diff --git a/tests/ci/README.md b/tests/ci/README.md index 964bc68a10..c9f0615ae9 100644 --- a/tests/ci/README.md +++ b/tests/ci/README.md @@ -16,6 +16,7 @@ This document provides an overview of the CI implementation that has been set up - CPU requests/limit, Memory request/limits and PVC storage are decreased so that RHOBS can be deployed on smaller clusters. - Number of replicas for components is decreased as well in order for the deployment to not be too resource heavy. - Objects names like service accounts, storage classes, secrets are replaced to work with local environment. + - Templates that require external certs are replaced by dummy generated ones. > :bulb: **Note:** These parameters can be edited accordingly and as per the requirement in `.test.ci.env` files. ### Build Process diff --git a/tests/ci/ci_test.sh b/tests/ci/ci_test.sh index 234d22dc42..9512800942 100755 --- a/tests/ci/ci_test.sh +++ b/tests/ci/ci_test.sh @@ -3,7 +3,9 @@ set -euo pipefail ARTIFACT_DIR="${ARTIFACT_DIR:-/tmp/artifacts}" +NS=(minio dex observatorium observatorium-metrics telemeter observatorium-logs observatorium-mst observatorium-tools rhelemeter) check_status() { + echo "checking rollout status of $1 inside $2 namespace" oc rollout status $1 -n $2 --timeout=5m || { must_gather "$ARTIFACT_DIR" exit 1 @@ -17,14 +19,9 @@ prereq() { } ns() { - oc create ns minio || true - oc create ns dex || true - oc create ns observatorium-metrics || true - oc create ns observatorium || true - oc create ns telemeter || true - oc create ns rhelemeter || true - oc create ns observatorium-logs || true - oc create ns observatorium-mst || true + for ns in "${NS[@]}"; do + oc create ns $ns || true + done } minio() { @@ -56,7 +53,7 @@ observatorium_metrics() { } observatorium_tools(){ - oc create ns observatorium-tools || true + oc wait --for=jsonpath='{.status.phase}=Active' namespace/observatorium-tools --timeout=5s oc apply --namespace observatorium-tools -f ../deploy/manifests/observatorium-tools-network-policy.yaml oc process --param-file=env/logging.test.ci.env -f ../../resources/services/meta-monitoring/logging-template.yaml | oc apply --namespace observatorium-tools -f - } @@ -90,12 +87,13 @@ telemeter() { rhelemeter() { oc wait --for=jsonpath='{.status.phase}=Active' namespace/rhelemeter --timeout=5s - oc process -f --param-file=env/rhelemeter.test.ci.env \ - -f ../../resources/services/rhelemeter-template.yaml | \ - oc apply --namespace rhelemeter -f - + oc process -f --param-file=env/rhelemeter.test.ci.env -p RHELEMETER_EXTERNAL_MTLS_CA="$(cat ../deploy/manifests/rhelemeter_certs/ca.crt)" \ + RHELEMETER_EXTERNAL_MTLS_CRT="$(cat ../deploy/manifests/rhelemeter_certs/tls.crt)" RHELEMETER_EXTERNAL_MTLS_KEY="$(cat ../deploy/manifests/rhelemeter_certs/tls.key)" \ + -f ../../resources/services/rhelemeter-template.yaml | oc apply --namespace rhelemeter -f - } observatorium_logs() { + oc wait --for=jsonpath='{.status.phase}=Active' namespace/observatorium-logs --timeout=5s oc apply --namespace observatorium-logs -f ../deploy/manifests/observatorium-logs-secret.yaml oc process --param-file=env/observatorium-logs.test.ci.env -f \ ../../resources/services/observatorium-logs-template.yaml | \ @@ -103,13 +101,13 @@ observatorium_logs() { } run_test() { - for namespace in minio dex observatorium observatorium-metrics observatorium-logs telemeter ; do + for ns in "${NS[@]}" ; do resources=$( - oc get statefulsets -o name -n $namespace - oc get deployments -o name -n $namespace + oc get statefulsets -o name -n $ns + oc get deployments -o name -n $ns ) for res in $resources; do - check_status $res $namespace + check_status $res $ns done done oc apply -n observatorium -f manifests/test-tenant.yaml @@ -133,19 +131,19 @@ run_test() { must_gather() { local artifact_dir="$1" - for namespace in minio dex observatorium observatorium-metrics telemeter; do - mkdir -p "$artifact_dir/$namespace" + for ns in "${NS[@]}"; do + mkdir -p "$artifact_dir/$ns" - for name in $(oc get pods -n "$namespace" -o jsonpath='{.items[*].metadata.name}') ; do - oc -n "$namespace" describe pod "$name" > "$artifact_dir/$namespace/$name.describe" - oc -n "$namespace" get pod "$name" -o yaml > "$artifact_dir/$namespace/$name.yaml" + for name in $(oc get pods -n "$ns" -o jsonpath='{.items[*].metadata.name}') ; do + oc -n "$ns" describe pod "$name" > "$artifact_dir/$ns/$name.describe" + oc -n "$ns" get pod "$name" -o yaml > "$artifact_dir/$ns/$name.yaml" - for initContainer in $(oc -n "$namespace" get pod "$name" -o jsonpath='{.spec.initContainers[*].name}') ; do - oc -n "$namespace" logs "$name" -c "$initContainer" > "$artifact_dir/$namespace/$name-$initContainer.logs" + for initContainer in $(oc -n "$ns" get pod "$name" -o jsonpath='{.spec.initContainers[*].name}') ; do + oc -n "$ns" logs "$name" -c "$initContainer" > "$artifact_dir/$ns/$name-$initContainer.logs" done - for container in $(oc -n "$namespace" get pod "$name" -o jsonpath='{.spec.containers[*].name}') ; do - oc -n "$namespace" logs "$name" -c "$container" > "$artifact_dir/$namespace/$name-$container.logs" + for container in $(oc -n "$ns" get pod "$name" -o jsonpath='{.spec.containers[*].name}') ; do + oc -n "$ns" logs "$name" -c "$container" > "$artifact_dir/$ns/$name-$container.logs" done done done diff --git a/tests/deploy/README.md b/tests/deploy/README.md index 44a9413bce..bfc1c2562a 100644 --- a/tests/deploy/README.md +++ b/tests/deploy/README.md @@ -9,6 +9,7 @@ In addition to replacing external dependencies, this directory also includes fil - The CPU / memory limits / requests are decreased so that RHOBS can be deployed on smaller clusters as well - The number of replicas for components is decreased as well in order for the deployment to not be too resources heavy - Some further object names (e.g. service accounts, images, secrets and storage-class) are replaced to work with local alternatives of the external dependencies +- rhelemeter template that require external certs are replaced by dummy generated ones. These parameter files can be edited accordingly to accomodate your specific testing scenario. diff --git a/tests/deploy/launch.sh b/tests/deploy/launch.sh index fb143b42e0..4da68b01c0 100755 --- a/tests/deploy/launch.sh +++ b/tests/deploy/launch.sh @@ -4,7 +4,6 @@ set -e set -o pipefail -set -x role() { oc apply -f manifests/observatorium-cluster-role.yaml @@ -80,7 +79,9 @@ telemeter() { rhelemeter() { oc create ns rhelemeter || true - oc process --param-file=env/rhelemeter.test.env -f ../../resources/services/rhelemeter-template.yaml | oc apply --namespace rhelemeter -f - + oc process --param-file=env/rhelemeter.test.env -p RHELEMETER_EXTERNAL_MTLS_CA="$(cat manifests/rhelemeter_certs/ca.crt)" \ + RHELEMETER_EXTERNAL_MTLS_CRT="$(cat manifests/rhelemeter_certs/tls.crt)" RHELEMETER_EXTERNAL_MTLS_KEY="$(cat manifests/rhelemeter_certs/tls.key)" \ + -f ../../resources/services/rhelemeter-template.yaml | oc apply --namespace rhelemeter -f - } teardown() { diff --git a/tests/deploy/manifests/rhelemeter_certs/ca.crt b/tests/deploy/manifests/rhelemeter_certs/ca.crt new file mode 100644 index 0000000000..611bc8bdff --- /dev/null +++ b/tests/deploy/manifests/rhelemeter_certs/ca.crt @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE----- +MIIBDzCBtgIJANecoFgWJpRZMAoGCCqGSM49BAMCMA8xDTALBgNVBAMMBHRlc3Qw +IBcNMjMwNzE5MDc0ODM2WhgPMzAwOTAzMTIwNzQ4MzZaMA8xDTALBgNVBAMMBHRl +c3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARYZDE4Kz0ys2KvRo7p3e6/P3Yo +eSkDXJ1DpVWH5+XemuAriGE8pMwij7yTsbmUHHGlnMZNh0Uc+Uiplb5rbeaSMAoG +CCqGSM49BAMCA0gAMEUCIBYKEb0GBppTsRXrVGJqfrzcgqQhpEXWwhg9LQPfiRce +AiEAtpGaoRW5KYA30uNZNabK0U9rfrORYLZhN2ovhpm3+Ko= +-----END CERTIFICATE----- diff --git a/tests/deploy/manifests/rhelemeter_certs/tls.crt b/tests/deploy/manifests/rhelemeter_certs/tls.crt new file mode 100644 index 0000000000..611bc8bdff --- /dev/null +++ b/tests/deploy/manifests/rhelemeter_certs/tls.crt @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE----- +MIIBDzCBtgIJANecoFgWJpRZMAoGCCqGSM49BAMCMA8xDTALBgNVBAMMBHRlc3Qw +IBcNMjMwNzE5MDc0ODM2WhgPMzAwOTAzMTIwNzQ4MzZaMA8xDTALBgNVBAMMBHRl +c3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARYZDE4Kz0ys2KvRo7p3e6/P3Yo +eSkDXJ1DpVWH5+XemuAriGE8pMwij7yTsbmUHHGlnMZNh0Uc+Uiplb5rbeaSMAoG +CCqGSM49BAMCA0gAMEUCIBYKEb0GBppTsRXrVGJqfrzcgqQhpEXWwhg9LQPfiRce +AiEAtpGaoRW5KYA30uNZNabK0U9rfrORYLZhN2ovhpm3+Ko= +-----END CERTIFICATE----- diff --git a/tests/deploy/manifests/rhelemeter_certs/tls.key b/tests/deploy/manifests/rhelemeter_certs/tls.key new file mode 100644 index 0000000000..0bae48a8a9 --- /dev/null +++ b/tests/deploy/manifests/rhelemeter_certs/tls.key @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIO5yfP9d0RcEzTTeM732EWnGEqWYlvu+JaOEpRXYsHaloAoGCCqGSM49 +AwEHoUQDQgAEWGQxOCs9MrNir0aO6d3uvz92KHkpA1ydQ6VVh+fl3prgK4hhPKTM +Io+8k7G5lBxxpZzGTYdFHPlIqZW+a23mkg== +-----END EC PRIVATE KEY-----