Created
July 16, 2019 19:16
-
-
Save nickboldt/b1d01151a32ec0581d5eba0701194cbb to your computer and use it in GitHub Desktop.
pre-release-installation-test-against-OCP4.x-with-OS-oauth-CRW-202 Jenkins config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set -x | |
OPENSHIFT_URL=************ | |
CHE_OPENSHIFT_PROJECT="j$(echo ${JOB_NAME} | md5sum | tr -d "[:punct:][:space:]")-${BUILD_NUMBER}b" | |
CRW_HOST=codeready-${CHE_OPENSHIFT_PROJECT}.apps.crw.codereadyqe.com | |
OPENSHIFT_USERNAME=******* | |
OPENSHIFT_PASSWORD="**********" | |
QUAY_USER="nickboldt" | |
QUAY_REGISTRY="quay.io/nickboldt" | |
QUAY_TOKEN="***********" | |
# tags | |
OP_IMAGE_TAG=1.2-17 | |
SERV_IMAGE_TAG=1.2-44 | |
# images to use for testing CRW-202 | |
OP_PATCH_IMAGE="${QUAY_REGISTRY}/server-operator-rhel8:KEYCLOAK-10169_5" | |
SSO_PATCH_IMAGE="${QUAY_REGISTRY}/sso73-openshift:KEYCLOAK-10169_5" | |
# oc run params, no -t | |
export JENKINS_BUILD=true | |
# setup mvn command | |
export PATH=/qa/tools/opt/apache-maven-3.5.4/bin:$PATH | |
# clean docker containers | |
psaq="$(docker ps -aq)" && if [[ ${psaq} ]]; then docker rm -f ${psaq}; fi | |
download_oc_and_login() { | |
echo "======= download OpenShift CLI client =======" | |
cd /tmp | |
if [[ $1 == "oc4" ]]; then | |
wget -q -O oc4.tar.gz https://mirror.openshift.com/pub/openshift-v4/clients/ocp/4.1.0/openshift-client-linux-4.1.0.tar.gz | |
tar -x -f ${1}.tar.gz "oc" | |
else | |
wget -q -O oc3.tar.gz https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz | |
tar -x --strip=1 -f ${1}.tar.gz "*/oc" | |
fi | |
/tmp/oc version | |
export PATH=/tmp:$PATH | |
cd ${WORKSPACE} | |
/tmp/oc login --server=${OPENSHIFT_URL} -u=${OPENSHIFT_USERNAME} -p=${OPENSHIFT_PASSWORD} --insecure-skip-tls-verify | |
} | |
waitForDeployment() | |
{ | |
deploymentName=$1 | |
DEPLOYMENT_TIMEOUT_SEC=300 | |
POLLING_INTERVAL_SEC=5 | |
echo "Waiting for the deployment/${deploymentName} to be scaled to 1. Timeout ${DEPLOYMENT_TIMEOUT_SEC} seconds" | |
DESIRED_REPLICA_COUNT=1 | |
UNAVAILABLE=1 | |
end=$((SECONDS+DEPLOYMENT_TIMEOUT_SEC)) | |
while [[ "${UNAVAILABLE}" -eq 1 ]] && [[ ${SECONDS} -lt ${end} ]]; do | |
UNAVAILABLE=$(oc get deployment/${deploymentName} -n="${CHE_OPENSHIFT_PROJECT}" -o=jsonpath='{.status.unavailableReplicas}') | |
if [[ "${FOLLOW_LOGS}" == "true" ]]; then echo "Deployment is in progress...(Unavailable replica count=${UNAVAILABLE}, ${timeout_in} seconds remain)"; fi | |
sleep 3 | |
done | |
if [[ "${UNAVAILABLE}" == 1 ]]; then | |
printError "Deployment timeout. Aborting." | |
printError "Check deployment logs and events:" | |
printError "oc logs deployment/${deploymentName} -n ${CHE_OPENSHIFT_PROJECT}" | |
printError "oc get events -n ${CHE_OPENSHIFT_PROJECT}" | |
exit 1 | |
fi | |
CURRENT_REPLICA_COUNT=-1 | |
while [[ "${CURRENT_REPLICA_COUNT}" -ne "${DESIRED_REPLICA_COUNT}" ]] && [[ ${SECONDS} -lt ${end} ]]; do | |
CURRENT_REPLICA_COUNT=$(oc get deployment/${deploymentName} -o=jsonpath='{.status.availableReplicas}') | |
timeout_in=$((end-SECONDS)) | |
if [[ "${FOLLOW_LOGS}" == "true" ]]; then echo "Deployment in progress...(Current replica count=${CURRENT_REPLICA_COUNT}, ${timeout_in} seconds remain)"; fi | |
sleep ${POLLING_INTERVAL_SEC} | |
done | |
if [[ "${CURRENT_REPLICA_COUNT}" -ne "${DESIRED_REPLICA_COUNT}" ]]; then | |
printError "CodeReady Workspaces ${deploymentName} deployment failed. Aborting. Run command 'oc logs deployment/${deploymentName}' to get more details." | |
exit 1 | |
elif [ ${SECONDS} -ge ${end} ]; then | |
printError "Deployment timeout. Aborting." | |
exit 1 | |
fi | |
elapsed=$((DEPLOYMENT_TIMEOUT_SEC-timeout_in)) | |
echo "Codeready Workspaces deployment/${deploymentName} started in ${elapsed} seconds" | |
} | |
quay_login () | |
{ | |
echo "${QUAY_TOKEN}" | docker login -u="${QUAY_USER}" --password-stdin ${QUAY_REGISTRY} | |
} | |
# see https://gist.github.com/nickboldt/1b0002dd006aea827ece386bb4901447 and | |
# see https://github.com/eclipse/che/blob/master/dockerfiles/keycloak/Dockerfile | |
build_patched_images() | |
{ | |
quay_login | |
mkdir -p ${WORKSPACE}/patch-root | |
pushd ${WORKSPACE}/patch-root >/dev/null | |
git clone https://github.com/che-incubator/KEYCLOAK-10169-OpenShift4-User-Provider && cd KEYCLOAK-10169-OpenShift4-User-Provider | |
mvn clean install | |
#curl -sSL -o targt/openshift4-extension-6.0.1.jar \ | |
# https://github.com/che-incubator/KEYCLOAK-10169-OpenShift4-User-Provider/releases/download/6.0.1-openshift-v4/openshift4-extension-6.0.1.jar | |
# build SSO image with updated OS4 Provider | |
echo " | |
FROM registry.access.redhat.com/redhat-sso-7/sso73-openshift:1.0-12.1561751916 | |
COPY target/openshift4-extension-6.0.1.jar /opt/eap/standalone/deployments/ | |
RUN touch /opt/eap/standalone/deployments/openshift4-extension-6.0.1.jar.dodeploy && \ | |
unzip -j /opt/eap/standalone/deployments/openshift4-extension-6.0.1.jar -d \ | |
/opt/eap/themes/base/admin/resources/partials \ | |
theme-resources/resources/realm-identity-provider-openshift-v4.html \ | |
theme-resources/resources/realm-identity-provider-openshift-v4-ext.html | |
" > Dockerfile | |
docker build . -t ${SSO_PATCH_IMAGE} | |
docker push ${SSO_PATCH_IMAGE} | |
cd .. | |
# build CRW operator image with updated SSO default image | |
git clone git@github.com:eclipse/che-operator.git && cd che-operator && git checkout support-openshift-v4-provider-1.x | |
# patch operator defaults.go | |
sed -i pkg/deploy/defaults.go -e "s#DefaultKeycloakImage.\+#DefaultKeycloakImage = \"${SSO_PATCH_IMAGE}\"#" | |
docker build . -t ${OP_PATCH_IMAGE} | |
docker push ${OP_PATCH_IMAGE} | |
popd >/dev/null | |
} | |
start_sso_and_check_log() { | |
docker run -t -a STDOUT --entrypoint /opt/eap/bin/standalone.sh ${SSO_PATCH_IMAGE} | tee start_sso_and_check_log.standalone.txt & | |
last_pid=$! | |
sleep 30s | |
kill -KILL $last_pid | |
docker run -t -a STDOUT --entrypoint /opt/eap/bin/openshift-launch.sh ${SSO_PATCH_IMAGE} | tee start_sso_and_check_log.openshift-launch.txt & | |
last_pid=$! | |
sleep 60s | |
kill -KILL $last_pid | |
} | |
patch() { | |
DB_PASSWORD=$(oc get deployment keycloak -o=jsonpath={'.spec.template.spec.containers[0].env[?(@.name=="DB_PASSWORD")].value'} -n=${CHE_OPENSHIFT_PROJECT}) | |
PATCH_JSON=$(cat << EOF | |
{ | |
"spec": { | |
"auth": { | |
"identityProviderImage": "${SSO_PATCH_IMAGE}", | |
"identityProviderPostgresPassword":"${DB_PASSWORD}" | |
} | |
} | |
} | |
EOF | |
) | |
echo; echo "Patch operator image to use ${SSO_PATCH_IMAGE}" | |
oc patch checluster codeready -p "${PATCH_JSON}" --type merge -n ${CHE_OPENSHIFT_PROJECT} | |
echo; echo "Operator image patched to use ${SSO_PATCH_IMAGE}" | |
oc scale deployment/codeready-operator --replicas=0 | |
oc scale deployment/codeready --replicas=0 | |
oc scale deployment/keycloak --replicas=0 | |
oc scale deployment/codeready-operator --replicas=1 | |
#echo; echo "Update operator image to ${OP_PATCH_IMAGE}" | |
#oc set image deployment/codeready-operator *=${OP_PATCH_IMAGE} -n ${CHE_OPENSHIFT_PROJECT} | |
