From 5c24628447457505149e1e6d3f92f17762c1199a Mon Sep 17 00:00:00 2001 From: Pavel Sturc Date: Fri, 29 Nov 2024 16:23:35 +0100 Subject: [PATCH] fix: PR pairing --- .../scripts/konflux-e2e-runner.sh | 101 -------------- .../tasks/konflux-e2e-tests-task.yaml | 131 ++++++++++++++++-- 2 files changed, 118 insertions(+), 114 deletions(-) diff --git a/integration-tests/scripts/konflux-e2e-runner.sh b/integration-tests/scripts/konflux-e2e-runner.sh index db9610187..21de5874b 100755 --- a/integration-tests/scripts/konflux-e2e-runner.sh +++ b/integration-tests/scripts/konflux-e2e-runner.sh @@ -6,69 +6,6 @@ log() { echo -e "[$(date +'%Y-%m-%d %H:%M:%S')] [$1] $2" } -load_envs() { - local konflux_ci_secrets_file="/usr/local/konflux-ci-secrets" - local konflux_infra_secrets_file="/usr/local/konflux-test-infra" - - declare -A config_envs=( - [ENABLE_SCHEDULING_ON_MASTER_NODES]="false" - [UNREGISTER_PAC]="true" - [EC_DISABLE_DOWNLOAD_SERVICE]="true" - [ARTIFACT_DIR]="$(mktemp -d)" - [GITHUB_USER]="" - [GITHUB_TOKEN]="" - [DEFAULT_QUAY_ORG]="redhat-appstudio-qe" - [OCI_STORAGE_USERNAME]="$(jq -r '."quay-username"' ${konflux_infra_secrets_file}/oci-storage)" - [OCI_STORAGE_TOKEN]="$(jq -r '."quay-token"' ${konflux_infra_secrets_file}/oci-storage)" - ) - - declare -A load_envs_from_file=( - [DEFAULT_QUAY_ORG_TOKEN]="${konflux_ci_secrets_file}/default-quay-org-token" - [GITHUB_TOKENS_LIST]="${konflux_ci_secrets_file}/github_accounts" - [QUAY_TOKEN]="${konflux_ci_secrets_file}/quay-token" - [QUAY_OAUTH_USER]="${konflux_ci_secrets_file}/quay-oauth-user" - [QUAY_OAUTH_TOKEN]="${konflux_ci_secrets_file}/quay-oauth-token" - [PYXIS_STAGE_KEY]="${konflux_ci_secrets_file}/pyxis-stage-key" - [PYXIS_STAGE_CERT]="${konflux_ci_secrets_file}/pyxis-stage-cert" - [ATLAS_STAGE_ACCOUNT]="${konflux_ci_secrets_file}/atlas-stage-account" - [ATLAS_STAGE_TOKEN]="${konflux_ci_secrets_file}/atlas-stage-token" - [OFFLINE_TOKEN]="${konflux_ci_secrets_file}/stage_offline_token" - [TOOLCHAIN_API_URL]="${konflux_ci_secrets_file}/stage_toolchain_api_url" - [KEYLOAK_URL]="${konflux_ci_secrets_file}/stage_keyloak_url" - [EXODUS_PROD_KEY]="${konflux_ci_secrets_file}/exodus_prod_key" - [EXODUS_PROD_CERT]="${konflux_ci_secrets_file}/exodus_prod_cert" - [CGW_USERNAME]="${konflux_ci_secrets_file}/cgw_username" - [CGW_TOKEN]="${konflux_ci_secrets_file}/cgw_token" - [REL_IMAGE_CONTROLLER_QUAY_ORG]="${konflux_ci_secrets_file}/release_image_controller_quay_org" - [REL_IMAGE_CONTROLLER_QUAY_TOKEN]="${konflux_ci_secrets_file}/release_image_controller_quay_token" - [QE_SPRAYPROXY_HOST]="${konflux_ci_secrets_file}/qe-sprayproxy-host" - [QE_SPRAYPROXY_TOKEN]="${konflux_ci_secrets_file}/qe-sprayproxy-token" - [E2E_PAC_GITHUB_APP_ID]="${konflux_ci_secrets_file}/pac-github-app-id" - [E2E_PAC_GITHUB_APP_PRIVATE_KEY]="${konflux_ci_secrets_file}/pac-github-app-private-key" - [PAC_GITHUB_APP_WEBHOOK_SECRET]="${konflux_ci_secrets_file}/pac-github-app-webhook-secret" - [SLACK_BOT_TOKEN]="${konflux_ci_secrets_file}/slack-bot-token" - [MULTI_PLATFORM_AWS_ACCESS_KEY]="${konflux_ci_secrets_file}/multi-platform-aws-access-key" - [MULTI_PLATFORM_AWS_SECRET_ACCESS_KEY]="${konflux_ci_secrets_file}/multi-platform-aws-secret-access-key" - [MULTI_PLATFORM_AWS_SSH_KEY]="${konflux_ci_secrets_file}/multi-platform-aws-ssh-key" - [MULTI_PLATFORM_IBM_API_KEY]="${konflux_ci_secrets_file}/multi-platform-ibm-api-key" - [DOCKER_IO_AUTH]="${konflux_ci_secrets_file}/docker_io" - [GITLAB_BOT_TOKEN]="${konflux_ci_secrets_file}/gitlab-bot-token" - ) - - for