greenwave

Clone

#139 Add OpenShift test template
Merged 6 years ago by ralph. Opened 6 years ago by csomh.
csomh/greenwave test-template  into  master

file modified
+5 -3 
@@ -1,4 +1,4 @@ 
 

- FROM fedora:26
 

+ FROM fedora:27
 

  LABEL \
 

      name="Greenwave application" \
 

      vendor="Greenwave developers" \
 
@@ -12,10 +12,12 @@ 
 

  

  COPY $greenwave_rpm /tmp
 

  RUN dnf -y install \
 

-     python-gunicorn \
 

+     python2-gunicorn \
 

      python-memcached \
 

      /tmp/$(basename $greenwave_rpm) \
 

-     && dnf -y clean all
 

+     && dnf -y clean all \
 

+     && rm -rf /tmp/*
 

+ 

  RUN if [ "$cacert_url" != "undefined" ]; then \
 

          cd /etc/pki/ca-trust/source/anchors \
 

          && curl -O --insecure $cacert_url \

file added
+251 
@@ -0,0 +1,251 @@ 
 

+ # Template to produce a new test environment in OpenShift.
 

+ #
 

+ # To create an environment from the template, process and apply it:
 

+ #   oc process -f openshift/greenwave-test-template.yaml -p TEST_ID=123 | oc apply -f -
 

+ # To clean up the environment, use a selector on the environment label:
 

+ #   oc delete all -l environment=test-123
 

+ # Or use the app label to delete things related to greenwave:
 

+ #   oc delete all -l app=greenwave
 

+ 

+ ---
 

+ apiVersion: v1
 

+ kind: Template
 

+ metadata:
 

+   name: greenwave-test-template
 

+ parameters:
 

+ - name: TEST_ID
 

+   displayName: Test id
 

+   description: Short unique identifier for this test run (e.g. Jenkins job number)
 

+   required: true
 

+ - name: GREENWAVE_IMAGE
 

+   displayName: Greenwave container image
 

+   description: Image to be used for Greenwave deployement
 

+   value: 172.30.1.1:5000/myproject/greenwave:latest
 

+   required: true
 

+ - name: GREENWAVE_SECRET_KEY
 

+   displayName: Secret Key for Greenwave
 

+   generate: expression
 

+   from: "[\\w]{32}"
 

+ objects:
 

+ - apiVersion: v1
 

+   kind: ConfigMap
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-policies"
 

+     labels:
 

+       app: greenwave
 

+       environment: "test-${TEST_ID}"
 

+   data:
 

+     redhat.yaml: |-
 

+       # Mimic the default Errata rule used for RHEL-7 https://errata.devel.redhat.com/workflow_rules/1
 

+       # In Errata, in order to transition to QE state, an advisory must complete rpmdiff test.
 

+       # A completed rpmdiff test could be some dist.rpmdiff.* testcases in ResultsDB and all the
 

+       # tests need to be passed.
 

+       --- !Policy
 

+       id: "1"
 

+       product_versions:
 

+         - rhel-7
 

+       decision_context: errata_newfile_to_qe
 

+       blacklist: []
 

+       rules:
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.abi_symbols}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.binary_stripping}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.build_log}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.desktop_file_sanity}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.elflint}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.empty_payload}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.execshield}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.file_list}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.file_permissions}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.file_sizes}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.ipv6}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.java_byte_code}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.manpage_integrity}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.metadata}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.ownership}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.patches}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.pathnames}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.politics}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.rpath}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.rpm_changelog}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.rpm_config_doc_files}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.rpm_requires_provides}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.rpm_scripts}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.rpm_triggers}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.shell_syntax}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.specfile_checks}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.symlinks}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.upstream_source}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.virus_scan}
 

+         - !PassingTestCaseRule {test_case_name: dist.rpmdiff.analysis.xml_validity}
 

+       # Errata Tool "Unrestricted" rule set
 

+       --- !Policy
 

+       id: "errata-unrestricted"
 

+       product_versions:
 

+         - cdk-2
 

+         - devstudio-2
 

+       decision_context: errata_newfile_to_qe
 

+       blacklist: []
 

+       rules: []
 

+ - apiVersion: v1
 

+   kind: Secret
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-config"
 

+     labels:
 

+       environment: "test-${TEST_ID}"
 

+       app: greenwave
 

+   stringData:
 

+     settings.py: |-
 

+       SECRET_KEY = '${GREENWAVE_SECRET_KEY}'
 

+       HOST= '0.0.0.0'
 

+       PORT = 8080
 

+       DEBUG = False
 

+       POLICIES_DIR = '/etc/policies/'
 

+       WAIVERDB_API_URL = 'http://waiverdb-test-${TEST_ID}-web:8080/api/v1.0'
 

+       RESULTSDB_API_URL = 'http://resultsdb-test-${TEST_ID}-internal-api:5001/api/v2.0'
 

+       CACHE = {
 

+           #'backend': "dogpile.cache.null",
 

+           'backend': "dogpile.cache.memcached",
 

+           'expiration_time': 1, # 1 is 1 second, keep to see that memcached
 

+                                 # service is working
 

+           'arguments': {
 

+               'url': 'greenwave-test-${TEST_ID}-memcached:11211',
 

+               'distributed_lock': True
 

+           }
 

+       }
 

+ - apiVersion: v1
 

+   kind: DeploymentConfig
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-memcached"
 

+     labels:
 

+       app: greenwave
 

+       service: memcached
 

+       environment: "test-${TEST_ID}"
 

+   spec:
 

+     selector:
 

+       app: greenwave
 

+       service: memcached
 

+       environment: "test-${TEST_ID}"
 

+     replicas: 1
 

+     template:
 

+       metadata:
 

+         labels:
 

+           app: greenwave
 

+           service: memcached
 

+           environment: "test-${TEST_ID}"
 

+       spec:
 

+         containers:
 

+         - image: docker.io/modularitycontainers/memcached
 

+           imagePullPolicy: Always
 

+           name: memcached
 

+           resources:
 

+             limits:
 

+               memory: 384Mi
 

+     triggers:
 

+     - type: ConfigChange
 

+ - apiVersion: v1
 

+   kind: Service
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-memcached"
 

+     labels:
 

+       app: greenwave
 

+       service: memcached
 

+       environment: "test-${TEST_ID}"
 

+   spec:
 

+     ports:
 

+     - name: memcached
 

+       port: 11211
 

+       protocol: TCP
 

+       targetPort: 11211
 

+     selector:
 

+       service: memcached
 

+       environment: "test-${TEST_ID}"
 

+ - apiVersion: v1
 

+   kind: DeploymentConfig
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-web"
 

+     labels:
 

+       app: greenwave
 

+       service: web
 

+       environment: "test-${TEST_ID}"
 

+   spec:
 

+     replicas: 2
 

+     selector:
 

+       app: greenwave
 

+       service: web
 

+       environment: "test-${TEST_ID}"
 

+     template:
 

+       metadata:
 

+         labels:
 

+           app: greenwave
 

+           service: web
 

+           environment: "test-${TEST_ID}"
 

+       spec:
 

+         containers:
 

+         - name: web
 

+           image: "${GREENWAVE_IMAGE}"
 

+           ports:
 

+           - containerPort: 8080
 

+           livenessProbe:
 

+             timeoutSeconds: 1
 

+             initialDelaySeconds: 30
 

+             httpGet:
 

+               path: /healthcheck
 

+               port: 8080
 

+           readinessProbe:
 

+             timeoutSeconds: 1
 

+             initialDelaySeconds: 5
 

+             httpGet:
 

+               path: /healthcheck
 

+               port: 8080
 

+           volumeMounts:
 

+           - mountPath: /etc/policies
 

+             name: policies-volume
 

+             readOnly: true
 

+           - mountPath: /etc/greenwave
 

+             name: config-volume
 

+             readOnly: true
 

+           resources:
 

+             limits:
 

+               memory: 384Mi
 

+         volumes:
 

+         - name: policies-volume
 

+           configMap:
 

+             name: "greenwave-test-${TEST_ID}-policies"
 

+         - name: config-volume
 

+           secret:
 

+             secretName: "greenwave-test-${TEST_ID}-config"
 

+     triggers:
 

+     - type: ConfigChange
 

+ - apiVersion: v1
 

+   kind: Service
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-web"
 

+     labels:
 

+       app: greenwave
 

+       service: web
 

+       environment: "test-${TEST_ID}"
 

+   spec:
 

+     ports:
 

+     - name: web
 

+       port: 8080
 

+       protocol: TCP
 

+       targetPort: 8080
 

+     selector:
 

+       service: web
 

+       environment: "test-${TEST_ID}"
 

+ - apiVersion: v1
 

+   kind: Route
 

+   metadata:
 

+     name: "greenwave-test-${TEST_ID}-web"
 

+     labels:
 

+       environment: "test-${TEST_ID}"
 

+       app: greenwave
 

+   spec:
 

+     port:
 

+       targetPort: web
 

+     tls:
 

+       insecureEdgeTerminationPolicy: Redirect
 

+       termination: edge
 

+     to:
 

+       kind: Service
 

+       name: "greenwave-test-${TEST_ID}-web"

This is to add an OpenShift test template similar to what WaiverDB and ResultsDB has.

@jmolet this is the PR we were talking about on Friday.

Looks reasonable to me.

I guess we won't know how it flies until we start trying to use it in the jenkins job.

Want to take that on as a part of a separate PR @csomh?

Yes, @ralph, that's the plan. (I did try this template on a minishift instance, but that was on my machine, which I guess it's not of a value here :/ )

@jmolet is it still valid that you are going to update the Jenkinsfile and functional tests to use this template and the env deployed by it?

Well, @csomh - let's merge for now and follow up with @jmolet outside this thread.

Pull-Request has been merged by ralph
6 years ago

Retroactive :+1: from me, sorry I was so slow with the review
Metadata
None
No Tags
Changes Summary 2
+5 -3
file changed
Dockerfile
+251
file added
openshift/greenwave-test-template.yaml
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.