From c34aa0af8dba7bcc6e8f1f3781bf5a31a18045f0 Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Tue, 4 Nov 2025 10:23:41 +0100 Subject: [PATCH 1/8] CI: Extend use of vcluster based testing * Add vcluster tests for each supported K8s version. * Drop all native tests but one native GKE and EKS suite. * Support deploying ARM review envionments to vcluster envionments. Closes https://gitlab.com/gitlab-org/charts/gitlab/-/issues/6035 --- .gitlab-ci.yml | 41 +++---- ...lab-ci.yml => eks.133.amd64.gitlab-ci.yml} | 0 ...lab-ci.yml => gke.134.amd64.gitlab-ci.yml} | 0 .gitlab/ci/environments/gke132.gitlab-ci.yml | 99 ----------------- .gitlab/ci/environments/gke133.gitlab-ci.yml | 99 ----------------- .../ci/environments/gke134-arm.gitlab-ci.yml | 104 ------------------ .../vcluster.132.amd64.gitlab-ci.yml | 90 +++++++++++++++ .../vcluster.133.amd64.gitlab-ci.yml | 90 +++++++++++++++ ...i.yml => vcluster.134.amd64.gitlab-ci.yml} | 60 +++++----- .../vcluster.134.arm64.gitlab-ci.yml | 91 +++++++++++++++ .gitlab/ci/validations.yml | 1 - doc/development/_index.md | 12 +- scripts/ci/vcluster.sh | 1 + 13 files changed, 330 insertions(+), 358 deletions(-) rename .gitlab/ci/environments/{eks133.gitlab-ci.yml => eks.133.amd64.gitlab-ci.yml} (100%) rename .gitlab/ci/environments/{gke134.gitlab-ci.yml => gke.134.amd64.gitlab-ci.yml} (100%) delete mode 100644 .gitlab/ci/environments/gke132.gitlab-ci.yml delete mode 100644 .gitlab/ci/environments/gke133.gitlab-ci.yml delete mode 100644 .gitlab/ci/environments/gke134-arm.gitlab-ci.yml create mode 100644 .gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml create mode 100644 .gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml rename .gitlab/ci/environments/{gkevc134.gitlab-ci.yml => vcluster.134.amd64.gitlab-ci.yml} (58%) create mode 100644 .gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4f1e3ec2c9..289af5465c 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -108,21 +108,24 @@ include: - local: '/.gitlab/ci/operator.gitlab-ci.yml' rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == null' - - local: '/.gitlab/ci/environments/gke132.gitlab-ci.yml' + - local: '/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml' rules: - - if: '$LIMIT_TO == "" || $LIMIT_TO == "gke132"' - - local: '/.gitlab/ci/environments/gke133.gitlab-ci.yml' + - if: '$LIMIT_TO == "" || $LIMIT_TO == "v132"' + - local: '/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml' rules: - - if: '$LIMIT_TO == "" || $LIMIT_TO == "gke133"' - - local: '/.gitlab/ci/environments/gke134.gitlab-ci.yml' + - if: '$LIMIT_TO == "" || $LIMIT_TO == "v133"' + - local: '/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml' + rules: + - if: '$LIMIT_TO == "" || $LIMIT_TO == "v134"' + - local: '/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml' + rules: + - if: '$LIMIT_TO == "" || $LIMIT_TO == "v134a"' + - local: '/.gitlab/ci/environments/gke.134.amd64.gitlab-ci.yml' rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == "gke134"' - - local: '/.gitlab/ci/environments/eks133.gitlab-ci.yml' + - local: '/.gitlab/ci/environments/eks.133.amd64.gitlab-ci.yml' rules: - if: '$LIMIT_TO == "eks133"' - - local: '/.gitlab/ci/environments/gke134-arm.gitlab-ci.yml' - rules: - - if: '$LIMIT_TO == "" || $LIMIT_TO == "gke134a"' - local: /.gitlab/ci/scanners.yml rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == null' @@ -346,39 +349,39 @@ trigger_review_secondary: variables: PARENT_PIPELINE_ID: $CI_PIPELINE_ID -trigger-gke134a: +trigger-v132: extends: .trigger_review_job needs: - - trigger_review_secondary + - trigger_review_current variables: - LIMIT_TO: gke134a + LIMIT_TO: v132 rules: - - !reference [.trigger_review_secondary, rules] + - !reference [.trigger_review_current, rules] -trigger-gke132: +trigger-v133: extends: .trigger_review_job needs: - trigger_review_secondary variables: - LIMIT_TO: gke132 + LIMIT_TO: v133 rules: - !reference [.trigger_review_secondary, rules] -trigger-gkevc134: +trigger-v134: extends: .trigger_review_job needs: - trigger_review_secondary variables: - LIMIT_TO: gkevc134 + LIMIT_TO: v134 rules: - !reference [.trigger_review_secondary, rules] -trigger-gke133: +trigger-v134a: extends: .trigger_review_job needs: - trigger_review_secondary variables: - LIMIT_TO: gke133 + LIMIT_TO: v134a rules: - !reference [.trigger_review_secondary, rules] diff --git a/.gitlab/ci/environments/eks133.gitlab-ci.yml b/.gitlab/ci/environments/eks.133.amd64.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/environments/eks133.gitlab-ci.yml rename to .gitlab/ci/environments/eks.133.amd64.gitlab-ci.yml diff --git a/.gitlab/ci/environments/gke134.gitlab-ci.yml b/.gitlab/ci/environments/gke.134.amd64.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/environments/gke134.gitlab-ci.yml rename to .gitlab/ci/environments/gke.134.amd64.gitlab-ci.yml diff --git a/.gitlab/ci/environments/gke132.gitlab-ci.yml b/.gitlab/ci/environments/gke132.gitlab-ci.yml deleted file mode 100644 index 44c89f8cfe..0000000000 --- a/.gitlab/ci/environments/gke132.gitlab-ci.yml +++ /dev/null @@ -1,99 +0,0 @@ -include: - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" - inputs: - job_name: "e2e-test-gke132" - job_stage: "qa-report" - gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - allure_results_glob: "gitlab-qa-run-*/**/allure-results" - rules: - - if: '$CI_SERVER_HOST != "gitlab.com"' - when: never - - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' - -.review_gke132_common_vars: &review_gke132_common_vars - DNS_PROVIDER: "google" - AGENT_NAME: "gke132-ci-cluster" - KUBE_INGRESS_BASE_DOMAIN: "cloud-native-v132.helm-charts.win" - KUBE_NAMESPACE: "helm-charts-win" - -create_review_gke132: - stage: review - image: ${BUSYBOX_IMAGE} - variables: - <<: *review_gke132_common_vars - GIT_STRATEGY: none - script: - - echo "Configuring gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: - name: gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke132 - auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN - action: start - -review_gke132: - variables: - <<: *review_gke132_common_vars - extends: .review_template - environment: - name: gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke132 - auto_stop_in: "${REVIEW_APPS_AUTO_STOP_IN}" - action: access - -stop_review_gke132: - variables: - <<: *review_gke132_common_vars - extends: .stop_review_template - environment: - name: gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - action: stop - -review_specs_gke132: - extends: .specs - variables: - <<: *review_gke132_common_vars - VARIABLES_FILE: "variables/review_gke132" - RSPEC_TAGS: type:feature - environment: - name: gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke132 - action: access - rules: - - !reference [.rule:skip_if_no_cluster] - - !reference [.specs, rules] - needs: ["review_gke132"] - -qa_gke132: - extends: .qa_branch - variables: - VARIABLES_FILE: "variables/review_gke132" - TEST_SUITE: $QA_SANITY_SUITE_OPTIONS - environment: - name: gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - on_stop: stop_review_gke132 - action: access - needs: - - review_gke132 - - job: review_specs_gke132 - artifacts: false - -qa_gke132_full_suite_manual_trigger: - extends: .qa_full_suite_manual_trigger - script: echo 'The job will trigger Full E2E suite against GKE132' - -qa_gke132_manual_full_suite: - extends: .qa_branch - parallel: 7 - variables: - VARIABLES_FILE: "variables/review_gke132" - TEST_SUITE: $QA_FULL_SUITE_OPTIONS - environment: - name: gke132_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - on_stop: stop_review_gke132 - action: access - needs: ["qa_gke132_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/gke133.gitlab-ci.yml b/.gitlab/ci/environments/gke133.gitlab-ci.yml deleted file mode 100644 index 2828bd18b1..0000000000 --- a/.gitlab/ci/environments/gke133.gitlab-ci.yml +++ /dev/null @@ -1,99 +0,0 @@ -include: - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" - inputs: - job_name: "e2e-test-gke133" - job_stage: "qa-report" - gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - allure_results_glob: "gitlab-qa-run-*/**/allure-results" - rules: - - if: '$CI_SERVER_HOST != "gitlab.com"' - when: never - - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' - -.review_gke133_common_vars: &review_gke133_common_vars - DNS_PROVIDER: "google" - AGENT_NAME: "gke133-ci-cluster" - KUBE_INGRESS_BASE_DOMAIN: "cloud-native-v133.helm-charts.win" - KUBE_NAMESPACE: "helm-charts-win" - -create_review_gke133: - stage: review - image: ${BUSYBOX_IMAGE} - variables: - <<: *review_gke133_common_vars - GIT_STRATEGY: none - script: - - echo "Configuring gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: - name: gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke133 - auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN - action: start - -review_gke133: - variables: - <<: *review_gke133_common_vars - extends: .review_template - environment: - name: gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke133 - auto_stop_in: "${REVIEW_APPS_AUTO_STOP_IN}" - action: access - -stop_review_gke133: - variables: - <<: *review_gke133_common_vars - extends: .stop_review_template - environment: - name: gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - action: stop - -review_specs_gke133: - extends: .specs - variables: - <<: *review_gke133_common_vars - VARIABLES_FILE: "variables/review_gke133" - RSPEC_TAGS: type:feature - environment: - name: gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke133 - action: access - rules: - - !reference [.rule:skip_if_no_cluster] - - !reference [.specs, rules] - needs: ["review_gke133"] - -qa_gke133: - extends: .qa_branch - variables: - VARIABLES_FILE: "variables/review_gke133" - TEST_SUITE: $QA_SANITY_SUITE_OPTIONS - environment: - name: gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - on_stop: stop_review_gke133 - action: access - needs: - - review_gke133 - - job: review_specs_gke133 - artifacts: false - -qa_gke133_full_suite_manual_trigger: - extends: .qa_full_suite_manual_trigger - script: echo 'The job will trigger Full E2E suite against GKE133' - -qa_gke133_manual_full_suite: - extends: .qa_branch - parallel: 7 - variables: - VARIABLES_FILE: "variables/review_gke133" - TEST_SUITE: $QA_FULL_SUITE_OPTIONS - environment: - name: gke133_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - on_stop: stop_review_gke133 - action: access - needs: ["qa_gke133_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/gke134-arm.gitlab-ci.yml b/.gitlab/ci/environments/gke134-arm.gitlab-ci.yml deleted file mode 100644 index e5017b7ca1..0000000000 --- a/.gitlab/ci/environments/gke134-arm.gitlab-ci.yml +++ /dev/null @@ -1,104 +0,0 @@ -include: - - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" - inputs: - job_name: "e2e-test-gke134a" - job_stage: "qa-report" - gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" - aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" - aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" - allure_results_glob: "gitlab-qa-run-*/**/allure-results" - rules: - - if: '$CI_SERVER_HOST != "gitlab.com"' - when: never - - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' - -.review_gke134a_common_vars: &review_gke134a_common_vars - DNS_PROVIDER: "google" - AGENT_NAME: "gke134-ci-cluster" - KUBE_INGRESS_BASE_DOMAIN: "cloud-native-v134.helm-charts.win" - KUBE_NAMESPACE: "helm-charts-win" - DEPLOY_MULTIARCH: "true" - -create_review_gke134a: - stage: review - image: ${BUSYBOX_IMAGE} - variables: - <<: *review_gke134a_common_vars - GIT_STRATEGY: none - script: - - echo "Configuring gke134_review/a-$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: &gke134a_environment - name: &gke134a_name gke134_review/a-$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: https://gitlab-$CI_ENVIRONMENT_SLUG.$KUBE_INGRESS_BASE_DOMAIN - on_stop: stop_review_gke134a - auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN - action: start - -review_gke134a: - variables: - <<: *review_gke134a_common_vars - extends: .review_template - environment: - <<: *gke134a_environment - action: access - # initially allow arm64 failures - allow_failure: true - -stop_review_gke134a: - variables: - <<: *review_gke134a_common_vars - extends: .stop_review_template - # initially allow arm64 failures - allow_failure: true - environment: - # name: gke134_review/a-$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - name: *gke134a_name - action: stop - -review_specs_gke134a: - extends: .specs - variables: - <<: *review_gke134a_common_vars - VARIABLES_FILE: "variables/review_gke134a" - RSPEC_TAGS: type:feature - # initially allow arm64 failures - allow_failure: true - environment: - <<: *gke134a_environment - action: access - rules: - - !reference [.rule:skip_if_no_cluster] - - !reference [.specs, rules] - needs: ["review_gke134a"] - -qa_gke134a: - extends: .qa_branch - variables: - VARIABLES_FILE: "variables/review_gke134a" - TEST_SUITE: $QA_SANITY_SUITE_OPTIONS - # initially allow arm64 failures - allow_failure: true - environment: - <<: *gke134a_environment - action: access - needs: - - review_gke134a - - job: review_specs_gke134a - artifacts: false - -qa_gke134a_full_suite_manual_trigger: - extends: .qa_full_suite_manual_trigger - script: echo 'The job will trigger Full E2E suite against GKE134' - -qa_gke134a_manual_full_suite: - extends: .qa_branch - parallel: 7 - variables: - VARIABLES_FILE: "variables/review_gke134a" - TEST_SUITE: $QA_FULL_SUITE_OPTIONS - # initially allow arm64 failures - allow_failure: true - environment: - <<: *gke134a_environment - action: access - needs: ["qa_gke134a_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml new file mode 100644 index 0000000000..35ddba566f --- /dev/null +++ b/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml @@ -0,0 +1,90 @@ +include: + - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" + inputs: + job_name: "e2e-test-v132" + job_stage: "qa-report" + gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" + aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" + aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" + allure_results_glob: "gitlab-qa-run-*/**/allure-results" + rules: + - if: '$CI_SERVER_HOST != "gitlab.com"' + when: never + - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' + +.review_v132_common_vars: &review_v132_common_vars + VCLUSTER_K8S_VERSION: "v1.32.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v132-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc132" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v132" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + +create_review_v132: + stage: review + image: ${BUSYBOX_IMAGE} + variables: + <<: *review_v132_common_vars + GIT_STRATEGY: none + script: + - echo "Configuring gkevc_132/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." + environment: &v132_environment + name: &v132_name gkevc_132/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" + on_stop: stop_review_v132 + auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN + action: start + +review_v132: + variables: + <<: *review_v132_common_vars + extends: .vcluster_review_template + environment: + <<: *v132_environment + action: access + +stop_review_v132: + variables: + <<: *review_v132_common_vars + extends: .stop_vcluster_review_template + environment: + name: *v132_name + action: stop + +review_specs_v132: + extends: .vcluster_specs_template + variables: + <<: *review_v132_common_vars + environment: + <<: *v132_environment + action: access + needs: ['review_v132'] + +qa_v132: + extends: .qa_branch + variables: + <<: *review_v132_common_vars + TEST_SUITE: $QA_SANITY_SUITE_OPTIONS + environment: + <<: *v132_environment + action: access + needs: + - review_v132 + - job: review_specs_v132 + artifacts: false + +qa_v132_full_suite_manual_trigger: + extends: .qa_full_suite_manual_trigger + script: echo 'The job will trigger Full E2E suite against GKE132 vcluster' + +qa_v132_manual_full_suite: + extends: .qa_branch + parallel: 7 + variables: + <<: *review_v132_common_vars + TEST_SUITE: $QA_FULL_SUITE_OPTIONS + environment: + <<: *v132_environment + action: access + needs: ["qa_v132_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml new file mode 100644 index 0000000000..21298da4b8 --- /dev/null +++ b/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml @@ -0,0 +1,90 @@ +include: + - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" + inputs: + job_name: "e2e-test-v133" + job_stage: "qa-report" + gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" + aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" + aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" + allure_results_glob: "gitlab-qa-run-*/**/allure-results" + rules: + - if: '$CI_SERVER_HOST != "gitlab.com"' + when: never + - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' + +.review_v133_common_vars: &review_v133_common_vars + VCLUSTER_K8S_VERSION: "v1.33.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v133-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc133" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v133" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + +create_review_v133: + stage: review + image: ${BUSYBOX_IMAGE} + variables: + <<: *review_v133_common_vars + GIT_STRATEGY: none + script: + - echo "Configuring gkevc_133/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." + environment: &v133_environment + name: &v133_name gkevc_133/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" + on_stop: stop_review_v133 + auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN + action: start + +review_v133: + variables: + <<: *review_v133_common_vars + extends: .vcluster_review_template + environment: + <<: *v133_environment + action: access + +stop_review_v133: + variables: + <<: *review_v133_common_vars + extends: .stop_vcluster_review_template + environment: + name: *v133_name + action: stop + +review_specs_v133: + extends: .vcluster_specs_template + variables: + <<: *review_v133_common_vars + environment: + <<: *v133_environment + action: access + needs: ['review_v133'] + +qa_v133: + extends: .qa_branch + variables: + <<: *review_v133_common_vars + TEST_SUITE: $QA_SANITY_SUITE_OPTIONS + environment: + <<: *v133_environment + action: access + needs: + - review_v133 + - job: review_specs_v133 + artifacts: false + +qa_v133_full_suite_manual_trigger: + extends: .qa_full_suite_manual_trigger + script: echo 'The job will trigger Full E2E suite against GKE133 vcluster' + +qa_v133_manual_full_suite: + extends: .qa_branch + parallel: 7 + variables: + <<: *review_v133_common_vars + TEST_SUITE: $QA_FULL_SUITE_OPTIONS + environment: + <<: *v133_environment + action: access + needs: ["qa_v133_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/gkevc134.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml similarity index 58% rename from .gitlab/ci/environments/gkevc134.gitlab-ci.yml rename to .gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml index 92b1d00ff8..7234d94fa8 100644 --- a/.gitlab/ci/environments/gkevc134.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml @@ -1,7 +1,7 @@ include: - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" inputs: - job_name: "e2e-test-gkevc134" + job_name: "e2e-test-v134" job_stage: "qa-report" gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" @@ -12,79 +12,79 @@ include: when: never - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' -.review_gkevc134_common_vars: &review_gkevc134_common_vars +.review_v134_common_vars: &review_v134_common_vars VCLUSTER_K8S_VERSION: "v1.34.0" VCLUSTER_VERSION: "0.29.1" - VCLUSTER_NAME: "vc134-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + VCLUSTER_NAME: "v134-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134" # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job - VARIABLES_FILE: "variables/review_gkevc134" + VARIABLES_FILE: "variables/review_v134" DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" -create_review_gkevc134: +create_review_v134: stage: review image: ${BUSYBOX_IMAGE} variables: - <<: *review_gkevc134_common_vars + <<: *review_v134_common_vars GIT_STRATEGY: none script: - - echo "Configuring gkevc_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: &gkevc134_environment - name: &gkevc134_name gkevc_review/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + - echo "Configuring gkevc_134/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." + environment: &v134_environment + name: &v134_name gkevc_134/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA url: "https://gitlab${DOMAIN}" - on_stop: stop_review_gkevc134 + on_stop: stop_review_v134 auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN action: start -review_gkevc134: +review_v134: variables: - <<: *review_gkevc134_common_vars + <<: *review_v134_common_vars extends: .vcluster_review_template environment: - <<: *gkevc134_environment + <<: *v134_environment action: access -stop_review_gkevc134: +stop_review_v134: variables: - <<: *review_gkevc134_common_vars + <<: *review_v134_common_vars extends: .stop_vcluster_review_template environment: - name: *gkevc134_name + name: *v134_name action: stop -review_specs_gkevc134: +review_specs_v134: extends: .vcluster_specs_template variables: - <<: *review_gkevc134_common_vars + <<: *review_v134_common_vars environment: - <<: *gkevc134_environment + <<: *v134_environment action: access - needs: ['review_gkevc134'] + needs: ['review_v134'] -qa_gkevc134: +qa_v134: extends: .qa_branch variables: - <<: *review_gkevc134_common_vars + <<: *review_v134_common_vars TEST_SUITE: $QA_SANITY_SUITE_OPTIONS environment: - <<: *gkevc134_environment + <<: *v134_environment action: access needs: - - review_gkevc134 - - job: review_specs_gkevc134 + - review_v134 + - job: review_specs_v134 artifacts: false -qa_gkevc134_full_suite_manual_trigger: +qa_v134_full_suite_manual_trigger: extends: .qa_full_suite_manual_trigger script: echo 'The job will trigger Full E2E suite against GKE134 vcluster' -qa_gkevc134_manual_full_suite: +qa_v134_manual_full_suite: extends: .qa_branch parallel: 7 variables: - <<: *review_gkevc134_common_vars + <<: *review_v134_common_vars TEST_SUITE: $QA_FULL_SUITE_OPTIONS environment: - <<: *gkevc134_environment + <<: *v134_environment action: access - needs: ["qa_gkevc134_full_suite_manual_trigger"] + needs: ["qa_v134_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml new file mode 100644 index 0000000000..94b2b400f9 --- /dev/null +++ b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml @@ -0,0 +1,91 @@ +include: + - component: "gitlab.com/gitlab-org/quality/pipeline-common/allure-report@9.6.3" + inputs: + job_name: "e2e-test-v134a" + job_stage: "qa-report" + gitlab_auth_token_variable_name: "DANGER_GITLAB_API_TOKEN" + aws_access_key_id_variable_name: "QA_ALLURE_AWS_ACCESS_KEY_ID" + aws_secret_access_key_variable_name: "QA_ALLURE_AWS_SECRET_ACCESS_KEY" + allure_results_glob: "gitlab-qa-run-*/**/allure-results" + rules: + - if: '$CI_SERVER_HOST != "gitlab.com"' + when: never + - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' + +.review_v134a_common_vars: &review_v134a_common_vars + VCLUSTER_K8S_VERSION: "v1.34.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v134a-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134a" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v134a" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + RUN_ON_ARM: "true" + +create_review_v134a: + stage: review + image: ${BUSYBOX_IMAGE} + variables: + <<: *review_v134a_common_vars + GIT_STRATEGY: none + script: + - echo "Configuring gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." + environment: &v134a_environment + name: &v134a_name gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" + on_stop: stop_review_v134a + auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN + action: start + +review_v134a: + variables: + <<: *review_v134a_common_vars + extends: .vcluster_review_template + environment: + <<: *v134a_environment + action: access + +stop_review_v134a: + variables: + <<: *review_v134a_common_vars + extends: .stop_vcluster_review_template + environment: + name: *v134a_name + action: stop + +review_specs_v134a: + extends: .vcluster_specs_template + variables: + <<: *review_v134a_common_vars + environment: + <<: *v134a_environment + action: access + needs: ['review_v134a'] + +qa_v134a: + extends: .qa_branch + variables: + <<: *review_v134a_common_vars + TEST_SUITE: $QA_SANITY_SUITE_OPTIONS + environment: + <<: *v134a_environment + action: access + needs: + - review_v134a + - job: review_specs_v134a + artifacts: false + +qa_v134a_full_suite_manual_trigger: + extends: .qa_full_suite_manual_trigger + script: echo 'The job will trigger Full E2E suite against GKE134a vcluster' + +qa_v134a_manual_full_suite: + extends: .qa_branch + parallel: 7 + variables: + <<: *review_v134a_common_vars + TEST_SUITE: $QA_FULL_SUITE_OPTIONS + environment: + <<: *v134a_environment + action: access + needs: ["qa_v134a_full_suite_manual_trigger"] diff --git a/.gitlab/ci/validations.yml b/.gitlab/ci/validations.yml index 85ed3d3909..d0fe83dd1d 100644 --- a/.gitlab/ci/validations.yml +++ b/.gitlab/ci/validations.yml @@ -42,7 +42,6 @@ kubeconform: parallel: matrix: - KUBE_VERSION: - - 1.30.13 - 1.31.9 - 1.32.5 - 1.33.1 diff --git a/doc/development/_index.md b/doc/development/_index.md index 92b965158a..400d230d82 100644 --- a/doc/development/_index.md +++ b/doc/development/_index.md @@ -105,12 +105,12 @@ These pipelines are further classified as either `current` or `secondary`. The `current` pipelines test the most recent supported Kubernetes version on the GKE platform only. -| Minor version | GKE | EKS | vCluster deploy | vCluster full QA | -| --- | --- | --- | --- | --- | -| 1.34 | current | NA | secondary | secondary | -| 1.34 ARM | secondary | NA | NA | NA | -| 1.33 | secondary | current | NA | NA | -| 1.32 | secondary | NA | NA | NA | +| Minor version | GKE | EKS | vCluster | +| --- | --- | --- | --- | +| 1.34 | current | NA | secondary | +| 1.34 ARM | NA | NA | secondary | +| 1.33 | NA | current | secondary | +| 1.32 | NA | NA | current | This table is in development and subject to change. diff --git a/scripts/ci/vcluster.sh b/scripts/ci/vcluster.sh index a58442973f..75a3c1535d 100755 --- a/scripts/ci/vcluster.sh +++ b/scripts/ci/vcluster.sh @@ -55,6 +55,7 @@ function vcluster_helm_deploy() { gitlab \ --wait --timeout 600s \ -f ./scripts/ci/vcluster_helm_values.yaml \ + ${RUN_ON_ARM:+-f ./scripts/ci/arm_nodeselectors.yaml} \ -f ci.digests.yaml \ . } -- GitLab From a2aceb9fbd08623141fefda8e73334d76236994c Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Wed, 5 Nov 2025 15:31:18 +0100 Subject: [PATCH 2/8] Use extends of anchors to improve readability This helps readability and ensures the `KUBE_INGRESS_BASE_DOMAIN` variable is available during envionment creation. Fixes https://gitlab.com/gitlab-org/charts/gitlab/-/issues/5962 --- .../vcluster.132.amd64.gitlab-ci.yml | 62 +++++++++--------- .../vcluster.133.amd64.gitlab-ci.yml | 63 ++++++++++--------- .../vcluster.134.amd64.gitlab-ci.yml | 61 +++++++++--------- .../vcluster.134.arm64.gitlab-ci.yml | 63 ++++++++++--------- .gitlab/ci/vcluster-review-apps.gitlab-ci.yml | 29 +++++---- 5 files changed, 143 insertions(+), 135 deletions(-) diff --git a/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml index 35ddba566f..673e7a9877 100644 --- a/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml @@ -12,62 +12,64 @@ include: when: never - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' -.review_v132_common_vars: &review_v132_common_vars - VCLUSTER_K8S_VERSION: "v1.32.0" - VCLUSTER_VERSION: "0.29.1" - VCLUSTER_NAME: "v132-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" - HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc132" - # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job - VARIABLES_FILE: "variables/review_v132" - DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" +.v132_base: + extends: + - .vcluster_base + variables: + VCLUSTER_K8S_VERSION: "v1.32.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v132-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc132" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v132" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + environment: + name: gkevc_132/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" + create_review_v132: stage: review image: ${BUSYBOX_IMAGE} + extends: .v132_base variables: - <<: *review_v132_common_vars GIT_STRATEGY: none script: - echo "Configuring gkevc_132/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: &v132_environment - name: &v132_name gkevc_132/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: "https://gitlab${DOMAIN}" + environment: on_stop: stop_review_v132 auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN action: start review_v132: - variables: - <<: *review_v132_common_vars - extends: .vcluster_review_template + extends: + - .vcluster_review_template + - .v132_base environment: - <<: *v132_environment action: access stop_review_v132: - variables: - <<: *review_v132_common_vars - extends: .stop_vcluster_review_template + extends: + - .stop_vcluster_review_template + - .v132_base environment: - name: *v132_name action: stop review_specs_v132: - extends: .vcluster_specs_template - variables: - <<: *review_v132_common_vars + extends: + - .vcluster_specs_template + - .v132_base environment: - <<: *v132_environment action: access needs: ['review_v132'] qa_v132: - extends: .qa_branch + extends: + - .qa_branch + - .v132_base variables: - <<: *review_v132_common_vars TEST_SUITE: $QA_SANITY_SUITE_OPTIONS environment: - <<: *v132_environment action: access needs: - review_v132 @@ -79,12 +81,12 @@ qa_v132_full_suite_manual_trigger: script: echo 'The job will trigger Full E2E suite against GKE132 vcluster' qa_v132_manual_full_suite: - extends: .qa_branch + extends: + - .qa_branch + - .v132_base parallel: 7 variables: - <<: *review_v132_common_vars TEST_SUITE: $QA_FULL_SUITE_OPTIONS environment: - <<: *v132_environment action: access needs: ["qa_v132_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml index 21298da4b8..87cfd14063 100644 --- a/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml @@ -12,62 +12,63 @@ include: when: never - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' -.review_v133_common_vars: &review_v133_common_vars - VCLUSTER_K8S_VERSION: "v1.33.0" - VCLUSTER_VERSION: "0.29.1" - VCLUSTER_NAME: "v133-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" - HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc133" - # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job - VARIABLES_FILE: "variables/review_v133" - DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" +.v133_base: + extends: + - .vcluster_base + variables: + VCLUSTER_K8S_VERSION: "v1.33.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v133-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc133" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v133" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + environment: + name: gkevc_133/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" create_review_v133: stage: review image: ${BUSYBOX_IMAGE} + extends: .v133_base variables: - <<: *review_v133_common_vars GIT_STRATEGY: none script: - echo "Configuring gkevc_133/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: &v133_environment - name: &v133_name gkevc_133/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: "https://gitlab${DOMAIN}" + environment: + action: start on_stop: stop_review_v133 auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN - action: start review_v133: - variables: - <<: *review_v133_common_vars - extends: .vcluster_review_template + extends: + - .vcluster_review_template + - .v133_base environment: - <<: *v133_environment action: access stop_review_v133: - variables: - <<: *review_v133_common_vars - extends: .stop_vcluster_review_template + extends: + - .stop_vcluster_review_template + - .v133_base environment: - name: *v133_name action: stop review_specs_v133: - extends: .vcluster_specs_template - variables: - <<: *review_v133_common_vars + extends: + - .vcluster_specs_template + - .v133_base environment: - <<: *v133_environment action: access needs: ['review_v133'] qa_v133: - extends: .qa_branch + extends: + - .qa_branch + - .v133_base variables: - <<: *review_v133_common_vars TEST_SUITE: $QA_SANITY_SUITE_OPTIONS environment: - <<: *v133_environment action: access needs: - review_v133 @@ -79,12 +80,12 @@ qa_v133_full_suite_manual_trigger: script: echo 'The job will trigger Full E2E suite against GKE133 vcluster' qa_v133_manual_full_suite: - extends: .qa_branch + extends: + - .qa_branch + - .v133_base parallel: 7 variables: - <<: *review_v133_common_vars TEST_SUITE: $QA_FULL_SUITE_OPTIONS environment: - <<: *v133_environment action: access needs: ["qa_v133_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml index 7234d94fa8..ddadc6319d 100644 --- a/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml @@ -12,62 +12,63 @@ include: when: never - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' -.review_v134_common_vars: &review_v134_common_vars - VCLUSTER_K8S_VERSION: "v1.34.0" - VCLUSTER_VERSION: "0.29.1" - VCLUSTER_NAME: "v134-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" - HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134" - # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job - VARIABLES_FILE: "variables/review_v134" - DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" +.v134_base: + extends: + - .vcluster_base + variables: + VCLUSTER_K8S_VERSION: "v1.34.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v134-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v134" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + environment: + name: gkevc_134/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" create_review_v134: stage: review image: ${BUSYBOX_IMAGE} + extends: .v134_base variables: - <<: *review_v134_common_vars GIT_STRATEGY: none script: - echo "Configuring gkevc_134/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: &v134_environment - name: &v134_name gkevc_134/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: "https://gitlab${DOMAIN}" + environment: on_stop: stop_review_v134 auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN action: start review_v134: - variables: - <<: *review_v134_common_vars - extends: .vcluster_review_template + extends: + - .vcluster_review_template + - .v134_base environment: - <<: *v134_environment action: access stop_review_v134: - variables: - <<: *review_v134_common_vars - extends: .stop_vcluster_review_template + extends: + - .stop_vcluster_review_template + - .v134_base environment: - name: *v134_name action: stop review_specs_v134: - extends: .vcluster_specs_template - variables: - <<: *review_v134_common_vars + extends: + - .vcluster_specs_template + - .v134_base environment: - <<: *v134_environment action: access needs: ['review_v134'] qa_v134: - extends: .qa_branch + extends: + - .qa_branch + - .v134_base variables: - <<: *review_v134_common_vars TEST_SUITE: $QA_SANITY_SUITE_OPTIONS environment: - <<: *v134_environment action: access needs: - review_v134 @@ -79,12 +80,12 @@ qa_v134_full_suite_manual_trigger: script: echo 'The job will trigger Full E2E suite against GKE134 vcluster' qa_v134_manual_full_suite: - extends: .qa_branch + extends: + - .qa_branch + - .v134_base parallel: 7 variables: - <<: *review_v134_common_vars TEST_SUITE: $QA_FULL_SUITE_OPTIONS environment: - <<: *v134_environment action: access needs: ["qa_v134_full_suite_manual_trigger"] diff --git a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml index 94b2b400f9..2a745bbb39 100644 --- a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml @@ -12,63 +12,64 @@ include: when: never - if: '$CI_PIPELINE_SOURCE == "pipeline" || $CI_PIPELINE_SOURCE == "parent_pipeline"' -.review_v134a_common_vars: &review_v134a_common_vars - VCLUSTER_K8S_VERSION: "v1.34.0" - VCLUSTER_VERSION: "0.29.1" - VCLUSTER_NAME: "v134a-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" - HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134a" - # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job - VARIABLES_FILE: "variables/review_v134a" - DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" - RUN_ON_ARM: "true" +.v134a_base: + extends: + - .vcluster_base + variables: + VCLUSTER_K8S_VERSION: "v1.34.0" + VCLUSTER_VERSION: "0.29.1" + VCLUSTER_NAME: "v134a-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" + HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134a" + # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job + VARIABLES_FILE: "variables/review_v134a" + DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" + RUN_ON_ARM: "true" + environment: + name: gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA + url: "https://gitlab${DOMAIN}" create_review_v134a: stage: review image: ${BUSYBOX_IMAGE} + extends: .v134a_base variables: - <<: *review_v134a_common_vars GIT_STRATEGY: none script: - echo "Configuring gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA to automatically stop in $REVIEW_APPS_AUTO_STOP_IN." - environment: &v134a_environment - name: &v134a_name gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA - url: "https://gitlab${DOMAIN}" + environment: on_stop: stop_review_v134a auto_stop_in: $REVIEW_APPS_AUTO_STOP_IN action: start review_v134a: - variables: - <<: *review_v134a_common_vars - extends: .vcluster_review_template + extends: + - .vcluster_review_template + - .v134a_base environment: - <<: *v134a_environment action: access stop_review_v134a: - variables: - <<: *review_v134a_common_vars - extends: .stop_vcluster_review_template + extends: + - .stop_vcluster_review_template + - .v134a_base environment: - name: *v134a_name action: stop review_specs_v134a: - extends: .vcluster_specs_template - variables: - <<: *review_v134a_common_vars + extends: + - .vcluster_specs_template + - .v134a_base environment: - <<: *v134a_environment action: access needs: ['review_v134a'] qa_v134a: - extends: .qa_branch + extends: + - .qa_branch + - .v134a_base variables: - <<: *review_v134a_common_vars TEST_SUITE: $QA_SANITY_SUITE_OPTIONS environment: - <<: *v134a_environment action: access needs: - review_v134a @@ -80,12 +81,12 @@ qa_v134a_full_suite_manual_trigger: script: echo 'The job will trigger Full E2E suite against GKE134a vcluster' qa_v134a_manual_full_suite: - extends: .qa_branch + extends: + - .qa_branch + - .v134a_base parallel: 7 variables: - <<: *review_v134a_common_vars TEST_SUITE: $QA_FULL_SUITE_OPTIONS environment: - <<: *v134a_environment action: access needs: ["qa_v134a_full_suite_manual_trigger"] diff --git a/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml b/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml index 75f53d16fb..a9294fb8a9 100644 --- a/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml +++ b/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml @@ -1,14 +1,16 @@ -.vcluster_review_common_vars: &vcluster_review_common_vars - DNS_PROVIDER: "google" - AGENT_NAME: "gkevc-ci-cluster" - KUBE_INGRESS_BASE_DOMAIN: "cloud-native-vcluster.helm-charts.win" - KUBE_NAMESPACE: "default" - NAMESPACE: "${KUBE_NAMESPACE}" +.vcluster_base: + variables: + DNS_PROVIDER: "google" + AGENT_NAME: "gkevc-ci-cluster" + KUBE_INGRESS_BASE_DOMAIN: "cloud-native-vcluster.helm-charts.win" + KUBE_NAMESPACE: "default" + NAMESPACE: "${KUBE_NAMESPACE}" .vcluster_review_template: - extends: .review_template + extends: + - .review_template + - .vcluster_base variables: - <<: *vcluster_review_common_vars ADD_NGINX_DNS_ANNOTATIONS: "true" allow_failure: true before_script: @@ -32,9 +34,9 @@ - vcluster_run ./scripts/ci/vcluster_deploy.sh .stop_vcluster_review_template: - extends: .stop_review_template - variables: - <<: *vcluster_review_common_vars + extends: + - .stop_review_template + - .vcluster_base before_script: # If the branch has already been deleted, fall back to master. - git checkout "${CI_COMMIT_REF_NAME}" || git checkout master @@ -48,9 +50,10 @@ - vcluster_delete .vcluster_specs_template: - extends: .specs + extends: + - .specs + - .vcluster_base variables: - <<: *vcluster_review_common_vars RSPEC_TAGS: type:feature allow_failure: true before_script: -- GitLab From 175aad51d6db7ea86ea3839a8f54dd54461a2a2b Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Fri, 7 Nov 2025 15:20:59 +0100 Subject: [PATCH 3/8] Select vcluster nodes based on arch --- .../vcluster.134.arm64.gitlab-ci.yml | 2 +- .gitlab/ci/vcluster-review-apps.gitlab-ci.yml | 1 + scripts/ci/arm_nodeselectors.yaml | 38 ------------------- scripts/ci/vcluster.sh | 14 +------ scripts/ci/vcluster.template.yaml | 5 +++ 5 files changed, 8 insertions(+), 52 deletions(-) delete mode 100644 scripts/ci/arm_nodeselectors.yaml diff --git a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml index 2a745bbb39..35d495508d 100644 --- a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml @@ -23,7 +23,7 @@ include: # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job VARIABLES_FILE: "variables/review_v134a" DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" - RUN_ON_ARM: "true" + VCLUSTER_ARCH: arm64 environment: name: gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA url: "https://gitlab${DOMAIN}" diff --git a/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml b/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml index a9294fb8a9..f75263968d 100644 --- a/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml +++ b/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml @@ -5,6 +5,7 @@ KUBE_INGRESS_BASE_DOMAIN: "cloud-native-vcluster.helm-charts.win" KUBE_NAMESPACE: "default" NAMESPACE: "${KUBE_NAMESPACE}" + VCLUSTER_ARCH: amd64 .vcluster_review_template: extends: diff --git a/scripts/ci/arm_nodeselectors.yaml b/scripts/ci/arm_nodeselectors.yaml deleted file mode 100644 index 975074018a..0000000000 --- a/scripts/ci/arm_nodeselectors.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- - -global: - nodeSelector: - kubernetes.io/arch: arm64 - -minio: - nodeSelector: - kubernetes.io/arch: amd64 - -gitlab-runner: - nodeSelector: - kubernetes.io/arch: arm64 - -postgresql: - primary: - nodeSelector: - kubernetes.io/arch: arm64 - readReplicas: - nodeSelector: - kubernetes.io/arch: arm64 - backup.cronjob.labels: - nodeSelector: - kubernetes.io/arch: arm64 - -redis: - master: - nodeSelector: - kubernetes.io/arch: arm64 - replica: - nodeSelector: - kubernetes.io/arch: arm64 - - -nginx-ingress: - nodeSelector: - kubernetes.io/arch: amd64 - diff --git a/scripts/ci/vcluster.sh b/scripts/ci/vcluster.sh index 75a3c1535d..e15ce44966 100755 --- a/scripts/ci/vcluster.sh +++ b/scripts/ci/vcluster.sh @@ -25,7 +25,7 @@ function vcluster_name() { } function vcluster_create() { - envsubst '$VCLUSTER_K8S_VERSION' < ./scripts/ci/vcluster.template.yaml > ./vcluster.yaml + envsubst < ./scripts/ci/vcluster.template.yaml > ./vcluster.yaml cat vcluster.yaml local vcluster_name=$(vcluster_name) @@ -48,18 +48,6 @@ function vcluster_copy_secret() { | vcluster_run kubectl apply -n $3 -f - } -function vcluster_helm_deploy() { - helm dependency update - - vcluster_run helm upgrade --install \ - gitlab \ - --wait --timeout 600s \ - -f ./scripts/ci/vcluster_helm_values.yaml \ - ${RUN_ON_ARM:+-f ./scripts/ci/arm_nodeselectors.yaml} \ - -f ci.digests.yaml \ - . -} - function vcluster_helm_rollout_status() { vcluster_run kubectl rollout status statefulset -l release=gitlab --timeout=300s vcluster_run kubectl rollout status deployments -l release=gitlab --timeout=300s diff --git a/scripts/ci/vcluster.template.yaml b/scripts/ci/vcluster.template.yaml index d009b44aee..d2aba11162 100644 --- a/scripts/ci/vcluster.template.yaml +++ b/scripts/ci/vcluster.template.yaml @@ -14,6 +14,11 @@ sync: toHost: ingresses: enabled: true + fromHost: + nodes: + selector: + labels: + kubernetes.io/arch: "$VCLUSTER_ARCH" integrations: metricsServer: enabled: true -- GitLab From 5d4448b460b65e7c513b46a7c073c6fc2076003a Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Tue, 11 Nov 2025 16:29:54 +0100 Subject: [PATCH 4/8] Update vcluster CLI version Update default vcluster version 0.30. The image was bumped in https://gitlab.com/gitlab-org/gitlab-build-images/-/merge_requests/1025. This allows us to use an up to date vcluster version without pulling a custom version in every review pipeline. --- .gitlab-ci.yml | 2 +- .gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml | 1 - .gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml | 1 - .gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml | 1 - .gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml | 1 - 5 files changed, 1 insertion(+), 5 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 289af5465c..cf16b3fbbe 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -24,7 +24,7 @@ # Note: Auto CI does not work with multiple buildpacks yet default: - image: "${CI_REGISTRY}/${GITLAB_NAMESPACE}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}:gcloud-526-kubectl-1.33-helm-3.18-helm_kubeconform-0.1.17-vcluster-0.25-awscli-1.40.35-vault-1.19.5" + image: "${CI_REGISTRY}/${GITLAB_NAMESPACE}/gitlab-build-images/debian-${DEBIAN_VERSION}-ruby-${RUBY_VERSION}:gcloud-526-kubectl-1.33-helm-3.18-helm_kubeconform-0.1.17-vcluster-0.30-awscli-1.40.35-vault-1.19.5" variables: AUTO_DEPLOY_TAG_REGEX: '^[0-9]+\.[0-9]+\.