Skip to content

KFLUINFRA-2666: macos values in host-config chart #9489

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
meyrevived merged 6 commits into from
Dec 6, 2025
Merged

KFLUINFRA-2666: macos values in host-config chart #9489

meyrevived merged 6 commits into from
Dec 6, 2025

Conversation

@meyrevived
Copy link
Contributor

@meyrevived meyrevived commented Dec 4, 2025

Add macos host config values in host-config chart and into staging host-values' host-values.

@openshift-ci openshift-ci bot requested a review from hugares December 4, 2025 23:05
@github-actions
Copy link
Contributor

github-actions bot commented Dec 4, 2025

🤖 Gemini AI Assistant Available

Hi @meyrevived! I'm here to help with your pull request. You can interact with me using the following commands:

Available Commands

  • @gemini-cli /review - Request a comprehensive code review

    • Example: @gemini-cli /review Please focus on security and performance

  • @gemini-cli <your question> - Ask me anything about the codebase

    • Example: @gemini-cli How can I improve this function?
    • Example: @gemini-cli What are the best practices for error handling here?

How to Use

  1. Simply type one of the commands above in a comment on this PR
  2. I'll analyze your code and provide detailed feedback
  3. You can track my progress in the workflow logs

Permissions

Only OWNER, MEMBER, or COLLABORATOR users can trigger my responses. This ensures secure and appropriate usage.

This message was automatically added to help you get started with the Gemini AI assistant. Feel free to delete this comment if you don't need assistance.

@github-actions
Copy link
Contributor

github-actions bot commented Dec 4, 2025

🤖 Hi @meyrevived, I've received your request, and I'm working on it now! You can track my progress in the logs for more details.

@openshift-ci openshift-ci bot added the approved label Dec 4, 2025
@meyrevived
Copy link
Contributor Author

meyrevived commented Dec 5, 2025

/retest

@hugares hugares mentioned this pull request Dec 5, 2025
Closed
hugares
hugares requested changes Dec 5, 2025
View reviewed changes
Copy link
Contributor

@hugares hugares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You also need to regenerate the kueue configuration running this script: ./hack/kueue-vm-quotas/generate-queue-config.sh

hugares
hugares reviewed Dec 5, 2025
View reviewed changes
@hugares
Copy link
Contributor

hugares commented Dec 5, 2025

You also need to regenerate the kueue configuration running this script: ./hack/kueue-vm-quotas/generate-queue-config.sh

Done

@hugares
Copy link
Contributor

hugares commented Dec 5, 2025
edited
Loading

for review purpose, here are the relevant snippets from host-config for stage-p01:

 dynamic-platforms: "\
    linux/amd64,\
    linux/arm64,\
    linux-c2xlarge/amd64,\
    linux-c2xlarge/arm64,\
    linux-c4xlarge/amd64,\
    linux-c4xlarge/arm64,\
    linux-c6gd2xlarge/arm64,\
    linux-c8xlarge/amd64,\
    linux-c8xlarge/arm64,\
    linux-cxlarge/amd64,\
    linux-cxlarge/arm64,\
    linux-g4xlarge/amd64,\
    linux-g64xlarge/amd64,\
    linux-m2xlarge/amd64,\
    linux-m2xlarge/arm64,\
    linux-m4xlarge/amd64,\
    linux-m4xlarge/arm64,\
    linux-m8xlarge/amd64,\
    linux-m8xlarge/arm64,\
    linux-mlarge/amd64,\
    linux-mlarge/arm64,\
    linux-mxlarge/amd64,\
    linux-mxlarge/arm64,\
    linux-root/amd64,\
    linux-root/arm64,\
    macos-mac2metal/arm64\
  "
....
  dynamic.macos-mac2metal-arm64.type: "aws"
  dynamic.macos-mac2metal-arm64.region: "us-east-1"
  dynamic.macos-mac2metal-arm64.ami: "ami-000ce2c23b96216d3"
  dynamic.macos-mac2metal-arm64.instance-type: "mac2.metal"
  dynamic.macos-mac2metal-arm64.instance-tag: "stage-arm64-mac2metal"
  dynamic.macos-mac2metal-arm64.key-name: "konflux-stage-int-mab01"
  dynamic.macos-mac2metal-arm64.aws-secret: "aws-account"
  dynamic.macos-mac2metal-arm64.ssh-secret: "aws-ssh-key"
  dynamic.macos-mac2metal-arm64.security-group-id: "sg-0482e8ccae008b240"
  dynamic.macos-mac2metal-arm64.max-instances: "5"
  dynamic.macos-mac2metal-arm64.subnet-id: "subnet-07597d1edafa2b9d3"
  dynamic.macos-mac2metal-arm64.disk: "100"
  dynamic.macos-mac2metal-arm64.allocation-timeout: "1200"
  dynamic.macos-mac2metal-arm64.tenancy: "host"
  dynamic.macos-mac2metal-arm64.host-resource-group-arn: "arn:aws:resource-groups:us-east-1:654654171619:group/MacOS-Servers"
  dynamic.macos-mac2metal-arm64.license-configuration-arn: "arn:aws:license-manager:us-east-1:654654171619:license-configuration:lic-fecd71a2010a12080e452eb28065f489"
  dynamic.macos-mac2metal-arm64.user-data: |
    #!/bin/bash
    set -eu
    set -x
    
