From 756b81cc1a77a6a2a414bf11b10a774b499b1d2a Mon Sep 17 00:00:00 2001 From: diwakar thyagaraj Date: Thu, 27 Feb 2020 04:12:16 +0000 Subject: [PATCH] Fix helm Installation Script in Apparmor Scripts Added helm dependecy update instead of directory logging and using MAKE functionality. This way script supports local deployments. Change-Id: I40b916f21a11945f4e065983e863922c3f537bbf Signed-off-by: diwakar thyagaraj --- .../apparmor/005-calicoctl-utility.sh | 14 ++----- tools/deployment/apparmor/010-ceph-utility.sh | 19 +++------ .../apparmor/020-compute-utility.sh | 13 ++---- .../apparmor/030-etcdctl-utility.sh | 10 +---- .../apparmor/040-mysqlclient-utility.sh | 14 ++----- .../apparmor/050-openstack-utility.sh | 13 +----- .../apparmor/060-postgresql-utility.sh | 11 ++--- .../utilities/005-calicoctl-utility.sh | 3 +- .../deployment/utilities/010-ceph-utility.sh | 4 +- .../utilities/020-compute-utility.sh | 7 ++-- .../utilities/030-etcdctl-utility.sh | 6 +-- .../utilities/040-mysqlclient-utility.sh | 7 +--- .../utilities/050-openstack-utility.sh | 8 +--- .../utilities/060-postgresql-utility.sh | 6 +-- zuul.d/base.yaml | 40 ++++++++++--------- 15 files changed, 60 insertions(+), 115 deletions(-) diff --git a/tools/deployment/apparmor/005-calicoctl-utility.sh b/tools/deployment/apparmor/005-calicoctl-utility.sh index 764851df..2919afc1 100755 --- a/tools/deployment/apparmor/005-calicoctl-utility.sh +++ b/tools/deployment/apparmor/005-calicoctl-utility.sh @@ -15,19 +15,13 @@ # under the License. set -xe -namespace="utility" -CURRENT_DIR="$(pwd)" -: ${OSH_INFRA_PATH:="../openstack-helm-infra"} - -mkdir charts/calicoctl-utility/charts -cp -r ${OSH_INFRA_PATH}/helm-toolkit-0.1.0.tgz ${CURRENT_DIR}/charts/calicoctl-utility/charts -cd "${CURRENT_DIR}"/charts -sleep 120 - +namespace=utility kubectl label nodes --all openstack-helm-node-class=enabled --overwrite +helm dependency update charts/calicoctl-utility +cd charts + helm upgrade --install calicoctl-utility ./calicoctl-utility --namespace=$namespace sleep 180 -kubectl get pods --namespace=$namespace cal_pod=$(kubectl get pods --namespace=$namespace -o wide | grep calico | awk '{print $1}') expected_profile="docker-default (enforce)" diff --git a/tools/deployment/apparmor/010-ceph-utility.sh b/tools/deployment/apparmor/010-ceph-utility.sh index 202eabb9..286c77d1 100755 --- a/tools/deployment/apparmor/010-ceph-utility.sh +++ b/tools/deployment/apparmor/010-ceph-utility.sh @@ -1,9 +1,6 @@ #!/bin/bash set -xe namespace="utility" -CURRENT_DIR="$(pwd)" -kubectl get pods --all-namespaces - : ${OSH_INFRA_PATH:="../../openstack-helm-infra"} cd ${OSH_INFRA_PATH} @@ -210,7 +207,6 @@ done --no-headers | awk '{ print $1; exit }') kubectl exec -n ceph ${MON_POD} -- ceph -s -#make -C ${OSH_INFRA_PATH} ceph-provisioners #NOTE: Deploy command : ${OSH_EXTRA_HELM_ARGS:=""} @@ -246,16 +242,11 @@ helm upgrade --install ceph-utility-config ${OSH_INFRA_PATH}/ceph-provisioners \ ${OSH_EXTRA_HELM_ARGS} \ ${OSH_EXTRA_HELM_ARGS_CEPH_NS_ACTIVATE} -cd ${CURRENT_DIR} - -mkdir