From e8a5457a1ba4702848a4a91a8ca7929786ac6f6b Mon Sep 17 00:00:00 2001 From: Jing Qi Date: Thu, 7 Mar 2024 18:47:40 +0800 Subject: [PATCH] feat(RHTAPREL-849): add e2e test for release_to_github --- magefiles/magefile.go | 2 +- tests/release/const.go | 6 + tests/release/pipelines/fbc_release.go | 8 +- tests/release/pipelines/release_to_github.go | 244 +++++++++++++++++++ 4 files changed, 253 insertions(+), 7 deletions(-) create mode 100644 tests/release/pipelines/release_to_github.go diff --git a/magefiles/magefile.go b/magefiles/magefile.go index 974fb92fb8..7699431001 100644 --- a/magefiles/magefile.go +++ b/magefiles/magefile.go @@ -308,7 +308,7 @@ func (ci CI) TestE2E() error { } func RunE2ETests() error { - labelFilter := utils.GetEnv("E2E_TEST_SUITE_LABEL", "!upgrade-create && !upgrade-verify && !upgrade-cleanup && !release-pipelines") + labelFilter := utils.GetEnv("E2E_TEST_SUITE_LABEL", "!upgrade-create && !upgrade-verify && !upgrade-cleanup") return runTests(labelFilter, "e2e-report.xml") } diff --git a/tests/release/const.go b/tests/release/const.go index 7ca5656c3b..81f31c7140 100644 --- a/tests/release/const.go +++ b/tests/release/const.go @@ -37,6 +37,12 @@ const ( AdditionalReleasedImagePushRepo string = "quay.io/redhat-appstudio-qe/simplepython" PyxisStageImagesApiEndpoint string = "https://pyxis.preprod.api.redhat.com/v1/images/id/" + // EC constants + EcPolicyLibPath = "github.com/enterprise-contract/ec-policies//policy/lib" + EcPolicyReleasePath = "github.com/enterprise-contract/ec-policies//policy/release" + EcPolicyDataBundle = "oci::quay.io/redhat-appstudio-tekton-catalog/data-acceptable-bundles:latest" + EcPolicyDataPath = "github.com/release-engineering/rhtap-ec-policy//data" + // Service constants ApplicationName string = "application" ) diff --git a/tests/release/pipelines/fbc_release.go b/tests/release/pipelines/fbc_release.go index 471d1e1918..f28629e6fa 100644 --- a/tests/release/pipelines/fbc_release.go +++ b/tests/release/pipelines/fbc_release.go @@ -26,10 +26,6 @@ const ( fbcSourceGitURL = "https://github.com/redhat-appstudio-qe/fbc-sample-repo" targetPort = 50051 relSvcCatalogPathInRepo = "pipelines/fbc-release/fbc-release.yaml" - ecPolicyLibPath = "github.com/enterprise-contract/ec-policies//policy/lib" - ecPolicyReleasePath = "github.com/enterprise-contract/ec-policies//policy/release" - ecPolicyDataBundle = "oci::quay.io/redhat-appstudio-tekton-catalog/data-acceptable-bundles:latest" - ecPolicyDataPath = "github.com/release-engineering/rhtap-ec-policy//data" ) var _ = framework.ReleasePipelinesSuiteDescribe("FBC e2e-tests", Label("release-pipelines", "fbc-tests"), func() { @@ -294,8 +290,8 @@ func createFBCEnterpriseContractPolicy(fbcECPName string, managedFw framework.Fr PublicKey: "k8s://openshift-pipelines/public-key", Sources: []ecp.Source{{ Name: "Default", - Policy: []string{ecPolicyLibPath, ecPolicyReleasePath}, - Data: []string{ecPolicyDataBundle, ecPolicyDataPath}, + Policy: []string{releasecommon.EcPolicyLibPath, releasecommon.EcPolicyReleasePath}, + Data: []string{releasecommon.EcPolicyDataBundle, releasecommon.EcPolicyDataPath}, }}, Configuration: &ecp.EnterpriseContractPolicyConfiguration{ Exclude: []string{"cve", "step_image_registries", "tasks.required_tasks_found:prefetch-dependencies"}, diff --git a/tests/release/pipelines/release_to_github.go b/tests/release/pipelines/release_to_github.go new file mode 100644 index 0000000000..654cf51ab5 --- /dev/null +++ b/tests/release/pipelines/release_to_github.go @@ -0,0 +1,244 @@ +package pipelines + +import ( + "encoding/json" + "fmt" + "os" + "time" + + "github.com/devfile/library/v2/pkg/util" + ecp "github.com/enterprise-contract/enterprise-contract-controller/api/v1alpha1" + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + appservice "github.com/redhat-appstudio/application-api/api/v1alpha1" + "github.com/redhat-appstudio/e2e-tests/pkg/clients/has" + "github.com/redhat-appstudio/e2e-tests/pkg/constants" + "github.com/redhat-appstudio/e2e-tests/pkg/framework" + "github.com/redhat-appstudio/e2e-tests/pkg/utils" + "github.com/redhat-appstudio/e2e-tests/pkg/utils/tekton" + releasecommon "github.com/redhat-appstudio/e2e-tests/tests/release" + tektonutils "github.com/redhat-appstudio/release-service/tekton/utils" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/runtime" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + rhcsServiceAccountName = "release-service-account" + rhcsSourceGitURL = "https://github.com/jinqi7/terraform-provider-rhcs" + rhcsCatalogPathInRepo = "pipelines/release-to-github/release-to-github.yaml" +) + +var githubSecret *corev1.Secret + +var _ = framework.ReleasePipelinesSuiteDescribe("e2e tests for release-to-github", Label("release-pipelines", "release-to-github"), func() { + defer GinkgoRecover() + + var devWorkspace = utils.GetEnv(constants.RELEASE_DEV_WORKSPACE_ENV, constants.DevReleaseTeam) + var managedWorkspace = utils.GetEnv(constants.RELEASE_MANAGED_WORKSPACE_ENV, constants.ManagedReleaseTeam) + + var devNamespace = devWorkspace + "-tenant" + var managedNamespace = managedWorkspace + "-tenant" + + var err error + var devFw *framework.Framework + var managedFw *framework.Framework + var rhcsApplicationName = "rhcs-app-" + util.GenerateRandomString(4) + var rhcsComponentName = "rhcs-comp-" + util.GenerateRandomString(4) + var rhcsReleasePlanName = "rhcs-rp-" + util.GenerateRandomString(4) + var rhcsReleasePlanAdmissionName = "rhcs-rpa-" + util.GenerateRandomString(4) + var rhcsEnterpriseContractPolicyName = "rhcs-policy-" + util.GenerateRandomString(4) + + AfterEach(framework.ReportFailure(&devFw)) + + stageOptions := utils.Options{ + ToolchainApiUrl: os.Getenv(constants.TOOLCHAIN_API_URL_ENV), + KeycloakUrl: os.Getenv(constants.KEYLOAK_URL_ENV), + OfflineToken: os.Getenv(constants.OFFLINE_TOKEN_ENV), + } + + Describe("with RHCS happy path", Label("rhcsHappyPath"), func() { + var component *appservice.Component + BeforeAll(func() { + + devFw, err = framework.NewFrameworkWithTimeout( + devWorkspace, + time.Minute*60, + stageOptions, + ) + Expect(err).NotTo(HaveOccurred()) + + managedFw, err = framework.NewFrameworkWithTimeout( + managedWorkspace, + time.Minute*60, + stageOptions, + ) + Expect(err).NotTo(HaveOccurred()) + managedNamespace = managedFw.UserNamespace + + // Linking the build secret to the pipeline service account in dev namespace. + err = devFw.AsKubeAdmin.CommonController.LinkSecretToServiceAccount(devNamespace, releasecommon.HacbsReleaseTestsTokenSecret, constants.DefaultPipelineServiceAccount, true) + Expect(err).ToNot(HaveOccurred()) + + gitToken := utils.GetEnv("GITHUB_TOKEN", "") + Expect(gitToken).ToNot(BeEmpty()) + + githubSecret, err = managedFw.AsKubeAdmin.CommonController.GetSecret(managedNamespace, releasecommon.RedhatAppstudioUserSecret) + if errors.IsNotFound(err) { + githubSecret = &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: releasecommon.RedhatAppstudioUserSecret, + Namespace: managedNamespace, + }, + Type: corev1.SecretTypeOpaque, + Data: map[string][]byte{ + "token": []byte(gitToken), + }, + } + + _, err = managedFw.AsKubeAdmin.CommonController.CreateSecret(managedNamespace, githubSecret) + Expect(err).ToNot(HaveOccurred()) + } + Expect(err).ToNot(HaveOccurred()) + + err = managedFw.AsKubeAdmin.CommonController.LinkSecretToServiceAccount(managedNamespace, releasecommon.RedhatAppstudioUserSecret, constants.DefaultPipelineServiceAccount, true) + Expect(err).ToNot(HaveOccurred()) + + _, err = devFw.AsKubeDeveloper.HasController.CreateApplication(rhcsApplicationName, devNamespace) + Expect(err).NotTo(HaveOccurred()) + + _, err = devFw.AsKubeDeveloper.ReleaseController.CreateReleasePlan(rhcsReleasePlanName, devNamespace, rhcsApplicationName, managedNamespace, "true") + Expect(err).NotTo(HaveOccurred()) + + createRHCSReleasePlanAdmission(rhcsReleasePlanAdmissionName, *managedFw, devNamespace, managedNamespace, rhcsApplicationName, rhcsEnterpriseContractPolicyName, rhcsCatalogPathInRepo, "false", "", "", "", "") + component = releasecommon.CreateComponentByCDQ(*devFw, devNamespace, managedNamespace, rhcsApplicationName, rhcsComponentName, rhcsSourceGitURL) + createRHCSEnterpriseContractPolicy(rhcsEnterpriseContractPolicyName, *managedFw, devNamespace, managedNamespace) + + }) + + AfterAll(func() { + Expect(devFw.AsKubeDeveloper.HasController.DeleteApplication(rhcsApplicationName, devNamespace, false)).NotTo(HaveOccurred()) + Expect(managedFw.AsKubeDeveloper.TektonController.DeleteEnterpriseContractPolicy(rhcsEnterpriseContractPolicyName, managedNamespace, false)).NotTo(HaveOccurred()) + Expect(managedFw.AsKubeDeveloper.ReleaseController.DeleteReleasePlanAdmission(rhcsReleasePlanAdmissionName, managedNamespace, false)).NotTo(HaveOccurred()) + }) + + var _ = Describe("Post-release verification", func() { + It("verifies that a build PipelineRun is created in dev namespace and succeeds", func() { + assertRhcsBuildPipelineRunCreated(*devFw, devNamespace, managedNamespace, rhcsApplicationName, component) + }) + + It("verifies the rhcs release pipelinerun is running and succeeds", func() { + assertRhcsReleasePipelineRunSucceeded(*devFw, *managedFw, devNamespace, managedNamespace, rhcsApplicationName, component) + }) + + It("verifies release CR completed and set succeeded.", func() { + assertRhcsReleaseCRSucceeded(*devFw, devNamespace, managedNamespace, rhcsApplicationName, component) + }) + }) + }) +}) + +func assertRhcsBuildPipelineRunCreated(devFw framework.Framework, devNamespace, managedNamespace, rhcsAppName string, component *appservice.Component) { + Expect(devFw.AsKubeDeveloper.HasController.WaitForComponentPipelineToBeFinished(component, "", devFw.AsKubeDeveloper.TektonController, &has.RetryOptions{Retries: 3, Always: true})).To(Succeed()) + _, err := devFw.AsKubeDeveloper.HasController.GetComponentPipelineRun(component.Name, rhcsAppName, devNamespace, "") + Expect(err).ShouldNot(HaveOccurred()) +} + +func assertRhcsReleasePipelineRunSucceeded(devFw, managedFw framework.Framework, devNamespace, managedNamespace, rhcsAppName string, component *appservice.Component) { + buildPr, err := devFw.AsKubeDeveloper.HasController.GetComponentPipelineRun(component.Name, rhcsAppName, devNamespace, "") + Expect(err).ShouldNot(HaveOccurred()) + Eventually(func() error { + snapshot, err := devFw.AsKubeDeveloper.IntegrationController.GetSnapshot("", buildPr.Name, "", devNamespace) + if err != nil { + return err + } + releaseCR, err := devFw.AsKubeDeveloper.ReleaseController.GetRelease("", snapshot.Name, devNamespace) + if err != nil { + return err + } + Expect(err).ShouldNot(HaveOccurred()) + + releasePr, err := managedFw.AsKubeAdmin.ReleaseController.GetPipelineRunInNamespace(managedFw.UserNamespace, releaseCR.GetName(), releaseCR.GetNamespace()) + if