-
Notifications
You must be signed in to change notification settings - Fork 34
243 lines (205 loc) · 11.9 KB
/
kind-awx.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
---
name: AWX Integration
on:
pull_request:
branches: [devel]
push:
branches: [devel]
env:
GO_VERSION: "1.17"
OPERATOR_IMAGE: "quay.io/ansible/awx-resource-operator:ci"
RUNNER_IMAGE: "quay.io/ansible/awx-resource-runner:latest"
TOKEN_IMAGE: "quay.io/ansible/token-playbook:latest"
jobs:
operator-image-build:
runs-on: ubuntu-20.04
name: operator-image-build
steps:
- uses: actions/checkout@v3
- name: Build operator container
run: podman build -t ${{ env.OPERATOR_IMAGE }} .
- name: archive operator image
run: podman save ${OPERATOR_IMAGE} > operator.tar
- name: upload operator image
uses: actions/upload-artifact@v3
with:
name: operator.tar
path: operator.tar
runner-image-build:
runs-on: ubuntu-20.04
name: runner-image-build
steps:
- uses: actions/checkout@v3
- name: Build runner container
run: podman build -f Dockerfile.runner -t ${{ env.RUNNER_IMAGE }}
- name: archive runner image
run: podman save ${RUNNER_IMAGE} > runner.tar
- name: upload runner image
uses: actions/upload-artifact@v3
with:
name: runner.tar
path: runner.tar
token-image-build:
runs-on: ubuntu-20.04
name: token-image-build
steps:
- uses: actions/checkout@v3
- name: Build token generator
run: cd test-e2e/token-container && podman build . --tag ${{ env.TOKEN_IMAGE }}
- name: archive token image
run: podman save ${TOKEN_IMAGE} > token.tar
- name: upload token image
uses: actions/upload-artifact@v3
with:
name: token.tar
path: token.tar
minikube-test:
runs-on: ubuntu-20.04
name: minikube-test
needs: [operator-image-build, runner-image-build, token-image-build]
steps:
- uses: actions/checkout@v3
- name: Start minikube
uses: medyagh/setup-minikube@master
with:
memory: max
cpus: max
- name: Pull the Container Image from Artifacts
uses: actions/download-artifact@v3
with:
name: operator.tar
path: /tmp
- name: Pull the Container Image from Artifacts
uses: actions/download-artifact@v3
with:
name: runner.tar
path: /tmp
- name: Pull the Container Image from Artifacts
uses: actions/download-artifact@v3
with:
name: token.tar
path: /tmp
- name: Load the Container Image into the minikube
run: |
export SHELL=/bin/bash
eval $(minikube -p minikube docker-env)
docker load < /tmp/operator.tar
docker load < /tmp/runner.tar
docker load < /tmp/token.tar
NAMESPACE=awx IMG=${OPERATOR_IMAGE} make deploy
- name: Install the Kubectl binary
run: |
curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install ./kubectl /usr/local/bin/
kubectl version --client
- name: record the ci release of awx-operator
run: |
echo "LATEST_RELEASE=$(curl -s https://api.github.com/repos/ansible/awx-operator/releases/ci | grep tag_name | cut -d '"' -f 4)" >> $GITHUB_ENV
- name: Clone and install awx operator
run: |
git clone https://github.com/ansible/awx-operator.git
cp test-e2e/base-operator-install.yaml awx-operator/kustomization.yaml
cd awx-operator
sed -i 's/TAG/${{ env.LATEST_RELEASE }}/g' kustomization.yaml
kustomize build . | kubectl apply -f -
cp ../test-e2e/awx-demo.yml ./awx-demo.yml
cp ../test-e2e/awx-deploy.yaml ./kustomization.yaml
sed -i 's/TAG/${{ env.LATEST_RELEASE }}/g' kustomization.yaml
kustomize build . | kubectl apply -f -
kubectl wait deployment -n awx awx-operator-controller-manager --for condition=Available=True --timeout=500s
- name: generate token
