diff --git a/cloudbuild/virtual.yaml b/cloudbuild/virtual.yaml index 0636b762bf3..0d541ff574a 100644 --- a/cloudbuild/virtual.yaml +++ b/cloudbuild/virtual.yaml @@ -6,7 +6,7 @@ steps: - USERNAME=user - SSH_ARGS=--internal-ip --ssh-key-expire-after=1d - INSTANCE_NAME=fp-presubmit-${BUILD_ID} - - INSTANCE_ARGS=--network cloudbuild-workers --image-project gep-kne --image-family kne --machine-type ${_MACHINE_TYPE} ${_MACHINE_ARGS} --boot-disk-size 200GB --scopes=default,compute-rw + - INSTANCE_ARGS=--network cloudbuild-workers --image-project gep-kne --image-family kne --machine-type ${_MACHINE_TYPE} ${_MACHINE_ARGS} --boot-disk-size 200GB --service-account=fp-kne@disco-idea-817.iam.gserviceaccount.com --scopes=default,compute-rw - ZONE=us-west1-a - REMOTE_WORKSPACE=/tmp/featureprofiles - COMMAND=sudo su -c "echo 'user ALL=(ALL) NOPASSWD:ALL' | sudo EDITOR='tee -a' visudo"; sudo -iu user /tmp/featureprofiles/cloudbuild/virtual.sh "${_DUT_PLATFORM}" "${_DUT_TESTS}" diff --git a/tools/ci-trigger/README.md b/tools/ci-trigger/README.md index 6467ea677ae..4165edd4d91 100644 --- a/tools/ci-trigger/README.md +++ b/tools/ci-trigger/README.md @@ -84,7 +84,7 @@ docker push us-west1-docker.pkg.dev/disco-idea-817/featureprofiles-ci/featurepro To deploy the container into the project: ``` -gcloud run deploy featureprofiles-ci-trigger --cpu 2000m --memory 2Gi --region us-west1 --image us-west1-docker.pkg.dev/disco-idea-817/featureprofiles-ci/featureprofiles-ci-trigger:latest +gcloud run deploy featureprofiles-ci-trigger --cpu 2000m --memory 2Gi --region us-west1 --image us-west1-docker.pkg.dev/disco-idea-817/featureprofiles-ci/featureprofiles-ci-trigger:latest --service-account [SERVICE_ACCOUNT] ``` Allow for background CPU and a minimum instance count for pubsub pull to continue processing. diff --git a/tools/ci-trigger/cloudbuild.go b/tools/ci-trigger/cloudbuild.go index 6b9df6d07e0..33012e8db7b 100644 --- a/tools/ci-trigger/cloudbuild.go +++ b/tools/ci-trigger/cloudbuild.go @@ -72,6 +72,7 @@ func (c *cloudBuild) submitBuild(objPath string) (string, string, error) { Object: objPath, }, } + build.ServiceAccount = gcpCloudBuildServiceAccount resp, err := c.buildClient.Projects.Locations.Builds.Create("projects/"+gcpProjectID+"/locations/us-west1", build).Do() if err != nil { diff --git a/tools/ci-trigger/cloudbuild.yaml b/tools/ci-trigger/cloudbuild.yaml index 2fc6e316e4a..41819d1663c 100644 --- a/tools/ci-trigger/cloudbuild.yaml +++ b/tools/ci-trigger/cloudbuild.yaml @@ -11,3 +11,5 @@ steps: args: ['run', 'deploy', 'featureprofiles-ci-trigger', '--image', 'us-west1-docker.pkg.dev/$PROJECT_ID/featureprofiles-ci/featureprofiles-ci-trigger:$COMMIT_SHA', '--region', 'us-west1'] images: - us-west1-docker.pkg.dev/$PROJECT_ID/featureprofiles-ci/featureprofiles-ci-trigger +options: + logging: CLOUD_LOGGING_ONLY diff --git a/tools/ci-trigger/config.go b/tools/ci-trigger/config.go index 17ac4399fc4..9fbe446d0a6 100644 --- a/tools/ci-trigger/config.go +++ b/tools/ci-trigger/config.go @@ -51,6 +51,9 @@ const ( // gcpPhysicalTestTopic is the name of the pubsub topic in gcpProjectID for launching physical tests. gcpPhysicalTestTopic = "featureprofiles-physical-tests" + + // gcpCloudBuildServiceAccount is the service account used by all Cloud Build jobs launched for KNE tests. + gcpCloudBuildServiceAccount = "fp-kne-cloudbuild@disco-idea-817.iam.gserviceaccount.com" ) // authorizedTeams is the list of GitHub organization teams authorized to launch Cloud Build jobs.