Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate release AMI gc to ci-automation #1952

Merged
merged 1 commit into from
Apr 29, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions ci-automation/garbage_collect.sh
Original file line number Diff line number Diff line change
Expand Up @@ -256,6 +256,7 @@ function _garbage_collect_impl() {
docker run --pull always --rm --net host \
--env AZURE_AUTH_CREDENTIALS --env AZURE_PROFILE \
--env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY \
--env AWS_CREDENTIALS \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suppose that these are yet different stuff from AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think yes, the test and release credentials are different

--env DIGITALOCEAN_TOKEN_JSON \
--env EQUINIXMETAL_KEY --env EQUINIXMETAL_PROJECT \
--env GCP_JSON_KEY \
Expand Down
15 changes: 15 additions & 0 deletions ci-automation/garbage_collect_cloud.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
#!/bin/bash
set -euo pipefail
source ci-automation/ci_automation_common.sh
timeout --signal=SIGQUIT 60m ore aws gc --access-id "${AWS_ACCESS_KEY_ID}" --secret-key "${AWS_SECRET_ACCESS_KEY}"
timeout --signal=SIGQUIT 60m ore do gc --config-file=<(echo "${DIGITALOCEAN_TOKEN_JSON}" | base64 --decode)
timeout --signal=SIGQUIT 60m ore gcloud gc --json-key <(echo "${GCP_JSON_KEY}" | base64 --decode)
Expand All @@ -10,3 +11,17 @@ timeout --signal=SIGQUIT 60m ore openstack gc --duration 6h \
--config-file=<(echo "${OPENSTACK_CREDS}" | base64 --decode)
timeout --signal=SIGQUIT 60m ore brightbox gc --duration 6h \
--brightbox-client-id="${BRIGHTBOX_CLIENT_ID}" --brightbox-client-secret="${BRIGHTBOX_CLIENT_SECRET}"
secret_to_file aws_credentials_config_file "${AWS_CREDENTIALS}"
for channel in alpha beta stable lts; do
for arch in amd64 arm64; do
timeout --signal=SIGQUIT 240m plume prune --days 365 \
--keep-last 2 \
--days-soft-deleted 21 \
--check-last-launched \
--days-last-launched 60 \
--verbose \
--board="${arch}-usr" \
--channel="${channel}" \
--aws-credentials="${aws_credentials_config_file}"
done
done
12 changes: 1 addition & 11 deletions jenkins/README.md
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We probably could just drop this whole directory, no?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We would have to migrate the jenkins/systemd-run-wrap.sh script which is used by jenkins-os/container/ but otherwise yes, possible.

Original file line number Diff line number Diff line change
@@ -1,11 +1 @@
The scripts in this directory are run from [OS Jenkins jobs][jenkins-os]. By
storing the Jenkins scripts in this repository, they are more tightly coupled
to the release branch of the SDK scripts that they require. The Jenkins jobs
are responsible for setting up the environment and securely initializing an SDK
in the workspace before running these scripts.

The special files named `formats-${BOARD}.txt` are space-separated lists of VM
image formats that should be built for releases on this branch; i.e. the script
`vm.sh` is run for each item in the list.

[jenkins-os]: https://github.com/coreos/jenkins-os
This folder is unused.
Loading