diff --git a/.github/workflows/test-and-release.yml b/.github/workflows/test-and-release.yml index b50b2f4..7a4e03c 100644 --- a/.github/workflows/test-and-release.yml +++ b/.github/workflows/test-and-release.yml @@ -22,9 +22,9 @@ jobs: - name: Kind uses: engineerd/setup-kind@v0.5.0 with: - config: molecule/kind-cluster/files/kind-config.yml - name: osdk-test - version: v0.9.0 + config: molecule/kind/files/kind-config.yml + name: osdk-test-cluster + version: v0.10.0 - name: Prereq setup run: hack/ci-setup.sh - name: Test @@ -40,9 +40,9 @@ jobs: - name: Kind uses: engineerd/setup-kind@v0.5.0 with: - config: molecule/kind-cluster/files/kind-config.yml - name: osdk-test - version: v0.9.0 + config: molecule/kind/files/kind-config.yml + name: osdk-test-namespace + version: v0.10.0 - name: Prereq setup run: hack/ci-setup.sh - name: Test diff --git a/Dockerfile b/Dockerfile index c6d2d96..2c7859e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,8 @@ FROM quay.io/operator-framework/ansible-operator:v1.4.2 -COPY requirements.yml ${HOME}/requirements.yml -RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ +COPY requirements ${HOME} +RUN pip3 install --user --upgrade -r ${HOME}/requirements.txt \ + && ansible-galaxy collection install -r ${HOME}/requirements.yml \ && chmod -R ug+rwx ${HOME}/.ansible COPY watches.yaml ${HOME}/watches.yaml diff --git a/Makefile b/Makefile index c1637d1..8f8a330 100644 --- a/Makefile +++ b/Makefile @@ -50,11 +50,11 @@ uninstall: kustomize # Deploy controller in the configured Kubernetes cluster in ~/.kube/config deploy: kustomize cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} - $(KUSTOMIZE) build --load_restrictor none config/${OVERLAY} | kubectl apply -f - + $(KUSTOMIZE) build --load-restrictor LoadRestrictionsNone config/${OVERLAY} | kubectl apply -f - # Undeploy controller in the configured Kubernetes cluster in ~/.kube/config undeploy: kustomize - $(KUSTOMIZE) build --load_restrictor none config/${OVERLAY} | kubectl delete -f - + $(KUSTOMIZE) build --load-restrictor LoadRestrictionsNone config/${OVERLAY} | kubectl delete -f - # Build the docker image docker-build: @@ -69,22 +69,18 @@ SHELL := env PATH=$(PATH) /bin/sh OS := $(shell uname -s | tr '[:upper:]' '[:lower:]') ARCH := $(shell uname -m | sed 's/x86_64/amd64/') -# Download kustomize locally if necessary, preferring the $(pwd)/bin path over global if both exist. -.PHONY: kustomize +# Download kustomize locally KUSTOMIZE = $(shell pwd)/bin/kustomize -kustomize: -ifeq (,$(wildcard $(KUSTOMIZE))) -ifeq (,$(shell which kustomize 2>/dev/null)) +bin/kustomize: @{ \ - set -e ;\ - mkdir -p $(dir $(KUSTOMIZE)) ;\ - curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.5.4/kustomize_v3.5.4_$(OS)_$(ARCH).tar.gz | \ - tar xzf - -C bin/ ;\ + set -e ;\ + mkdir -p $(dir $(KUSTOMIZE)) ;\ + curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.0.5/kustomize_v4.0.5_$(OS)_$(ARCH).tar.gz | \ + tar xzf - -C $(dir $(KUSTOMIZE)) ;\ } -else -KUSTOMIZE = $(shell which kustomize) -endif -endif + +.PHONY: kustomize +kustomize: bin/kustomize # Download ansible-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist. .PHONY: ansible-operator diff --git a/hack/ci-setup.sh b/hack/ci-setup.sh index e61cf51..7561b18 100755 --- a/hack/ci-setup.sh +++ b/hack/ci-setup.sh @@ -1,25 +1,35 @@ #!