From 4f3b214ef5631d0102d88b89ef8648ac0c5b3317 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Fri, 14 Mar 2025 12:25:12 +0100 Subject: [PATCH 1/8] CI: streamline packet jobs definition - Take advantage of `parallel:matrix` to make the jobs definition shorter and more readable. - Remove helper scripts which are no longer needed - Remove redundant indirection in the gitlab-ci pipelines definitions (only one user) --- .gitlab-ci.yml | 12 - .gitlab-ci/packet.yml | 295 ++++++------------ .../roles/packet-ci/tasks/main.yml | 2 +- ...inux8-calico.yml => almalinux8-calico.yml} | 0 ...ebpf.yml => almalinux9-calico-ha-ebpf.yml} | 0 ...alinux9-calico-nodelocaldns-secondary.yml} | 0 tests/files/almalinux9-calico-remove-node | 2 + ....yml => almalinux9-calico-remove-node.yml} | 0 ...inux9-calico.yml => almalinux9-calico.yml} | 0 ...lmalinux9-crio.yml => almalinux9-crio.yml} | 0 ...inux9-docker.yml => almalinux9-docker.yml} | 0 ...9-kube-ovn.yml => almalinux9-kube-ovn.yml} | 0 ...-one.yml => amazon-linux-2-all-in-one.yml} | 0 ...ion.yml => debian11-calico-collection.yml} | 0 tests/files/debian11-calico-upgrade | 1 + tests/files/debian11-calico-upgrade-once | 1 + ...e.yml => debian11-calico-upgrade-once.yml} | 0 ...pgrade.yml => debian11-calico-upgrade.yml} | 0 ...custom-cni.yml => debian11-custom-cni.yml} | 0 ...ebian11-docker.yml => debian11-docker.yml} | 0 ....yml => debian11-kubelet-csr-approver.yml} | 0 ...ian11-macvlan.yml => debian11-macvlan.yml} | 0 ...ebian12-calico.yml => debian12-calico.yml} | 0 ...roxy.yml => debian12-cilium-svc-proxy.yml} | 0 ...ebian12-cilium.yml => debian12-cilium.yml} | 0 ...-helm.yml => debian12-custom-cni-helm.yml} | 0 ...ebian12-docker.yml => debian12-docker.yml} | 0 ...elinux.yml => fedora39-calico-selinux.yml} | 0 ...x.yml => fedora39-calico-swap-selinux.yml} | 0 ...et_fedora39-crio.yml => fedora39-crio.yml} | 0 ...-calico.yml => fedora40-docker-calico.yml} | 0 tests/files/fedora40-docker.calico | 1 + ...er24-calico.yml => openeuler24-calico.yml} | 0 ...5-6-calico.yml => opensuse15-6-calico.yml} | 0 ...ium.yml => opensuse15-6-docker-cilium.yml} | 0 ...nux8-calico.yml => rockylinux8-calico.yml} | 0 ...nux9-calico.yml => rockylinux9-calico.yml} | 0 tests/files/rockylinux9-cilium | 1 + ...nux9-cilium.yml => rockylinux9-cilium.yml} | 0 ...ker.yml => ubuntu20-all-in-one-docker.yml} | 0 tests/files/ubuntu20-calico-all-in-one | 1 + ... ubuntu20-calico-all-in-one-hardening.yml} | 0 ...one.yml => ubuntu20-calico-all-in-one.yml} | 0 .../ubuntu20-calico-etcd-kubeadm-upgrade-ha | 1 + ...untu20-calico-etcd-kubeadm-upgrade-ha.yml} | 0 ...m.yml => ubuntu20-calico-etcd-kubeadm.yml} | 0 tests/files/ubuntu20-calico-ha-recover | 2 + .../files/ubuntu20-calico-ha-recover-noquorum | 2 + ...> ubuntu20-calico-ha-recover-noquorum.yml} | 0 ...ver.yml => ubuntu20-calico-ha-recover.yml} | 0 ...d.yml => ubuntu20-calico-ha-wireguard.yml} | 0 ...cilium-sep.yml => ubuntu20-cilium-sep.yml} | 0 ...et_ubuntu20-crio.yml => ubuntu20-crio.yml} | 0 ...-once.yml => ubuntu20-flannel-ha-once.yml} | 0 ...flannel-ha.yml => ubuntu20-flannel-ha.yml} | 0 ...ker.yml => ubuntu22-all-in-one-docker.yml} | 0 .../files/ubuntu22-calico-all-in-one-upgrade | 1 + ...=> ubuntu22-calico-all-in-one-upgrade.yml} | 0 ...one.yml => ubuntu22-calico-all-in-one.yml} | 0 ...ker.yml => ubuntu24-all-in-one-docker.yml} | 0 ...one.yml => ubuntu24-calico-all-in-one.yml} | 0 ...yml => ubuntu24-calico-etcd-datastore.yml} | 0 tests/scripts/md-table/main.py | 4 +- tests/scripts/testcases_cleanup.sh | 4 - tests/scripts/testcases_prepare.sh | 7 - tests/scripts/testcases_run.sh | 22 +- 66 files changed, 113 insertions(+), 246 deletions(-) rename tests/files/{packet_almalinux8-calico.yml => almalinux8-calico.yml} (100%) rename tests/files/{packet_almalinux9-calico-ha-ebpf.yml => almalinux9-calico-ha-ebpf.yml} (100%) rename tests/files/{packet_almalinux9-calico-nodelocaldns-secondary.yml => almalinux9-calico-nodelocaldns-secondary.yml} (100%) create mode 100644 tests/files/almalinux9-calico-remove-node rename tests/files/{packet_almalinux9-calico-remove-node.yml => almalinux9-calico-remove-node.yml} (100%) rename tests/files/{packet_almalinux9-calico.yml => almalinux9-calico.yml} (100%) rename tests/files/{packet_almalinux9-crio.yml => almalinux9-crio.yml} (100%) rename tests/files/{packet_almalinux9-docker.yml => almalinux9-docker.yml} (100%) rename tests/files/{packet_almalinux9-kube-ovn.yml => almalinux9-kube-ovn.yml} (100%) rename tests/files/{packet_amazon-linux-2-all-in-one.yml => amazon-linux-2-all-in-one.yml} (100%) rename tests/files/{packet_debian11-calico-collection.yml => debian11-calico-collection.yml} (100%) create mode 100644 tests/files/debian11-calico-upgrade create mode 100644 tests/files/debian11-calico-upgrade-once rename tests/files/{packet_debian11-calico-upgrade-once.yml => debian11-calico-upgrade-once.yml} (100%) rename tests/files/{packet_debian11-calico-upgrade.yml => debian11-calico-upgrade.yml} (100%) rename tests/files/{packet_debian11-custom-cni.yml => debian11-custom-cni.yml} (100%) rename tests/files/{packet_debian11-docker.yml => debian11-docker.yml} (100%) rename tests/files/{packet_debian11-kubelet-csr-approver.yml => debian11-kubelet-csr-approver.yml} (100%) rename tests/files/{packet_debian11-macvlan.yml => debian11-macvlan.yml} (100%) rename tests/files/{packet_debian12-calico.yml => debian12-calico.yml} (100%) rename tests/files/{packet_debian12-cilium-svc-proxy.yml => debian12-cilium-svc-proxy.yml} (100%) rename tests/files/{packet_debian12-cilium.yml => debian12-cilium.yml} (100%) rename tests/files/{packet_debian12-custom-cni-helm.yml => debian12-custom-cni-helm.yml} (100%) rename tests/files/{packet_debian12-docker.yml => debian12-docker.yml} (100%) rename tests/files/{packet_fedora39-calico-selinux.yml => fedora39-calico-selinux.yml} (100%) rename tests/files/{packet_fedora39-calico-swap-selinux.yml => fedora39-calico-swap-selinux.yml} (100%) rename tests/files/{packet_fedora39-crio.yml => fedora39-crio.yml} (100%) rename tests/files/{packet_fedora40-docker-calico.yml => fedora40-docker-calico.yml} (100%) create mode 100644 tests/files/fedora40-docker.calico rename tests/files/{packet_openeuler24-calico.yml => openeuler24-calico.yml} (100%) rename tests/files/{packet_opensuse15-6-calico.yml => opensuse15-6-calico.yml} (100%) rename tests/files/{packet_opensuse15-6-docker-cilium.yml => opensuse15-6-docker-cilium.yml} (100%) rename tests/files/{packet_rockylinux8-calico.yml => rockylinux8-calico.yml} (100%) rename tests/files/{packet_rockylinux9-calico.yml => rockylinux9-calico.yml} (100%) create mode 100644 tests/files/rockylinux9-cilium rename tests/files/{packet_rockylinux9-cilium.yml => rockylinux9-cilium.yml} (100%) rename tests/files/{packet_ubuntu20-all-in-one-docker.yml => ubuntu20-all-in-one-docker.yml} (100%) create mode 100644 tests/files/ubuntu20-calico-all-in-one rename tests/files/{packet_ubuntu20-calico-all-in-one-hardening.yml => ubuntu20-calico-all-in-one-hardening.yml} (100%) rename tests/files/{packet_ubuntu20-calico-all-in-one.yml => ubuntu20-calico-all-in-one.yml} (100%) create mode 100644 tests/files/ubuntu20-calico-etcd-kubeadm-upgrade-ha rename tests/files/{packet_ubuntu20-calico-etcd-kubeadm-upgrade-ha.yml => ubuntu20-calico-etcd-kubeadm-upgrade-ha.yml} (100%) rename tests/files/{packet_ubuntu20-calico-etcd-kubeadm.yml => ubuntu20-calico-etcd-kubeadm.yml} (100%) create mode 100644 tests/files/ubuntu20-calico-ha-recover create mode 100644 tests/files/ubuntu20-calico-ha-recover-noquorum rename tests/files/{packet_ubuntu20-calico-ha-recover-noquorum.yml => ubuntu20-calico-ha-recover-noquorum.yml} (100%) rename tests/files/{packet_ubuntu20-calico-ha-recover.yml => ubuntu20-calico-ha-recover.yml} (100%) rename tests/files/{packet_ubuntu20-calico-ha-wireguard.yml => ubuntu20-calico-ha-wireguard.yml} (100%) rename tests/files/{packet_ubuntu20-cilium-sep.yml => ubuntu20-cilium-sep.yml} (100%) rename tests/files/{packet_ubuntu20-crio.yml => ubuntu20-crio.yml} (100%) rename tests/files/{packet_ubuntu20-flannel-ha-once.yml => ubuntu20-flannel-ha-once.yml} (100%) rename tests/files/{packet_ubuntu20-flannel-ha.yml => ubuntu20-flannel-ha.yml} (100%) rename tests/files/{packet_ubuntu22-all-in-one-docker.yml => ubuntu22-all-in-one-docker.yml} (100%) create mode 100644 tests/files/ubuntu22-calico-all-in-one-upgrade rename tests/files/{packet_ubuntu22-calico-all-in-one-upgrade.yml => ubuntu22-calico-all-in-one-upgrade.yml} (100%) rename tests/files/{packet_ubuntu22-calico-all-in-one.yml => ubuntu22-calico-all-in-one.yml} (100%) rename tests/files/{packet_ubuntu24-all-in-one-docker.yml => ubuntu24-all-in-one-docker.yml} (100%) rename tests/files/{packet_ubuntu24-calico-all-in-one.yml => ubuntu24-calico-all-in-one.yml} (100%) rename tests/files/{packet_ubuntu24-calico-etcd-datastore.yml => ubuntu24-calico-etcd-datastore.yml} (100%) delete mode 100755 tests/scripts/testcases_cleanup.sh delete mode 100755 tests/scripts/testcases_prepare.sh diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ba1c839ed..287674197 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -59,18 +59,6 @@ before_script: - pre-commit # lint - vagrant-validate # lint -.testcases: &testcases - extends: .job-moderated - interruptible: true - before_script: - - update-alternatives --install /usr/bin/python python /usr/bin/python3 1 - - ./tests/scripts/rebase.sh - - ./tests/scripts/testcases_prepare.sh - script: - - ./tests/scripts/testcases_run.sh - after_script: - - ./tests/scripts/testcases_cleanup.sh - # For failfast, at least 1 job must be defined in .gitlab-ci.yml # Premoderated with manual actions ci-not-authorized: diff --git a/.gitlab-ci/packet.yml b/.gitlab-ci/packet.yml index d0227802b..9282e046e 100644 --- a/.gitlab-ci/packet.yml +++ b/.gitlab-ci/packet.yml @@ -1,6 +1,12 @@ --- .packet: - extends: .testcases + extends: .job-moderated + interruptible: true + before_script: + - ./tests/scripts/rebase.sh + - mkdir -p cluster-dump + script: + - ./tests/scripts/testcases_run.sh variables: ANSIBLE_TIMEOUT: "120" CI_PLATFORM: packet @@ -11,8 +17,12 @@ - pipeline-image - ci-not-authorized +# TODO: generate testcases matrixes from the files in tests/files/ +# this is needed to avoid the need for PR rebasing when a job was added or remvoed in the target branch +# (currently, a removed job in the target branch breaks the tests, because the +# pipeline definition is parsed by gitlab before the rebase.sh script) # CI template for PRs -.packet_pr: +packet_pr: stage: deploy-part1 rules: - if: $PR_LABELS =~ /.*ci-short.*/ @@ -23,22 +33,39 @@ - when: manual allow_failure: true extends: .packet + parallel: + matrix: + - TESTCASE: + - almalinux8-calico + - almalinux9-crio + - almalinux9-kube-ovn + - debian11-calico-collection + - debian11-macvlan + - debian12-cilium + - openeuler24-calico + - opensuse15-6-calico + - rockylinux8-calico + - rockylinux9-cilium + - ubuntu20-calico-all-in-one-hardening + - ubuntu20-cilium-sep + - ubuntu22-calico-all-in-one + - ubuntu22-calico-all-in-one-upgrade + - ubuntu24-calico-etcd-datastore - ## Uncomment this to have multiple stages - # needs: - # - packet_ubuntu20-calico-all-in-one - -.packet_pr_short: +# The ubuntu20-calico-all-in-one jobs are meant as early stages to prevent running the full CI if something is horribly broken +packet_ubuntu20-calico-all-in-one: stage: deploy-part1 extends: .packet + variables: + TESTCASE: ubuntu20-calico-all-in-one rules: - if: $CI_COMMIT_BRANCH =~ /^pr-.*$/ when: on_success - when: manual allow_failure: true -.packet_pr_manual: - extends: .packet_pr +packet_pr_full: + extends: .packet stage: deploy-extended rules: - if: $PR_LABELS =~ /.*ci-full.*/ @@ -46,212 +73,72 @@ # Else run as manual - when: manual allow_failure: true + parallel: + matrix: + - TESTCASE: + - almalinux9-calico-ha-ebpf + - almalinux9-calico-nodelocaldns-secondary + - debian11-custom-cni + - debian11-kubelet-csr-approver + - debian12-custom-cni-helm + - fedora39-calico-swap-selinux + - fedora39-crio + - ubuntu20-all-in-one-docker + - ubuntu20-calico-ha-wireguard + - ubuntu20-flannel-ha + - ubuntu20-flannel-ha-once -.packet_pr_extended: - extends: .packet_pr +# Need an update of the container image to use schema v2 +# update: quay.io/kubespray/vm-amazon-linux-2:latest +packet_manual: + extends: packet_pr_full + parallel: + matrix: + - TESTCASE: + - amazon-linux-2-all-in-one + rules: + - when: manual + allow_failure: true + +packet_pr_extended: + extends: .packet stage: deploy-extended rules: - if: $PR_LABELS =~ /.*(ci-extended|ci-full).*/ when: on_success - when: manual allow_failure: true + parallel: + matrix: + - TESTCASE: + - almalinux9-calico + - almalinux9-calico-remove-node + - almalinux9-docker + - debian11-docker + - debian12-calico + - debian12-docker + - opensuse15-6-docker-cilium + - rockylinux9-calico + - ubuntu20-calico-etcd-kubeadm + - ubuntu22-all-in-one-docker + - ubuntu24-all-in-one-docker + - ubuntu24-calico-all-in-one -# CI template for periodic CI jobs # Enabled when PERIODIC_CI_ENABLED var is set -.packet_periodic: +packet_periodic: only: variables: - $PERIODIC_CI_ENABLED allow_failure: true extends: .packet - -# The ubuntu20-calico-all-in-one jobs are meant as early stages to prevent running the full CI if something is horribly broken -packet_ubuntu20-calico-all-in-one: - stage: deploy-part1 - extends: .packet_pr_short - variables: - RESET_CHECK: "true" - -# ### PR JOBS PART2 - -packet_ubuntu20-crio: - extends: .packet_pr_manual - -packet_ubuntu22-calico-all-in-one: - extends: .packet_pr - -packet_ubuntu22-calico-all-in-one-upgrade: - extends: .packet_pr - variables: - UPGRADE_TEST: graceful - -packet_ubuntu24-calico-etcd-datastore: - extends: .packet_pr - -packet_almalinux9-crio: - extends: .packet_pr - -packet_almalinux9-kube-ovn: - extends: .packet_pr - -packet_debian11-calico-collection: - extends: .packet_pr - -packet_debian11-macvlan: - extends: .packet_pr - -packet_debian12-cilium: - extends: .packet_pr - -packet_almalinux8-calico: - extends: .packet_pr - -packet_rockylinux8-calico: - extends: .packet_pr - -packet_rockylinux9-cilium: - extends: .packet_pr - variables: - RESET_CHECK: "true" - -# Need an update of the container image to use schema v2 -# update: quay.io/kubespray/vm-amazon-linux-2:latest -packet_amazon-linux-2-all-in-one: - extends: .packet_pr_manual - rules: - - when: manual - allow_failure: true - -packet_opensuse15-6-calico: - extends: .packet_pr - -packet_ubuntu20-cilium-sep: - extends: .packet_pr - -packet_openeuler24-calico: - extends: .packet_pr - -packet_ubuntu20-calico-all-in-one-hardening: - extends: .packet_pr - -## Extended -packet_debian11-docker: - extends: .packet_pr_extended - -packet_debian12-docker: - extends: .packet_pr_extended - -packet_debian12-calico: - extends: .packet_pr_extended - -packet_almalinux9-calico-remove-node: - extends: .packet_pr_extended - variables: - REMOVE_NODE_CHECK: "true" - REMOVE_NODE_NAME: "instance-3" - -packet_rockylinux9-calico: - extends: .packet_pr_extended - -packet_almalinux9-calico: - extends: .packet_pr_extended - -packet_almalinux9-docker: - extends: .packet_pr_extended - -packet_opensuse15-6-docker-cilium: - extends: .packet_pr_extended - -packet_ubuntu24-calico-all-in-one: - extends: .packet_pr_extended - -packet_ubuntu20-calico-etcd-kubeadm: - extends: .packet_pr_extended - -packet_ubuntu24-all-in-one-docker: - extends: .packet_pr_extended - -packet_ubuntu22-all-in-one-docker: - extends: .packet_pr_extended - -# ### MANUAL JOBS -packet_fedora39-crio: - extends: .packet_pr_manual - -packet_ubuntu20-flannel-ha: - extends: .packet_pr_manual - -packet_ubuntu20-all-in-one-docker: - extends: .packet_pr_manual - -packet_ubuntu20-flannel-ha-once: - extends: .packet_pr_manual - -packet_fedora39-calico-swap-selinux: - extends: .packet_pr_manual - -packet_almalinux9-calico-ha-ebpf: - extends: .packet_pr_manual - -packet_almalinux9-calico-nodelocaldns-secondary: - extends: .packet_pr_manual - -packet_debian11-custom-cni: - extends: .packet_pr_manual - -packet_debian11-kubelet-csr-approver: - extends: .packet_pr_manual - -packet_debian12-custom-cni-helm: - extends: .packet_pr_manual - -packet_ubuntu20-calico-ha-wireguard: - extends: .packet_pr_manual - -# PERIODIC -packet_fedora40-docker-calico: - stage: deploy-extended - extends: .packet_periodic - variables: - RESET_CHECK: "true" - -packet_fedora39-calico-selinux: - stage: deploy-extended - extends: .packet_periodic - -packet_ubuntu20-calico-etcd-kubeadm-upgrade-ha: - stage: deploy-extended - extends: .packet_periodic - variables: - UPGRADE_TEST: basic - - -packet_debian11-calico-upgrade-once: - stage: deploy-extended - extends: .packet_periodic - variables: - UPGRADE_TEST: graceful - -packet_ubuntu20-calico-ha-recover: - stage: deploy-extended - extends: .packet_periodic - variables: - RECOVER_CONTROL_PLANE_TEST: "true" - RECOVER_CONTROL_PLANE_TEST_GROUPS: "etcd[2:]:kube_control_plane[1:]" - -packet_ubuntu20-calico-ha-recover-noquorum: - stage: deploy-extended - extends: .packet_periodic - variables: - RECOVER_CONTROL_PLANE_TEST: "true" - RECOVER_CONTROL_PLANE_TEST_GROUPS: "etcd[1:]:kube_control_plane[1:]" - -packet_debian11-calico-upgrade: - stage: deploy-extended - extends: .packet_periodic - variables: - UPGRADE_TEST: graceful - -packet_debian12-cilium-svc-proxy: - stage: deploy-extended - extends: .packet_periodic + parallel: + matrix: + - TESTCASE: + - debian11-calico-upgrade + - debian11-calico-upgrade-once + - debian12-cilium-svc-proxy + - fedora39-calico-selinux + - fedora40-docker-calico + - ubuntu20-calico-etcd-kubeadm-upgrade-ha + - ubuntu20-calico-ha-recover + - ubuntu20-calico-ha-recover-noquorum diff --git a/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml b/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml index 5f620e7d5..6bd4b7c07 100644 --- a/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml +++ b/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Include custom vars for ci job - include_vars: "../files/{{ lookup('ansible.builtin.env', 'CI_JOB_NAME') }}.yml" + include_vars: "../files/{{ lookup('ansible.builtin.env', 'TESTCASE') }}.yml" when: molecule_yml is not defined - name: Generate SSH keypair diff --git a/tests/files/packet_almalinux8-calico.yml b/tests/files/almalinux8-calico.yml similarity index 100% rename from tests/files/packet_almalinux8-calico.yml rename to tests/files/almalinux8-calico.yml diff --git a/tests/files/packet_almalinux9-calico-ha-ebpf.yml b/tests/files/almalinux9-calico-ha-ebpf.yml similarity index 100% rename from tests/files/packet_almalinux9-calico-ha-ebpf.yml rename to tests/files/almalinux9-calico-ha-ebpf.yml diff --git a/tests/files/packet_almalinux9-calico-nodelocaldns-secondary.yml b/tests/files/almalinux9-calico-nodelocaldns-secondary.yml similarity index 100% rename from tests/files/packet_almalinux9-calico-nodelocaldns-secondary.yml rename to tests/files/almalinux9-calico-nodelocaldns-secondary.yml diff --git a/tests/files/almalinux9-calico-remove-node b/tests/files/almalinux9-calico-remove-node new file mode 100644 index 000000000..85f05b2ca --- /dev/null +++ b/tests/files/almalinux9-calico-remove-node @@ -0,0 +1,2 @@ +REMOVE_NODE_CHECK=true +REMOVE_NODE_NAME=instance-3 diff --git a/tests/files/packet_almalinux9-calico-remove-node.yml b/tests/files/almalinux9-calico-remove-node.yml similarity index 100% rename from tests/files/packet_almalinux9-calico-remove-node.yml rename to tests/files/almalinux9-calico-remove-node.yml diff --git a/tests/files/packet_almalinux9-calico.yml b/tests/files/almalinux9-calico.yml similarity index 100% rename from tests/files/packet_almalinux9-calico.yml rename to tests/files/almalinux9-calico.yml diff --git a/tests/files/packet_almalinux9-crio.yml b/tests/files/almalinux9-crio.yml similarity index 100% rename from tests/files/packet_almalinux9-crio.yml rename to tests/files/almalinux9-crio.yml diff --git a/tests/files/packet_almalinux9-docker.yml b/tests/files/almalinux9-docker.yml similarity index 100% rename from tests/files/packet_almalinux9-docker.yml rename to tests/files/almalinux9-docker.yml diff --git a/tests/files/packet_almalinux9-kube-ovn.yml b/tests/files/almalinux9-kube-ovn.yml similarity index 100% rename from tests/files/packet_almalinux9-kube-ovn.yml rename to tests/files/almalinux9-kube-ovn.yml diff --git a/tests/files/packet_amazon-linux-2-all-in-one.yml b/tests/files/amazon-linux-2-all-in-one.yml similarity index 100% rename from tests/files/packet_amazon-linux-2-all-in-one.yml rename to tests/files/amazon-linux-2-all-in-one.yml diff --git a/tests/files/packet_debian11-calico-collection.yml b/tests/files/debian11-calico-collection.yml similarity index 100% rename from tests/files/packet_debian11-calico-collection.yml rename to tests/files/debian11-calico-collection.yml diff --git a/tests/files/debian11-calico-upgrade b/tests/files/debian11-calico-upgrade new file mode 100644 index 000000000..77bf528c8 --- /dev/null +++ b/tests/files/debian11-calico-upgrade @@ -0,0 +1 @@ +UPGRADE_TEST=graceful diff --git a/tests/files/debian11-calico-upgrade-once b/tests/files/debian11-calico-upgrade-once new file mode 100644 index 000000000..77bf528c8 --- /dev/null +++ b/tests/files/debian11-calico-upgrade-once @@ -0,0 +1 @@ +UPGRADE_TEST=graceful diff --git a/tests/files/packet_debian11-calico-upgrade-once.yml b/tests/files/debian11-calico-upgrade-once.yml similarity index 100% rename from tests/files/packet_debian11-calico-upgrade-once.yml rename to tests/files/debian11-calico-upgrade-once.yml diff --git a/tests/files/packet_debian11-calico-upgrade.yml b/tests/files/debian11-calico-upgrade.yml similarity index 100% rename from tests/files/packet_debian11-calico-upgrade.yml rename to tests/files/debian11-calico-upgrade.yml diff --git a/tests/files/packet_debian11-custom-cni.yml b/tests/files/debian11-custom-cni.yml similarity index 100% rename from tests/files/packet_debian11-custom-cni.yml rename to tests/files/debian11-custom-cni.yml diff --git a/tests/files/packet_debian11-docker.yml b/tests/files/debian11-docker.yml similarity index 100% rename from tests/files/packet_debian11-docker.yml rename to tests/files/debian11-docker.yml diff --git a/tests/files/packet_debian11-kubelet-csr-approver.yml b/tests/files/debian11-kubelet-csr-approver.yml similarity index 100% rename from tests/files/packet_debian11-kubelet-csr-approver.yml rename to tests/files/debian11-kubelet-csr-approver.yml diff --git a/tests/files/packet_debian11-macvlan.yml b/tests/files/debian11-macvlan.yml similarity index 100% rename from tests/files/packet_debian11-macvlan.yml rename to tests/files/debian11-macvlan.yml diff --git a/tests/files/packet_debian12-calico.yml b/tests/files/debian12-calico.yml similarity index 100% rename from tests/files/packet_debian12-calico.yml rename to tests/files/debian12-calico.yml diff --git a/tests/files/packet_debian12-cilium-svc-proxy.yml b/tests/files/debian12-cilium-svc-proxy.yml similarity index 100% rename from tests/files/packet_debian12-cilium-svc-proxy.yml rename to tests/files/debian12-cilium-svc-proxy.yml diff --git a/tests/files/packet_debian12-cilium.yml b/tests/files/debian12-cilium.yml similarity index 100% rename from tests/files/packet_debian12-cilium.yml rename to tests/files/debian12-cilium.yml diff --git a/tests/files/packet_debian12-custom-cni-helm.yml b/tests/files/debian12-custom-cni-helm.yml similarity index 100% rename from tests/files/packet_debian12-custom-cni-helm.yml rename to tests/files/debian12-custom-cni-helm.yml diff --git a/tests/files/packet_debian12-docker.yml b/tests/files/debian12-docker.yml similarity index 100% rename from tests/files/packet_debian12-docker.yml rename to tests/files/debian12-docker.yml diff --git a/tests/files/packet_fedora39-calico-selinux.yml b/tests/files/fedora39-calico-selinux.yml similarity index 100% rename from tests/files/packet_fedora39-calico-selinux.yml rename to tests/files/fedora39-calico-selinux.yml diff --git a/tests/files/packet_fedora39-calico-swap-selinux.yml b/tests/files/fedora39-calico-swap-selinux.yml similarity index 100% rename from tests/files/packet_fedora39-calico-swap-selinux.yml rename to tests/files/fedora39-calico-swap-selinux.yml diff --git a/tests/files/packet_fedora39-crio.yml b/tests/files/fedora39-crio.yml similarity index 100% rename from tests/files/packet_fedora39-crio.yml rename to tests/files/fedora39-crio.yml diff --git a/tests/files/packet_fedora40-docker-calico.yml b/tests/files/fedora40-docker-calico.yml similarity index 100% rename from tests/files/packet_fedora40-docker-calico.yml rename to tests/files/fedora40-docker-calico.yml diff --git a/tests/files/fedora40-docker.calico b/tests/files/fedora40-docker.calico new file mode 100644 index 000000000..3cf4b3d58 --- /dev/null +++ b/tests/files/fedora40-docker.calico @@ -0,0 +1 @@ +RESET_CHECK=true diff --git a/tests/files/packet_openeuler24-calico.yml b/tests/files/openeuler24-calico.yml similarity index 100% rename from tests/files/packet_openeuler24-calico.yml rename to tests/files/openeuler24-calico.yml diff --git a/tests/files/packet_opensuse15-6-calico.yml b/tests/files/opensuse15-6-calico.yml similarity index 100% rename from tests/files/packet_opensuse15-6-calico.yml rename to tests/files/opensuse15-6-calico.yml diff --git a/tests/files/packet_opensuse15-6-docker-cilium.yml b/tests/files/opensuse15-6-docker-cilium.yml similarity index 100% rename from tests/files/packet_opensuse15-6-docker-cilium.yml rename to tests/files/opensuse15-6-docker-cilium.yml diff --git a/tests/files/packet_rockylinux8-calico.yml b/tests/files/rockylinux8-calico.yml similarity index 100% rename from tests/files/packet_rockylinux8-calico.yml rename to tests/files/rockylinux8-calico.yml diff --git a/tests/files/packet_rockylinux9-calico.yml b/tests/files/rockylinux9-calico.yml similarity index 100% rename from tests/files/packet_rockylinux9-calico.yml rename to tests/files/rockylinux9-calico.yml diff --git a/tests/files/rockylinux9-cilium b/tests/files/rockylinux9-cilium new file mode 100644 index 000000000..3cf4b3d58 --- /dev/null +++ b/tests/files/rockylinux9-cilium @@ -0,0 +1 @@ +RESET_CHECK=true diff --git a/tests/files/packet_rockylinux9-cilium.yml b/tests/files/rockylinux9-cilium.yml similarity index 100% rename from tests/files/packet_rockylinux9-cilium.yml rename to tests/files/rockylinux9-cilium.yml diff --git a/tests/files/packet_ubuntu20-all-in-one-docker.yml b/tests/files/ubuntu20-all-in-one-docker.yml similarity index 100% rename from tests/files/packet_ubuntu20-all-in-one-docker.yml rename to tests/files/ubuntu20-all-in-one-docker.yml diff --git a/tests/files/ubuntu20-calico-all-in-one b/tests/files/ubuntu20-calico-all-in-one new file mode 100644 index 000000000..3cf4b3d58 --- /dev/null +++ b/tests/files/ubuntu20-calico-all-in-one @@ -0,0 +1 @@ +RESET_CHECK=true diff --git a/tests/files/packet_ubuntu20-calico-all-in-one-hardening.yml b/tests/files/ubuntu20-calico-all-in-one-hardening.