Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve logging in dev scripts #1354

Merged
merged 3 commits into from
Oct 13, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .openshift-ci/tests/e2e-test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,16 @@ GITROOT="$(git rev-parse --show-toplevel)"
export GITROOT
# shellcheck source=/dev/null
source "${GITROOT}/dev/env/scripts/lib.sh"
init
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is already called by bootstrap.sh


bootstrap.sh

log "Setting up e2e test environment"

if [[ "$CLUSTER_TYPE" != "openshift-ci" ]]; then
log "Cleaning up left-over resource (if any)"
down.sh 2>/dev/null
else
log "Skipping cleanup of left-over resources because CLUSTER_TYPE is openshift-ci"
fi

up.sh
Expand Down
15 changes: 14 additions & 1 deletion .openshift-ci/tests/e2e.sh
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,20 @@ RUN_CENTRAL_E2E_DEFAULT="true"
if [[ "${OPENSHIFT_CI:-}" == "true" ]]; then
# We are running in an OpenShift CI context, configure accordingly.
log "Executing in OpenShift CI context"

log "Retrieving secrets from Vault mount"
shopt -s nullglob
for cred in /var/run/rhacs-ms-e2e-tests/[A-Z]*; do
secret_name="$(basename "$cred")"
secret_value="$(cat "$cred")"
log "Got secret ${secret_name}"
case "$secret_name" in
"IMAGE_PUSH_REGISTRY")
log "Got secret IMAGE_PUSH_REGISTRY=${secret_value}"
;;
*)
log "Got secret ${secret_name}"
;;
esac
export "${secret_name}"="${secret_value}"
done
export STATIC_TOKEN="${FLEET_STATIC_TOKEN:-}"
Expand All @@ -30,6 +38,8 @@ if [[ "${OPENSHIFT_CI:-}" == "true" ]]; then
export GINKGO_FLAGS="--no-color -v"
# When running in OpenShift CI, ensure we also run the auth E2E tests.
RUN_AUTH_E2E_DEFAULT="true"
else
log "Executing in local context"
fi

init
Expand Down Expand Up @@ -67,6 +77,8 @@ if [[ "$RUN_AUTH_E2E" == "true" ]]; then
export OCM_TOKEN

# The RH SSO secrets are correctly set up within vault, the tests will be skipped if they are empty.
else
log "Skipping setup of authentication related environment variables for auth E2E tests because RUN_AUTH_E2E is not set to true"
fi

if [[ -z "$STATIC_TOKEN" ]]; then
Expand All @@ -80,6 +92,7 @@ fi
log

if [[ "$INHERIT_IMAGEPULLSECRETS" == "true" ]]; then # pragma: allowlist secret
log "INHERIT_IMAGEPULLSECRETS is true, verifying that QUAY_USER and QUAY_TOKEN are set"
if [[ -z "${QUAY_USER:-}" ]]; then
die "QUAY_USER needs to be set"
fi
Expand Down
1 change: 0 additions & 1 deletion dev/env/scripts/apply
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ GITROOT="$(git rev-parse --show-toplevel)"
export GITROOT
# shellcheck source=/dev/null
source "${GITROOT}/dev/env/scripts/lib.sh"
init
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is already called beforehand


apply_res() {
local path="$1"
Expand Down
9 changes: 7 additions & 2 deletions dev/env/scripts/bootstrap.sh
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ source "${GITROOT}/dev/env/scripts/docker.sh"
init

cat <<EOF
** Preparing ACSCS Test Environment **
** Preparing ACSCS Environment **

Image: ${FLEET_MANAGER_IMAGE}
Namespace: ${ACSCS_NAMESPACE}
Expand All @@ -30,7 +30,6 @@ Output:
${kc_output:-(no output)}"
fi

# Create Namespaces.
apply "${MANIFESTS_DIR}/shared"
wait_for_default_service_account "$ACSCS_NAMESPACE"

Expand All @@ -42,14 +41,19 @@ if [[ "$INHERIT_IMAGEPULLSECRETS" == "true" ]]; then
create-imagepullsecrets
inject_ips "$ACSCS_NAMESPACE" "default" "quay-ips"
inject_ips "$STACKROX_OPERATOR_NAMESPACE" "default" "quay-ips"
else
log "Skipping creation of ImagePullSecrets because INHERIT_IMAGEPULLSECRETS is not true"
fi

if [[ "$INSTALL_OPENSHIFT_ROUTER" == "true" ]]; then
log "Installing OpenShift Router"
apply "${MANIFESTS_DIR}/openshift-router"
else
log "Skipping installation of OpenShift Router"
fi

if [[ "$INSTALL_OPERATOR" == "true" ]]; then
log "Installing RHACS Operator"
install_operator.sh
else
# We will be running without RHACS operator, but at least install our CRDs.
Expand All @@ -58,6 +62,7 @@ else
fi

if [[ "$RHACS_STANDALONE_MODE" == "true" ]]; then
log "Updating operator configmap to enable standalone mode"
apply "${MANIFESTS_DIR}/rhacs-operator/03-operators-config.yaml"
fi

Expand Down
5 changes: 4 additions & 1 deletion dev/env/scripts/create-imagepullsecrets
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ GITROOT="$(git rev-parse --show-toplevel)"
export GITROOT
# shellcheck source=/dev/null
source "${GITROOT}/dev/env/scripts/lib.sh"
init
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is already called beforehand


registry="quay.io"
username="${QUAY_USER:-}"
Expand Down Expand Up @@ -71,6 +70,7 @@ function print_auth() {
registry_auth="$(print_auth "$(mkauth "${username}" "${password}")")"

if [[ "$INSTALL_OPERATOR" == "true" || "$RHACS_TARGETED_OPERATOR_UPGRADES" == "true" ]]; then
log "Creating quay-ips image pull secret in namespace ${STACKROX_OPERATOR_NAMESPACE}"
resOperatorImage=$(
cat <<EOF
apiVersion: v1
Expand All @@ -84,8 +84,11 @@ type: kubernetes.io/dockerconfigjson
EOF
)
echo "$resOperatorImage" | $KUBECTL -n "$STACKROX_OPERATOR_NAMESPACE" apply -f -
else
log "Skipping creating quay-ips image pull secret in namespace ${STACKROX_OPERATOR_NAMESPACE}"
fi

log "Creating quay-ips image pull secret in namespace ${ACSCS_NAMESPACE}"
res=$(
cat <<EOF
apiVersion: v1
Expand Down
35 changes: 23 additions & 12 deletions dev/env/scripts/install_operator.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,6 @@ source "${GITROOT}/dev/env/scripts/lib.sh"
# shellcheck source=/dev/null
source "${GITROOT}/dev/env/scripts/docker.sh"

init
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

already called before by bootstrap.sh


if [[ "$INSTALL_OLM" == "true" ]]; then
if ! command -v operator-sdk >/dev/null 2>&1; then
die "Error: Unable to install OLM, operator-sdk executable is not found"
Expand All @@ -20,20 +18,25 @@ if [[ "$INSTALL_OLM" == "true" ]]; then
else
log "OLM already installed..."
fi
else
log "Skipping installation of OLM"
fi

log "Installing operator"
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bad indentation


apply "${MANIFESTS_DIR}"/rhacs-operator/*.yaml # This installs the operator-group.
log "Installing operator"
apply "${MANIFESTS_DIR}"/rhacs-operator/*.yaml # This installs the operator-group.

if [[ "$OPERATOR_SOURCE" == "quay" ]]; then
apply "${MANIFESTS_DIR}"/rhacs-operator/quay/01-catalogsource.yaml
fi
if [[ "$OPERATOR_SOURCE" == "quay" ]]; then
apply "${MANIFESTS_DIR}"/rhacs-operator/quay/01-catalogsource.yaml
else
log "Skipping installation of RHACS Operator CatalogSource"
fi

# pragma: allowlist nextline secret
if [[ "$OPERATOR_SOURCE" == "quay" && "$INHERIT_IMAGEPULLSECRETS" == "true" ]]; then
inject_ips "$STACKROX_OPERATOR_NAMESPACE" "stackrox-operator-test-index" "quay-ips"
fi
# pragma: allowlist nextline secret
if [[ "$OPERATOR_SOURCE" == "quay" && "$INHERIT_IMAGEPULLSECRETS" == "true" ]]; then
inject_ips "$STACKROX_OPERATOR_NAMESPACE" "stackrox-operator-test-index" "quay-ips"
else
log "Skipping injection of ImagePullSecrets into ${STACKROX_OPERATOR_NAMESPACE}/stackrox-operator-test-index"
fi

if [[ "$OPERATOR_SOURCE" == "quay" ]]; then
# Need to wait with the subscription creation until the catalog source has been updated,
Expand Down Expand Up @@ -70,16 +73,24 @@ if [[ "$OPERATOR_SOURCE" == "quay" ]]; then
fi

