From 8594e9ed60a9d0b12ddcf2af4a70c31976588ffa Mon Sep 17 00:00:00 2001 From: Steeve Goveas Date: Wed, 3 Jun 2026 12:07:57 +0100 Subject: [PATCH] METAL-1745: Add 5.0 jobs for rhcos10 worker nodes --- ...ts-private-release-5.0__multi-nightly.yaml | 36 ++++ ...t-tests-private-release-5.0-periodics.yaml | 182 ++++++++++++++++++ .../baremetal-lab-ipi-install-commands.sh | 40 ++++ .../baremetal-lab-ipi-install-ref.yaml | 2 + 4 files changed, 260 insertions(+) diff --git a/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0__multi-nightly.yaml b/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0__multi-nightly.yaml index 7f0cffa3e4e8f..17c5acf64c420 100644 --- a/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0__multi-nightly.yaml +++ b/ci-operator/config/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0__multi-nightly.yaml @@ -3148,6 +3148,42 @@ tests: test: - chain: openshift-e2e-test-qe-destructive workflow: cucushift-installer-rehearse-aws-ipi-custom-dns +- as: metal-ipi-ovn-ipv4-rhcos10-worker-tp-amd-f14 + capabilities: + - intranet + cron: 6 18 13,27 * * + steps: + cluster_profile: equinix-ocp-metal-qe + env: + AUX_HOST: openshift-qe-metal-ci.arm.eng.rdu2.redhat.com + DISCONNECTED: "false" + FEATURE_SET: TechPreviewNoUpgrade + RESERVE_BOOTSTRAP: "false" + WORKER_COREOS_STREAM: rhel-10 + architecture: amd64 + masters: "3" + workers: "2" + test: + - chain: openshift-e2e-test-qe + workflow: baremetal-lab-ipi +- as: metal-ipi-ovn-ipv4-vmedia-rhcos10-worker-tp-arm-f14 + capabilities: + - intranet + cron: 15 3 6,20 * * + steps: + cluster_profile: equinix-ocp-metal-qe + env: + AUX_HOST: openshift-qe-metal-ci.arm.eng.rdu2.redhat.com + DISCONNECTED: "false" + FEATURE_SET: TechPreviewNoUpgrade + RESERVE_BOOTSTRAP: "false" + WORKER_COREOS_STREAM: rhel-10 + architecture: arm64 + masters: "3" + workers: "2" + test: + - chain: openshift-e2e-test-qe + workflow: baremetal-lab-ipi-virtual-media zz_generated_metadata: branch: release-5.0 org: openshift diff --git a/ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0-periodics.yaml b/ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0-periodics.yaml index cc6ce6fcd2b65..d1c26af7a930e 100644 --- a/ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0-periodics.yaml +++ b/ci-operator/jobs/openshift/openshift-tests-private/openshift-openshift-tests-private-release-5.0-periodics.yaml @@ -55693,6 +55693,97 @@ periodics: - name: result-aggregator secret: secretName: result-aggregator +- agent: kubernetes + cluster: build09 + cron: 6 18 13,27 * * + decorate: true + decoration_config: + skip_cloning: true + extra_refs: + - base_ref: release-5.0 + org: openshift + repo: openshift-tests-private + labels: + capability/intranet: intranet + ci-operator.openshift.io/cloud: equinix-ocp-metal + ci-operator.openshift.io/cloud-cluster-profile: equinix-ocp-metal-qe + ci-operator.openshift.io/variant: multi-nightly + ci.openshift.io/generator: prowgen + job-release: "5.0" + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: periodic-ci-openshift-openshift-tests-private-release-5.0-multi-nightly-metal-ipi-ovn-ipv4-rhcos10-worker-tp-amd-f14 + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --oauth-token-path=/usr/local/github-credentials/oauth + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --target=metal-ipi-ovn-ipv4-rhcos10-worker-tp-amd-f14 + - --variant=multi-nightly + command: + - ci-operator + env: + - name: HTTP_SERVER_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + ports: + - containerPort: 8080 + name: http + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /usr/local/github-credentials + name: github-credentials-openshift-ci-robot-private-git-cloner + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: github-credentials-openshift-ci-robot-private-git-cloner + secret: + secretName: github-credentials-openshift-ci-robot-private-git-cloner + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator - agent: kubernetes cluster: build09 cron: 20 14 3,10,17,24 * * @@ -56057,6 +56148,97 @@ periodics: - name: result-aggregator secret: secretName: result-aggregator +- agent: kubernetes + cluster: build09 + cron: 15 3 6,20 * * + decorate: true + decoration_config: + skip_cloning: true + extra_refs: + - base_ref: release-5.0 + org: openshift + repo: openshift-tests-private + labels: + capability/intranet: intranet + ci-operator.openshift.io/cloud: equinix-ocp-metal + ci-operator.openshift.io/cloud-cluster-profile: equinix-ocp-metal-qe + ci-operator.openshift.io/variant: multi-nightly + ci.openshift.io/generator: prowgen + job-release: "5.0" + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: periodic-ci-openshift-openshift-tests-private-release-5.0-multi-nightly-metal-ipi-ovn-ipv4-vmedia-rhcos10-worker-tp-arm-f14 + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --oauth-token-path=/usr/local/github-credentials/oauth + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --target=metal-ipi-ovn-ipv4-vmedia-rhcos10-worker-tp-arm-f14 + - --variant=multi-nightly + command: + - ci-operator + env: + - name: HTTP_SERVER_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + ports: + - containerPort: 8080 + name: http + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /usr/local/github-credentials + name: github-credentials-openshift-ci-robot-private-git-cloner + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: github-credentials-openshift-ci-robot-private-git-cloner + secret: + secretName: github-credentials-openshift-ci-robot-private-git-cloner + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator - agent: kubernetes cluster: build09 cron: 11 14 1,8,15,22 * * diff --git a/ci-operator/step-registry/baremetal/lab/ipi/install/baremetal-lab-ipi-install-commands.sh b/ci-operator/step-registry/baremetal/lab/ipi/install/baremetal-lab-ipi-install-commands.sh index 15df0b373823b..13fd3869ac783 100644 --- a/ci-operator/step-registry/baremetal/lab/ipi/install/baremetal-lab-ipi-install-commands.sh +++ b/ci-operator/step-registry/baremetal/lab/ipi/install/baremetal-lab-ipi-install-commands.sh @@ -255,6 +255,46 @@ if [[ "$ENABLE_CAPI" == "true" ]]; then sed -i 's/watchAllNamespaces: false/watchAllNamespaces: true/' "${INSTALL_DIR}/openshift/99_baremetal-provisioning-config.yaml" fi +# Patch worker BMH manifests to use the specified CoreOS stream. +# This controls which IPA (kernel/initrd/rootfs) version is used +# during PXE boot for worker nodes. +if [[ -n "${WORKER_COREOS_STREAM:-}" ]]; then + if [[ ! "${WORKER_COREOS_STREAM}" =~ ^[a-zA-Z0-9._-]+$ ]]; then + echo "[ERROR] Invalid WORKER_COREOS_STREAM: ${WORKER_COREOS_STREAM}" + exit 1 + fi + esc_stream="$(printf '%s' "${WORKER_COREOS_STREAM}" | sed 's/[\/&]/\\&/g')" + for bmh_file in "${INSTALL_DIR}"/openshift/99_openshift-cluster-api_hosts-*.yaml; do + if ! grep -q 'installer.openshift.io/role: control-plane' "${bmh_file}"; then + sed -i "s/coreos.openshift.io\/stream: .*/coreos.openshift.io\/stream: ${esc_stream}/" "${bmh_file}" + fi + done + # Patch worker MachineSet hostSelector to match the new stream + for ms_file in "${INSTALL_DIR}"/openshift/99_openshift-cluster-api_worker-machineset-*.yaml; do + sed -i "s/coreos.openshift.io\/stream: .*/coreos.openshift.io\/stream: ${WORKER_COREOS_STREAM}/" "${ms_file}" + done + # Set the worker MachineConfigPool to use the specified stream for + # the on-disk OS. Requires the OSStreams feature gate (TechPreviewNoUpgrade). + cat > "${INSTALL_DIR}/openshift/99_worker-osimagestream.yaml" <