From bd368143b0d861c721f2f45ecd448ac9cbf678aa Mon Sep 17 00:00:00 2001 From: Patrick Martin Date: Wed, 29 Apr 2026 09:41:50 +0200 Subject: [PATCH] GCP-431: feat: pass cloud-network SA to e2e tests Extract the cloud-network (CNCC) service account email from the IAM output and pass it to the e2e test binary via --e2e.gcp-network-sa. Co-Authored-By: Claude Opus 4.6 (1M context) --- .../hypershift-gcp-hosted-cluster-setup-commands.sh | 4 +++- .../gcp/run-e2e/hypershift-gcp-run-e2e-commands.sh | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ci-operator/step-registry/hypershift/gcp/hosted-cluster-setup/hypershift-gcp-hosted-cluster-setup-commands.sh b/ci-operator/step-registry/hypershift/gcp/hosted-cluster-setup/hypershift-gcp-hosted-cluster-setup-commands.sh index 6ba569e66840e..c239dff0d8082 100644 --- a/ci-operator/step-registry/hypershift/gcp/hosted-cluster-setup/hypershift-gcp-hosted-cluster-setup-commands.sh +++ b/ci-operator/step-registry/hypershift/gcp/hosted-cluster-setup/hypershift-gcp-hosted-cluster-setup-commands.sh @@ -115,8 +115,9 @@ NODEPOOL_SA=$(awk -F'"' '/"nodepool-mgmt"/{print $4}' "${IAM_OUTPUT}") CLOUDCONTROLLER_SA=$(awk -F'"' '/"cloud-controller"/{print $4}' "${IAM_OUTPUT}") STORAGE_SA=$(awk -F'"' '/"gcp-pd-csi"/{print $4}' "${IAM_OUTPUT}") IMAGEREGISTRY_SA=$(awk -F'"' '/"image-registry"/{print $4}' "${IAM_OUTPUT}") +NETWORK_SA=$(awk -F'"' '/"cloud-network"/{print $4}' "${IAM_OUTPUT}") -if [[ -z "${PROJECT_NUMBER}" || -z "${POOL_ID}" || -z "${PROVIDER_ID}" || -z "${CONTROLPLANE_SA}" || -z "${NODEPOOL_SA}" || -z "${CLOUDCONTROLLER_SA}" || -z "${STORAGE_SA}" || -z "${IMAGEREGISTRY_SA}" ]]; then +if [[ -z "${PROJECT_NUMBER}" || -z "${POOL_ID}" || -z "${PROVIDER_ID}" || -z "${CONTROLPLANE_SA}" || -z "${NODEPOOL_SA}" || -z "${CLOUDCONTROLLER_SA}" || -z "${STORAGE_SA}" || -z "${IMAGEREGISTRY_SA}" || -z "${NETWORK_SA}" ]]; then echo "ERROR: Failed to parse WIF configuration from IAM output" cat "${IAM_OUTPUT}" exit 1 @@ -131,6 +132,7 @@ echo "${NODEPOOL_SA}" > "${SHARED_DIR}/nodepool-sa" echo "${CLOUDCONTROLLER_SA}" > "${SHARED_DIR}/cloudcontroller-sa" echo "${STORAGE_SA}" > "${SHARED_DIR}/storage-sa" echo "${IMAGEREGISTRY_SA}" > "${SHARED_DIR}/imageregistry-sa" +echo "${NETWORK_SA}" > "${SHARED_DIR}/network-sa" echo "WIF configuration saved to SHARED_DIR" diff --git a/ci-operator/step-registry/hypershift/gcp/run-e2e/hypershift-gcp-run-e2e-commands.sh b/ci-operator/step-registry/hypershift/gcp/run-e2e/hypershift-gcp-run-e2e-commands.sh index 3b78eff9d90c4..a2ded434b0003 100644 --- a/ci-operator/step-registry/hypershift/gcp/run-e2e/hypershift-gcp-run-e2e-commands.sh +++ b/ci-operator/step-registry/hypershift/gcp/run-e2e/hypershift-gcp-run-e2e-commands.sh @@ -45,6 +45,7 @@ CONTROLPLANE_SA="" CLOUDCONTROLLER_SA="" STORAGE_SA="" IMAGEREGISTRY_SA="" +NETWORK_SA="" SA_SIGNING_KEY_PATH="" if [[ -f "${SHARED_DIR}/wif-project-number" ]]; then @@ -71,6 +72,9 @@ fi if [[ -f "${SHARED_DIR}/imageregistry-sa" ]]; then IMAGEREGISTRY_SA="$(<"${SHARED_DIR}/imageregistry-sa")" fi +if [[ -f "${SHARED_DIR}/network-sa" ]]; then + NETWORK_SA="$(<"${SHARED_DIR}/network-sa")" +fi if [[ -f "${SHARED_DIR}/sa-signing-key-path" ]]; then SA_SIGNING_KEY_PATH="$(<"${SHARED_DIR}/sa-signing-key-path")" fi @@ -153,6 +157,7 @@ hack/ci-test-e2e.sh -test.v \ --e2e.gcp-cloudcontroller-sa="${CLOUDCONTROLLER_SA}" \ --e2e.gcp-storage-sa="${STORAGE_SA}" \ --e2e.gcp-imageregistry-sa="${IMAGEREGISTRY_SA}" \ + --e2e.gcp-network-sa="${NETWORK_SA}" \ --e2e.gcp-sa-signing-key-path="${SA_SIGNING_KEY_PATH}" \ --e2e.gcp-oidc-issuer-url="${OIDC_ISSUER_URL}" \ --e2e.gcp-boot-image="${GCP_BOOT_IMAGE}" \