Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[OCPSTRAT-506] Azure Managed Identity (Workload Identity) Support #41121

Merged
merged 5 commits into from Jul 14, 2023
Merged

[OCPSTRAT-506] Azure Managed Identity (Workload Identity) Support #41121

merged 5 commits into from Jul 14, 2023

Conversation

huangmingxia
Copy link
Contributor

@huangmingxia huangmingxia commented Jul 11, 2023
edited

Azure Managed Identity (Workload Identity) Support
CCO-380
CCO-407

@huangmingxia
Copy link
Contributor Author

/pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-p1-f3

@huangmingxia
Copy link
Contributor Author

/pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-p1-f3

@huangmingxia
Copy link
Contributor Author

@yunjiang29 @jianlinliu Could you help review this pr when you free? Thanks for your time.

@huangmingxia
Copy link
Contributor Author

/pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f7

@MayXuQQ
Copy link
Contributor

MayXuQQ commented Jul 12, 2023
edited

if we do not create the resource group in advance, but directly set it in install-config.yaml, installer can help create it?

No.
FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": platform.azure.resourceGroupName: Internal error: failed to get resource group: failed to get resource group: resources.GroupsClient#Get: Failure responding to request: StatusCode=404 -- Original Error: autorest/azure: Service returned an error. Status=404 Code="ResourceGroupNotFound" Message="Resource group 'maxu-rg' could not be found."

@huangmingxia
Copy link
Contributor Author

/retest-required

@huangmingxia huangmingxia changed the title Azure workload identity CI Integration-Azure Managed Identity (Workload Identity) Support Jul 13, 2023
@huangmingxia
Copy link
Contributor Author

/pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-arm64-nightly-azure-ipi-workload-identity-tp-p1-f14

@huangmingxia
Copy link
Contributor Author

/pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f14

@jianlinliu
Copy link
Contributor

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 13, 2023
@jianlinliu
Copy link
Contributor

cc @jinyunma @liangxia to review

@yunjiang29
Copy link
Contributor

/lgtm

@liangxia
Copy link
Member

/approve

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 13, 2023
@jianlinliu
Copy link
Contributor

/retest-required

@jinyunma
Copy link
Contributor

/lgtm

@openshift-ci-robot openshift-ci-robot added the rehearsals-ack Signifies that rehearsal jobs have been acknowledged label Jul 13, 2023
@jianlinliu
Copy link
Contributor

/retest-required

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 13, 2023
@jianlinliu
Copy link
Contributor

@huangmingxia the robot said the PR need rebase.

@huangmingxia
Merge branch 'master' into Azureworkload
69d20e7 
# Conflicts:
#	ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.14-periodics.yaml
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Jul 14, 2023
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 14, 2023
@huangmingxia
Copy link
Contributor Author

/retest-required

@huangmingxia
Merge branch 'master' into Azureworkload
717b6c0 
# Conflicts:
#	ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.14-periodics.yaml
@huangmingxia
Merge remote-tracking branch 'origin/Azureworkload' into Azureworkload
ffc952f 
# Conflicts:
#	ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.14-periodics.yaml
@liangxia
Copy link
Member

One of the required job failed, ci/prow/generated-config — Job failed.

Looks like you forgot to run make update

@openshift-ci-robot openshift-ci-robot removed the rehearsals-ack Signifies that rehearsal jobs have been acknowledged label Jul 14, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 14, 2023

@huangmingxia: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/rehearse/periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-p1-f3 81484252d10d6c258b2327112bbfe99bc6943acd link unknown /pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-p1-f3
ci/rehearse/periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f7 15acdc185faa55f153525d450e10057db256fc52 link unknown /pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f7
ci/rehearse/periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f14 05f38bf link unknown /pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f14
ci/rehearse/periodic-ci-openshift-openshift-tests-private-release-4.14-arm64-nightly-azure-ipi-workload-identity-tp-p1-f14 05f38bf link unknown /pj-rehearse periodic-ci-openshift-openshift-tests-private-release-4.14-arm64-nightly-azure-ipi-workload-identity-tp-p1-f14

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-ci-robot
Copy link
Contributor

[REHEARSALNOTIFIER]
@huangmingxia: the pj-rehearse plugin accommodates running rehearsal tests for the changes in this PR. Expand 'Interacting with pj-rehearse' for usage details. The following rehearsable tests have been affected by this change:

Test name Repo Type Reason
periodic-ci-openshift-openshift-tests-private-release-4.14-arm64-nightly-azure-ipi-workload-identity-tp-p1-f14 N/A periodic Periodic changed
periodic-ci-openshift-openshift-tests-private-release-4.14-amd64-nightly-azure-ipi-workload-identity-tp-p1-f14 N/A periodic Periodic changed
Interacting with pj-rehearse

Comment: /pj-rehearse to run up to 10 rehearsals
Comment: /pj-rehearse skip to opt-out of rehearsals
Comment: /pj-rehearse {test-name}, with each test separated by a space, to run one or more specific rehearsals
Comment: /pj-rehearse more to run up to 20 rehearsals
Comment: /pj-rehearse max to run up to 35 rehearsals
Comment: /pj-rehearse auto-ack to run up to 10 rehearsals, and add the rehearsals-ack label on success
Comment: /pj-rehearse abort to abort all active rehearsals

Once you are satisfied with the results of the rehearsals, comment: /pj-rehearse ack to unblock merge. When the rehearsals-ack label is present on your PR, merge will no longer be blocked by rehearsals.
If you would like the rehearsals-ack label removed, comment: /pj-rehearse reject to re-block merging.

@liangxia
Copy link
Member

/lgtm

@liangxia
Copy link
Member

/pj-rehearse ack

@openshift-ci-robot openshift-ci-robot added the rehearsals-ack Signifies that rehearsal jobs have been acknowledged label Jul 14, 2023
@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 14, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 14, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: huangmingxia, jianlinliu, jinyunma, liangxia, yunjiang29

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot merged commit 0fa99cf into openshift:master Jul 14, 2023
19 checks passed
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 14, 2023

@huangmingxia: Updated the following 2 configmaps:

  • job-config-4.14 configmap in namespace ci at cluster app.ci using the following files:
    • key openshift-openshift-tests-private-release-4.14-periodics.yaml using file ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.14-periodics.yaml
  • ci-operator-4.14-configs configmap in namespace ci at cluster app.ci using the following files:
    • key openshift-openshift-tests-private-release-4.14__amd64-nightly.yaml using file ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.14__amd64-nightly.yaml
    • key openshift-openshift-tests-private-release-4.14__arm64-nightly.yaml using file ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-4.14__arm64-nightly.yaml

In response to this:

CCO-380 Azure Managed Identity (Workload Identity) Support

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@huangmingxia huangmingxia changed the title CI Integration-Azure Managed Identity (Workload Identity) Support [OCPSTRAT-506] Azure Managed Identity (Workload Identity) Support Dec 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jianlinliu jianlinliu jianlinliu left review comments

@liangxia liangxia liangxia left review comments

@DennisPeriquet DennisPeriquet Awaiting requested review from DennisPeriquet

@kuiwang02 kuiwang02 Awaiting requested review from kuiwang02

Assignees

@jianlinliu jianlinliu

@liangxia liangxia

@jinyunma jinyunma

@yunjiang29 yunjiang29

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. rehearsals-ack Signifies that rehearsal jobs have been acknowledged
Projects
None yet
Milestone
No milestone
8 participants
@huangmingxia @MayXuQQ @jianlinliu @yunjiang29 @liangxia @jinyunma @openshift-ci-robot @openshift-merge-robot