From 4883abbfd64479dc55688f3c64804df67ba34efe Mon Sep 17 00:00:00 2001 From: sophia chen Date: Mon, 16 Mar 2026 12:09:32 +1100 Subject: [PATCH 1/6] updated azure and gcp cpu size --- scripts/azure/artifacts_schema/template.json | 4 ++-- scripts/gcp/start_gcp_enclave.sh | 1 + 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/scripts/azure/artifacts_schema/template.json b/scripts/azure/artifacts_schema/template.json index 6f11e97f..c5dcc13e 100644 --- a/scripts/azure/artifacts_schema/template.json +++ b/scripts/azure/artifacts_schema/template.json @@ -112,8 +112,8 @@ ], "resources": { "requests": { - "cpu": 1, - "memoryInGB": 4 + "cpu": 6, + "memoryInGB": 24 } }, "environmentVariables": [ diff --git a/scripts/gcp/start_gcp_enclave.sh b/scripts/gcp/start_gcp_enclave.sh index 15de6956..44367847 100644 --- a/scripts/gcp/start_gcp_enclave.sh +++ b/scripts/gcp/start_gcp_enclave.sh @@ -52,6 +52,7 @@ gcloud compute instances create ${GCP_INSTANCE_NAME} \ --confidential-compute \ --shielded-secure-boot \ --maintenance-policy Terminate \ + --machine-type n2d-standard-8 \ --scopes cloud-platform \ --image-project confidential-space-images \ --image-family confidential-space-debug \ From cc8960ca4251145456535e808dcbecf3834eeb70 Mon Sep 17 00:00:00 2001 From: sophia chen Date: Mon, 16 Mar 2026 12:13:39 +1100 Subject: [PATCH 2/6] update workflow ref --- .github/workflows/shared-run-e2e-tests.yaml | 26 ++++++++++----------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index ff372b6e..38559466 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -153,7 +153,7 @@ jobs: - name: Checkout uid2-shared-actions repo uses: actions/checkout@v4 with: - ref: v3 + ref: sch-UID2-6632-load-test-private-operator repository: IABTechLab/uid2-shared-actions path: uid2-shared-actions @@ -179,7 +179,7 @@ jobs: - name: Prepare GCP metadata id: prepare_gcp_metadata if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@v2 + uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@sch-UID2-6632-load-test-private-operator with: operator_image_version: ${{ inputs.operator_image_version }} admin_root: ${{ inputs.admin_root }} @@ -189,7 +189,7 @@ jobs: - name: Prepare Azure metadata id: prepare_azure_metadata if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@sch-UID2-6632-load-test-private-operator with: operator_image_version: ${{ inputs.operator_image_version }} admin_root: ${{ inputs.admin_root }} @@ -197,7 +197,7 @@ jobs: - name: Prepare AWS metadata id: prepare_aws_metadata if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@sch-UID2-6632-load-test-private-operator with: admin_root: ${{ inputs.admin_root }} aws_pcr0: ${{ inputs.aws_pcr0 }} @@ -205,7 +205,7 @@ jobs: - name: Prepare EKS metadata id: prepare_eks_metadata if: ${{ inputs.operator_type == 'eks' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_eks_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_eks_metadata@sch-UID2-6632-load-test-private-operator with: operator_image_version: ${{ inputs.operator_image_version }} admin_root: ${{ inputs.admin_root }} @@ -214,7 +214,7 @@ jobs: - name: Prepare AKS metadata id: prepare_aks_metadata if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@v3 + uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@sch-UID2-6632-load-test-private-operator with: operator_image_version: ${{ inputs.operator_image_version }} admin_root: ${{ inputs.admin_root }} @@ -243,7 +243,7 @@ jobs: - name: Start GCP private operator id: start_gcp_private_operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@v2 + uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@sch-UID2-6632-load-test-private-operator with: bore_url_core: ${{ steps.bore.outputs.BORE_URL_CORE }} bore_url_optout: ${{ steps.bore.outputs.BORE_URL_OPTOUT }} @@ -255,7 +255,7 @@ jobs: - name: Start Azure