diff --git a/ci-operator/config/shiftstack/rebasebot/OWNERS b/ci-operator/config/shiftstack/rebasebot/OWNERS new file mode 100644 index 0000000000000..ef6551222f748 --- /dev/null +++ b/ci-operator/config/shiftstack/rebasebot/OWNERS @@ -0,0 +1,9 @@ +approvers: +- gryf +- mandre +- stephenfin +options: {} +reviewers: +- gryf +- mandre +- stephenfin \ No newline at end of file diff --git a/ci-operator/config/shiftstack/rebasebot/shiftstack-rebasebot-main.yaml b/ci-operator/config/shiftstack/rebasebot/shiftstack-rebasebot-main.yaml new file mode 100644 index 0000000000000..25aafc88f36c8 --- /dev/null +++ b/ci-operator/config/shiftstack/rebasebot/shiftstack-rebasebot-main.yaml @@ -0,0 +1,76 @@ +build_root: + project_image: + dockerfile_literal: |- + FROM registry.access.redhat.com/ubi9/python-312 + + USER root + + ENV GO_VERSION=1.24.3 + ENV PATH="/usr/local/go/bin:$PATH" + + RUN dnf install -y tar gzip git make && \ + curl -Ls https://golang.org/dl/go${GO_VERSION}.linux-amd64.tar.gz | \ + tar -C /usr/local -zxvf - go/ && \ + python -m pip install uv + + # Prow expects to be able to check out a repo under /go + RUN mkdir -p /go && \ + chown 1001:1001 /go && \ + chmod 755 /go + + WORKDIR /go + USER 1001:1001 +images: + items: + - dockerfile_path: Containerfile + to: rebasebot +resources: + '*': + limits: + memory: 4Gi + requests: + cpu: 100m + memory: 200Mi +test_binary_build_commands: make deps +tests: +- as: unit + commands: make unittests + container: + from: test-bin +- as: lint + commands: make lint + container: + from: test-bin +- as: cloud-provider-openstack-main + cron: 0 10 * * Mon,Thu + steps: + test: + - as: cloud-provider-openstack-main + commands: | + rebasebot --source https://github.com/kubernetes/cloud-provider-openstack:release-1.35 \ + --dest openshift/cloud-provider-openstack:main \ + --rebase shiftstack/cloud-provider-openstack:rebase-bot-main \ + --update-go-modules \ + --git-username shiftstack-rebasebot \ + --git-email shiftstack-rebasebot@redhat.com \ + --github-app-key /secrets/merge-bot/github_private_key \ + --github-cloner-key /secrets/merge-bot/github_cloner_private_key \ + --slack-webhook /secrets/slack-hooks/forum-shiftstack + credentials: + - mount_path: /secrets/merge-bot + name: shiftstack-merge-bot + namespace: test-credentials + - mount_path: /secrets/slack-hooks + name: shiftstack-slack-hooks + namespace: test-credentials + from: rebasebot + resources: + limits: + memory: 4Gi + requests: + cpu: 100m + memory: 200Mi +zz_generated_metadata: + branch: main + org: shiftstack + repo: rebasebot diff --git a/ci-operator/jobs/shiftstack/rebasebot/OWNERS b/ci-operator/jobs/shiftstack/rebasebot/OWNERS new file mode 100644 index 0000000000000..ef6551222f748 --- /dev/null +++ b/ci-operator/jobs/shiftstack/rebasebot/OWNERS @@ -0,0 +1,9 @@ +approvers: +- gryf +- mandre +- stephenfin +options: {} +reviewers: +- gryf +- mandre +- stephenfin \ No newline at end of file diff --git a/ci-operator/jobs/shiftstack/rebasebot/shiftstack-rebasebot-main-periodics.yaml b/ci-operator/jobs/shiftstack/rebasebot/shiftstack-rebasebot-main-periodics.yaml new file mode 100644 index 0000000000000..6b5cecd0581e3 --- /dev/null +++ b/ci-operator/jobs/shiftstack/rebasebot/shiftstack-rebasebot-main-periodics.yaml @@ -0,0 +1,72 @@ +periodics: +- agent: kubernetes + cluster: build01 + cron: 0 10 * * Mon,Thu + decorate: true + decoration_config: + skip_cloning: true + extra_refs: + - base_ref: main + org: shiftstack + repo: rebasebot + labels: + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: periodic-ci-shiftstack-rebasebot-main-cloud-provider-openstack-main + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --lease-server-credentials-file=/etc/boskos/credentials + - --report-credentials-file=/etc/report/credentials + - --target=cloud-provider-openstack-main + command: + - ci-operator + env: + - name: HTTP_SERVER_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + ports: + - containerPort: 8080 + name: http + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /etc/boskos + name: boskos + readOnly: true + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: boskos + secret: + items: + - key: credentials + path: credentials + secretName: boskos-credentials + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator diff --git a/ci-operator/jobs/shiftstack/rebasebot/shiftstack-rebasebot-main-presubmits.yaml b/ci-operator/jobs/shiftstack/rebasebot/shiftstack-rebasebot-main-presubmits.yaml new file mode 100644 index 0000000000000..e64211ebbdbca --- /dev/null +++ b/ci-operator/jobs/shiftstack/rebasebot/shiftstack-rebasebot-main-presubmits.yaml @@ -0,0 +1,183 @@ +presubmits: + shiftstack/rebasebot: + - agent: kubernetes + always_run: true + branches: + - ^main$ + - ^main- + cluster: build01 + context: ci/prow/images + decorate: true + decoration_config: + skip_cloning: true + labels: + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: pull-ci-shiftstack-rebasebot-main-images + rerun_command: /test images + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --report-credentials-file=/etc/report/credentials + - --target=[images] + command: + - ci-operator + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator + trigger: (?m)^/test( | .