diff --git a/ci-operator/config/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21__periodics.yaml b/ci-operator/config/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21__periodics.yaml index 6a159733e7c85..a2225fdb23c64 100644 --- a/ci-operator/config/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21__periodics.yaml +++ b/ci-operator/config/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21__periodics.yaml @@ -3,6 +3,10 @@ base_images: name: test namespace: ocp-kni tag: dev-scripts + keycloak: + name: keycloak + namespace: keycloak + tag: "25.0" ocp_4.20_base-rhel9: name: "4.20" namespace: ocp @@ -117,6 +121,22 @@ tests: TEST_SUITE: openshift/auth/external-oidc workflow: baremetalds-e2e timeout: 5h0m0s +- as: e2e-metal-ovn-ipv6-external-oidc-configure-techpreview + cluster: build05 + interval: 24h + steps: + cluster_profile: equinix-ocp-metal + env: + DEVSCRIPTS_CONFIG: | + IP_STACK=v6 + NETWORK_TYPE=OVNKubernetes + FEATURE_SET=TechPreviewNoUpgrade + TEST_ARGS: --disable-monitor=legacy-cvo-invariants,legacy-test-framework-invariants + TEST_SKIPS: \[OCPFeatureGate:ExternalOIDCWithUIDAndExtraClaimMappings\]\|\[OCPFeatureGate:ExternalOIDC\] + reverting to IntegratedOAuth + TEST_SUITE: openshift/auth/external-oidc + workflow: baremetalds-e2e + timeout: 5h0m0s - as: e2e-metal-ovn-dualstack-external-oidc-configure-techpreview cluster: build05 interval: 24h @@ -213,6 +233,22 @@ tests: TEST_SUITE: openshift/auth/external-oidc workflow: baremetalds-e2e timeout: 5h0m0s +- as: e2e-metal-ovn-ipv6-external-oidc-rollback-techpreview + cluster: build05 + interval: 24h + steps: + cluster_profile: equinix-ocp-metal + env: + DEVSCRIPTS_CONFIG: | + IP_STACK=v6 + NETWORK_TYPE=OVNKubernetes + FEATURE_SET=TechPreviewNoUpgrade + TEST_ARGS: --disable-monitor=legacy-cvo-invariants,legacy-test-framework-invariants + TEST_SKIPS: \[OCPFeatureGate:ExternalOIDCWithUIDAndExtraClaimMappings\]\|\[OCPFeatureGate:ExternalOIDC\] + external IdP is configured + TEST_SUITE: openshift/auth/external-oidc + workflow: baremetalds-e2e + timeout: 5h0m0s - as: e2e-metal-ovn-dualstack-external-oidc-rollback-techpreview cluster: build05 interval: 24h @@ -304,6 +340,21 @@ tests: TEST_SUITE: openshift/auth/external-oidc workflow: baremetalds-e2e timeout: 5h0m0s +- as: e2e-metal-ovn-ipv6-external-oidc-uid-extra-techpreview + cluster: build05 + interval: 24h + steps: + cluster_profile: equinix-ocp-metal + env: + DEVSCRIPTS_CONFIG: | + IP_STACK=v6 + NETWORK_TYPE=OVNKubernetes + FEATURE_SET=TechPreviewNoUpgrade + TEST_ARGS: --disable-monitor=legacy-cvo-invariants,legacy-test-framework-invariants + TEST_SKIPS: \[OCPFeatureGate:ExternalOIDC\] + TEST_SUITE: openshift/auth/external-oidc + workflow: baremetalds-e2e + timeout: 5h0m0s - as: e2e-metal-ovn-dualstack-external-oidc-uid-extra-techpreview cluster: build05 interval: 24h diff --git a/ci-operator/jobs/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21-periodics.yaml b/ci-operator/jobs/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21-periodics.yaml index 67325beedbf1f..dc29fc5b68eda 100644 --- a/ci-operator/jobs/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21-periodics.yaml +++ b/ci-operator/jobs/openshift/cluster-authentication-operator/openshift-cluster-authentication-operator-release-4.21-periodics.yaml @@ -1355,6 +1355,234 @@ periodics: - name: result-aggregator secret: secretName: result-aggregator +- agent: kubernetes + cluster: build05 + decorate: true + decoration_config: + timeout: 5h0m0s + extra_refs: + - base_ref: release-4.21 + org: openshift + repo: cluster-authentication-operator + interval: 24h + labels: + ci-operator.openshift.io/cloud: equinix-ocp-metal + ci-operator.openshift.io/cloud-cluster-profile: equinix-ocp-metal + ci-operator.openshift.io/cluster: build05 + ci-operator.openshift.io/variant: periodics + ci.openshift.io/generator: prowgen + job-release: "4.21" + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: periodic-ci-openshift-cluster-authentication-operator-release-4.21-periodics-e2e-metal-ovn-ipv6-external-oidc-configure-techpreview + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --target=e2e-metal-ovn-ipv6-external-oidc-configure-techpreview + - --variant=periodics + command: + - ci-operator + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator +- agent: kubernetes + cluster: build05 + decorate: true + decoration_config: + timeout: 5h0m0s + extra_refs: + - base_ref: release-4.21 + org: openshift + repo: cluster-authentication-operator + interval: 24h + labels: + ci-operator.openshift.io/cloud: equinix-ocp-metal + ci-operator.openshift.io/cloud-cluster-profile: equinix-ocp-metal + ci-operator.openshift.io/cluster: build05 + ci-operator.openshift.io/variant: periodics + ci.openshift.io/generator: prowgen + job-release: "4.21" + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: periodic-ci-openshift-cluster-authentication-operator-release-4.21-periodics-e2e-metal-ovn-ipv6-external-oidc-rollback-techpreview + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --target=e2e-metal-ovn-ipv6-external-oidc-rollback-techpreview + - --variant=periodics + command: + - ci-operator + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator +- agent: kubernetes + cluster: build05 + decorate: true + decoration_config: + timeout: 5h0m0s + extra_refs: + - base_ref: release-4.21 + org: openshift + repo: cluster-authentication-operator + interval: 24h + labels: + ci-operator.openshift.io/cloud: equinix-ocp-metal + ci-operator.openshift.io/cloud-cluster-profile: equinix-ocp-metal + ci-operator.openshift.io/cluster: build05 + ci-operator.openshift.io/variant: periodics + ci.openshift.io/generator: prowgen + job-release: "4.21" + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: periodic-ci-openshift-cluster-authentication-operator-release-4.21-periodics-e2e-metal-ovn-ipv6-external-oidc-uid-extra-techpreview + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --report-credentials-file=/etc/report/credentials + - --secret-dir=/secrets/ci-pull-credentials + - --target=e2e-metal-ovn-ipv6-external-oidc-uid-extra-techpreview + - --variant=periodics + command: + - ci-operator + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/ci-pull-credentials + name: ci-pull-credentials + readOnly: true + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: ci-pull-credentials + secret: + secretName: ci-pull-credentials + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator - agent: kubernetes cluster: vsphere02 decorate: true