run: |
sleep 10
kubectl wait awx -n awx awx-demo --for condition=Successful=true --timeout=720s
kubectl wait deployment -n awx awx-demo-task --for condition=Available=True --timeout=600s
kubectl wait deployment -n awx awx-demo-web --for condition=Available=True --timeout=500s
kubectl apply -f test-e2e/token.yaml
kubectl wait job -n awx create-token --for condition=Complete --timeout=60s
- name: pass environment variables to better run on minikube
run: |
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_ANSIBLECREDENTIAL_TOWER_ANSIBLE_COM=2
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_ANSIBLEPROJECT_TOWER_ANSIBLE_COM=2
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_ANSIBLEJOB_TOWER_ANSIBLE_COM=2
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_JOBTEMPLATE_TOWER_ANSIBLE_COM=2
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_WORKFLOWTEMPLATE_TOWER_ANSIBLE_COM=2
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_ANSIBLEWORKFLOW_TOWER_ANSIBLE_COM=2
kubectl -n awx set env -c awx-resource-manager deployment/resource-operator-controller-manager MAX_CONCURRENT_RECONCILES_ANSIBLEINVENTORY_TOWER_ANSIBLE_COM=2
- name: launch a job
run: |
kubectl apply -f test-e2e/tests/job.yaml
kubectl wait ansiblejob -n awx demo-job --for condition=Successful=True --timeout=80s
kubectl apply -f config/samples/tower_v1alpha1_ansiblejob-broken.yaml -n awx
kubectl wait ansiblejob -n awx broke-job --for condition=Successful=True --timeout=80s
kubectl apply -f test-e2e/tests/job-deprecated.yaml
kubectl wait ansiblejob -n awx demo-job-deprecated --for condition=Successful=True --timeout=80s
kubectl apply -f config/samples/tower_v1alpha1_ansiblejob-broken-dep.yaml -n awx
kubectl wait ansiblejob -n awx broke-job-deprecated --for condition=Successful=True --timeout=80s
- name: launch a template
run: |
kubectl apply -f config/samples/jobtemplate/tower_v1alpha1_jobtemplate-broken.yaml -n awx
kubectl apply -f config/samples/jobtemplate/tower_v1alpha1_jobtemplate_deprecated.yaml -n awx
kubectl apply -f config/samples/jobtemplate/tower_v1alpha1_jobtemplate.yaml -n awx
kubectl wait jobtemplate -n awx jobtemplate-sample --for condition=Successful=True --timeout=60s
kubectl wait jobtemplate -n awx jobtemplate-broken --for condition=Successful=True --timeout=60s
- name: define a workflow template
run: |
kubectl apply -f config/samples/workflowtemplate/tower_v1alpha1_workflowtemplate-broken.yaml -n awx
kubectl apply -f config/samples/workflowtemplate/tower_v1alpha1_workflowtemplate.yaml -n awx
kubectl wait workflowtemplate -n awx workflowtemplate-sample --for condition=Successful=True --timeout=240s
kubectl wait workflowtemplate -n awx workflowtemplate-broken --for condition=Successful=True --timeout=240s
if [ `kubectl get -n awx workflowtemplate workflowtemplate-broken --output="jsonpath={.status.error}"` ]; then echo "Workflow template errored successfully"; else exit 1; fi
- name: launch a workflow
run: |
kubectl apply -f config/samples/workflow/tower_v1alpha1_ansibleworkflow-broken.yaml -n awx
kubectl apply -f config/samples/workflow/tower_v1alpha1_ansibleworkflow.yaml -n awx
kubectl wait ansibleworkflow -n awx workflow --for condition=Successful=True --timeout=240s
kubectl wait ansibleworkflow -n awx broken --for condition=Successful=True --timeout=240s
- name: define a credential
run: |
ssh-keygen -t rsa -b 4096 -f /tmp/id_rsa -N ""
kubectl create secret generic my-ssh-secret --from-file=/tmp/id_rsa -n awx
kubectl apply -n awx -f test-e2e/tests/bearer.yaml
kubectl create secret generic github-secret -n awx --from-literal=username=FSAFDFSDF --from-literal=password=FSDFSDFSDFDFFESFD
kubectl create secret generic aws-secret -n awx --from-literal=username=FSAFDFSDF --from-literal=password=FSDFSDFSDFDFFESFD
kubectl create secret generic github-token-secret -n awx --from-literal=token=FASDFDDSFSDFSDFSDF
kubectl apply -f config/samples/credentials/tower_v1alpha1_ansiblecredential-aws.yaml -n awx
kubectl apply -f config/samples/credentials/tower_v1alpha1_ansiblecredential-bearer.yaml -n awx
kubectl apply -f config/samples/credentials/tower_v1alpha1_ansiblecredential-broken.yaml -n awx
kubectl apply -f config/samples/credentials/tower_v1alpha1_ansiblecredential-git.yaml -n awx
kubectl apply -f config/samples/credentials/tower_v1alpha1_ansiblecredential-sc.yaml -n awx
kubectl apply -f config/samples/credentials/tower_v1alpha1_ansiblecredential-ssh.yaml -n awx
kubectl wait ansiblecredential -n awx aws-cred --for condition=Successful=True --timeout=240s
kubectl wait ansiblecredential -n awx gh-cred --for condition=Successful=True --timeout=240s
kubectl wait ansiblecredential -n awx scm-cred --for condition=Successful=True --timeout=240s
kubectl wait ansiblecredential -n awx ssh-cred --for condition=Successful=True --timeout=240s
kubectl wait ansiblecredential -n awx bearer-cred --for condition=Successful=True --timeout=240s
kubectl wait ansiblecredential -n awx broken-cred --for condition=Successful=True --timeout=240s
- name: launch a project
run: |
kubectl apply -k config/samples/projects/ -n awx
kubectl wait ansibleproject -n awx git --for condition=Successful=True --timeout=240s
kubectl wait ansibleproject -n awx archive --for condition=Successful=True --timeout=240s
kubectl wait ansibleproject -n awx private-git --for condition=Successful=True --timeout=240s
- name: define a schedule
run: |
kubectl apply -f config/samples/tower_v1alpha1_ansibleschedule.yaml -n awx
kubectl wait ansibleschedule -n awx schedule --for condition=Successful=True --timeout=240s
- name: define an instance group
run: |
kubectl apply -f config/samples/tower_v1alpha1_ansibleinstancegroup.yaml -n awx
kubectl wait ansibleinstancegroup -n awx kuber-instance-group --for condition=Successful=True --timeout=240s
- name: create two inventories
run: |
kubectl apply -f config/samples/inventory/tower_v1alpha1_ansibleinventory-clone.yaml -n awx
kubectl apply -f config/samples/inventory/tower_v1alpha1_ansibleinventory-new.yaml -n awx
kubectl wait ansibleinventory -n awx inventory-clone --for condition=Successful=True --timeout=240s
kubectl wait ansibleinventory -n awx inventory-new --for condition=Successful=True --timeout=240s
- name: validate error message
run: |
kubectl get ansiblejob -n awx broke-job -o yaml
kubectl get ansibleworkflow -n awx broken -o yaml
if [[ $(kubectl get ansiblejob -n awx broke-job -o jsonpath={.status.error_message}) ]]; then echo "Job errored correctly"; else exit 1 ;fi
if [[ $(kubectl get ansibleworkflow -n awx broken -o jsonpath={.status.error_message}) ]]; then echo "Workflow errored correctly"; else exit 1 ;fi
- name: dump logs
if: always()
run: kubectl get events -n awx && kubectl get jobs -n awx && kubectl get pods -n awx && kubectl logs -n awx -l control-plane=controller-manager --tail 80 --all-containers