k8s.io/test-infra@v0.0.0-20240520184403-27c6b4c223d8/config/jobs/kubernetes/sig-k8s-infra/releng/artifact-promotion-presubmits.yaml (about) 1 presubmits: 2 # Check that changes to promoter manifests are valid. 3 kubernetes/k8s.io: 4 - name: pull-k8sio-cip 5 cluster: k8s-infra-prow-build 6 annotations: 7 testgrid-create-test-group: 'true' 8 testgrid-dashboards: sig-k8s-infra-k8sio 9 decorate: true 10 skip_report: false 11 run_if_changed: 'registry.k8s.io/((images/.*/images\.yaml)|(manifests/.*/promoter-manifest\.yaml))' 12 max_concurrency: 10 13 branches: 14 - ^main$ 15 spec: 16 containers: 17 - image: registry.k8s.io/artifact-promoter/kpromo:v4.0.5-0 18 command: 19 - /kpromo 20 args: 21 - cip 22 - --thin-manifest-dir=/home/prow/go/src/github.com/kubernetes/k8s.io/registry.k8s.io 23 - --use-prow-manifest-diff 24 - --certificate-identity-regexp=(krel-staging@k8s-releng-prod.iam.gserviceaccount.com)|(krel-trust@k8s-releng-prod.iam.gserviceaccount.com) 25 - --certificate-oidc-issuer=https://accounts.google.com 26 resources: 27 limits: 28 cpu: 2 29 memory: "4Gi" 30 requests: 31 cpu: 2 32 memory: "4Gi" 33 # Check that images to be promoted are free of fixable vulnerabilities 34 - name: pull-k8sio-cip-vuln 35 annotations: 36 testgrid-create-test-group: 'true' 37 testgrid-dashboards: sig-k8s-infra-k8sio 38 decorate: true 39 optional: true 40 skip_report: false 41 run_if_changed: 'registry.k8s.io/((images/.*/images\.yaml)|(manifests/.*/promoter-manifest\.yaml))' 42 max_concurrency: 10 43 branches: 44 - ^vuln-check-test$ 45 spec: 46 serviceAccountName: k8s-infra-gcr-vuln-scanning 47 containers: 48 - image: registry.k8s.io/artifact-promoter/kpromo:v4.0.5-0 49 command: 50 - /kpromo 51 args: 52 - cip 53 - --thin-manifest-dir=/home/prow/go/src/github.com/kubernetes/k8s.io/registry.k8s.io 54 - --use-prow-manifest-diff 55 - --vuln-severity-threshold=1 56 - --certificate-identity-regexp=(krel-staging@k8s-releng-prod.iam.gserviceaccount.com)|(krel-trust@k8s-releng-prod.iam.gserviceaccount.com) 57 - --certificate-oidc-issuer=https://accounts.google.com 58 # Check that changes to backup scripts are valid. 59 - name: pull-k8sio-backup 60 annotations: 61 testgrid-create-test-group: 'true' 62 testgrid-dashboards: sig-k8s-infra-k8sio 63 decorate: true 64 run_if_changed: '^infra/gcp/backup_tools/' 65 max_concurrency: 1 66 branches: 67 - ^main$ 68 spec: 69 serviceAccountName: k8s-infra-gcr-promoter-test 70 containers: 71 - image: gcr.io/k8s-staging-infra-tools/k8s-infra:latest 72 command: 73 - infra/gcp/bash/backup_tools/backup_test.sh 74 env: 75 # Even though GOPATH is set to /go in the kubekins-e2e image, we set it 76 # here anyway in case the underlying image changes (the backup_test.sh 77 # script needs it to be defined). 78 - name: GOPATH 79 value: /go 80 - name: pull-k8sio-file-promo 81 cluster: k8s-infra-prow-build 82 annotations: 83 testgrid-create-test-group: 'true' 84 testgrid-dashboards: sig-release-releng-blocking, sig-k8s-infra-k8sio 85 testgrid-alert-email: k8s-infra-alerts@kubernetes.io, release-managers+alerts@kubernetes.io 86 testgrid-num-failures-to-alert: '10' 87 decorate: true 88 skip_report: false 89 run_if_changed: '^artifacts\/(filestores|manifests)\/.*\/*.yaml' 90 max_concurrency: 10 91 branches: 92 - ^main$ 93 spec: 94 containers: 95 - image: registry.k8s.io/artifact-promoter/kpromo:v4.0.5-0 96 command: 97 - /kpromo 98 args: 99 - run 100 - files 101 - --manifests=/home/prow/go/src/github.com/kubernetes/k8s.io/artifacts/ 102 resources: 103 limits: 104 cpu: 2 105 memory: "4Gi" 106 requests: 107 cpu: 2 108 memory: "4Gi" 109 # WIP version of pull-k8sio-file-promo that adds mirroring to our replicas. 110 # Adds two extra containers to dry-run miroring for staging and production mirrors. 111 # TODO(justinsb): merge with pull-k8sio-file-promo once we are happy with it 112 - name: pull-k8sio-file-promo-with-mirroring 113 cluster: k8s-infra-prow-build 114 annotations: 115 testgrid-create-test-group: 'true' 116 testgrid-dashboards: sig-release-releng-blocking, sig-k8s-infra-k8sio 117 # Don't alert people on a WIP job 118 #testgrid-alert-email: k8s-infra-alerts@kubernetes.io, release-managers+alerts@kubernetes.io 119 #testgrid-num-failures-to-alert: '10' 120 decorate: true 121 skip_report: true # Don't report a WIP job on github 122 run_if_changed: '^artifacts\/.*\/*.yaml' 123 max_concurrency: 10 124 branches: 125 - ^main$ 126 spec: 127 containers: 128 - name: promote-to-primary 129 # TODO(justinsb): replace with released image once this is working 130 # Curently lacking S3 support - at least 131 image: gcr.io/k8s-staging-artifact-promoter/kpromo:v4.0.5-0 132 resources: 133 limits: 134 cpu: 2 135 memory: 4Gi 136 requests: 137 cpu: 2 138 memory: 4Gi 139 command: 140 - /kpromo 141 args: 142 - run 143 - files 144 - --manifests=/home/prow/go/src/github.com/kubernetes/k8s.io/artifacts/ 145 - name: promote-to-mirrors 146 # TODO(justinsb): replace with released image once this is working 147 # Curently lacking S3 support - at least 148 image: gcr.io/k8s-staging-artifact-promoter/kpromo:v4.0.5-0 149 resources: 150 limits: 151 cpu: 2 152 memory: 4Gi 153 requests: 154 cpu: 2 155 memory: 4Gi 156 command: 157 - /kpromo 158 args: 159 - run 160 - files 161 - --manifests=/home/prow/go/src/github.com/kubernetes/k8s.io/artifacts/mirroring 162 - name: promote-to-mirrors-staging 163 # TODO(justinsb): replace with released image once this is working 164 # Curently lacking S3 support - at least 165 image: gcr.io/k8s-staging-artifact-promoter/kpromo:v4.0.5-0 166 resources: 167 limits: 168 cpu: 2 169 memory: 4Gi 170 requests: 171 cpu: 2 172 memory: 4Gi 173 command: 174 - /kpromo 175 args: 176 - run 177 - files 178 - --manifests=/home/prow/go/src/github.com/kubernetes/k8s.io/artifacts/mirroring-staging