charts/ceph-utility/charts -cp -r ${OSH_INFRA_PATH}/helm-toolkit-0.1.0.tgz ${CURRENT_DIR}/charts/ceph-utility/charts -cd "${CURRENT_DIR}"/charts -sleep 120 - -kubectl get pods --all-namespaces - kubectl label nodes --all openstack-helm-node-class=primary --overwrite +pwd +cd ../porthole +helm dependency update charts/ceph-utility +cd charts helm upgrade --install ceph-utility ./ceph-utility --namespace=$namespace @@ -275,4 +266,4 @@ echo "Profile running: $profile" echo "$profile is the WRONG PROFILE!!" return 1 fi - fi + fi \ No newline at end of file diff --git a/tools/deployment/apparmor/020-compute-utility.sh b/tools/deployment/apparmor/020-compute-utility.sh index 3c19d2b2..ed9c1195 100755 --- a/tools/deployment/apparmor/020-compute-utility.sh +++ b/tools/deployment/apparmor/020-compute-utility.sh @@ -16,17 +16,12 @@ set -xe namespace="utility" -CURRENT_DIR="$(pwd)" -: ${OSH_INFRA_PATH:="../openstack-helm-infra"} - -mkdir charts/compute-utility/charts -cp -r ${OSH_INFRA_PATH}/helm-toolkit-0.1.0.tgz ${CURRENT_DIR}/charts/compute-utility/charts -cd "${CURRENT_DIR}"/charts -sleep 120 - kubectl label nodes --all openstack-helm-node-class=enabled --overwrite +helm dependency update charts/compute-utility +cd charts helm upgrade --install compute-utility ./compute-utility --namespace=$namespace sleep 180 + kubectl get pods --namespace=$namespace com_pod=$(kubectl get pods --namespace=$namespace -o wide | grep compute | awk '{print $1}') @@ -42,4 +37,4 @@ echo "Profile running: $profile" echo "$profile is the WRONG PROFILE!!" return 1 fi - fi + fi \ No newline at end of file diff --git a/tools/deployment/apparmor/030-etcdctl-utility.sh b/tools/deployment/apparmor/030-etcdctl-utility.sh index 6c0b0027..bcf18e4a 100755 --- a/tools/deployment/apparmor/030-etcdctl-utility.sh +++ b/tools/deployment/apparmor/030-etcdctl-utility.sh @@ -16,15 +16,9 @@ set -xe namespace="utility" -CURRENT_DIR="$(pwd)" -: ${OSH_INFRA_PATH:="../openstack-helm-infra"} - -mkdir charts/etcdctl-utility/charts -cp -r ${OSH_INFRA_PATH}/helm-toolkit-0.1.0.tgz ${CURRENT_DIR}/charts/etcdctl-utility/charts -cd "${CURRENT_DIR}"/charts -sleep 60 - kubectl label nodes --all openstack-helm-node-class=primary --overwrite +helm dependency update charts/etcdctl-utility +cd charts helm upgrade --install etcdctl-utility ./etcdctl-utility --namespace=$namespace sleep 180 kubectl get pods --namespace=$namespace diff --git a/tools/deployment/apparmor/040-mysqlclient-utility.sh b/tools/deployment/apparmor/040-mysqlclient-utility.sh index 75d72181..44ad7467 100755 --- a/tools/deployment/apparmor/040-mysqlclient-utility.sh +++ b/tools/deployment/apparmor/040-mysqlclient-utility.sh @@ -16,22 +16,16 @@ set -xe namespace="utility" -CURRENT_DIR="$(pwd)" -: ${OSH_INFRA_PATH:="../openstack-helm-infra"} - -mkdir charts/mysqlclient-utility/charts -cp -r ${OSH_INFRA_PATH}/helm-toolkit-0.1.0.tgz ${CURRENT_DIR}/charts/mysqlclient-utility/charts -cd "${CURRENT_DIR}"/charts -sleep 120 - kubectl label nodes --all openstack-helm-node-class=primary --overwrite +helm dependency update charts/mysqlclient-utility +cd charts helm upgrade --install mysqlclient-utility ./mysqlclient-utility --namespace=$namespace sleep 180 kubectl get pods --namespace=$namespace -com_pod=$(kubectl get pods --namespace=$namespace -o wide | grep mysqlclient | awk '{print $1}') +mysql_pod=$(kubectl get pods --namespace=$namespace -o wide | grep mysqlclient | awk '{print $1}') expected_profile="docker-default (enforce)" -profile=`kubectl -n $namespace exec $com_pod -- cat /proc/1/attr/current` +profile=`kubectl -n $namespace exec $mysql_pod -- cat /proc/1/attr/current` echo "Profile running: $profile" if test "$profile" != "$expected_profile" then diff --git a/tools/deployment/apparmor/050-openstack-utility.sh b/tools/deployment/apparmor/050-openstack-utility.sh index 6ee61e3b..eb0e5794 100755 --- a/tools/deployment/apparmor/050-openstack-utility.sh +++ b/tools/deployment/apparmor/050-openstack-utility.sh @@ -18,17 +18,8 @@ set -xe kubectl label nodes --all openstack-helm-node-class=primary --overwrite namespace="utility" -cd /tmp -git clone https://git.openstack.org/openstack/openstack-helm-infra.git || true -cd openstack-helm-infra -git reset --hard 200b5e902b3a176fbfbe669b6a10a254c9b50f5d -make helm-toolkit - -cd /home/zuul/src/opendev.org/airship/porthole/charts/openstack-utility/ -mkdir charts -cp -r /tmp/openstack-helm-infra/helm-toolkit-0.1.0.tgz /home/zuul/src/opendev.org/airship/porthole/charts/openstack-utility/charts -cd /home/zuul/src/opendev.org/airship/porthole/charts - +helm dependency update charts/openstack-utility +cd charts kubectl get pods --all-namespaces sleep 120 diff --git a/tools/deployment/apparmor/060-postgresql-utility.sh b/tools/deployment/apparmor/060-postgresql-utility.sh index f2516117..801392b6 100755 --- a/tools/deployment/apparmor/060-postgresql-utility.sh +++ b/tools/deployment/apparmor/060-postgresql-utility.sh @@ -16,15 +16,10 @@ set -xe namespace="utility" -CURRENT_DIR="$(pwd)" -: ${OSH_INFRA_PATH:="../openstack-helm-infra"} - -mkdir charts/postgresql-utility/charts -cp -r ${OSH_INFRA_PATH}/helm-toolkit-0.1.0.tgz ${CURRENT_DIR}/charts/postgresql-utility/charts -cd "${CURRENT_DIR}"/charts -sleep 60 - kubectl label nodes --all openstack-helm-node-class=primary --overwrite + +helm dependency update charts/postgresql-utility +cd charts helm upgrade --install postgresql-utility ./postgresql-utility --namespace=$namespace sleep 180 kubectl get pods --namespace=$namespace diff --git a/tools/deployment/utilities/005-calicoctl-utility.sh b/tools/deployment/utilities/005-calicoctl-utility.sh index e3de9f0b..cb5b7993 100755 --- a/tools/deployment/utilities/005-calicoctl-utility.sh +++ b/tools/deployment/utilities/005-calicoctl-utility.sh @@ -1,7 +1,8 @@ #!/bin/bash set -xe - kubectl label nodes --all openstack-helm-node-class=enabled --overwrite + +helm dependency update charts/calicoctl-utility cd charts helm upgrade --install calicoctl-utility ./calicoctl-utility --namespace=utility diff --git a/tools/deployment/utilities/010-ceph-utility.sh b/tools/deployment/utilities/010-ceph-utility.sh index 3f3f6c1f..83938b3c 100755 --- a/tools/deployment/utilities/010-ceph-utility.sh +++ b/tools/deployment/utilities/010-ceph-utility.sh @@ -3,7 +3,6 @@ set -xe #NOTE: Lint and package chart : ${OSH_INFRA_PATH:="../../openstack-helm-infra"} -#: ${PORTHOLE_PATH}:="" make -C ${OSH_INFRA_PATH} ceph-provisioners #NOTE: Deploy command @@ -40,9 +39,8 @@ helm upgrade --install ceph-utility-config ${OSH_INFRA_PATH}/ceph-provisioners \ #NOTE: Wait for deploy ./${OSH_INFRA_PATH}/tools/deployment/common/wait-for-pods.sh utility - +helm dependency update charts/ceph-utility cd charts -make ceph-utility helm upgrade --install ceph-utility ./ceph-utility \ --namespace=utility diff --git a/tools/deployment/utilities/020-compute-utility.sh b/tools/deployment/utilities/020-compute-utility.sh index 971be17a..e4c8c666 100755 --- a/tools/deployment/utilities/020-compute-utility.sh +++ b/tools/deployment/utilities/020-compute-utility.sh @@ -1,9 +1,10 @@ #!/bin/bash set -xe -CURRENT_DIR="$(pwd)" -cd "${CURRENT_DIR}"/charts -make compute-utility +kubectl label nodes --all openstack-helm-node-class=primary --overwrite + +helm dependency update charts/compute-utility +cd charts kubectl label nodes --all openstack-helm-node-class=primary --overwrite helm upgrade --install compute-utility ./compute-utility --namespace=utility diff --git a/tools/deployment/utilities/030-etcdctl-utility.sh b/tools/deployment/utilities/030-etcdctl-utility.sh index bd71a80f..0d8478e8 100755 --- a/tools/deployment/utilities/030-etcdctl-utility.sh +++ b/tools/deployment/utilities/030-etcdctl-utility.sh @@ -1,11 +1,9 @@ #!/bin/bash set -xe -CURRENT_DIR="$(pwd)" -cd "${CURRENT_DIR}"/charts - -make etcdctl-utility kubectl label nodes --all openstack-helm-node-class=primary --overwrite +helm dependency update charts/calicoctl-utility +cd charts helm upgrade --install etcdctl-utility ./etcdctl-utility --namespace=utility #NOTE: Validate Deployment info diff --git a/tools/deployment/utilities/040-mysqlclient-utility.sh b/tools/deployment/utilities/040-mysqlclient-utility.sh index 08c86f9f..09aa1957 100755 --- a/tools/deployment/utilities/040-mysqlclient-utility.sh +++ b/tools/deployment/utilities/040-mysqlclient-utility.sh @@ -1,11 +1,8 @@ #!/bin/bash set -xe -CURRENT_DIR="$(pwd)" -cd "${CURRENT_DIR}"/charts - -make mysqlclient-utility kubectl label nodes --all openstack-helm-node-class=primary --overwrite - +helm dependency update charts/mysqlclient-utility +cd charts helm upgrade --install mysqlclient-utility ./mysqlclient-utility --namespace=utility #NOTE: Validate Deployment info diff --git a/tools/deployment/utilities/050-openstack-utility.sh b/tools/deployment/utilities/050-openstack-utility.sh index bb2dbf01..f4449bf1 100755 --- a/tools/deployment/utilities/050-openstack-utility.sh +++ b/tools/deployment/utilities/050-openstack-utility.sh @@ -1,13 +1,9 @@ #!