From eea549f81563fead9e6a0f6e37bac9d24f7e4f0d Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 09:45:34 -0400 Subject: [PATCH 1/9] Updated KinD cluster version --- .github/workflows/test-and-release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/test-and-release.yml b/.github/workflows/test-and-release.yml index b50b2f4..7a4e03c 100644 --- a/.github/workflows/test-and-release.yml +++ b/.github/workflows/test-and-release.yml @@ -22,9 +22,9 @@ jobs: - name: Kind uses: engineerd/setup-kind@v0.5.0 with: - config: molecule/kind-cluster/files/kind-config.yml - name: osdk-test - version: v0.9.0 + config: molecule/kind/files/kind-config.yml + name: osdk-test-cluster + version: v0.10.0 - name: Prereq setup run: hack/ci-setup.sh - name: Test @@ -40,9 +40,9 @@ jobs: - name: Kind uses: engineerd/setup-kind@v0.5.0 with: - config: molecule/kind-cluster/files/kind-config.yml - name: osdk-test - version: v0.9.0 + config: molecule/kind/files/kind-config.yml + name: osdk-test-namespace + version: v0.10.0 - name: Prereq setup run: hack/ci-setup.sh - name: Test From 00c814e9c2205f593db54db5a23e861d4053c2e9 Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 09:46:31 -0400 Subject: [PATCH 2/9] Simplify kustomize target, use make better --- Makefile | 26 +++++++++++--------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/Makefile b/Makefile index c1637d1..8f8a330 100644 --- a/Makefile +++ b/Makefile @@ -50,11 +50,11 @@ uninstall: kustomize # Deploy controller in the configured Kubernetes cluster in ~/.kube/config deploy: kustomize cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG} - $(KUSTOMIZE) build --load_restrictor none config/${OVERLAY} | kubectl apply -f - + $(KUSTOMIZE) build --load-restrictor LoadRestrictionsNone config/${OVERLAY} | kubectl apply -f - # Undeploy controller in the configured Kubernetes cluster in ~/.kube/config undeploy: kustomize - $(KUSTOMIZE) build --load_restrictor none config/${OVERLAY} | kubectl delete -f - + $(KUSTOMIZE) build --load-restrictor LoadRestrictionsNone config/${OVERLAY} | kubectl delete -f - # Build the docker image docker-build: @@ -69,22 +69,18 @@ SHELL := env PATH=$(PATH) /bin/sh OS := $(shell uname -s | tr '[:upper:]' '[:lower:]') ARCH := $(shell uname -m | sed 's/x86_64/amd64/') -# Download kustomize locally if necessary, preferring the $(pwd)/bin path over global if both exist. -.PHONY: kustomize +# Download kustomize locally KUSTOMIZE = $(shell pwd)/bin/kustomize -kustomize: -ifeq (,$(wildcard $(KUSTOMIZE))) -ifeq (,$(shell which kustomize 2>/dev/null)) +bin/kustomize: @{ \ - set -e ;\ - mkdir -p $(dir $(KUSTOMIZE)) ;\ - curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v3.5.4/kustomize_v3.5.4_$(OS)_$(ARCH).tar.gz | \ - tar xzf - -C bin/ ;\ + set -e ;\ + mkdir -p $(dir $(KUSTOMIZE)) ;\ + curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.0.5/kustomize_v4.0.5_$(OS)_$(ARCH).tar.gz | \ + tar xzf - -C $(dir $(KUSTOMIZE)) ;\ } -else -KUSTOMIZE = $(shell which kustomize) -endif -endif + +.PHONY: kustomize +kustomize: bin/kustomize # Download ansible-operator locally if necessary, preferring the $(pwd)/bin path over global if both exist. .PHONY: ansible-operator From e1cb1da7dc83329fc68eeb508195eeed2aaba690 Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 10:05:55 -0400 Subject: [PATCH 3/9] Changed requirements and kustomize installation --- Dockerfile | 5 +++-- hack/ci-setup.sh | 9 +++------ hack/ci-test.sh | 2 ++ hack/operate.sh | 2 +- molecule/default/kustomize.yml | 4 ++-- requirements.yml | 5 ----- requirements/requirements.txt | 1 + requirements/requirements.yml | 6 ++++++ requirements/test-requirements.txt | 7 +++++++ 9 files changed, 25 insertions(+), 16 deletions(-) delete mode 100644 requirements.yml create mode 100644 requirements/requirements.txt create mode 100644 requirements/requirements.yml create mode 100644 requirements/test-requirements.txt diff --git a/Dockerfile b/Dockerfile index c6d2d96..2c7859e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,8 @@ FROM quay.io/operator-framework/ansible-operator:v1.4.2 -COPY requirements.yml ${HOME}/requirements.yml -RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ +COPY requirements ${HOME} +RUN pip3 install --user --upgrade -r ${HOME}/requirements.txt \ + && ansible-galaxy collection install -r ${HOME}/requirements.yml \ && chmod -R ug+rwx ${HOME}/.ansible COPY watches.yaml ${HOME}/watches.yaml diff --git a/hack/ci-setup.sh b/hack/ci-setup.sh index e61cf51..a0b5ef7 100755 --- a/hack/ci-setup.sh +++ b/hack/ci-setup.sh @@ -10,14 +10,11 @@ export KUBECONFIG=$HOME/.kube/config pip3 install --user --upgrade setuptools wheel pip # Dependencies for test environment -pip3 install --user docker==4.2.2 ansible molecule ansible-lint yamllint flake8 openshift jmespath +pip3 install --user -r requirements/test-requirements.txt # Ansible dependencies -ansible-galaxy collection install -r requirements.yml - -# Kind CLI (for loading images into cluster) -curl -Lo $HOME/.local/bin/kind https://kind.sigs.k8s.io/dl/v0.9.0/kind-linux-amd64 -chmod +x $HOME/.local/bin/kind +pip3 install --user --upgrade -r requirements/requirements.txt +ansible-galaxy collection install -r requirements/requirements.yml # Helm CLI (for loading Ingress) curl -Lo $HOME/helm.tgz https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz diff --git a/hack/ci-test.sh b/hack/ci-test.sh index a607858..2f78f09 100755 --- a/hack/ci-test.sh +++ b/hack/ci-test.sh @@ -6,5 +6,7 @@ export PATH="$HOME/.local/bin:$PATH" export OPERATORDIR="$(pwd)" make kustomize [ -f ./bin/kustomize ] && export KUSTOMIZE_PATH="$(realpath ./bin/kustomize)" || export KUSTOMIZE_PATH="$(which kustomize)" +kustomize version ||: +./bin/kustomize version TEST_OPERATOR_NAMESPACE=default molecule test -s $1 diff --git a/hack/operate.sh b/hack/operate.sh index 6c5a6bf..9dcf979 100755 --- a/hack/operate.sh +++ b/hack/operate.sh @@ -435,7 +435,7 @@ function publish_bundle() { error_run "Adding namespaced Role to kustomization" 'kustomize edit add resource namespaced/role.yaml' || return 1 error_run "Adding namespaced RoleBinding to kustomization" 'kustomize edit add resource namespaced/role_binding.yaml' || return 1 popd &>/dev/null - error_run "Building bundle manifests" 'kustomize build --load_restrictor none config/manifests | operator-sdk generate bundle --overwrite --version $VERSION --channels "$CHANNELS"' || return 1 + error_run "Building bundle manifests" 'kustomize build --load-restrictor LoadRestrictionsNone config/manifests | operator-sdk generate bundle --overwrite --version $VERSION --channels "$CHANNELS"' || return 1 error_run "Validating bundle" operator-sdk bundle validate ./bundle || return 1 error_run "Building bundle image" docker build -f bundle.Dockerfile -t "$IMG-bundle:$VERSION" . || return 1 if [ -z "$DEVELOP" ]; then diff --git a/molecule/default/kustomize.yml b/molecule/default/kustomize.yml index 44c650e..4cac561 100644 --- a/molecule/default/kustomize.yml +++ b/molecule/default/kustomize.yml @@ -1,7 +1,7 @@ --- - name: Build kustomize testing overlay - # load_restrictor must be set to none so we can load patch files from the default overlay - command: '{{ kustomize }} build --load_restrictor none .' + # load-restrictor must be set to none so we can load patch files from the default overlay + command: '{{ kustomize }} build --load-restrictor LoadRestrictionsNone .' args: chdir: '{{ config_dir }}/testing/{{ scope|default("cluster") }}_scope' register: resources diff --git a/requirements.yml b/requirements.yml deleted file mode 100644 index 8a661f8..0000000 --- a/requirements.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -collections: - - name: community.kubernetes - version: "<1.0.0" - - operator_sdk.util diff --git a/requirements/requirements.txt b/requirements/requirements.txt new file mode 100644 index 0000000..ed68a47 --- /dev/null +++ b/requirements/requirements.txt @@ -0,0 +1 @@ +openshift==0.11.2 diff --git a/requirements/requirements.yml b/requirements/requirements.yml new file mode 100644 index 0000000..da7a4d8 --- /dev/null +++ b/requirements/requirements.yml @@ -0,0 +1,6 @@ +--- +collections: + - name: community.kubernetes + version: 1.2.0 + - name: operator_sdk.util + version: 0.1.0 diff --git a/requirements/test-requirements.txt b/requirements/test-requirements.txt new file mode 100644 index 0000000..719b2bd --- /dev/null +++ b/requirements/test-requirements.txt @@ -0,0 +1,7 @@ +docker==4.2.2 +ansible==2.9.15 # aligns with operator-sdk version +molecule>=3.3,<3.4 +ansible-lint>=5.0,<6.0 +yamllint>=1.26,<2.0 +flake8>=3.9,<4.0 +jmespath>=0.10,<0.11 From 3e2c6875595f50161317e2fd95907ea164275b18 Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 10:07:28 -0400 Subject: [PATCH 4/9] Restructured molecule tests Changed outputs, restructured imports, and broke variable definitions down a bit further --- molecule/default/tasks/gitea_test.yml | 5 ++++- molecule/default/verify.yml | 15 ++++++++++----- molecule/kind-cluster/molecule.yml | 3 +++ molecule/kind-namespace/molecule.yml | 6 +++--- molecule/{kind-cluster => kind}/converge.yml | 2 +- molecule/{kind-cluster => kind}/create.yml | 2 +- molecule/{kind-cluster => kind}/destroy.yml | 0 .../{kind-cluster => kind}/files/kind-config.yml | 0 8 files changed, 22 insertions(+), 11 deletions(-) rename molecule/{kind-cluster => kind}/converge.yml (84%) rename molecule/{kind-cluster => kind}/create.yml (80%) rename molecule/{kind-cluster => kind}/destroy.yml (100%) rename molecule/{kind-cluster => kind}/files/kind-config.yml (100%) diff --git a/molecule/default/tasks/gitea_test.yml b/molecule/default/tasks/gitea_test.yml index 179a7c9..b7bedd5 100644 --- a/molecule/default/tasks/gitea_test.yml +++ b/molecule/default/tasks/gitea_test.yml @@ -109,7 +109,10 @@ - name: Verify that Gitea failed to be created from the CR when appropriate assert: - that: namespace_modded_cr.resources[0].status is not defined == (scope == "namespace") + that: namespace_modded_success == namespace_modded_expected + vars: + namespace_modded_success: '{{ namespace_modded_cr.resources[0].status is defined }}' + namespace_modded_expected: '{{ scope == "cluster" }}' # TODO: # - Validate Gitea can be used diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index a9f6ea3..3affe7e 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -31,21 +31,24 @@ - api_version: v1 kind: ConfigMap register: debug_resources + ignore_errors: true - name: Retrieve controller Pod logs k8s_log: - name: '{{ item.metadata.name }}' namespace: '{{ namespace }}' + label_selectors: + - '{{ ctrl_label }}' container: manager - loop: "{{ q('k8s', api_version='v1', kind='Pod', namespace=namespace, label_selector=ctrl_label) }}" register: debug_controller_logs + ignore_errors: true - name: Retrieve application Pod logs k8s_log: - name: '{{ item.metadata.name }}' namespace: '{{ namespace }}' - loop: "{{ q('k8s', api_version='v1', kind='Pod', namespace=namespace, label_selector='app=gitea-testing') }}" + label_selectors: + - app=gitea-testing register: debug_app_logs + ignore_errors: true - name: Output gathered resources debug: @@ -54,7 +57,9 @@ - name: Output gathered logs debug: var: item.log_lines - loop: '{{ debug_controller_logs.results + debug_app_logs.results }}' + loop: + - debug_controller_logs + - debug_app_logs - name: Re-emit failure vars: diff --git a/molecule/kind-cluster/molecule.yml b/molecule/kind-cluster/molecule.yml index 990decf..6b453d9 100644 --- a/molecule/kind-cluster/molecule.yml +++ b/molecule/kind-cluster/molecule.yml @@ -13,8 +13,11 @@ platforms: provisioner: name: ansible playbooks: + create: ../kind/create.yml prepare: ../default/prepare.yml + converge: ../kind/converge.yml verify: ../default/verify.yml + destroy: ../kind/destroy.yml lint: | set -e ansible-lint diff --git a/molecule/kind-namespace/molecule.yml b/molecule/kind-namespace/molecule.yml index d4163f9..404fc46 100644 --- a/molecule/kind-namespace/molecule.yml +++ b/molecule/kind-namespace/molecule.yml @@ -13,11 +13,11 @@ platforms: provisioner: name: ansible playbooks: - create: ../kind-cluster/create.yml + create: ../kind/create.yml prepare: ../default/prepare.yml - converge: ../kind-cluster/converge.yml + converge: ../kind/converge.yml verify: ../default/verify.yml - destroy: ../kind-cluster/destroy.yml + destroy: ../kind/destroy.yml lint: | set -e ansible-lint diff --git a/molecule/kind-cluster/converge.yml b/molecule/kind/converge.yml similarity index 84% rename from molecule/kind-cluster/converge.yml rename to molecule/kind/converge.yml index 8bd5700..ef188f5 100644 --- a/molecule/kind-cluster/converge.yml +++ b/molecule/kind/converge.yml @@ -17,7 +17,7 @@ force_source: yes - name: Load image into kind cluster - command: kind load docker-image --name osdk-test '{{ operator_image }}' + command: kind load docker-image --name osdk-test-{{ scope }} '{{ operator_image }}' register: result changed_when: '"not yet present" in result.stdout' diff --git a/molecule/kind-cluster/create.yml b/molecule/kind/create.yml similarity index 80% rename from molecule/kind-cluster/create.yml rename to molecule/kind/create.yml index 78c728a..d060380 100644 --- a/molecule/kind-cluster/create.yml +++ b/molecule/kind/create.yml @@ -6,6 +6,6 @@ tasks: - name: Install nginx Ingress onto kind command: > - helm install kind-ingress stable/nginx-ingress + helm install kind-ingress ingress-nginx/ingress-nginx --set controller.service.type=NodePort --set controller.service.nodePorts.http=30080 diff --git a/molecule/kind-cluster/destroy.yml b/molecule/kind/destroy.yml similarity index 100% rename from molecule/kind-cluster/destroy.yml rename to molecule/kind/destroy.yml diff --git a/molecule/kind-cluster/files/kind-config.yml b/molecule/kind/files/kind-config.yml similarity index 100% rename from molecule/kind-cluster/files/kind-config.yml rename to molecule/kind/files/kind-config.yml From c3796de328b142143815ac7cd942a04e858d14ec Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 10:08:51 -0400 Subject: [PATCH 5/9] Provide ability to pin OSDK, pin to same version as scaffold --- hack/operate.conf | 1 + hack/operate.sh | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/hack/operate.conf b/hack/operate.conf index b512ad2..758716b 100644 --- a/hack/operate.conf +++ b/hack/operate.conf @@ -3,3 +3,4 @@ KIND=Gitea CR_SAMPLE=redhatgov_v1alpha1_gitea_openshift.yaml VERSION=0.0.6 CHANNELS=alpha +OSDK_VERSION=1.4.2 diff --git a/hack/operate.sh b/hack/operate.sh index 9dcf979..1e16910 100755 --- a/hack/operate.sh +++ b/hack/operate.sh @@ -200,6 +200,7 @@ VERSION= CHANNELS= DEVLEOP= BUNDLE= +OSDK_VERSION=latest EXTRA_TAGS=() # Load the configuration @@ -312,7 +313,7 @@ function update_components() { else error_run "Updating the Operator SDK manager" 'pip3 install --user --upgrade -r "$SCRIPT_ROOT/requirements.txt"' || return 1 fi - error_run "Updating the Operator SDK" 'sdk_version=$(osdk-manager osdk update --no-verify -vvvv | cut -d" " -f 3)' || return 1 + error_run "Updating the Operator SDK" 'sdk_version=$(osdk-manager osdk update --version $OSDK_VERSION -vvvv | cut -d" " -f 3)' || return 1 fi components_updated=true } From acce12ce5ae47ef7718145c354b44a3c5540010f Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 10:09:11 -0400 Subject: [PATCH 6/9] Added some more debugging output to ci-setup --- hack/ci-setup.sh | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/hack/ci-setup.sh b/hack/ci-setup.sh index a0b5ef7..81c7ad7 100755 --- a/hack/ci-setup.sh +++ b/hack/ci-setup.sh @@ -1,10 +1,22 @@ #!/bin/bash -ex # Installs dependencies needed to run the tests in CI environment +function ll { + ls -halF "${@}" +} mkdir -p $HOME/.local/bin export PATH="$HOME/.local/bin:$PATH" -export KUBECONFIG=$HOME/.kube/config +export KUBECONFIG=${KUBECONFIG:-$HOME/.kube/config} +echo $KUBECONFIG +ll $HOME/.kube +kubectl config current-context +kind version +clusters=$(kind get clusters) +for cluster in $clusters; do + kind get nodes --name $cluster + kind get kubeconfig --name $cluster +done # Basic pip prereqs pip3 install --user --upgrade setuptools wheel pip From 7933b63109891e8e618cae475c6e8ef84ac34094 Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 10:09:33 -0400 Subject: [PATCH 7/9] Shift to stable ingress --- hack/ci-setup.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hack/ci-setup.sh b/hack/ci-setup.sh index 81c7ad7..7561b18 100755 --- a/hack/ci-setup.sh +++ b/hack/ci-setup.sh @@ -31,4 +31,5 @@ ansible-galaxy collection install -r requirements/requirements.yml # Helm CLI (for loading Ingress) curl -Lo $HOME/helm.tgz https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz tar xvzf $HOME/helm.tgz -C $HOME/.local/bin --strip-components 1 linux-amd64/helm -helm repo add stable https://charts.helm.sh/stable +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update From 5e809f1e9e3911234e968f55accf9fd00769d0ce Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 10:09:49 -0400 Subject: [PATCH 8/9] Expose ingress class --- roles/gitea-ocp/defaults/main.yml | 1 + roles/gitea-ocp/templates/Ingress.yml.j2 | 2 ++ 2 files changed, 3 insertions(+) diff --git a/roles/gitea-ocp/defaults/main.yml b/roles/gitea-ocp/defaults/main.yml index c66b250..846d9a8 100644 --- a/roles/gitea-ocp/defaults/main.yml +++ b/roles/gitea-ocp/defaults/main.yml @@ -29,5 +29,6 @@ _gitea_expose_method: Route _gitea_expose_uri: "" _gitea_route: "{{ _gitea_expose_uri }}" _gitea_ssl: true +_gitea_ingress_class: nginx _gitea_trust_bundle_configmap: '' diff --git a/roles/gitea-ocp/templates/Ingress.yml.j2 b/roles/gitea-ocp/templates/Ingress.yml.j2 index 70e8ba7..864a36c 100644 --- a/roles/gitea-ocp/templates/Ingress.yml.j2 +++ b/roles/gitea-ocp/templates/Ingress.yml.j2 @@ -5,6 +5,8 @@ metadata: namespace: "{{ _gitea_namespace }}" labels: app: "{{ _gitea_name }}" + annotations: + kubernetes.io/ingress.class: {{ _gitea_ingress_class }} spec: {% if _gitea_ssl|bool %} tls: From 42363dff149cbb5d8da9a56e701cc05715bc38e0 Mon Sep 17 00:00:00 2001 From: James Harmison Date: Fri, 9 Apr 2021 11:32:36 -0400 Subject: [PATCH 9/9] Pin requests version higher to try to get past CI warnings --- requirements/test-requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements/test-requirements.txt b/requirements/test-requirements.txt index 719b2bd..590052e 100644 --- a/requirements/test-requirements.txt +++ b/requirements/test-requirements.txt @@ -1,5 +1,6 @@ docker==4.2.2 ansible==2.9.15 # aligns with operator-sdk version +requests>=2.25,<2.26 molecule>=3.3,<3.4 ansible-lint>=5.0,<6.0 yamllint>=1.26,<2.0