var in "${!config_envs[@]}"; do - export "$var"="${config_envs[$var]}" - done - - for var in "${!load_envs_from_file[@]}"; do - local file="${load_envs_from_file[$var]}" - if [[ -f "$file" ]]; then - export "$var"="$(<"$file")" - else - log "ERROR" "Secret file for $var not found at $file" - fi - done -} - post_actions() { local exit_code=$? local temp_annotation_file="$(mktemp)" @@ -105,31 +42,6 @@ post_actions() { trap post_actions EXIT -load_envs - -oc config view --minify --raw > /workspace/kubeconfig -export KUBECONFIG=/workspace/kubeconfig - -export PREVIOUS_RATE_REMAINING=0 -IFS=',' read -r -a GITHUB_ACCOUNTS_ARRAY <<< "$(cat /usr/local/konflux-ci-secrets/github_accounts)" -for account in "${GITHUB_ACCOUNTS_ARRAY[@]}"; do - IFS=':' read -r -a GITHUB_USERNAME_ARRAY <<< "$account" - - GH_RATE_REMAINING=$(curl -s \ - -H "Accept: application/vnd.github+json" \ - -H "Authorization: Bearer ${GITHUB_USERNAME_ARRAY[1]}" \ - https://api.github.com/rate_limit | jq ".rate.remaining") - - log "INFO" "user: ${GITHUB_USERNAME_ARRAY[0]} with rate limit remaining $GH_RATE_REMAINING" - if [[ "$GH_RATE_REMAINING" -ge "$PREVIOUS_RATE_REMAINING" ]]; then - GITHUB_USER="${GITHUB_USERNAME_ARRAY[0]}" - GITHUB_TOKEN="${GITHUB_USERNAME_ARRAY[1]}" - fi - PREVIOUS_RATE_REMAINING="$GH_RATE_REMAINING" -done - -log "INFO" "running tests with github user: ${GITHUB_USER}" - # ROSA HCP workaround for Docker limits # for namespaces 'minio-operator' and 'tekton-results' oc get secret/pull-secret -n openshift-config --template='{{index .data ".dockerconfigjson" | base64decode}}' > ./global-pull-secret.json @@ -155,17 +67,4 @@ while IFS='|' read -r ns sa_name; do done <<< "$namespace_sa_names" -# Prepare git, pair branch if necessary, Install Konflux and run e2e tests -cd "$(mktemp -d)" - -git config --global user.name "redhat-appstudio-qe-bot" -git config --global user.email redhat-appstudio-qe-bot@redhat.com - -mkdir -p "${HOME}/creds" -git_creds_path="${HOME}/creds/file" -git config --global credential.helper "store --file $git_creds_path" -echo "https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com" > "$git_creds_path" - -git clone --origin upstream --branch main "https://${GITHUB_TOKEN}@github.com/konflux-ci/e2e-tests.git" . -make ci/prepare/e2e-branch 2>&1 | tee "${ARTIFACT_DIR}"/e2e-branch.log make ci/test/e2e 2>&1 | tee "${ARTIFACT_DIR}"/e2e-tests.log diff --git a/integration-tests/tasks/konflux-e2e-tests-task.yaml b/integration-tests/tasks/konflux-e2e-tests-task.yaml index d72fc5b2f..665e7d57a 100644 --- a/integration-tests/tasks/konflux-e2e-tests-task.yaml +++ b/integration-tests/tasks/konflux-e2e-tests-task.yaml @@ -18,11 +18,11 @@ spec: description: "The name of the test being executed." - name: git-repo type: string - default: "rhtap-e2e" + default: "e2e-tests" description: "The name of the Git repository containing the E2E tests." - name: git-url type: string - default: "https://github.com/redhat-appstudio/rhtap-e2e.git" + default: "https://github.com/konflux-ci/e2e-tests.git" description: "The URL of the Git repository containing the E2E tests." - name: git-revision type: string @@ -86,21 +86,126 @@ spec: value: $(params.component-image) script: | #!