From acf5be33b3f1b520767f6d133236ea0e1a00ec71 Mon Sep 17 00:00:00 2001 From: Jan Safranek Date: Fri, 8 Nov 2024 17:46:57 +0100 Subject: [PATCH] Add jobs for SELinuxChangePolicy alpha feature Add a job that enables SELinuxChangePolicy feature + run tests for it. Also run the SELinux jobs with the new SELinuxWarningController enabled. See https://github.com/kubernetes/enhancements/tree/master/keps/sig-storage/1710-selinux-relabeling#proposal for details --- config/jobs/kubernetes/kops/build_jobs.py | 48 +++++++- .../kops/kops-periodics-distros.yaml | 4 +- .../kubernetes/kops/kops-periodics-grid.yaml | 108 +++++++++--------- .../kubernetes/kops/kops-periodics-misc2.yaml | 103 ++++++++++++++--- .../kops/kops-presubmits-distros.yaml | 4 +- .../kubernetes/kops/kops-presubmits-e2e.yaml | 2 +- .../sig-storage/sig-storage-gce-config.yaml | 4 +- 7 files changed, 193 insertions(+), 80 deletions(-) diff --git a/config/jobs/kubernetes/kops/build_jobs.py b/config/jobs/kubernetes/kops/build_jobs.py index 9ee14ad231d8..65ffb82cc0e7 100644 --- a/config/jobs/kubernetes/kops/build_jobs.py +++ b/config/jobs/kubernetes/kops/build_jobs.py @@ -884,7 +884,45 @@ def generate_misc(): # support SELinux and there are several subvariants of local volumes # that multiply nr. of tests. # - FeatureGate:SELinuxMount: the feature gate is alpha / disabled by default - # in v1.30. + # in v1.32. + # - FeatureGate:SELinuxChangePolicy: the feature gate is alpha / disabled by default + # in v1.32. + skip_regex=r"\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\[FeatureGate:SELinuxMount\]|\[FeatureGate:SELinuxChangePolicy\]", + # [Serial] and [Disruptive] are intentionally not skipped, therefore run + # everything as serial. + test_parallelism=1, + # Serial and Disruptive tests can be slow. + test_timeout_minutes=120, + runs_per_day=3), + + # [sig-storage, @jsafrane] A one-off scenario testing SELinuxChangePolicy feature (alpha in v1.32). + # and opt-in selinux-warning-controller. + # This will need to merge with kops-aws-selinux when SELinuxMount gets enabled by default. + build_test(name_override="kops-aws-selinux-changepolicy", + # RHEL8 VM image is enforcing SELinux by default. + cloud="aws", + distro="rhel8", + networking="cilium", + k8s_version="ci", + kops_channel="alpha", + feature_flags=['SELinuxMount'], + kubernetes_feature_gates="SELinuxChangePolicy", + extra_flags=[ + "--set=cluster.spec.containerd.selinuxEnabled=true", + # Run all default controllers ("*") + selinux-warning-controller. + "--set=cluster.spec.kubeControllerManager.controllers=*", + "--set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller" + ], + focus_regex=r"\[Feature:SELinux\]", + # Skip: + # - Feature:Volumes: skips iSCSI and Ceph tests, they don't have client tools + # installed on nodes. + # - Driver: nfs: NFS does not have client tools installed on nodes. + # - Driver: local: this is optimization only, the volume plugin does not + # support SELinux and there are several subvariants of local volumes + # that multiply nr. of tests. + # - FeatureGate:SELinuxMount: the feature gate is alpha / disabled by default + # in v1.32. skip_regex=r"\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\[FeatureGate:SELinuxMount\]", # [Serial] and [Disruptive] are intentionally not skipped, therefore run # everything as serial. @@ -893,7 +931,8 @@ def generate_misc(): test_timeout_minutes=120, runs_per_day=3), - # [sig-storage, @jsafrane] A one-off scenario testing SELinuxMount feature (alpha in v1.30). + # [sig-storage, @jsafrane] A one-off scenario testing all SELinux related feature gates enabled + # and opt-in selinux-warning-controller. # This will need to merge with kops-aws-selinux when SELinuxMount gets enabled by default. build_test(name_override="kops-aws-selinux-alpha", # RHEL8 VM image is enforcing SELinux by default. @@ -903,9 +942,12 @@ def generate_misc(): k8s_version="ci", kops_channel="alpha", feature_flags=['SELinuxMount'], - kubernetes_feature_gates="SELinuxMount", + kubernetes_feature_gates="SELinuxMount,SELinuxChangePolicy", extra_flags=[ "--set=cluster.spec.containerd.selinuxEnabled=true", + # Run all default controllers ("*") + selinux-warning-controller. + "--set=cluster.spec.kubeControllerManager.controllers=*", + "--set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller" ], focus_regex=r"\[Feature:SELinux\]", # Skip: diff --git a/config/jobs/kubernetes/kops/kops-periodics-distros.yaml b/config/jobs/kubernetes/kops/kops-periodics-distros.yaml index 26fbac9ad85f..78e777306363 100644 --- a/config/jobs/kubernetes/kops/kops-periodics-distros.yaml +++ b/config/jobs/kubernetes/kops/kops-periodics-distros.yaml @@ -608,7 +608,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/amzn2-ami-kernel-5.10-hvm-2.0.20241014.0-x86_64-gp2' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/amzn2-ami-kernel-5.10-hvm-2.0.20241031.0-x86_64-gp2' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable.txt \ --test=kops \ @@ -672,7 +672,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable.txt \ --test=kops \ diff --git a/config/jobs/kubernetes/kops/kops-periodics-grid.yaml b/config/jobs/kubernetes/kops/kops-periodics-grid.yaml index a748809c3132..66a239f59f1f 100644 --- a/config/jobs/kubernetes/kops/kops-periodics-grid.yaml +++ b/config/jobs/kubernetes/kops/kops-periodics-grid.yaml @@ -32,7 +32,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -95,7 +95,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -158,7 +158,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -221,7 +221,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -284,7 +284,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -347,7 +347,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -410,7 +410,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -473,7 +473,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -536,7 +536,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.31.txt \ --test=kops \ @@ -3443,7 +3443,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -3506,7 +3506,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -3569,7 +3569,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -3632,7 +3632,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -3695,7 +3695,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -3758,7 +3758,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -3821,7 +3821,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -3884,7 +3884,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -3947,7 +3947,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.31.txt \ --test=kops \ @@ -6854,7 +6854,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -6917,7 +6917,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -6980,7 +6980,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -7043,7 +7043,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -7106,7 +7106,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -7169,7 +7169,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -7232,7 +7232,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -7295,7 +7295,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -7358,7 +7358,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.31.txt \ --test=kops \ @@ -10265,7 +10265,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -10328,7 +10328,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -10391,7 +10391,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -10454,7 +10454,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -10517,7 +10517,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -10580,7 +10580,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -10643,7 +10643,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -10706,7 +10706,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -10769,7 +10769,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-etcd" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.31.txt \ --test=kops \ @@ -13676,7 +13676,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -13740,7 +13740,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -13804,7 +13804,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -13868,7 +13868,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -13932,7 +13932,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -13996,7 +13996,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -14060,7 +14060,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -14124,7 +14124,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -14188,7 +14188,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium-eni --node-size=t3.large" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.31.txt \ --test=kops \ @@ -17141,7 +17141,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -17204,7 +17204,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -17267,7 +17267,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -17330,7 +17330,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -17393,7 +17393,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.29/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -17456,7 +17456,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.29.txt \ --test=kops \ @@ -17519,7 +17519,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -17582,7 +17582,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/release-1.30/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.30.txt \ --test=kops \ @@ -17645,7 +17645,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kopeio" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.31.txt \ --test=kops \ diff --git a/config/jobs/kubernetes/kops/kops-periodics-misc2.yaml b/config/jobs/kubernetes/kops/kops-periodics-misc2.yaml index d62e50ebb37e..951d62bcbb69 100644 --- a/config/jobs/kubernetes/kops/kops-periodics-misc2.yaml +++ b/config/jobs/kubernetes/kops/kops-periodics-misc2.yaml @@ -1,5 +1,5 @@ # Test jobs generated by build_jobs.py (do not manually edit) -# 50 jobs, total of 1407 runs per week +# 51 jobs, total of 1428 runs per week periodics: # {"cloud": "aws", "distro": "u2204", "extra_flags": "--discovery-store=s3://k8s-kops-prow/discovery", "k8s_version": "1.29", "kops_channel": "alpha", "kops_version": "latest", "networking": "cilium"} @@ -1978,7 +1978,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable-1.28.txt \ --test=kops \ @@ -2054,7 +2054,7 @@ periodics: --test-package-dir=ci \ --test-package-marker=latest.txt \ --focus-regex="\[Feature:SELinux\]" \ - --skip-regex="\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\[FeatureGate:SELinuxMount\]" \ + --skip-regex="\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\[FeatureGate:SELinuxMount\]|\[FeatureGate:SELinuxChangePolicy\]" \ --parallel=1 env: - name: KUBE_SSH_KEY_PATH @@ -2083,7 +2083,78 @@ periodics: testgrid-days-of-results: '90' testgrid-tab-name: kops-aws-selinux -# {"cloud": "aws", "distro": "rhel8", "extra_flags": "--set=cluster.spec.containerd.selinuxEnabled=true --discovery-store=s3://k8s-kops-prow/discovery", "feature_flags": "SELinuxMount", "k8s_version": "ci", "kops_channel": "alpha", "kops_version": "latest", "networking": "cilium"} +# {"cloud": "aws", "distro": "rhel8", "extra_flags": "--set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers=* --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --discovery-store=s3://k8s-kops-prow/discovery", "feature_flags": "SELinuxMount", "k8s_version": "ci", "kops_channel": "alpha", "kops_version": "latest", "networking": "cilium"} +- name: e2e-kops-aws-selinux-changepolicy + cron: '46 2-23/8 * * *' + labels: + preset-service-account: "true" + preset-aws-ssh: "true" + preset-aws-credential: "true" + cluster: k8s-infra-kops-prow-build + decorate: true + decoration_config: + timeout: 150m + extra_refs: + - org: kubernetes + repo: kops + base_ref: master + workdir: true + path_alias: k8s.io/kops + spec: + containers: + - command: + - runner.sh + args: + - bash + - -c + - | + make test-e2e-install + kubetest2 kops \ + -v 2 \ + --up --down \ + --cloud-provider=aws \ + --create-args="--image='309956199498/RHEL-8.9.0_HVM-20240327-x86_64-4-Hourly2-GP3' --channel=alpha --networking=cilium --set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers=* --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --discovery-store=s3://k8s-kops-prow/discovery" \ + --env=KOPS_FEATURE_FLAGS=SELinuxMount \ + --kubernetes-feature-gates=SELinuxChangePolicy \ + --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ + --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ + --test=kops \ + -- \ + --test-args="-test.timeout=120m" \ + --test-package-url=https://storage.googleapis.com/k8s-release-dev \ + --test-package-dir=ci \ + --test-package-marker=latest.txt \ + --focus-regex="\[Feature:SELinux\]" \ + --skip-regex="\[Feature:Volumes\]|\[Driver:.nfs\]|\[Driver:.local\]|\[FeatureGate:SELinuxMount\]" \ + --parallel=1 + env: + - name: KUBE_SSH_KEY_PATH + value: /etc/aws-ssh/aws-ssh-private + - name: KUBE_SSH_USER + value: ec2-user + image: gcr.io/k8s-staging-test-infra/kubekins-e2e:v20241021-d3a4913879-master + imagePullPolicy: Always + resources: + limits: + cpu: "4" + memory: 6Gi + requests: + cpu: "4" + memory: 6Gi + annotations: + test.kops.k8s.io/cloud: aws + test.kops.k8s.io/distro: rhel8 + test.kops.k8s.io/extra_flags: --set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers=* --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --discovery-store=s3://k8s-kops-prow/discovery + test.kops.k8s.io/feature_flags: SELinuxMount + test.kops.k8s.io/k8s_version: ci + test.kops.k8s.io/kops_channel: alpha + test.kops.k8s.io/kops_version: latest + test.kops.k8s.io/networking: cilium + testgrid-dashboards: kops-distro-rhel8, kops-k8s-ci, kops-latest, sig-cluster-lifecycle-kops + testgrid-days-of-results: '90' + testgrid-tab-name: kops-aws-selinux-changepolicy + +# {"cloud": "aws", "distro": "rhel8", "extra_flags": "--set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers=* --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --discovery-store=s3://k8s-kops-prow/discovery", "feature_flags": "SELinuxMount", "k8s_version": "ci", "kops_channel": "alpha", "kops_version": "latest", "networking": "cilium"} - name: e2e-kops-aws-selinux-alpha cron: '8 0-23/8 * * *' labels: @@ -2113,9 +2184,9 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='309956199498/RHEL-8.9.0_HVM-20240327-x86_64-4-Hourly2-GP3' --channel=alpha --networking=cilium --set=cluster.spec.containerd.selinuxEnabled=true --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='309956199498/RHEL-8.9.0_HVM-20240327-x86_64-4-Hourly2-GP3' --channel=alpha --networking=cilium --set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers=* --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --discovery-store=s3://k8s-kops-prow/discovery" \ --env=KOPS_FEATURE_FLAGS=SELinuxMount \ - --kubernetes-feature-gates=SELinuxMount \ + --kubernetes-feature-gates=SELinuxMount,SELinuxChangePolicy \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ --test=kops \ @@ -2144,7 +2215,7 @@ periodics: annotations: test.kops.k8s.io/cloud: aws test.kops.k8s.io/distro: rhel8 - test.kops.k8s.io/extra_flags: --set=cluster.spec.containerd.selinuxEnabled=true --discovery-store=s3://k8s-kops-prow/discovery + test.kops.k8s.io/extra_flags: --set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers=* --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --discovery-store=s3://k8s-kops-prow/discovery test.kops.k8s.io/feature_flags: SELinuxMount test.kops.k8s.io/k8s_version: ci test.kops.k8s.io/kops_channel: alpha @@ -2251,7 +2322,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.nodeProblemDetector.enabled=true --set=spec.packages=nfs-utils --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.nodeProblemDetector.enabled=true --set=spec.packages=nfs-utils --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ --test=kops \ @@ -2453,7 +2524,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.packages=nfs-utils --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.packages=nfs-utils --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ --test=kops \ @@ -2589,7 +2660,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-ci-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-ci-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ --test=kops \ @@ -2657,7 +2728,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-ci-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-ci-prow/discovery" \ --cluster-name="kubernetes-e2e-al2023-aws-conformance-aws-cni.k8s.local" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://dl.k8s.io/release/stable.txt \ @@ -2724,7 +2795,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ --cluster-name="kubernetes-e2e-al2023-aws-conformance-aws-cni-canary.k8s.local" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ @@ -2793,7 +2864,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeProxy.enabled=false --set=spec.networking.cilium.enableNodePort=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=cilium --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeProxy.enabled=false --set=spec.networking.cilium.enableNodePort=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ --cluster-name="kubernetes-e2e-al2023-aws-conformance-cilium.k8s.local" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ @@ -2998,7 +3069,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ --test=kops \ @@ -3135,7 +3206,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --node-volume-size=100 --set=spec.packages=nfs-utils --set=spec.packages=git --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --node-volume-size=100 --set=spec.packages=nfs-utils --set=spec.packages=git --discovery-store=s3://k8s-kops-prow/discovery" \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ --test=kops \ @@ -3203,7 +3274,7 @@ periodics: -v 2 \ --up --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --set=spec.kubeAPIServer.runtimeConfig=api/all=true --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=kubenet --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --set=spec.kubeAPIServer.runtimeConfig=api/all=true --discovery-store=s3://k8s-kops-prow/discovery" \ --kubernetes-feature-gates=AllAlpha,-EventedPLEG \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci-updown-green.txt \ --kubernetes-version=https://storage.googleapis.com/k8s-release-dev/ci/latest.txt \ diff --git a/config/jobs/kubernetes/kops/kops-presubmits-distros.yaml b/config/jobs/kubernetes/kops/kops-presubmits-distros.yaml index 1ada4d928bf1..51d27e120ce2 100644 --- a/config/jobs/kubernetes/kops/kops-presubmits-distros.yaml +++ b/config/jobs/kubernetes/kops/kops-presubmits-distros.yaml @@ -638,7 +638,7 @@ presubmits: -v 2 \ --up --build --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/amzn2-ami-kernel-5.10-hvm-2.0.20241014.0-x86_64-gp2' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/amzn2-ami-kernel-5.10-hvm-2.0.20241031.0-x86_64-gp2' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \ --kubernetes-version=https://dl.k8s.io/release/stable.txt \ --kops-binary-path=/home/prow/go/src/k8s.io/kops/.build/dist/linux/amd64/kops \ --test=kops \ @@ -705,7 +705,7 @@ presubmits: -v 2 \ --up --build --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=calico --discovery-store=s3://k8s-kops-prow/discovery" \ --kubernetes-version=https://dl.k8s.io/release/stable.txt \ --kops-binary-path=/home/prow/go/src/k8s.io/kops/.build/dist/linux/amd64/kops \ --test=kops \ diff --git a/config/jobs/kubernetes/kops/kops-presubmits-e2e.yaml b/config/jobs/kubernetes/kops/kops-presubmits-e2e.yaml index d3cbbce6f9f4..569770f26f0a 100644 --- a/config/jobs/kubernetes/kops/kops-presubmits-e2e.yaml +++ b/config/jobs/kubernetes/kops/kops-presubmits-e2e.yaml @@ -242,7 +242,7 @@ presubmits: -v 2 \ --up --build --down \ --cloud-provider=aws \ - --create-args="--image='137112412989/al2023-ami-2023.6.20241010.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ + --create-args="--image='137112412989/al2023-ami-2023.6.20241031.0-kernel-6.1-x86_64' --channel=alpha --networking=amazonvpc --node-size=r5d.xlarge --master-size=r5d.xlarge --set=cluster.spec.networking.amazonVPC.env=ENABLE_PREFIX_DELEGATION=true --set=cluster.spec.networking.amazonVPC.env=MINIMUM_IP_TARGET=80 --set=cluster.spec.networking.amazonVPC.env=WARM_IP_TARGET=10 --set=spec.kubeAPIServer.logLevel=4 --set=spec.kubeAPIServer.auditLogMaxSize=2000000000 --set=spec.kubeAPIServer.enableAggregatorRouting=true --set=spec.kubeAPIServer.auditLogPath=/var/log/kube-apiserver-audit.log --discovery-store=s3://k8s-kops-prow/discovery" \ --kubernetes-version=https://dl.k8s.io/release/stable.txt \ --kops-binary-path=/home/prow/go/src/k8s.io/kops/.build/dist/linux/amd64/kops \ --test=kops \ diff --git a/config/jobs/kubernetes/sig-storage/sig-storage-gce-config.yaml b/config/jobs/kubernetes/sig-storage/sig-storage-gce-config.yaml index 3f5047a08971..2a10aee82d83 100644 --- a/config/jobs/kubernetes/sig-storage/sig-storage-gce-config.yaml +++ b/config/jobs/kubernetes/sig-storage/sig-storage-gce-config.yaml @@ -262,9 +262,9 @@ presubmits: kubetest2 kops -v=6 --cloud-provider=gce --up --down --build --env=KOPS_FEATURE_FLAGS=SELinuxMount \ --build-kubernetes=true --target-build-arch=linux/amd64 \ --admin-access=0.0.0.0/0 \ - --kubernetes-feature-gates=SELinuxMount \ + --kubernetes-feature-gates=SELinuxMount,SELinuxChangePolicy \ --kops-version-marker=https://storage.googleapis.com/k8s-staging-kops/kops/releases/markers/master/latest-ci.txt \ - --create-args "--image='rhel-cloud/rhel-9-v20240815' --channel=alpha --networking=cilium --set=cluster.spec.containerd.selinuxEnabled=true --gce-service-account=default --set=spec.nodeProblemDetector.enabled=true --set=cluster.spec.cloudProvider.gce.useStartupScript=true" \ + --create-args "--image='rhel-cloud/rhel-9-v20240815' --channel=alpha --networking=cilium --set=cluster.spec.containerd.selinuxEnabled=true --set=cluster.spec.kubeControllerManager.controllers='*' --set=cluster.spec.kubeControllerManager.controllers=selinux-warning-controller --gce-service-account=default --set=spec.nodeProblemDetector.enabled=true --set=cluster.spec.cloudProvider.gce.useStartupScript=true" \ --test=kops \ -- \ --ginkgo-args="--debug" \