From 7406d7bffd37fd942e8cdf8baee47ba1b74dedc9 Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 10:52:02 +0100 Subject: [PATCH 1/7] Do not require nexusUrl This breaks tests of tasks that do not need Nexus. Strictly speaking, Nexus is not needed at all for ODS Pipeline. It is only required when storing artifacts for later use (e.g. promotion). --- deploy/chart/templates/configmap-nexus.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/chart/templates/configmap-nexus.yaml b/deploy/chart/templates/configmap-nexus.yaml index ea12aa84..837eb371 100644 --- a/deploy/chart/templates/configmap-nexus.yaml +++ b/deploy/chart/templates/configmap-nexus.yaml @@ -5,4 +5,4 @@ metadata: labels: {{- include "chart.labels" . | nindent 4}} data: - url: '{{required "nexusUrl is required" .Values.nexusUrl | trimSuffix "/"}}' + url: '{{.Values.nexusUrl | trimSuffix "/"}}' From eb5294f73469f16a264ee6e623827f9678e7d156 Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 10:53:33 +0100 Subject: [PATCH 2/7] Show that branches field is not needed at all --- docs/promotion.adoc | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/promotion.adoc b/docs/promotion.adoc index 595d5881..77513280 100644 --- a/docs/promotion.adoc +++ b/docs/promotion.adoc @@ -44,8 +44,7 @@ pipelines: tasks: - name: deploy - triggers: - - branches: ["*", "*/*"] - params: + - params: - { name: finish.artifact-target, value: "my-nexus-repo" } - { name: deploy.namespace, value: "prod-env" } - { name: deploy.diff-only, value: "true" } From af750fb2900e69d4302ccb9d4239230d49bbde20 Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 11:06:11 +0100 Subject: [PATCH 3/7] Mark test helpers as such --- pkg/odstasktest/assertions.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/odstasktest/assertions.go b/pkg/odstasktest/assertions.go index ed2d707b..f67a09b5 100644 --- a/pkg/odstasktest/assertions.go +++ b/pkg/odstasktest/assertions.go @@ -10,6 +10,7 @@ import ( // AssertFilesExist checks that all files named by wantFiles exist in wsDir. // Any files that do not exist will report a test error. func AssertFilesExist(t *testing.T, wsDir string, wantFiles ...string) { + t.Helper() for _, wf := range wantFiles { filename := filepath.Join(wsDir, wf) if _, err := os.Stat(filename); os.IsNotExist(err) { @@ -21,6 +22,7 @@ func AssertFilesExist(t *testing.T, wsDir string, wantFiles ...string) { // AssertFileContent checks that the file named by filename in the directory // wsDir has the exact context specified by want. func AssertFileContent(t *testing.T, wsDir, filename, want string) { + t.Helper() got, err := getTrimmedFileContent(filepath.Join(wsDir, filename)) if err != nil { t.Errorf("get content of %s: %s", filename, err) @@ -34,6 +36,7 @@ func AssertFileContent(t *testing.T, wsDir, filename, want string) { // AssertFileContentContains checks that the file named by filename in the directory // wsDir contains all of wantContains. func AssertFileContentContains(t *testing.T, wsDir, filename string, wantContains ...string) { + t.Helper() content, err := os.ReadFile(filepath.Join(wsDir, filename)) got := string(content) if err != nil { From 96632a0d827ec2d98944065b4898160c1a03e1bb Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 11:07:20 +0100 Subject: [PATCH 4/7] Update to newer versions of K8s/Tekton --- README.md | 2 +- scripts/install-tekton-pipelines.sh | 6 +++--- scripts/kind-with-registry.sh | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index c8a6981e..bbf9d361 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ For OpenShift Pipelines releases and its relationship to Tekton and OpenShift ve | ods-pipeline | OpenShift Pipelines | ODS Core/Quickstarters | |---|---|---| -| [0.15](https://github.com/opendevstack/ods-pipeline/releases/tag/v0.15.0) | 1.12 | 4.x | +| [0.15](https://github.com/opendevstack/ods-pipeline/releases/tag/v0.15.0) | 1.12 - 1.14 | 4.x | | [0.14](https://github.com/opendevstack/ods-pipeline/releases/tag/v0.14.0) | 1.12 | 4.x | | [0.13](https://github.com/opendevstack/ods-pipeline/releases/tag/v0.13.2) | 1.9 | 4.x | diff --git a/scripts/install-tekton-pipelines.sh b/scripts/install-tekton-pipelines.sh index 028de83b..b38dcc00 100755 --- a/scripts/install-tekton-pipelines.sh +++ b/scripts/install-tekton-pipelines.sh @@ -4,9 +4,9 @@ set -eu kube_context="--context kind-ods-pipeline" kubectl_bin="kubectl $kube_context" -# Tekton version is aligned with Red Hat OpenShift Pipelines General Availability 1.12. -# See https://docs.openshift.com/container-platform/latest/cicd/pipelines/op-release-notes.html. -tkn_version="v0.50.1" +# Tekton version is aligned with Red Hat OpenShift Pipelines General Availability 1.14. +# See https://docs.openshift.com/pipelines/1.14/about/op-release-notes.html. +tkn_version="v0.56.2" tkn_dashboard_version="v0.17.0" install_tkn_dashboard="false" diff --git a/scripts/kind-with-registry.sh b/scripts/kind-with-registry.sh index d187a998..ac8f7575 100755 --- a/scripts/kind-with-registry.sh +++ b/scripts/kind-with-registry.sh @@ -30,9 +30,9 @@ recreate_kind_cluster="false" registry_port="5000" kind_mount_path="/tmp/ods-pipeline/kind-mount" -# K8S version is aligned with OpenShift GA 4.11. -# See https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html -k8s_version="v1.24.7" +# K8S version is aligned with OpenShift GA 4.13. +# See https://docs.openshift.com/container-platform/4.13/release_notes/ocp-4-13-release-notes.html +k8s_version="v1.26.14" while [ "$#" -gt 0 ]; do case $1 in From 125ae1e82704b24a1a620f7fc783a2b29b75737c Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 11:07:31 +0100 Subject: [PATCH 5/7] Use docker container inspect docker inspect may also return image information, which is not desired. --- scripts/kind-with-registry.sh | 8 ++++---- scripts/run-bitbucket.sh | 2 +- scripts/run-nexus.sh | 2 +- scripts/run-sonarqube.sh | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/scripts/kind-with-registry.sh b/scripts/kind-with-registry.sh index ac8f7575..5940afad 100755 --- a/scripts/kind-with-registry.sh +++ b/scripts/kind-with-registry.sh @@ -55,12 +55,12 @@ reg_ip_selector='{{.NetworkSettings.Networks.kind.IPAddress}}' reg_network='kind' # create registry container unless it already exists -running="$(docker inspect -f '{{.State.Running}}' "${registry_name}" 2>/dev/null || true)" +running="$(docker container inspect -f '{{.State.Running}}' "${registry_name}" 2>/dev/null || true)" # If the registry already exists, but is in the wrong network, we have to # re-create it. if [ "${running}" = 'true' ]; then - reg_ip="$(docker inspect -f ${reg_ip_selector} "${registry_name}")" + reg_ip="$(docker container inspect -f ${reg_ip_selector} "${registry_name}")" if [ "${reg_ip}" = '' ]; then docker kill "${registry_name}" docker rm "${registry_name}" @@ -73,7 +73,7 @@ if [ "${running}" != 'true' ]; then if [ "${net_driver}" != "bridge" ]; then docker network create "${reg_network}" fi - if docker inspect "${registry_name}" >/dev/null 2>&1; then + if docker container inspect "${registry_name}" >/dev/null 2>&1; then docker rm "${registry_name}" fi docker run \ @@ -81,7 +81,7 @@ if [ "${running}" != 'true' ]; then registry:2 fi -reg_ip="$(docker inspect -f ${reg_ip_selector} "${registry_name}")" +reg_ip="$(docker container inspect -f ${reg_ip_selector} "${registry_name}")" if [ "${reg_ip}" = "" ]; then echo "Error creating registry: no IPAddress found at: ${reg_ip_selector}" exit 1 diff --git a/scripts/run-bitbucket.sh b/scripts/run-bitbucket.sh index 5652d276..b1166ad6 100755 --- a/scripts/run-bitbucket.sh +++ b/scripts/run-bitbucket.sh @@ -29,7 +29,7 @@ while [ "$#" -gt 0 ]; do esac; shift; done if [ "${reuse}" = "true" ]; then - if ! docker inspect ${BITBUCKET_SERVER_CONTAINER_NAME} &> /dev/null; then + if ! docker container inspect ${BITBUCKET_SERVER_CONTAINER_NAME} &> /dev/null; then echo "No existing Bitbucket container ${BITBUCKET_SERVER_CONTAINER_NAME} found ..." else echo "Reusing existing Bitbucket container ${BITBUCKET_SERVER_CONTAINER_NAME} ..." diff --git a/scripts/run-nexus.sh b/scripts/run-nexus.sh index 1232e00a..59270daa 100755 --- a/scripts/run-nexus.sh +++ b/scripts/run-nexus.sh @@ -33,7 +33,7 @@ while [ "$#" -gt 0 ]; do esac; shift; done if [ "${reuse}" = "true" ]; then - if ! docker inspect ${CONTAINER_NAME} &> /dev/null; then + if ! docker container inspect ${CONTAINER_NAME} &> /dev/null; then echo "No existing Nexus container ${CONTAINER_NAME} found ..." else echo "Reusing existing Nexus container ${CONTAINER_NAME} ..." diff --git a/scripts/run-sonarqube.sh b/scripts/run-sonarqube.sh index f833d7a5..cc81d841 100755 --- a/scripts/run-sonarqube.sh +++ b/scripts/run-sonarqube.sh @@ -30,7 +30,7 @@ while [ "$#" -gt 0 ]; do esac; shift; done if [ "${reuse}" = "true" ]; then - if [ "$(docker inspect ${CONTAINER_NAME} -f '{{.State.Running}}')" = "true" ]; then + if [ "$(docker container inspect ${CONTAINER_NAME} -f '{{.State.Running}}')" = "true" ]; then echo "Reusing running SonarQube container ${CONTAINER_NAME} ..." exit 0 else From 040d03a8000d0fc2b2d4ad9409b830c23b46659d Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 11:17:25 +0100 Subject: [PATCH 6/7] Use latest 8.9 ubi-minimal image --- build/images/Dockerfile.finish | 2 +- build/images/Dockerfile.pipeline-manager | 2 +- build/images/Dockerfile.start | 2 +- docs/design/software-design-specification.adoc | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build/images/Dockerfile.finish b/build/images/Dockerfile.finish index c33251d8..5479263f 100644 --- a/build/images/Dockerfile.finish +++ b/build/images/Dockerfile.finish @@ -15,7 +15,7 @@ RUN cd cmd/finish && CGO_ENABLED=0 go build -o /usr/local/bin/ods-finish # Final image # ubi-micro cannot be used as it misses the ca-certificates package. -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9 COPY --from=builder /usr/local/bin/ods-finish /usr/local/bin/ods-finish VOLUME /workspace/source USER 1001 diff --git a/build/images/Dockerfile.pipeline-manager b/build/images/Dockerfile.pipeline-manager index a91731ac..f2cfcf83 100644 --- a/build/images/Dockerfile.pipeline-manager +++ b/build/images/Dockerfile.pipeline-manager @@ -15,7 +15,7 @@ RUN cd cmd/pipeline-manager && CGO_ENABLED=0 go build -o /usr/local/bin/pipeline # Final image # ubi-micro cannot be used as it misses the ca-certificates package. -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9 COPY --from=builder /usr/local/bin/pipeline-manager /usr/local/bin/pipeline-manager EXPOSE 8080 CMD pipeline-manager diff --git a/build/images/Dockerfile.start b/build/images/Dockerfile.start index 27e8c84d..18d2e081 100644 --- a/build/images/Dockerfile.start +++ b/build/images/Dockerfile.start @@ -27,7 +27,7 @@ RUN cd /tmp \ && git lfs version # Final image -FROM registry.access.redhat.com/ubi8/ubi-minimal:8.4 +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9 ENV GIT_VERSION=2.39 \ OPENSSH_CLIENTS_VERSION=8.0 diff --git a/docs/design/software-design-specification.adoc b/docs/design/software-design-specification.adoc index 91188bdf..1eed7828 100644 --- a/docs/design/software-design-specification.adoc +++ b/docs/design/software-design-specification.adoc @@ -235,7 +235,7 @@ a| The script installs the Helm chart located in `deploy/chart`. Further, it: | SDS-EXT-2 | Red Hat Universal Base Image 8 Minimal -| 8.4 +| 8.9 | Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. It is maintained by Red Hat and updated regularly. | https://catalog.redhat.com/software/containers/ubi8/ubi-minimal/5c359a62bed8bd75a2c3fba8 From 9d16db36445619d632e6a455c37b995b9785b0be Mon Sep 17 00:00:00 2001 From: Michael Sauter Date: Fri, 8 Mar 2024 11:18:50 +0100 Subject: [PATCH 7/7] Do not require bitbucketUrl While helpful in general, this breaks tests of tasks that do not use Bitbucket. Going forward we should find a way to require the Url but set it e.g. to https://example.com when tests do not require Bitbucket. For now, this is just a quick fix to unblock tests from upgrading. --- deploy/chart/templates/configmap-bitbucket.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/chart/templates/configmap-bitbucket.yaml b/deploy/chart/templates/configmap-bitbucket.yaml index 891676f5..5aa46490 100644 --- a/deploy/chart/templates/configmap-bitbucket.yaml +++ b/deploy/chart/templates/configmap-bitbucket.yaml @@ -5,5 +5,5 @@ metadata: labels: {{- include "chart.labels" . | nindent 4}} data: - url: '{{required "bitbucketUrl is required" .Values.bitbucketUrl | trimSuffix "/"}}' - repoBase: '{{required "bitbucketUrl is required" .Values.bitbucketUrl | trimSuffix "/"}}/scm' + url: '{{.Values.bitbucketUrl | trimSuffix "/"}}' + repoBase: '{{.Values.bitbucketUrl | trimSuffix "/"}}/scm'