AWS: migrate kOps away from CNCF account

[ameukam]

All kOps e2e tests currently run under the CNCF management account.

There should be migrated to the AWS Kubernetes organization or any community infrastructure.

Phase 1: Periodics jobs
We should start with the periodics and migrate them on those build clusters:

• e2e-kops-do-* : k8s-infra-prow-build-trusted
• e2e-kops-gce-*: k8s-infra-prow-build
• e2e-kops-aws-*: k8s-infra-kops-prow-build

It's not trivial to identify how a job belongs to a specific build cluster so they will be multiple tentatives

Phase 2: Presubmits & Postsubmits
Once we have confidence that the periodics can run on the community infrastructure we can follow up with presubmits and postsubmits.

/assign @ameukam @justinsb
/area aws
/area infra/aws
/priority important-soon
/milestone v1.28

[k8s-ci-robot]

@ameukam: The label(s) area/aws cannot be applied, because the repository doesn't have them.

In response to this:

All kOps e2e tests currently run under the CNCF management account.

There should be migrated to the AWS Kubernetes organization.

/assign @ameukam @justinsb
/area aws
/area infra/aws
/priority important-soon
/milestone v1.28

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ameukam]

cc @jeefy

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[ameukam]

/remove-lifecycle stale

[ameukam]

/milestone v1.31

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[ameukam]

/remove-lifecycle stale

[rifelpet]

@ameukam with all Kops jobs migrated to the new prow clusters, can we close this out or is there additional work to be done?

[ameukam]

@rifelpet migrate the prowjobs was needed to unblock the migration of the prow control plane. Third phase is about:

• migrate away from s3://k8s-kops-prow
• rotate or drop the usage of the AWS static credentials for the E2E tests

[BenTheElder]

rotate or drop the usage of the AWS static credentials for the E2E tests

is that directly related to moving to the kubernetes specific accounts?

[ameukam]

rotate or drop the usage of the AWS static credentials for the E2E tests

is that directly related to moving to the kubernetes specific accounts?

if you mean the AWS specific accounts, yes. we need to migrate to only one k8s-owned AWS account (kops-infra-ci). Currently we use the CNCF account.

[ameukam]

/milestone v1.32