err != nil { + return err + } + Expect(err).ShouldNot(HaveOccurred()) + + if !releasePr.IsDone() { + return fmt.Errorf("release pipelinerun %s in namespace %s did not finish yet", releasePr.Name, releasePr.Namespace) + } + GinkgoWriter.Println("Release PR: ", releasePr.Name) + Expect(tekton.HasPipelineRunSucceeded(releasePr)).To(BeTrue(), fmt.Sprintf("release pipelinerun %s/%s did not succeed", releasePr.GetNamespace(), releasePr.GetName())) + return nil + }, releasecommon.ReleasePipelineRunCompletionTimeout, releasecommon.DefaultInterval).Should(Succeed(), "timed out when waiting for release pipelinerun to succeed") +} + +func assertRhcsReleaseCRSucceeded(devFw framework.Framework, devNamespace, managedNamespace, rhcsAppName string, component *appservice.Component) { + Eventually(func() error { + buildPr, err := devFw.AsKubeDeveloper.HasController.GetComponentPipelineRun(component.Name, rhcsAppName, devNamespace, "") + if err != nil { + return err + } + snapshot, err := devFw.AsKubeDeveloper.IntegrationController.GetSnapshot("", buildPr.Name, "", devNamespace) + if err != nil { + return err + } + releaseCR, err := devFw.AsKubeDeveloper.ReleaseController.GetRelease("", snapshot.Name, devNamespace) + if err != nil { + return err + } + GinkgoWriter.Println("Release CR: ", releaseCR.Name) + if !releaseCR.IsReleased() { + return fmt.Errorf("release %s/%s is not marked as finished yet", releaseCR.GetNamespace(), releaseCR.GetName()) + } + return nil + }, releasecommon.ReleaseCreationTimeout, releasecommon.DefaultInterval).Should(Succeed()) +} + +func createRHCSEnterpriseContractPolicy(rhcsECPName string, managedFw framework.Framework, devNamespace, managedNamespace string) { + defaultEcPolicySpec := ecp.EnterpriseContractPolicySpec{ + Description: "Red Hat's enterprise requirements", + PublicKey: "k8s://openshift-pipelines/public-key", + Sources: []ecp.Source{{ + Name: "Default", + Policy: []string{releasecommon.EcPolicyLibPath, releasecommon.EcPolicyReleasePath}, + Data: []string{releasecommon.EcPolicyDataBundle, releasecommon.EcPolicyDataPath}, + }}, + Configuration: &ecp.EnterpriseContractPolicyConfiguration{ + Exclude: []string{"cve", "step_image_registries", "tasks.required_tasks_found:prefetch-dependencies"}, + Include: []string{"minimal"}, + }, + } + + _, err := managedFw.AsKubeDeveloper.TektonController.CreateEnterpriseContractPolicy(rhcsECPName, managedNamespace, defaultEcPolicySpec) + Expect(err).NotTo(HaveOccurred()) + +} + +func createRHCSReleasePlanAdmission(rhcsRPAName string, managedFw framework.Framework, devNamespace, managedNamespace, rhcsAppName, rhcsECPName, pathInRepoValue, hotfix, issueId, preGA, productName, productVersion string) { + var err error + + + data, err := json.Marshal(map[string]interface{}{ + "github": map[string]interface{}{ + "githubSecret": githubSecret, + }, + "sign": map[string]interface{}{ + "configMapName": "hacbs-signing-pipeline-config-redhatbeta2", + }, + }) + Expect(err).NotTo(HaveOccurred()) + + _, err = managedFw.AsKubeAdmin.ReleaseController.CreateReleasePlanAdmission(rhcsRPAName, managedNamespace, "", devNamespace, rhcsECPName, rhcsServiceAccountName, []string{rhcsAppName}, true, &tektonutils.PipelineRef{ + Resolver: "git", + Params: []tektonutils.Param{ + {Name: "url", Value: releasecommon.RelSvcCatalogURL}, + {Name: "revision", Value: releasecommon.RelSvcCatalogRevision}, + {Name: "pathInRepo", Value: pathInRepoValue}, + }, + }, &runtime.RawExtension{ + Raw: data, + }) + Expect(err).NotTo(HaveOccurred()) +}