From 9f526c1e2e11ae3d9dc7f81ec6fa99fc9c5360fc Mon Sep 17 00:00:00 2001 From: Janos Laszlo Vasik Date: Tue, 25 Jun 2024 14:43:22 +0200 Subject: [PATCH] feat: RHINENG-9589 add autopromotion pipeline tests --- Dockerfile | 7 +++ Makefile | 9 ++- ...openshift_stage_test_template_generator.rb | 20 ++++++ config/stage_test/kustomization.yaml | 22 +++++++ config/stage_test/stage_test.yaml | 23 +++++++ config/stage_test/stage_test_role.yaml | 14 +++++ .../stage_test/stage_test_role_binding.yaml | 11 ++++ .../stage_test_service_account.yaml | 4 ++ stage_test.sh | 24 +++++++ stage_test_template.yaml | 63 +++++++++++++++++++ 10 files changed, 196 insertions(+), 1 deletion(-) create mode 100644 config/plugins/openshift_stage_test_template_generator.rb create mode 100644 config/stage_test/kustomization.yaml create mode 100644 config/stage_test/stage_test.yaml create mode 100644 config/stage_test/stage_test_role.yaml create mode 100644 config/stage_test/stage_test_role_binding.yaml create mode 100644 config/stage_test/stage_test_service_account.yaml create mode 100644 stage_test.sh create mode 100644 stage_test_template.yaml diff --git a/Dockerfile b/Dockerfile index 9eb643e..170a9ef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,12 @@ USER root RUN dnf -y upgrade && \ dnf -y clean all +RUN curl --output oc.tar.gz \ +https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp/stable/openshift-client-linux.tar.gz && \ +tar -xvf oc.tar.gz oc && \ +mv oc /usr/local/bin/ && \ +rm oc.tar.gz + USER ${USER_UID} COPY requirements.yml ${HOME}/requirements.yml @@ -16,3 +22,4 @@ RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ COPY watches.yaml ${HOME}/watches.yaml COPY roles/ ${HOME}/roles/ COPY playbooks/ ${HOME}/playbooks/ +COPY stage_test.sh ${HOME}/stage_test.sh diff --git a/Makefile b/Makefile index 881014a..9e78de4 100644 --- a/Makefile +++ b/Makefile @@ -52,8 +52,9 @@ IMG ?= $(IMAGE_TAG_BASE):$(VERSION) # Build parameters IMG_BUILD_PARAMS ?= -# OpenShift Template file +# OpenShift Template files OPENSHIFT_TEMPLATE ?= deploy_template.yaml +OPENSHIFT_STAGE_TEST_TEMPLATE ?= stage_test_template.yaml .PHONY: all all: podman-build @@ -146,6 +147,12 @@ openshift-template: kustomize config/plugins/openshift_template_generator.rb config/templated/template_params.yaml \ > "${OPENSHIFT_TEMPLATE}" +.PHONY: openshift-stage-test-template +openshift-stage-test-template: kustomize + $(KUSTOMIZE) build config/stage_test | \ + config/plugins/openshift_stage_test_template_generator.rb \ + > "${OPENSHIFT_STAGE_TEST_TEMPLATE}" + .PHONY: ansible-operator ANSIBLE_OPERATOR = $(shell pwd)/bin/ansible-operator ansible-operator: ## Download ansible-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist. diff --git a/config/plugins/openshift_stage_test_template_generator.rb b/config/plugins/openshift_stage_test_template_generator.rb new file mode 100644 index 0000000..e760820 --- /dev/null +++ b/config/plugins/openshift_stage_test_template_generator.rb @@ -0,0 +1,20 @@ +#!/bin/ruby + +require 'yaml' + +objects = YAML.load_stream(STDIN) + +# Replacing 'name' key with 'generateName' key ensuring Job name uniqueness in the staging environment +objects[3]['metadata']['name'] += '-' +objects[3]['metadata']['generateName'] = objects[3]['metadata'].delete('name') + +template = { + 'apiVersion' => 'v1', + 'kind' => 'Template', + 'metadata' => { + 'name' => 'floorist-operator-stage-test' + }, + 'objects' => objects +} + +YAML.dump(template, STDOUT) diff --git a/config/stage_test/kustomization.yaml b/config/stage_test/kustomization.yaml new file mode 100644 index 0000000..5dce3a3 --- /dev/null +++ b/config/stage_test/kustomization.yaml @@ -0,0 +1,22 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +# Adds namespace to all resources. +namespace: floorist-operator-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: floorist-operator- + +# Labels to add to all resources and selectors. +#commonLabels: +# someName: someValue + +resources: +- stage_test_service_account.yaml +- stage_test_role.yaml +- stage_test_role_binding.yaml +- stage_test.yaml diff --git a/config/stage_test/stage_test.yaml b/config/stage_test/stage_test.yaml new file mode 100644 index 0000000..08e7ec3 --- /dev/null +++ b/config/stage_test/stage_test.yaml @@ -0,0 +1,23 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: stage-test +spec: + template: + spec: + restartPolicy: Never + serviceAccountName: stage-test-service-account + containers: + - image: quay.io/cloudservices/floorist-operator:latest + name: floorist-operator-stage-test + imagePullPolicy: Always + command: + - sh + args: + - stage_test.sh + resources: + requests: + memory: 256Mi + cpu: 300m + limits: + memory: 512Mi diff --git a/config/stage_test/stage_test_role.yaml b/config/stage_test/stage_test_role.yaml new file mode 100644 index 0000000..ed79109 --- /dev/null +++ b/config/stage_test/stage_test_role.yaml @@ -0,0 +1,14 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: stage-test-role +rules: +- apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch diff --git a/config/stage_test/stage_test_role_binding.yaml b/config/stage_test/stage_test_role_binding.yaml new file mode 100644 index 0000000..11c2eb5 --- /dev/null +++ b/config/stage_test/stage_test_role_binding.yaml @@ -0,0 +1,11 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: stage-test-rolebinding +roleRef: + kind: Role + name: stage-test-role + apiGroup: rbac.authorization.k8s.io +subjects: +- kind: ServiceAccount + name: stage-test-service-account diff --git a/config/stage_test/stage_test_service_account.yaml b/config/stage_test/stage_test_service_account.yaml new file mode 100644 index 0000000..743ad74 --- /dev/null +++ b/config/stage_test/stage_test_service_account.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: stage-test-service-account diff --git a/stage_test.sh b/stage_test.sh new file mode 100644 index 0000000..55aba19 --- /dev/null +++ b/stage_test.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# Get names of all cronjobs, if not found any ignore the error message +# to not let k8s raise an error with an exit code indicating success +CRONJOBS=$(oc get cronjobs 2>/dev/null | awk 'NR>1 {print $1}') + +if [ -z "$CRONJOBS" ]; then + echo "ERROR: no cronjobs found" + exit 1 +fi + +for CRONJOB in $CRONJOBS; do + SUCCESS=$(oc get job -l "pod=${CRONJOB}" -o jsonpath='{.items[].status.succeeded}{"\n"}') + + if [ -z "$SUCCESS" ]; then + echo "ERROR: cronjob $CRONJOB has not created any jobs" + exit 1 + fi + + if [ "$SUCCESS" != "1" ]; then + echo "ERROR: cronjob $CRONJOB has not created successful jobs" + exit 1 + fi +done diff --git a/stage_test_template.yaml b/stage_test_template.yaml new file mode 100644 index 0000000..d71dfc2 --- /dev/null +++ b/stage_test_template.yaml @@ -0,0 +1,63 @@ +--- +apiVersion: v1 +kind: Template +metadata: + name: floorist-operator-stage-test +objects: +- apiVersion: v1 + kind: ServiceAccount + metadata: + name: floorist-operator-stage-test-service-account + namespace: floorist-operator-system +- apiVersion: rbac.authorization.k8s.io/v1 + kind: Role + metadata: + name: floorist-operator-stage-test-role + namespace: floorist-operator-system + rules: + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch +- apiVersion: rbac.authorization.k8s.io/v1 + kind: RoleBinding + metadata: + name: floorist-operator-stage-test-rolebinding + namespace: floorist-operator-system + roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: floorist-operator-stage-test-role + subjects: + - kind: ServiceAccount + name: floorist-operator-stage-test-service-account + namespace: floorist-operator-system +- apiVersion: batch/v1 + kind: Job + metadata: + namespace: floorist-operator-system + generateName: floorist-operator-stage-test- + spec: + template: + spec: + containers: + - args: + - stage_test.sh + command: + - sh + image: quay.io/rhn_engineering_jvasik/floorist-operator:latest + imagePullPolicy: Always + name: floorist-operator-stage-test + resources: + limits: + memory: 512Mi + requests: + cpu: 300m + memory: 256Mi + restartPolicy: Never + serviceAccountName: floorist-operator-stage-test-service-account