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-all-in-one-hardening.yml rename to tests/files/ubuntu20-calico-all-in-one-hardening.yml diff --git a/tests/files/packet_ubuntu20-calico-all-in-one.yml b/tests/files/ubuntu20-calico-all-in-one.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-all-in-one.yml rename to tests/files/ubuntu20-calico-all-in-one.yml diff --git a/tests/files/ubuntu20-calico-etcd-kubeadm-upgrade-ha b/tests/files/ubuntu20-calico-etcd-kubeadm-upgrade-ha new file mode 100644 index 000000000..49b1f98cc --- /dev/null +++ b/tests/files/ubuntu20-calico-etcd-kubeadm-upgrade-ha @@ -0,0 +1 @@ +UPGRADE_TEST=basic diff --git a/tests/files/packet_ubuntu20-calico-etcd-kubeadm-upgrade-ha.yml b/tests/files/ubuntu20-calico-etcd-kubeadm-upgrade-ha.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-etcd-kubeadm-upgrade-ha.yml rename to tests/files/ubuntu20-calico-etcd-kubeadm-upgrade-ha.yml diff --git a/tests/files/packet_ubuntu20-calico-etcd-kubeadm.yml b/tests/files/ubuntu20-calico-etcd-kubeadm.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-etcd-kubeadm.yml rename to tests/files/ubuntu20-calico-etcd-kubeadm.yml diff --git a/tests/files/ubuntu20-calico-ha-recover b/tests/files/ubuntu20-calico-ha-recover new file mode 100644 index 000000000..9d98a7f3a --- /dev/null +++ b/tests/files/ubuntu20-calico-ha-recover @@ -0,0 +1,2 @@ +RECOVER_CONTROL_PLANE_TEST=true +RECOVER_CONTROL_PLANE_TEST_GROUPS="etcd[2:]:kube_control_plane[1:]" diff --git a/tests/files/ubuntu20-calico-ha-recover-noquorum b/tests/files/ubuntu20-calico-ha-recover-noquorum new file mode 100644 index 000000000..bf1349526 --- /dev/null +++ b/tests/files/ubuntu20-calico-ha-recover-noquorum @@ -0,0 +1,2 @@ +RECOVER_CONTROL_PLANE_TEST=true +RECOVER_CONTROL_PLANE_TEST_GROUPS="etcd[1:]:kube_control_plane[1:]" diff --git a/tests/files/packet_ubuntu20-calico-ha-recover-noquorum.yml b/tests/files/ubuntu20-calico-ha-recover-noquorum.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-ha-recover-noquorum.yml rename to tests/files/ubuntu20-calico-ha-recover-noquorum.yml diff --git a/tests/files/packet_ubuntu20-calico-ha-recover.yml b/tests/files/ubuntu20-calico-ha-recover.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-ha-recover.yml rename to tests/files/ubuntu20-calico-ha-recover.yml diff --git a/tests/files/packet_ubuntu20-calico-ha-wireguard.yml b/tests/files/ubuntu20-calico-ha-wireguard.yml similarity index 100% rename from tests/files/packet_ubuntu20-calico-ha-wireguard.yml rename to tests/files/ubuntu20-calico-ha-wireguard.yml diff --git a/tests/files/packet_ubuntu20-cilium-sep.yml b/tests/files/ubuntu20-cilium-sep.yml similarity index 100% rename from tests/files/packet_ubuntu20-cilium-sep.yml rename to tests/files/ubuntu20-cilium-sep.yml diff --git a/tests/files/packet_ubuntu20-crio.yml b/tests/files/ubuntu20-crio.yml similarity index 100% rename from tests/files/packet_ubuntu20-crio.yml rename to tests/files/ubuntu20-crio.yml diff --git a/tests/files/packet_ubuntu20-flannel-ha-once.yml b/tests/files/ubuntu20-flannel-ha-once.yml similarity index 100% rename from tests/files/packet_ubuntu20-flannel-ha-once.yml rename to tests/files/ubuntu20-flannel-ha-once.yml diff --git a/tests/files/packet_ubuntu20-flannel-ha.yml b/tests/files/ubuntu20-flannel-ha.yml similarity index 100% rename from tests/files/packet_ubuntu20-flannel-ha.yml rename to tests/files/ubuntu20-flannel-ha.yml diff --git a/tests/files/packet_ubuntu22-all-in-one-docker.yml b/tests/files/ubuntu22-all-in-one-docker.yml similarity index 100% rename from tests/files/packet_ubuntu22-all-in-one-docker.yml rename to tests/files/ubuntu22-all-in-one-docker.yml diff --git a/tests/files/ubuntu22-calico-all-in-one-upgrade b/tests/files/ubuntu22-calico-all-in-one-upgrade new file mode 100644 index 000000000..77bf528c8 --- /dev/null +++ b/tests/files/ubuntu22-calico-all-in-one-upgrade @@ -0,0 +1 @@ +UPGRADE_TEST=graceful diff --git a/tests/files/packet_ubuntu22-calico-all-in-one-upgrade.yml b/tests/files/ubuntu22-calico-all-in-one-upgrade.yml similarity index 100% rename from tests/files/packet_ubuntu22-calico-all-in-one-upgrade.yml rename to tests/files/ubuntu22-calico-all-in-one-upgrade.yml diff --git a/tests/files/packet_ubuntu22-calico-all-in-one.yml b/tests/files/ubuntu22-calico-all-in-one.yml similarity index 100% rename from tests/files/packet_ubuntu22-calico-all-in-one.yml rename to tests/files/ubuntu22-calico-all-in-one.yml diff --git a/tests/files/packet_ubuntu24-all-in-one-docker.yml b/tests/files/ubuntu24-all-in-one-docker.yml similarity index 100% rename from tests/files/packet_ubuntu24-all-in-one-docker.yml rename to tests/files/ubuntu24-all-in-one-docker.yml diff --git a/tests/files/packet_ubuntu24-calico-all-in-one.yml b/tests/files/ubuntu24-calico-all-in-one.yml similarity index 100% rename from tests/files/packet_ubuntu24-calico-all-in-one.yml rename to tests/files/ubuntu24-calico-all-in-one.yml diff --git a/tests/files/packet_ubuntu24-calico-etcd-datastore.yml b/tests/files/ubuntu24-calico-etcd-datastore.yml similarity index 100% rename from tests/files/packet_ubuntu24-calico-etcd-datastore.yml rename to tests/files/ubuntu24-calico-etcd-datastore.yml diff --git a/tests/scripts/md-table/main.py b/tests/scripts/md-table/main.py index 09d5506e9..263fd02a8 100755 --- a/tests/scripts/md-table/main.py +++ b/tests/scripts/md-table/main.py @@ -90,7 +90,7 @@ for f in files: container_manager = y.get('container_manager', 'containerd') network_plugin = y.get('kube_network_plugin', 'calico') - x = re.match(r"^[a-z-]+_([a-z0-9]+).*", f.name) - operating_system = x.group(1) + x = re.match(r"^([a-z-]+_)?([a-z0-9]+).*", f.name) + operating_system = x.group(2) data.set(container_manager=container_manager, network_plugin=network_plugin, os=operating_system) print(data.jinja(), file=open(args.output, 'w')) diff --git a/tests/scripts/testcases_cleanup.sh b/tests/scripts/testcases_cleanup.sh deleted file mode 100755 index e6df033d9..000000000 --- a/tests/scripts/testcases_cleanup.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -euxo pipefail - -make -C tests delete-${CI_PLATFORM} -s diff --git a/tests/scripts/testcases_prepare.sh b/tests/scripts/testcases_prepare.sh deleted file mode 100755 index aa4b285e5..000000000 --- a/tests/scripts/testcases_prepare.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -set -euxo pipefail - -mkdir -p /.ssh -mkdir -p cluster-dump -mkdir -p $HOME/.ssh -ansible-playbook --version diff --git a/tests/scripts/testcases_run.sh b/tests/scripts/testcases_run.sh index bf50d79b1..09de3261b 100755 --- a/tests/scripts/testcases_run.sh +++ b/tests/scripts/testcases_run.sh @@ -1,19 +1,9 @@ #!/bin/bash set -euxo pipefail -echo "CI_JOB_NAME is $CI_JOB_NAME" +echo "TESTCASE is $TESTCASE" -if [[ "$CI_JOB_NAME" =~ "upgrade" ]]; then - if [ "${UPGRADE_TEST}" == "false" ]; then - echo "Job name contains 'upgrade', but UPGRADE_TEST='false'" - exit 1 - fi -else - if [ "${UPGRADE_TEST}" != "false" ]; then - echo "UPGRADE_TEST!='false', but job names does not contain 'upgrade'" - exit 1 - fi -fi +source tests/files/$TESTCASE || true # Check out latest tag if testing upgrade if [ "${UPGRADE_TEST}" != "false" ]; then @@ -31,7 +21,7 @@ make -C tests create-${CI_PLATFORM} -s # Test collection build and install by installing our collection, emptying our repository, adding # cluster.yml, reset.yml, and remote-node.yml files that simply point to our collection's playbooks, and then # running the same tests as before -if [[ "${CI_JOB_NAME}" =~ "collection" ]]; then +if [[ "${TESTCASE}" =~ "collection" ]]; then # Build and install collection ansible-galaxy collection build ansible-galaxy collection install kubernetes_sigs-kubespray-$(grep "^version:" galaxy.yml | awk '{print $2}').tar.gz @@ -69,7 +59,7 @@ shift # We can set --limit here and still pass it as supplemental args because `--limit` is a 'last one wins' option ansible-playbook \ -e @tests/common_vars.yml \ - -e @tests/files/${CI_JOB_NAME}.yml \ + -e @tests/files/${TESTCASE}.yml \ -e local_release_dir=${PWD}/downloads \ "$@" \ ${playbook} @@ -111,10 +101,10 @@ run_playbook tests/testcases/015_check-nodes-ready.yml ## Test that all nodes are Ready -if [[ ! ( "$CI_JOB_NAME" =~ "macvlan" ) ]]; then +if [[ ! ( "$TESTCASE" =~ "macvlan" ) ]]; then run_playbook tests/testcases/020_check-pods-running.yml run_playbook tests/testcases/030_check-network.yml - if [[ ! ( "$CI_JOB_NAME" =~ "hardening" ) ]]; then + if [[ ! ( "$TESTCASE" =~ "hardening" ) ]]; then # TODO: We need to remove this condition by finding alternative container # image instead of netchecker which doesn't work at hardening environments. run_playbook tests/testcases/040_check-network-adv.yml From 862aec4dc689a0080c539c73c16aa1ef7769d7b2 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Thu, 20 Mar 2025 10:19:42 +0100 Subject: [PATCH 2/8] CI: remove 'packet' from jobs name + rename to kubevirt This is more accurate, the name 'packet' being an aterfact of history (the Kubevirt jobs used to run on Packet, the previous name of Equinix) --- .gitlab-ci.yml | 2 +- .gitlab-ci/{packet.yml => kubevirt.yml} | 26 +++++++++---------- roles/adduser/molecule/default/molecule.yml | 2 +- .../molecule/default/molecule.yml | 2 +- .../molecule/default/molecule.yml | 2 +- .../containerd/molecule/default/molecule.yml | 2 +- .../cri-dockerd/molecule/default/molecule.yml | 2 +- .../cri-o/molecule/default/molecule.yml | 2 +- tests/Makefile | 2 +- ...