[0-9]+\+[a-z0-9]{7,}$' diff --git a/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml index 673e7a9877..c8a849f828 100644 --- a/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.132.amd64.gitlab-ci.yml @@ -17,7 +17,6 @@ include: - .vcluster_base variables: VCLUSTER_K8S_VERSION: "v1.32.0" - VCLUSTER_VERSION: "0.29.1" VCLUSTER_NAME: "v132-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc132" # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job diff --git a/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml index 87cfd14063..5419b96ae7 100644 --- a/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.133.amd64.gitlab-ci.yml @@ -17,7 +17,6 @@ include: - .vcluster_base variables: VCLUSTER_K8S_VERSION: "v1.33.0" - VCLUSTER_VERSION: "0.29.1" VCLUSTER_NAME: "v133-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc133" # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job diff --git a/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml index ddadc6319d..e529d44f24 100644 --- a/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.amd64.gitlab-ci.yml @@ -17,7 +17,6 @@ include: - .vcluster_base variables: VCLUSTER_K8S_VERSION: "v1.34.0" - VCLUSTER_VERSION: "0.29.1" VCLUSTER_NAME: "v134-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134" # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job diff --git a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml index 35d495508d..3f08c42d12 100644 --- a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml @@ -17,7 +17,6 @@ include: - .vcluster_base variables: VCLUSTER_K8S_VERSION: "v1.34.0" - VCLUSTER_VERSION: "0.29.1" VCLUSTER_NAME: "v134a-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" HOST_SUFFIX: "${CI_ENVIRONMENT_SLUG}-vc134a" # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job -- GitLab From 173f668ede645d911dbbc40644ff3d7781abd6cb Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Wed, 12 Nov 2025 09:10:54 +0100 Subject: [PATCH 5/8] Unify naming of CI imports --- .gitlab-ci.yml | 8 ++++---- .gitlab/ci/{checks.yml => checks.gitlab-ci.yml} | 0 .gitlab/ci/{validations.yml => kubeconform.gitlab-ci.yml} | 0 .gitlab/ci/{review-docs.yml => review-docs.gitlab-ci.yml} | 0 .gitlab/ci/{scanners.yml => scanners.gitlab-ci.yml} | 0 .../ci/{specs-common.yml => specs-common.gitlab-ci.yml} | 0 6 files changed, 4 insertions(+), 4 deletions(-) rename .gitlab/ci/{checks.yml => checks.gitlab-ci.yml} (100%) rename .gitlab/ci/{validations.yml => kubeconform.gitlab-ci.yml} (100%) rename .gitlab/ci/{review-docs.yml => review-docs.gitlab-ci.yml} (100%) rename .gitlab/ci/{scanners.yml => scanners.gitlab-ci.yml} (100%) rename .gitlab/ci/{specs-common.yml => specs-common.gitlab-ci.yml} (100%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index cf16b3fbbe..fe21f35bdd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -126,16 +126,16 @@ include: - local: '/.gitlab/ci/environments/eks.133.amd64.gitlab-ci.yml' rules: - if: '$LIMIT_TO == "eks133"' - - local: /.gitlab/ci/scanners.yml + - local: /.gitlab/ci/scanners.gitlab-ci.yml rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == null' - - local: /.gitlab/ci/validations.yml + - local: /.gitlab/ci/kubeconform.gitlab-ci.yml rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == null' - - local: /.gitlab/ci/checks.yml + - local: /.gitlab/ci/checks.gitlab-ci.yml rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == null' - - local: /.gitlab/ci/review-docs.yml + - local: /.gitlab/ci/review-docs.gitlab-ci.yml rules: - if: '$LIMIT_TO == "" || $LIMIT_TO == null' - component: ${CI_SERVER_FQDN}/gitlab-org/components/danger-review/danger-review@2.1.0 diff --git a/.gitlab/ci/checks.yml b/.gitlab/ci/checks.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/checks.yml rename to .gitlab/ci/checks.gitlab-ci.yml diff --git a/.gitlab/ci/validations.yml b/.gitlab/ci/kubeconform.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/validations.yml rename to .gitlab/ci/kubeconform.gitlab-ci.yml diff --git a/.gitlab/ci/review-docs.yml b/.gitlab/ci/review-docs.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/review-docs.yml rename to .gitlab/ci/review-docs.gitlab-ci.yml diff --git a/.gitlab/ci/scanners.yml b/.gitlab/ci/scanners.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/scanners.yml rename to .gitlab/ci/scanners.gitlab-ci.yml diff --git a/.gitlab/ci/specs-common.yml b/.gitlab/ci/specs-common.gitlab-ci.yml similarity index 100% rename from .gitlab/ci/specs-common.yml rename to .gitlab/ci/specs-common.gitlab-ci.yml -- GitLab From bf03965a057f8b67bf4501a3a86f248161c2e0bc Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Wed, 12 Nov 2025 10:34:00 +0100 Subject: [PATCH 6/8] Ensure review specs pull vcluster Change the vcluster logic to install the expected vcluster version in review spec jobs. These images do not have vcluster preinstalled and need to install it at runtime. --- .gitlab-ci.yml | 2 +- scripts/ci/vcluster.sh | 21 +++++++++++++++------ 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index fe21f35bdd..abb6073b64 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -31,7 +31,7 @@ variables: DOCKER_VERSION: "28.0.1" HELM_VERSION: "3.18.4" KUBECTL_VERSION: "1.33.1" - VCLUSTER_VERSION: "default" + VCLUSTER_VERSION: "0.30.0" STABLE_REPO_URL: "https://charts.helm.sh/stable" GOOGLE_APPLICATION_CREDENTIALS: ${CI_PROJECT_DIR}/.google_keyfile.json # AUTO_DEVOPS_DOMAIN is the application deployment domain and should be set as a variable at the group or project level. diff --git a/scripts/ci/vcluster.sh b/scripts/ci/vcluster.sh index e15ce44966..7e7841c10d 100755 --- a/scripts/ci/vcluster.sh +++ b/scripts/ci/vcluster.sh @@ -10,14 +10,23 @@ function cluster_connect() { } function vcluster_install() { - if [ -z "${VCLUSTER_VERSION}" ] || [ "${VCLUSTER_VERSION,,}" == "default" ]; then - echo "No version specified, using default image version" + if command -v vcluster &> /dev/null; then + # Get the installed version + INSTALLED_VERSION=$(vcluster version | grep -oE '[0-9]+\.[0-9]+\.[0-9]+') + + if [ "$INSTALLED_VERSION" = "$VCLUSTER_VERSION" ]; then + echo "vcluster is installed with the correct version" + return + else + echo "vcluster ${INSTALLED_VERSION} is installed but version mismatch (expected $VCLUSTER_VERSION)" + fi else - echo "Install vcluster version ${VCLUSTER_VERSION}" - curl -Lo /tmp/vcluster "https://github.com/loft-sh/vcluster/releases/download/v${VCLUSTER_VERSION}/vcluster-linux-amd64" - install -c -m 0755 /tmp/vcluster /usr/local/bin + echo "vcluster is not installed" fi - vcluster version + + echo "Install vcluster version ${VCLUSTER_VERSION}" + curl -Lo /tmp/vcluster "https://github.com/loft-sh/vcluster/releases/download/v${VCLUSTER_VERSION}/vcluster-linux-amd64" + install -c -m 0755 /tmp/vcluster /usr/local/bin } function vcluster_name() { -- GitLab From 0fde2db9680fd2e594f855b022d7df60952b1dfb Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Wed, 12 Nov 2025 12:59:13 +0100 Subject: [PATCH 7/8] ARM review envionments: Use custom MinIO image tag compatible with arm64 * Fallback to new minio policy syntax to handle new arm image. * Change multiarch variable. --- .gitlab-ci.yml | 1 + .../vcluster.134.arm64.gitlab-ci.yml | 2 +- .gitlab/ci/vcluster-review-apps.gitlab-ci.yml | 1 - .../minio/templates/_helper_create_buckets.sh | 5 ++++- scripts/ci/autodevops.sh | 18 +++++++++++------- scripts/ci/vcluster.template.yaml | 2 +- 6 files changed, 18 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index abb6073b64..21be2a5b28 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -68,6 +68,7 @@ variables: enabled: true GITLAB_AUTH_TOKEN: $DANGER_GITLAB_API_TOKEN REVIEW_APPS_AUTO_STOP_IN: "2 hours" + REVIEW_ARCH: amd64 # amd64 or arm64 LIMIT_TO: "" PARENT_PIPELINE_ID: $CI_PIPELINE_ID diff --git a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml index 3f08c42d12..704ea82d9a 100644 --- a/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml +++ b/.gitlab/ci/environments/vcluster.134.arm64.gitlab-ci.yml @@ -22,7 +22,7 @@ include: # the VARIABLES_FILE value is from the CI_JOB_NAME of the review job VARIABLES_FILE: "variables/review_v134a" DOMAIN: "-${HOST_SUFFIX}.