Minikube cp4i (#58)

* Add CP4i enablement files Signed-off-by: Trevor Dolby <[email protected]> * Minikube CP4i readme Signed-off-by: Trevor Dolby <[email protected]> * Fix buildah image name Signed-off-by: Trevor Dolby <[email protected]> * Update license Signed-off-by: Trevor Dolby <[email protected]> * Enable CI action Signed-off-by: Trevor Dolby <[email protected]> --------- Signed-off-by: Trevor Dolby <[email protected]>
ot4i · May 29, 2024 · bef11c3 · bef11c3
1 parent 6425c47
commit bef11c3
Show file tree

Hide file tree

Showing 13 changed files with 132 additions and 25 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -6,9 +6,9 @@ name: CI
 on:
   # Triggers the workflow on push or pull request events but only for the main branch
   push:
-    branches: [ main, action-update ]
+    branches: [ main, minikube-cp4i ]
   pull_request:
-    branches: [ main, action-update ]
+    branches: [ main, minikube-cp4i ]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:

diff --git a/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml b/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml
@@ -114,8 +114,9 @@ spec:
         - mountPath: /work
           name: work
     - name: docker-build-and-push
-      #image: quay.io/buildah/stable:v1
-      image: registry.redhat.io/rhel8/buildah:8.9-5
+      image: quay.io/buildah/stable:v1
+      # registry.redhat.io requires auth which works with OpenShift but not Minikube
+      #image: registry.redhat.io/rhel8/buildah:8.9-5
       securityContext:
         runAsUser: 0
         # Needed for hostPath volumes on OpenShift
@@ -208,8 +209,9 @@ spec:
         - mountPath: /work
           name: work
     - name: docker-build-and-push-ct
-      #image: quay.io/buildah/stable:v1
-      image: registry.redhat.io/rhel8/buildah:8.9-5
+      image: quay.io/buildah/stable:v1
+      # registry.redhat.io requires auth which works with OpenShift but not Minikube
+      #image: registry.redhat.io/rhel8/buildah:8.9-5
       securityContext:
         runAsUser: 0
         # Needed for hostPath volumes on OpenShift

diff --git a/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml b/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml
@@ -114,6 +114,15 @@ spec:
             rc=0
             break
           fi
+          # Minikube doesn't have routes so the CR stays at phase Warning.
+          if [ "$lastError" == "Warning" ]; then
+          lastStatus=`kubectl get -n cp4i IntegrationRuntime/tea-tekton-cp4i-ct '--template={{(index .status.conditions 0).status}} {{(index .status.conditions 0).type}} {{(index .status.conditions 0).message}}' 2>&1`
+            if [ "$lastStatus" == "True Ready IntegrationRuntime is ready." ]; then
+              echo "Container is ready (Warning) at " `date`
+              rc=0
+              break
+            fi
+          fi
           sleep 5
         done
         if [ "$rc" == "1" ]; then

diff --git a/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml b/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml
@@ -58,6 +58,15 @@ spec:
             rc=0
             break
           fi
+          # Minikube doesn't have routes so the CR stays at phase Warning.
+          if [ "$lastError" == "Warning" ]; then
+          lastStatus=`kubectl get -n cp4i IntegrationRuntime/tea-tekton-cp4i '--template={{(index .status.conditions 0).status}} {{(index .status.conditions 0).type}} {{(index .status.conditions 0).message}}' 2>&1`
+            if [ "$lastStatus" == "True Ready IntegrationRuntime is ready." ]; then
+              echo "Container is ready (Warning) at " `date`
+              rc=0
+              break
+            fi
+          fi
           sleep 5
         done
         if [ "$rc" == "1" ]; then

