Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ci / FIPS] Dynamic agent selection. Add FIPS agents #183777

Open
wants to merge 54 commits into
base: main
Choose a base branch
from
Open

[ci / FIPS] Dynamic agent selection. Add FIPS agents #183777

wants to merge 54 commits into from

Conversation

Ikuni17
Copy link
Contributor

@Ikuni17 Ikuni17 commented May 17, 2024
edited

Summary

  • Closes https://github.com/elastic/kibana-operations/issues/100
  • Utilizes FIPS agent from elastic/ci-agent-images#686
  • Adds dynamic agent selection during PR pipeline upload
    • FIPS agents can be used with FTR_ENABLE_FIPS_AGENT env variable or ci:enable-fips-agent label
  • Removes agent image config from individual steps in favor of image config for the whole pipeline.
    • Steps can still override this config by adding image, imageProject etc
  • Adds a conditional assertion to Check CI step which validates that FIPS is working properly

Testing

@Ikuni17 Ikuni17 added release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting labels May 17, 2024
@Ikuni17 Ikuni17 self-assigned this May 17, 2024
@Ikuni17 Ikuni17 closed this May 24, 2024
@Ikuni17 Ikuni17 reopened this May 24, 2024
@Ikuni17 Ikuni17 added the ci:enable-fips-agent Use FIPS Agent Images for CI label May 30, 2024
@Ikuni17 Ikuni17 mentioned this pull request May 31, 2024
Open
mistic
mistic reviewed Jun 3, 2024
View reviewed changes
Copy link
Member

@mistic mistic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks great! I guess the idea now is to setup the env var FTR_ENABLE_FIPS_AGENT by default true in the FIPS pipeline we currently have right?

@Ikuni17
Copy link
Contributor Author

Ikuni17 commented Jun 3, 2024

This looks great! I guess the idea now is to setup the env var FTR_ENABLE_FIPS_AGENT by default true in the FIPS pipeline we currently have right?

Yup and then we can remove the Vagrant layer from the smoke testing setup.

@Ikuni17 Ikuni17 requested a review from mistic June 3, 2024 21:06
@Ikuni17 Ikuni17 requested a review from a team June 10, 2024 14:56
jbudz
jbudz reviewed Jun 10, 2024
View reviewed changes
.buildkite/pipeline-utils/agentImages.ts Outdated
@@ -0,0 +1,55 @@
/*
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit, looks like most of the files are snake case

Copy link
Contributor Author

@Ikuni17 Ikuni17 Jun 11, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

5a6fa91

jbudz
jbudz reviewed Jun 10, 2024
View reviewed changes
.buildkite/scripts/steps/checks/verify_fips_enabled.sh Outdated

echo --- Verify FIPS enabled

NODE_BINARY="$KIBANA_BUILD_LOCATION/node/bin/node"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I moved this recently.

Suggested change
NODE_BINARY="$KIBANA_BUILD_LOCATION/node/bin/node"
NODE_BINARY="$KIBANA_BUILD_LOCATION/node/glibc-217/bin/node"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

8bd94f9

jbudz
jbudz reviewed Jun 10, 2024
View reviewed changes
.buildkite/scripts/common/env.sh Outdated
@@ -131,3 +131,17 @@ export TEST_GROUP_TYPE_FUNCTIONAL="Functional Tests"

# tells the gh command what our default repo is
export GH_REPO=github.com/elastic/kibana

FIPS_ENABLED=false
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think it would make sense to reverse these? i.e FIPS_ENABLED enables FTR_ENABLE_FIPS_AGENT, .buildkite/scripts/steps/checks/verify_fips_enabled.sh, etc.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ya this makes more sense, thanks. 5e8f1bc

@Ikuni17 Ikuni17 removed ci:all-cypress-suites ci:enable-fips-agent Use FIPS Agent Images for CI labels Jun 11, 2024
@Ikuni17
Copy link
Contributor Author

Ikuni17 commented Jun 11, 2024

/ci

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @Ikuni17

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbudz jbudz jbudz left review comments

@mistic mistic Awaiting requested review from mistic

At least 1 approving review is required to merge this pull request.

Assignees

@Ikuni17 Ikuni17

Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Operations Team label for Operations Team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@Ikuni17 @elasticmachine @kibana-ci @jbudz @mistic