From 34a5aa1f44cc7dd89b9727f7867a89bf3bd48075 Mon Sep 17 00:00:00 2001 From: Rodrigo Antunes Date: Fri, 12 Jan 2024 13:31:31 -0300 Subject: [PATCH] kie-issues#755: Fix kogito operator nightly deploy pipelines (#1535) * kie-issues#755: initial adjustment for ASF jenkins * Add workaround for Lock plugin, remove directory deletion before git checkout and add default container engine * Comment out login to OpenShift call * Force bash shell usage on sh steps * Force bash shell usage on sh steps * Revert last commit * set user config for git * Add TODO * Disable fmt on tests * Setup minikube * Setup minikube * Setup minikube * Remove OpenShift related code * Remove OpenShift related code * Move ansible installation to the kogito-ci-build image * Remove minikube step * Add CONTAINER_ENGINE env var * Fix push images to quay.io --------- Co-authored-by: jstastny-cz --- .ci/jenkins/Jenkinsfile | 22 +++-- .ci/jenkins/Jenkinsfile.deploy | 132 ++++----------------------- .ci/jenkins/Jenkinsfile.promote | 14 +-- .ci/jenkins/Jenkinsfile.setup-branch | 3 +- .ci/jenkins/dsl/jobs.groovy | 14 +-- .ci/jenkins/scripts/helper.groovy | 18 ++-- Makefile | 2 +- 7 files changed, 63 insertions(+), 142 deletions(-) diff --git a/.ci/jenkins/Jenkinsfile b/.ci/jenkins/Jenkinsfile index e6f1d6c93..8344ea8d6 100644 --- a/.ci/jenkins/Jenkinsfile +++ b/.ci/jenkins/Jenkinsfile @@ -8,10 +8,10 @@ testsFailed = false pipeline { agent { - label 'kogito-jenkins-node && !master' // Running on IBMCLoud jenkins, no change to be done there - } - tools { - go 'golang-1.17' + docker { + image env.AGENT_DOCKER_BUILDER_IMAGE + args env.AGENT_DOCKER_BUILDER_ARGS + } } options { buildDiscarder logRotator(artifactDaysToKeepStr: '', artifactNumToKeepStr: '', daysToKeepStr: '', numToKeepStr: '10') @@ -30,9 +30,9 @@ pipeline { script { cleanGoPath() - sh ' git config --global user.email "jenkins@kie.com" ' - sh ' git config --global user.name "kie user"' - githubscm.checkoutIfExists('incubator-kie-kogito-operator', changeAuthor, changeBranch, 'apache', changeTarget, true, ['token' : 'GITHUB_TOKEN', 'usernamePassword' : 'user-kie-ci10']) + sh ' git config --global user.email "jenkins@kie.apache.org" ' + sh ' git config --global user.name "Apache KIE user"' + githubscm.checkoutIfExists('incubator-kie-kogito-operator', changeAuthor, changeBranch, 'apache', changeTarget, true, credentials = [token: getGitAuthorTokenCredentialsId(), usernamePassword: getGitAuthorCredentialsId()]) sh "set +x && oc login --token=\$(oc whoami -t) --server=${OPENSHIFT_API} --insecure-skip-tls-verify" } } @@ -158,3 +158,11 @@ String getBDDParameters() { echo "BDD parameters = ${testParams}" return testParams } + +String getGitAuthorCredentialsId() { + return env.GIT_AUTHOR_CREDS_ID +} + +String getGitAuthorTokenCredentialsId() { + return env.GIT_AUTHOR_TOKEN_CREDS_ID +} diff --git a/.ci/jenkins/Jenkinsfile.deploy b/.ci/jenkins/Jenkinsfile.deploy index a49693feb..489d849f7 100644 --- a/.ci/jenkins/Jenkinsfile.deploy +++ b/.ci/jenkins/Jenkinsfile.deploy @@ -1,13 +1,11 @@ @Library('jenkins-pipeline-shared-libraries')_ helper = null -testsFailed = false - gitChanges = false pipeline { agent { - docker { + docker { image env.AGENT_DOCKER_BUILDER_IMAGE args env.AGENT_DOCKER_BUILDER_ARGS } @@ -15,6 +13,7 @@ pipeline { options { timeout(time: 24, unit: 'HOURS') // Give the day to be executed (due to the lock) + disableConcurrentBuilds() // Workaround for missing lock plugin installed on ASF Jenkins } environment { @@ -26,6 +25,8 @@ pipeline { OP_TEST_CONTAINER_OPT = '-t' OP_TEST_DEBUG = 1 OP_TEST_CONTAINER_TOOL = 'docker' + + CONTAINER_ENGINE = 'docker' } stages { @@ -53,9 +54,6 @@ pipeline { assert helper.getBuildBranch() == util.getReleaseBranchFromVersion(helper.getProjectVersion()) } } - - // Verify we have the connectivity to Openshift - openshift.loginOpenshift() } } post { @@ -77,7 +75,7 @@ pipeline { steps { script { if (githubscm.isBranchExist('origin', helper.getPRBranch())) { - githubscm.removeRemoteBranch('origin', helper.getPRBranch()) + githubscm.removeRemoteBranch('origin', helper.getPRBranch(), helper.getGitAuthorPushCredsId()) } githubscm.createBranch(helper.getPRBranch()) } @@ -91,7 +89,7 @@ pipeline { steps { script { sh "make bump-version new_version=${helper.getProjectVersion()}" - + githubscm.setUserConfigFromCreds(getGitAuthorPushCredsId()) githubscm.commitChanges("Update project version to ${helper.getProjectVersion()}", { sh ''' git add . @@ -125,7 +123,7 @@ pipeline { stage('Build Kogito Operator') { steps { - sh "source ~/virtenvs/cekit/bin/activate && make BUILDER=${env.CONTAINER_ENGINE}" + sh "make BUILDER=${env.CONTAINER_ENGINE}" } post { unsuccessful { @@ -153,6 +151,7 @@ pipeline { } } } + stage('Run OLM tests') { when { expression { @@ -170,58 +169,6 @@ pipeline { } } } - stage('Push Operator Image to Openshift Registry') { - steps { - script { - container.loginOpenshiftRegistry() - - container.tagImage("quay.io/kiegroup/${env.OPERATOR_IMAGE_NAME}:${getOperatorVersion()}", - helper.buildTempOpenshiftImageFullName()) - container.pushImage(helper.buildTempOpenshiftImageFullName()) - } - } - } - - stage('Run BDD tests') { - when { - beforeOptions true - expression { - return helper.shouldLaunchTests() - } - } - options { - // Lock on OCP API as we want only one run at a time - lock("BDD tests on OCP API ${getLockOpenshiftApi()}") - } - stages { - stage('Run full testing') { - options { - timeout(time: 360, unit: 'MINUTES') - } - steps { - script { - // Catch and set unstable so the temp image is still pushed and we get the deployment properties, - // in case we decide to continue in the release - try { - sh "make run-tests timeout=360 load_factor=2 concurrent=2 smoke=${params.SMOKE_TESTS_ONLY} ${getBDDParameters()}" - } catch (err) { - testsFailed = true - util.archiveConsoleLog() - } - } - } - post { - always { - archiveArtifacts artifacts: 'test/logs/**/*.log', allowEmptyArchive: false - junit testResults: 'test/logs/**/junit.xml', allowEmptyResults: false - } - cleanup { - sh 'cd test && go run scripts/prune_namespaces.go' - } - } - } - } - } stage('Push to registry') { when { @@ -231,19 +178,19 @@ pipeline { script { helper.loginRegistry() - container.tagImage(helper.buildTempOpenshiftImageFullName(), helper.getImageFullTag(env.OPERATOR_IMAGE_NAME)) - container.pushImage(helper.getImageFullTag(env.OPERATOR_IMAGE_NAME)) + image = "quay.io/kiegroup/${env.OPERATOR_IMAGE_NAME}:${getOperatorVersion()}" + container.pushImage(image) if (helper.isDeployLatestTag()) { String finalFullImage = helper.getImageFullTag(env.OPERATOR_IMAGE_NAME, defaultImageParamsPrefix, 'latest') - container.tagImage(helper.buildTempOpenshiftImageFullName(), finalFullImage) + container.tagImage(image, finalFullImage) container.pushImage(finalFullImage) } String reducedTag = helper.getReducedTag() if (reducedTag) { String finalFullImage = helper.getImageFullTag(env.OPERATOR_IMAGE_NAME, defaultImageParamsPrefix, reducedTag) - container.tagImage(helper.buildTempOpenshiftImageFullName(), finalFullImage) + container.tagImage(image, finalFullImage) container.pushImage(finalFullImage) } @@ -266,8 +213,8 @@ pipeline { if (gitChanges) { String prMsg = "[${helper.getBuildBranch()}] Update version to ${helper.getProjectVersion()}" def prBody = "Generated by build ${BUILD_TAG}: ${BUILD_URL}.\nPlease do not merge, it shoud be merged automatically." - githubscm.pushObject('origin', helper.getPRBranch(), helper.getGitAuthorCredsID()) - prLink = githubscm.createPR(prMsg, prBody, helper.getBuildBranch(), helper.getGitAuthorCredsID()) + githubscm.pushObject('origin', helper.getPRBranch(), helper.getGitAuthorPushCredsId()) + prLink = githubscm.createPR(prMsg, prBody, helper.getBuildBranch(), helper.getGitAuthorCredsId()) properties.add("${helper.getRepoName()}.pr.link", prLink) properties.add("${helper.getRepoName()}.pr.source.uri", "https://github.com/${helper.getGitAuthor()}/${helper.getRepoName()}") @@ -286,11 +233,6 @@ pipeline { script { properties.writeToFile(env.PROPERTIES_FILE_NAME) archiveArtifacts(artifacts: env.PROPERTIES_FILE_NAME) - - // Verify here if BDD tests due to test errors or build error - if (testsFailed && currentBuild.currentResult == 'SUCCESS') { - error 'There was a test execution failure' - } } } unsuccessful { @@ -305,6 +247,10 @@ pipeline { } } +String getOperatorVersion() { + return sh(script: 'source ./hack/env.sh > /dev/null && echo $(getOperatorVersion)', returnStdout: true).trim() +} + void sendNotification() { if (params.SEND_NOTIFICATION) { mailer.sendMarkdownTestSummaryNotification('Deploy', "[${helper.getBuildBranch()}] Kogito Operator", [env.KOGITO_CI_EMAIL_TO], "You can find test error logs here: ${BUILD_URL}/artifact/test/logs/error/") @@ -312,45 +258,3 @@ void sendNotification() { echo 'No notification sent per configuration' } } - -String getOperatorVersion() { - return sh(script: 'source ./hack/env.sh > /dev/null && echo $(getOperatorVersion)', returnStdout: true).trim() -} - -// Special method to get the Openshift API in the lock because env is not accessible yet -void getLockOpenshiftApi() { - withCredentials([string(credentialsId: 'OPENSHIFT_API', variable: 'OPENSHIFT_API')]) { - return env.OPENSHIFT_API - } -} - -//////////////////////////////////////////////////////////////////////// -// BDD parameters - -String getBDDParameters() { - Map testParamsMap = helper.getBDDCommonParameters(true) - - testParamsMap.putAll(helper.getBDDBuildImageParameters('KOGITO_IMAGES')) - testParamsMap.putAll(helper.getBDDServicesImageParameters('KOGITO_IMAGES')) - - testParamsMap['image_cache_mode'] = params.EXAMPLES_IMAGES_CACHE_MODE - testParamsMap.putAll(helper.getBDDRuntimeImageParameters('EXAMPLES_IMAGES')) - - // Add tags - def tags = [] - if (params.BDD_TEST_TAGS) { - tags.add(params.BDD_TEST_TAGS) - } - if (params.SKIP_NATIVE_TESTS) { - tags.add("~${helper.getNativeTag()}") - } - if (params.SKIP_NON_NATIVE_TESTS) { - tags.add("~${helper.getNonNativeTag()}") - } - testParamsMap['tags'] = tags.join('&&') - - String testParams = testParamsMap.findAll { entry -> entry.getValue() } - .collect { entry -> "${entry.getKey()}=\"${entry.getValue()}\"" }.join(' ') - echo "BDD parameters = ${testParams}" - return testParams -} diff --git a/.ci/jenkins/Jenkinsfile.promote b/.ci/jenkins/Jenkinsfile.promote index 698e86bda..a4e7300ad 100644 --- a/.ci/jenkins/Jenkinsfile.promote +++ b/.ci/jenkins/Jenkinsfile.promote @@ -96,8 +96,8 @@ pipeline { // Merge PR String prLink = properties.retrieve("${helper.getRepoName()}.pr.link") if (prLink) { - githubscm.mergePR(prLink, helper.getGitAuthorCredsID()) - githubscm.pushObject('origin', helper.getBuildBranch(), helper.getGitAuthorCredsID()) + githubscm.mergePR(prLink, helper.getGitAuthorPushCredsId()) + githubscm.pushObject('origin', helper.getBuildBranch(), helper.getGitAuthorPushCredsId()) } } } @@ -108,11 +108,11 @@ pipeline { steps { script { dir(helper.getRepoName()) { - if (githubscm.isReleaseExist(helper.getGitTag(), helper.getGitAuthorCredsID())) { - githubscm.deleteReleaseAndTag(helper.getGitTag(), helper.getGitAuthorCredsID()) + if (githubscm.isReleaseExist(helper.getGitTag(), helper.getGitAuthorCredsId())) { + githubscm.deleteReleaseAndTag(helper.getGitTag(), helper.getGitAuthorPushCredsId()) } - githubscm.createReleaseWithGeneratedReleaseNotes(helper.getGitTag(), helper.getBuildBranch(), githubscm.getPreviousTagFromVersion(helper.getProjectVersion(), 'v'), helper.getGitAuthorCredsID()) - githubscm.updateReleaseBody(helper.getGitTag(), helper.getGitAuthorCredsID()) + githubscm.createReleaseWithGeneratedReleaseNotes(helper.getGitTag(), helper.getBuildBranch(), githubscm.getPreviousTagFromVersion(helper.getProjectVersion(), 'v'), helper.getGitAuthorPushCredsId()) + githubscm.updateReleaseBody(helper.getGitTag(), helper.getGitAuthorPushCredsId()) sh "make build-cli release=true version=${helper.getProjectVersion()}" def releasePath = 'build/_output/release/' @@ -121,7 +121,7 @@ pipeline { def linuxFileName = "${cliBaseName}-linux-amd64.tar.gz" def windowsFileName = "${cliBaseName}-windows-amd64.zip" def yamlInstaller = 'kogito-operator.yaml' - withCredentials([usernamePassword(credentialsId: helper.getGitAuthorCredsID(), usernameVariable: 'GH_USER', passwordVariable: 'GH_TOKEN')]) { + withCredentials([usernamePassword(credentialsId: helper.getGitAuthorPushCredsId(), usernameVariable: 'GH_USER', passwordVariable: 'GH_TOKEN')]) { sh """ gh release upload ${helper.getGitTag()} "${releasePath}${darwinFileName}" gh release upload ${helper.getGitTag()} "${releasePath}${linuxFileName}" diff --git a/.ci/jenkins/Jenkinsfile.setup-branch b/.ci/jenkins/Jenkinsfile.setup-branch index 2c71fdb70..f8335e73d 100644 --- a/.ci/jenkins/Jenkinsfile.setup-branch +++ b/.ci/jenkins/Jenkinsfile.setup-branch @@ -67,12 +67,13 @@ pipeline { git checkout -- go.sum ''' if (githubscm.isThereAnyChanges()) { + githubscm.setUserConfigFromCreds(getGitAuthorPushCredsId()) githubscm.commitChanges("[${helper.getBuildBranch()}] Update version to ${helper.getProjectVersion()}", { sh ''' git add . ''' }) - githubscm.pushObject('origin', helper.getBuildBranch(), helper.getGitAuthorCredsID()) + githubscm.pushObject('origin', helper.getBuildBranch(), helper.getGitAuthorPushCredsId()) } else { println '[WARN] no changes to commit' } diff --git a/.ci/jenkins/dsl/jobs.groovy b/.ci/jenkins/dsl/jobs.groovy index 50375ee4a..15f49bd17 100644 --- a/.ci/jenkins/dsl/jobs.groovy +++ b/.ci/jenkins/dsl/jobs.groovy @@ -82,8 +82,8 @@ void createSetupBranchJob() { jobParams.env.putAll([ JENKINS_EMAIL_CREDS_ID: "${JENKINS_EMAIL_CREDS_ID}", GIT_AUTHOR: "${GIT_AUTHOR_NAME}", - AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", - GITHUB_TOKEN_CREDS_ID: "${GIT_AUTHOR_TOKEN_CREDENTIALS_ID}", + GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", + GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}", IS_MAIN_BRANCH: "${Utils.isMainBranch(this)}" ]) @@ -114,8 +114,8 @@ void setupDeployJob(JobType jobType) { GIT_AUTHOR: "${GIT_AUTHOR_NAME}", - AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", - GITHUB_TOKEN_CREDS_ID: "${GIT_AUTHOR_TOKEN_CREDENTIALS_ID}", + GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", + GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}", DEFAULT_STAGING_REPOSITORY: "${MAVEN_NEXUS_STAGING_PROFILE_URL}", MAVEN_ARTIFACT_REPOSITORY: "${MAVEN_ARTIFACTS_REPOSITORY}", @@ -189,8 +189,8 @@ void setupPromoteJob(JobType jobType) { GIT_AUTHOR: "${GIT_AUTHOR_NAME}", - AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", - GITHUB_TOKEN_CREDS_ID: "${GIT_AUTHOR_TOKEN_CREDENTIALS_ID}", + GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", + GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}", ]) KogitoJobTemplate.createPipelineJob(this, jobParams)?.with { parameters { @@ -252,6 +252,8 @@ void setupExamplesImagesDeployJob(JobType jobType, String jobName = 'kogito-exam jobParams.env.putAll([ GIT_AUTHOR: "${GIT_AUTHOR_NAME}", + GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}", + DEFAULT_STAGING_REPOSITORY: "${MAVEN_NEXUS_STAGING_PROFILE_URL}", MAVEN_ARTIFACT_REPOSITORY: "${MAVEN_ARTIFACTS_REPOSITORY}", ]) diff --git a/.ci/jenkins/scripts/helper.groovy b/.ci/jenkins/scripts/helper.groovy index 22d72e425..afade0576 100644 --- a/.ci/jenkins/scripts/helper.groovy +++ b/.ci/jenkins/scripts/helper.groovy @@ -33,7 +33,7 @@ void initPipeline() { openshift.openshiftApiCredsKey = env.OPENSHIFT_CREDS_KEY container = load '.ci/jenkins/scripts/container.groovy' - container.containerEngine = env.CONTAINER_ENGINE + container.containerEngine = env.CONTAINER_ENGINE ?: 'docker' container.containerTlsOptions = env.CONTAINER_ENGINE_TLS_OPTIONS ?: '' container.containerOpenshift = openshift } @@ -64,14 +64,16 @@ String getTempTag() { void checkoutRepo(String repoName = '', String directory = '') { repoName = repoName ?: getRepoName() closure = { - deleteDir() - checkout(githubscm.resolveRepository(repoName, getGitAuthor(), getBuildBranch(), false)) + checkout(githubscm.resolveRepository(repoName, getGitAuthor(), getBuildBranch(), false, getGitAuthorCredsId())) // need to manually checkout branch since on a detached branch after checkout command sh "git checkout ${getBuildBranch()}" } if (directory) { - dir(directory, closure) + dir(directory) { + deleteDir() + closure() + } } else { closure() } @@ -246,8 +248,12 @@ String getGitAuthor() { return "${GIT_AUTHOR}" } -String getGitAuthorCredsID() { - return env.AUTHOR_CREDS_ID +String getGitAuthorCredsId() { + return env.GIT_AUTHOR_CREDS_ID +} + +String getGitAuthorPushCredsId() { + return env.GIT_AUTHOR_PUSH_CREDS_ID } String getPRBranch() { diff --git a/Makefile b/Makefile index 32d7cb4ea..ffa8f1b1c 100644 --- a/Makefile +++ b/Makefile @@ -111,7 +111,7 @@ help: ## Display this help. # Run tests ENVTEST_ASSETS_DIR = $(shell pwd)/testbin -test: fmt lint +test: fmt ./hack/go-test.sh manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.