Skip to content

Use slot-manager for e2e-parallel job #80156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
openshift-merge-bot merged 1 commit into from
Jun 8, 2026
Merged

Use slot-manager for e2e-parallel job #80156

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 1 addition & 5 deletions ci-operator/config/Azure/ARO-HCP/Azure-ARO-HCP-main.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -496,11 +496,7 @@ tests:
env:
ARO_HCP_CLOUD: dev
ARO_HCP_DEPLOY_ENV: ci01
LOCATION: westus3
leases:
- count: 1
env: ENV_QUOTA_LEASED_RESOURCE
resource_type: aro-hcp-dev-quota-slice
MULTISTAGE_PARAM_OVERRIDE_LOCATION: westus3
workflow: aro-hcp-local-e2e
timeout: 10h0m0s
- as: global-pipeline-postsubmit
Expand Down
8 changes: 8 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/OWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
approvers:
- aro-hcp-sl-approvers
- geoberle
- deads2k
reviewers:
- aro-hcp-sl-reviewers
- geoberle
- deads2k
8 changes: 8 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/acquire/OWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
approvers:
- aro-hcp-sl-approvers
- geoberle
- deads2k
reviewers:
- aro-hcp-sl-reviewers
- geoberle
- deads2k
29 changes: 29 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/acquire/aro-hcp-lease-acquire-commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#!/bin/bash
set -o errexit
set -o nounset
set -o pipefail

export CLUSTER_PROFILE_DIR="/var/run/aro-hcp-${VAULT_SECRET_PROFILE}"

slot_manager_args=(
--deploy-env "${ARO_HCP_DEPLOY_ENV}"
--shared-dir "${SHARED_DIR}"
)

if [[ -n "${ALLOWED_SUBSCRIPTIONS:-}" ]]; then
slot_manager_args+=(--allowed-subscriptions "${ALLOWED_SUBSCRIPTIONS}")
fi

if [[ -n "${ALLOWED_LOCATIONS:-}" ]]; then
slot_manager_args+=(--allowed-locations "${ALLOWED_LOCATIONS}")
fi

if [[ -n "${ARO_HCP_SLOT_MANAGER_MAX_WAIT_FOR_LEASE:-}" ]]; then
slot_manager_args+=(--max-wait-for-lease "${ARO_HCP_SLOT_MANAGER_MAX_WAIT_FOR_LEASE}")
fi

if [[ -n "${ARO_HCP_SLOT_MANAGER_LEASE_WAIT_INTERVAL:-}" ]]; then
slot_manager_args+=(--lease-wait-interval "${ARO_HCP_SLOT_MANAGER_LEASE_WAIT_INTERVAL}")
fi

./test/aro-hcp-tests slot-manager acquire "${slot_manager_args[@]}"
15 changes: 15 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/acquire/aro-hcp-lease-acquire-ref.metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"path": "aro-hcp/lease/acquire/aro-hcp-lease-acquire-ref.yaml",
"owners": {
"approvers": [
"aro-hcp-sl-approvers",
"geoberle",
"deads2k"
],
"reviewers": [
"aro-hcp-sl-reviewers",
"geoberle",
"deads2k"
]
}
}
62 changes: 62 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/acquire/aro-hcp-lease-acquire-ref.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
ref:
as: aro-hcp-lease-acquire
from: aro-hcp-e2e-tests
commands: aro-hcp-lease-acquire-commands.sh
grace_period: 15s
credentials:
- namespace: test-credentials
name: cluster-secrets-aro-hcp-dev
mount_path: /var/run/aro-hcp-dev
- namespace: test-credentials
name: cluster-secrets-aro-hcp-int
mount_path: /var/run/aro-hcp-int
- namespace: test-credentials
name: cluster-secrets-aro-hcp-stg
mount_path: /var/run/aro-hcp-stg
- namespace: test-credentials
name: cluster-secrets-aro-hcp-prod
mount_path: /var/run/aro-hcp-prod
resources:
requests:
cpu: 10m
memory: 100Mi
env:
- name: VAULT_SECRET_PROFILE
default: "dev"
documentation: |-
Selects which environment's cluster secrets to use (dev, int, stg, prod).
- name: ALLOWED_SUBSCRIPTIONS
default: ""
documentation: |-
Optional comma-separated allowlist of catalog `subscription_name`
values that `slot-manager acquire` may consider for candidate pool
selection.
- name: ALLOWED_LOCATIONS
default: ""
documentation: |-
Optional comma-separated allowlist of Azure regions for fixed-mode
candidate pool selection (for example, `centralus,canadacentral`).
- name: MULTISTAGE_PARAM_OVERRIDE_LOCATION
default: ""
documentation: |-
Highest-precedence concrete location override for the runtime slot.
When set, it takes precedence over `ALLOWED_LOCATIONS`.
- name: ARO_HCP_DEPLOY_ENV
default: ""
documentation: Config environment name (prow, ci01, int, stg, prod).
- name: ARO_HCP_SLOT_MANAGER_MAX_WAIT_FOR_LEASE
default: ""
documentation: |-
Optional override for `slot-manager acquire --max-wait-for-lease`.
Leave unset to use the binary default (currently 30m). Set to `0s`
to wait forever after a full exhausted pass across all candidate pools.
- name: ARO_HCP_SLOT_MANAGER_LEASE_WAIT_INTERVAL
default: ""
documentation: |-
Optional override for `slot-manager acquire --lease-wait-interval`.
Leave unset to use the binary default (currently 1m). This controls
the delay between retries after a full exhausted pass across all
candidate pools.
documentation: |-
Acquire the runtime Boskos leases required by ARO HCP E2E workflows and
persist the runtime slot env contract into SHARED_DIR for later steps.
8 changes: 8 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/release/OWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
approvers:
- aro-hcp-sl-approvers
- geoberle
- deads2k
reviewers:
- aro-hcp-sl-reviewers
- geoberle
- deads2k
6 changes: 6 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/release/aro-hcp-lease-release-commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
#!/bin/bash
set -o errexit
set -o nounset
set -o pipefail

./test/aro-hcp-tests slot-manager release --shared-dir "${SHARED_DIR}"
15 changes: 15 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/release/aro-hcp-lease-release-ref.metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
{
"path": "aro-hcp/lease/release/aro-hcp-lease-release-ref.yaml",
"owners": {
"approvers": [
"aro-hcp-sl-approvers",
"geoberle",
"deads2k"
],
"reviewers": [
"aro-hcp-sl-reviewers",
"geoberle",
"deads2k"
]
}
}
10 changes: 10 additions & 0 deletions ci-operator/step-registry/aro-hcp/lease/release/aro-hcp-lease-release-ref.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
ref:
as: aro-hcp-lease-release
from: aro-hcp-e2e-tests
commands: aro-hcp-lease-release-commands.sh
resources:
requests:
cpu: 10m
memory: 100Mi
documentation: |-
Release the runtime Boskos leases acquired for an ARO HCP E2E workflow.
9 changes: 2 additions & 7 deletions ci-operator/step-registry/aro-hcp/local-e2e/aro-hcp-local-e2e-workflow.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,8 @@ workflow:
as: aro-hcp-local-e2e
steps:
allow_best_effort_post_steps: true
leases:
- resource_type: aro-hcp-test-msi-containers-dev
env: LEASED_MSI_CONTAINERS
count: 20
- resource_type: aro-hcp-msi-mock-cs-sp-dev
env: LEASED_MSI_MOCK_SP
count: 1
pre:
- ref: aro-hcp-lease-acquire
- ref: aro-hcp-write-config
- ref: aro-hcp-provision-environment
test:
Expand All @@ -22,5 +16,6 @@ workflow:
- ref: aro-hcp-gather-observability
- ref: aro-hcp-gather-snapshot
- ref: aro-hcp-deprovision-environment
- ref: aro-hcp-lease-release
documentation: |-
The local ARO HCP e2e workflow starts an ARO HCP environment and runs the full end-to-end suite against it.
12 changes: 12 additions & 0 deletions ...tor/step-registry/aro-hcp/provision/environment/aro-hcp-provision-environment-commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,18 @@ set -o errexit
set -o nounset
set -o pipefail

env_file="${SHARED_DIR}/aro-hcp-slot.env"
if [[ ! -f "${env_file}" ]]; then
printf 'Missing runtime lease export file: %s\n' "${env_file}" >&2
exit 1
fi

# shellcheck disable=SC1090
source "${env_file}"

export LOCATION="${SELECTED_LOCATION:-${LOCATION:-}}"
: "${LOCATION:?LOCATION must be provided by SELECTED_LOCATION or the legacy runtime slot export file}"

export CLUSTER_PROFILE_DIR="/var/run/aro-hcp-${VAULT_SECRET_PROFILE}"

export AZURE_CLIENT_ID; AZURE_CLIENT_ID=$(cat "${CLUSTER_PROFILE_DIR}/client-id")
Expand Down
3 changes: 3 additions & 0 deletions ...erator/step-registry/aro-hcp/provision/environment/aro-hcp-provision-environment-ref.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@ ref:
from: aro-hcp-e2e-tools
commands: aro-hcp-provision-environment-commands.sh
grace_period: 15s
leases:
- resource_type: aro-hcp-msi-mock-cs-sp-dev
env: LEASED_MSI_MOCK_SP
resources:
requests:
cpu: 1000m
Expand Down
13 changes: 12 additions & 1 deletion ci-operator/step-registry/aro-hcp/test/local/aro-hcp-test-local-commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,23 @@ set -o errexit
set -o nounset
set -o pipefail

env_file="${SHARED_DIR}/aro-hcp-slot.env"
if [[ ! -f "${env_file}" ]]; then
printf 'Missing runtime lease export file: %s\n' "${env_file}" >&2
exit 1
fi

# shellcheck disable=SC1090
source "${env_file}"

export LOCATION="${SELECTED_LOCATION:-${LOCATION:-}}"
: "${LOCATION:?LOCATION must be provided by SELECTED_LOCATION or the legacy runtime slot export file}"

Comment on lines +12 to +17

@coderabbitai coderabbitai Bot Jun 5, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Validate CUSTOMER_SUBSCRIPTION immediately after sourcing runtime slot env.

CUSTOMER_SUBSCRIPTION is used later (Line 41) but not asserted at the env-file boundary. Add an explicit guard here so slot contract regressions fail early with a clear message.

Suggested fix 
 # shellcheck disable=SC1090
 source "${env_file}"

 export LOCATION="${SELECTED_LOCATION:-${LOCATION:-}}"
 : "${LOCATION:?LOCATION must be provided by SELECTED_LOCATION or the legacy runtime slot export file}"
+: "${CUSTOMER_SUBSCRIPTION:?CUSTOMER_SUBSCRIPTION must be provided by the runtime slot export file}"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
# shellcheck disable=SC1090
source "${env_file}"
export LOCATION="${SELECTED_LOCATION:-${LOCATION:-}}"
: "${LOCATION:?LOCATION must be provided by SELECTED_LOCATION or the legacy runtime slot export file}"
# shellcheck disable=SC1090
source "${env_file}"
export LOCATION="${SELECTED_LOCATION:-${LOCATION:-}}"
: "${LOCATION:?LOCATION must be provided by SELECTED_LOCATION or the legacy runtime slot export file}"
: "${CUSTOMER_SUBSCRIPTION:?CUSTOMER_SUBSCRIPTION must be provided by the runtime slot export file}"
🤖 Prompt for AI Agents 
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@ci-operator/step-registry/aro-hcp/test/local/aro-hcp-test-local-commands.sh`
around lines 12 - 17, After sourcing the runtime slot env (source
"${env_file}"), immediately validate that CUSTOMER_SUBSCRIPTION is present by
adding a guard like using shell parameter expansion (e.g., :
"${CUSTOMER_SUBSCRIPTION:?CUSTOMER_SUBSCRIPTION must be provided by the runtime
slot env}"); place this check alongside the existing LOCATION export block so
any slot contract regression fails fast with a clear message before
CUSTOMER_SUBSCRIPTION is referenced later.

export CLUSTER_PROFILE_DIR="/var/run/aro-hcp-${VAULT_SECRET_PROFILE}"

export AZURE_CLIENT_ID; AZURE_CLIENT_ID=$(cat "${CLUSTER_PROFILE_DIR}/client-id")
export AZURE_TENANT_ID; AZURE_TENANT_ID=$(cat "${CLUSTER_PROFILE_DIR}/tenant")
export AZURE_CLIENT_SECRET; AZURE_CLIENT_SECRET=$(cat "${CLUSTER_PROFILE_DIR}/client-secret")
export CUSTOMER_SUBSCRIPTION; CUSTOMER_SUBSCRIPTION=$(cat "${CLUSTER_PROFILE_DIR}/subscription-name")
export INFRA_SUBSCRIPTION_ID; INFRA_SUBSCRIPTION_ID=$(cat "${CLUSTER_PROFILE_DIR}/infra-${ARO_HCP_DEPLOY_ENV}-subscription-id")
export DEPLOY_ENV="${ARO_HCP_DEPLOY_ENV}"

Expand Down
14 changes: 13 additions & 1 deletion ci-operator/step-registry/aro-hcp/write-config/aro-hcp-write-config-commands.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,21 @@ set -o nounset
set -o pipefail

if [[ -n "${MULTISTAGE_PARAM_OVERRIDE_LOCATION:-}" ]]; then
export LOCATION="${MULTISTAGE_PARAM_OVERRIDE_LOCATION}"
export LOCATION="${MULTISTAGE_PARAM_OVERRIDE_LOCATION}"
fi

env_file="${SHARED_DIR}/aro-hcp-slot.env"
if [[ -f "${env_file}" ]]; then
# shellcheck disable=SC1090
source "${env_file}"
fi

if [[ -n "${SELECTED_LOCATION:-}" ]]; then
export LOCATION="${SELECTED_LOCATION}"
fi

: "${LOCATION:?LOCATION must be set directly, via Gangway override, or by SELECTED_LOCATION in the runtime slot export file}"

export AZURE_TOKEN_CREDENTIALS=prod

# NOTE: this config will be only partially accurate on public envs
Expand Down
4 changes: 3 additions & 1 deletion ci-operator/step-registry/aro-hcp/write-config/aro-hcp-write-config-ref.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,7 @@ ref:
documentation: Config environment name (prow, int, stg, prod).
timeout: 5m
documentation: |-
Render config.yaml to SHARED_DIR using templatize configuration render.
Render config.yaml to SHARED_DIR using LOCATION, optionally overridden by
MULTISTAGE_PARAM_OVERRIDE_LOCATION, or the runtime slot SELECTED_LOCATION
when the slot export file is present.
Note: The rendered config is only partially accurate and won't always reflect the full production configuration.