diff --git a/tekton/os/cp4i/cp4i-pipeline-run.yaml b/tekton/os/cp4i/cp4i-pipeline-run.yaml
@@ -10,12 +10,15 @@ spec:
   params:
     - name: dockerRegistry
       value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default"
+      # Minikube
+      #value: "192.168.49.2:5000/default"
     - name: url
       value: "https://github.com/ot4i/ace-demo-pipeline"
     - name: revision
       value: "main"
     - name: buildImage
-      value: "cp.icr.io/cp/appc/ace:12.0.11.0-r1"
-      #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-minimal-build:12.0.11.0-alpine"
+      value: "cp.icr.io/cp/appc/ace:12.0.12.0-r1"
+      #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-minimal-build:12.0.1w.0-alpine"
     - name: runtimeBaseImage
-      value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-server-prod:12.0.11.1-r1-20240125-170703"
+      value: "cp.icr.io/cp/appc/ace-server-prod:12.0.12.0-r1-20240417-022324"
+      #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-server-prod:12.0.12.0-r1-20240417-022324"
diff --git a/tekton/os/cp4i/create-integrationruntime-ct.yaml b/tekton/os/cp4i/create-integrationruntime-ct.yaml
@@ -10,7 +10,7 @@ spec:
     toolkitFlow: true
   license:
     accept: true
-    license: L-DMRW-D3HQHQ
+    license: L-QECF-MBXVLU
     use: AppConnectEnterpriseNonProductionFREE
   configurations:
     - teajdbc-policy
@@ -38,4 +38,4 @@ spec:
               memory: 1024Mi
       imagePullSecrets:
         - name: regcred
-  version: 12.0.11.1-r1
+  version: 12.0.12.0-r2
diff --git a/tekton/os/cp4i/create-integrationruntime.yaml b/tekton/os/cp4i/create-integrationruntime.yaml
@@ -10,7 +10,7 @@ spec:
     toolkitFlow: true
   license:
     accept: true
-    license: L-DMRW-D3HQHQ
+    license: L-QECF-MBXVLU
     use: AppConnectEnterpriseNonProductionFREE
   template:
     spec:
@@ -29,4 +29,4 @@ spec:
     - teajdbc-policy
     - default-policy
     - teajdbc
-  version: 12.0.11.1-r1
+  version: 12.0.12.0-r2
diff --git a/tekton/os/cp4i/minikube/README.md b/tekton/os/cp4i/minikube/README.md
@@ -0,0 +1,63 @@
+# Minikube setup for CP4i
+
+[Minikube](https://minikube.sigs.k8s.io/docs/) is used extensively for local Kubernetes testing
+and there are quite a few guides on the Internet to explain how to set it up and configure it.
+
+This directory contains the CP4i-specific Minikube information; see [/tekton/minikube/README.md](/tekton/minikube/README.md)
+for plain Kubernetes. The same notes apply, along with the beginning of the setup.
+
+The definitive instructions for installing the ACE operator on non-OpenShift can be found at [https://www.ibm.com/docs/en/app-connect/containers_cd?topic=connect-installing-uninstalling-kubernetes](https://www.ibm.com/docs/en/app-connect/containers_cd?topic=connect-installing-uninstalling-kubernetes)
+and the summary below tries to reflect the current state of the instructions.
+
+## Steps
+
+```
+minikube start --insecure-registry "192.168.0.0/16"
+minikube addons enable dashboard
+minikube addons enable registry
+minikube addons enable metrics-server
+
+ubuntu@minikube-20231123:~/github.com/ace-demo-pipeline$ minikube ip
+192.168.49.2
+
+kubectl apply -f tekton/minikube/minikube-registry-nodeport.yaml
+
+kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml
+kubectl get pods --namespace cert-manager
+kubectl patch deployment \
+  cert-manager \
+  --namespace cert-manager  \
+  --type='json' \
+  -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/args", "value": [
+  "--v=2",
+  "--cluster-resource-namespace=$(POD_NAMESPACE)",
+  "--leader-election-namespace=kube-system",
+  "--enable-certificate-owner-ref"
+]}]'
+
+operator-sdk olm install
+
+kubectl create namespace cp4i
+kubectl apply -f tekton/os/cp4i/minikube/minikube-install-og.yaml
+kubectl apply -f tekton/os/cp4i/minikube/minikube-install-catalog-source.yaml
+kubectl get CatalogSources ibm-appconnect-catalog -n olm