private operator id: start_azure_private_operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@sch-UID2-6632-load-test-private-operator with: bore_url_core: ${{ steps.bore.outputs.BORE_URL_CORE }} bore_url_optout: ${{ steps.bore.outputs.BORE_URL_OPTOUT }} @@ -266,7 +266,7 @@ jobs: - name: Start AWS private operator id: start_aws_private_operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@sch-UID2-6632-load-test-private-operator with: bore_url_core: ${{ steps.bore.outputs.BORE_URL_CORE }} bore_url_optout: ${{ steps.bore.outputs.BORE_URL_OPTOUT }} @@ -279,7 +279,7 @@ jobs: - name: Start EKS operator id: start_EKS_operator if: ${{ inputs.operator_type == 'eks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_eks_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_eks_operator@sch-UID2-6632-load-test-private-operator with: bore_url_core: ${{ steps.bore.outputs.BORE_URL_CORE }} bore_url_optout: ${{ steps.bore.outputs.BORE_URL_OPTOUT }} @@ -294,7 +294,7 @@ jobs: - name: Start AKS private operator id: start_aks_private_operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@sch-UID2-6632-load-test-private-operator with: output_template_file: ${{ steps.prepare_aks_metadata.outputs.output_template_file }} azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} @@ -318,7 +318,7 @@ jobs: - name: Run E2E tests id: e2e - uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@v3 + uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@sch-UID2-6632-load-test-private-operator with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} @@ -362,7 +362,7 @@ jobs: - name: Stop EKS operator if: ${{ inputs.operator_type == 'eks' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_eks_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/stop_eks_operator@sch-UID2-6632-load-test-private-operator with: eks_test_cluster: ${{ inputs.eks_test_cluster }} eks_test_cluster_region: ${{ inputs.eks_test_cluster_region }} From 11a99632ecdf822b70c166c9a365772557e55301 Mon Sep 17 00:00:00 2001 From: sophia chen Date: Mon, 16 Mar 2026 12:23:15 +1100 Subject: [PATCH 3/6] update ref --- .github/workflows/shared-run-e2e-tests.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 4f198554..2056bd42 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -207,7 +207,7 @@ jobs: - name: Start AKS cluster id: start_aks_cluster if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aks_cluster@v3 + uses: IABTechLab/uid2-shared-actions/actions/start_aks_cluster@sch-UID2-6632-load-test-private-operator with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} run_id: ${{ github.run_id }} @@ -383,7 +383,7 @@ jobs: - name: Stop GCP private operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@sch-UID2-6632-load-test-private-operator with: gcp_project: ${{ inputs.gcp_project }} gcp_service_account: ${{ inputs.gcp_service_account }} @@ -392,21 +392,21 @@ jobs: - name: Stop Azure private operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@sch-UID2-6632-load-test-private-operator with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} azure_container_group_name: ${{ needs.e2e-test.outputs.azure_container_group_name }} - name: Stop AWS private operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@sch-UID2-6632-load-test-private-operator with: aws_stack_name: ${{ needs.e2e-test.outputs.aws_stack_name }} aws_region: ${{ inputs.aws_region }} - name: Stop AKS private operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@v3 + uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@sch-UID2-6632-load-test-private-operator with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} run_id: ${{ github.run_id }} From b10950c3ab74f4d2f83f4c2bfe553827e84e223e Mon Sep 17 00:00:00 2001 From: sophia chen Date: Mon, 16 Mar 2026 12:52:16 +1100 Subject: [PATCH 4/6] added service instance and worker pool thread default to 6 --- scripts/gcp/start_gcp_enclave.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/gcp/start_gcp_enclave.sh b/scripts/gcp/start_gcp_enclave.sh index 3ffecfb6..e51efe8f 100644 --- a/scripts/gcp/start_gcp_enclave.sh +++ b/scripts/gcp/start_gcp_enclave.sh @@ -57,7 +57,7 @@ gcloud compute instances create ${GCP_INSTANCE_NAME} \ --image-project confidential-space-images \ --image-family confidential-space-debug \ --service-account $SERVICE_ACCOUNT \ - --metadata ^~^tee-image-reference=us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator@${IMAGE_HASH}~tee-restart-policy=Never~tee-container-log-redirect=true~tee-env-SKIP_VALIDATIONS=true~tee-env-DEPLOYMENT_ENVIRONMENT=integ~tee-env-API_TOKEN_SECRET_NAME=${OPERATOR_KEY_SECRET_VERSION}~tee-env-CORE_BASE_URL=${BORE_URL_CORE}~tee-env-OPTOUT_BASE_URL=${BORE_URL_OPTOUT} + --metadata ^~^tee-image-reference=us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator@${IMAGE_HASH}~tee-restart-policy=Never~tee-container-log-redirect=true~tee-env-SKIP_VALIDATIONS=true~tee-env-DEPLOYMENT_ENVIRONMENT=integ~tee-env-API_TOKEN_SECRET_NAME=${OPERATOR_KEY_SECRET_VERSION}~tee-env-CORE_BASE_URL=${BORE_URL_CORE}~tee-env-OPTOUT_BASE_URL=${BORE_URL_OPTOUT}~tee-env-service_instances=6~tee-env-default_worker_pool_thread_count=6 # Export to GitHub output echo "GCP_INSTANCE_NAME=${GCP_INSTANCE_NAME}" From a23e0b024118527f50efd01b18a76b3b3eaccf01 Mon Sep 17 00:00:00 2001 From: sophia chen Date: Mon, 16 Mar 2026 16:00:42 +1100 Subject: [PATCH 5/6] use smaller gcp instance --- scripts/gcp/start_gcp_enclave.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/gcp/start_gcp_enclave.sh b/scripts/gcp/start_gcp_enclave.sh index e51efe8f..314efcd1 100644 --- a/scripts/gcp/start_gcp_enclave.sh +++ b/scripts/gcp/start_gcp_enclave.sh @@ -52,12 +52,12 @@ gcloud compute instances create ${GCP_INSTANCE_NAME} \ --confidential-compute \ --shielded-secure-boot \ --maintenance-policy Terminate \ - --machine-type n2d-standard-8 \ + --machine-type n2d-standard-4 \ --scopes cloud-platform \ --image-project confidential-space-images \ --image-family confidential-space-debug \ --service-account $SERVICE_ACCOUNT \ - --metadata ^~^tee-image-reference=us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator@${IMAGE_HASH}~tee-restart-policy=Never~tee-container-log-redirect=true~tee-env-SKIP_VALIDATIONS=true~tee-env-DEPLOYMENT_ENVIRONMENT=integ~tee-env-API_TOKEN_SECRET_NAME=${OPERATOR_KEY_SECRET_VERSION}~tee-env-CORE_BASE_URL=${BORE_URL_CORE}~tee-env-OPTOUT_BASE_URL=${BORE_URL_OPTOUT}~tee-env-service_instances=6~tee-env-default_worker_pool_thread_count=6 + --metadata ^~^tee-image-reference=us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator@${IMAGE_HASH}~tee-restart-policy=Never~tee-container-log-redirect=true~tee-env-SKIP_VALIDATIONS=true~tee-env-DEPLOYMENT_ENVIRONMENT=integ~tee-env-API_TOKEN_SECRET_NAME=${OPERATOR_KEY_SECRET_VERSION}~tee-env-CORE_BASE_URL=${BORE_URL_CORE}~tee-env-OPTOUT_BASE_URL=${BORE_URL_OPTOUT} # Export to GitHub output echo "GCP_INSTANCE_NAME=${GCP_INSTANCE_NAME}" From e5c3492a0eb5334ebeb387615cc95de4c17252bf Mon Sep 17 00:00:00 2001 From: sophia chen Date: Wed, 18 Mar 2026 11:42:42 +1100 Subject: [PATCH 6/6] clean up --- .github/workflows/shared-run-e2e-tests.yaml | 30 ++++++++++----------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/shared-run-e2e-tests.yaml b/.github/workflows/shared-run-e2e-tests.yaml index 2056bd42..459647dc 100644 --- a/.github/workflows/shared-run-e2e-tests.yaml +++ b/.github/workflows/shared-run-e2e-tests.yaml @@ -151,7 +151,7 @@ jobs: - name: Checkout uid2-shared-actions repo uses: actions/checkout@v4 with: - ref: sch-UID2-6632-load-test-private-operator + ref: v3 repository: IABTechLab/uid2-shared-actions path: uid2-shared-actions @@ -180,7 +180,7 @@ jobs: - name: Prepare GCP metadata id: prepare_gcp_metadata if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/prepare_gcp_metadata@v3 with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -190,7 +190,7 @@ jobs: - name: Prepare Azure metadata id: prepare_azure_metadata if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/prepare_azure_metadata@v3 with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -198,7 +198,7 @@ jobs: - name: Prepare AWS metadata id: prepare_aws_metadata if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/prepare_aws_metadata@v3 with: identity_scope: ${{ inputs.identity_scope }} target_environment: ${{ inputs.target_environment }} @@ -207,7 +207,7 @@ jobs: - name: Start AKS cluster id: start_aks_cluster if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aks_cluster@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/start_aks_cluster@v3 with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} run_id: ${{ github.run_id }} @@ -226,7 +226,7 @@ jobs: - name: Prepare AKS metadata id: prepare_aks_metadata if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/prepare_aks_metadata@v3 with: operator_image_version: ${{ inputs.operator_image_version }} target_environment: ${{ inputs.target_environment }} @@ -254,7 +254,7 @@ jobs: - name: Start GCP private operator id: start_gcp_private_operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/start_gcp_private_operator@v3 with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -266,7 +266,7 @@ jobs: - name: Start Azure private operator id: start_azure_private_operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/start_azure_private_operator@v3 with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -278,7 +278,7 @@ jobs: - name: Start AWS private operator id: start_aws_private_operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/start_aws_private_operator@v3 with: bore_url_core: ${{ steps.bore.outputs.bore_url_core }} bore_url_optout: ${{ steps.bore.outputs.bore_url_optout }} @@ -292,7 +292,7 @@ jobs: - name: Start AKS private operator id: start_aks_private_operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/start_aks_private_operator@v3 with: template_file: ${{ steps.prepare_aks_metadata.outputs.template_file }} azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} @@ -316,7 +316,7 @@ jobs: - name: Run E2E tests id: e2e - uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/run_e2e_tests@v3 with: e2e_network: ${{ steps.decide_env_var.outputs.e2e_network }} e2e_image_version: ${{ inputs.e2e_image_version }} @@ -383,7 +383,7 @@ jobs: - name: Stop GCP private operator if: ${{ inputs.operator_type == 'gcp' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/stop_gcp_private_operator@v3 with: gcp_project: ${{ inputs.gcp_project }} gcp_service_account: ${{ inputs.gcp_service_account }} @@ -392,21 +392,21 @@ jobs: - name: Stop Azure private operator if: ${{ inputs.operator_type == 'azure' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/stop_azure_private_operator@v3 with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} azure_container_group_name: ${{ needs.e2e-test.outputs.azure_container_group_name }} - name: Stop AWS private operator if: ${{ inputs.operator_type == 'aws' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/stop_aws_private_operator@v3 with: aws_stack_name: ${{ needs.e2e-test.outputs.aws_stack_name }} aws_region: ${{ inputs.aws_region }} - name: Stop AKS private operator if: ${{ inputs.operator_type == 'aks' }} - uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@sch-UID2-6632-load-test-private-operator + uses: IABTechLab/uid2-shared-actions/actions/stop_aks_private_operator@v3 with: azure_credentials: ${{ secrets.AZURE_CREDENTIALS }} run_id: ${{ github.run_id }}