{create-packet.yml => create-kubevirt.yml} | 0 10 files changed, 21 insertions(+), 21 deletions(-) rename .gitlab-ci/{packet.yml => kubevirt.yml} (93%) rename tests/cloud_playbooks/{create-packet.yml => create-kubevirt.yml} (100%) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 287674197..99ab8d05d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -90,6 +90,6 @@ include: - .gitlab-ci/build.yml - .gitlab-ci/lint.yml - .gitlab-ci/terraform.yml - - .gitlab-ci/packet.yml + - .gitlab-ci/kubevirt.yml - .gitlab-ci/vagrant.yml - .gitlab-ci/molecule.yml diff --git a/.gitlab-ci/packet.yml b/.gitlab-ci/kubevirt.yml similarity index 93% rename from .gitlab-ci/packet.yml rename to .gitlab-ci/kubevirt.yml index 9282e046e..ceec118ec 100644 --- a/.gitlab-ci/packet.yml +++ b/.gitlab-ci/kubevirt.yml @@ -1,5 +1,5 @@ --- -.packet: +.kubevirt: extends: .job-moderated interruptible: true before_script: @@ -22,7 +22,7 @@ # (currently, a removed job in the target branch breaks the tests, because the # pipeline definition is parsed by gitlab before the rebase.sh script) # CI template for PRs -packet_pr: +pr: stage: deploy-part1 rules: - if: $PR_LABELS =~ /.*ci-short.*/ @@ -32,7 +32,7 @@ packet_pr: when: on_success - when: manual allow_failure: true - extends: .packet + extends: .kubevirt parallel: matrix: - TESTCASE: @@ -53,9 +53,9 @@ packet_pr: - ubuntu24-calico-etcd-datastore # The ubuntu20-calico-all-in-one jobs are meant as early stages to prevent running the full CI if something is horribly broken -packet_ubuntu20-calico-all-in-one: +ubuntu20-calico-all-in-one: stage: deploy-part1 - extends: .packet + extends: .kubevirt variables: TESTCASE: ubuntu20-calico-all-in-one rules: @@ -64,8 +64,8 @@ packet_ubuntu20-calico-all-in-one: - when: manual allow_failure: true -packet_pr_full: - extends: .packet +pr_full: + extends: .kubevirt stage: deploy-extended rules: - if: $PR_LABELS =~ /.*ci-full.*/ @@ -90,8 +90,8 @@ packet_pr_full: # Need an update of the container image to use schema v2 # update: quay.io/kubespray/vm-amazon-linux-2:latest -packet_manual: - extends: packet_pr_full +manual: + extends: pr_full parallel: matrix: - TESTCASE: @@ -100,8 +100,8 @@ packet_manual: - when: manual allow_failure: true -packet_pr_extended: - extends: .packet +pr_extended: + extends: .kubevirt stage: deploy-extended rules: - if: $PR_LABELS =~ /.*(ci-extended|ci-full).*/ @@ -125,12 +125,12 @@ packet_pr_extended: - ubuntu24-calico-all-in-one # Enabled when PERIODIC_CI_ENABLED var is set -packet_periodic: +periodic: only: variables: - $PERIODIC_CI_ENABLED allow_failure: true - extends: .packet + extends: .kubevirt parallel: matrix: - TESTCASE: diff --git a/roles/adduser/molecule/default/molecule.yml b/roles/adduser/molecule/default/molecule.yml index eba7f2a42..a2043268f 100644 --- a/roles/adduser/molecule/default/molecule.yml +++ b/roles/adduser/molecule/default/molecule.yml @@ -14,6 +14,6 @@ provisioner: callbacks_enabled: profile_tasks timeout: 120 playbooks: - create: ../../../../tests/cloud_playbooks/create-packet.yml + create: ../../../../tests/cloud_playbooks/create-kubevirt.yml verifier: name: testinfra diff --git a/roles/bastion-ssh-config/molecule/default/molecule.yml b/roles/bastion-ssh-config/molecule/default/molecule.yml index 4c8485313..5a515626d 100644 --- a/roles/bastion-ssh-config/molecule/default/molecule.yml +++ b/roles/bastion-ssh-config/molecule/default/molecule.yml @@ -22,6 +22,6 @@ provisioner: hosts: bastion-01: playbooks: - create: ../../../../tests/cloud_playbooks/create-packet.yml + create: ../../../../tests/cloud_playbooks/create-kubevirt.yml verifier: name: testinfra diff --git a/roles/bootstrap-os/molecule/default/molecule.yml b/roles/bootstrap-os/molecule/default/molecule.yml index dff5d1e83..bdb3d85a8 100644 --- a/roles/bootstrap-os/molecule/default/molecule.yml +++ b/roles/bootstrap-os/molecule/default/molecule.yml @@ -32,6 +32,6 @@ provisioner: name: foo comment: My test comment playbooks: - create: ../../../../tests/cloud_playbooks/create-packet.yml + create: ../../../../tests/cloud_playbooks/create-kubevirt.yml verifier: name: testinfra diff --git a/roles/container-engine/containerd/molecule/default/molecule.yml b/roles/container-engine/containerd/molecule/default/molecule.yml index e34edf86c..0ad3b7946 100644 --- a/roles/container-engine/containerd/molecule/default/molecule.yml +++ b/roles/container-engine/containerd/molecule/default/molecule.yml @@ -34,6 +34,6 @@ provisioner: callbacks_enabled: profile_tasks timeout: 120 playbooks: - create: ../../../../../tests/cloud_playbooks/create-packet.yml + create: ../../../../../tests/cloud_playbooks/create-kubevirt.yml verifier: name: testinfra diff --git a/roles/container-engine/cri-dockerd/molecule/default/molecule.yml b/roles/container-engine/cri-dockerd/molecule/default/molecule.yml index 21c4c0595..cff276e42 100644 --- a/roles/container-engine/cri-dockerd/molecule/default/molecule.yml +++ b/roles/container-engine/cri-dockerd/molecule/default/molecule.yml @@ -26,6 +26,6 @@ provisioner: all: become: true playbooks: - create: ../../../../../tests/cloud_playbooks/create-packet.yml + create: ../../../../../tests/cloud_playbooks/create-kubevirt.yml verifier: name: testinfra diff --git a/roles/container-engine/cri-o/molecule/default/molecule.yml b/roles/container-engine/cri-o/molecule/default/molecule.yml index 449d5807a..6bbaabf7a 100644 --- a/roles/container-engine/cri-o/molecule/default/molecule.yml +++ b/roles/container-engine/cri-o/molecule/default/molecule.yml @@ -42,6 +42,6 @@ provisioner: callbacks_enabled: profile_tasks timeout: 120 playbooks: - create: ../../../../../tests/cloud_playbooks/create-packet.yml + create: ../../../../../tests/cloud_playbooks/create-kubevirt.yml verifier: name: testinfra diff --git a/tests/Makefile b/tests/Makefile index db66e340c..c90b5c741 100644 --- a/tests/Makefile +++ b/tests/Makefile @@ -8,7 +8,7 @@ $(ANSIBLE_INVENTORY): mkdir $@ create-packet: | $(ANSIBLE_INVENTORY) - ansible-playbook cloud_playbooks/create-packet.yml -c local \ + ansible-playbook cloud_playbooks/create-kubevirt.yml -c local \ -e @"files/${CI_JOB_NAME}.yml" delete-packet: ; diff --git a/tests/cloud_playbooks/create-packet.yml b/tests/cloud_playbooks/create-kubevirt.yml similarity index 100% rename from tests/cloud_playbooks/create-packet.yml rename to tests/cloud_playbooks/create-kubevirt.yml From 43fceebdd3d065e9d81c30824fadb7d94c775c99 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Fri, 14 Mar 2025 15:15:57 +0100 Subject: [PATCH 3/8] CI: convert vagrant jobs to kubevirt Vagrant jobs needs a big cache which makes them slow / sometimes stuck completely. Using the kubevirt provisionning playbook is now significantly faster, so do just that. Having only one provisionner in CI will also allows us to remove some of the custom runners executors we use for vagrant, and more generally reduce the CI maintenance. Our kubevirt CI platform does not support ivp6 yet, so we keep the relevant jobs in vagrant, but we'll migrate them as well as soon as possible. --- .gitlab-ci/kubevirt.yml | 6 +++ .gitlab-ci/vagrant.yml | 51 +++---------------- tests/files/fedora39-kube-router.yml | 7 +++ tests/files/ubuntu20-flannel-collection.yml | 8 +++ tests/files/ubuntu20-flannel.yml | 1 + tests/files/ubuntu20-kube-router-sep.yml | 7 +++ .../files/ubuntu20-kube-router-svc-proxy.yml | 10 ++++ ...stack.rb => ubuntu24-calico-dual-stack.rb} | 0 ...ack.yml => ubuntu24-calico-dual-stack.yml} | 0 ...k.rb => ubuntu24-calico-ipv6only-stack.rb} | 0 ...yml => ubuntu24-calico-ipv6only-stack.yml} | 0 tests/files/vagrant_fedora39-kube-router.rb | 15 ------ tests/files/vagrant_fedora39-kube-router.yml | 6 --- .../vagrant_ubuntu20-flannel-collection.rb | 9 ---- .../vagrant_ubuntu20-flannel-collection.yml | 3 -- tests/files/vagrant_ubuntu20-flannel.rb | 8 --- tests/files/vagrant_ubuntu20-flannel.yml | 4 -- .../files/vagrant_ubuntu20-kube-router-sep.rb | 15 ------ .../vagrant_ubuntu20-kube-router-sep.yml | 8 --- .../vagrant_ubuntu20-kube-router-svc-proxy.rb | 10 ---- ...vagrant_ubuntu20-kube-router-svc-proxy.yml | 10 ---- 21 files changed, 47 insertions(+), 131 deletions(-) create mode 100644 tests/files/fedora39-kube-router.yml create mode 100644 tests/files/ubuntu20-flannel-collection.yml create mode 120000 tests/files/ubuntu20-flannel.yml create mode 100644 tests/files/ubuntu20-kube-router-sep.yml create mode 100644 tests/files/ubuntu20-kube-router-svc-proxy.yml rename tests/files/{vagrant_ubuntu24-calico-dual-stack.rb => ubuntu24-calico-dual-stack.rb} (100%) rename tests/files/{vagrant_ubuntu24-calico-dual-stack.yml => ubuntu24-calico-dual-stack.yml} (100%) rename tests/files/{vagrant_ubuntu24-calico-ipv6only-stack.rb => ubuntu24-calico-ipv6only-stack.rb} (100%) rename tests/files/{vagrant_ubuntu24-calico-ipv6only-stack.yml => ubuntu24-calico-ipv6only-stack.yml} (100%) delete mode 100644 tests/files/vagrant_fedora39-kube-router.rb delete mode 100644 tests/files/vagrant_fedora39-kube-router.yml delete mode 100644 tests/files/vagrant_ubuntu20-flannel-collection.rb delete mode 100644 tests/files/vagrant_ubuntu20-flannel-collection.yml delete mode 100644 tests/files/vagrant_ubuntu20-flannel.rb delete mode 100644 tests/files/vagrant_ubuntu20-flannel.yml delete mode 100644 tests/files/vagrant_ubuntu20-kube-router-sep.rb delete mode 100644 tests/files/vagrant_ubuntu20-kube-router-sep.yml delete mode 100644 tests/files/vagrant_ubuntu20-kube-router-svc-proxy.rb delete mode 100644 tests/files/vagrant_ubuntu20-kube-router-svc-proxy.yml diff --git a/.gitlab-ci/kubevirt.yml b/.gitlab-ci/kubevirt.yml index ceec118ec..d11e0cc7e 100644 --- a/.gitlab-ci/kubevirt.yml +++ b/.gitlab-ci/kubevirt.yml @@ -42,12 +42,17 @@ pr: - debian11-calico-collection - debian11-macvlan - debian12-cilium + - fedora39-kube-router + # FIXME: this test if broken (perma-failing) - openeuler24-calico - opensuse15-6-calico - rockylinux8-calico - rockylinux9-cilium - ubuntu20-calico-all-in-one-hardening - ubuntu20-cilium-sep + - ubuntu20-flannel-collection + - ubuntu20-kube-router-sep + - ubuntu20-kube-router-svc-proxy - ubuntu22-calico-all-in-one - ubuntu22-calico-all-in-one-upgrade - ubuntu24-calico-etcd-datastore @@ -120,6 +125,7 @@ pr_extended: - opensuse15-6-docker-cilium - rockylinux9-calico - ubuntu20-calico-etcd-kubeadm + - ubuntu20-flannel - ubuntu22-all-in-one-docker - ubuntu24-all-in-one-docker - ubuntu24-calico-all-in-one diff --git a/.gitlab-ci/vagrant.yml b/.gitlab-ci/vagrant.yml index af2739676..a40bbb2ee 100644 --- a/.gitlab-ci/vagrant.yml +++ b/.gitlab-ci/vagrant.yml @@ -1,13 +1,13 @@ --- -.vagrant: - extends: .testcases +vagrant: + extends: .job-moderated needs: - ci-not-authorized variables: CI_PLATFORM: "vagrant" SSH_USER: "vagrant" VAGRANT_DEFAULT_PROVIDER: "libvirt" - KUBESPRAY_VAGRANT_CONFIG: tests/files/${CI_JOB_NAME}.rb + KUBESPRAY_VAGRANT_CONFIG: tests/files/${TESTCASE}.rb DOCKER_NAME: vagrant VAGRANT_ANSIBLE_TAGS: facts VAGRANT_HOME: "$CI_PROJECT_DIR/.vagrant.d" @@ -35,47 +35,12 @@ - .vagrant.d/boxes - .cache/pip policy: pull-push # TODO: change to "pull" when not on main - -vagrant_ubuntu24-calico-dual-stack: stage: deploy-extended - extends: .vagrant rules: - if: $PR_LABELS =~ /.*(ci-extended|ci-full).*/ when: on_success - allow_failure: false - -vagrant_ubuntu24-calico-ipv6only-stack: - stage: deploy-extended - extends: .vagrant - rules: - - if: $PR_LABELS =~ /.*(ci-extended|ci-full).*/ - when: on_success - allow_failure: false - -vagrant_ubuntu20-flannel: - stage: deploy-part1 - extends: .vagrant - when: on_success - allow_failure: false - -vagrant_ubuntu20-flannel-collection: - stage: deploy-extended - extends: .vagrant - when: manual - -vagrant_ubuntu20-kube-router-sep: - stage: deploy-extended - extends: .vagrant - when: manual - -# Service proxy test fails connectivity testing -vagrant_ubuntu20-kube-router-svc-proxy: - stage: deploy-extended - extends: .vagrant - when: manual - -vagrant_fedora39-kube-router: - stage: deploy-extended - extends: .vagrant - when: manual -# FIXME: this test if broken (perma-failing) + parallel: + matrix: + - TESTCASE: + - ubuntu24-calico-dual-stack + - ubuntu24-calico-ipv6only-stack diff --git a/tests/files/fedora39-kube-router.yml b/tests/files/fedora39-kube-router.yml new file mode 100644 index 000000000..06905b9f5 --- /dev/null +++ b/tests/files/fedora39-kube-router.yml @@ -0,0 +1,7 @@ +--- +cloud_image: fedora-39 +cluster_layout: + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['kube_node'] + +kube_network_plugin: "kube-router" diff --git a/tests/files/ubuntu20-flannel-collection.yml b/tests/files/ubuntu20-flannel-collection.yml new file mode 100644 index 000000000..b5d0ba57b --- /dev/null +++ b/tests/files/ubuntu20-flannel-collection.yml @@ -0,0 +1,8 @@ +--- +cloud_image: ubuntu-2004 +cluster_layout: + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['etcd', 'kube_node'] + +kube_network_plugin: flannel diff --git a/tests/files/ubuntu20-flannel.yml b/tests/files/ubuntu20-flannel.yml new file mode 120000 index 000000000..ba939279e --- /dev/null +++ b/tests/files/ubuntu20-flannel.yml @@ -0,0 +1 @@ +ubuntu20-flannel-collection.yml \ No newline at end of file diff --git a/tests/files/ubuntu20-kube-router-sep.yml b/tests/files/ubuntu20-kube-router-sep.yml new file mode 100644 index 000000000..ca34c88a6 --- /dev/null +++ b/tests/files/ubuntu20-kube-router-sep.yml @@ -0,0 +1,7 @@ +--- +cloud_image: ubuntu-2004 +cluster_layout: + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['kube_node'] + +kube_network_plugin: "kube-router" diff --git a/tests/files/ubuntu20-kube-router-svc-proxy.yml b/tests/files/ubuntu20-kube-router-svc-proxy.yml new file mode 100644 index 000000000..b2739b793 --- /dev/null +++ b/tests/files/ubuntu20-kube-router-svc-proxy.yml @@ -0,0 +1,10 @@ +--- +cloud_image: ubuntu-2004 +cluster_layout: + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['kube_control_plane', 'etcd', 'kube_node'] + - node_groups: ['etcd', 'kube_node'] + +kube_network_plugin: "kube-router" + +kube_router_run_service_proxy: true diff --git a/tests/files/vagrant_ubuntu24-calico-dual-stack.rb b/tests/files/ubuntu24-calico-dual-stack.rb similarity index 100% rename from tests/files/vagrant_ubuntu24-calico-dual-stack.rb rename to tests/files/ubuntu24-calico-dual-stack.rb diff --git a/tests/files/vagrant_ubuntu24-calico-dual-stack.yml b/tests/files/ubuntu24-calico-dual-stack.yml similarity index 100% rename from tests/files/vagrant_ubuntu24-calico-dual-stack.yml rename to tests/files/ubuntu24-calico-dual-stack.yml diff --git a/tests/files/vagrant_ubuntu24-calico-ipv6only-stack.rb b/tests/files/ubuntu24-calico-ipv6only-stack.rb similarity index 100% rename from tests/files/vagrant_ubuntu24-calico-ipv6only-stack.rb rename to tests/files/ubuntu24-calico-ipv6only-stack.rb diff --git a/tests/files/vagrant_ubuntu24-calico-ipv6only-stack.yml b/tests/files/ubuntu24-calico-ipv6only-stack.yml similarity index 100% rename from tests/files/vagrant_ubuntu24-calico-ipv6only-stack.yml rename to tests/files/ubuntu24-calico-ipv6only-stack.yml diff --git a/tests/files/vagrant_fedora39-kube-router.rb b/tests/files/vagrant_fedora39-kube-router.rb deleted file mode 100644 index e69a10b63..000000000 --- a/tests/files/vagrant_fedora39-kube-router.rb +++ /dev/null @@ -1,15 +0,0 @@ -$num_instances = 2 -$vm_memory ||= 2048 -$os = "fedora39" - -$control_plane_instances = 1 -$etcd_instances = 1 - -# For CI we are not worried about data persistence across reboot -$libvirt_volume_cache = "unsafe" - -# Checking for box update can trigger API rate limiting -# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html -$box_check_update = false - -$network_plugin = "kube-router" diff --git a/tests/files/vagrant_fedora39-kube-router.yml b/tests/files/vagrant_fedora39-kube-router.yml deleted file mode 100644 index b09c4889f..000000000 --- a/tests/files/vagrant_fedora39-kube-router.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# Instance settings -cloud_image: fedora-39 - -# Kubespray settings -kube_network_plugin: kube-router diff --git a/tests/files/vagrant_ubuntu20-flannel-collection.rb b/tests/files/vagrant_ubuntu20-flannel-collection.rb deleted file mode 100644 index 55daa19e3..000000000 --- a/tests/files/vagrant_ubuntu20-flannel-collection.rb +++ /dev/null @@ -1,9 +0,0 @@ -$os = "ubuntu2004" - -# For CI we are not worries about data persistence across reboot -$libvirt_volume_cache = "unsafe" - -# Checking for box update can trigger API rate limiting -# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html -$box_check_update = false -$vm_cpus = 2 diff --git a/tests/files/vagrant_ubuntu20-flannel-collection.yml b/tests/files/vagrant_ubuntu20-flannel-collection.yml deleted file mode 100644 index 6f8916feb..000000000 --- a/tests/files/vagrant_ubuntu20-flannel-collection.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -# Kubespray settings -kube_network_plugin: flannel diff --git a/tests/files/vagrant_ubuntu20-flannel.rb b/tests/files/vagrant_ubuntu20-flannel.rb deleted file mode 100644 index d8bf563a3..000000000 --- a/tests/files/vagrant_ubuntu20-flannel.rb +++ /dev/null @@ -1,8 +0,0 @@ -$os = "ubuntu2004" - -# For CI we are not worries about data persistence across reboot -$libvirt_volume_cache = "unsafe" -# Checking for box update can trigger API rate limiting -# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html -$box_check_update = false -$vm_cpus = 2 diff --git a/tests/files/vagrant_ubuntu20-flannel.yml b/tests/files/vagrant_ubuntu20-flannel.yml deleted file mode 100644 index 43ec54c6a..000000000 --- a/tests/files/vagrant_ubuntu20-flannel.