releases/download/v0.29.1/aks-engine-v0.29.1-linux-amd64.tar.gz + - --test_args=--ginkgo.focus=\[Conformance\]|\[NodeConformance\] --ginkgo.skip=\[sig-node\]\sMount\spropagation|\[sig-network\]\sNetwork\sshould\sset\sTCP\sCLOSE_WAIT\stimeout|\[sig-storage\]\sPersistentVolumes-local\sStress\swith\slocal\svolume\sprovisioner\s\[Serial\]\sshould\suse\sbe\sable\sto\sprocess\smany\spods\sand\sreuse\slocal\svolumes|should\sunmount\sif\spod\sis\sgracefully\sdeleted\swhile\skubelet\sis\sdown\s\[Disruptive\]\[Slow\]|should\sunmount\sif\spod\sis\sforce\sdeleted\swhile\skubelet\sis\sdown\s\[Disruptive\]\[Slow\]|\[sig-network\]\sServices\sshould\sbe\sable\sto\screate\sa\sfunctioning\sNodePort\sservice|\[sig-scheduling\]\sSchedulerPredicates\s\[Serial\]\svalidates\sMaxPods\slimit\snumber\sof\spods\sthat\sare\sallowed\sto\srun\s\[Slow\]|\[sig-storage\]\sDynamic\sProvisioning\sDynamicProvisioner\sDefault\sshould\screate\sand\sdelete\sdefault\spersistent\svolumes\s\[Slow\]|\[sig-storage\]\sDynamic\sProvisioning\sDynamicProvisioner\sshould\sprovision\sstorage\swith\sdifferent\sparameters|\[sig-storage\]\sDynamic\sProvisioning\sDynamicProvisioner\sshould\stest\sthat\sdeleting\sa\sclaim\sbefore\sthe\svolume\sis\sprovisioned\sdeletes\sthe\svolume.|\[sig-apps\]\sStatefulSet\s\[k8s.io\]\sBasic\sStatefulSet\sfunctionality\s\[StatefulSetBasic\]\sshould\sadopt\smatching\sorphans\sand\srelease\snon-matching\spods|\[sig-apps\]\sStatefulSet\s\[k8s.io\]\sBasic\sStatefulSet\sfunctionality\s\[StatefulSetBasic\]\sshould\snot\sdeadlock\swhen\sa\spod.s\spredecessor\sfails|\[sig-apps\]\sStatefulSet\s\[k8s.io\]\sBasic\sStatefulSet\sfunctionality\s\[StatefulSetBasic\]\sshould\sperform\srolling\supdates\sand\sroll\sbacks\sof\stemplate\smodifications\swith\sPVCs|\[sig-apps\]\sStatefulSet\s\[k8s.io\]\sBasic\sStatefulSet\sfunctionality\s\[StatefulSetBasic\]\sshould\sprovide\sbasic\sidentity|\[sig-storage\]\sPersistentVolumes\sDefault\sStorageClass\spods\sthat\suse\smultiple\svolumes\sshould\sbe\sreschedulable|\[sig-storage\]\sPVC\sProtection|\[sig-storage\]\sDynamic\sProvisioning\s\[k8s.io\]\sGlusterDynamicProvisioner|\[sig-storage\]\sVolumes\sAzure\sDisk\sshould\sbe\smountable\s\[Slow\]|\[sig-apps\]\sNetwork\sPartition\s\[Disruptive\]\s\[Slow\]|\[sig-network\]\sDNS\sconfigMap|\[k8s.io\]\s\[sig-node\]\sKubelet\s\[Serial\]\s\[Slow\]\s\[k8s.io\]\s\[sig-node\]\sregular\sresource\susage\stracking\sresource\stracking\sfor\s0\spods\sper\snode|\[k8s.io\]\s\[sig-node\]\sKubelet\s\[Serial\]\s\[Slow\]\s\[k8s.io\]\s\[sig-node\]\sregular\sresource\susage\stracking\sresource\stracking\sfor\s100\spods\sper\snode|Horizontal\spod\sautoscaling\s\(scale\sresource:\sCPU\)|\[sig-storage\]\sDynamic\sProvisioning\sDynamicProvisioner\sExternal\sshould\slet\san\sexternal\sdynamic\sprovisioner\screate\sand\sdelete\spersistent\svolumes\s\[Slow\]|ESIPP|\[sig-network\]\sServices\sshould\spreserve\ssource\spod\sIP\sfor\straffic\sthru\sservice\scluster\sIP|In-tree\sVolumes|PersistentVolumes-local|CSI\sVolumes|should\swrite\sentries\sto\s/etc/hosts|\[Slow\]|\[Serial\]|\[Disruptive\]|\[Flaky\]|\[Feature:.+\]|\[NodeFeature:.+\] + - --timeout=420m + - --stage=gs://kubernetes-security-prow/ci/pull-security-kubernetes-e2e-aks-engine-azure + image: gcr.io/k8s-testimages/kubekins-e2e:v20190129-fa5c18c02-master + name: "" + resources: {} + securityContext: + privileged: true + volumeMounts: + - mountPath: /etc/ssh-security + name: ssh-security + volumes: + - name: ssh-security + secret: + defaultMode: 256 + secretName: ssh-security + trigger: (?m)^/test( | .* )pull-security-kubernetes-e2e-aks-engine-azure,?($|\s.*) - agent: kubernetes always_run: false cluster: security diff --git a/config/jobs/kubernetes/sig-azure/OWNERS b/config/jobs/kubernetes/sig-azure/OWNERS new file mode 100644 index 000000000000..969ae65c600f --- /dev/null +++ b/config/jobs/kubernetes/sig-azure/OWNERS @@ -0,0 +1,6 @@ +approvers: +- andyzhangx +- brendandburns +- feiskyer +- karataliu +- khenidak diff --git a/config/jobs/kubernetes/sig-azure/sig-azure-config.yaml b/config/jobs/kubernetes/sig-azure/sig-azure-config.yaml new file mode 100644 index 000000000000..e394e68a683c --- /dev/null +++ b/config/jobs/kubernetes/sig-azure/sig-azure-config.yaml @@ -0,0 +1,70 @@ +presets: +- labels: + preset-azure-cred: "true" + env: + - name: AZURE_CREDENTIALS + value: /etc/azure-cred/credentials + - name: AZURE_SSH_PUBLIC_KEY_FILE + value: /etc/azure-ssh/azure-ssh-pub + volumes: + - name: azure-cred + secret: + secretName: azure-cred + - name: azure-ssh + secret: + secretName: azure-ssh + volumeMounts: + - name: azure-cred + mountPath: /etc/azure-cred + readOnly: true + - name: azure-ssh + mountPath: /etc/azure-ssh + readOnly: true + +presubmits: + kubernetes/kubernetes: + - name: pull-kubernetes-e2e-aks-engine-azure + always_run: false + optional: true + branches: + - master + labels: + preset-service-account: "true" + preset-azure-cred: "true" + preset-dind-enabled: "true" + spec: + containers: + - image: gcr.io/k8s-testimages/kubekins-e2e:v20190129-fa5c18c02-master + args: + - "--job=$(JOB_NAME)" + - "--root=/go/src" + - "--service-account=/etc/service-account/service-account.json" + - "--repo=k8s.io/kubernetes=$(PULL_REFS)" + - "--upload=gs://kubernetes-jenkins/pr-logs" + - "--timeout=460" + - "--scenario=kubernetes_e2e" + - -- + - "--gce-ssh=" # https://github.com/kubernetes/test-infra/pull/10054 + - "--test=true" + - "--up=true" + - "--down=true" + - "--deployment=acsengine" + - "--build=bazel" # build kubectl binary + - "--provider=skeleton" # noop + - "--stage=gs://kubernetes-release-pull/ci/pull-kubernetes-e2e-aks-engine-azure" + - "--ginkgo-parallel=30" + - "--acsengine-agentpoolcount=3" + - "--acsengine-admin-username=azureuser" + - "--acsengine-creds=$AZURE_CREDENTIALS" + - "--acsengine-orchestratorRelease=1.13" # needed for now until aks-engine supports `custom` + - "--acsengine-mastervmsize=Standard_DS2_v2" + - "--acsengine-agentvmsize=Standard_DS2_v2" + - "--acsengine-hyperkube=True" # build hyperkube image + - "--acsengine-location=centralus" + - "--acsengine-public-key=$AZURE_SSH_PUBLIC_KEY_FILE" + - "--acsengine-template-url=https://raw.githubusercontent.com/Azure/aks-engine/77bd48385ba12314f1d7df36b4e0b4d53ceac0a2/examples/kubernetes.json" + - "--acsengine-download-url=https://github.com/Azure/aks-engine/releases/download/v0.29.1/aks-engine-v0.29.1-linux-amd64.tar.gz" + - "--test_args=--ginkgo.focus=\\[Conformance\\]|\\[NodeConformance\\] --ginkgo.skip=\\[sig-node\\]\\sMount\\spropagation|\\[sig-network\\]\\sNetwork\\sshould\\sset\\sTCP\\sCLOSE_WAIT\\stimeout|\\[sig-storage\\]\\sPersistentVolumes-local\\sStress\\swith\\slocal\\svolume\\sprovisioner\\s\\[Serial\\]\\sshould\\suse\\sbe\\sable\\sto\\sprocess\\smany\\spods\\sand\\sreuse\\slocal\\svolumes|should\\sunmount\\sif\\spod\\sis\\sgracefully\\sdeleted\\swhile\\skubelet\\sis\\sdown\\s\\[Disruptive\\]\\[Slow\\]|should\\sunmount\\sif\\spod\\sis\\sforce\\sdeleted\\swhile\\skubelet\\sis\\sdown\\s\\[Disruptive\\]\\[Slow\\]|\\[sig-network\\]\\sServices\\sshould\\sbe\\sable\\sto\\screate\\sa\\sfunctioning\\sNodePort\\sservice|\\[sig-scheduling\\]\\sSchedulerPredicates\\s\\[Serial\\]\\svalidates\\sMaxPods\\slimit\\snumber\\sof\\spods\\sthat\\sare\\sallowed\\sto\\srun\\s\\[Slow\\]|\\[sig-storage\\]\\sDynamic\\sProvisioning\\sDynamicProvisioner\\sDefault\\sshould\\screate\\sand\\sdelete\\sdefault\\spersistent\\svolumes\\s\\[Slow\\]|\\[sig-storage\\]\\sDynamic\\sProvisioning\\sDynamicProvisioner\\sshould\\sprovision\\sstorage\\swith\\sdifferent\\sparameters|\\[sig-storage\\]\\sDynamic\\sProvisioning\\sDynamicProvisioner\\sshould\\stest\\sthat\\sdeleting\\sa\\sclaim\\sbefore\\sthe\\svolume\\sis\\sprovisioned\\sdeletes\\sthe\\svolume.|\\[sig-apps\\]\\sStatefulSet\\s\\[k8s.io\\]\\sBasic\\sStatefulSet\\sfunctionality\\s\\[StatefulSetBasic\\]\\sshould\\sadopt\\smatching\\sorphans\\sand\\srelease\\snon-matching\\spods|\\[sig-apps\\]\\sStatefulSet\\s\\[k8s.io\\]\\sBasic\\sStatefulSet\\sfunctionality\\s\\[StatefulSetBasic\\]\\sshould\\snot\\sdeadlock\\swhen\\sa\\spod.s\\spredecessor\\sfails|\\[sig-apps\\]\\sStatefulSet\\s\\[k8s.io\\]\\sBasic\\sStatefulSet\\sfunctionality\\s\\[StatefulSetBasic\\]\\sshould\\sperform\\srolling\\supdates\\sand\\sroll\\sbacks\\sof\\stemplate\\smodifications\\swith\\sPVCs|\\[sig-apps\\]\\sStatefulSet\\s\\[k8s.io\\]\\sBasic\\sStatefulSet\\sfunctionality\\s\\[StatefulSetBasic\\]\\sshould\\sprovide\\sbasic\\sidentity|\\[sig-storage\\]\\sPersistentVolumes\\sDefault\\sStorageClass\\spods\\sthat\\suse\\smultiple\\svolumes\\sshould\\sbe\\sreschedulable|\\[sig-storage\\]\\sPVC\\sProtection|\\[sig-storage\\]\\sDynamic\\sProvisioning\\s\\[k8s.io\\]\\sGlusterDynamicProvisioner|\\[sig-storage\\]\\sVolumes\\sAzure\\sDisk\\sshould\\sbe\\smountable\\s\\[Slow\\]|\\[sig-apps\\]\\sNetwork\\sPartition\\s\\[Disruptive\\]\\s\\[Slow\\]|\\[sig-network\\]\\sDNS\\sconfigMap|\\[k8s.io\\]\\s\\[sig-node\\]\\sKubelet\\s\\[Serial\\]\\s\\[Slow\\]\\s\\[k8s.io\\]\\s\\[sig-node\\]\\sregular\\sresource\\susage\\stracking\\sresource\\stracking\\sfor\\s0\\spods\\sper\\snode|\\[k8s.io\\]\\s\\[sig-node\\]\\sKubelet\\s\\[Serial\\]\\s\\[Slow\\]\\s\\[k8s.io\\]\\s\\[sig-node\\]\\sregular\\sresource\\susage\\stracking\\sresource\\stracking\\sfor\\s100\\spods\\sper\\snode|Horizontal\\spod\\sautoscaling\\s\\(scale\\sresource:\\sCPU\\)|\\[sig-storage\\]\\sDynamic\\sProvisioning\\sDynamicProvisioner\\sExternal\\sshould\\slet\\san\\sexternal\\sdynamic\\sprovisioner\\screate\\sand\\sdelete\\spersistent\\svolumes\\s\\[Slow\\]|ESIPP|\\[sig-network\\]\\sServices\\sshould\\spreserve\\ssource\\spod\\sIP\\sfor\\straffic\\sthru\\sservice\\scluster\\sIP|In-tree\\sVolumes|PersistentVolumes-local|CSI\\sVolumes|should\\swrite\\sentries\\sto\\s/etc/hosts|\\[Slow\\]|\\[Serial\\]|\\[Disruptive\\]|\\[Flaky\\]|\\[Feature:.+\\]|\\[NodeFeature:.+\\]" + - "--timeout=420m" + securityContext: + privileged: true diff --git a/gubernator/config.yaml b/gubernator/config.yaml index 9a13fd1783b9..fa5a12bad874 100644 --- a/gubernator/config.yaml +++ b/gubernator/config.yaml @@ -29,6 +29,7 @@ jobs: kubernetes-jenkins/pr-logs/directory/: - pull-kubernetes-bazel-build - pull-kubernetes-bazel-test + - pull-kubernetes-e2e-aks-engine-azure - pull-kubernetes-e2e-gce - pull-kubernetes-e2e-gce-100-performance - pull-kubernetes-e2e-gce-device-plugin-gpu diff --git a/testgrid/config.yaml b/testgrid/config.yaml index dba4ccd91cac..60896fcb5769 100644 --- a/testgrid/config.yaml +++ b/testgrid/config.yaml @@ -2554,6 +2554,9 @@ test_groups: - name: pull-kubernetes-cross gcs_prefix: kubernetes-jenkins/pr-logs/directory/pull-kubernetes-cross num_columns_recent: 20 +- name: pull-kubernetes-e2e-aks-engine-azure + gcs_prefix: kubernetes-jenkins/pr-logs/directory/pull-kubernetes-e2e-aks-engine-azure + num_columns_recent: 30 - name: pull-kubernetes-e2e-gce gcs_prefix: kubernetes-jenkins/pr-logs/directory/pull-kubernetes-e2e-gce num_columns_recent: 20 @@ -7124,6 +7127,9 @@ dashboards: - name: pull-kubernetes-cross test_group_name: pull-kubernetes-cross base_options: width=10 + - name: pull-kubernetes-e2e-aks-engine-azure + test_group_name: pull-kubernetes-e2e-aks-engine-azure + base_options: width=10 - name: pull-kubernetes-e2e-gce-alpha-features test_group_name: pull-kubernetes-e2e-gce-alpha-features base_options: width=10 @@ -7594,6 +7600,9 @@ dashboards: - name: "azure-master-conformance" description: Runs conformance tests with cloud-provider-azure (https://github.com/kubernetes/cloud-provider-azure)" test_group_name: ci-cloud-provider-azure-master + - name: pr-k8s-e2e + description: "Run e2e tests" + test_group_name: pull-kubernetes-e2e-aks-engine-azure # openshift dashboard - name: redhat-openshift-release-blocking