From 52bd1fdc541a9277e5a24437576902511113670d Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Mon, 25 Jan 2021 16:33:22 +0100 Subject: Improve 'application' role test coverage Helm plugin installation task is now also covered Change-Id: Ib0a724de5dc1b300ea6cd27fe363b99b071d787b Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/application/molecule/default/tests/test_default.py | 2 +- ansible/test/roles/prepare-application/tasks/main.yml | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/ansible/roles/application/molecule/default/tests/test_default.py b/ansible/roles/application/molecule/default/tests/test_default.py index 21fc40e4..df50c472 100644 --- a/ansible/roles/application/molecule/default/tests/test_default.py +++ b/ansible/roles/application/molecule/default/tests/test_default.py @@ -20,7 +20,7 @@ repo list serve repo list repo add local http://127.0.0.1:8879 -install --name moleculetestapp local/moleculetestapp --namespace \ +deploy moleculetestapp local/moleculetestapp --namespace \ moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ --timeout 1800""" diff --git a/ansible/test/roles/prepare-application/tasks/main.yml b/ansible/test/roles/prepare-application/tasks/main.yml index 75abb802..9eb695b1 100644 --- a/ansible/test/roles/prepare-application/tasks/main.yml +++ b/ansible/test/roles/prepare-application/tasks/main.yml @@ -6,6 +6,7 @@ delegate_to: localhost loop: - "{{ app_helm_charts_install_directory }}" + - "{{ app_helm_charts_install_directory + '/helm' + '/plugins' + '/deploy' }}" - certs - "{{ application_pre_install_role + '/tasks/' }}" - "{{ application_post_install_role + '/tasks/' }}" @@ -19,6 +20,14 @@ delegate_to: localhost when: simulate_helm +- name: Create Helm plugin mock + copy: + content: | + # Mocked Helm plugin + dest: "{{ app_helm_charts_install_directory + '/helm' + '/plugins' + '/deploy' }}/deploy.sh" + delegate_to: localhost + when: simulate_helm + - name: Clean previous simulation output file file: path: "{{ helm_simulation_output_file }}" -- cgit 1.2.3-korg From 8b2864df4f19783062f3a460227994032d923ff4 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Tue, 26 Jan 2021 09:35:25 +0100 Subject: Split Helm v2 setup to separate playbook Logically splitting the application playbook to put Helm v2 and v3 specific setup actions into separate tasks file. Change-Id: I20446a196bb2687e27fdeb6a45a83565b676fc42 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- .../molecule/default/tests/test_default.py | 11 +++-- ansible/roles/application/tasks/install.yml | 57 ++-------------------- ansible/roles/application/tasks/setup-helm2.yml | 47 ++++++++++++++++++ 3 files changed, 59 insertions(+), 56 deletions(-) diff --git a/ansible/roles/application/molecule/default/tests/test_default.py b/ansible/roles/application/molecule/default/tests/test_default.py index df50c472..1451a8fe 100644 --- a/ansible/roles/application/molecule/default/tests/test_default.py +++ b/ansible/roles/application/molecule/default/tests/test_default.py @@ -10,10 +10,7 @@ def test_helm_commands(host): fc = host.file('/tmp/helm_simu_output').content_string helm_release = host.ansible.get_variables()['helm_version'] if helm_release == 'v2': - content_str1 = 'home' - elif helm_release == 'v3': - content_str1 = 'env' - expected_content = content_str1 + """ + expected_content = """home init --upgrade --skip-refresh version --tiller-connection-timeout 10 repo list @@ -23,6 +20,12 @@ repo add local http://127.0.0.1:8879 deploy moleculetestapp local/moleculetestapp --namespace \ moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ +--timeout 1800""" + elif helm_release == 'v3': + expected_content = """env +deploy moleculetestapp local/moleculetestapp --namespace \ +moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ +overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ --timeout 1800""" assert fc == expected_content diff --git a/ansible/roles/application/tasks/install.yml b/ansible/roles/application/tasks/install.yml index 9e27e2de..fdb74af6 100644 --- a/ansible/roles/application/tasks/install.yml +++ b/ansible/roles/application/tasks/install.yml @@ -1,51 +1,4 @@ --- -- name: Helm init and upgrade - command: | - {{ helm_bin_dir }}/helm init - --upgrade - --skip-refresh - changed_when: true # init is always changed type of action - -# A correct way to implement this would be using --wait option in helm init invocation. -# However, it does not work due to https://github.com/helm/helm/issues/4031 (fixed in newer helm release) -- name: "Wait for helm upgrade to finish" - command: "{{ helm_bin_dir }}/helm version --tiller-connection-timeout 10" - register: result - until: result.rc == 0 - delay: 10 - retries: 12 - changed_when: false # for idempotency - -- name: Get all helm repos - command: "{{ helm_bin_dir }}/helm repo list" - register: repos - changed_when: false # for idempotency - -- name: Remove stable repo - command: "{{ helm_bin_dir }}/helm repo remove stable" - changed_when: true # when executed its a changed type of action - when: "'stable' in repos.stdout" - -- name: Helm Serve - shell: "{{ helm_bin_dir }}/helm serve &" - async: 45 - poll: 3 # wait 3sec to get a chance for some stderr - register: helm_serve - changed_when: "'address already in use' not in helm_serve.stderr" - -- name: List helm repos - command: "{{ helm_bin_dir }}/helm repo list" - register: helm_repo_list - changed_when: false # for idempotency - failed_when: - - helm_repo_list.rc > 0 - - "'Error: no repositories to show' not in helm_repo_list.stderr" - -- name: Helm Add Repo - command: "{{ helm_bin_dir }}/helm repo add {{ helm_repository_name | mandatory }} {{ helm_repository_url | mandatory }}" - when: "'local' not in helm_repo_list.stdout" - changed_when: true # when executed its a changed type of action - # Make utility is missing in Ubuntu by default and it's necessary for building local helm repository - name: Install build-essential package: @@ -53,6 +6,11 @@ state: present when: ansible_os_family == "Debian" +- include_tasks: setup-helm2.yml + when: helm_version | regex_search("^v2" ) +- include_tasks: setup-helm3.yml + when: helm_version | regex_search("^v3" ) + - name: Build local helm repository make: chdir: "{{ app_helm_charts_infra_directory }}" @@ -78,11 +36,6 @@ debug: var: helm_override_files -- include_tasks: setup-helm2.yml - when: helm_version | regex_search("^v2" ) -- include_tasks: setup-helm3.yml - when: helm_version | regex_search("^v3" ) - - name: "Helm Install application {{ app_name }}" command: > {{ helm_bin_dir }}/helm diff --git a/ansible/roles/application/tasks/setup-helm2.yml b/ansible/roles/application/tasks/setup-helm2.yml index 77f0ee91..8479e1a1 100644 --- a/ansible/roles/application/tasks/setup-helm2.yml +++ b/ansible/roles/application/tasks/setup-helm2.yml @@ -1,4 +1,51 @@ --- +- name: Helm init and upgrade + command: | + {{ helm_bin_dir }}/helm init + --upgrade + --skip-refresh + changed_when: true # init is always changed type of action + +# A correct way to implement this would be using --wait option in helm init invocation. +# However, it does not work due to https://github.com/helm/helm/issues/4031 (fixed in newer helm release) +- name: "Wait for helm upgrade to finish" + command: "{{ helm_bin_dir }}/helm version --tiller-connection-timeout 10" + register: result + until: result.rc == 0 + delay: 10 + retries: 12 + changed_when: false # for idempotency + +- name: Get all helm repos + command: "{{ helm_bin_dir }}/helm repo list" + register: repos + changed_when: false # for idempotency + +- name: Remove stable repo + command: "{{ helm_bin_dir }}/helm repo remove stable" + changed_when: true # when executed its a changed type of action + when: "'stable' in repos.stdout" + +- name: Helm Serve + shell: "{{ helm_bin_dir }}/helm serve &" + async: 45 + poll: 3 # wait 3sec to get a chance for some stderr + register: helm_serve + changed_when: "'address already in use' not in helm_serve.stderr" + +- name: List helm repos + command: "{{ helm_bin_dir }}/helm repo list" + register: helm_repo_list + changed_when: false # for idempotency + failed_when: + - helm_repo_list.rc > 0 + - "'Error: no repositories to show' not in helm_repo_list.stderr" + +- name: Helm Add Repo + command: "{{ helm_bin_dir }}/helm repo add {{ helm_repository_name | mandatory }} {{ helm_repository_url | mandatory }}" + when: "'local' not in helm_repo_list.stdout" + changed_when: true # when executed its a changed type of action + - name: Check for deploy plugin presence stat: path: '{{ helm_home_dir.stdout }}/plugins/deploy/deploy.sh' -- cgit 1.2.3-korg From 283ecef8914e6397b4a8b88e4a31b2908d4aa078 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Tue, 26 Jan 2021 15:30:12 +0100 Subject: Add 'chartmuseum' role Added 'chartmuseum' role which runs Helm repository server using chartmuseum. Change-Id: I8745cd7e602e147fb656297e0afb8e82a5d058ff Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/chartmuseum/.yamllint | 11 ++++++++ ansible/roles/chartmuseum/defaults/main.yml | 3 ++ .../chartmuseum/molecule/default/Dockerfile.j2 | 14 +++++++++ .../chartmuseum/molecule/default/molecule.yml | 33 ++++++++++++++++++++++ .../chartmuseum/molecule/default/playbook.yml | 5 ++++ .../roles/chartmuseum/molecule/default/prepare.yml | 5 ++++ .../molecule/default/tests/test_default.py | 16 +++++++++++ ansible/roles/chartmuseum/tasks/main.yml | 20 +++++++++++++ .../test/roles/prepare-chartmuseum/tasks/main.yml | 12 ++++++++ 9 files changed, 119 insertions(+) create mode 100644 ansible/roles/chartmuseum/.yamllint create mode 100644 ansible/roles/chartmuseum/defaults/main.yml create mode 100644 ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 create mode 100644 ansible/roles/chartmuseum/molecule/default/molecule.yml create mode 100644 ansible/roles/chartmuseum/molecule/default/playbook.yml create mode 100644 ansible/roles/chartmuseum/molecule/default/prepare.yml create mode 100644 ansible/roles/chartmuseum/molecule/default/tests/test_default.py create mode 100644 ansible/roles/chartmuseum/tasks/main.yml create mode 100644 ansible/test/roles/prepare-chartmuseum/tasks/main.yml diff --git a/ansible/roles/chartmuseum/.yamllint b/ansible/roles/chartmuseum/.yamllint new file mode 100644 index 00000000..ad0be760 --- /dev/null +++ b/ansible/roles/chartmuseum/.yamllint @@ -0,0 +1,11 @@ +extends: default + +rules: + braces: + max-spaces-inside: 1 + level: error + brackets: + max-spaces-inside: 1 + level: error + line-length: disable + truthy: disable diff --git a/ansible/roles/chartmuseum/defaults/main.yml b/ansible/roles/chartmuseum/defaults/main.yml new file mode 100644 index 00000000..6816d151 --- /dev/null +++ b/ansible/roles/chartmuseum/defaults/main.yml @@ -0,0 +1,3 @@ +--- +chartmuseum_port: "8879" +chartmuseum_storage_dir: "{{ app_data_path }}/chartmuseum" diff --git a/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 b/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 new file mode 100644 index 00000000..e6aa95d3 --- /dev/null +++ b/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 @@ -0,0 +1,14 @@ +# Molecule managed + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi diff --git a/ansible/roles/chartmuseum/molecule/default/molecule.yml b/ansible/roles/chartmuseum/molecule/default/molecule.yml new file mode 100644 index 00000000..07652b7a --- /dev/null +++ b/ansible/roles/chartmuseum/molecule/default/molecule.yml @@ -0,0 +1,33 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: instance-chartmuseum + image: centos:7 + groups: + - infrastructure +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + inventory: + group_vars: + all: + app_name: moleculetestapp + app_data_path: "/opt/{{ app_name }}" + helm_bin_dir: /usr/local/bin + chartmuseum_storage_dir: "/opt/{{ app_name }}/chartmuseum" + chartmuseum_port: "1234" +scenario: + name: default +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/roles/chartmuseum/molecule/default/playbook.yml b/ansible/roles/chartmuseum/molecule/default/playbook.yml new file mode 100644 index 00000000..2694582a --- /dev/null +++ b/ansible/roles/chartmuseum/molecule/default/playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Converge + hosts: all + roles: + - chartmuseum diff --git a/ansible/roles/chartmuseum/molecule/default/prepare.yml b/ansible/roles/chartmuseum/molecule/default/prepare.yml new file mode 100644 index 00000000..5201bcec --- /dev/null +++ b/ansible/roles/chartmuseum/molecule/default/prepare.yml @@ -0,0 +1,5 @@ +--- +- name: Prepare infra + hosts: infrastructure + roles: + - prepare-chartmuseum diff --git a/ansible/roles/chartmuseum/molecule/default/tests/test_default.py b/ansible/roles/chartmuseum/molecule/default/tests/test_default.py new file mode 100644 index 00000000..71d1978d --- /dev/null +++ b/ansible/roles/chartmuseum/molecule/default/tests/test_default.py @@ -0,0 +1,16 @@ +import os + +import testinfra.utils.ansible_runner + +testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( + os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') + + +def test_chartmuseum(host): + ansible_vars = host.ansible.get_variables() + p = host.process.get(comm="chartmuseum") + assert 'chartmuseum --storage local --storage-local-rootdir /opt/' +\ + ansible_vars['app_name'] + '/chartmuseum -port ' +\ + ansible_vars['chartmuseum_port'] in p.args + assert host.file("/opt/" + ansible_vars['app_name'] + + "/chartmuseum").is_directory diff --git a/ansible/roles/chartmuseum/tasks/main.yml b/ansible/roles/chartmuseum/tasks/main.yml new file mode 100644 index 00000000..d7121a53 --- /dev/null +++ b/ansible/roles/chartmuseum/tasks/main.yml @@ -0,0 +1,20 @@ +--- +- name: Install chartmuseum + copy: + src: "{{ app_data_path }}/downloads/chartmuseum" + dest: "{{ helm_bin_dir }}" + remote_src: true + mode: 0755 + +- name: Create storage directory for chartmuseum + file: + path: "{{ chartmuseum_storage_dir }}" + state: directory + +- name: Run Helm chart repository + shell: "{{ helm_bin_dir }}/chartmuseum --storage local --storage-local-rootdir {{ chartmuseum_storage_dir }} -port {{ chartmuseum_port }} &" + async: 10 + poll: 3 + register: chart_repository + changed_when: "'address already in use' not in chart_repository.stderr" + failed_when: "'Starting ChartMuseum' not in chart_repository.stderr" diff --git a/ansible/test/roles/prepare-chartmuseum/tasks/main.yml b/ansible/test/roles/prepare-chartmuseum/tasks/main.yml new file mode 100644 index 00000000..b0bb5d11 --- /dev/null +++ b/ansible/test/roles/prepare-chartmuseum/tasks/main.yml @@ -0,0 +1,12 @@ +--- +- name: "Ensure {{ app_data_path }}/downloads directory exists" + file: + path: "{{ app_data_path }}/downloads" + recurse: true + state: directory + +- name: "Download chartmuseum" + get_url: + url: "https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum" + dest: "{{ app_data_path }}/downloads" + remote_src: true -- cgit 1.2.3-korg From e16c7beac85b9a4f04a0b3b8a91ff872d8e99ae5 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Tue, 26 Jan 2021 15:31:11 +0100 Subject: Add Molecule test scenario to verify 'chartmuseum' role on Ubuntu Change-Id: Ic3f78a9fd46bef8e3e2138d9c04850db00651b63 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- .../roles/chartmuseum/molecule/ubuntu/molecule.yml | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml diff --git a/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml b/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml new file mode 100644 index 00000000..d2851ccf --- /dev/null +++ b/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml @@ -0,0 +1,38 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: instance-ubuntu-chartmuseum + image: ubuntu:18.04 + dockerfile: ../default/Dockerfile.j2 + groups: + - infrastructure +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + inventory: + group_vars: + all: + app_name: moleculetestapp + app_data_path: "/opt/{{ app_name }}" + helm_bin_dir: /usr/local/bin + chartmuseum_storage_dir: "/opt/{{ app_name }}/chartmuseum" + chartmuseum_port: "1234" + playbooks: + prepare: ../default/prepare.yml + converge: ../default/playbook.yml +scenario: + name: ubuntu +verifier: + name: testinfra + lint: + name: flake8 + directory: ../default/tests/ -- cgit 1.2.3-korg From 228dbba6c3a7aadeba24eabd68649ed6bf0bdfbc Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Tue, 26 Jan 2021 15:44:25 +0100 Subject: Add 'chartmuseum' binary to downloaded utilities list Packaging script is also altered to properly symlink the chartmuseum binary. Change-Id: I9a2f526852ae1ebdc0763a06a2cf22f093090aa6 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- build/data_lists/infra_bin_utils.list | 1 + build/package.py | 3 +++ 2 files changed, 4 insertions(+) diff --git a/build/data_lists/infra_bin_utils.list b/build/data_lists/infra_bin_utils.list index 36a9fe6b..41462645 100644 --- a/build/data_lists/infra_bin_utils.list +++ b/build/data_lists/infra_bin_utils.list @@ -1,3 +1,4 @@ https://storage.googleapis.com/kubernetes-release/release/v1.15.11/bin/linux/amd64/kubectl https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz https://github.com/rancher/rke/releases/download/v1.0.4/rke_linux-amd64 +https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum diff --git a/build/package.py b/build/package.py index c3d89d30..14664ca6 100755 --- a/build/package.py +++ b/build/package.py @@ -252,6 +252,9 @@ def build_offline_deliverables(build_version, kubectl_files = glob.glob(os.path.join('.', '**/kubectl'), recursive=True) os.symlink(kubectl_files[0], os.path.join(download_dir_path, kubectl_files[0].split('/')[-1])) + chartmuseum_files = glob.glob(os.path.join('.', '**/chartmuseum'), recursive=True) + os.symlink(chartmuseum_files[0], os.path.join(download_dir_path, chartmuseum_files[0].split('/')[-1])) + os.chdir(script_location) # End of workaround -- cgit 1.2.3-korg From 9d800fd301cfc10ba4d47d2548d6881c67b491a2 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 28 Jan 2021 12:47:55 +0100 Subject: Add Helm v3.3.4 to the list of downloaded utilities Change-Id: Ida635aac40557f079fc8ef611352bff82fc3e8c0 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- build/data_lists/infra_bin_utils.list | 1 + 1 file changed, 1 insertion(+) diff --git a/build/data_lists/infra_bin_utils.list b/build/data_lists/infra_bin_utils.list index 41462645..a174be1d 100644 --- a/build/data_lists/infra_bin_utils.list +++ b/build/data_lists/infra_bin_utils.list @@ -1,4 +1,5 @@ https://storage.googleapis.com/kubernetes-release/release/v1.15.11/bin/linux/amd64/kubectl https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz +https://get.helm.sh/helm-v3.3.4-linux-amd64.tar.gz https://github.com/rancher/rke/releases/download/v1.0.4/rke_linux-amd64 https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum -- cgit 1.2.3-korg From 3b52879b3b92f9f7a0d4247094eb3d1f75942b06 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 28 Jan 2021 14:30:20 +0100 Subject: Fix variable inclusion order in RKE playbook tests Change-Id: Ie95d8fcb49c61f75f644ea3d04414cd6f2285efd Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/test/play-rke/molecule/default/prepare.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ansible/test/play-rke/molecule/default/prepare.yml b/ansible/test/play-rke/molecule/default/prepare.yml index ad6f0495..9f254c00 100644 --- a/ansible/test/play-rke/molecule/default/prepare.yml +++ b/ansible/test/play-rke/molecule/default/prepare.yml @@ -12,11 +12,11 @@ pre_tasks: - name: Include infrastructure group variables include_vars: ../../../../group_vars/infrastructure.yml + - name: Include test setup variables + include_vars: vars.yml roles: - role: prepare-rke vars: mode: infra - prepare-kubectl - prepare-helm - vars_files: - vars.yml -- cgit 1.2.3-korg From ea0e96c2c5479af8f338bc8a1600f5747c462c5e Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 28 Jan 2021 14:32:12 +0100 Subject: Play 'chartmuseum' role in rke playbook if running with Helm v3 Change-Id: Ica4bc217178ccbaa5574036d693fa40476fb0814 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/rke.