-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ddad227
commit 73397ed
Showing
8 changed files
with
342 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
approvers: | ||
- Xia-Zhao-rh | ||
- kuiwang02 | ||
- bandrade | ||
- jianzhangbjz | ||
- sergiordlr | ||
- ptalgulk01 | ||
reviewers: | ||
- Xia-Zhao-rh | ||
- kuiwang02 | ||
- bandrade | ||
- jianzhangbjz | ||
- sergiordlr | ||
- ptalgulk01 |
48 changes: 48 additions & 0 deletions
48
ci-operator/step-registry/mco/conf/day2/enable-ocl/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
# enable-ocl-ref<!-- omit from toc --> | ||
|
||
## Table of Contents<!-- omit from toc --> | ||
- [Purpose](#purpose) | ||
- [Process](#process) | ||
- [Requirements](#requirements) | ||
- [Infrastructure](#infrastructure) | ||
- [Environment Variables](#environment-variables) | ||
|
||
## Purpose | ||
|
||
To enable the OCL functionality in the cluster. In order to enable the OCL functionality we need to create a MachineOsConfig resource defining the repository where the OCL images will be stored and 3 secrets to push and pull those images. | ||
|
||
The repository where the iamges will be stored is: quay.io/mcoqe/layering | ||
The credentials to access this repository are added the the cluster's pull-secret by the mco-conf-day2-add-mcoqe-robot-to-pull-secret step. Hence, we will use a copy of the cluster's pull-secret to configure our MOSCs. | ||
|
||
Example of a chain using this step | ||
|
||
``` | ||
chain: | ||
as: openshift-e2e-test-mco-qe-longduration | ||
steps: | ||
- chain: cucushift-installer-check-cluster-health | ||
- ref: idp-htpasswd | ||
- ref: mco-conf-day2-add-mcoqe-robot-to-pull-secret | ||
- ref: mco-conf-day2-enable-ocl | ||
- ref: openshift-extended-test-longduration | ||
- ref: openshift-e2e-test-qe-report | ||
documentation: |- | ||
Execute openshift extended MCO e2e tests from QE. It does not execute cucushift test cases. | ||
``` | ||
|
||
## Process | ||
|
||
This scripts creates a MOSC resource for every MCP declared in MCO_CONF_DAY2_ENABLE_OCL_POOLS. These MOSCs will use a copy of the pull-secret to access the registry quay.io/mcoqe/layering | ||
|
||
## Prerequisite(s) | ||
|
||
- The cluster's pull-secret should contain the credentials to pull and push from quay.io/mcoqe/layering. These credentials are added by the mco-conf-day2-add-mcoqe-robot-to-pull-secret step. | ||
|
||
### Infrastructure | ||
|
||
- A provisioned test cluster to target. | ||
|
||
### Environment Variables | ||
|
||
- MCO_CONF_DAY2_IMAGE_EXPIRATION_TIME: space separated list of the MCPs where we want to enable OCL | ||
- MCO_CONF_DAY2_IMAGE_EXPIRATION_TIME: expiration time for the created OCL images |
129 changes: 129 additions & 0 deletions
129
ci-operator/step-registry/mco/conf/day2/enable-ocl/mco-conf-day2-enable-ocl-commands.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,129 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
set -u | ||
set -o pipefail | ||
|
||
function set_proxy () { | ||
if [ -s "${SHARED_DIR}/proxy-conf.sh" ]; then | ||
echo "Setting the proxy ${SHARED_DIR}/proxy-conf.sh" | ||
# shellcheck source=/dev/null | ||
source "${SHARED_DIR}/proxy-conf.sh" | ||
else | ||
echo "No proxy settings" | ||
fi | ||
} | ||
|
||
function run_command() { | ||
local CMD="$1" | ||
echo "Running command: ${CMD}" | ||
eval "${CMD}" | ||
} | ||
|
||
function debug_and_exit() { | ||
echo 'An error happened. Debuging before exiting...' | ||
echo '' | ||
echo '####################################################' | ||
echo '####################################################' | ||
echo '' | ||
echo 'All pods:' | ||
run_command "oc get pods" | ||
echo '' | ||
echo '####################################################' | ||
echo '####################################################' | ||
echo '' | ||
echo 'All MOSCs' | ||
run_command "oc get machineosconfig -oyaml" | ||
echo '' | ||
echo '####################################################' | ||
echo '####################################################' | ||
echo '' | ||
echo 'All MOSBs' | ||
run_command "oc get machineosbuild -oyaml" | ||
echo '' | ||
echo '####################################################' | ||
echo '####################################################' | ||
echo '' | ||
echo 'Builder pods logs' | ||
run_command "oc logs pods -l machineconfiguration.openshift.io/on-cluster-layering" | ||
exit 255 | ||
} | ||
|
||
if [[ -z "$MCO_CONF_DAY2_ENABLE_OCL_POOLS" ]]; then | ||
echo "OCL is not configured in any MachineConfigPool, skip it." | ||
exit 0 | ||
fi | ||
|
||
set_proxy | ||
|
||
IFS=" " read -r -a mcp_arr <<<"$MCO_CONF_DAY2_ENABLE_OCL_POOLS" | ||
for custom_mcp_name in "${mcp_arr[@]}"; do | ||
|
||
echo "Enable OCL in pool $custom_mcp_name" | ||
|
||
oc create -f - << EOF | ||
apiVersion: machineconfiguration.openshift.io/v1alpha1 | ||
kind: MachineOSConfig | ||
metadata: | ||
name: mosc-$custom_mcp_name | ||
spec: | ||
machineConfigPool: | ||
name: $custom_mcp_name | ||
buildOutputs: | ||
currentImagePullSecret: | ||
name: $(oc get secret -n openshift-config pull-secret -o json | jq "del(.metadata.namespace, .metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.name)" | jq '.metadata.name="pull-copy"' | oc -n openshift-machine-config-operator create -f - &> /dev/null; echo -n "pull-copy") | ||
buildInputs: | ||
imageBuilder: | ||
imageBuilderType: PodImageBuilder | ||
baseImagePullSecret: | ||
name: $(oc get secret -n openshift-config pull-secret -o json | jq "del(.metadata.namespace, .metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.name)" | jq '.metadata.name="pull-copy"' | oc -n openshift-machine-config-operator create -f - &> /dev/null; echo -n "pull-copy") | ||
renderedImagePushSecret: | ||
name: $(oc get secret -n openshift-config pull-secret -o json | jq "del(.metadata.namespace, .metadata.creationTimestamp, .metadata.resourceVersion, .metadata.uid, .metadata.name)" | jq '.metadata.name="pull-copy"' | oc -n openshift-machine-config-operator create -f - &> /dev/null; echo -n "pull-copy") | ||
renderedImagePushspec: "quay.io/mcoqe/layering:ocl-$custom_mcp_name" | ||
containerFile: | ||
- content: |- | ||
LABEL maintainer="mco-qe-team" quay.expires-after=$MCO_CONF_DAY2_IMAGE_EXPIRATION_TIME | ||
EOF | ||
|
||
oc get machineosconfig -oyaml "mosc-$custom_mcp_name" | ||
|
||
done | ||
|
||
for custom_mcp_name in "${mcp_arr[@]}"; do | ||
echo "Waiting for $custom_mcp_name MachineConfigPool to start updating..." | ||
run_command "oc wait mcp $custom_mcp_name --for='condition=UPDATING=True' --timeout=300s &>/dev/null" | ||
if [ "$?" != "0" ] | ||
then | ||
debug_and_exit | ||
fi | ||
done | ||
|
||
|
||
for custom_mcp_name in "${mcp_arr[@]}"; do | ||
echo "Wait for the $custom_mcp_name MCP to start building the OCL build" | ||
machine_os_build_name="$custom_mcp_name-$(oc get machineconfigpool worker -ojsonpath='{.spec.configuration.name}')-builder" | ||
run_command "oc wait --for=condition=Building machineosbuild $machine_os_build_name --timeout=300s &>/dev/null" | ||
if [ "$?" != "0" ] | ||
then | ||
debug_and_exit | ||
fi | ||
done | ||
|
||
for custom_mcp_name in "${mcp_arr[@]}"; do | ||
echo "Wait for the $custom_mcp_name MCP OCL build to succeed" | ||
machine_os_build_name="$custom_mcp_name-$(oc get machineconfigpool worker -ojsonpath='{.spec.configuration.name}')-builder" | ||
run_command "oc wait --for=condition=Succeeded machineosbuild $machine_os_build_name --timeout=300s &>/dev/null" | ||
if [ "$?" != "0" ] | ||
then | ||
debug_and_exit | ||
fi | ||
done | ||
|
||
for custom_mcp_name in "${mcp_arr[@]}"; do | ||
echo "Waiting for $custom_mcp_name MachineConfigPool to finish updating..." | ||
run_command "oc wait mcp \$custom_mcp_name --for='condition=UPDATED=True' --timeout=300s 2>/dev/null" | ||
if [ "$?" != "0" ] | ||
then | ||
debug_and_exit | ||
fi | ||
done |
21 changes: 21 additions & 0 deletions
21
...perator/step-registry/mco/conf/day2/enable-ocl/mco-conf-day2-enable-ocl-ref.metadata.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
{ | ||
"path": "mco/conf/day2/enable-ocl/mco-conf-day2-enable-ocl-ref.yaml", | ||
"owners": { | ||
"approvers": [ | ||
"Xia-Zhao-rh", | ||
"kuiwang02", | ||
"bandrade", | ||
"jianzhangbjz", | ||
"sergiordlr", | ||
"ptalgulk01" | ||
], | ||
"reviewers": [ | ||
"Xia-Zhao-rh", | ||
"kuiwang02", | ||
"bandrade", | ||
"jianzhangbjz", | ||
"sergiordlr", | ||
"ptalgulk01" | ||
] | ||
} | ||
} |
25 changes: 25 additions & 0 deletions
25
ci-operator/step-registry/mco/conf/day2/enable-ocl/mco-conf-day2-enable-ocl-ref.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
ref: | ||
as: mco-conf-day2-enable-ocl | ||
from_image: | ||
namespace: ocp | ||
name: cli-jq | ||
tag: latest | ||
commands: mco-conf-day2-enable-ocl-commands.sh | ||
resources: | ||
requests: | ||
cpu: 10m | ||
memory: 100Mi | ||
env: | ||
- name: MCO_CONF_DAY2_ENABLE_OCL_POOLS | ||
default: "" | ||
documentation: | | ||
A space splitted array with the pools that will be configured with OCL | ||
- name: MCO_CONF_DAY2_IMAGE_EXPIRATION_TIME | ||
default: "2h" | ||
documentation: | | ||
The time after which the images will be automatically deleted from the quay repository | ||
documentation: |- | ||
Configures OCL in the MachineConfigPools provided in the MCO_CONF_DAY2_ENABLE_OCL_POOLS list. | ||
The secret used to pull and pull the images will be the cluster's pull-secret. | ||
The repository used to store the images will be quay.io/mcoqe/layering | ||
All images will be labeled with |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters