Giter VIP home page Giter VIP logo

ci-infra's People

Contributors

acumino avatar ary1992 avatar axel7born avatar ccwienk avatar dependabot[bot] avatar diaphteiros avatar dimityrmirchev avatar docktofuture avatar gardener-ci-robot avatar gardener-robot avatar guewa avatar ialidzhikov avatar kostov6 avatar namewasntfound avatar nickytd avatar oliver-goetz avatar petersutter avatar plkokanov avatar raphaelvogel avatar rfranzke avatar rishabh-11 avatar robinschneider avatar scheererj avatar schrodit avatar seshachalam-yv avatar shafeeqes avatar timebertt avatar timuthy avatar unmarshall avatar vpnachev avatar

Stargazers

avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

timebertt gardener-ci-robot oliver-goetz acumino dimityrmirchev plkokanov isabella232 shafeeqes seshachalam-yv ary1992 unmarshall rfranzke ialidzhikov rishabh-11 sallyan abdasgupta robinschneider timuthy martinweindel kristian-zh docktofuture scheererj diaphteiros schrodit nickytd vlvasilev vpnachev aaronfern axel7born dimitar-kostadinov kostov6 markfisher1 ishan16696 raphaelvogel kon-angelo vogelhome petersutter namewasntfound aleksandarsavchev andreasburger guewa

ci-infra's Issues

Copy container images from docker hub to gardener GCR

/kind enhancement

What would you like to be added:

Let's copy all docker hub images that the gardener project consumes to our gardener GCR and consume them from there.

To support this effort with automation, let's add a CI job that copies a configured set of container images based on a simple configuration file:

images:
- source: kubernetesui/dashboard
  destination: eu.gcr.io/gardener-project/3rd/kubernetesui/dashboard
  tags:
  - v2.2.0
  - v2.4.0
  - v2.5.1
- source: envoyproxy/envoy-distroless
  destination: eu.gcr.io/gardener-project/3rd/envoyproxy/envoy-distroless
  tags:
  - v1.24.1

For each container image, the configuration file specifies one or multiple tags that should be copied from the given source repository to the given destination repository.
The copied images should include all platforms/architectures supported by the source images.

Why is this needed:

The gardener project consumes multiple images from docker hub. This leads to problems because

With our gardener GCR, we already have the necessary infrastructure to solve both problems. GCR has no rate limit and supports IPv6.

Previously, some container images were already copied to the gardener GCR manually.
This is not enough for switching all container images over to our GCR because

  • push access to the GCR is limited: we don't want to bother individuals with the task of copying container images, e.g. when versions change or new images should be used
  • manual actions are not reviewed or audited where development is happening (GitHub)
  • manual actions are error-prone: e.g., a simple docker pull + docker tag + docker push only includes the architecture of the used machine

Instead, we want to have a structured and automated way of copying all necessary container images based on a central inventory that can be updated in a self-service PR workflow.

Alternatives considered:

We can't use the GCP Docker Hub Mirror (mirror.gcr.io) because it is not a pull-through cache but only caches frequently access images, see the documentation (ref gardener/gardener#7568 (comment)):

Container Registry adds frequently requested images to the cache so they are available for future requests.
[...]
However, there is no guarantee that a particular image will remain cached for an extended period of time. Only obtain cached images on mirror.gcr.io by configuring the Docker daemon.
[...]
It also periodically removes images that are no longer requested.

We don't want to add repository-specific jobs based on their image vectors (images.yaml) because

  • images specified in the image vector need to be present in the destination registry for pull request jobs to succeed
    • however, a CI job should only copy the images once a PR got approved and merged
    • this introduces a chicken-egg problem for adding new features based on new images
    • having an out-of-band configuration (centralized in this repository) allows configuring the copying first and then adding the new feature based on that
  • only a subset of gardener's repositories use prow (some are still using concourse): configuring decentralized jobs everywhere in different tools is a high effort and troublesome in maintenance

Steps:

Reactivate GitHub token rate limit alerts

/kind cleanup

What would you like to be added:

Now that ghproxy metrics got a new dimension ratelimit_resource (kubernetes/test-infra#25702) we can adapt our alerting rules

ci-infra/config/prow/cluster/monitoring/prow_prometheusrule.yaml

Lines 193 to 203 in 27936b6

# TODO: reactivate this alert, once https://github.com/kubernetes/test-infra/issues/25177 is fixed
# - alert: ghproxy-running-out-github-tokens-in-a-hour
# annotations:
# message: token {{ $labels.token_hash }} will run out of API quota before the next reset.
# expr: |
# github_token_usage{job="ghproxy", resource!="search"} < 1500
# and
# predict_linear(github_token_usage{job="ghproxy", resource!="search"}[30m], 1 * 3600) < 0
# for: 5m
# labels:
# severity: high

and dashboards

ci-infra/config/prow/cluster/monitoring/grafana/dashboards/ghproxy.json

Line 493 in 27936b6

"expr": "sum(github_token_usage * on(token_hash) group_left(login) max(github_user_info{login=\"gardener-ci-robot\"}) by (token_hash, login)) by (api_version, login)",

to use it and reactivate the alerts again.

Why is this needed:

The alerts and metrics are useful and should be reactivated now that kubernetes/test-infra#25177 has been mitigated upstream.
ref #80

[Flaky Test] cherrypicker tests are flaky

/kind flake

What happened:

ci-ci-infra-prow-go-tests is flaky with the introduction of cherrypicker #284.

example runs:

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

Renovate tried to run on this repository, but found these problems.

  • WARN: Error obtaining docker token
  • WARN: No docker auth found - returning

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

  • Update sigs.k8s.io/prow digest to cfb8754
  • Update auto-update: renovate to v37.413.2 (patch) (ghcr.io/renovatebot/renovate, renovate)

Detected dependencies

dockerfile
Dockerfile
  • golang 1.22.4
  • alpine 3.20.0
images/copy-images/Dockerfile
  • alpine 3.20.0
images/krte/Dockerfile
gomod
go.mod
  • go 1.22.3
  • github.com/Masterminds/semver v1.5.0
  • github.com/cenkalti/backoff/v4 v4.3.0
  • github.com/google/go-cmp v0.6.0
  • github.com/onsi/ginkgo/v2 v2.19.0
  • github.com/onsi/gomega v1.33.1
  • github.com/pkg/errors v0.9.1
  • github.com/shurcooL/githubv4 v0.0.0-20240429030203-be2daab69064@be2daab69064
  • github.com/sirupsen/logrus v1.9.3
  • github.com/stretchr/testify v1.9.0
  • golang.org/x/tools v0.22.0
  • sigs.k8s.io/prow v0.0.0-20240531131213-8e43f4d085e1@8e43f4d085e1
  • sigs.k8s.io/yaml v1.4.0
kustomize
config/prow/cluster/monitoring/base-prow/kustomization.yaml
  • grafana/grafana 7.5.17
regex
config/prow/cluster/athens/helm/generate-athens-deployments.sh
  • athens-proxy 0.12.0
config/prow/cluster/ingress-nginx/helm/generate-ingress-nginx-deployments.sh
  • ingress-nginx 4.10.1
config/prow/cluster/oauth2-proxy/helm/generate-oauth2-proxy-deployments.sh
  • oauth2-proxy 7.7.4
config/prow/cluster/renovate/helm/generate-renovate-deployments.sh
  • renovate 37.413.1
config/prow/cluster/monitoring/base/update.sh
  • prometheus-operator/kube-prometheus v0.13.0
hack/tools.mk
  • golangci/golangci-lint v1.59.1
config/jobs/ci-infra/build-ci-infra-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/ci-infra/build-job-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/ci-infra/ci-infra-automate-testgrid.yaml
  • gcr.io/k8s-prow/configurator v20240513-a9bd71bf01
  • gcr.io/k8s-prow/configurator v20240513-a9bd71bf01
config/jobs/ci-infra/ci-infra-periodics.yaml
  • gcr.io/k8s-prow/label_sync v20240513-a9bd71bf01
  • gcr.io/k8s-prow/branchprotector v20240614-e4ae242d1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/job-forker v20240610-eaa5db0
  • gcr.io/k8s-prow/generic-autobumper v20240614-e4ae242d1
  • gcr.io/k8s-prow/generic-autobumper v20240614-e4ae242d1
  • gcr.io/k8s-prow/generic-autobumper v20240614-e4ae242d1
  • gcr.io/k8s-prow/generic-autobumper v20240614-e4ae242d1
  • gcr.io/k8s-prow/checkconfig v20240614-e4ae242d1
  • gcr.io/k8s-prow/checkconfig v20240614-e4ae242d1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/branch-cleaner v20240610-eaa5db0
config/jobs/ci-infra/ci-infra-postsubmits.yaml
  • bitnami/kubectl 1.30.2
config/jobs/ci-infra/ci-infra-presubmits.yaml
  • gcr.io/k8s-prow/checkconfig v20240614-e4ae242d1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • gcr.io/kaniko-project/executor v1.23.1
  • ghcr.io/renovatebot/renovate 37.413.1
config/jobs/ci-infra/copy-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/copy-images v20240523-caaa0c2
config/jobs/common/issue-pr-lifecycle.yaml
  • gcr.io/k8s-prow/commenter v20240513-a9bd71bf01
  • gcr.io/k8s-prow/commenter v20240513-a9bd71bf01
  • gcr.io/k8s-prow/commenter v20240513-a9bd71bf01
  • gcr.io/k8s-prow/commenter v20240513-a9bd71bf01
  • gcr.io/k8s-prow/commenter v20240513-a9bd71bf01
  • gcr.io/k8s-prow/commenter v20240513-a9bd71bf01
config/jobs/dependency-watchdog/dependency-watchdog-build-dev-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/dependency-watchdog/dependency-watchdog-check-vulnerabilities.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.21
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/dependency-watchdog/dependency-watchdog-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/dependency-watchdog/dependency-watchdog-test-builds.yaml
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/dependency-watchdog/dependency-watchdog-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/etcd-druid/druid-e2e-kind-nondistroless-etcd.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21
config/jobs/etcd-druid/druid-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21
config/jobs/extension-shoot-oidc-service/extension-shoot-oidc-service-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21
config/jobs/extension-shoot-oidc-service/extension-shoot-oidc-service-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.21
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.21
config/jobs/gardener-discovery-server/gardener-discovery-server-build-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener-discovery-server/gardener-discovery-server-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener-discovery-server/gardener-discovery-server-test-builds.yaml
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener-discovery-server/gardener-discovery-server-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener-extension-networking-calico/gardener-extension-networking-calico-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener-extension-networking-calico/gardener-extension-networking-calico-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener-extension-networking-cilium/gardener-extension-networking-cilium-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener-extension-networking-cilium/gardener-extension-networking-cilium-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener-extension-registry-cache/gardener-extension-registry-cache-build-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener-extension-registry-cache/gardener-extension-registry-cache-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener-extension-registry-cache/gardener-extension-registry-cache-test-builds.yaml
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener-extension-registry-cache/gardener-extension-registry-cache-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener-extension-shoot-networking-filter/gardener-extension-shoot-networking-filter-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener-extension-shoot-networking-filter/gardener-extension-shoot-networking-filter-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener-extension-shoot-rsyslog-relp/gardener-extension-shoot-rsyslog-relp-build-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener-extension-shoot-rsyslog-relp/gardener-extension-shoot-rsyslog-relp-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener-extension-shoot-rsyslog-relp/gardener-extension-shoot-rsyslog-relp-integration-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener-extension-shoot-rsyslog-relp/gardener-extension-shoot-rsyslog-relp-test-builds.yaml
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener-extension-shoot-rsyslog-relp/gardener-extension-shoot-rsyslog-relp-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener/gardener-apidiff.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240216-792399a-1.20
config/jobs/gardener/gardener-branch-cleaner.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/branch-cleaner v20240610-eaa5db0
config/jobs/gardener/gardener-build-dev-images.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/image-builder v20240610-eaa5db0
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener/gardener-check-renovate-config.yaml
  • ghcr.io/renovatebot/renovate 37.413.1
config/jobs/gardener/gardener-e2e-kind-ha-multi-zone-upgrade.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-ha-multi-zone.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-ha-single-zone-upgrade.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-ha-single-zone.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-ipv6.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-migration-ha-single-zone.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-migration.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-operator-seed.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-operator.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind-upgrade.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
config/jobs/gardener/gardener-integration-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener/gardener-release-handler.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/release-handler v20240610-eaa5db0
config/jobs/gardener/gardener-test-builds.yaml
  • gcr.io/kaniko-project/executor v1.23.1
config/jobs/gardener/gardener-unit-tests.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener/releases/gardener-gardener-release-v1-95.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener/releases/gardener-gardener-release-v1-96.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/gardener/releases/gardener-gardener-release-v1-97.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.22
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
  • gcr.io/kaniko-project/executor v1.23.1
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/golang-test v20240617-85ad75b-1.22
config/jobs/landscaper/landscaper-e2e-kind.yaml
  • europe-docker.pkg.dev/gardener-project/releases/ci-infra/krte v20240617-bb05b25-1.21

Update to golang-1.17.8

/kind enhancement
/assign oliver-goetz

What would you like to be added:
Update to golang-1.17.8

Why is this needed:
gardener/gardener is on golang-1.17.8, so gardener/ci-infra should update to keep the version of golang-test image consistent.

Reduce complexity of cluster setup

What would you like to be added:
Using a dedicated node type for prow jobs in the trusted cluster looks like over-engineering.
There is a dedicated cluster for untrusted jobs which are the most compute and memory demanding tasks too.

Thus, we should apply those changes:

  • Using only a single type of node for trusted prow cluster with a minimum autoscaling limit of 2
  • Distributing apps with replica > 1 across all nodes to improve resilience when nodes fail

Why is this needed:
A simplified setup is less error-prone and would save money because we can use smaller compute units for trusted prow cluster.

Autodeploy updates for prow and prow jobs

/kind enhancement

What would you like to be added:
Deploy updates for prow and prow-jobs automatically during work times.

Why is this needed:
Updates are quite frequent and it is annoying to approve them manually every time.

Switch deck to GitHub Apps Auth

/kind cleanup

What would you like to be added:

Currently, deck is using a Personal Access Token for @gardener-ci-robot.
Now, that kubernetes/test-infra#23870 has been fixed upstream, we could try to switch back to Apps Auth for deck.
ref #2 / 1633b43

Why is this needed:

Apps Auth has some nice advantages over PATs (rate limits scale with users, etc.). We already use it for the other prow components. Switching deck will make things more consistent.

deployer service account does not have all roles and permission which are needed

/kind bug
/assign oliver-goetz

What happened:
When change kubectl --server-side parameter from false to true prow autodeploy jobs started to fail.
Apparently deployer service account does not have roles and permissions for a complete deployment of prow.

What you expected to happen:
Autodeploy job being able to deploy everything.

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know:

Environment:

Forking release-relevant Prow jobs per release

/kind enhancement

What would you like to be added:
It would be helpful to automate the forking of release-relevant jobs for every release.
Why is this needed:
Automating the "freezing" of release-specific jobs takes off load of the releasing process.
We also benefit from a stable test-environment for the particular release-branches, even if the master branch test-configs change.
With the forked Jobs, tests can be analyzed when and where flakey tests arise

cla-assistant spams /cla comments when status of license/cla context is not updated

/kind bug
/assign oliver-goetz

What happened:
ci-gardener-triage-robot-cla prow job can start a "/cla" comment spam when license/cla status is already set, but there is no cla label on the PR yet.

Reaching out to cla-assistant.io does not necessarily update the status of context license/cla. In this case the cla label is never set by cla-assistant plugin and ci-gardener-triage-robot-cla is continuously create new "/cla" comments.

This might happen in those cases

  • the plugin is activated for the first time in a repository which has open PRs with a license/cla status
  • someone deletes cla labels manually
  • cla-assistant plugin is unavailable and new PRs are created in the meantime

What you expected to happen:

  • ci-gardener-triage-robot-cla should not start spamming
  • cla-assistant plugin should add missing cla labels even when there are no changes in the PRs

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know:

Environment:

Renovate should include Gardener release note with link to GitHub release

/kind enhancement

What would you like to be added:
When Renovate updates an image in gardener/gardener (example) then it should include a link to the GitHub release of the updated component, e.g. like this:

```other dependency The `gardener/dashboard` image has been updated to `v1.75.0`. [Release Notes](https://github.com/gardener/dashboard/releases/tag/1.75.0) ```

Why is this needed:
Traceability

/cc @oliver-goetz
Can we achieve this relatively simple?

Update aws load balancer controller to v2.7.0

/kind enhancement

What would you like to be added:
Update aws load balancer controller image to v.2.7.0

Why is this needed:
This upgrade is necessary to enable utilization of the new annotation "alb.ingress.kubernetes.io/mutual-authentication," facilitating automated configuration of mutual authentication with the Ingress resource.

Test jobs in gardener/gardener are not invoked automatically

/kind bug

What happened:
Since we merged #141 tests in gardener/gardener are not invoked automatically anymore

What you expected to happen:
Tests running automatically

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know:
Removing skip_if_only_changed: "^docs/|\\.md$"directive moved the jobs into category 3 of prow job trigger types.
We should add the always_run: true directive to make them run automatically again.

Environment:

Improve user experience of cla-assistant.io

/kind enhancement
/assign @oliver-goetz

What would you like to be added:
Occasionally, cla-assistant.io is does not update its status in pull requests. A manual way to initialise a recheck of the CLA status of a PR would be helpful as mitigation. Ideally, the recheck is started periodically too.
Additionally, it is not obvious which authors of PRs have already signed the CLA and which not. Let us label the PRs accordingly.

Why is this needed:
Improving user experience

Prow adds more than two reviewers on one PR

/kind bug

What happened:
Prow adds more than two reviewers on one PR.

What you expected to happen:
Prow should add only two reviewers on its own.

How to reproduce it (as minimally and precisely as possible):
Create any draft PR prow will assign two reviewers, mark it Ready for Review prow again assign two more reviewers and we can mark this PR draft and Ready for Review again and again and every time PR is marked Ready for Review prow adds two more reviewers. For ex- check this PR
gardener/gardener#5752

Build gardener/gardener images with prow/kaniko

/kind enhancement

What would you like to be added:
Now that the prow image-builder app is completed and is building ci-infra apps productively and gardener apps in a test environment, we could think about the next steps to build gardener/gardener images in prow.

We could proceed in two steps:

  1. Use prow for test builds replacing concourse-ci/publish job
  2. Include prow image build into release pipeline

Step 1: test builds

When investigating the I noticed that the images built by concourse-ci/publish PR test are pushed to eu.gcr.io/gardener-project/gardener which is the same location where we are pushing our release images too.
This does not look ideal from my point of view, because

  • we cannot guarantee that those image come from a trusted origin
  • I question, that we really need to push those images anywhere. From my perspective these are primary tests if the PR could be built at all.

I would like to propose a slightly different setup for prow

  • deactivate concourse-ci/publish PR test
  • create a new presubmit job for gardener/gardener which runs a plain kaniko pod without any target but with the --no-push flag
    • the pod will build the entire Dockerfile
    • it neither uses cache nor pushes the resulting images anywhere, so it can run in safely the prow-work cluster without any credentials for gcr.io
    • the goal of this job is to find out, if we are able to build the PR
  • Change the destination of post-gardener-build-images job to eu.gcr.io/gardener-project/gardener
    • we will build the current state of master branch
    • exclude commits which are changing the VERSION file only, that we do not build release images

Those are the gains from my point of view:

  • we do not push images from "untrusted" origins to eu.gcr.io/gardener-project/gardener anymore
  • we are able to validate if the prow images are working more easily
  • we already reduce the load of our concourse systems

Step 2: release builds

After we verified that our builds are working as expected we can start building our release images in prow.

  • create a build prow job similar to post-gardener-build-images for the release branches which is triggered by changes to VERSIONS file
  • deactivate build in concourse pipeline but keep the rest
  • gardener-robot-ci-* would initiate the release build by pushing a new VERSION file to the release branches

Step 2 is still a draft. I cannot see the entire concourse release pipeline yet.

Why is this needed:
Reduce load on concourse pipelines.
Improve development experience.
Build images of a trusted origin only.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.