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ansible/rke.yml b/ansible/rke.yml index ab6c0bb5..46f4e3aa 100644 --- a/ansible/rke.yml +++ b/ansible/rke.yml @@ -31,3 +31,5 @@ mode: deploy - kubectl - helm + - role: chartmuseum + when: helm_version | regex_search("^v3" ) -- cgit 1.2.3-korg From 31d3a265b3f7613f1af536c4a04f119ea83d9794 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Tue, 2 Feb 2021 14:49:17 +0100 Subject: Workaround RKE binary download issue RKE binary download was _randomly_ failing (in ONAP's CI minion only) with a message '_ssl.c:602: The handshake operation timed out' without any easily trackable reason. Hence switching from get_url ansible module to direct 'curl' command invocation which allows better timeout handling at connection phase. Change-Id: I70d734dfd8c04ba8b092350933c97c56f74d6208 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/test/roles/prepare-rke/tasks/infra.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/ansible/test/roles/prepare-rke/tasks/infra.yml b/ansible/test/roles/prepare-rke/tasks/infra.yml index 6e7bcb96..8aa93ca7 100644 --- a/ansible/test/roles/prepare-rke/tasks/infra.yml +++ b/ansible/test/roles/prepare-rke/tasks/infra.yml @@ -5,6 +5,10 @@ state: directory - name: "Install rke-{{ rke_version }}" - get_url: - url: "https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64" - dest: "{{ app_data_path }}/downloads/rke_linux-amd64" + command: "curl --connect-timeout 10 -L https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64 -o {{ app_data_path }}/downloads/rke_linux-amd64" + register: result + retries: 10 + delay: 1 + until: not result.failed + args: + warn: false -- cgit 1.2.3-korg From 5ee1e950f1e2be10762f5f08fe82bb7bd3a68bb4 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Wed, 3 Feb 2021 15:01:34 +0100 Subject: Change 'rke' role testing strategy So far Molecule framework setup allowed full rke cluster deployment in testing env but since rke cluster often fails to deploy in resource constrained CI environment this change switches testing strategy to only simulate 'rke up' operation. Change-Id: Ia221da6666d558e086cd24155f5bd81237d82388 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/rke/molecule/default/molecule.yml | 4 +++ ansible/roles/rke/molecule/default/prepare.yml | 1 - .../molecule/default/tests/test_controlplane.py | 14 -------- .../roles/rke/molecule/default/tests/test_etcd.py | 13 -------- .../molecule/default/tests/test_infrastructure.py | 38 +++------------------- .../roles/rke/molecule/default/tests/test_nodes.py | 13 -------- .../roles/rke/molecule/etcd_storage/molecule.yml | 5 +-- ansible/test/play-rke/molecule/default/prepare.yml | 1 - ansible/test/play-rke/molecule/default/vars.yml | 1 + ansible/test/roles/prepare-rke/tasks/all.yml | 3 ++ ansible/test/roles/prepare-rke/tasks/infra.yml | 13 +++++++- ansible/test/roles/prepare-rke/templates/rke.j2 | 14 ++++++++ 12 files changed, 41 insertions(+), 79 deletions(-) delete mode 100644 ansible/roles/rke/molecule/default/tests/test_controlplane.py delete mode 100644 ansible/roles/rke/molecule/default/tests/test_etcd.py delete mode 100644 ansible/roles/rke/molecule/default/tests/test_nodes.py create mode 100644 ansible/test/roles/prepare-rke/templates/rke.j2 diff --git a/ansible/roles/rke/molecule/default/molecule.yml b/ansible/roles/rke/molecule/default/molecule.yml index 3078c115..6da9e83b 100644 --- a/ansible/roles/rke/molecule/default/molecule.yml +++ b/ansible/roles/rke/molecule/default/molecule.yml @@ -49,6 +49,10 @@ provisioner: env: ANSIBLE_ROLES_PATH: ../../../../test/roles ANSIBLE_LIBRARY: ../../../../library + inventory: + group_vars: + all: + cluster_config_dir: /opt/onap/cluster options: e: "app_data_path=/opt/onap" lint: diff --git a/ansible/roles/rke/molecule/default/prepare.yml b/ansible/roles/rke/molecule/default/prepare.yml index b012790a..d20f1962 100644 --- a/ansible/roles/rke/molecule/default/prepare.yml +++ b/ansible/roles/rke/molecule/default/prepare.yml @@ -5,7 +5,6 @@ - role: prepare-rke vars: mode: all - - prepare-docker-dind - name: "Infra specific preparations" hosts: infrastructure diff --git a/ansible/roles/rke/molecule/default/tests/test_controlplane.py b/ansible/roles/rke/molecule/default/tests/test_controlplane.py deleted file mode 100644 index 0bfbca2d..00000000 --- a/ansible/roles/rke/molecule/default/tests/test_controlplane.py +++ /dev/null @@ -1,14 +0,0 @@ -import os -import pytest - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts( - 'kubernetes-control-plane') - - -@pytest.mark.parametrize('container_name', [ - 'kube-apiserver', 'kube-controller-manager', 'kube-scheduler', 'kubelet']) -def test_container_running(host, container_name): - assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/molecule/default/tests/test_etcd.py b/ansible/roles/rke/molecule/default/tests/test_etcd.py deleted file mode 100644 index 0f4b6f12..00000000 --- a/ansible/roles/rke/molecule/default/tests/test_etcd.py +++ /dev/null @@ -1,13 +0,0 @@ -import os -import pytest - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-etcd') - - -@pytest.mark.parametrize('container_name', [ - 'etcd']) -def test_container_running(host, container_name): - assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/molecule/default/tests/test_infrastructure.py b/ansible/roles/rke/molecule/default/tests/test_infrastructure.py index 731f38bf..81f90d17 100644 --- a/ansible/roles/rke/molecule/default/tests/test_infrastructure.py +++ b/ansible/roles/rke/molecule/default/tests/test_infrastructure.py @@ -1,6 +1,5 @@ import os import pytest -import json import testinfra.utils.ansible_runner @@ -11,7 +10,9 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( @pytest.mark.parametrize('filename', [ '/root/.kube/config', '/opt/onap/cluster/cluster.yml', - '/opt/onap/cluster/cluster.rkestate']) + '/opt/onap/cluster/kubernetes-dashboard.yml', + '/opt/onap/cluster/k8s-dashboard-user.yml', + '/opt/onap/cluster/kube_config_cluster.yml']) def test_file_existence(host, filename): assert host.file(filename).exists @@ -22,35 +23,4 @@ def test_rke_in_path(host): def test_rke_version_works(host): # Note that we need to cd to the cluster data dir first, really. - assert host.run('cd /opt/onap/cluster && rke version').rc == 0 - - -def test_nodes_ready(host): - # Retrieve all node names. - nodecmdres = host.run('kubectl get nodes -o name') - assert nodecmdres.rc == 0 - nodes = nodecmdres.stdout.split('\n') - for node in nodes: - assert host.run( - 'kubectl wait --timeout=0 --for=condition=ready ' + node).rc == 0 - - -def test_pods_ready(host): - # Retrieve all pods from all namespaces. - # Because we need pod and namespace name, we get full json representation. - podcmdres = host.run('kubectl get pods --all-namespaces -o json') - assert podcmdres.rc == 0 - pods = json.loads(podcmdres.stdout)['items'] - for pod in pods: - # Each pod may be either created by a job or not. - # In job case they should already be completed - # when we are here so we ignore them. - namespace = pod['metadata']['namespace'] - podname = pod['metadata']['name'] - condition = 'Ready' - if len(pod['metadata']['ownerReferences']) == 1 and pod[ - 'metadata']['ownerReferences'][0]['kind'] == 'Job': - continue - assert host.run( - 'kubectl wait --timeout=240s --for=condition=' + condition + ' -n ' + - namespace + ' pods/' + podname).rc == 0 + assert host.run('cd /opt/onap/cluster && rke').rc == 0 diff --git a/ansible/roles/rke/molecule/default/tests/test_nodes.py b/ansible/roles/rke/molecule/default/tests/test_nodes.py deleted file mode 100644 index 60413018..00000000 --- a/ansible/roles/rke/molecule/default/tests/test_nodes.py +++ /dev/null @@ -1,13 +0,0 @@ -import os -import pytest - -import testinfra.utils.ansible_runner - -testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( - os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('kubernetes-node') - - -@pytest.mark.parametrize('container_name', [ - 'kubelet', 'kube-proxy']) -def test_container_running(host, container_name): - assert host.docker(container_name).is_running diff --git a/ansible/roles/rke/molecule/etcd_storage/molecule.yml b/ansible/roles/rke/molecule/etcd_storage/molecule.yml index 3c915284..a68ceb95 100644 --- a/ansible/roles/rke/molecule/etcd_storage/molecule.yml +++ b/ansible/roles/rke/molecule/etcd_storage/molecule.yml @@ -52,18 +52,19 @@ provisioner: inventory: group_vars: all: + cluster_config_dir: /opt/onap/cluster rke_etcd: enabled_custom_etcd_storage: false storage_path: /var/lib/etcd-custom storage_mountpoint: /var/lib/rancher/etcd-custom enabled_unsafe_volatile_storage: true tmpfs_size: 5G + options: + e: "app_data_path=/opt/onap" playbooks: prepare: ../default/prepare.yml converge: ../default/playbook.yml destroy: ../default/destroy.yml - options: - e: "app_data_path=/opt/onap" lint: name: ansible-lint scenario: diff --git a/ansible/test/play-rke/molecule/default/prepare.yml b/ansible/test/play-rke/molecule/default/prepare.yml index 9f254c00..6d810052 100644 --- a/ansible/test/play-rke/molecule/default/prepare.yml +++ b/ansible/test/play-rke/molecule/default/prepare.yml @@ -2,7 +2,6 @@ - name: Prepare for all hosts: all roles: - - prepare-docker-dind - role: prepare-rke vars: mode: all diff --git a/ansible/test/play-rke/molecule/default/vars.yml b/ansible/test/play-rke/molecule/default/vars.yml index fa5b60e3..739dc955 100644 --- a/ansible/test/play-rke/molecule/default/vars.yml +++ b/ansible/test/play-rke/molecule/default/vars.yml @@ -1,3 +1,4 @@ --- app_name: moleculeapp app_data_path: "/opt/{{ app_name }}" +cluster_config_dir: "/opt/{{ app_name }}/cluster" diff --git a/ansible/test/roles/prepare-rke/tasks/all.yml b/ansible/test/roles/prepare-rke/tasks/all.yml index d4b67c1f..7f876ff3 100644 --- a/ansible/test/roles/prepare-rke/tasks/all.yml +++ b/ansible/test/roles/prepare-rke/tasks/all.yml @@ -4,3 +4,6 @@ name: systemd-user-sessions state: started +- name: "Add docker group" + group: + name: docker diff --git a/ansible/test/roles/prepare-rke/tasks/infra.yml b/ansible/test/roles/prepare-rke/tasks/infra.yml index 8aa93ca7..0a0b9273 100644 --- a/ansible/test/roles/prepare-rke/tasks/infra.yml +++ b/ansible/test/roles/prepare-rke/tasks/infra.yml @@ -4,11 +4,22 @@ path: "{{ app_data_path }}/downloads" state: directory +- name: "Create rke binary wrapper" + template: + src: rke.j2 + dest: "{{ app_data_path }}/downloads/rke_linux-amd64" + mode: 0755 + - name: "Install rke-{{ rke_version }}" - command: "curl --connect-timeout 10 -L https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64 -o {{ app_data_path }}/downloads/rke_linux-amd64" + command: "curl --connect-timeout 10 -L https://github.com/rancher/rke/releases/download/v{{ rke_version }}/rke_linux-amd64 -o {{ app_data_path }}/downloads/rke_linux-amd64_real" register: result retries: 10 delay: 1 until: not result.failed args: warn: false + +- name: "Ensure downloaded rke binary has correct file mode" + file: + path: "{{ app_data_path }}/downloads/rke_linux-amd64_real" + mode: 0755 diff --git a/ansible/test/roles/prepare-rke/templates/rke.j2 b/ansible/test/roles/prepare-rke/templates/rke.j2 new file mode 100644 index 00000000..ea1267ea --- /dev/null +++ b/ansible/test/roles/prepare-rke/templates/rke.j2 @@ -0,0 +1,14 @@ +#!/bin/bash + +if [[ $@ =~ 'up' ]]; +then + # If the operation is 'rke up' then simulate rke up operation + echo $@ + touch {{ cluster_config_dir }}/kube_config_cluster.yml +elif [[ $@ =~ 'version' ]]; +then + {{ app_data_path }}/downloads/rke_linux-amd64_real version + exit 0 +else + {{ app_data_path }}/downloads/rke_linux-amd64_real $@ +fi -- cgit 1.2.3-korg From 1b74568d89e5a6dc50e852ff70266944477d0eef Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 28 Jan 2021 14:34:41 +0100 Subject: Add Helm v3 test scenario to rke playbook tests Change-Id: I2d6d650110fbdc84ce7e0922239c7b219e35d5ee Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/test/play-rke/molecule/default/prepare.yml | 2 + ansible/test/play-rke/molecule/helm3/molecule.yml | 53 ++++++++++++++++++++++ ansible/test/play-rke/molecule/helm3/playbook.yml | 1 + ansible/test/play-rke/molecule/helm3/prepare.yml | 1 + ansible/test/play-rke/molecule/helm3/vars.yml | 5 ++ 5 files changed, 62 insertions(+) create mode 100644 ansible/test/play-rke/molecule/helm3/molecule.yml create mode 120000 ansible/test/play-rke/molecule/helm3/playbook.yml create mode 120000 ansible/test/play-rke/molecule/helm3/prepare.yml create mode 100644 ansible/test/play-rke/molecule/helm3/vars.yml diff --git a/ansible/test/play-rke/molecule/default/prepare.yml b/ansible/test/play-rke/molecule/default/prepare.yml index 6d810052..789a9402 100644 --- a/ansible/test/play-rke/molecule/default/prepare.yml +++ b/ansible/test/play-rke/molecule/default/prepare.yml @@ -19,3 +19,5 @@ mode: infra - prepare-kubectl - prepare-helm + - role: prepare-chartmuseum + when: helm_version | regex_search("^v3" ) diff --git a/ansible/test/play-rke/molecule/helm3/molecule.yml b/ansible/test/play-rke/molecule/helm3/molecule.yml new file mode 100644 index 00000000..b2ff9b88 --- /dev/null +++ b/ansible/test/play-rke/molecule/helm3/molecule.yml @@ -0,0 +1,53 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + volumes: + - /var/lib/docker + - /var/lib/kubelet + groups: + - infrastructure + - kubernetes-etcd + - kubernetes-control-plane + - kubernetes + networks: + - name: rke + purge_networks: true + - name: kubernetes-node-1 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: true + privileged: true + override_command: false + restart_policy: unless-stopped + volumes: + - /var/lib/docker + - /var/lib/kubelet + groups: + - kubernetes + - kubernetes-node + networks: + - name: rke + purge_networks: true +provisioner: + name: ansible + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + lint: + name: ansible-lint +scenario: + name: helm3 +verifier: + name: testinfra + lint: + name: flake8 diff --git a/ansible/test/play-rke/molecule/helm3/playbook.yml b/ansible/test/play-rke/molecule/helm3/playbook.yml new file mode 120000 index 00000000..a3e26797 --- /dev/null +++ b/ansible/test/play-rke/molecule/helm3/playbook.yml @@ -0,0 +1 @@ +../default/playbook.yml \ No newline at end of file diff --git a/ansible/test/play-rke/molecule/helm3/prepare.yml b/ansible/test/play-rke/molecule/helm3/prepare.yml new file mode 120000 index 00000000..1c017d9a --- /dev/null +++ b/ansible/test/play-rke/molecule/helm3/prepare.yml @@ -0,0 +1 @@ +../default/prepare.yml \ No newline at end of file diff --git a/ansible/test/play-rke/molecule/helm3/vars.yml b/ansible/test/play-rke/molecule/helm3/vars.yml new file mode 100644 index 00000000..e16e502f --- /dev/null +++ b/ansible/test/play-rke/molecule/helm3/vars.yml @@ -0,0 +1,5 @@ +--- +app_name: moleculeapp +app_data_path: "/opt/{{ app_name }}" +cluster_config_dir: "/opt/{{ app_name }}/cluster" +helm_version: v3.3.4 -- cgit 1.2.3-korg From 14e400e35052b953e217145ae7d20151bcb05f04 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 28 Jan 2021 15:46:57 +0100 Subject: Add tasks to setup Helm v3 on infra node Change-Id: I959184624f93753ff7217728c3c6011e82f91ef6 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- .../application/molecule/default/tests/test_default.py | 2 ++ ansible/roles/application/tasks/setup-helm3.yml | 13 +++++++++++++ 2 files changed, 15 insertions(+) diff --git a/ansible/roles/application/molecule/default/tests/test_default.py b/ansible/roles/application/molecule/default/tests/test_default.py index 1451a8fe..1bf36247 100644 --- a/ansible/roles/application/molecule/default/tests/test_default.py +++ b/ansible/roles/application/molecule/default/tests/test_default.py @@ -23,6 +23,8 @@ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ --timeout 1800""" elif helm_release == 'v3': expected_content = """env +repo list +repo add local http://127.0.0.1:8879 deploy moleculetestapp local/moleculetestapp --namespace \ moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ diff --git a/ansible/roles/application/tasks/setup-helm3.yml b/ansible/roles/application/tasks/setup-helm3.yml index ce8cbb3a..4b50ec1c 100644 --- a/ansible/roles/application/tasks/setup-helm3.yml +++ b/ansible/roles/application/tasks/setup-helm3.yml @@ -1,4 +1,17 @@ --- +- name: List helm repos + command: "{{ helm_bin_dir }}/helm repo list" + register: helm_repo_list + changed_when: false # for idempotency + failed_when: + - helm_repo_list.rc > 0 + - "'Error: no repositories to show' not in helm_repo_list.stderr" + +- name: Helm Add Repo + command: "{{ helm_bin_dir }}/helm repo add {{ helm_repository_name | mandatory }} {{ helm_repository_url | mandatory }}" + when: "'local' not in helm_repo_list.stdout" + changed_when: true # when executed its a changed type of action + - name: Check for deploy plugin presence stat: path: '{{ helm_data_dir }}/plugins/deploy/deploy.sh' -- cgit 1.2.3-korg From c6ac1c3b4ba655b950dde7457be706b744d707d6 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Fri, 29 Jan 2021 11:45:55 +0100 Subject: Fix Helm v3 data dir setup Verifier test is also added to ensure correct plugin deployment. Change-Id: I2e43d942f39fc7ecfe34c22d84ba0f59978ec225 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/application/molecule/default/tests/test_default.py | 4 ++++ ansible/roles/application/tasks/install-helm3-plugins.yml | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/ansible/roles/application/molecule/default/tests/test_default.py b/ansible/roles/application/molecule/default/tests/test_default.py index 1bf36247..be9b4cdf 100644 --- a/ansible/roles/application/molecule/default/tests/test_default.py +++ b/ansible/roles/application/molecule/default/tests/test_default.py @@ -21,6 +21,7 @@ deploy moleculetestapp local/moleculetestapp --namespace \ moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ --timeout 1800""" + expected_plugin_path = '/plugins/deploy/deploy.sh' elif helm_release == 'v3': expected_content = """env repo list @@ -29,7 +30,10 @@ deploy moleculetestapp local/moleculetestapp --namespace \ moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ --timeout 1800""" + expected_plugin_path = '/root/.local/share/helm/plugins/deploy/' +\ + 'deploy.sh' assert fc == expected_content + assert host.file(expected_plugin_path).exists def test_helm_override_file(host): diff --git a/ansible/roles/application/tasks/install-helm3-plugins.yml b/ansible/roles/application/tasks/install-helm3-plugins.yml index da402f31..5d933ed2 100644 --- a/ansible/roles/application/tasks/install-helm3-plugins.yml +++ b/ansible/roles/application/tasks/install-helm3-plugins.yml @@ -6,12 +6,12 @@ register: helm_env - name: Set helm data dir set_fact: - helm_data_dir: | - "{% if 'HELM_DATA_HOME' in helm_env.stdout %} + helm_data_dir: + "{% if 'HELM_DATA_HOME' in helm_env.stdout -%} {{ (helm_env.stdout | replace('\"', '') | regex_search('HELM_DATA_HOME.*')).split('=')[1] }} - {% else %} + {%- else -%} {{ '~/.local/share/helm' }} - {% endif %}" + {%- endif %}" - name: Ensure that dir for helm plugins exists file: path: "{{ helm_data_dir }}/plugins" -- cgit 1.2.3-korg From a646228c463cd6635dc65ddf40cb5ed53afed5e0 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Fri, 29 Jan 2021 14:52:13 +0100 Subject: Add helm-push Helm v3 plugin to downloaded utilities list Change-Id: Iafc200d98ee69d444d2fa82ddc95c15ba008889a Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- build/data_lists/infra_bin_utils.list | 1 + build/package.py | 3 +++ 2 files changed, 4 insertions(+) diff --git a/build/data_lists/infra_bin_utils.list b/build/data_lists/infra_bin_utils.list index a174be1d..614d1c13 100644 --- a/build/data_lists/infra_bin_utils.list +++ b/build/data_lists/infra_bin_utils.list @@ -1,5 +1,6 @@ https://storage.googleapis.com/kubernetes-release/release/v1.15.11/bin/linux/amd64/kubectl https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz https://get.helm.sh/helm-v3.3.4-linux-amd64.tar.gz +https://github.com/chartmuseum/helm-push/releases/download/v0.9.0/helm-push_0.9.0_linux_amd64.tar.gz https://github.com/rancher/rke/releases/download/v1.0.4/rke_linux-amd64 https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum diff --git a/build/package.py b/build/package.py index 14664ca6..9c017b75 100755 --- a/build/package.py +++ b/build/package.py @@ -255,6 +255,9 @@ def build_offline_deliverables(build_version, chartmuseum_files = glob.glob(os.path.join('.', '**/chartmuseum'), recursive=True) os.symlink(chartmuseum_files[0], os.path.join(download_dir_path, chartmuseum_files[0].split('/')[-1])) + helm_push_files = glob.glob(os.path.join('.', '**/helm-push_*_linux_amd64.tar.gz'), recursive=True) + os.symlink(helm_push_files[0], os.path.join(download_dir_path, helm_push_files[0].split('/')[-1])) + os.chdir(script_location) # End of workaround -- cgit 1.2.3-korg From 007a4bdfef2e398d9141cc903927bae03ea4bc7a Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Mon, 1 Feb 2021 10:13:03 +0100 Subject: Refactor Helm role test setup Test setup variable inclusion reworked for better sanity. General Molecule docker image is used instead of pre-built one. Change-Id: I013b9d7b92ded86220e6f2092ce75ee47b094d89 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/helm/molecule/default/Dockerfile.j2 | 14 ++++++++++++++ .../helm/molecule/default/group_vars/infrastructure.yml | 1 - ansible/roles/helm/molecule/default/molecule.yml | 6 +----- ansible/roles/helm/molecule/default/playbook.yml | 5 +++++ ansible/roles/helm/molecule/default/prepare.yml | 2 ++ ansible/roles/helm/molecule/default/vars.yml | 1 + ansible/roles/helm/molecule/ubuntu/Dockerfile.j2 | 1 + ansible/roles/helm/molecule/ubuntu/group_vars | 1 - ansible/roles/helm/molecule/ubuntu/molecule.yml | 6 +----- 9 files changed, 25 insertions(+), 12 deletions(-) create mode 100644 ansible/roles/helm/molecule/default/Dockerfile.j2 delete mode 120000 ansible/roles/helm/molecule/default/group_vars/infrastructure.yml create mode 100644 ansible/roles/helm/molecule/default/vars.yml create mode 120000 ansible/roles/helm/molecule/ubuntu/Dockerfile.j2 delete mode 120000 ansible/roles/helm/molecule/ubuntu/group_vars diff --git a/ansible/roles/helm/molecule/default/Dockerfile.j2 b/ansible/roles/helm/molecule/default/Dockerfile.j2 new file mode 100644 index 00000000..e6aa95d3 --- /dev/null +++ b/ansible/roles/helm/molecule/default/Dockerfile.j2 @@ -0,0 +1,14 @@ +# Molecule managed + +{% if item.registry is defined %} +FROM {{ item.registry.url }}/{{ item.image }} +{% else %} +FROM {{ item.image }} +{% endif %} + +RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ + elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \ + elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ + elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ + elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ + elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi diff --git a/ansible/roles/helm/molecule/default/group_vars/infrastructure.yml b/ansible/roles/helm/molecule/default/group_vars/infrastructure.yml deleted file mode 120000 index 3e9c2f0c..00000000 --- a/ansible/roles/helm/molecule/default/group_vars/infrastructure.yml +++ /dev/null @@ -1 +0,0 @@ -../../../../../group_vars/infrastructure.yml \ No newline at end of file diff --git a/ansible/roles/helm/molecule/default/molecule.yml b/ansible/roles/helm/molecule/default/molecule.yml index 0d46c2d4..359d3aba 100644 --- a/ansible/roles/helm/molecule/default/molecule.yml +++ b/ansible/roles/helm/molecule/default/molecule.yml @@ -7,10 +7,7 @@ lint: name: yamllint platforms: - name: infrastructure-server - image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} - pre_build_image: True - privileged: true - override_command: False + image: centos:7 groups: - infrastructure provisioner: @@ -25,7 +22,6 @@ provisioner: all: app_name: onap app_data_path: "/opt/{{ app_name }}" - helm_bin_dir: /usr/local/bin scenario: name: default verifier: diff --git a/ansible/roles/helm/molecule/default/playbook.yml b/ansible/roles/helm/molecule/default/playbook.yml index 2705b165..0f3fbc27 100644 --- a/ansible/roles/helm/molecule/default/playbook.yml +++ b/ansible/roles/helm/molecule/default/playbook.yml @@ -1,5 +1,10 @@ --- - name: Converge hosts: all + pre_tasks: + - name: Include infrastructure group variables + include_vars: ../../../../group_vars/infrastructure.yml + - name: Include test scenario variables + include_vars: vars.yml roles: - helm diff --git a/ansible/roles/helm/molecule/default/prepare.yml b/ansible/roles/helm/molecule/default/prepare.yml index 34c41e8e..10ccf232 100644 --- a/ansible/roles/helm/molecule/default/prepare.yml +++ b/ansible/roles/helm/molecule/default/prepare.yml @@ -4,5 +4,7 @@ pre_tasks: - name: Include infrastructure group variables include_vars: ../../../../group_vars/infrastructure.yml + - name: Include test scenario variables + include_vars: vars.yml roles: - prepare-helm diff --git a/ansible/roles/helm/molecule/default/vars.yml b/ansible/roles/helm/molecule/default/vars.yml new file mode 100644 index 00000000..ed97d539 --- /dev/null +++ b/ansible/roles/helm/molecule/default/vars.yml @@ -0,0 +1 @@ +--- diff --git a/ansible/roles/helm/molecule/ubuntu/Dockerfile.j2 b/ansible/roles/helm/molecule/ubuntu/Dockerfile.j2 new file mode 120000 index 00000000..867ec5c3 --- /dev/null +++ b/ansible/roles/helm/molecule/ubuntu/Dockerfile.j2 @@ -0,0 +1 @@ +../default/Dockerfile.j2 \ No newline at end of file diff --git a/ansible/roles/helm/molecule/ubuntu/group_vars b/ansible/roles/helm/molecule/ubuntu/group_vars deleted file mode 120000 index 5ce8257f..00000000 --- a/ansible/roles/helm/molecule/ubuntu/group_vars +++ /dev/null @@ -1 +0,0 @@ -../default/group_vars/ \ No newline at end of file diff --git a/ansible/roles/helm/molecule/ubuntu/molecule.yml b/ansible/roles/helm/molecule/ubuntu/molecule.yml index a375a32d..a43ff074 100644 --- a/ansible/roles/helm/molecule/ubuntu/molecule.yml +++ b/ansible/roles/helm/molecule/ubuntu/molecule.yml @@ -7,10 +7,7 @@ lint: name: yamllint platforms: - name: infrastructure-server - image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} - pre_build_image: True - privileged: true - override_command: False + image: ubuntu:18.04 groups: - infrastructure provisioner: @@ -28,7 +25,6 @@ provisioner: all: app_name: onap app_data_path: "/opt/{{ app_name }}" - helm_bin_dir: /usr/local/bin scenario: name: ubuntu verifier: -- cgit 1.2.3-korg From b07d4a22dfd4fe24376de514019ca2a32e358b4b Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Mon, 1 Feb 2021 10:48:54 +0100 Subject: Add test scenario for Helm v3 Change-Id: Iad5478f70533719e1076f3961613fddffb14eebd Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/group_vars/infrastructure.yml | 1 + ansible/roles/helm/molecule/helm3/Dockerfile.j2 | 1 + ansible/roles/helm/molecule/helm3/molecule.yml | 31 +++++++++++++++++++++++++ ansible/roles/helm/molecule/helm3/playbook.yml | 1 + ansible/roles/helm/molecule/helm3/prepare.yml | 1 + ansible/roles/helm/molecule/helm3/vars.yml | 2 ++ ansible/roles/helm/tasks/main.yml | 29 +++++++++++++++++++++++ ansible/test/roles/prepare-helm/tasks/main.yml | 11 ++++++++- 8 files changed, 76 insertions(+), 1 deletion(-) create mode 120000 ansible/roles/helm/molecule/helm3/Dockerfile.j2 create mode 100644 ansible/roles/helm/molecule/helm3/molecule.yml create mode 120000 ansible/roles/helm/molecule/helm3/playbook.yml create mode 120000 ansible/roles/helm/molecule/helm3/prepare.yml create mode 100644 ansible/roles/helm/molecule/helm3/vars.yml diff --git a/ansible/group_vars/infrastructure.yml b/ansible/group_vars/infrastructure.yml index a1643a11..12d1044d 100755 --- a/ansible/group_vars/infrastructure.yml +++ b/ansible/group_vars/infrastructure.yml @@ -20,6 +20,7 @@ all_simulated_hosts: populate_nexus: false helm_bin_dir: /usr/local/bin helm_version: v2.16.6 +helm3_push_version: 0.9.0 rancher_server_image: rancher/server:v1.6.22 vnc_server_image: consol/ubuntu-icewm-vnc:1.4.0 nexus3_image: sonatype/nexus3:3.15.2 diff --git a/ansible/roles/helm/molecule/helm3/Dockerfile.j2 b/ansible/roles/helm/molecule/helm3/Dockerfile.j2 new file mode 120000 index 00000000..867ec5c3 --- /dev/null +++ b/ansible/roles/helm/molecule/helm3/Dockerfile.j2 @@ -0,0 +1 @@ +../default/Dockerfile.j2 \ No newline at end of file diff --git a/ansible/roles/helm/molecule/helm3/molecule.yml b/ansible/roles/helm/molecule/helm3/molecule.yml new file mode 100644 index 00000000..e8634477 --- /dev/null +++ b/ansible/roles/helm/molecule/helm3/molecule.yml @@ -0,0 +1,31 @@ +--- +dependency: + name: galaxy +driver: + name: docker +lint: + name: yamllint +platforms: + - name: infrastructure-server-helm3 + image: centos:7 + groups: + - infrastructure +provisioner: + name: ansible + lint: + name: ansible-lint + env: + ANSIBLE_ROLES_PATH: ../../../../test/roles + ANSIBLE_LIBRARY: ../../../../library + inventory: + group_vars: + all: + app_name: onap + app_data_path: "/opt/{{ app_name }}" +scenario: + name: helm3 +verifier: + name: testinfra + lint: + name: flake8 + directory: ../default/tests diff --git a/ansible/roles/helm/molecule/helm3/playbook.yml b/ansible/roles/helm/molecule/helm3/playbook.yml new file mode 120000 index 00000000..a3e26797 --- /dev/null +++ b/ansible/roles/helm/molecule/helm3/playbook.yml @@ -0,0 +1 @@ +../default/playbook.yml \ No newline at end of file diff --git a/ansible/roles/helm/molecule/helm3/prepare.yml b/ansible/roles/helm/molecule/helm3/prepare.yml new file mode 120000 index 00000000..1c017d9a --- /dev/null +++ b/ansible/roles/helm/molecule/helm3/prepare.yml @@ -0,0 +1 @@ +../default/prepare.yml \ No newline at end of file diff --git a/ansible/roles/helm/molecule/helm3/vars.yml b/ansible/roles/helm/molecule/helm3/vars.yml new file mode 100644 index 00000000..7ff37715 --- /dev/null +++ b/ansible/roles/helm/molecule/helm3/vars.yml @@ -0,0 +1,2 @@ +--- +helm_version: v3.3.4 diff --git a/ansible/roles/helm/tasks/main.yml b/ansible/roles/helm/tasks/main.yml index c1b47103..64db7850 100644 --- a/ansible/roles/helm/tasks/main.yml +++ b/ansible/roles/helm/tasks/main.yml @@ -9,3 +9,32 @@ - '*/helm' remote_src: true mode: 0755 + +- name: Install helm-push plugin if runing with Helm v3 + block: + - name: Get helm environment information + command: "{{ helm_bin_dir }}/helm env" + register: helm_env + changed_when: false # for idempotency + + - name: Set helm plugin dir fact + set_fact: + helm_plugin_dir: + "{% if 'HELM_PLUGINS' in helm_env.stdout -%} + {{ (helm_env.stdout | replace('\"', '') | regex_search('HELM_PLUGINS.