feat(RELEASE-1452): onboard sealights to release service #683
Conversation
|
Skipping CI for Draft Pull Request. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #683 +/- ##
==========================================
- Coverage 79.23% 77.70% -1.54%
==========================================
Files 28 28
Lines 2283 2848 +565
==========================================
+ Hits 1809 2213 +404
- Misses 389 532 +143
- Partials 85 103 +18 ☔ View full report in Codecov by Sentry. |
|
/test |
|
@jinqi7: The The following commands are available to trigger optional jobs: Use In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/retest |
|
@jinqi7 could you add some more description? What is sealights? Would be nice to have more details without having to go to Jira. |
|
/retest |
jinqi7
force-pushed
the
RELEASE-1452
branch
2 times, most recently
from
251bee2 to
d7db378
Compare
|
/retest |
| tasks: | ||
| - name: sealights-refs |
There was a problem hiding this comment.
for some reason I dont see this task creating in ur pipelines
There was a problem hiding this comment.
Because we haven't merge this PR yet and "main" branch is being used for the pipeline in the IntegrationTestScenario CR.
|
/retest |
|
/retest |
|
@johnbieren @jinqi7 Can this network policy https://github.com/konflux-ci/release-service/blob/main/config/manager/network_policy.yaml to block traffic to redhat.sealights.co? |
I have no idea, I didn't work on that. @happybhati ? |
@flacatus We have Egress Network Policy to block all outgoing(Egress) traffic
|
|
If you need the agents to reach an external SeaLights server, you’d have to update the egress section to include an ipBlock or namespaceSelector that covers the external endpoint’s IP range and port. For example: Without such an addition, the agents are stuck inside the cluster’s restricted network boundaries. |
|
Can we disable this network policy for development? @johnbieren @happybhati |
|
I am not sure about disabling,
|
jinqi7
force-pushed
the
RELEASE-1452
branch
4 times, most recently
from
c75b1eb to
47928d7
Compare
|
I did several tests with adding below IP range and port ( 6443/443 and 443/80). It didn't work. But it really works with disabling net work policy. |
|
/retest |
jinqi7
force-pushed
the
RELEASE-1452
branch
7 times, most recently
from
f26e57d to
ba04a25
Compare
Signed-off-by: Jing Qi <[email protected]> Added Sealights instrumentation task to the build process to enable tracking and monitoring of test coverage during builds. Adjusted build pipelines to create a new container image that includes the Sealights agent, making it ready for instrumentation. Enabled e2e tests to sync with Sealights by sending test reports for coverage tracking.Future improvements will include test selection, optimizing test run times, and reducing cloud costs
|
@jinqi7: The following test has Failed, say /retest to rerun failed tests.
Inspecting Test ArtifactsTo inspect your test artifacts, follow these steps:
mkdir -p oras-artifacts
cd oras-artifacts
oras pull quay.io/konflux-test-storage/konflux-team/release-service:konflux-e2e-tests-4mq8vTest results analysis🚨 Failed to provision a cluster, see the log for more details: Click to view logsINFO: Log in to your Red Hat account... INFO: Configure AWS Credentials... INFO: Logged in as 'konflux-ci-418295695583' on 'https://api.openshift.com' INFO: Create ROSA with HCP cluster... time=2025-03-03T09:48:41Z level=info msg=Ignored check for policy key 'sts_hcp_ec2_registry_permission_policy' (zero egress feature toggle is not enabled) INFO: Creating cluster 'kx-a67114116a' INFO: To view a list of clusters and their status, run 'rosa list clusters' INFO: Cluster 'kx-a67114116a' has been created. INFO: Once the cluster is installed you will need to add an Identity Provider before you can login into the cluster. See 'rosa create idp --help' for more information.
Nodes:
INFO: Preparing to create operator roles. |
No description provided.