Implement CI using CircleCI

[vprashar2929]

This PR is in continuation to this. It contains implementing RHOBS configuration CI using CircleCI and addresses some of the drawbacks of using GitHub Actions.
Currently the CI pipeline performs following actions:

1. Run microshift on Linux VM that is provided by CircleCI. Since RHOBS configs are specific to OCP so it's best to use OCP env to deploy and test these instead of kind/minikube.
2. Deploy's the generated manifests on microshift cluster with minimum resources.
3. Run a small test using observatorium/up (Like in observatorium e2e.sh) to verify send/receive metrics.

Using circleci we are getting good resources out of the box than existing GitHub Actions runners.

[douglascamata]

hey @vprashar2929, can you mention the drawbacks of Github Actions that makes us fallback to Circle CI, please, as we spoke some time ago? It's valuable to have the reasoning of the decision for documentation purposes.

[simonpasquier]

I'm really an outsider here but I agree with @douglascamata that more context would be helpful
I'd keep also in mind that CircleCI might reduce the free plan's resources at any time without prior notice. Do we have a backup plan for this possibility?

[vprashar2929]

hey @vprashar2929, can you mention the drawbacks of Github Actions that makes us fallback to Circle CI, please, as we spoke some time ago? It's valuable to have the reasoning of the decision for documentation purposes.

So the only difference between the two according to our CI use case is in terms of out of the box (free of cost) resources which both has to offer. GitHub Actions provide 2 vCPU and 7GB or ram which are not sufficient enough to deploy complete RHOBS components in one go. Whereas CircleCI provides 4 vCPU and 15GB of ram.
Since we want to deploy RHOBS with minimum resources and run a simple test on generated manifests than currently it is easy to achieve using CircleCI instead of GitHub Actions.

[vprashar2929]

I'm really an outsider here but I agree with @douglascamata that more context would be helpful I'd keep also in mind that CircleCI might reduce the free plan's resources at any time without prior notice. Do we have a backup plan for this possibility?

Oh reduce free plan resources hurts 😅. Well in that case what we can do is deploy each components individually and check its rollout status. But in this case we won't be able to deploy all components at once and run tests on it. It can only validate the deployments generated manifests.

[douglascamata]

@simonpasquier @vprashar2929 my proposals for the case where CircleCI reduces the size of the free runner:

1. We join the paid plan (lol) of whichever of the two vendors has the best cost/benefit ratio for our case.
2. We run a private Github Action Runner for the builds of the RHOBS org.

I personally don't worry too much in case we need a backup plan. 👍

[vprashar2929]

@douglascamata Absolutely agree with you. We can definitely do a cost analysis between the two and choose what best suits us according to cost. Provided we are willing to pay the bucks😄
Also I am open to self-hosted GitHub runners specifically for our RHOBS repo as in that case we can have a dedicated OCP cluster running and escape from resources crunch completely.

[douglascamata]

@vprashar2929 was wondering if we could better separate here the deploy procedures and the test ones, so that we can reuse the test part in a post-deploy job. What do you think? This is not a blocker though. I am happy with merging this as is now and then follow up with the separation and more tests.

[vprashar2929]

CI test procedures consist of just checking the rollout status of various deployments/statefulsets along with running observatorium-up to send/receive metrics.

The current post deploy job runs inside a docker with observatorium-up binary copied to Alpine-based container and a runtest.sh script is triggered inside the container. Since this script was already created specifically for post deploy job I think we can reuse this script for adding further checks to job. What are your thoughts?

[douglascamata]

Sounds good to me. 👍

[douglascamata]

LGTM.

Would be great to have a review from other team members (cc @rhobs/team-monitoring)

[sthaha]

I think it s best to have -u set for all bash script. I good template to follow in imho is

#!/usr/bin/env bash

set -eu -opipefail

main() {
  return 0
}

main "$@"

[vprashar2929]

Definitely will add -u flag. Will avoid any undefined behaviour in script

[sthaha]

declare -r for all readonly vars

[sthaha]

why is this required? where do we change this variable?

[vprashar2929]

Earlier I used two variables for Logging purposes INFO and ERROR. But since we are gathering Artifacts in case of any failure I think its best to remove this

[sthaha]

Do we need a subshell here?

Suggested change

	oc rollout status $res -n $namespace --timeout=5m || (must_gather "$ARTIFACT_DIR" && exit 1)
	oc rollout status $res -n $namespace --timeout=5m || {
	must_gather "$ARTIFACT_DIR"
	return 1
	}

[vprashar2929]

Not mandatory. We can use {} along with || as well as it will also allow executing multiple commands if the oc rollout status fails

[sthaha]

nit: a blank line between functions will help with readability.

[sthaha]

should we use apply ? or create ?

[sthaha]

sleep is usually a code smell. It is better to "poll" or wait for something to happen.

[vprashar2929]

Sure will add oc wait to wait for namespace to be created.

[sthaha]

Suggested change

	oc process -f ../minio-template.yaml -p MINIO_CPU_REQUEST=30m -p MINIO_CPU_LIMITS=50m -p MINIO_MEMORY_REQUEST=50Mi -p MINIO_MEMORY_LIMITS=100Mi --local -o yaml | sed -e 's/storage: [0-9].Gi/storage: 0.25Gi/g' | oc apply -n minio -f -
	oc process -f ../minio-template.yaml \
	-p MINIO_CPU_REQUEST=30m \
	-p MINIO_CPU_LIMITS=50m \
	-p MINIO_MEMORY_REQUEST=50Mi \
	-p MINIO_MEMORY_LIMITS=100Mi \
	--local -o yaml |
	sed -e 's/storage: [0-9].Gi/storage: 0.25Gi/g' |
	oc apply -n minio -f -

[vprashar2929]

VIM effects😅

[sthaha]

Suggested change

	case $1 in
	metrics)
	prereq
	minio
	dex
	observatorium_metrics
	observatorium
	run_test
	telemeter
	;;
	logs)
	#TODO
	;;
	traces)
	#TODO
	;;
	*)
	echo "usage: $(basename "$0") { metrics | logs | traces }"
	;;
	esac
	main() {
	case $1 in
	metrics)
	prereq
	minio
	dex
	observatorium_metrics
	observatorium
	run_test
	telemeter
	;;
	logs)
	#TODO
	;;
	traces)
	#TODO
	;;
	*)
	echo "usage: $(basename "$0") { metrics | logs | traces }"
	return 1
	;;
	esac
	}
	main "$@"

[sthaha]

Also just FYI instead of case, you can directly jump to a function like so

ci.metrics() {
	:
}

ci.logs() {
	:
}

ci.help() {
	local exit_code=${1:-0}

	local fns=($(declare -F -p | cut -f3 -d ' ' |
		grep '^et\.' | cut -f2- -d.))

	read -d '^' -r docstring <<EOF_HELP
Usage:
  $(basename "$0") <task>

Tasks:
$(printf "  - %s\n" "${fns[@]}")
^ after this won't be read
EOF_HELP
	echo -e "$docstring"
	exit "$exit_code"
}

is_function() {
	local fn=$1
	shift
	[[ $(type -t "$fn") == "function" ]]
	return $?
}

main() {
	local fn=${1:-''}
	local ci_fn="ci.$fn"
	if ! is_function "$ci_fn"; then
		ci.help 1
	fi
	# call the function passing in the reset of the args
	shift
	$ci_fn "$@"
	return $?
}

[vprashar2929]

Awesome @sthaha 🙇🏼‍♂️. I haven't tried like this but this looks good. Will definitely use this!