    user="konflux-builder"
    
    # Check if user already exists
    if ! id "$user" &>/dev/null; then
        # Generate random password
        random_password=$(openssl rand -base64 32)
    
        # Create user
        sudo sysadminctl -addUser "$user" -fullName "Konflux Builder" -password "$random_password" -home /Users/$user
    
        # Clear password from variable
        unset random_password
    else
        echo "User $user already exists, skipping user creation"
    fi
    
    # Create home directory if it doesn't exist
    sudo mkdir -p /Users/$user
    
    # Create SSH directory
    sudo mkdir -p /Users/$user/.ssh
    
    # Remove existing SSH keys if they exist
    sudo rm -f /Users/$user/.ssh/id_rsa /Users/$user/.ssh/id_rsa.pub
    
    # Generate new SSH keys
    sudo ssh-keygen -t rsa -b 4096 -f /Users/$user/.ssh/id_rsa -N "" -C ""
    
    # Set proper permissions on .ssh directory
    sudo chmod 700 /Users/$user/.ssh
    
    # Create/overwrite authorized_keys
    sudo chmod 600 /Users/$user/.ssh/authorized_keys 2>/dev/null || true
    sudo cat /Users/$user/.ssh/id_rsa.pub | sudo tee /Users/$user/.ssh/authorized_keys > /dev/null
    
    # Set ownership of entire home directory to ensure user has full control
    sudo chown -R $user:staff /Users/$user
    
    # Copy private key to ec2-user's directory
    sudo cp /Users/$user/.ssh/id_rsa /Users/ec2-user/$user
    
    # Set ownership of the copied private key to ec2-user
    sudo chown ec2-user:staff /Users/ec2-user/$user
    sudo chmod 600 /Users/ec2-user/$user
    
    --//--

hugares
hugares approved these changes Dec 5, 2025
View reviewed changes
Copy link
Contributor

@hugares hugares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Dec 5, 2025
@meyrevived
Copy link
Contributor Author

meyrevived commented Dec 6, 2025

/retest

@openshift-ci openshift-ci bot removed the lgtm label Dec 6, 2025
@meyrevived
Copy link
Contributor Author

meyrevived commented Dec 6, 2025

/lgtm

@openshift-ci
Copy link

openshift-ci bot commented Dec 6, 2025

@meyrevived: you cannot LGTM your own PR.

In response to this:

/lgtm

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

manish-jangra
manish-jangra approved these changes Dec 6, 2025
View reviewed changes
Copy link
Contributor

@manish-jangra manish-jangra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/lgtm

@openshift-ci openshift-ci bot added the lgtm label Dec 6, 2025
@openshift-ci
Copy link

openshift-ci bot commented Dec 6, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hugares, manish-jangra, meyrevived

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@meyrevived meyrevived merged commit d9aca34 into redhat-appstudio:main Dec 6, 2025
11 checks passed
@openshift-ci
Copy link

openshift-ci bot commented Dec 6, 2025

@meyrevived: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/appstudio-e2e-tests 4e582d5 link unknown /test appstudio-e2e-tests

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mshaposhnik mshaposhnik mshaposhnik left review comments

@hugares hugares hugares approved these changes

@manish-jangra manish-jangra manish-jangra approved these changes

@oswcab oswcab Awaiting requested review from oswcab

@filariow filariow Awaiting requested review from filariow

Assignees

@hugares hugares

@manish-jangra manish-jangra

Labels

approved lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@meyrevived @hugares @mshaposhnik @manish-jangra