From 878521c70eb2a9c812c0e05d5e97ec1ae47328e7 Mon Sep 17 00:00:00 2001 From: Francisco Herrera Date: Fri, 27 Feb 2026 15:10:24 +0100 Subject: [PATCH 1/3] Adding OSSM Hypershift workflow --- .../servicemesh/hypershift/OWNERS | 7 + .../hypershift/hostedcluster/create/OWNERS | 7 + ...t-hostedcluster-create-chain.metadata.json | 11 ++ ...hypershift-hostedcluster-create-chain.yaml | 16 +++ ...ypershift-hostedcluster-create-commands.sh | 1 + ...ift-hostedcluster-create-ref.metadata.json | 11 ++ ...h-hypershift-hostedcluster-create-ref.yaml | 121 ++++++++++++++++++ ...icemesh-istio-e2e-hypershift-workflow.yaml | 2 +- 8 files changed, 175 insertions(+), 1 deletion(-) create mode 100644 ci-operator/step-registry/servicemesh/hypershift/OWNERS create mode 100644 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/OWNERS create mode 100644 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.metadata.json create mode 100644 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.yaml create mode 120000 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-commands.sh create mode 100644 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.metadata.json create mode 100644 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml diff --git a/ci-operator/step-registry/servicemesh/hypershift/OWNERS b/ci-operator/step-registry/servicemesh/hypershift/OWNERS new file mode 100644 index 0000000000000..27bb081daa018 --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/OWNERS @@ -0,0 +1,7 @@ +# The OWNERS file is used by prow to automatically merge approved PRs. + +approvers: +- maistra-approvers + +reviewers: +- maistra-reviewers \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/OWNERS b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/OWNERS new file mode 100644 index 0000000000000..27bb081daa018 --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/OWNERS @@ -0,0 +1,7 @@ +# The OWNERS file is used by prow to automatically merge approved PRs. + +approvers: +- maistra-approvers + +reviewers: +- maistra-reviewers \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.metadata.json b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.metadata.json new file mode 100644 index 0000000000000..851b4efdf2e28 --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.metadata.json @@ -0,0 +1,11 @@ +{ + "path": "servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.yaml", + "owners": { + "approvers": [ + "maistra-approvers" + ], + "reviewers": [ + "maistra-reviewers" + ] + } +} \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.yaml b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.yaml new file mode 100644 index 0000000000000..6fcadf661632d --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-chain.yaml @@ -0,0 +1,16 @@ +chain: + as: servicemesh-hypershift-hostedcluster-create + steps: + - ref: servicemesh-hypershift-hostedcluster-create + - ref: hypershift-hostedcluster-create-wait-for-olm + env: + - name: HYPERSHIFT_NODE_COUNT + default: "1" + documentation: |- + OSSM-specific version of hypershift-hostedcluster-create chain that uses + ossm-aws-quota-slice for dedicated resource allocation. + + This chain provides the same functionality as the original hypershift-hostedcluster-create + but uses OSSM's dedicated quota pool (150 slots across 3 AWS regions) instead of + the generic hypershift quota pool (30 slots), ensuring better resource availability + for OSSM workloads. \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-commands.sh b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-commands.sh new file mode 120000 index 0000000000000..ebc87fdf9da4e --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-commands.sh @@ -0,0 +1 @@ +../../../../hypershift/hostedcluster/create/hostedcluster/hypershift-hostedcluster-create-hostedcluster-commands.sh \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.metadata.json b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.metadata.json new file mode 100644 index 0000000000000..6c45c20f2cb07 --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.metadata.json @@ -0,0 +1,11 @@ +{ + "path": "servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml", + "owners": { + "approvers": [ + "maistra-approvers" + ], + "reviewers": [ + "maistra-reviewers" + ] + } +} \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml new file mode 100644 index 0000000000000..f36ebca62e5e5 --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml @@ -0,0 +1,121 @@ +ref: + as: servicemesh-hypershift-hostedcluster-create + cli: latest + env: + - name: PLATFORM + default: "aws" + documentation: "The platform(aws/powervs) of the HostedCluster. aws by default" + - name: HYPERSHIFT_NODE_COUNT + default: "3" + documentation: "The number nodes to automatically create and join to the cluster." + - name: BASE_DOMAIN + default: "" + documentation: |- + A fully-qualified domain or subdomain name. The base domain of the cloud provider is used for setting baseDomain variable of the install configuration of the cluster. + It will be overridden by a non-empty HYPERSHIFT_BASE_DOMAIN. + - name: COMPUTE_NODE_TYPE + default: "" + documentation: |- + The instance type to use for compute nodes (e.g. AWS https://aws.amazon.com/ec2/instance-types/). When "" (default), + the step uses the lowest cost 4 CPU / 16G supported worker instance type for the region. + - name: HYPERSHIFT_BASE_DOMAIN + default: "" + documentation: |- + A fully-qualified domain or subdomain name. The base domain of the cloud provider is used for setting baseDomain variable of the install configuration of the cluster. + It overrides BASE_DOMAIN if non-empty. + - name: HYPERSHIFT_AWS_REGION + default: "us-east-1" + documentation: "The AWS region of the cluster." + - name: EXTRA_ARGS + default: "" + documentation: "Extra args to pass to the create cluster aws command" + - name: HYPERSHIFT_HC_RELEASE_IMAGE + default: "" + documentation: "Release image used for the HostedCluster. Empty by default it will use release:latest" + - name: HYPERSHIFT_CP_AVAILABILITY_POLICY + default: "SingleReplica" + documentation: "Availability policy for hosted cluster components. Supported options: SingleReplica, HighlyAvailable, default SingleReplica" + - name: HYPERSHIFT_INFRA_AVAILABILITY_POLICY + default: "SingleReplica" + documentation: "Availability policy for infrastructure services in guest cluster. Supported options: SingleReplica, HighlyAvailable, default SingleReplica" + - name: OLM_CATALOG_PLACEMENT + default: "management" + documentation: "The OLM catalog placement. Supported options: management, guest, default management" + - name: POWERVS_REGION + default: "" + documentation: "The PowerVS region of the cluster." + - name: POWERVS_ZONE + default: "" + documentation: "The PowerVS zone of the cluster." + - name: POWERVS_VPC_REGION + default: "" + documentation: "The region of the VPC created for PowerVS deployment" + - name: POWERVS_RESOURCE_GROUP + default: "" + documentation: "The PowerVS resource group." + - name: POWERVS_PROC_TYPE + default: "" + documentation: "The processor type of Power nodes." + - name: POWERVS_PROCESSORS + default: "" + documentation: "The processor count of Power nodes." + - name: POWERVS_SYS_TYPE + default: "" + documentation: "The system type of Power nodes." + - name: POWERVS_GUID + default: "" + documentation: "IBM Cloud PowerVS Service Instance ID.This flag is used to reuse an existing PowerVS Service Instance resource for cluster's infra" + - name: POWERVS_VPC + default: "" + documentation: "IBM Cloud VPC Name. This flag is used to reuse an existing VPC resource for cluster's infra" + - name: POWERVS_TRANSIT_GATEWAY + default: "" + documentation: "Transit Gateway in IBM Cloud. This flag is used to reuse an existing Transit Gateway resource for cluster's infra" + - name: TRANSIT_GATEWAY_LOCATION + default: "" + documentation: "Transit Gateway Location to be used for the PowerVS setup." + - name: CONTROL_PLANE_NODE_SELECTOR + default: "" + documentation: "Set nodeSelector for control plane pods. If the provided release image is not multi-arch, this is mandatory (e.g., `kubernetes.io/arch=amd64`)." + - name: HYPERSHIFT_SKIP_VERSION_VALIDATION + default: "false" + documentation: "Skip version validation for hypershift CLI and release image. Default is false." + commands: servicemesh-hypershift-hostedcluster-create-commands.sh + from_image: + namespace: ci + name: "hypershift-cli" + tag: "latest" + grace_period: 5m0s + leases: + - resource_type: ossm-aws-quota-slice + env: HYPERSHIFT_HIVE_LEASED_RESOURCE + resources: + requests: + cpu: 100m + memory: 100Mi + timeout: 60m0s + credentials: + - mount_path: /etc/hypershift-ci-jobs-awscreds + name: hypershift-ci-jobs-awscreds + namespace: test-credentials + - mount_path: /etc/ci-pull-credentials + name: ci-pull-credentials + namespace: test-credentials + - mount_path: /etc/registry-pull-credentials + name: registry-pull-credentials + namespace: test-credentials + - mount_path: /var/run/hypershift-workload-credentials + name: hypershift-workload-credentials + namespace: test-credentials + dependencies: + - name: "release:latest" + env: RELEASE_IMAGE_LATEST + - name: "stable:hypershift" + env: HYPERSHIFT_RELEASE_LATEST + documentation: |- + OSSM-specific version of hypershift-hostedcluster-create that uses ossm-aws-quota-slice + instead of hypershift-hive-quota-slice for dedicated OSSM resource allocation. + + This provides access to 150 quota slots (50 per region in us-east-1, us-east-2, us-west-2) + instead of the generic 30-slot hypershift quota pool, ensuring better resource availability + for OSSM workloads without impacting other teams. \ No newline at end of file diff --git a/ci-operator/step-registry/servicemesh/istio/e2e/hypershift/servicemesh-istio-e2e-hypershift-workflow.yaml b/ci-operator/step-registry/servicemesh/istio/e2e/hypershift/servicemesh-istio-e2e-hypershift-workflow.yaml index 912a1d406a92f..0a3d7db353543 100644 --- a/ci-operator/step-registry/servicemesh/istio/e2e/hypershift/servicemesh-istio-e2e-hypershift-workflow.yaml +++ b/ci-operator/step-registry/servicemesh/istio/e2e/hypershift/servicemesh-istio-e2e-hypershift-workflow.yaml @@ -2,7 +2,7 @@ workflow: as: servicemesh-istio-e2e-hypershift steps: pre: - - chain: hypershift-hostedcluster-create + - chain: servicemesh-hypershift-hostedcluster-create - ref: servicemesh-istio-e2e post: - ref: servicemesh-istio-post From a28a46acb26cb1c808c3c15d2865679dfbc30d7e Mon Sep 17 00:00:00 2001 From: Francisco Herrera Date: Fri, 27 Feb 2026 17:00:33 +0100 Subject: [PATCH 2/3] Adding missing owners Signed-off-by: Francisco Herrera --- .../servicemesh/hypershift/hostedcluster/OWNERS | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 ci-operator/step-registry/servicemesh/hypershift/hostedcluster/OWNERS diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/OWNERS b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/OWNERS new file mode 100644 index 0000000000000..27bb081daa018 --- /dev/null +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/OWNERS @@ -0,0 +1,7 @@ +# The OWNERS file is used by prow to automatically merge approved PRs. + +approvers: +- maistra-approvers + +reviewers: +- maistra-reviewers \ No newline at end of file From 97c6ffdc0a237de25b10dfc64fcbc16335801e34 Mon Sep 17 00:00:00 2001 From: Francisco Herrera Date: Fri, 27 Feb 2026 17:26:33 +0100 Subject: [PATCH 3/3] Update ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml Co-authored-by: Yuanlin Xu --- .../create/servicemesh-hypershift-hostedcluster-create-ref.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml index f36ebca62e5e5..64e3ea6d42c82 100644 --- a/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml +++ b/ci-operator/step-registry/servicemesh/hypershift/hostedcluster/create/servicemesh-hypershift-hostedcluster-create-ref.yaml @@ -9,7 +9,7 @@ ref: default: "3" documentation: "The number nodes to automatically create and join to the cluster." - name: BASE_DOMAIN - default: "" + default: "servicemesh.devcluster.openshift.com" documentation: |- A fully-qualified domain or subdomain name. The base domain of the cloud provider is used for setting baseDomain variable of the install configuration of the cluster. It will be overridden by a non-empty HYPERSHIFT_BASE_DOMAIN.