/bin/bash set -xe -#NOTE: Lint and package chart -: ${OSH_INFRA_PATH:="../openstack-helm-infra"} - -cd charts - -make openstack-utility kubectl label nodes --all openstack-helm-node-class=primary --overwrite +helm dependency update charts/calicoctl-utility +cd charts helm upgrade --install openstack-utility ./openstack-utility --namespace=utility #NOTE: Validate Deployment info diff --git a/tools/deployment/utilities/060-postgresql-utility.sh b/tools/deployment/utilities/060-postgresql-utility.sh index 49798c42..dcc115ff 100755 --- a/tools/deployment/utilities/060-postgresql-utility.sh +++ b/tools/deployment/utilities/060-postgresql-utility.sh @@ -1,11 +1,9 @@ #!/bin/bash set -xe -CURRENT_DIR="$(pwd)" -cd "${CURRENT_DIR}"/charts - kubectl label nodes --all openstack-helm-node-class=primary --overwrite - +helm dependency update charts/postgresql-utility +cd charts helm upgrade --install postgresql-utility ./postgresql-utility --namespace=utility sleep 60 diff --git a/zuul.d/base.yaml b/zuul.d/base.yaml index fd1c2761..34189634 100644 --- a/zuul.d/base.yaml +++ b/zuul.d/base.yaml @@ -81,6 +81,26 @@ timeout: 300 nodeset: airship-porthole-single-node +- job: + name: airship-porthole-apparmor + description: Checks Pods for Apparmor profile + timeout: 7200 + run: tools/gate/playbooks/airship-porthole-gate-runner.yaml + nodeset: airship-porthole-single-node + vars: + gate_scripts: + - ./tools/deployment/apparmor/000-install-packages.sh + - ./tools/deployment/apparmor/001-setup-apparmor-profiles.sh + - ./tools/deployment/apparmor/002-deploy-k8s.sh + - ./tools/deployment/apparmor/005-calicoctl-utility.sh + - ./tools/deployment/apparmor/010-ceph-utility.sh + - ./tools/deployment/apparmor/030-etcdctl-utility.sh + - ./tools/deployment/apparmor/040-mysqlclient-utility.sh + - ./tools/deployment/apparmor/050-openstack-utility.sh + - ./tools/deployment/apparmor/060-postgresql-utility.sh + args: + chdir: "{{ zuul.project.src_dir }}" + - secret: name: quay_credentials data: @@ -105,22 +125,4 @@ Vlpomy02Nj4PkZZDKY7Eo3uf/+3aa8/hhvJursqv6VvqwYl75euT8Immo1EUw/Hw4PBpJ JXcwlGoK6kvXmYaG2c7yEiH2xNtTzVTai10fsalubQWR4FTmJA5LU9+HatHBa46XLy4gS vMHs2uJudmxhqLIhs5Er248FVjfxw7le5dPun3ir4J7Mjgypu5y8eLCMZAFIwpeqlJrVU - uih8ByaTlSEh6FBzle7Hb330RjSztC4pX6xiNAmtkpxhF2rEEFS66B/ixwCphQ= - -- job: - name: airship-porthole-apparmor - description: Checks Pods for Apparmor profile - timeout: 7200 - run: tools/gate/playbooks/airship-porthole-gate-runner.yaml - nodeset: airship-porthole-single-node - vars: - gate_scripts: - - ./tools/deployment/apparmor/000-install-packages.sh - - ./tools/deployment/apparmor/001-setup-apparmor-profiles.sh - - ./tools/deployment/apparmor/002-deploy-k8s.sh - - ./tools/deployment/apparmor/005-calicoctl-utility.sh - - ./tools/deployment/apparmor/010-ceph-utility.sh - - ./tools/deployment/apparmor/030-etcdctl-utility.sh - - ./tools/deployment/apparmor/040-mysqlclient-utility.sh - - ./tools/deployment/apparmor/050-openstack-utility.sh - - ./tools/deployment/apparmor/060-postgresql-utility.sh + uih8ByaTlSEh6FBzle7Hb330RjSztC4pX6xiNAmtkpxhF2rEEFS66B/ixwCphQ= \ No newline at end of file