# This creates the subscription.
log "Installing RHACS Operator Subscription"
apply "${MANIFESTS_DIR}"/rhacs-operator/quay/*.yaml

# Apparently we potentially have to wait longer than the default of 60s sometimes...
wait_for_resource_to_appear "$STACKROX_OPERATOR_NAMESPACE" "serviceaccount" "rhacs-operator-controller-manager" 180
sleep 10 # Wait for ServiceAccount created by OLM to settle, otherwise the patching below might have no effect.

inject_ips "$STACKROX_OPERATOR_NAMESPACE" "rhacs-operator-controller-manager" "quay-ips"
# Possibly the imagePullSecrets were not picked up yet, which is why we respawn them:

log "Restarting RHACS Operator pod to pick up imagePullSecrets"
$KUBECTL -n "$STACKROX_OPERATOR_NAMESPACE" delete pod -l app=rhacs-operator

elif [[ "$OPERATOR_SOURCE" == "marketplace" ]]; then
log "Installing RHACS Operator from Marketplace"
apply "${MANIFESTS_DIR}"/rhacs-operator/marketplace/*.yaml
else
log "Skipping installation of RHACS Operator"
fi

wait_for_container_to_become_ready "$STACKROX_OPERATOR_NAMESPACE" "app=rhacs-operator" "manager" 900
76 changes: 75 additions & 1 deletion dev/env/scripts/lib.sh
Original file line number Diff line number Diff line change
Expand Up @@ -67,9 +67,13 @@ init() {
export PATH="$GITROOT/dev/env/scripts:${PATH}"
fi

available_cluster_types=$(find "${GITROOT}/dev/env/defaults" -maxdepth 1 -type d -name "cluster-type-*" -print0 | xargs -0 -n1 basename | sed -e 's/^cluster-type-//;' | sort | paste -sd "," -)

export CLUSTER_TYPE="${CLUSTER_TYPE:-$CLUSTER_TYPE_DEFAULT}"
if [[ -z "$CLUSTER_TYPE" ]]; then
die "Error: CLUSTER_TYPE not set and could not be figured out. Please make sure that it is initialized properly."
die "Error: CLUSTER_TYPE not set and could not be figured out. Please make sure that it is initialized properly. Available cluster types: ${available_cluster_types}"
elif [[ ! "$available_cluster_types" =~ (^|,)"$CLUSTER_TYPE"($|,) ]]; then
die "Error: CLUSTER_TYPE '${CLUSTER_TYPE}' is not supported. Available cluster types: ${available_cluster_types}"
fi

for env_file in "${GITROOT}/dev/env/defaults/cluster-type-${CLUSTER_TYPE}/"*; do
Expand Down Expand Up @@ -150,6 +154,7 @@ init() {

if [[ "$FLEET_MANAGER_IMAGE" == "" ]]; then
FLEET_MANAGER_IMAGE=$(make -s -C "$GITROOT" full-image-tag)
log "FLEET_MANAGER_IMAGE not set, using ${FLEET_MANAGER_IMAGE}"
fi

if [[ "$ENABLE_CENTRAL_EXTERNAL_CERTIFICATE" != "false" && ("$ROUTE53_ACCESS_KEY" == "" || "$ROUTE53_SECRET_ACCESS_KEY" == "") ]]; then
Expand All @@ -160,6 +165,75 @@ init() {
if [[ "$CLUSTER_TYPE" == "minikube" ]]; then
eval "$(minikube docker-env)"
fi

cat <<EOF
** Environment **
CLUSTER_TYPE: ${CLUSTER_TYPE}
CLUSTER_NAME: ${CLUSTER_NAME}
ENABLE_EXTERNAL_CONFIG: ${ENABLE_EXTERNAL_CONFIG}
AWS_AUTH_HELPER: ${AWS_AUTH_HELPER}
KUBECTL: ${KUBECTL}
ACSCS_NAMESPACE: ${ACSCS_NAMESPACE}
CLUSTER_ID: ${CLUSTER_ID}
CLUSTER_DNS: ${CLUSTER_DNS}
DOCKER: ${DOCKER}
KIND: ${KIND}
IMAGE_REGISTRY: ${IMAGE_REGISTRY}
IMAGE_REGISTRY_HOST: ${IMAGE_REGISTRY_HOST}
STACKROX_OPERATOR_CHANNEL: ${STACKROX_OPERATOR_CHANNEL}
STACKROX_OPERATOR_VERSION: ${STACKROX_OPERATOR_VERSION}
CENTRAL_VERSION: ${CENTRAL_VERSION}
SCANNER_VERSION: ${SCANNER_VERSION}
STACKROX_OPERATOR_NAMESPACE: ${STACKROX_OPERATOR_NAMESPACE}
STACKROX_OPERATOR_INDEX_IMAGE: ${STACKROX_OPERATOR_INDEX_IMAGE}
OPENSHIFT_MARKETPLACE: ${OPENSHIFT_MARKETPLACE}
INSTALL_OPERATOR: ${INSTALL_OPERATOR}
INSTALL_OPENSHIFT_ROUTER: ${INSTALL_OPENSHIFT_ROUTER}
DATABASE_HOST: ${DATABASE_HOST}
DATABASE_PORT: ${DATABASE_PORT}
DATABASE_NAME: ${DATABASE_NAME}
DATABASE_USER: ${DATABASE_USER}
DATABASE_PASSWORD: ********
DATABASE_TLS_CERT: ${DATABASE_TLS_CERT}
OCM_SERVICE_CLIENT_ID: ${OCM_SERVICE_CLIENT_ID}
OCM_SERVICE_CLIENT_SECRET: ********
OCM_SERVICE_TOKEN: ********
SENTRY_KEY: ********
AWS_ACCESS_KEY: ********
AWS_ACCOUNT_ID: ${AWS_ACCOUNT_ID}
AWS_SECRET_ACCESS_KEY: ********
SSO_CLIENT_ID: ${SSO_CLIENT_ID}
SSO_CLIENT_SECRET: ********
OSD_IDP_SSO_CLIENT_ID: ${OSD_IDP_SSO_CLIENT_ID}
OSD_IDP_SSO_CLIENT_SECRET: ********
ROUTE53_ACCESS_KEY: ********
ROUTE53_SECRET_ACCESS_KEY: ********
OBSERVABILITY_CONFIG_ACCESS_TOKEN: ********
IMAGE_PULL_DOCKER_CONFIG: ${IMAGE_PULL_DOCKER_CONFIG}
INHERIT_IMAGEPULLSECRETS: ${INHERIT_IMAGEPULLSECRETS}
SPAWN_LOGGER: ${SPAWN_LOGGER}
DUMP_LOGS: ${DUMP_LOGS}
OPERATOR_SOURCE: ${OPERATOR_SOURCE}
INSTALL_OLM: ${INSTALL_OLM}
ENABLE_DB_PORT_FORWARDING: ${ENABLE_DB_PORT_FORWARDING}
ENABLE_FM_PORT_FORWARDING: ${ENABLE_FM_PORT_FORWARDING}
FINAL_TEAR_DOWN: ${FINAL_TEAR_DOWN}
FLEET_MANAGER_RESOURCES: ${FLEET_MANAGER_RESOURCES}
FLEETSHARD_SYNC_RESOURCES: ${FLEETSHARD_SYNC_RESOURCES}
DB_RESOURCES: ${DB_RESOURCES}
RHACS_OPERATOR_RESOURCES: ${RHACS_OPERATOR_RESOURCES}
DOCKER_CONFIG: ${DOCKER_CONFIG}
SKIP_TESTS: ${SKIP_TESTS}
ENABLE_CENTRAL_EXTERNAL_CERTIFICATE: ${ENABLE_CENTRAL_EXTERNAL_CERTIFICATE}
CENTRAL_DOMAIN_NAME: ${CENTRAL_DOMAIN_NAME}
FLEET_MANAGER_IMAGE: ${FLEET_MANAGER_IMAGE}
IGNORE_REPOSITORY_DIRTINESS: ${IGNORE_REPOSITORY_DIRTINESS}
RHACS_TARGETED_OPERATOR_UPGRADES: ${RHACS_TARGETED_OPERATOR_UPGRADES}
RHACS_STANDALONE_MODE: ${RHACS_STANDALONE_MODE}
RHACS_GITOPS_ENABLED: ${RHACS_GITOPS_ENABLED}
FLEET_MANAGER_CONTAINER_COMMAND: ${FLEET_MANAGER_CONTAINER_COMMAND}
FLEETSHARD_SYNC_CONTAINER_COMMAND: ${FLEETSHARD_SYNC_CONTAINER_COMMAND}
EOF
}

wait_for_container_to_appear() {
Expand Down
Loading