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -# Kubespray settings -kube_network_plugin: flannel -ansible_ssh_private_key: .vagrant.d/insecure_private_key diff --git a/tests/files/vagrant_ubuntu20-kube-router-sep.rb b/tests/files/vagrant_ubuntu20-kube-router-sep.rb deleted file mode 100644 index 2b16f2043..000000000 --- a/tests/files/vagrant_ubuntu20-kube-router-sep.rb +++ /dev/null @@ -1,15 +0,0 @@ -$num_instances = 2 -$vm_memory ||= 2048 -$os = "ubuntu2004" - -$control_plane_instances = 1 -$etcd_instances = 1 - -# For CI we are not worried about data persistence across reboot -$libvirt_volume_cache = "unsafe" - -# Checking for box update can trigger API rate limiting -# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html -$box_check_update = false - -$network_plugin = "kube-router" diff --git a/tests/files/vagrant_ubuntu20-kube-router-sep.yml b/tests/files/vagrant_ubuntu20-kube-router-sep.yml deleted file mode 100644 index d17b627a7..000000000 --- a/tests/files/vagrant_ubuntu20-kube-router-sep.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -# Instance settings -cloud_image: ubuntu-2004 -mode: separate - -# Kubespray settings -bootstrap_os: ubuntu -kube_network_plugin: kube-router diff --git a/tests/files/vagrant_ubuntu20-kube-router-svc-proxy.rb b/tests/files/vagrant_ubuntu20-kube-router-svc-proxy.rb deleted file mode 100644 index 29f6e8166..000000000 --- a/tests/files/vagrant_ubuntu20-kube-router-svc-proxy.rb +++ /dev/null @@ -1,10 +0,0 @@ -$os = "ubuntu2004" - -# For CI we are not worried about data persistence across reboot -$libvirt_volume_cache = "unsafe" - -# Checking for box update can trigger API rate limiting -# https://www.vagrantup.com/docs/vagrant-cloud/request-limits.html -$box_check_update = false - -$network_plugin = "kube-router" diff --git a/tests/files/vagrant_ubuntu20-kube-router-svc-proxy.yml b/tests/files/vagrant_ubuntu20-kube-router-svc-proxy.yml deleted file mode 100644 index faa30d068..000000000 --- a/tests/files/vagrant_ubuntu20-kube-router-svc-proxy.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -# Instance settings -cloud_image: ubuntu-2004 -mode: separate - -# Kubespray settings -bootstrap_os: ubuntu -kube_network_plugin: kube-router - -kube_router_run_service_proxy: true From b9e251ac7a935f5bffde150728ed64e075019f85 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Fri, 14 Mar 2025 17:44:04 +0100 Subject: [PATCH 4/8] CI: cleanup terraform + deduplicate and simplify --- .ansible-lint | 2 + .gitlab-ci.yml | 4 +- .gitlab-ci/build.yml | 3 +- .gitlab-ci/kubevirt.yml | 7 +- .gitlab-ci/molecule.yml | 2 - .gitlab-ci/terraform.yml | 175 ++++++--------------------------- .gitlab-ci/vagrant.yml | 3 + tests/scripts/create-tf.sh | 5 - tests/scripts/delete-tf.sh | 5 - tests/scripts/testcases_run.sh | 2 - 10 files changed, 38 insertions(+), 170 deletions(-) delete mode 100755 tests/scripts/create-tf.sh delete mode 100755 tests/scripts/delete-tf.sh diff --git a/.ansible-lint b/.ansible-lint index 5f3fa2d81..8f2c5e808 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -39,5 +39,7 @@ exclude_paths: - .github - .ansible - .cache + - .gitlab-ci.yml + - .gitlab-ci mock_modules: - gluster.gluster.gluster_volume diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 99ab8d05d..e6c9509f0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -31,12 +31,12 @@ variables: ANSIBLE_VERBOSITY: 2 RECOVER_CONTROL_PLANE_TEST: "false" RECOVER_CONTROL_PLANE_TEST_GROUPS: "etcd[2:]:kube_control_plane[1:]" - TERRAFORM_VERSION: 1.3.7 + TF_VERSION: 1.3.7 PIPELINE_IMAGE: "$CI_REGISTRY_IMAGE/pipeline:${CI_PIPELINE_ID}-${CI_COMMIT_SHORT_SHA}" before_script: - ./tests/scripts/rebase.sh - - mkdir -p /.ssh + - mkdir -p cluster-dump $ANSIBLE_INVENTORY .job: &job tags: diff --git a/.gitlab-ci/build.yml b/.gitlab-ci/build.yml index b2bde1296..80f7387c7 100644 --- a/.gitlab-ci/build.yml +++ b/.gitlab-ci/build.yml @@ -15,9 +15,8 @@ PROJECT_DIR: $CI_PROJECT_DIR DOCKERFILE: Dockerfile GODEBUG: "http2client=0" - before_script: - - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /kaniko/.docker/config.json script: + - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /kaniko/.docker/config.json - /kaniko/executor --cache=true --cache-dir=image-cache --context $PROJECT_DIR diff --git a/.gitlab-ci/kubevirt.yml b/.gitlab-ci/kubevirt.yml index d11e0cc7e..4ed5ba733 100644 --- a/.gitlab-ci/kubevirt.yml +++ b/.gitlab-ci/kubevirt.yml @@ -2,15 +2,12 @@ .kubevirt: extends: .job-moderated interruptible: true - before_script: - - ./tests/scripts/rebase.sh - - mkdir -p cluster-dump script: + - ansible-playbook tests/cloud_playbooks/create-kubevirt.yml + -c local -e @"tests/files/${TESTCASE}.yml" - ./tests/scripts/testcases_run.sh variables: ANSIBLE_TIMEOUT: "120" - CI_PLATFORM: packet - SSH_USER: kubespray tags: - ffci needs: diff --git a/.gitlab-ci/molecule.yml b/.gitlab-ci/molecule.yml index 2dd93af00..26f1be86b 100644 --- a/.gitlab-ci/molecule.yml +++ b/.gitlab-ci/molecule.yml @@ -8,8 +8,6 @@ needs: - pipeline-image # - ci-not-authorized - before_script: - - ./tests/scripts/rebase.sh script: - ./tests/scripts/molecule_run.sh after_script: diff --git a/.gitlab-ci/terraform.yml b/.gitlab-ci/terraform.yml index 223522815..d5e627cd9 100644 --- a/.gitlab-ci/terraform.yml +++ b/.gitlab-ci/terraform.yml @@ -5,28 +5,21 @@ needs: - ci-not-authorized - pipeline-image + variables: + TF_VAR_public_key_path: "${ANSIBLE_PRIVATE_KEY_FILE}.pub" + TF_VAR_ssh_private_key_path: $ANSIBLE_PRIVATE_KEY_FILE + CLUSTER: $CI_COMMIT_REF_NAME + TERRAFORM_STATE_ROOT: $CI_PROJECT_DIR stage: deploy-part1 before_script: - - update-alternatives --install /usr/bin/python python /usr/bin/python3 1 - ./tests/scripts/rebase.sh - - ./tests/scripts/testcases_prepare.sh + - mkdir -p cluster-dump $ANSIBLE_INVENTORY - ./tests/scripts/terraform_install.sh - # Set Ansible config - - cp ansible.cfg ~/.ansible.cfg - # Prepare inventory - cp contrib/terraform/$PROVIDER/sample-inventory/cluster.tfvars . - - ln -s contrib/terraform/$PROVIDER/hosts + - ln -rs -t $ANSIBLE_INVENTORY contrib/terraform/$PROVIDER/hosts - terraform -chdir="contrib/terraform/$PROVIDER" init - # Copy SSH keypair - - mkdir -p ~/.ssh - - echo "$PACKET_PRIVATE_KEY" | base64 -d > ~/.ssh/id_rsa - - chmod 400 ~/.ssh/id_rsa - - echo "$PACKET_PUBLIC_KEY" | base64 -d > ~/.ssh/id_rsa.pub - - mkdir -p contrib/terraform/$PROVIDER/group_vars - # Random subnet to avoid routing conflicts - - export TF_VAR_subnet_cidr="10.$(( $RANDOM % 256 )).$(( $RANDOM % 256 )).0/24" -.terraform_validate: +terraform_validate: extends: .terraform_install tags: [ffci] only: ['master', /^pr-.*$/] @@ -36,6 +29,17 @@ stage: test needs: - pipeline-image + parallel: + matrix: + - PROVIDER: + - openstack + - equinix + - aws + - exoscale + - hetzner + - vsphere + - upcloud + - nifcloud .terraform_apply: extends: .terraform_install @@ -43,99 +47,22 @@ stage: deploy-extended when: manual only: [/^pr-.*$/] - artifacts: - when: always - paths: - - cluster-dump/ variables: ANSIBLE_INVENTORY_UNPARSED_FAILED: "true" - ANSIBLE_INVENTORY: hosts - CI_PLATFORM: tf - TF_VAR_ssh_user: $SSH_USER + TF_VAR_ssh_user: $ANSIBLE_REMOTE_USER TF_VAR_cluster_name: $CI_JOB_ID script: + # Set Ansible config + - cp ansible.cfg ~/.ansible.cfg + - ssh-keygen -N '' -f $ANSIBLE_PRIVATE_KEY_FILE -t rsa + - mkdir -p contrib/terraform/$PROVIDER/group_vars + # Random subnet to avoid routing conflicts + - export TF_VAR_subnet_cidr="10.$(( $RANDOM % 256 )).$(( $RANDOM % 256 )).0/24" + - terraform -chdir="contrib/terraform/$PROVIDER" apply -auto-approve -parallelism=1 - tests/scripts/testcases_run.sh after_script: # Cleanup regardless of exit code - - ./tests/scripts/testcases_cleanup.sh - -tf-validate-openstack: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: openstack - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-equinix: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: equinix - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-aws: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: aws - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-exoscale: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: exoscale - -tf-validate-hetzner: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: hetzner - -tf-validate-vsphere: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: vsphere - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-upcloud: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: upcloud - CLUSTER: $CI_COMMIT_REF_NAME - -tf-validate-nifcloud: - extends: .terraform_validate - variables: - TF_VERSION: $TERRAFORM_VERSION - PROVIDER: nifcloud - -# tf-packet-ubuntu20-default: -# extends: .terraform_apply -# variables: -# TF_VERSION: $TERRAFORM_VERSION -# PROVIDER: packet -# CLUSTER: $CI_COMMIT_REF_NAME -# TF_VAR_number_of_k8s_masters: "1" -# TF_VAR_number_of_k8s_nodes: "1" -# TF_VAR_plan_k8s_masters: t1.small.x86 -# TF_VAR_plan_k8s_nodes: t1.small.x86 -# TF_VAR_metro: am -# TF_VAR_public_key_path: "" -# TF_VAR_operating_system: ubuntu_20_04 - -.ovh_variables: &ovh_variables - OS_AUTH_URL: https://auth.cloud.ovh.net/v3 - OS_PROJECT_ID: 8d3cd5d737d74227ace462dee0b903fe - OS_PROJECT_NAME: "9361447987648822" - OS_USER_DOMAIN_NAME: Default - OS_PROJECT_DOMAIN_ID: default - OS_USERNAME: 8XuhBMfkKVrk - OS_REGION_NAME: UK1 - OS_INTERFACE: public - OS_IDENTITY_API_VERSION: "3" + - terraform -chdir="contrib/terraform/$PROVIDER" destroy -auto-approve # Elastx is generously donating resources for Kubespray on Openstack CI # Contacts: @gix @bl0m1 @@ -169,11 +96,8 @@ tf-elastx_ubuntu20-calico: allow_failure: true variables: <<: *elastx_variables - TF_VERSION: $TERRAFORM_VERSION PROVIDER: openstack - CLUSTER: $CI_COMMIT_REF_NAME ANSIBLE_TIMEOUT: "60" - SSH_USER: ubuntu TF_VAR_number_of_k8s_masters: "1" TF_VAR_number_of_k8s_masters_no_floating_ip: "0" TF_VAR_number_of_k8s_masters_no_floating_ip_no_etcd: "0" @@ -194,46 +118,3 @@ tf-elastx_ubuntu20-calico: TF_VAR_flavor_k8s_node: 3f73fc93-ec61-4808-88df-2580d94c1a9b # v1-standard-2 TF_VAR_image: ubuntu-20.04-server-latest TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]' - -# OVH voucher expired, commenting job until things are sorted out - -# tf-ovh_cleanup: -# stage: unit-tests -# tags: [light] -# image: python -# environment: ovh -# variables: -# <<: *ovh_variables -# before_script: -# - pip install -r scripts/openstack-cleanup/requirements.txt -# script: -# - ./scripts/openstack-cleanup/main.py - -# tf-ovh_ubuntu20-calico: -# extends: .terraform_apply -# when: on_success -# environment: ovh -# variables: -# <<: *ovh_variables -# TF_VERSION: $TERRAFORM_VERSION -# PROVIDER: openstack -# CLUSTER: $CI_COMMIT_REF_NAME -# ANSIBLE_TIMEOUT: "60" -# SSH_USER: ubuntu -# TF_VAR_number_of_k8s_masters: "0" -# TF_VAR_number_of_k8s_masters_no_floating_ip: "1" -# TF_VAR_number_of_k8s_masters_no_floating_ip_no_etcd: "0" -# TF_VAR_number_of_etcd: "0" -# TF_VAR_number_of_k8s_nodes: "0" -# TF_VAR_number_of_k8s_nodes_no_floating_ip: "1" -# TF_VAR_number_of_gfs_nodes_no_floating_ip: "0" -# TF_VAR_number_of_bastions: "0" -# TF_VAR_number_of_k8s_masters_no_etcd: "0" -# TF_VAR_use_neutron: "0" -# TF_VAR_floatingip_pool: "Ext-Net" -# TF_VAR_external_net: "6011fbc9-4cbf-46a4-8452-6890a340b60b" -# TF_VAR_network_name: "Ext-Net" -# TF_VAR_flavor_k8s_master: "defa64c3-bd46-43b4-858a-d93bbae0a229" # s1-8 -# TF_VAR_flavor_k8s_node: "defa64c3-bd46-43b4-858a-d93bbae0a229" # s1-8 -# TF_VAR_image: "Ubuntu 20.04" -# TF_VAR_k8s_allowed_remote_ips: '["0.0.0.0/0"]' diff --git a/.gitlab-ci/vagrant.yml b/.gitlab-ci/vagrant.yml index a40bbb2ee..f8834d71b 100644 --- a/.gitlab-ci/vagrant.yml +++ b/.gitlab-ci/vagrant.yml @@ -28,7 +28,10 @@ vagrant: - pip install --no-compile --no-cache-dir -r $CI_PROJECT_DIR/tests/requirements.txt - ./tests/scripts/vagrant_clean.sh script: + - vagrant up - ./tests/scripts/testcases_run.sh + after_script: + - vagrant destroy -f cache: key: $CI_JOB_NAME_SLUG paths: diff --git a/tests/scripts/create-tf.sh b/tests/scripts/create-tf.sh deleted file mode 100755 index fbed30268..000000000 --- a/tests/scripts/create-tf.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -euxo pipefail - -cd .. -terraform -chdir="contrib/terraform/$PROVIDER" apply -auto-approve -parallelism=1 diff --git a/tests/scripts/delete-tf.sh b/tests/scripts/delete-tf.sh deleted file mode 100755 index 57c35c83e..000000000 --- a/tests/scripts/delete-tf.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -euxo pipefail - -cd .. -terraform -chdir="contrib/terraform/$PROVIDER" destroy -auto-approve diff --git a/tests/scripts/testcases_run.sh b/tests/scripts/testcases_run.sh index 09de3261b..bf2ce760b 100755 --- a/tests/scripts/testcases_run.sh +++ b/tests/scripts/testcases_run.sh @@ -16,8 +16,6 @@ fi export ANSIBLE_BECOME=true export ANSIBLE_BECOME_USER=root -make -C tests create-${CI_PLATFORM} -s - # Test collection build and install by installing our collection, emptying our repository, adding # cluster.yml, reset.yml, and remote-node.yml files that simply point to our collection's playbooks, and then # running the same tests as before From f6ca3bf4776c9fefca948b33ed068c8decdab877 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Sun, 16 Mar 2025 09:11:27 +0100 Subject: [PATCH 5/8] CI: simplify image build job --- .gitlab-ci/build.yml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/.gitlab-ci/build.yml b/.gitlab-ci/build.yml index 80f7387c7..d609d4030 100644 --- a/.gitlab-ci/build.yml +++ b/.gitlab-ci/build.yml @@ -1,5 +1,5 @@ --- -.build-container: +pipeline-image: cache: key: $CI_COMMIT_REF_SLUG paths: @@ -11,22 +11,14 @@ name: gcr.io/kaniko-project/executor:debug entrypoint: [''] variables: - TAG: $CI_COMMIT_SHORT_SHA - PROJECT_DIR: $CI_PROJECT_DIR - DOCKERFILE: Dockerfile GODEBUG: "http2client=0" script: - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /kaniko/.docker/config.json - /kaniko/executor --cache=true --cache-dir=image-cache - --context $PROJECT_DIR - --dockerfile $PROJECT_DIR/$DOCKERFILE + --context $CI_PROJECT_DIR + --dockerfile $CI_PROJECT_DIR/pipeline.Dockerfile --label 'git-branch'=$CI_COMMIT_REF_SLUG --label 'git-tag=$CI_COMMIT_TAG' --destination $PIPELINE_IMAGE --log-timestamp=true - -pipeline-image: - extends: .build-container - variables: - DOCKERFILE: pipeline.Dockerfile From ef133fd93d02151c25d76e175c64b6cdf6b342f2 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Thu, 20 Mar 2025 10:39:32 +0100 Subject: [PATCH 6/8] CI: cleanups leftovers things include_vars is redundant as the file is already included by extra_vars --- tests/cloud_playbooks/roles/packet-ci/tasks/main.yml | 4 ---- tests/scripts/testcases_run.sh | 1 - 2 files changed, 5 deletions(-) diff --git a/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml b/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml index 6bd4b7c07..0a41cc534 100644 --- a/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml +++ b/tests/cloud_playbooks/roles/packet-ci/tasks/main.yml @@ -1,8 +1,4 @@ --- -- name: Include custom vars for ci job - include_vars: "../files/{{ lookup('ansible.builtin.env', 'TESTCASE') }}.yml" - when: molecule_yml is not defined - - name: Generate SSH keypair community.crypto.openssh_keypair: size: 2048 diff --git a/tests/scripts/testcases_run.sh b/tests/scripts/testcases_run.sh index bf2ce760b..b2668c168 100755 --- a/tests/scripts/testcases_run.sh +++ b/tests/scripts/testcases_run.sh @@ -54,7 +54,6 @@ fi run_playbook () { playbook=$1 shift -# We can set --limit here and still pass it as supplemental args because `--limit` is a 'last one wins' option ansible-playbook \ -e @tests/common_vars.yml \ -e @tests/files/${TESTCASE}.yml \ From 5c4e597987cfccb33ad4f9f99669869ef5ca90f1 Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Sun, 16 Mar 2025 09:52:14 +0100 Subject: [PATCH 7/8] CI: workaround build: disable rebase --- .gitlab-ci/build.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.gitlab-ci/build.yml b/.gitlab-ci/build.yml index d609d4030..c3f9960fc 100644 --- a/.gitlab-ci/build.yml +++ b/.gitlab-ci/build.yml @@ -12,6 +12,11 @@ pipeline-image: entrypoint: [''] variables: GODEBUG: "http2client=0" + # TODO: remove the override + # currently rebase.sh depends on bash (not available in the kaniko image) + # once we have a simpler rebase (which should be easy if the target branch ref is available as variable + # we'll be able to rebase here as well hopefully + before_script: [] script: - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /kaniko/.docker/config.json - /kaniko/executor --cache=true From 0fc56ed3443de2f97e72efb1cdf7e2ccbd6b778c Mon Sep 17 00:00:00 2001 From: Max Gautier Date: Wed, 26 Mar 2025 14:57:06 +0100 Subject: [PATCH 8/8] CI: fix terraform - add default testcase - fix ansible ssh connection --- .gitlab-ci/terraform.yml | 2 ++ tests/scripts/testcases_run.sh | 9 ++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci/terraform.yml b/.gitlab-ci/terraform.yml index d5e627cd9..97003a860 100644 --- a/.gitlab-ci/terraform.yml +++ b/.gitlab-ci/terraform.yml @@ -49,6 +49,8 @@ terraform_validate: only: [/^pr-.*$/] variables: ANSIBLE_INVENTORY_UNPARSED_FAILED: "true" + ANSIBLE_REMOTE_USER: ubuntu # the openstack terraform module does not handle custom user correctly + ANSIBLE_SSH_RETRIES: 15 TF_VAR_ssh_user: $ANSIBLE_REMOTE_USER TF_VAR_cluster_name: $CI_JOB_ID script: diff --git a/tests/scripts/testcases_run.sh b/tests/scripts/testcases_run.sh index b2668c168..a427c550b 100755 --- a/tests/scripts/testcases_run.sh +++ b/tests/scripts/testcases_run.sh @@ -1,6 +1,13 @@ #!/bin/bash set -euxo pipefail +if [[ -v TESTCASE ]]; then + TESTCASE_FILE=files/${TESTCASE}.yml +else + TESTCASE_FILE=common_vars.yml + TESTCASE=default +fi + echo "TESTCASE is $TESTCASE" source tests/files/$TESTCASE || true @@ -56,7 +63,7 @@ playbook=$1 shift ansible-playbook \ -e @tests/common_vars.yml \ - -e @tests/files/${TESTCASE}.yml \ + -e @tests/${TESTCASE_FILE} \ -e local_release_dir=${PWD}/downloads \ "$@" \ ${playbook}