diff --git a/collection/stages/roles/cpms_test/defaults/main.yml b/collection/stages/roles/cpms_test/defaults/main.yml new file mode 100644 index 00000000..b9bc650e --- /dev/null +++ b/collection/stages/roles/cpms_test/defaults/main.yml @@ -0,0 +1,8 @@ +--- +# defaults file for cpms_test +cpms_test_name: cluster-control-plane-machine-set-operator +cpms_test_dir: "{{ artifacts_dir }}/{{ cpms_test_name }}" +cpms_test_results_dir: "{{ artifacts_dir }}/cpms_test-results" +cpms_test_testsuite_name: cpms +cpms_tests_go_version: "{{ tests.default_go_version_target }}" +cpms_test_junit_filename: junit_control_plane_machine_set_operator.xml diff --git a/collection/stages/roles/cpms_test/meta/main.yml b/collection/stages/roles/cpms_test/meta/main.yml new file mode 100644 index 00000000..ce0638dc --- /dev/null +++ b/collection/stages/roles/cpms_test/meta/main.yml @@ -0,0 +1,3 @@ +--- +collections: + - shiftstack.tools diff --git a/collection/stages/roles/cpms_test/tasks/main.yml b/collection/stages/roles/cpms_test/tasks/main.yml new file mode 100644 index 00000000..0fedc0ba --- /dev/null +++ b/collection/stages/roles/cpms_test/tasks/main.yml @@ -0,0 +1,25 @@ +--- +# tasks file for cpms_test +- name: Prepare CPMS test + ansible.builtin.include_role: + name: tools_openshift_tests + tasks_from: prepare_openshift_tests.yml + vars: + repo_name: "{{ cpms_test_name }}" + results_dir: "{{ cpms_test_results_dir }}" + go_version_target: "{{ cpms_tests_go_version }}" + +- name: Run CPMS e2e-presubmit tests + ansible.builtin.include_tasks: run_cpms_test.yml + vars: + cpms_tests_type: e2e-presubmit + +- name: Run CPMS e2e-periodic tests + ansible.builtin.include_tasks: run_cpms_test.yml + vars: + cpms_tests_type: e2e-periodic + +- name: Remove the source directory after tests complete + ansible.builtin.file: + path: "{{ cpms_test_dir }}" + state: absent diff --git a/collection/stages/roles/cpms_test/tasks/run_cpms_test.yml b/collection/stages/roles/cpms_test/tasks/run_cpms_test.yml new file mode 100644 index 00000000..1fee2206 --- /dev/null +++ b/collection/stages/roles/cpms_test/tasks/run_cpms_test.yml @@ -0,0 +1,59 @@ +--- +- name: Set result paths for {{ cpms_tests_type }} + ansible.builtin.set_fact: + cpms_results_subdir: "{{ cpms_test_results_dir }}/{{ cpms_tests_type }}" + +- name: Create results directory for {{ cpms_tests_type }} + ansible.builtin.file: + path: "{{ cpms_results_subdir }}" + state: directory + mode: u=rwx,g=rw,o=r + +- name: Run {{ cpms_test_name }} {{ cpms_tests_type }} tests + block: + - name: Run make {{ cpms_tests_type }} + ansible.builtin.shell: | + source {{ home_dir }}/.bashrc + make {{ cpms_tests_type }} + args: + chdir: "{{ cpms_test_dir }}" + environment: + KUBECONFIG: "{{ kubeconfig }}" + OS_CLOUD: "{{ user_cloud }}" + OPENSHIFT_CI: "true" + ARTIFACT_DIR: "{{ cpms_results_subdir }}" + changed_when: true + + rescue: + - name: Mark the CPMS {{ cpms_tests_type }} tests as UNSTABLE + ansible.builtin.include_role: + name: tools_stage_results + tasks_from: mark_stage_unstable.yml + vars: + unstable_msg: >- + The {{ cpms_test_name }} {{ cpms_tests_type }} test suite failed. + + - name: Run must-gather + ansible.builtin.include_role: + name: tools_must-gather + vars: + must_gather_suffix: "cpms-{{ cpms_tests_type }}" + +- name: Rename JUnit XML to match expected prefix + ansible.builtin.copy: + src: "{{ cpms_results_subdir }}/{{ cpms_test_junit_filename }}" + dest: "{{ cpms_results_subdir }}/junit_e2e_{{ cpms_tests_type }}.xml" + remote_src: yes + mode: u=rw,g=rw,o=r + when: (cpms_results_subdir + '/' + cpms_test_junit_filename) is file + +- name: Post openshift-test + ansible.builtin.include_role: + name: tools_openshift_tests + tasks_from: post_openshift_tests.yml + vars: + testsuite_name: "{{ cpms_test_testsuite_name }}_{{ cpms_tests_type }}" + key_for_filtering_results: "cpms" + test_name: "{{ cpms_test_name }}-{{ cpms_tests_type }}" + results_dir: "{{ cpms_results_subdir }}" + when: (cpms_results_subdir + '/' + cpms_test_junit_filename) is file diff --git a/collection/stages/roles/day2ops/tasks/procedures/cpms_replace_attrs.yml b/collection/stages/roles/day2ops/tasks/procedures/cpms_replace_attrs.yml new file mode 100644 index 00000000..4bdf2a46 --- /dev/null +++ b/collection/stages/roles/day2ops/tasks/procedures/cpms_replace_attrs.yml @@ -0,0 +1,217 @@ +--- +# Procedure that updates the CPMS object by adding a fake extra network/subnet and SG to the +# masters and replacing failureDomain params on master-0 to have the same attributes as master-1. +# After reconciliation, master-0 and master-1 will have same nova AZ, cinderAZ, and volumeType. +- name: Set log directory for cpms_replace_attrs procedure + ansible.builtin.set_fact: + cpms_log_directory: "{{ artifacts_dir }}/cpms_replace_attrs" + +- name: Run cpms_replace_attrs procedure + block: + - name: Create {{ cpms_log_directory }} directory + ansible.builtin.file: + path: "{{ cpms_log_directory }}" + state: directory + mode: u=rwx,g=rw,o=r + + - name: Set artifact paths + ansible.builtin.set_fact: + cpms_orig_path: "{{ cpms_log_directory }}/orig_cpms.yaml" + cpms_patch_to_apply_path: "{{ cpms_log_directory }}/cpms_patch_to_apply.yaml" + cpms_applied_path: "{{ cpms_log_directory }}/applied_cpms.yaml" + cpms_patch_to_restore_path: "{{ cpms_log_directory }}/cpms_patch_to_restore_NOTAPPLIED.yaml" + + - name: Get original CPMS definition + kubernetes.core.k8s_info: + kubeconfig: "{{ kubeconfig }}" + api_version: machine.openshift.io/v1 + kind: ControlPlaneMachineSet + namespace: openshift-machine-api + register: original_cpms + + - name: Save the original CPMS definition + ansible.builtin.copy: + content: "{{ original_cpms.resources[0] | to_nice_yaml(indent=2) }}" + dest: "{{ cpms_orig_path }}" + mode: u=rw,g=rw,o=r + + - name: Create network {{ cpms_replacements.network_name }} + openstack.cloud.network: + cloud: "{{ user_cloud }}" + name: "{{ cpms_replacements.network_name }}" + state: present + register: network_to_add + + - name: Create subnet {{ cpms_replacements.subnet_name }} + openstack.cloud.subnet: + cloud: "{{ user_cloud }}" + name: "{{ cpms_replacements.subnet_name }}" + cidr: "{{ cpms_replacements.cidr }}" + network_name: "{{ cpms_replacements.network_name }}" + enable_dhcp: false + state: present + + - name: Create security group {{ cpms_replacements.sg_name }} + openstack.cloud.security_group: + cloud: "{{ user_cloud }}" + name: "{{ cpms_replacements.sg_name }}" + state: present + register: sg_to_add + + - name: Store original CPMS attributes that will be updated + ansible.builtin.set_fact: + orig_failuredomains: >- + {{ original_cpms.resources[0].spec.template.machines_v1beta1_machine_openshift_io.failureDomains.openstack | list }} + orig_networks: >- + {{ original_cpms.resources[0].spec.template.machines_v1beta1_machine_openshift_io.spec.providerSpec.value.networks | list }} + orig_sgs: >- + {{ original_cpms.resources[0].spec.template.machines_v1beta1_machine_openshift_io.spec.providerSpec.value.securityGroups | list }} + + - name: Create patch for CPMS + ansible.builtin.template: + src: control-plane-machine-set-patch.yaml.j2 + dest: "{{ cpms_patch_to_apply_path }}" + mode: u=rw,g=rw,o=r + vars: + cpms_failuredomains: >- + {{ orig_failuredomains | + replace(orig_failuredomains[0].availabilityZone, orig_failuredomains[1].availabilityZone) | + replace(orig_failuredomains[0].rootVolume.availabilityZone, orig_failuredomains[1].rootVolume.availabilityZone) | + replace(orig_failuredomains[0].rootVolume.volumeType, orig_failuredomains[1].rootVolume.volumeType) }} + cpms_networks: "{{ orig_networks + [{'filter': {}, 'uuid': network_to_add.id}] }}" + cpms_sgs: "{{ orig_sgs + [{'filter': {}, 'name': cpms_replacements.sg_name}] }}" + + - name: Apply patch for CPMS + kubernetes.core.k8s: + kubeconfig: "{{ kubeconfig }}" + state: present + apply: true + src: "{{ cpms_patch_to_apply_path }}" + + - name: Wait for CPMS reconciliation to complete + ansible.builtin.include_role: + name: tools_cluster_checks + tasks_from: wait_cpms_updated.yml + vars: + wait_retries: 180 + wait_delay: 60 + + - name: Check cluster health after CPMS patch application + block: + - name: Check the Control Plane MachineSet is healthy + ansible.builtin.include_role: + name: tools_cluster_checks + tasks_from: check_controlplane_machinesets.yml + + - name: Wait until OCP cluster is healthy + ansible.builtin.include_role: + name: tools_cluster_checks + tasks_from: wait_until_cluster_is_healthy.yml + + - name: Get resulting CPMS definition after application + kubernetes.core.k8s_info: + kubeconfig: "{{ kubeconfig }}" + api_version: machine.openshift.io/v1 + kind: ControlPlaneMachineSet + namespace: openshift-machine-api + register: applied_cpms + + - name: Save the resulting CPMS after application + ansible.builtin.copy: + content: "{{ applied_cpms.resources[0] | to_nice_yaml(indent=2) }}" + dest: "{{ cpms_applied_path }}" + mode: u=rw,g=rw,o=r + + - name: Get all the master VMs after procedure + openstack.cloud.server_info: + cloud: "{{ user_cloud }}" + server: "*master*" + register: result + + - name: Store the master VMs after procedure + ansible.builtin.set_fact: + master_after: "{{ result.servers | sort(attribute='name') | list }}" + + - name: Get root volumes info + ansible.builtin.shell: > + openstack volume show {{ item }} -c type -c availability_zone -f shell + environment: + OS_CLOUD: "{{ user_cloud }}" + register: root_volumes_after + changed_when: false + with_items: + - "{{ master_after[0].volumes[0].id }}" + - "{{ master_after[1].volumes[0].id }}" + - "{{ master_after[2].volumes[0].id }}" + + - name: Confirm that master VMs reflect FailureDomain changes after procedure + ansible.builtin.assert: + that: + - master_after | length == 3 + - master_after | selectattr('location.zone', 'eq', expected_fd_az) | list | length == 2 + - root_volumes_after.results | selectattr('stdout', 'eq', + 'availability_zone="' + expected_fd_cinderaz + '"\ntype="' + expected_fd_volumeType + '"') | list | length == 2 + vars: + expected_fd_az: "{{ orig_failuredomains[1].availabilityZone }}" + expected_fd_cinderaz: "{{ orig_failuredomains[1].rootVolume.availabilityZone }}" + expected_fd_volumeType: "{{ orig_failuredomains[1].rootVolume.volumeType }}" + + - name: Confirm that the VMs include the added network and SG + ansible.builtin.assert: + that: + - cpms_replacements.network_name in item.addresses.keys() + - cpms_replacements.sg_name in item.security_groups | json_query('[*].name') + with_items: "{{ master_after }}" + + always: + - name: Create restore patch for CPMS + ansible.builtin.template: + src: control-plane-machine-set-patch.yaml.j2 + dest: "{{ cpms_patch_to_restore_path }}" + mode: u=rw,g=rw,o=r + vars: + cpms_failuredomains: "{{ orig_failuredomains }}" + cpms_networks: "{{ orig_networks }}" + cpms_sgs: "{{ orig_sgs }}" + + - name: Apply restore patch for CPMS + kubernetes.core.k8s: + kubeconfig: "{{ kubeconfig }}" + state: present + apply: true + src: "{{ cpms_patch_to_restore_path }}" + + - name: Wait for CPMS restore reconciliation to complete + ansible.builtin.include_role: + name: tools_cluster_checks + tasks_from: wait_cpms_updated.yml + vars: + wait_retries: 180 + wait_delay: 60 + + - name: Check cluster health after restore + block: + - name: Check the Control Plane MachineSet is healthy + ansible.builtin.include_role: + name: tools_cluster_checks + tasks_from: check_controlplane_machinesets.yml + + - name: Wait until OCP cluster is healthy + ansible.builtin.include_role: + name: tools_cluster_checks + tasks_from: wait_until_cluster_is_healthy.yml + + - name: Clean up test OpenStack resources + block: + - name: Delete test network + openstack.cloud.network: + cloud: "{{ user_cloud }}" + name: "{{ cpms_replacements.network_name }}" + state: absent + + - name: Delete test security group + openstack.cloud.security_group: + cloud: "{{ user_cloud }}" + name: "{{ cpms_replacements.sg_name }}" + state: absent + ignore_errors: true diff --git a/collection/stages/roles/day2ops/templates/control-plane-machine-set-patch.yaml.j2 b/collection/stages/roles/day2ops/templates/control-plane-machine-set-patch.yaml.j2 new file mode 100644 index 00000000..0082d7da --- /dev/null +++ b/collection/stages/roles/day2ops/templates/control-plane-machine-set-patch.yaml.j2 @@ -0,0 +1,19 @@ +apiVersion: machine.openshift.io/v1 +metadata: + name: cluster + namespace: openshift-machine-api +kind: ControlPlaneMachineSet +spec: + template: + machines_v1beta1_machine_openshift_io: + failureDomains: + openstack: + {{cpms_failuredomains| to_nice_yaml| indent(8, false)}} + spec: + providerSpec: + value: + networks: + {{cpms_networks| to_nice_yaml| indent(12, false)}} + securityGroups: + {{cpms_sgs| to_nice_yaml| indent(12, false)}} +status: {} diff --git a/collection/stages/roles/verification/tasks/main.yml b/collection/stages/roles/verification/tasks/main.yml index ed7d1930..60821e6a 100644 --- a/collection/stages/roles/verification/tasks/main.yml +++ b/collection/stages/roles/verification/tasks/main.yml @@ -69,8 +69,8 @@ name: tools_cluster_checks tasks_from: check_pods.yml vars: - wait_retries: 20 - wait_delay: 10 + wait_retries: 30 + wait_delay: 30 - name: Check cluster alerts ansible.builtin.include_role: diff --git a/collection/tools/roles/tools_get_openshift_release/defaults/main.yml b/collection/tools/roles/tools_get_openshift_release/defaults/main.yml index f54042ac..64f604c6 100644 --- a/collection/tools/roles/tools_get_openshift_release/defaults/main.yml +++ b/collection/tools/roles/tools_get_openshift_release/defaults/main.yml @@ -2,6 +2,5 @@ # defaults file for tools_get_openshift_release openshift_releasestream_url: "https://openshift-release.apps.ci.l2s4.p1.openshiftapps.com/api/v1/releasestream" release_name: "{{ openshift_release_build_name | default('') }}" -openshift_download_url: "{{ 'https://openshift-release-artifacts.apps.ci.l2s4.p1.openshiftapps.com' + '/' + release_name }}" openshift_mirror_url: "https://mirror.openshift.com/pub/openshift-v4/x86_64/clients/ocp" ocp_build_info_file: "{{ controller_home_dir }}/latest_build.json" diff --git a/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_binaries.yml b/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_binaries.yml index a2515771..a53995ae 100644 --- a/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_binaries.yml +++ b/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_binaries.yml @@ -1,25 +1,124 @@ --- +# Extract OCP installer and/or client binaries directly from the release image +# using `oc adm release extract --tools` instead of the release-controller's +# file-cache (openshift-release-artifacts), which has no SLA and can get stuck +# indefinitely during tool extraction. +# +# The pull secret is extracted from the host cluster via the Kubernetes API +# using the kubeconfig's client certificate. If `oc` is not already present +# in the pod (cold-start), a stable client is bootstrapped from +# mirror.openshift.com before running `oc adm release extract --tools`. - name: Get the OCP installer and/or client binaries vars: - installer_url: "{{ openshift_download_url }}/openshift-install-linux-{{ release_name }}.tar.gz" - client_url: "{{ openshift_download_url }}/openshift-client-linux-{{ release_name }}.tar.gz" + installer_tarball: "openshift-install-linux-{{ release_name }}.tar.gz" + client_tarball: "openshift-client-linux-{{ release_name }}.tar.gz" + pull_secret_file: "{{ home_dir }}/pull-secret.json" + bootstrap_oc_dir: "{{ home_dir }}/bootstrap-oc" + bootstrap_oc_url: "{{ openshift_mirror_url }}/stable/openshift-client-linux.tar.gz" block: - name: Fail if release_name var is not defined ansible.builtin.fail: msg: "'release_name' variable must be defined and cannot be empty" when: release_name == '' - - name: Wait for content to come up on {{ openshift_download_url }} - ansible.builtin.uri: - url: "{{ openshift_download_url }}" - method: GET - return_content: yes - status_code: 200 - body_format: json - register: result - until: result.content.find("openshift-install-linux") != -1 - retries: 20 - delay: 60 + - name: Fail if openshift_release_pull_spec is not defined + ansible.builtin.fail: + msg: "'openshift_release_pull_spec' must be set by get_openshift_release_build_name.yml" + when: openshift_release_pull_spec is not defined or openshift_release_pull_spec == '' + + - name: Extract pull secret from host cluster via Kubernetes API + ansible.builtin.shell: | + python3 << 'PYEOF' + import yaml, json, base64, subprocess, os, sys, tempfile + + kubeconfig_path = "{{ rhoso_kubeconfig }}" + output_path = "{{ pull_secret_file }}" + + with open(kubeconfig_path) as f: + kc = yaml.safe_load(f) + + server = kc['clusters'][0]['cluster']['server'] + user = kc['users'][0]['user'] + + try: + cert_data = user['client-certificate-data'] + key_data = user['client-key-data'] + except KeyError: + print(f"rhoso_kubeconfig must use client-certificate auth, " + f"found auth keys: {list(user.keys())}", file=sys.stderr) + sys.exit(1) + + with tempfile.TemporaryDirectory() as tmpdir: + ca_path = os.path.join(tmpdir, 'ca.crt') + cert_path = os.path.join(tmpdir, 'client.crt') + key_path = os.path.join(tmpdir, 'client.key') + + with open(ca_path, 'wb') as f: + f.write(base64.b64decode(kc['clusters'][0]['cluster']['certificate-authority-data'])) + with open(cert_path, 'wb') as f: + f.write(base64.b64decode(cert_data)) + with open(key_path, 'wb') as f: + f.write(base64.b64decode(key_data)) + + result = subprocess.run([ + 'curl', '-s', '--fail', + '--cacert', ca_path, + '--cert', cert_path, + '--key', key_path, + f'{server}/api/v1/namespaces/openshift-config/secrets/pull-secret' + ], capture_output=True, text=True) + + if result.returncode != 0: + print(f"Failed to fetch pull secret from {server}: {result.stderr}", file=sys.stderr) + sys.exit(1) + + data = json.loads(result.stdout) + decoded = base64.b64decode(data['data']['.dockerconfigjson']).decode() + auths = json.loads(decoded) + + with open(output_path, 'w') as f: + f.write(decoded) + + print(f"Pull secret extracted: {len(auths.get('auths', {}))} registries") + PYEOF + register: _pull_secret_result + no_log: true + + - name: Verify pull secret file is valid + ansible.builtin.shell: >- + python3 -c "import json; d=json.load(open('{{ pull_secret_file }}')); + print(len(d.get('auths',{})), 'registries found')" + register: _pull_secret_verify + changed_when: false + + - name: Check if oc is already available + ansible.builtin.command: which oc + register: _oc_available + ignore_errors: true + changed_when: false + + - name: Bootstrap oc client from {{ bootstrap_oc_url }} + when: _oc_available is failed + block: + - name: Create bootstrap directory + ansible.builtin.file: + path: "{{ bootstrap_oc_dir }}" + state: directory + mode: u=rwx,g=rw,o=r + + - name: Download stable oc client from mirror + ansible.builtin.unarchive: + src: "{{ bootstrap_oc_url }}" + dest: "{{ bootstrap_oc_dir }}" + remote_src: yes + register: _bootstrap_download + until: _bootstrap_download is not failed + retries: 3 + delay: 10 + + - name: Set oc binary path + ansible.builtin.set_fact: + _oc_bin: "{{ (bootstrap_oc_dir + '/oc') if _oc_available is failed else 'oc' }}" - name: Create the installer directory ansible.builtin.file: @@ -27,18 +126,28 @@ state: directory mode: u=rwx,g=rw,o=r + - name: Extract OCP tools from release image {{ openshift_release_pull_spec }} + ansible.builtin.command: + cmd: >- + timeout 900 + {{ _oc_bin }} adm release extract + --tools + --registry-config={{ pull_secret_file }} + --to={{ home_dir }}/{{ release_name }} + {{ openshift_release_pull_spec }} + register: extract_result + until: extract_result is not failed + retries: 3 + delay: 30 + - name: Get the installer binary and create a symlink when: "'installer' in binaries" block: - - name: Download and unarchive the installer from {{ installer_url }} + - name: Unarchive the installer from {{ installer_tarball }} ansible.builtin.unarchive: - src: "{{ installer_url }}" + src: "{{ home_dir }}/{{ release_name }}/{{ installer_tarball }}" dest: "{{ home_dir }}/{{ release_name }}" remote_src: yes - register: result - until: result is not failed - retries: 3 - delay: 10 - name: Create a symlink to the openshift-install binary from /usr/local/bin ansible.builtin.file: @@ -47,18 +156,14 @@ state: link become: true - - name: Get the installer binary and create symlinks + - name: Get the client binary and create symlinks when: "'client' in binaries" block: - - name: Download and unarchive the client from {{ client_url }} + - name: Unarchive the client from {{ client_tarball }} ansible.builtin.unarchive: - src: "{{ client_url }}" + src: "{{ home_dir }}/{{ release_name }}/{{ client_tarball }}" dest: "{{ home_dir }}/{{ release_name }}" remote_src: yes - register: result - until: result is not failed - retries: 3 - delay: 10 - name: Create a symlink to the oc binary from /usr/local/bin ansible.builtin.file: @@ -73,3 +178,14 @@ dest: /usr/bin/kubectl state: link become: true + + always: + - name: Remove pull secret file + ansible.builtin.file: + path: "{{ pull_secret_file }}" + state: absent + + - name: Remove bootstrap oc directory + ansible.builtin.file: + path: "{{ bootstrap_oc_dir }}" + state: absent diff --git a/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_build_name.yml b/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_build_name.yml index 78c07a79..7461eb58 100644 --- a/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_build_name.yml +++ b/collection/tools/roles/tools_get_openshift_release/tasks/get_openshift_release_build_name.yml @@ -39,12 +39,25 @@ ansible.builtin.set_fact: openshift_release_build_name: "{{ latest_build_info.name }}" -- name: Set openshift_release_build_name when a specific build is given - ansible.builtin.set_fact: - openshift_release_build_name: "{{ build_name }}" + - name: Set openshift_release_pull_spec from release stream API response + ansible.builtin.set_fact: + openshift_release_pull_spec: "{{ latest_build_info.pullSpec }}" + +- name: Set build name and pull spec when a specific build is given when: - release is not match("4-stable") - build_name not in ['','candidate','fast','stable','eus'] + block: + - name: Set openshift_release_build_name for specific build + ansible.builtin.set_fact: + openshift_release_build_name: "{{ build_name }}" + + - name: Construct openshift_release_pull_spec for specific build + ansible.builtin.set_fact: + openshift_release_pull_spec: >- + {{ 'registry.ci.openshift.org/ocp/release:' + build_name + if build_name is search('nightly') + else 'quay.io/openshift-release-dev/ocp-release:' + build_name + '-x86_64' }} - name: Discover the release build name for the z-stream promoted to upgrade channel on {{ release }} # Ref: https://docs.openshift.com/container-platform/4.9/updating/understanding-upgrade-channels-release.html @@ -68,3 +81,12 @@ - name: Set openshift_release_build_name when openshift.build is set to a channel ansible.builtin.set_fact: openshift_release_build_name: "{{ result.stdout }}" + + - name: Parse openshift_release_pull_spec from Pull From field in release.txt + ansible.builtin.shell: set -o pipefail && grep '^Pull From:' {{ home_dir }}/release.txt | awk '{print $3}' + changed_when: false + register: pull_from_result + + - name: Set openshift_release_pull_spec from channel release.txt + ansible.builtin.set_fact: + openshift_release_pull_spec: "{{ pull_from_result.stdout }}" diff --git a/jobs_definitions/osp_verification.yaml b/jobs_definitions/osp_verification.yaml index 98d341b6..65b1a653 100644 --- a/jobs_definitions/osp_verification.yaml +++ b/jobs_definitions/osp_verification.yaml @@ -19,6 +19,7 @@ stages: - install - post - verification + - cpms_test - openstack_test - lb_tests @@ -38,7 +39,7 @@ ocp_deployment_topology: flavors: master: name: "master" - ram: 16384 + ram: 24576 vcpus: 4 disk: 30 worker: diff --git a/playbooks/ocp_testing.yaml b/playbooks/ocp_testing.yaml index ac386333..71715bbc 100644 --- a/playbooks/ocp_testing.yaml +++ b/playbooks/ocp_testing.yaml @@ -96,6 +96,10 @@ ansible.builtin.import_playbook: plays/conformance_test.yaml when: "'conformance_test' in stages" +- name: Run CPMS e2e tests on OpenShift + ansible.builtin.import_playbook: plays/cpms_test.yaml + when: "'cpms_test' in stages" + - name: Run Openshift Cinder CSI Tests on OpenShift ansible.builtin.import_playbook: plays/cinder_csi.yaml when: "'cinder_csi_tests' in stages" diff --git a/playbooks/plays/cpms_test.yaml b/playbooks/plays/cpms_test.yaml new file mode 100644 index 00000000..1c613a3f --- /dev/null +++ b/playbooks/plays/cpms_test.yaml @@ -0,0 +1,17 @@ +--- +- name: Run CPMS e2e tests on OpenShift + hosts: installer + gather_facts: no + vars_files: + - "../../configs/global.yml" + tasks: + - name: Main block + block: + - name: Run CPMS e2e tests on OCP + ansible.builtin.include_role: + name: shiftstack.stages.cpms_test + always: + - name: Synchronize artifacts from the Ansible Managed Node to Ansible Controller + ansible.builtin.include_role: + name: shiftstack.tools.tools_ansible_inventory + tasks_from: sync_artifacts.yml