/bin/bash + set -euo pipefail # Params related with tekton task export GINKGO_PROCS=$(params.ginkgo-procs) export ORAS_CONTAINER=$(params.oras-container) - # Log into OpenShift - $(params.ocp-login-command) + log() { + echo -e "[$(date +'%Y-%m-%d %H:%M:%S')] [$1] $2" + } - if [ "$GIT_REPO" = "e2e-tests" ]; then - export SOURCE_REPO_URL=$(echo "$JOB_SPEC" | jq -r '.git.source_repo_url' | sed 's#https://github.com/##') - export SOURCE_REPO_BRANCH=$(echo "$JOB_SPEC" | jq -r '.git.source_repo_branch') + load_envs() { + local konflux_ci_secrets_file="/usr/local/konflux-ci-secrets" + local konflux_infra_secrets_file="/usr/local/konflux-test-infra" - echo -e "[INFO] Running e2e tests from source: $SOURCE_REPO_URL and branch $SOURCE_REPO_BRANCH" - /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/$SOURCE_REPO_URL/$SOURCE_REPO_BRANCH/integration-tests/scripts/konflux-e2e-runner.sh)" - else - echo -e "[INFO] Running e2e tests from source: konflux-ci/e2e-tests and branch main" - /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/konflux-ci/e2e-tests/main/integration-tests/scripts/konflux-e2e-runner.sh)" - fi + declare -A config_envs=( + [ENABLE_SCHEDULING_ON_MASTER_NODES]="false" + [UNREGISTER_PAC]="true" + [EC_DISABLE_DOWNLOAD_SERVICE]="true" + [ARTIFACT_DIR]="$(mktemp -d)" + [GITHUB_USER]="" + [GITHUB_TOKEN]="" + [DEFAULT_QUAY_ORG]="redhat-appstudio-qe" + [OCI_STORAGE_USERNAME]="$(jq -r '."quay-username"' ${konflux_infra_secrets_file}/oci-storage)" + [OCI_STORAGE_TOKEN]="$(jq -r '."quay-token"' ${konflux_infra_secrets_file}/oci-storage)" + ) + + declare -A load_envs_from_file=( + [DEFAULT_QUAY_ORG_TOKEN]="${konflux_ci_secrets_file}/default-quay-org-token" + [GITHUB_TOKENS_LIST]="${konflux_ci_secrets_file}/github_accounts" + [QUAY_TOKEN]="${konflux_ci_secrets_file}/quay-token" + [QUAY_OAUTH_USER]="${konflux_ci_secrets_file}/quay-oauth-user" + [QUAY_OAUTH_TOKEN]="${konflux_ci_secrets_file}/quay-oauth-token" + [PYXIS_STAGE_KEY]="${konflux_ci_secrets_file}/pyxis-stage-key" + [PYXIS_STAGE_CERT]="${konflux_ci_secrets_file}/pyxis-stage-cert" + [ATLAS_STAGE_ACCOUNT]="${konflux_ci_secrets_file}/atlas-stage-account" + [ATLAS_STAGE_TOKEN]="${konflux_ci_secrets_file}/atlas-stage-token" + [OFFLINE_TOKEN]="${konflux_ci_secrets_file}/stage_offline_token" + [TOOLCHAIN_API_URL]="${konflux_ci_secrets_file}/stage_toolchain_api_url" + [KEYLOAK_URL]="${konflux_ci_secrets_file}/stage_keyloak_url" + [EXODUS_PROD_KEY]="${konflux_ci_secrets_file}/exodus_prod_key" + [EXODUS_PROD_CERT]="${konflux_ci_secrets_file}/exodus_prod_cert" + [CGW_USERNAME]="${konflux_ci_secrets_file}/cgw_username" + [CGW_TOKEN]="${konflux_ci_secrets_file}/cgw_token" + [REL_IMAGE_CONTROLLER_QUAY_ORG]="${konflux_ci_secrets_file}/release_image_controller_quay_org" + [REL_IMAGE_CONTROLLER_QUAY_TOKEN]="${konflux_ci_secrets_file}/release_image_controller_quay_