/bin/bash -ex # Installs dependencies needed to run the tests in CI environment +function ll { + ls -halF "${@}" +} mkdir -p $HOME/.local/bin export PATH="$HOME/.local/bin:$PATH" -export KUBECONFIG=$HOME/.kube/config +export KUBECONFIG=${KUBECONFIG:-$HOME/.kube/config} +echo $KUBECONFIG +ll $HOME/.kube +kubectl config current-context +kind version +clusters=$(kind get clusters) +for cluster in $clusters; do + kind get nodes --name $cluster + kind get kubeconfig --name $cluster +done # Basic pip prereqs pip3 install --user --upgrade setuptools wheel pip # Dependencies for test environment -pip3 install --user docker==4.2.2 ansible molecule ansible-lint yamllint flake8 openshift jmespath +pip3 install --user -r requirements/test-requirements.txt # Ansible dependencies -ansible-galaxy collection install -r requirements.yml - -# Kind CLI (for loading images into cluster) -curl -Lo $HOME/.local/bin/kind https://kind.sigs.k8s.io/dl/v0.9.0/kind-linux-amd64 -chmod +x $HOME/.local/bin/kind +pip3 install --user --upgrade -r requirements/requirements.txt +ansible-galaxy collection install -r requirements/requirements.yml # Helm CLI (for loading Ingress) curl -Lo $HOME/helm.tgz https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz tar xvzf $HOME/helm.tgz -C $HOME/.local/bin --strip-components 1 linux-amd64/helm -helm repo add stable https://charts.helm.sh/stable +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update diff --git a/hack/ci-test.sh b/hack/ci-test.sh index a607858..2f78f09 100755 --- a/hack/ci-test.sh +++ b/hack/ci-test.sh @@ -6,5 +6,7 @@ export PATH="$HOME/.local/bin:$PATH" export OPERATORDIR="$(pwd)" make kustomize [ -f ./bin/kustomize ] && export KUSTOMIZE_PATH="$(realpath ./bin/kustomize)" || export KUSTOMIZE_PATH="$(which kustomize)" +kustomize version ||: +./bin/kustomize version TEST_OPERATOR_NAMESPACE=default molecule test -s $1 diff --git a/hack/operate.conf b/hack/operate.conf index b512ad2..758716b 100644 --- a/hack/operate.conf +++ b/hack/operate.conf @@ -3,3 +3,4 @@ KIND=Gitea CR_SAMPLE=redhatgov_v1alpha1_gitea_openshift.yaml VERSION=0.0.6 CHANNELS=alpha +OSDK_VERSION=1.4.2 diff --git a/hack/operate.sh b/hack/operate.sh index 6c5a6bf..1e16910 100755 --- a/hack/operate.sh +++ b/hack/operate.sh @@ -200,6 +200,7 @@ VERSION= CHANNELS= DEVLEOP= BUNDLE= +OSDK_VERSION=latest EXTRA_TAGS=() # Load the configuration @@ -312,7 +313,7 @@ function update_components() { else error_run "Updating the Operator SDK manager" 'pip3 install --user --upgrade -r "$SCRIPT_ROOT/requirements.txt"' || return 1 fi - error_run "Updating the Operator SDK" 'sdk_version=$(osdk-manager osdk update --no-verify -vvvv | cut -d" " -f 3)' || return 1 + error_run "Updating the Operator SDK" 'sdk_version=$(osdk-manager osdk update --version $OSDK_VERSION -vvvv | cut -d" " -f 3)' || return 1 fi components_updated=true } @@ -435,7 +436,7 @@ function publish_bundle() { error_run "Adding namespaced Role to kustomization" 'kustomize edit add resource namespaced/role.yaml' || return 1 error_run "Adding namespaced RoleBinding to kustomization" 'kustomize edit add resource namespaced/role_binding.yaml' || return 1 popd &>/dev/null - error_run "Building bundle manifests" 'kustomize build --load_restrictor none config/manifests | operator-sdk generate bundle --overwrite --version $VERSION --channels "$CHANNELS"' || return 1 + error_run "Building bundle manifests" 'kustomize build --load-restrictor LoadRestrictionsNone config/manifests | operator-sdk generate bundle --overwrite --version $VERSION --channels "$CHANNELS"' || return 1 error_run "Validating bundle" operator-sdk bundle validate ./bundle || return 1 error_run "Building bundle image" docker build -f bundle.Dockerfile -t "$IMG-bundle:$VERSION" . || return 1 if [ -z "$DEVELOP" ]; then diff --git a/molecule/default/kustomize.yml b/molecule/default/kustomize.yml index 44c650e..4cac561 100644 --- a/molecule/default/kustomize.yml +++ b/molecule/default/kustomize.yml @@ -1,7 +1,7 @@ --- - name: Build kustomize testing overlay - # load_restrictor must be set to none so we can load patch files from the default overlay - command: '{{ kustomize }} build --load_restrictor none .' + # load-restrictor must be set to none so we can load patch files from the default overlay + command: '{{ kustomize }} build --load-restrictor LoadRestrictionsNone .' args: chdir: '{{ config_dir }}/testing/{{ scope|default("cluster") }}_scope' register: resources diff --git a/molecule/default/tasks/gitea_test.yml b/molecule/default/tasks/gitea_test.yml index 179a7c9..b7bedd5 100644 --- a/molecule/default/tasks/gitea_test.yml +++ b/molecule/default/tasks/gitea_test.yml @@ -109,7 +109,10 @@ - name: Verify that Gitea failed to be created from the CR when appropriate assert: - that: namespace_modded_cr.resources[0].status is not defined == (scope == "namespace") + that: namespace_modded_success == namespace_modded_expected + vars: + namespace_modded_success: '{{ namespace_modded_cr.resources[0].status is defined }}' + namespace_modded_expected: '{{ scope == "cluster" }}' # TODO: # - Validate Gitea can be used diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index a9f6ea3..3affe7e 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -31,21 +31,24 @@ - api_version: v1 kind: ConfigMap register: debug_resources + ignore_errors: true - name: Retrieve controller Pod logs k8s_log: - name: '{{ item.metadata.name }}' namespace: '{{ namespace }}' + label_selectors: + - '{{ ctrl_label }}' container: manager - loop: "{{ q('k8s', api_version='v1', kind='Pod', namespace=namespace, label_selector=ctrl_label) }}" register: debug_controller_logs + ignore_errors: true - name: Retrieve application Pod logs k8s_log: - name: '{{ item.metadata.name }}' namespace: '{{ namespace }}' - loop: "{{ q('k8s', api_version='v1', kind='Pod', namespace=namespace, label_selector='app=gitea-testing') }}" + label_selectors: + - app=gitea-testing register: debug_app_logs + ignore_errors: true - name: Output gathered resources debug: @@ -54,7 +57,9 @@ - name: Output gathered logs debug: var: item.log_lines - loop: '{{ debug_controller_logs.results + debug_app_logs.results }}' + loop: + - debug_controller_logs + - debug_app_logs - name: Re-emit failure vars: diff --git a/molecule/kind-cluster/molecule.yml b/molecule/kind-cluster/molecule.yml index 990decf..6b453d9 100644 --- a/molecule/kind-cluster/molecule.yml +++ b/molecule/kind-cluster/molecule.yml @@ -13,8 +13,11 @@ platforms: provisioner: name: ansible playbooks: + create: ../kind/create.yml prepare: ../default/prepare.yml + converge: ../kind/converge.yml verify: ../default/verify.yml + destroy: ../kind/destroy.yml lint: | set -e ansible-lint diff --git a/molecule/kind-namespace/molecule.yml b/molecule/kind-namespace/molecule.yml index d4163f9..404fc46 100644 --- a/molecule/kind-namespace/molecule.yml +++ b/molecule/kind-namespace/molecule.yml @@ -13,11 +13,11 @@ platforms: provisioner: name: ansible playbooks: - create: ../kind-cluster/create.yml + create: ../kind/create.yml prepare: ../default/prepare.yml - converge: ../kind-cluster/converge.yml + converge: ../kind/converge.yml verify: ../default/verify.yml - destroy: ../kind-cluster/destroy.yml + destroy: ../kind/destroy.yml lint: | set -e ansible-lint diff --git a/molecule/kind-cluster/converge.yml b/molecule/kind/converge.yml similarity index 84% rename from molecule/kind-cluster/converge.yml rename to molecule/kind/converge.yml index 8bd5700..ef188f5 100644 --- a/molecule/kind-cluster/converge.yml +++ b/molecule/kind/converge.yml @@ -17,7 +17,7 @@ force_source: yes - name: Load image into kind cluster - command: kind load docker-image --name osdk-test '{{ operator_image }}' + command: kind load docker-image --name osdk-test-{{ scope }} '{{ operator_image }}' register: result changed_when: '"not yet present" in result.stdout' diff --git a/molecule/kind-cluster/create.yml b/molecule/kind/create.yml similarity index 80% rename from molecule/kind-cluster/create.yml rename to molecule/kind/create.yml index 78c728a..d060380 100644 --- a/molecule/kind-cluster/create.yml +++ b/molecule/kind/create.yml @@ -6,6 +6,6 @@ tasks: - name: Install nginx Ingress onto kind command: > - helm install kind-ingress stable/nginx-ingress + helm install kind-ingress ingress-nginx/ingress-nginx --set controller.service.type=NodePort --set controller.service.nodePorts.http=30080 diff --git a/molecule/kind-cluster/destroy.yml b/molecule/kind/destroy.yml similarity index 100% rename from molecule/kind-cluster/destroy.yml rename to molecule/kind/destroy.yml diff --git a/molecule/kind-cluster/files/kind-config.yml b/molecule/kind/files/kind-config.yml similarity index 100% rename from molecule/kind-cluster/files/kind-config.yml rename to molecule/kind/files/kind-config.yml diff --git a/requirements.yml b/requirements.yml deleted file mode 100644 index 8a661f8..0000000 --- a/requirements.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -collections: - - name: community.kubernetes - version: "<1.0.0" - - operator_sdk.util diff --git a/requirements/requirements.txt b/requirements/requirements.txt new file mode 100644 index 0000000..ed68a47 --- /dev/null +++ b/requirements/requirements.txt @@ -0,0 +1 @@ +openshift==0.11.2 diff --git a/requirements/requirements.yml b/requirements/requirements.yml new file mode 100644 index 0000000..da7a4d8 --- /dev/null +++ b/requirements/requirements.yml @@ -0,0 +1,6 @@ +--- +collections: + - name: community.kubernetes + version: 1.2.0 + - name: operator_sdk.util + version: 0.1.0 diff --git a/requirements/test-requirements.txt b/requirements/test-requirements.txt new file mode 100644 index 0000000..590052e --- /dev/null +++ b/requirements/test-requirements.txt @@ -0,0 +1,8 @@ +docker==4.2.2 +ansible==2.9.15 # aligns with operator-sdk version +requests>=2.25,<2.26 +molecule>=3.3,<3.4 +ansible-lint>=5.0,<6.0 +yamllint>=1.26,<2.0 +flake8>=3.9,<4.0 +jmespath>=0.10,<0.11 diff --git a/roles/gitea-ocp/defaults/main.yml b/roles/gitea-ocp/defaults/main.yml index c66b250..846d9a8 100644 --- a/roles/gitea-ocp/defaults/main.yml +++ b/roles/gitea-ocp/defaults/main.yml @@ -29,5 +29,6 @@ _gitea_expose_method: Route _gitea_expose_uri: "" _gitea_route: "{{ _gitea_expose_uri }}" _gitea_ssl: true +_gitea_ingress_class: nginx _gitea_trust_bundle_configmap: '' diff --git a/roles/gitea-ocp/templates/Ingress.yml.j2 b/roles/gitea-ocp/templates/Ingress.yml.j2 index 70e8ba7..864a36c 100644 --- a/roles/gitea-ocp/templates/Ingress.yml.j2 +++ b/roles/gitea-ocp/templates/Ingress.yml.j2 @@ -5,6 +5,8 @@ metadata: namespace: "{{ _gitea_namespace }}" labels: app: "{{ _gitea_name }}" + annotations: + kubernetes.io/ingress.class: {{ _gitea_ingress_class }} spec: {% if _gitea_ssl|bool %} tls: