Skip to content

Commit 0bf4d98

Browse files
ashwindasrashwindasr
committed
add fips-scan for 4.18
1 parent 540178b commit 0bf4d98

File tree

3 files changed

+93
-0
lines changed

3 files changed

+93
-0
lines changed

ci-operator/config/openshift/release/openshift-release-master__konflux-nightly-4.18.yaml

+11
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,17 @@ tests:
5151
enable:
5252
- observers-resource-watch
5353
workflow: openshift-e2e-azure-csi
54+
- as: fips-payload-scan
55+
cron: '@yearly'
56+
steps:
57+
cluster_profile: aws
58+
env:
59+
FIPS_ENABLED: "true"
60+
MAJOR_MINOR: "4.18"
61+
test:
62+
- ref: fips-check-node-scan
63+
- ref: fips-check-art-fips
64+
workflow: ipi-aws
5465
zz_generated_metadata:
5566
branch: master
5667
org: openshift

ci-operator/jobs/openshift/release/openshift-release-master-periodics.yaml

+76
Original file line numberDiff line numberDiff line change
@@ -49694,6 +49694,82 @@ periodics:
4969449694
- name: result-aggregator
4969549695
secret:
4969649696
secretName: result-aggregator
49697+
- agent: kubernetes
49698+
cluster: build07
49699+
cron: '@yearly'
49700+
decorate: true
49701+
decoration_config:
49702+
skip_cloning: true
49703+
extra_refs:
49704+
- base_ref: master
49705+
org: openshift
49706+
repo: release
49707+
labels:
49708+
ci-operator.openshift.io/cloud: aws
49709+
ci-operator.openshift.io/cloud-cluster-profile: aws
49710+
ci-operator.openshift.io/variant: konflux-nightly-4.18
49711+
ci.openshift.io/generator: prowgen
49712+
ci.openshift.io/no-builds: "true"
49713+
job-release: "4.18"
49714+
pj-rehearse.openshift.io/can-be-rehearsed: "true"
49715+
name: periodic-ci-openshift-release-master-konflux-nightly-4.18-fips-payload-scan
49716+
spec:
49717+
containers:
49718+
- args:
49719+
- --gcs-upload-secret=/secrets/gcs/service-account.json
49720+
- --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson
49721+
- --lease-server-credentials-file=/etc/boskos/credentials
49722+
- --report-credentials-file=/etc/report/credentials
49723+
- --secret-dir=/secrets/ci-pull-credentials
49724+
- --target=fips-payload-scan
49725+
- --variant=konflux-nightly-4.18
49726+
command:
49727+
- ci-operator
49728+
image: ci-operator:latest
49729+
imagePullPolicy: Always
49730+
name: ""
49731+
resources:
49732+
requests:
49733+
cpu: 10m
49734+
volumeMounts:
49735+
- mountPath: /etc/boskos
49736+
name: boskos
49737+
readOnly: true
49738+
- mountPath: /secrets/ci-pull-credentials
49739+
name: ci-pull-credentials
49740+
readOnly: true
49741+
- mountPath: /secrets/gcs
49742+
name: gcs-credentials
49743+
readOnly: true
49744+
- mountPath: /secrets/manifest-tool
49745+
name: manifest-tool-local-pusher
49746+
readOnly: true
49747+
- mountPath: /etc/pull-secret
49748+
name: pull-secret
49749+
readOnly: true
49750+
- mountPath: /etc/report
49751+
name: result-aggregator
49752+
readOnly: true
49753+
serviceAccountName: ci-operator
49754+
volumes:
49755+
- name: boskos
49756+
secret:
49757+
items:
49758+
- key: credentials
49759+
path: credentials
49760+
secretName: boskos-credentials
49761+
- name: ci-pull-credentials
49762+
secret:
49763+
secretName: ci-pull-credentials
49764+
- name: manifest-tool-local-pusher
49765+
secret:
49766+
secretName: manifest-tool-local-pusher
49767+
- name: pull-secret
49768+
secret:
49769+
secretName: registry-pull-credentials
49770+
- name: result-aggregator
49771+
secret:
49772+
secretName: result-aggregator
4969749773
- agent: kubernetes
4969849774
cluster: build07
4969949775
cron: '@yearly'

core-services/release-controller/_releases/release-konflux-ocp-4.18.json

+6
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,12 @@
2020
"prowJob": {
2121
"name": "periodic-ci-openshift-release-master-konflux-nightly-4.18-e2e-aws-ovn-serial"
2222
}
23+
},
24+
"fips-scan": {
25+
"maxRetries": 2,
26+
"prowJob": {
27+
"name": "periodic-ci-openshift-release-master-konflux-nightly-4.18-fips-payload-scan"
28+
}
2329
}
2430
}
2531
}

0 commit comments

Comments
 (0)