token" + [QE_SPRAYPROXY_HOST]="${konflux_ci_secrets_file}/qe-sprayproxy-host" + [QE_SPRAYPROXY_TOKEN]="${konflux_ci_secrets_file}/qe-sprayproxy-token" + [E2E_PAC_GITHUB_APP_ID]="${konflux_ci_secrets_file}/pac-github-app-id" + [E2E_PAC_GITHUB_APP_PRIVATE_KEY]="${konflux_ci_secrets_file}/pac-github-app-private-key" + [PAC_GITHUB_APP_WEBHOOK_SECRET]="${konflux_ci_secrets_file}/pac-github-app-webhook-secret" + [SLACK_BOT_TOKEN]="${konflux_ci_secrets_file}/slack-bot-token" + [MULTI_PLATFORM_AWS_ACCESS_KEY]="${konflux_ci_secrets_file}/multi-platform-aws-access-key" + [MULTI_PLATFORM_AWS_SECRET_ACCESS_KEY]="${konflux_ci_secrets_file}/multi-platform-aws-secret-access-key" + [MULTI_PLATFORM_AWS_SSH_KEY]="${konflux_ci_secrets_file}/multi-platform-aws-ssh-key" + [MULTI_PLATFORM_IBM_API_KEY]="${konflux_ci_secrets_file}/multi-platform-ibm-api-key" + [DOCKER_IO_AUTH]="${konflux_ci_secrets_file}/docker_io" + [GITLAB_BOT_TOKEN]="${konflux_ci_secrets_file}/gitlab-bot-token" + ) + + for var in "${!config_envs[@]}"; do + export "$var"="${config_envs[$var]}" + done + + for var in "${!load_envs_from_file[@]}"; do + local file="${load_envs_from_file[$var]}" + if [[ -f "$file" ]]; then + export "$var"="$(<"$file")" + else + log "ERROR" "Secret file for $var not found at $file" + fi + done + } + + # Log into OpenShift cluster (the connection is sometimes flaky - give it more time) + timeout --foreground "10m" bash -c " + until $(params.ocp-login-command) + do + echo \"Waiting for 'oc login' command to succeed... Trying again in 10 seconds\" + sleep 10 + done + " + + load_envs + + oc config view --minify --raw > /workspace/kubeconfig + export KUBECONFIG=/workspace/kubeconfig + + export PREVIOUS_RATE_REMAINING=0 + IFS=',' read -r -a GITHUB_ACCOUNTS_ARRAY <<< "$(cat /usr/local/konflux-ci-secrets/github_accounts)" + for account in "${GITHUB_ACCOUNTS_ARRAY[@]}"; do + IFS=':' read -r -a GITHUB_USERNAME_ARRAY <<< "$account" + + GH_RATE_REMAINING=$(curl -s \ + -H "Accept: application/vnd.github+json" \ + -H "Authorization: Bearer ${GITHUB_USERNAME_ARRAY[1]}" \ + https://api.github.com/rate_limit | jq ".rate.remaining") + + log "INFO" "user: ${GITHUB_USERNAME_ARRAY[0]} with rate limit remaining $GH_RATE_REMAINING" + if [[ "$GH_RATE_REMAINING" -ge "$PREVIOUS_RATE_REMAINING" ]]; then + GITHUB_USER="${GITHUB_USERNAME_ARRAY[0]}" + GITHUB_TOKEN="${GITHUB_USERNAME_ARRAY[1]}" + fi + PREVIOUS_RATE_REMAINING="$GH_RATE_REMAINING" + done + + log "INFO" "running tests with github user: ${GITHUB_USER}" + + + # Prepare git, pair branch if necessary, Install Konflux and run e2e tests + cd "$(mktemp -d)" + + git config --global user.name "redhat-appstudio-qe-bot" + git config --global user.email redhat-appstudio-qe-bot@redhat.com + + mkdir -p "${HOME}/creds" + git_creds_path="${HOME}/creds/file" + git config --global credential.helper "store --file $git_creds_path" + echo "https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com" > "$git_creds_path" + + git clone --origin upstream --branch main "https://github.com/konflux-ci/e2e-tests.git" . + make ci/prepare/e2e-branch 2>&1 | tee "${ARTIFACT_DIR}"/e2e-branch.log + + /bin/bash -c "integration-tests/scripts/konflux-e2e-runner.sh"