# YAML anchors for reference elsewhere. # to view expanded yaml, run: `yq eval 'explode(.)' [file]` prow_ignored: - &config-sync-base-job cluster: build-kpt-config-sync decorate: true decoration_config: timeout: 4h extra_refs: - org: GoogleContainerTools repo: kpt-config-sync base_ref: main spec: &config-sync-base-job-spec serviceAccountName: e2e-test-runner containers: - &config-sync-base-job-container image: us-docker.pkg.dev/kpt-config-sync-ci-artifacts/test-infra/gke-e2e:v2.0.0-go1.23.4-gcloud449.0.0-docker20.10.14 command: - make - test-e2e-gke-ci resources: requests: memory: "8Gi" cpu: "4000m" nodeSelector: # This job requires 8vCPUs or less, so it is "small". kpt-config-sync/type: periodic kpt-config-sync/size: small # Base job definition for standard jobs - &config-sync-standard-job <<: *config-sync-base-job # Run on even hours to stagger cron: 0 */2 * * * spec: &config-sync-standard-job-spec <<: *config-sync-base-job-spec containers: - &config-sync-standard-job-container <<: *config-sync-base-job-container env: - name: GKE_E2E_TIMEOUT value: 4h - name: GCP_PROJECT value: kpt-config-sync-ci-main - name: GCP_NETWORK value: prow-e2e-network-1 # Use regional clusters to avoid capacity issues in a single zone - name: GCP_ZONE value: "" - name: GCP_REGION value: "us-west1" - name: E2E_CREATE_CLUSTERS value: "lazy" # This can be set to true to destroy clusters after test execution - name: E2E_DESTROY_CLUSTERS value: "false" - name: GKE_NUM_NODES value: "1" - name: GKE_MACHINE_TYPE value: "n2-standard-4" - name: GKE_DISK_TYPE value: "pd-ssd" - name: GKE_DISK_SIZE value: "25Gb" - name: E2E_GIT_PROVIDER value: "local" - name: E2E_OCI_PROVIDER value: "gar" - name: E2E_HELM_PROVIDER value: "gar" - name: E2E_NUM_CLUSTERS value: "8" # Base job definition for autopilot jobs - &config-sync-autopilot-job <<: *config-sync-base-job # Run on odd hours to stagger cron: 0 1-23/2 * * * spec: &config-sync-autopilot-job-spec <<: *config-sync-base-job-spec containers: - &config-sync-autopilot-job-container <<: *config-sync-base-job-container env: - name: GKE_E2E_TIMEOUT value: 4h - name: GCP_PROJECT value: kpt-config-sync-ci-main - name: GCP_NETWORK value: prow-e2e-network-1 # Autopilot clusters must be regional - name: GCP_ZONE value: "" - name: GCP_REGION value: "us-central1" - name: E2E_CREATE_CLUSTERS value: "lazy" # This can be set to true to destroy clusters after test execution - name: E2E_DESTROY_CLUSTERS value: "false" - name: E2E_GIT_PROVIDER value: "local" - name: E2E_OCI_PROVIDER value: "gar" - name: E2E_HELM_PROVIDER value: "gar" - name: E2E_NUM_CLUSTERS value: "12" - name: GKE_AUTOPILOT value: "true" periodics: # One-off KinD periodic job. # TODO: do we need this, given KinD is tested with presubmits? - <<: *config-sync-base-job name: kpt-config-sync-kind interval: 1h annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: kind labels: preset-kind-volume-mounts: "true" preset-service-account: "true" preset-dind-enabled-memory: "true" spec: containers: # https://github.com/kubernetes/test-infra/blob/master/images/kubekins-e2e/variants.yaml - image: gcr.io/k8s-staging-test-infra/kubekins-e2e:v20250227-3a13bdd784-1.31 command: - runner.sh args: - make - test-e2e-kind - 'E2E_GIT_PROVIDER=local' - 'E2E_OCI_PROVIDER=local' - 'E2E_HELM_PROVIDER=local' securityContext: privileged: true resources: requests: memory: "50Gi" cpu: "26000m" nodeSelector: kpt-config-sync/type: periodic kpt-config-sync/size: large #### Begin GKE standard jobs - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular cron: 0 */2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-1' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular' - <<: *config-sync-standard-job name: kpt-config-sync-standard-rapid cron: 30 */2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-rapid spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-3' - 'GKE_RELEASE_CHANNEL=rapid' - 'E2E_CLUSTER_PREFIX=standard-rapid' - <<: *config-sync-standard-job name: kpt-config-sync-standard-rapid-latest cron: 45 */2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-rapid-latest spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-4' - 'GKE_RELEASE_CHANNEL=rapid' - 'GKE_CLUSTER_VERSION=latest' - 'E2E_CLUSTER_PREFIX=standard-rapid-latest' - <<: *config-sync-standard-job name: kpt-config-sync-standard-stable cron: 15 */2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-stable spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-5' - 'GKE_RELEASE_CHANNEL=stable' - 'E2E_CLUSTER_PREFIX=standard-stable' #### End GKE standard jobs #### Begin git provider specific jobs - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular-bitbucket annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular-bitbucket spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-6' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular-bitbucket' - 'E2E_GIT_PROVIDER=bitbucket' - 'E2E_OCI_PROVIDER=local' # Use local to minimize AR quota usage - 'E2E_HELM_PROVIDER=local' - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular-gitlab annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular-gitlab spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-7' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular-gitlab' - 'E2E_GIT_PROVIDER=gitlab' - 'E2E_OCI_PROVIDER=local' # Use local to minimize AR quota usage - 'E2E_HELM_PROVIDER=local' - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular-csr annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular-csr spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-8' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular-csr' - 'E2E_GIT_PROVIDER=csr' - 'E2E_OCI_PROVIDER=local' # Use local to minimize AR quota usage - 'E2E_HELM_PROVIDER=local' #### End git provider specific jobs #### Begin GKE autopilot jobs - <<: *config-sync-autopilot-job name: kpt-config-sync-autopilot-regular cron: 0 1-23/2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: autopilot-regular spec: <<: *config-sync-autopilot-job-spec containers: - <<: *config-sync-autopilot-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-2' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=autopilot-regular' - <<: *config-sync-autopilot-job name: kpt-config-sync-autopilot-stable cron: 15 1-23/2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: autopilot-stable spec: <<: *config-sync-autopilot-job-spec containers: - <<: *config-sync-autopilot-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-8' - 'GKE_RELEASE_CHANNEL=stable' - 'E2E_CLUSTER_PREFIX=autopilot-stable' - <<: *config-sync-autopilot-job name: kpt-config-sync-autopilot-rapid cron: 30 1-23/2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: autopilot-rapid spec: <<: *config-sync-autopilot-job-spec containers: - <<: *config-sync-autopilot-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-9' - 'GKE_RELEASE_CHANNEL=rapid' - 'E2E_CLUSTER_PREFIX=autopilot-rapid' - <<: *config-sync-autopilot-job name: kpt-config-sync-autopilot-rapid-latest cron: 45 1-23/2 * * * annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: autopilot-rapid-latest spec: <<: *config-sync-autopilot-job-spec containers: - <<: *config-sync-autopilot-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-10' - 'GKE_RELEASE_CHANNEL=rapid' - 'GKE_CLUSTER_VERSION=latest' - 'E2E_CLUSTER_PREFIX=autopilot-rapid-latest' #### End GKE autopilot jobs #### Begin one-off jobs # The below job definitions each use a small number of clusters (e.g. 1), # so they can share a single subnetwork (max 15 clusters per subnetwork). - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular-kcc annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular-kcc spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-11' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular-kcc' - 'E2E_NUM_CLUSTERS=1' - 'E2E_ARGS=--kcc' - 'E2E_OCI_PROVIDER=local' # Use local to minimize AR quota usage - 'E2E_HELM_PROVIDER=local' - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular-gcenode annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular-gcenode spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-11' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular-gcenode' - 'E2E_NUM_CLUSTERS=1' - 'E2E_ARGS=--gcenode' - 'E2E_OCI_PROVIDER=local' # Use local to minimize AR quota usage - 'E2E_HELM_PROVIDER=local' - <<: *config-sync-standard-job name: kpt-config-sync-standard-regular-githubapp annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-regular-githubapp spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-11' - 'GKE_RELEASE_CHANNEL=regular' - 'E2E_CLUSTER_PREFIX=standard-regular-githubapp' - 'E2E_NUM_CLUSTERS=1' - 'E2E_ARGS=--githubapp' - 'E2E_OCI_PROVIDER=local' # Use local to minimize AR quota usage - 'E2E_HELM_PROVIDER=local' - <<: *config-sync-standard-job name: kpt-config-sync-standard-rapid-latest-stress annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: standard-rapid-latest-stress spec: <<: *config-sync-standard-job-spec containers: - <<: *config-sync-standard-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-usw1-11' - 'GKE_RELEASE_CHANNEL=rapid' - 'GKE_CLUSTER_VERSION=latest' - 'E2E_CLUSTER_PREFIX=standard-rapid-latest-stress' - 'E2E_NUM_CLUSTERS=1' - 'GKE_NUM_NODES=5' # TestStressManyDeployments needs 50cpu & 51GiB for pods (13 nodes) - 'GKE_MACHINE_TYPE=n2-standard-4' # 3.9cpu & 13.9GB allocatable - 'GKE_DISK_SIZE=25Gb' - 'E2E_ARGS=--stress' resources: requests: memory: "24Gi" # Stress tests watch many large objects cpu: "6000m" - <<: *config-sync-autopilot-job name: kpt-config-sync-autopilot-rapid-latest-stress annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: autopilot-rapid-latest-stress spec: <<: *config-sync-autopilot-job-spec containers: - <<: *config-sync-autopilot-job-container args: - 'GCP_SUBNETWORK=prow-e2e-subnetwork-11' - 'GKE_RELEASE_CHANNEL=rapid' - 'GKE_CLUSTER_VERSION=latest' - 'E2E_CLUSTER_PREFIX=autopilot-rapid-latest-stress' - 'E2E_NUM_CLUSTERS=2' # autopilot uses more clusters to run more quickly - 'E2E_ARGS=--stress' resources: requests: memory: "24Gi" # Stress tests watch many large objects cpu: "6000m" #### End one-off jobs ### End new prowjob definitions - name: kpt-config-sync-vulnerability-scan interval: 30m annotations: testgrid-dashboards: googleoss-kpt-config-sync-main testgrid-tab-name: vulnerability-scan cluster: build-kpt-config-sync decorate: true decoration_config: timeout: 30m extra_refs: - org: GoogleContainerTools repo: kpt-config-sync base_ref: main spec: serviceAccountName: vulnerability-scanner containers: - image: us-docker.pkg.dev/kpt-config-sync-ci-artifacts/test-infra/vulnerability-scanner:v1.0.0-ff545b40 command: - make - vulnerability-scan-postsubmit resources: requests: memory: "64Mi" cpu: "250m" nodeSelector: # This job requires 8vCPUs or less, so it is "small". kpt-config-sync/type: periodic kpt-config-sync/size: small