#echo; echo "Successfully updated running deployment ${CHE_OPENSHIFT_PROJECT}." | |
waitForDeployment codeready-operator | |
oc scale deployment/keycloak --replicas=1 | |
waitForDeployment keycloak | |
oc scale deployment/codeready --replicas=1 | |
waitForDeployment codeready | |
} | |
reinstall_CRW() { | |
echo "======= download operator installer =======" | |
wget https://codeready-workspaces-jenkins.rhev-ci-vms.eng.rdu2.redhat.com/view/CRW_CI/view/Pipelines/job/crw-operator-installer-and-ls-deps_stable-branch/lastSuccessfulBuild/artifact/codeready-workspaces-deprecated/operator-installer/target/codeready-workspaces-operator-installer.tar.gz | |
tar -xvf codeready-workspaces-operator-installer.tar.gz | |
echo "======= re-install CRW on OCP =======" | |
oc delete checluster codeready || true | |
oc delete project ${CHE_OPENSHIFT_PROJECT} || true | |
# worksaround to let OCP to finish removal complitely | |
sleep 5 | |
# --operator-image=quay.io/crw/operator-rhel8:${OP_IMAGE_TAG} \ | |
${WORKSPACE}/codeready-workspaces-operator-installer/deploy.sh -d \ | |
--server-image=quay.io/crw/server-rhel8 \ | |
--version=${SERV_IMAGE_TAG} \ | |
--operator-image=${OP_PATCH_IMAGE} \ | |
-p=${CHE_OPENSHIFT_PROJECT} \ | |
--oauth | |
# TODO this should be included inside deploy.sh | |
# patch deployment to allow OS OAuth v4 to work | |
curl -sSL -q -o /tmp/cr.yaml https://raw.githubusercontent.com/eclipse/che-operator/master/deploy/cluster_role.yaml | |
curl -sSL -q -o /tmp/crb.yaml https://raw.githubusercontent.com/eclipse/che-operator/master/deploy/cluster_role_binding.yaml | |
/tmp/oc apply -f /tmp/cr.yaml | |
/tmp/oc apply -f /tmp/crb.yaml | |
# print Che configuration | |
/tmp/oc describe cm/che --namespace=${CHE_OPENSHIFT_PROJECT} | |
} | |
configure_github_related_stuff() { | |
# configure GitHub test users | |
mkdir -p ${WORKSPACE}/codeready_local_conf_dir | |
export CHE_LOCAL_CONF_DIR=${WORKSPACE}/codeready_local_conf_dir/ | |
rm -f ${WORKSPACE}/codeready_local_conf_dir/selenium.properties | |
echo "github.username=che6ocpmulti" >> ${WORKSPACE}/codeready_local_conf_dir/selenium.properties | |
echo "github.password=CheMain2017" >> ${WORKSPACE}/codeready_local_conf_dir/selenium.properties | |
echo "github.auxiliary.username=iedexmain1" >> ${WORKSPACE}/codeready_local_conf_dir/selenium.properties | |
echo "github.auxiliary.password=CodenvyMain15" >> ${WORKSPACE}/codeready_local_conf_dir/selenium.properties | |
} | |
# run E2E tests | |
run_e2e_tests() { | |
echo "======= run E2E tests =======" | |
export OPENSHIFT_USERNAME=developer | |
export OPENSHIFT_PASSWORD=123 | |
export OPENSHIFT_URL=${OPENSHIFT_URL} | |
export CHE_OPENSHIFT_PROJECT=${CHE_OPENSHIFT_PROJECT} | |
export TEST_USER_NAME=admin | |
export CHE_TESTUSER_NAME=${TEST_USER_NAME} | |
export CHE_TESTUSER_PASSWORD=${TEST_USER_NAME} | |
export CHE_TESTUSER_EMAIL=${TEST_USER_NAME}@admin.com | |
export OPENSHIFT_REGULAR_USERNAME=crw | |
export OPENSHIFT_REGULAR_PASSWORD=crw | |
export OPENSHIFT_REGULAR_EMAIL=${OPENSHIFT_REGULAR_USERNAME}@1.com | |
${WORKSPACE}/codeready-workspaces/test/codeready-test-e2e/e2e-tests.sh \ | |
--host=${CRW_HOST} \ | |
--threads=1 \ | |
--test=com.redhat.codeready.selenium.ocpoauth.** | |
} | |
download_oc_and_login oc4 | |
build_patched_images | |
start_sso_and_check_log | |
reinstall_CRW | |
patch | |
configure_github_related_stuff | |
run_e2e_tests |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment