diff --git a/helm-toolkit/templates/scripts/_rally_test.sh.tpl b/helm-toolkit/templates/scripts/_rally_test.sh.tpl new file mode 100644 index 0000000000..4c8cf6ab57 --- /dev/null +++ b/helm-toolkit/templates/scripts/_rally_test.sh.tpl @@ -0,0 +1,28 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- define "helm-toolkit.scripts.rally_test" }} +#!/bin/bash +set -ex + +: ${RALLY_ENV_NAME:="openstack-helm"} +rally-manage db create +rally deployment create --fromenv --name ${RALLY_ENV_NAME} +rally deployment use ${RALLY_ENV_NAME} +rally deployment check +rally task validate /etc/rally/rally_tests.yaml +rally task start /etc/rally/rally_tests.yaml +rally deployment destroy --deployment ${RALLY_ENV_NAME} +rally task sla-check +{{- end }} diff --git a/keystone/templates/configmap-bin.yaml b/keystone/templates/configmap-bin.yaml index e773dea900..ccbd9c003b 100644 --- a/keystone/templates/configmap-bin.yaml +++ b/keystone/templates/configmap-bin.yaml @@ -17,6 +17,8 @@ kind: ConfigMap metadata: name: keystone-bin data: + rally-test.sh: | +{{- include "helm-toolkit.scripts.rally_test" . | indent 4 }} db-init.py: | {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | diff --git a/keystone/templates/configmap-etc.yaml b/keystone/templates/configmap-etc.yaml index c51751074f..ddf987c56e 100644 --- a/keystone/templates/configmap-etc.yaml +++ b/keystone/templates/configmap-etc.yaml @@ -31,6 +31,18 @@ kind: ConfigMap metadata: name: keystone-etc data: + rally_tests.yaml: |+ +{{ if .Values.conf.rally_tests.override -}} +{{ .Values.conf.rally_tests.override | indent 4 }} +{{- else -}} +{{- if .Values.conf.rally_tests.prefix -}} +{{ .Values.conf.rally_tests.prefix | indent 4 }} +{{- end }} +{{ tuple "etc/_rally_tests.yaml.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- end }} +{{- if .Values.conf.rally_tests.append -}} +{{ .Values.conf.rally_tests.append | indent 4 }} +{{- end }} keystone.conf: |+ {{ if .Values.conf.keystone.override -}} {{ .Values.conf.keystone.override | indent 4 }} diff --git a/keystone/templates/etc/_rally_tests.yaml.tpl b/keystone/templates/etc/_rally_tests.yaml.tpl new file mode 100644 index 0000000000..26b515c95b --- /dev/null +++ b/keystone/templates/etc/_rally_tests.yaml.tpl @@ -0,0 +1,201 @@ +--- +KeystoneBasic.add_and_remove_user_role: +- context: + users: + tenants: 1 + users_per_tenant: 1 + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.authenticate_user_and_validate_token: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_add_and_list_user_roles: +- context: + users: + tenants: 1 + users_per_tenant: 1 + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_delete_ec2credential: +- context: + users: + tenants: 1 + users_per_tenant: 1 + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_delete_role: +- runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_delete_service: +- args: + description: test_description + service_type: Rally_test_type + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_get_role: +- args: {} + context: + users: + tenants: 1 + users_per_tenant: 1 + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_list_ec2credentials: +- context: + users: + tenants: 1 + users_per_tenant: 1 + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_list_services: +- args: + description: test_description + service_type: Rally_test_type + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_list_tenants: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_and_list_users: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_delete_user: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_tenant: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_tenant_with_users: +- args: + users_per_tenant: 1 + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_update_and_delete_tenant: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_user: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_user_set_enabled_and_delete: +- args: + enabled: true + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +- args: + enabled: false + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.create_user_update_password: +- args: {} + runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 +KeystoneBasic.get_entities: +- runner: + concurrency: 1 + times: 1 + type: constant + sla: + failure_rate: + max: 0 diff --git a/keystone/templates/pod-rally-test.yaml b/keystone/templates/pod-rally-test.yaml new file mode 100644 index 0000000000..01777eb862 --- /dev/null +++ b/keystone/templates/pod-rally-test.yaml @@ -0,0 +1,75 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- $envAll := . }} +{{- $ksAdminSecret := .Values.keystone.admin_secret | default "keystone-env-keystone-admin" }} +{{- $dependencies := .Values.dependencies.tests }} +{{- $mounts_keystone_tests := .Values.mounts.keystone_tests.keystone_tests }} +{{- $mounts_keystone_tests_init := .Values.mounts.keystone_tests.init_container }} + +apiVersion: v1 +kind: Pod +metadata: + name: "{{.Release.Name}}-rally-test" + annotations: + "helm.sh/hook": test-success + pod.beta.kubernetes.io/init-containers: '[ +{{ tuple $envAll $dependencies $mounts_keystone_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 10 }} + ]' +spec: + restartPolicy: Never + containers: + - name: {{.Release.Name}}-token-issue-test + image: {{ .Values.images.test }} + imagePullPolicy: {{ .Values.images.pull_policy }} + {{- if .Values.resources.enabled }} + resources: + limits: + cpu: {{ .Values.resources.tests.limits.cpu | quote }} + memory: {{ .Values.resources.tests.limits.memory | quote }} + requests: + cpu: {{ .Values.resources.tests.requests.cpu | quote }} + memory: {{ .Values.resources.tests.requests.memory | quote }} + {{- end }} + env: +{{- with $env := dict "ksUserSecret" $ksAdminSecret }} +{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }} +{{- end }} + - name: RALLY_ENV_NAME + value: {{.Release.Name}} + command: + - bash + - /tmp/rally-test.sh + volumeMounts: + - name: keystone-etc + mountPath: /etc/rally/rally_tests.yaml + subPath: rally_tests.yaml + readOnly: true + - name: keystone-bin + mountPath: /tmp/rally-test.sh + subPath: rally-test.sh + readOnly: true + - name: rally-db + mountPath: /var/lib/rally +{{ if $mounts_keystone_tests.volumeMounts }}{{ toYaml $mounts_keystone_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: keystone-etc + configMap: + name: keystone-etc + - name: keystone-bin + configMap: + name: keystone-bin + - name: rally-db + emptyDir: {} +{{ if $mounts_keystone_tests.volumes }}{{ toYaml $mounts_keystone_tests.volumes | indent 4 }}{{ end }} diff --git a/keystone/templates/secret-keystone-admin.env.yaml b/keystone/templates/secret-keystone-admin.env.yaml new file mode 100644 index 0000000000..3652bb7a13 --- /dev/null +++ b/keystone/templates/secret-keystone-admin.env.yaml @@ -0,0 +1,34 @@ +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: keystone-env-keystone-admin +type: Opaque +data: + OS_AUTH_URL: | +{{ tuple "identity" "admin" "admin" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | b64enc | indent 4 }} + OS_REGION_NAME: | +{{ .Values.keystone.admin_region_name | b64enc | indent 4 }} + OS_PROJECT_DOMAIN_NAME: | +{{ .Values.keystone.admin_project_domain | b64enc | indent 4 }} + OS_PROJECT_NAME: | +{{ .Values.keystone.admin_project_name | b64enc | indent 4 }} + OS_USER_DOMAIN_NAME: | +{{ .Values.keystone.admin_user_domain | b64enc | indent 4 }} + OS_USERNAME: | +{{ .Values.keystone.admin_user | b64enc | indent 4 }} + OS_PASSWORD: | +{{ .Values.keystone.admin_password | b64enc | indent 4 }} diff --git a/keystone/values.yaml b/keystone/values.yaml index 011260b172..78c196fffb 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -24,6 +24,7 @@ labels: node_selector_value: enabled images: + test: docker.io/kolla/ubuntu-binary-rally:4.0.0 db_init: docker.io/kolla/ubuntu-source-keystone:3.0.3 db_sync: docker.io/kolla/ubuntu-source-keystone:3.0.3 api: docker.io/kolla/ubuntu-source-keystone:3.0.3 @@ -52,6 +53,8 @@ keystone: admin_user: admin admin_password: password admin_project_name: admin + admin_user_domain: default + admin_project_domain: default network: api: @@ -81,6 +84,9 @@ dependencies: init: service: - mariadb + tests: + service: + - keystone-api resources: enabled: false @@ -106,6 +112,13 @@ resources: requests: memory: "128Mi" cpu: "500m" + tests: + limits: + memory: "128Mi" + cpu: "500m" + requests: + memory: "128Mi" + cpu: "500m" mounts: keystone_db_init: @@ -117,8 +130,14 @@ mounts: keystone_api: init_container: null keystone_api: + keystone_tests: + init_container: null + keystone_tests: conf: + rally_tests: + override: + append: paste: override: append: diff --git a/tools/gate/basic_launch.sh b/tools/gate/basic_launch.sh index 40188a59cc..f1eb9e09ea 100755 --- a/tools/gate/basic_launch.sh +++ b/tools/gate/basic_launch.sh @@ -28,6 +28,7 @@ kube_wait_for_pods openstack 600 helm install local/keystone --name=keystone --namespace=openstack kube_wait_for_pods openstack 240 +helm_test_deployment keystone # NOTE(portdirect): Temp workaround until module loading is supported by # OpenStack-Helm in Fedora diff --git a/tools/gate/funcs/helm.sh b/tools/gate/funcs/helm.sh index d672210a18..0aa308af11 100755 --- a/tools/gate/funcs/helm.sh +++ b/tools/gate/funcs/helm.sh @@ -73,3 +73,11 @@ function helm_lint { function helm_build { make TASK=build -C ${WORK_DIR} } + +function helm_test_deployment { + DEPLOYMENT=$1 + helm test ${DEPLOYMENT} + mkdir -p ${LOGS_DIR}/rally + kubectl logs -n openstack ${DEPLOYMENT}-rally-test > ${LOGS_DIR}/rally/${DEPLOYMENT} + kubectl delete -n openstack pod ${DEPLOYMENT}-rally-test +}