*')).split('=')[1] }} + {%- else -%} + {{ '~/.local/share/helm/plugins' }} + {%- endif %}" + + - name: Ensure that plugin directory exists + file: + path: "{{ helm_plugin_dir }}/helm-push" + state: directory + mode: 0755 + + - name: Deploy helm-push plugin + unarchive: + src: "{{ app_data_path }}/downloads/helm-push_{{ helm3_push_version }}_linux_amd64.tar.gz" + dest: "{{ helm_plugin_dir }}/helm-push" + remote_src: true + when: helm_version | regex_search("^v3" ) diff --git a/ansible/test/roles/prepare-helm/tasks/main.yml b/ansible/test/roles/prepare-helm/tasks/main.yml index 1f461258..c1d25de0 100644 --- a/ansible/test/roles/prepare-helm/tasks/main.yml +++ b/ansible/test/roles/prepare-helm/tasks/main.yml @@ -9,4 +9,13 @@ get_url: url: "https://get.helm.sh/helm-{{ helm_version }}-linux-amd64.tar.gz" dest: "{{ app_data_path }}/downloads" - remote_src: true + +- name: Download Helm v3 helm-push plugin + command: "curl --connect-timeout 10 -L https://github.com/chartmuseum/helm-push/releases/download/v{{ helm3_push_version }}/helm-push_{{ helm3_push_version }}_linux_amd64.tar.gz -o {{ app_data_path }}/downloads/helm-push_{{ helm3_push_version }}_linux_amd64.tar.gz" + register: result + retries: 10 + delay: 1 + until: not result.failed + args: + warn: false + when: helm_version | regex_search("^v3" ) -- cgit 1.2.3-korg From bcc82e6bba9f27d4720571e65a7e7180defe73ce Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Wed, 3 Feb 2021 10:33:14 +0100 Subject: Improve bin utils symlink creation logic Change-Id: I9f468b6c731aaa764340e8503e6f377faba522b2 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- build/package.py | 23 +++++++++-------------- 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/build/package.py b/build/package.py index 9c017b75..9cd35902 100755 --- a/build/package.py +++ b/build/package.py @@ -243,20 +243,15 @@ def build_offline_deliverables(build_version, if os.path.islink(file): os.unlink(file) - rke_files = glob.glob(os.path.join('.', '**/rke_linux-amd64'), recursive=True) - os.symlink(rke_files[0], os.path.join(download_dir_path, rke_files[0].split('/')[-1])) - - helm_tar_files = glob.glob(os.path.join('.', '**/helm-*-linux-amd64.tar.gz'), recursive=True) - os.symlink(helm_tar_files[0], os.path.join(download_dir_path, helm_tar_files[0].split('/')[-1])) - - kubectl_files = glob.glob(os.path.join('.', '**/kubectl'), recursive=True) - os.symlink(kubectl_files[0], os.path.join(download_dir_path, kubectl_files[0].split('/')[-1])) - - chartmuseum_files = glob.glob(os.path.join('.', '**/chartmuseum'), recursive=True) - os.symlink(chartmuseum_files[0], os.path.join(download_dir_path, chartmuseum_files[0].split('/')[-1])) - - helm_push_files = glob.glob(os.path.join('.', '**/helm-push_*_linux_amd64.tar.gz'), recursive=True) - os.symlink(helm_push_files[0], os.path.join(download_dir_path, helm_push_files[0].split('/')[-1])) + bin_pattern_list = ['**/rke_linux-amd64', + '**/helm-*-linux-amd64.tar.gz', + '**/kubectl', + '**/amd64/chartmuseum', + '**/helm-push_*_linux_amd64.tar.gz'] + + for pattern in bin_pattern_list: + for bin_file in glob.glob(os.path.join('.', pattern), recursive=True): + os.symlink(bin_file, os.path.join(download_dir_path, bin_file.split('/')[-1])) os.chdir(script_location) # End of workaround -- cgit 1.2.3-korg From 9f0255d0406619f570d99eb432096672010c8ff1 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 4 Feb 2021 10:54:07 +0100 Subject: Drop DIND specific test env settings for 'rke' role/playbook DIND usage was already dropped so those settings are no longer required. Change-Id: Ifd2b5f26196f84ff0167558c1d5cd4c8218124d7 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/rke/molecule/default/molecule.yml | 20 -------------------- ansible/roles/rke/molecule/etcd_storage/molecule.yml | 20 -------------------- ansible/test/play-rke/molecule/default/molecule.yml | 16 ---------------- ansible/test/play-rke/molecule/helm3/molecule.yml | 14 -------------- ansible/test/roles/prepare-rke/tasks/all.yml | 7 +------ 5 files changed, 1 insertion(+), 76 deletions(-) diff --git a/ansible/roles/rke/molecule/default/molecule.yml b/ansible/roles/rke/molecule/default/molecule.yml index 6da9e83b..2e25531c 100644 --- a/ansible/roles/rke/molecule/default/molecule.yml +++ b/ansible/roles/rke/molecule/default/molecule.yml @@ -11,39 +11,19 @@ platforms: pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - volumes: - - /var/lib/kubelet - - /var/lib/docker - env: - container: docker groups: - infrastructure - kubernetes-etcd - kubernetes-control-plane - kubernetes - networks: - - name: rke - purge_networks: true - - name: kubernetes-node-1 image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - env: - container: docker - volumes: - - /var/lib/kubelet - - /var/lib/docker groups: - kubernetes - kubernetes-node - networks: - - name: rke - purge_networks: true - provisioner: name: ansible env: diff --git a/ansible/roles/rke/molecule/etcd_storage/molecule.yml b/ansible/roles/rke/molecule/etcd_storage/molecule.yml index a68ceb95..bff115e5 100644 --- a/ansible/roles/rke/molecule/etcd_storage/molecule.yml +++ b/ansible/roles/rke/molecule/etcd_storage/molecule.yml @@ -11,39 +11,19 @@ platforms: pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - volumes: - - /var/lib/kubelet - - /var/lib/docker - env: - container: docker groups: - infrastructure - kubernetes-etcd - kubernetes-control-plane - kubernetes - networks: - - name: rke - purge_networks: true - - name: kubernetes-node-1 image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - env: - container: docker - volumes: - - /var/lib/kubelet - - /var/lib/docker groups: - kubernetes - kubernetes-node - networks: - - name: rke - purge_networks: true - provisioner: name: ansible env: diff --git a/ansible/test/play-rke/molecule/default/molecule.yml b/ansible/test/play-rke/molecule/default/molecule.yml index b7e71bf5..519679a5 100644 --- a/ansible/test/play-rke/molecule/default/molecule.yml +++ b/ansible/test/play-rke/molecule/default/molecule.yml @@ -11,35 +11,19 @@ platforms: pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - volumes: - - /var/lib/docker - - /var/lib/kubelet groups: - infrastructure - kubernetes-etcd - kubernetes-control-plane - kubernetes - networks: - - name: rke - purge_networks: true - - name: kubernetes-node-1 image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - volumes: - - /var/lib/docker - - /var/lib/kubelet groups: - kubernetes - kubernetes-node - networks: - - name: rke - purge_networks: true - provisioner: name: ansible env: diff --git a/ansible/test/play-rke/molecule/helm3/molecule.yml b/ansible/test/play-rke/molecule/helm3/molecule.yml index b2ff9b88..83a2fd20 100644 --- a/ansible/test/play-rke/molecule/helm3/molecule.yml +++ b/ansible/test/play-rke/molecule/helm3/molecule.yml @@ -11,33 +11,19 @@ platforms: pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - volumes: - - /var/lib/docker - - /var/lib/kubelet groups: - infrastructure - kubernetes-etcd - kubernetes-control-plane - kubernetes - networks: - - name: rke - purge_networks: true - name: kubernetes-node-1 image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} pre_build_image: true privileged: true override_command: false - restart_policy: unless-stopped - volumes: - - /var/lib/docker - - /var/lib/kubelet groups: - kubernetes - kubernetes-node - networks: - - name: rke - purge_networks: true provisioner: name: ansible env: diff --git a/ansible/test/roles/prepare-rke/tasks/all.yml b/ansible/test/roles/prepare-rke/tasks/all.yml index 7f876ff3..a259577c 100644 --- a/ansible/test/roles/prepare-rke/tasks/all.yml +++ b/ansible/test/roles/prepare-rke/tasks/all.yml @@ -1,9 +1,4 @@ -#This is needed because login from non root is blocked by default. -- name: "Allow non root logins" - service: - name: systemd-user-sessions - state: started - +--- - name: "Add docker group" group: name: docker -- cgit 1.2.3-korg From 77324013ff407183b0d9729bd335d8bf3cc72b79 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Fri, 5 Feb 2021 13:38:08 +0100 Subject: Redirect chartmuseum stdout/stderr to /dev/null Chartmuseum logs to it's stdout/stderr during it's normal operations and since the shell pipe opened by ansible is gone once playbook finishes this resulted in chartmuseum process crashing with "broken pipe" message. Change-Id: I0e2a5471df23f5881248ecb529a0193505f56cfe Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/chartmuseum/tasks/main.yml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/ansible/roles/chartmuseum/tasks/main.yml b/ansible/roles/chartmuseum/tasks/main.yml index d7121a53..c5d63a5e 100644 --- a/ansible/roles/chartmuseum/tasks/main.yml +++ b/ansible/roles/chartmuseum/tasks/main.yml @@ -12,9 +12,13 @@ state: directory - name: Run Helm chart repository - shell: "{{ helm_bin_dir }}/chartmuseum --storage local --storage-local-rootdir {{ chartmuseum_storage_dir }} -port {{ chartmuseum_port }} &" + shell: "{{ helm_bin_dir }}/chartmuseum --storage local --storage-local-rootdir {{ chartmuseum_storage_dir }} -port {{ chartmuseum_port }} > /dev/null 2>&1 &" async: 10 poll: 3 - register: chart_repository - changed_when: "'address already in use' not in chart_repository.stderr" - failed_when: "'Starting ChartMuseum' not in chart_repository.stderr" + changed_when: false + +- name: Check Helm chart repository is running + command: pgrep chartmuseum + changed_when: false + register: pgrep_out + failed_when: pgrep_out.rc != 0 -- cgit 1.2.3-korg From 3e8ac4b4ca407f5185dfa4becc22f56dc750afe7 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Mon, 8 Feb 2021 13:48:06 +0100 Subject: Customize helm "--timeout" option format if running helm v3 Helm v3 requires unit definition for 'timeout' option which is not supported by Helm v2. Change-Id: Ia5839e5c412be1700459c70d43d2e6cc0400633d Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/application/defaults/main.yml | 2 +- ansible/roles/application/molecule/default/tests/test_default.py | 2 +- ansible/test/bin/install-molecule.sh | 3 ++- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ansible/roles/application/defaults/main.yml b/ansible/roles/application/defaults/main.yml index 6a7472a6..8e630f73 100644 --- a/ansible/roles/application/defaults/main.yml +++ b/ansible/roles/application/defaults/main.yml @@ -2,7 +2,7 @@ helm_repository_name: local helm_repository_url: http://127.0.0.1:8879 helm_extra_install_options: - - { opt: '--timeout 1800'} + - { opt: "{% if helm_version | regex_search('^v3' ) %}{{ '--timeout 1800s' }}{% else %}{{ '--timeout 1800' }}{% endif %}"} # Override file generation for Helm application can be customized by any role # given by user and found by ansible from roles_path. # By default override file is generated by 'application-override' role that diff --git a/ansible/roles/application/molecule/default/tests/test_default.py b/ansible/roles/application/molecule/default/tests/test_default.py index be9b4cdf..f57f5afc 100644 --- a/ansible/roles/application/molecule/default/tests/test_default.py +++ b/ansible/roles/application/molecule/default/tests/test_default.py @@ -29,7 +29,7 @@ repo add local http://127.0.0.1:8879 deploy moleculetestapp local/moleculetestapp --namespace \ moleculetestapp -f /opt/moleculetestapp/helm_charts/onap/resources/\ overrides/onap-all.yaml -f /opt/moleculetestapp/override.yaml \ ---timeout 1800""" +--timeout 1800s""" expected_plugin_path = '/root/.local/share/helm/plugins/deploy/' +\ 'deploy.sh' assert fc == expected_content diff --git a/ansible/test/bin/install-molecule.sh b/ansible/test/bin/install-molecule.sh index ab6de436..4df06684 100755 --- a/ansible/test/bin/install-molecule.sh +++ b/ansible/test/bin/install-molecule.sh @@ -41,5 +41,6 @@ source ${VENV_PATH}/bin/activate # Install Molecule if [ ! -z ${VIRTUAL_ENV} ]; then echo "Activated virtual env in ${VIRTUAL_ENV}" - pip -q install molecule==2.20 ansible==2.7.8 ansible-lint==4.2.0 docker pyopenssl + pip -q install -U pip + pip -q install pyopenssl molecule==2.20 ansible==2.7.8 ansible-lint==4.2.0 docker fi -- cgit 1.2.3-korg From 6578753dffe0f2c0828df345ec371945cdc03cb0 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Tue, 9 Feb 2021 12:59:23 +0100 Subject: Ensure k8s namespace for ONAP exists Helm v3 does not automatically create namespace when either of "install" or "upgrade" subcommand is called even with "--namespace" option. Change-Id: I8595d8d9cdcb904b6c032695bae4d945fd07176c Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/application/tasks/install.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ansible/roles/application/tasks/install.yml b/ansible/roles/application/tasks/install.yml index fdb74af6..883e2aa6 100644 --- a/ansible/roles/application/tasks/install.yml +++ b/ansible/roles/application/tasks/install.yml @@ -36,6 +36,12 @@ debug: var: helm_override_files +- name: "Ensure kubernetes namespace for {{ app_name }} exists" + command: kubectl create namespace {{ app_kubernetes_namespace }} + register: kubectl_out + changed_when: kubectl_out.rc == 0 + failed_when: kubectl_out.rc == 1 and "AlreadyExists" not in kubectl_out.stderr + - name: "Helm Install application {{ app_name }}" command: > {{ helm_bin_dir }}/helm -- cgit 1.2.3-korg From 8c2447c37deb1a20fb211d638f2fae017e3f6bcf Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Wed, 10 Feb 2021 13:25:59 +0100 Subject: Fix kubeconfig file permissions Kubeconfig file should not be world readable. Helm v3 prints relevant warning to stderr if it's (kubeconfig) mode is incorrect. Change-Id: I9d2b8618cd3e43a49345e96f6ed5169438a29cef Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/rke/tasks/rke_deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/rke/tasks/rke_deploy.yml b/ansible/roles/rke/tasks/rke_deploy.yml index 7b36f55d..17861ad2 100644 --- a/ansible/roles/rke/tasks/rke_deploy.yml +++ b/ansible/roles/rke/tasks/rke_deploy.yml @@ -23,4 +23,4 @@ src: "{{ cluster_config_dir }}/kube_config_cluster.yml" dest: "{{ kube_config_dir }}/config" remote_src: true - mode: 0755 + mode: 0600 -- cgit 1.2.3-korg From 8fdadad54aa08b6c585549b74d1a8323eb751691 Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Thu, 11 Feb 2021 12:06:55 +0100 Subject: Update 'helm deploy' failure criteria Contrary to helm v2, helm v3 prints regular output to stderr hence stderr output presence can no longer be used as failure criteria. Since 'deploy' plugin (for any helm release) prints a list of charts that failed to deploy at the end of it's run, it's output is used to detect deployment failure. Change-Id: I340e4e1a5be0949d866ddedfb49c0d23a48e67cf Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/roles/application/tasks/install.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/application/tasks/install.yml b/ansible/roles/application/tasks/install.yml index 883e2aa6..2db88631 100644 --- a/ansible/roles/application/tasks/install.yml +++ b/ansible/roles/application/tasks/install.yml @@ -53,4 +53,4 @@ {{ helm_extra_install_options | map(attribute='opt') | join(' ') }} changed_when: true # when executed its a changed type of action register: helm_install - failed_when: helm_install.stderr + failed_when: "'FAILED' in (helm_install.stdout | upper()) or helm_install.rc != 0" -- cgit 1.2.3-korg From d6908ed39dd5e58c539c1c818f371849dd0271eb Mon Sep 17 00:00:00 2001 From: Bartek Grzybowski Date: Fri, 12 Feb 2021 14:03:54 +0100 Subject: Run chartmuseum as a docker container A docker container for chartmuseum is run with chart storage volume mounted from hosts' resource dir for chart repo persistence across container/infra restarts. Change-Id: I692ff7a3d95414b439b15b5414bc8b959eb79414 Issue-ID: OOM-2665 Signed-off-by: Bartek Grzybowski --- ansible/group_vars/infrastructure.yml | 1 + ansible/infrastructure.yml | 2 ++ ansible/rke.yml | 2 -- ansible/roles/chartmuseum/defaults/main.yml | 1 + ansible/roles/chartmuseum/handlers/main.yml | 14 ++++++++++++ .../chartmuseum/molecule/default/Dockerfile.j2 | 14 ------------ .../chartmuseum/molecule/default/molecule.yml | 16 ++++++------- .../roles/chartmuseum/molecule/default/prepare.yml | 3 +++ .../molecule/default/tests/test_default.py | 14 +++++------- .../roles/chartmuseum/molecule/ubuntu/molecule.yml | 17 +++++++------- ansible/roles/chartmuseum/tasks/main.yml | 26 +++++++--------------- .../molecule/default/prepare.yml | 2 ++ ansible/test/play-rke/molecule/default/prepare.yml | 2 -- .../test/roles/prepare-chartmuseum/tasks/main.yml | 22 +++++++++++------- build/data_lists/infra_bin_utils.list | 1 - build/data_lists/infra_docker_images.list | 1 + build/package.py | 1 - 17 files changed, 68 insertions(+), 71 deletions(-) create mode 100644 ansible/roles/chartmuseum/handlers/main.yml delete mode 100644 ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 diff --git a/ansible/group_vars/infrastructure.yml b/ansible/group_vars/infrastructure.yml index 12d1044d..586f7925 100755 --- a/ansible/group_vars/infrastructure.yml +++ b/ansible/group_vars/infrastructure.yml @@ -26,3 +26,4 @@ vnc_server_image: consol/ubuntu-icewm-vnc:1.4.0 nexus3_image: sonatype/nexus3:3.15.2 dns_server_image: andyshinn/dnsmasq:2.76 nginx_server_image: own_nginx:2.0.0 +chartmuseum_server_image: chartmuseum/chartmuseum diff --git a/ansible/infrastructure.yml b/ansible/infrastructure.yml index 2322c8bb..27d9d76a 100644 --- a/ansible/infrastructure.yml +++ b/ansible/infrastructure.yml @@ -16,6 +16,8 @@ - nginx - chrony - nexus + - role: chartmuseum + when: helm_version | regex_search("^v3" ) - name: Setup base for Kubernetes nodes hosts: kubernetes:!infrastructure diff --git a/ansible/rke.yml b/ansible/rke.yml index 46f4e3aa..ab6c0bb5 100644 --- a/ansible/rke.yml +++ b/ansible/rke.yml @@ -31,5 +31,3 @@ mode: deploy - kubectl - helm - - role: chartmuseum - when: helm_version | regex_search("^v3" ) diff --git a/ansible/roles/chartmuseum/defaults/main.yml b/ansible/roles/chartmuseum/defaults/main.yml index 6816d151..1d3ae1ba 100644 --- a/ansible/roles/chartmuseum/defaults/main.yml +++ b/ansible/roles/chartmuseum/defaults/main.yml @@ -1,3 +1,4 @@ --- +chartmuseum_server_image_tar: "{{ chartmuseum_server_image | regex_replace('(\\/|\\:)', '_') }}.tar" chartmuseum_port: "8879" chartmuseum_storage_dir: "{{ app_data_path }}/chartmuseum" diff --git a/ansible/roles/chartmuseum/handlers/main.yml b/ansible/roles/chartmuseum/handlers/main.yml new file mode 100644 index 00000000..867aaf0f --- /dev/null +++ b/ansible/roles/chartmuseum/handlers/main.yml @@ -0,0 +1,14 @@ +--- +- name: Run chartmuseum server container + docker_container: + name: chartmuseum + image: "{{ chartmuseum_server_image }}" + env: + STORAGE: "local" + STORAGE_LOCAL_ROOTDIR: "/charts" + volumes: + - "{{ chartmuseum_storage_dir }}:/charts:rw" + ports: + - "{{ chartmuseum_port }}:8080/tcp" + restart_policy: unless-stopped + recreate: true diff --git a/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 b/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 deleted file mode 100644 index e6aa95d3..00000000 --- a/ansible/roles/chartmuseum/molecule/default/Dockerfile.j2 +++ /dev/null @@ -1,14 +0,0 @@ -# Molecule managed - -{% if item.registry is defined %} -FROM {{ item.registry.url }}/{{ item.image }} -{% else %} -FROM {{ item.image }} -{% endif %} - -RUN if [ $(command -v apt-get) ]; then apt-get update && apt-get install -y python sudo bash ca-certificates && apt-get clean; \ - elif [ $(command -v dnf) ]; then dnf makecache && dnf --assumeyes install python sudo python-devel python*-dnf bash && dnf clean all; \ - elif [ $(command -v yum) ]; then yum makecache fast && yum install -y python sudo yum-plugin-ovl bash && sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf && yum clean all; \ - elif [ $(command -v zypper) ]; then zypper refresh && zypper install -y python sudo bash python-xml && zypper clean -a; \ - elif [ $(command -v apk) ]; then apk update && apk add --no-cache python sudo bash ca-certificates; \ - elif [ $(command -v xbps-install) ]; then xbps-install -Syu && xbps-install -y python sudo bash ca-certificates && xbps-remove -O; fi diff --git a/ansible/roles/chartmuseum/molecule/default/molecule.yml b/ansible/roles/chartmuseum/molecule/default/molecule.yml index 07652b7a..9c5d1c2a 100644 --- a/ansible/roles/chartmuseum/molecule/default/molecule.yml +++ b/ansible/roles/chartmuseum/molecule/default/molecule.yml @@ -7,7 +7,12 @@ lint: name: yamllint platforms: - name: instance-chartmuseum - image: centos:7 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-centos}:${PREBUILD_DISTRO_VERSION:-centos7.6} + pre_build_image: True + privileged: true + override_command: False + volumes: + - /var/lib/docker groups: - infrastructure provisioner: @@ -18,13 +23,8 @@ provisioner: ANSIBLE_ROLES_PATH: ../../../../test/roles ANSIBLE_LIBRARY: ../../../../library inventory: - group_vars: - all: - app_name: moleculetestapp - app_data_path: "/opt/{{ app_name }}" - helm_bin_dir: /usr/local/bin - chartmuseum_storage_dir: "/opt/{{ app_name }}/chartmuseum" - chartmuseum_port: "1234" + links: + group_vars: ../../../../group_vars scenario: name: default verifier: diff --git a/ansible/roles/chartmuseum/molecule/default/prepare.yml b/ansible/roles/chartmuseum/molecule/default/prepare.yml index 5201bcec..dee6a976 100644 --- a/ansible/roles/chartmuseum/molecule/default/prepare.yml +++ b/ansible/roles/chartmuseum/molecule/default/prepare.yml @@ -1,5 +1,8 @@ --- - name: Prepare infra hosts: infrastructure + vars_files: + - ../../../../roles/chartmuseum/defaults/main.yml roles: + - prepare-docker-dind - prepare-chartmuseum diff --git a/ansible/roles/chartmuseum/molecule/default/tests/test_default.py b/ansible/roles/chartmuseum/molecule/default/tests/test_default.py index 71d1978d..40773065 100644 --- a/ansible/roles/chartmuseum/molecule/default/tests/test_default.py +++ b/ansible/roles/chartmuseum/molecule/default/tests/test_default.py @@ -6,11 +6,9 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') -def test_chartmuseum(host): - ansible_vars = host.ansible.get_variables() - p = host.process.get(comm="chartmuseum") - assert 'chartmuseum --storage local --storage-local-rootdir /opt/' +\ - ansible_vars['app_name'] + '/chartmuseum -port ' +\ - ansible_vars['chartmuseum_port'] in p.args - assert host.file("/opt/" + ansible_vars['app_name'] + - "/chartmuseum").is_directory +def test_chartmuseum_dir(host): + assert host.file("/chartmuseum").is_directory + + +def test_container_running(host): + assert host.docker('chartmuseum').is_running diff --git a/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml b/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml index d2851ccf..5f351a93 100644 --- a/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml +++ b/ansible/roles/chartmuseum/molecule/ubuntu/molecule.yml @@ -7,8 +7,12 @@ lint: name: yamllint platforms: - name: instance-ubuntu-chartmuseum - image: ubuntu:18.04 - dockerfile: ../default/Dockerfile.j2 + image: molecule-${PREBUILD_PLATFORM_DISTRO:-ubuntu}:${PREBUILD_DISTRO_VERSION:-18.04} + pre_build_image: True + privileged: true + override_command: False + volumes: + - /var/lib/docker groups: - infrastructure provisioner: @@ -19,13 +23,8 @@ provisioner: ANSIBLE_ROLES_PATH: ../../../../test/roles ANSIBLE_LIBRARY: ../../../../library inventory: - group_vars: - all: - app_name: moleculetestapp - app_data_path: "/opt/{{ app_name }}" - helm_bin_dir: /usr/local/bin - chartmuseum_storage_dir: "/opt/{{ app_name }}/chartmuseum" - chartmuseum_port: "1234" + links: + group_vars: ../../../../group_vars playbooks: prepare: ../default/prepare.yml converge: ../default/playbook.yml diff --git a/ansible/roles/chartmuseum/tasks/main.yml b/ansible/roles/chartmuseum/tasks/main.yml index c5d63a5e..16e41022 100644 --- a/ansible/roles/chartmuseum/tasks/main.yml +++ b/ansible/roles/chartmuseum/tasks/main.yml @@ -1,24 +1,14 @@ --- -- name: Install chartmuseum - copy: - src: "{{ app_data_path }}/downloads/chartmuseum" - dest: "{{ helm_bin_dir }}" - remote_src: true - mode: 0755 - - name: Create storage directory for chartmuseum file: path: "{{ chartmuseum_storage_dir }}" state: directory + mode: 0777 -- name: Run Helm chart repository - shell: "{{ helm_bin_dir }}/chartmuseum --storage local --storage-local-rootdir {{ chartmuseum_storage_dir }} -port {{ chartmuseum_port }} > /dev/null 2>&1 &" - async: 10 - poll: 3 - changed_when: false - -- name: Check Helm chart repository is running - command: pgrep chartmuseum - changed_when: false - register: pgrep_out - failed_when: pgrep_out.rc != 0 +- name: Load chartmuseum server image + docker_image: + name: "{{ chartmuseum_server_image }}" + load_path: "{{ infra_images_path }}/{{ chartmuseum_server_image_tar }}" + state: present + timeout: 120 + notify: Run chartmuseum server container diff --git a/ansible/test/play-infrastructure/molecule/default/prepare.yml b/ansible/test/play-infrastructure/molecule/default/prepare.yml index 86e25b48..634234ac 100644 --- a/ansible/test/play-infrastructure/molecule/default/prepare.yml +++ b/ansible/test/play-infrastructure/molecule/default/prepare.yml @@ -9,12 +9,14 @@ - prepare-nexus - prepare-dns - prepare-firewall + - prepare-chartmuseum vars_files: - vars.yml - ../../../../roles/nginx/defaults/main.yml - ../../../../roles/vncserver/defaults/main.yml - ../../../../roles/nexus/defaults/main.yml - ../../../../roles/dns/defaults/main.yml + - ../../../../roles/chartmuseum/defaults/main.yml - name: Prepare kubernetes hosts: kubernetes diff --git a/ansible/test/play-rke/molecule/default/prepare.yml b/ansible/test/play-rke/molecule/default/prepare.yml index 789a9402..6d810052 100644 --- a/ansible/test/play-rke/molecule/default/prepare.yml +++ b/ansible/test/play-rke/molecule/default/prepare.yml @@ -19,5 +19,3 @@ mode: infra - prepare-kubectl - prepare-helm - - role: prepare-chartmuseum - when: helm_version | regex_search("^v3" ) diff --git a/ansible/test/roles/prepare-chartmuseum/tasks/main.yml b/ansible/test/roles/prepare-chartmuseum/tasks/main.yml index b0bb5d11..a46888e8 100644 --- a/ansible/test/roles/prepare-chartmuseum/tasks/main.yml +++ b/ansible/test/roles/prepare-chartmuseum/tasks/main.yml @@ -1,12 +1,18 @@ --- -- name: "Ensure {{ app_data_path }}/downloads directory exists" +- name: "Create chartmuseum image storage dir" file: - path: "{{ app_data_path }}/downloads" - recurse: true + path: "{{ infra_images_path }}" state: directory + mode: "u+rw,g+wx,o+rwx" + recurse: true + +- name: Download and archive chartmuseum docker image + delegate_to: localhost + docker_image: + name: "{{ chartmuseum_server_image }}" + archive_path: /tmp/chartmuseum.tar -- name: "Download chartmuseum" - get_url: - url: "https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum" - dest: "{{ app_data_path }}/downloads" - remote_src: true +- name: Copy chartmuseum image to node + copy: + src: /tmp/chartmuseum.tar + dest: "{{ infra_images_path }}/{{ chartmuseum_server_image_tar }}" diff --git a/build/data_lists/infra_bin_utils.list b/build/data_lists/infra_bin_utils.list index 614d1c13..3beb2972 100644 --- a/build/data_lists/infra_bin_utils.list +++ b/build/data_lists/infra_bin_utils.list @@ -3,4 +3,3 @@ https://get.helm.sh/helm-v2.16.6-linux-amd64.tar.gz https://get.helm.sh/helm-v3.3.4-linux-amd64.tar.gz https://github.com/chartmuseum/helm-push/releases/download/v0.9.0/helm-push_0.9.0_linux_amd64.tar.gz https://github.com/rancher/rke/releases/download/v1.0.4/rke_linux-amd64 -https://s3.amazonaws.com/chartmuseum/release/latest/bin/linux/amd64/chartmuseum diff --git a/build/data_lists/infra_docker_images.list b/build/data_lists/infra_docker_images.list index 78081cc8..43b2f865 100644 --- a/build/data_lists/infra_docker_images.list +++ b/build/data_lists/infra_docker_images.list @@ -1,3 +1,4 @@ andyshinn/dnsmasq:2.76 consol/ubuntu-icewm-vnc:1.4.0 sonatype/nexus3:3.15.2 +chartmuseum/chartmuseum diff --git a/build/package.py b/build/package.py index 9cd35902..ce603be5 100755 --- a/build/package.py +++ b/build/package.py @@ -246,7 +246,6 @@ def build_offline_deliverables(build_version, bin_pattern_list = ['**/rke_linux-amd64', '**/helm-*-linux-amd64.tar.gz', '**/kubectl', - '**/amd64/chartmuseum', '**/helm-push_*_linux_amd64.tar.gz'] for pattern in bin_pattern_list: -- cgit 1.2.3-korg