* )images,?($|\s.*) + - agent: kubernetes + always_run: true + branches: + - ^main$ + - ^main- + cluster: build01 + context: ci/prow/lint + decorate: true + decoration_config: + skip_cloning: true + labels: + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: pull-ci-shiftstack-rebasebot-main-lint + rerun_command: /test lint + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --report-credentials-file=/etc/report/credentials + - --target=lint + command: + - ci-operator + env: + - name: HTTP_SERVER_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + ports: + - containerPort: 8080 + name: http + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator + trigger: (?m)^/test( | .* )lint,?($|\s.*) + - agent: kubernetes + always_run: true + branches: + - ^main$ + - ^main- + cluster: build01 + context: ci/prow/unit + decorate: true + decoration_config: + skip_cloning: true + labels: + ci.openshift.io/generator: prowgen + pj-rehearse.openshift.io/can-be-rehearsed: "true" + name: pull-ci-shiftstack-rebasebot-main-unit + rerun_command: /test unit + spec: + containers: + - args: + - --gcs-upload-secret=/secrets/gcs/service-account.json + - --image-import-pull-secret=/etc/pull-secret/.dockerconfigjson + - --report-credentials-file=/etc/report/credentials + - --target=unit + command: + - ci-operator + env: + - name: HTTP_SERVER_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + image: quay-proxy.ci.openshift.org/openshift/ci:ci_ci-operator_latest + imagePullPolicy: Always + name: "" + ports: + - containerPort: 8080 + name: http + resources: + requests: + cpu: 10m + volumeMounts: + - mountPath: /secrets/gcs + name: gcs-credentials + readOnly: true + - mountPath: /secrets/manifest-tool + name: manifest-tool-local-pusher + readOnly: true + - mountPath: /etc/pull-secret + name: pull-secret + readOnly: true + - mountPath: /etc/report + name: result-aggregator + readOnly: true + serviceAccountName: ci-operator + volumes: + - name: manifest-tool-local-pusher + secret: + secretName: manifest-tool-local-pusher + - name: pull-secret + secret: + secretName: registry-pull-credentials + - name: result-aggregator + secret: + secretName: result-aggregator + trigger: (?m)^/test( | .* )unit,?($|\s.*) diff --git a/core-services/prow/02_config/shiftstack/rebasebot/OWNERS b/core-services/prow/02_config/shiftstack/rebasebot/OWNERS new file mode 100644 index 0000000000000..ef6551222f748 --- /dev/null +++ b/core-services/prow/02_config/shiftstack/rebasebot/OWNERS @@ -0,0 +1,9 @@ +approvers: +- gryf +- mandre +- stephenfin +options: {} +reviewers: +- gryf +- mandre +- stephenfin \ No newline at end of file diff --git a/core-services/prow/02_config/shiftstack/rebasebot/_pluginconfig.yaml b/core-services/prow/02_config/shiftstack/rebasebot/_pluginconfig.yaml new file mode 100644 index 0000000000000..988b8ec275e92 --- /dev/null +++ b/core-services/prow/02_config/shiftstack/rebasebot/_pluginconfig.yaml @@ -0,0 +1,81 @@ +approve: +- commandHelpLink: "" + repos: + - shiftstack/rebasebot + require_self_approval: false +external_plugins: + shiftstack/rebasebot: + - endpoint: http://refresh + events: + - issue_comment + name: refresh + - endpoint: http://cherrypick + events: + - issue_comment + - pull_request + name: cherrypick + - endpoint: http://needs-rebase + events: + - issue_comment + - pull_request + name: needs-rebase + - endpoint: http://backport-verifier + events: + - issue_comment + - pull_request + name: backport-verifier + - endpoint: http://payload-testing-prow-plugin + events: + - issue_comment + name: payload-testing-prow-plugin + - endpoint: http://jira-lifecycle-plugin + events: + - issue_comment + - pull_request + name: jira-lifecycle-plugin + - endpoint: http://pipeline-controller + events: + - pull_request + - issue_comment + name: pipeline-controller + - endpoint: http://multi-pr-prow-plugin + events: + - issue_comment + name: multi-pr-prow-plugin +lgtm: +- repos: + - shiftstack/rebasebot + review_acts_as_lgtm: true +plugins: + shiftstack/rebasebot: + plugins: + - assign + - blunderbuss + - cat + - dog + - heart + - golint + - goose + - help + - hold + - jira + - label + - lgtm + - lifecycle + - override + - pony + - retitle + - shrug + - sigmention + - skip + - trigger + - verify-owners + - owners-label + - wip + - yuks + - approve +triggers: +- repos: + - shiftstack/rebasebot + trusted_apps: + - openshift-merge-bot diff --git a/core-services/prow/02_config/shiftstack/rebasebot/_prowconfig.yaml b/core-services/prow/02_config/shiftstack/rebasebot/_prowconfig.yaml new file mode 100644 index 0000000000000..5a715a7f413f6 --- /dev/null +++ b/core-services/prow/02_config/shiftstack/rebasebot/_prowconfig.yaml @@ -0,0 +1,14 @@ +tide: + queries: + - labels: + - approved + - lgtm + missingLabels: + - backports/unvalidated-commits + - do-not-merge/hold + - do-not-merge/invalid-owners-file + - do-not-merge/work-in-progress + - jira/invalid-bug + - needs-rebase + repos: + - shiftstack/rebasebot