${KUBE_INGRESS_BASE_DOMAIN}" - VCLUSTER_ARCH: arm64 + REVIEW_ARCH: arm64 environment: name: gkevc_134a/$REVIEW_REF_PREFIX$CI_COMMIT_SHORT_SHA url: "https://gitlab${DOMAIN}" diff --git a/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml b/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml index f75263968d..a9294fb8a9 100644 --- a/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml +++ b/.gitlab/ci/vcluster-review-apps.gitlab-ci.yml @@ -5,7 +5,6 @@ KUBE_INGRESS_BASE_DOMAIN: "cloud-native-vcluster.helm-charts.win" KUBE_NAMESPACE: "default" NAMESPACE: "${KUBE_NAMESPACE}" - VCLUSTER_ARCH: amd64 .vcluster_review_template: extends: diff --git a/charts/minio/templates/_helper_create_buckets.sh b/charts/minio/templates/_helper_create_buckets.sh index 3cabb5f1fa..8b0b5029ba 100644 --- a/charts/minio/templates/_helper_create_buckets.sh +++ b/charts/minio/templates/_helper_create_buckets.sh @@ -62,7 +62,10 @@ createBucket() { # At this point, the bucket should exist, skip checking for existance # Set policy on the bucket echo "Setting policy of bucket '$BUCKET' to '$POLICY'." - /usr/bin/mc policy $POLICY myminio/$BUCKET + + if /usr/bin/mc policy $POLICY minio/$BUCKET 2>&1 | grep -q "mc policy set"; then + /usr/bin/mc policy set $POLICY myminio/$BUCKET + fi } connectToMinio diff --git a/scripts/ci/autodevops.sh b/scripts/ci/autodevops.sh index 16702a3c79..e344561c21 100755 --- a/scripts/ci/autodevops.sh +++ b/scripts/ci/autodevops.sh @@ -11,7 +11,7 @@ if [[ $CI_ENVIRONMENT_SLUG =~ ^[^-]+-review ]]; then # if multiarch deployment is on - we will be deploying *two* # charts - one for "amd64" and second for "arm64" thus the need # to avoid name collision: - if [ "${DEPLOY_MULTIARCH}" == "true" ]; then + if [ "${REVIEW_ARCH}" == "arm64" ]; then RELEASE_NAME="rvw-a-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA}" else RELEASE_NAME=rvw-${REVIEW_REF_PREFIX}${CI_COMMIT_SHORT_SHA} @@ -23,7 +23,7 @@ if [[ $CI_ENVIRONMENT_SLUG =~ ^[^-]+-review ]]; then RELEASE_NAME=${RELEASE_NAME%-} else # otherwise, use CI_ENVIRONMENT_SLUG - if [ "${DEPLOY_MULTIARCH}" == "true" ]; then + if [ "${REVIEW_ARCH}" == "arm64" ]; then RELEASE_NAME="a-${CI_ENVIRONMENT_SLUG}" else RELEASE_NAME=$CI_ENVIRONMENT_SLUG @@ -59,7 +59,7 @@ function deploy() { exit 1 fi - echo "DEPLOY_MULTIARCH: $DEPLOY_MULTIARCH" + echo "REVIEW_ARCH: $REVIEW_ARCH" # Cleanup and previous installs, as FAILED and PENDING_UPGRADE will cause errors with `upgrade` if [ "$RELEASE_NAME" != "production" ] && previousDeployFailed ; then echo "Deployment in bad state, cleaning up $RELEASE_NAME" @@ -186,14 +186,18 @@ CIYAML SENTRY_CONFIGURATION="-f ci.sentry.yaml" fi - MULTIARCH_CONFIGURATION="" - if [ "${DEPLOY_MULTIARCH}" == "true" ]; then - MULTIARCH_CONFIGURATION="-f scripts/ci/arm_nodeselectors.yaml" + + ARCH_CONFIGURATION="" + if [ "${REVIEW_ARCH}" == "arm64" ]; then + # The bundled MinIO chart is not being updated anymore. + # We override the image for arm64 because the current default image is only build for amd64. + ARCH_CONFIGURATION="--set minio.imageTag=RELEASE.2020-09-21T22-31-59Z-arm64 --set minio.minioMc.tag=RELEASE.2020-09-23T20-02-13Z-arm64" fi + helm upgrade --install \ $WAIT \ ${SENTRY_CONFIGURATION} \ - ${MULTIARCH_CONFIGURATION} \ + ${ARCH_CONFIGURATION} \ ${NGINX_CONFIGURATION} \ -f ci.details.yaml \ -f ci.scale.yaml \ diff --git a/scripts/ci/vcluster.template.yaml b/scripts/ci/vcluster.template.yaml index d2aba11162..2d6bd272c9 100644 --- a/scripts/ci/vcluster.template.yaml +++ b/scripts/ci/vcluster.template.yaml @@ -18,7 +18,7 @@ sync: nodes: selector: labels: - kubernetes.io/arch: "$VCLUSTER_ARCH" + kubernetes.io/arch: "$REVIEW_ARCH" integrations: metricsServer: enabled: true -- GitLab From 4b98fe3c4a816a4ed3f01637f8e817eb04571ec3 Mon Sep 17 00:00:00 2001 From: Clemens Beck Date: Tue, 18 Nov 2025 10:43:07 +0100 Subject: [PATCH 8/8] Change ARM value and patch handling --- charts/minio/templates/_helper_create_buckets.sh | 5 +---- scripts/ci/autodevops.sh | 6 ++++-- scripts/ci/patches/arm64.minio.patch | 13 +++++++++++++ scripts/ci/values/arm64.values.yaml | 5 +++++ scripts/ci/vcluster.sh | 5 ----- 5 files changed, 23 insertions(+), 11 deletions(-) create mode 100644 scripts/ci/patches/arm64.minio.patch create mode 100644 scripts/ci/values/arm64.values.yaml diff --git a/charts/minio/templates/_helper_create_buckets.sh b/charts/minio/templates/_helper_create_buckets.sh index 8b0b5029ba..3cabb5f1fa 100644 --- a/charts/minio/templates/_helper_create_buckets.sh +++ b/charts/minio/templates/_helper_create_buckets.sh @@ -62,10 +62,7 @@ createBucket() { # At this point, the bucket should exist, skip checking for existance # Set policy on the bucket echo "Setting policy of bucket '$BUCKET' to '$POLICY'." - - if /usr/bin/mc policy $POLICY minio/$BUCKET 2>&1 | grep -q "mc policy set"; then - /usr/bin/mc policy set $POLICY myminio/$BUCKET - fi + /usr/bin/mc policy $POLICY myminio/$BUCKET } connectToMinio diff --git a/scripts/ci/autodevops.sh b/scripts/ci/autodevops.sh index e344561c21..24f1f485e1 100755 --- a/scripts/ci/autodevops.sh +++ b/scripts/ci/autodevops.sh @@ -190,8 +190,10 @@ CIYAML ARCH_CONFIGURATION="" if [ "${REVIEW_ARCH}" == "arm64" ]; then # The bundled MinIO chart is not being updated anymore. - # We override the image for arm64 because the current default image is only build for amd64. - ARCH_CONFIGURATION="--set minio.imageTag=RELEASE.2020-09-21T22-31-59Z-arm64 --set minio.minioMc.tag=RELEASE.2020-09-23T20-02-13Z-arm64" + # Override the image for arm64 because the current default image is only build for amd64. + ARCH_CONFIGURATION="-f scripts/ci/values/arm64.values.yaml" + # Patch the minio chart to accomodate for CLI changes in the new minio/mc version. + git apply ./scripts/ci/patches/arm64.minio.patch fi helm upgrade --install \ diff --git a/scripts/ci/patches/arm64.minio.patch b/scripts/ci/patches/arm64.minio.patch new file mode 100644 index 0000000000..683f00c6f2 --- /dev/null +++ b/scripts/ci/patches/arm64.minio.patch @@ -0,0 +1,13 @@ +diff --git a/charts/minio/templates/_helper_create_buckets.sh b/charts/minio/templates/_helper_create_buckets.sh +index 3cabb5f1f..17f408259 100644 +--- a/charts/minio/templates/_helper_create_buckets.sh ++++ b/charts/minio/templates/_helper_create_buckets.sh +@@ -62,7 +62,7 @@ createBucket() { + # At this point, the bucket should exist, skip checking for existance + # Set policy on the bucket + echo "Setting policy of bucket '$BUCKET' to '$POLICY'." +- /usr/bin/mc policy $POLICY myminio/$BUCKET ++ /usr/bin/mc policy set $POLICY myminio/$BUCKET + } + + connectToMinio diff --git a/scripts/ci/values/arm64.values.yaml b/scripts/ci/values/arm64.values.yaml new file mode 100644 index 0000000000..c2196dccc0 --- /dev/null +++ b/scripts/ci/values/arm64.values.yaml @@ -0,0 +1,5 @@ +minio: + imageTag: "RELEASE.2020-09-21T22-31-59Z-arm64" + minioMc: + tag: "RELEASE.2020-09-23T20-02-13Z-arm64" + diff --git a/scripts/ci/vcluster.sh b/scripts/ci/vcluster.sh index 7e7841c10d..6bdbb46f70 100755 --- a/scripts/ci/vcluster.sh +++ b/scripts/ci/vcluster.sh @@ -57,11 +57,6 @@ function vcluster_copy_secret() { | vcluster_run kubectl apply -n $3 -f - } -function vcluster_helm_rollout_status() { - vcluster_run kubectl rollout status statefulset -l release=gitlab --timeout=300s - vcluster_run kubectl rollout status deployments -l release=gitlab --timeout=300s -} - function vcluster_delete() { vcluster delete $(vcluster_name) --delete-configmap --delete-namespace --ignore-not-found } -- GitLab