diff --git a/ci-operator/config/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main__periodics.yaml b/ci-operator/config/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main__periodics.yaml index 659a8e33a7fc0..8526fcd847425 100644 --- a/ci-operator/config/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main__periodics.yaml +++ b/ci-operator/config/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main__periodics.yaml @@ -1,8 +1,20 @@ base_images: - rebasebot: - name: rebasebot + nested-podman: + name: nested-podman namespace: ci tag: latest +images: + items: + - dockerfile_literal: | + FROM nested-podman + USER root + RUN dnf install -y git go make tar gzip gpgme gpgme-devel pkgconfig jq python3.12 python3.12-devel python3.12-pip && dnf clean all + RUN ln -s /usr/bin/podman /usr/local/bin/docker + RUN mkdir -p /opt/app-root/src/ && git -C /opt/app-root/src/ clone https://github.com/openshift-eng/rebasebot.git + WORKDIR /opt/app-root/src/rebasebot + RUN python3.12 -m pip install --no-cache-dir uv && python3.12 -m pip install . + from: nested-podman + to: rebasebot-podman resources: '*': limits: @@ -12,6 +24,8 @@ resources: memory: 200Mi tests: - as: rebasebot + capabilities: + - nested-podman cron: 0 12 * * Mon,Thu steps: test: @@ -33,10 +47,8 @@ tests: - mount_path: /secrets/rebasebot name: rebasebot-credentials namespace: test-credentials - from_image: - name: rebasebot - namespace: ci - tag: latest + from: rebasebot-podman + nested_podman: true resources: limits: memory: 12Gi diff --git a/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-periodics.yaml b/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-periodics.yaml index bb4dec7a4c42d..a79f63858fbec 100644 --- a/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-periodics.yaml +++ b/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-periodics.yaml @@ -10,6 +10,7 @@ periodics: org: openshift repo: cluster-api-provider-aws labels: + capability/nested-podman: nested-podman ci-operator.openshift.io/variant: periodics ci.openshift.io/generator: prowgen pj-rehearse.openshift.io/can-be-rehearsed: "true" diff --git a/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-presubmits.yaml b/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-presubmits.yaml index 3ce5da6581a6e..b2b8897aefad2 100644 --- a/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-presubmits.yaml +++ b/ci-operator/jobs/openshift/cluster-api-provider-aws/openshift-cluster-api-provider-aws-main-presubmits.yaml @@ -722,6 +722,63 @@ presubmits: secret: secretName: result-aggregator trigger: (?m)^/test( | .* )okd-scos-images,?($|\s.*) + - agent: kubernetes + always_run: true + branches: + - ^main$ + - ^main- + cluster: build11 + context: ci/prow/periodics-images + decorate: true + decoration_config: + skip_cloning: true + labels: + ci-operator.openshift.io/variant: periodics + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: pull-ci-openshift-cluster-api-provider-aws-main-periodics-images + rerun_command: /test periodics-images + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --report-credentials-file=/etc/report/credentials + - --target=[images] + - --variant=periodics + command: + - ci-operator + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator + trigger: (?m)^/test( | .* )periodics-images,?($|\s.*) - agent: kubernetes always_run: false branches: