Text Blame History Raw

cico-workspace container upgrade

Overview

We provide a template that is used to pre-deploy dedicated jenkins pod in our openshift setup. It's using jenkins container maintained by Red Hat (RH catalog) and also a specific jenkins-agent container (called cico-workspace) that is spun up for each job that should run in that jenkins environment (dedicated per project/tenant in CI ocp infra)

All that is also discussed in the "Onboard Tenants" section.

Updating cico-workspace image

The cico-workspace container image is available in dedicated Quay.io repository. That's the repositry/registry that ocp.ci cluster is using to spin up cico-workspace containers on demand, always verifying if there is a new one and then pulling :

  <image>quay.io/centosci/cico-workspace:latest</image>
  <privileged>false</privileged>
  <alwaysPullImage>true</alwaysPullImage>

The container (re)build process happens either through :

  • git commit/push in upstream git repository
  • a manual build trigger in quay.io

Note

A build should be kicked off as part of the Openshift Upgrade process to ensure that the very latest base images are used to build the cico-workspace-container on top of.

Some notes about what we provide in that cico-workspace image :

  • centos 7 updated container with jenkins agent (java)
  • ansible (from our own configmanagement SIG)
  • python-cicoclient rpm built through cbs.centos.org koji, and needed to interact easily with Duffy API when requesting a node to run tests on

Note

Worth knowing that latest tag is automatically applied on quay.io builds that are done automatically from the master branch on github. That means that pushing to staging branch (or else) would automatically create images tagged based on branch name. That permits us to test images before merging into main branch. Example : podman pull quay.io/centosci/cico-workspace:staging would pull staging image