Skip to content

ci: use custom kubeconfig for cilium-cli cloud provider tests #37970

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 11, 2025
Merged

ci: use custom kubeconfig for cilium-cli cloud provider tests #37970

merged 1 commit into from
Mar 11, 2025

Conversation

marseel
Copy link
Contributor

@marseel marseel commented Mar 3, 2025
edited
Loading

Previously, we were bundling all cloud provider SDKs/CLIs within cilium-cli image to be able to access cluster's control plane.
Now, let's switch to service account with all permissions and use that kubeconfig as it doesn't require cloud SDKs/CLIs.
This allows us to remove cloud dependencies from cilium-cli image, reducing image size from ~2.4GB to ~200MB and reducing installation step time from ~40s to ~5s.
For AKS, set datapath mode explicitly as auto detection relies on az CLI.
For GKE, set ipv4NativeRoutingCIDR so we don't rely on gcloud.

@maintainer-s-little-helper maintainer-s-little-helper bot added the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Mar 3, 2025
@github-actions github-actions bot added cilium-cli This PR contains changes related with cilium-cli cilium-cli-exclusive This PR only impacts cilium-cli binary labels Mar 3, 2025
@marseel
Copy link
Contributor Author

marseel commented Mar 3, 2025

/test

@marseel
Copy link
Contributor Author

marseel commented Mar 4, 2025

/ci-eks

@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from f909741 to dbfc100 Compare March 4, 2025 16:40
@marseel
Copy link
Contributor Author

marseel commented Mar 4, 2025

/ci-eks

@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from dbfc100 to c2f383a Compare March 5, 2025 10:40
@marseel
Copy link
Contributor Author

marseel commented Mar 5, 2025

/ci-eks

@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from c2f383a to b36ac1c Compare March 5, 2025 11:02
@marseel
Copy link
Contributor Author

marseel commented Mar 5, 2025

/ci-eks

@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from b36ac1c to 45df39a Compare March 5, 2025 11:23
@marseel
Copy link
Contributor Author

marseel commented Mar 5, 2025

/ci-eks

@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from 45df39a to f8898d7 Compare March 5, 2025 12:40
@marseel
Copy link
Contributor Author

marseel commented Mar 5, 2025

/ci-aks

@marseel
Copy link
Contributor Author

marseel commented Mar 5, 2025

/test

@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from f8898d7 to 4a2c9e1 Compare March 5, 2025 13:38
@marseel
Copy link
Contributor Author

marseel commented Mar 5, 2025

/ci-aks

@marseel marseel mentioned this pull request Mar 5, 2025
Merged
@marseel marseel force-pushed the pr/marseel/no_dependencies_cli branch from 4a2c9e1 to 6e509b9 Compare March 6, 2025 09:24
@marseel
Copy link
Contributor Author

marseel commented Mar 6, 2025

/test

@marseel
Copy link
Contributor Author

marseel commented Mar 6, 2025

/ci-aks

@marseel
Copy link
Contributor Author

marseel commented Mar 6, 2025

/net-perf-gke

@marseel
Copy link
Contributor Author

marseel commented Mar 6, 2025

/scale-egw

@marseel marseel added the release-note/ci This PR makes changes to the CI. label Mar 6, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Mar 6, 2025
@marseel marseel added area/CI Continuous Integration testing issue or flake dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. labels Mar 6, 2025
@maintainer-s-little-helper maintainer-s-little-helper bot removed the dont-merge/needs-release-note-label The author needs to describe the release impact of these changes. label Mar 6, 2025
@marseel
Copy link
Contributor Author

marseel commented Mar 6, 2025

/ci-gke

@marseel marseel requested review from a team as code owners March 7, 2025 14:10
@julianwiedmann julianwiedmann removed the ready-to-merge This PR has passed all tests and received consensus from code owners to merge. label Mar 7, 2025
@michi-covalent michi-covalent enabled auto-merge March 7, 2025 15:59
sayboras
sayboras approved these changes Mar 9, 2025
View reviewed changes
Copy link
Member

@sayboras sayboras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, I came across this change as cilium-cli installation step took like 10+ mins in my PR.