+kubectl create secret -n cp4i docker-registry ibm-entitlement-key --docker-username=cp --docker-password=IBMENTITLEMENTKEY --docker-server=cp.icr.io
+kubectl apply -f tekton/os/cp4i/minikube/minikube-install-subscription.yaml
+
+kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
+kubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml
+kubectl create secret -n cp4i docker-registry regcred --docker-server=us.icr.io --docker-username=notused --docker-password=notused
+kubectl create secret -n cp4i generic jdbc-secret --from-literal=USERID='BLAH' --from-literal=PASSWORD='BLAH' --from-literal=databaseName='BLUDB' --from-literal=serverName='19af6446-6171-4641-8aba-9dcff8e1b6ff.c1ogj3sd0tgtu0lqde00.databases.appdomain.cloud' --from-literal=portNumber='30699'
+
+kubectl apply -f tekton/os/cp4i/service-account-cp4i.yaml
+
+kubectl apply -f tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml
+kubectl apply -f tekton/os/cp4i/13-component-test-in-cp4i-task.yaml
+kubectl apply -f tekton/os/cp4i/22-deploy-to-cp4i-task.yaml
+kubectl apply -f tekton/os/cp4i/cp4i-pipeline.yaml
+```
+
+At this point, it should be possible to edit `tekton/os/cp4i/cp4i-pipeline-run.yaml` to reflect
+the Minikube registry address and then run the pipeline as shown at [/tekton/os/cp4i/README.md#pipeline-setup-and-run](/tekton/os/cp4i/README.md#pipeline-setup-and-run)
+with the main difference being the use of the Tekton dashboard to monitor the pipeline run
+instead of using the RedHat OpenShift Pipelines UI.
diff --git a/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml b/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml
@@ -2,15 +2,15 @@ apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: db01-ingress
-  namespace: ace-operator
+  namespace: cp4i
 spec:
   rules:
-    - http:
+    - https:
         paths:
           - pathType: Prefix
-            path: /tea/index
+            path: /
             backend:
               service:
-                name: tea-tekton-service
+                name: db01-dash
                 port:
                   number: 8300
diff --git a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml
@@ -2,12 +2,12 @@ apiVersion: appconnect.ibm.com/v1beta1
 kind: Dashboard
 metadata:
   name: db01
-  namespace: ace-operator
+  namespace: cp4i
 spec:
   license:
     accept: true
-    license: L-UTKS-P46KK2
-    use: AppConnectEnterpriseProduction
+    license: L-QECF-MBXVLU
+    use: AppConnectEnterpriseNonProductionFREE
   pod:
     containers:
       content-server:
@@ -30,6 +30,11 @@ spec:
   storage:
     sizeLimit: 1Gi
     type: ephemeral
-  useCommonServices: false
+  authentication:
+    integrationKeycloak:
+      enabled: false
+  authorization:
+    integrationKeycloak:
+      enabled: false
   version: '12.0'
   displayMode: IntegrationRuntimes
diff --git a/tekton/os/cp4i/minikube/minikube-install-og.yaml b/tekton/os/cp4i/minikube/minikube-install-og.yaml
@@ -2,7 +2,7 @@ apiVersion: operators.coreos.com/v1
 kind: OperatorGroup
 metadata:
   name: ace-operator-group
-  namespace: ace-operator
+  namespace: cp4i
 spec:
   targetNamespaces:
-    - ace-operator
+    - cp4i
diff --git a/tekton/os/cp4i/minikube/minikube-install-subscription.yaml b/tekton/os/cp4i/minikube/minikube-install-subscription.yaml
@@ -2,9 +2,9 @@ apiVersion: operators.coreos.com/v1alpha1
 kind: Subscription
 metadata:
   name: ibm-appconnect
-  namespace: ace-operator
+  namespace: cp4i
 spec:
-  channel: v10.1
+  channel: v11.5
   name: ibm-appconnect
   source: ibm-appconnect-catalog
   sourceNamespace: olm
diff --git a/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml b/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml
@@ -0,0 +1,16 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: tea-ingress
+  namespace: cp4i
+spec:
+  rules:
+    - http:
+        paths:
+          - pathType: Prefix
+            path: /tea/index
+            backend:
+              service:
+                name: tea-tekton-cp4i-ir
+                port:
+                  number: 7800