@michi-covalent michi-covalent added this pull request to the merge queue Mar 11, 2025
Merged via the queue into main with commit 82cdd5b Mar 11, 2025
308 of 309 checks passed
@michi-covalent michi-covalent deleted the pr/marseel/no_dependencies_cli branch March 11, 2025 12:07
michi-covalent added a commit that referenced this pull request Mar 13, 2025
@michi-covalent
cilium-cli: Use distroless
76bf8db 
Following up on @marseel's monumental masterpiece [^1], use distroless
instead of ubuntu as the base image to slightly reduce the image size
(from 84.1 MiB to 56.5 MiB).

[^1]: #37970

Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
github-merge-queue bot pushed a commit that referenced this pull request Mar 14, 2025
@michi-covalent
cilium-cli: Use distroless
6e418e3 
Following up on @marseel's monumental masterpiece [^1], use distroless
instead of ubuntu as the base image to slightly reduce the image size
(from 84.1 MiB to 56.5 MiB).

[^1]: #37970

Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
@michi-covalent michi-covalent mentioned this pull request Mar 18, 2025
Merged
michi-covalent added a commit to cilium/cilium-cli that referenced this pull request Mar 21, 2025
@michi-covalent
Simplify Dockerfile and clean up docker image workflow
00eb297 
- Make the same change as cilium/cilium#37970 to
  remove cloud provider CLIs. This way we can use the same Dockerfile
  for CI and releases.
- Get rid of the step to install kubectl. Let's just use the one that
  comes in the actions runner.
- Clean up images.yaml workflow a bit. Remove the steps for generating
  image digest files since we don't currently use them.
- Handle the release environment so that images get pushed to the
  release repo quay.io/cilium/cilium-cli on tag pushes.

Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
michi-covalent added a commit to cilium/cilium-cli that referenced this pull request Mar 21, 2025
@michi-covalent
Simplify Dockerfile and clean up docker image workflow
f9a48fc 
- Make the same change as cilium/cilium#37970 to
  remove cloud provider CLIs. This way we can use the same Dockerfile
  for CI and releases.
- Get rid of the step to install kubectl. Let's just use the one that
  comes in the actions runner.
- Clean up images.yaml workflow a bit. Remove the steps for generating
  image digest files since we don't currently use them.
- Handle the release environment so that images get pushed to the
  release repo quay.io/cilium/cilium-cli on tag pushes.

Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
@michi-covalent michi-covalent mentioned this pull request Mar 21, 2025
Merged
michi-covalent added a commit to cilium/cilium-cli that referenced this pull request Mar 21, 2025
@michi-covalent
Simplify Dockerfile and clean up docker image workflow
20b8ae9 
- Make the same change as cilium/cilium#37970 to
  remove cloud provider CLIs. This way we can use the same Dockerfile
  for CI and releases.
- Get rid of the step to install kubectl. Let's just use the one that
  comes in the actions runner.
- Clean up images.yaml workflow a bit. Remove the steps for generating
  image digest files since we don't currently use them.
- Handle the release environment so that images get pushed to the
  release repo quay.io/cilium/cilium-cli on tag pushes.

Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
michi-covalent added a commit to cilium/cilium-cli that referenced this pull request Mar 26, 2025
@michi-covalent
Simplify Dockerfile and clean up docker image workflow
3219060 
- Make the same change as cilium/cilium#37970 to
  remove cloud provider CLIs. This way we can use the same Dockerfile
  for CI and releases.
- Get rid of the step to install kubectl. Let's just use the one that
  comes in the actions runner.
- Clean up images.yaml workflow a bit. Remove the steps for generating
  image digest files since we don't currently use them.
- Handle the release environment so that images get pushed to the
  release repo quay.io/cilium/cilium-cli on tag pushes.

Signed-off-by: Michi Mutsuzaki <michi@isovalent.com>
@github-actions github-actions bot mentioned this pull request Apr 7, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gandro gandro gandro approved these changes

@brlbil brlbil brlbil approved these changes

@sayboras sayboras sayboras approved these changes

@michi-covalent michi-covalent michi-covalent approved these changes

@tommyp1ckles tommyp1ckles Awaiting requested review from tommyp1ckles tommyp1ckles is a code owner automatically assigned from cilium/cli

@dlapcevic dlapcevic Awaiting requested review from dlapcevic dlapcevic is a code owner automatically assigned from cilium/sig-scalability

Assignees
No one assigned
Labels
area/CI Continuous Integration testing issue or flake cilium-cli This PR contains changes related with cilium-cli cilium-cli-exclusive This PR only impacts cilium-cli binary release-note/ci This PR makes changes to the CI.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@marseel @gandro @brlbil @sayboras @michi-covalent @julianwiedmann