From bef11c3e4e9b2a279f9cb4a0b74933e034c67c11 Mon Sep 17 00:00:00 2001 From: Trevor Dolby <107267051+trevor-dolby-at-ibm-com@users.noreply.github.com> Date: Wed, 29 May 2024 13:17:44 -0500 Subject: [PATCH] Minikube cp4i (#58) * Add CP4i enablement files Signed-off-by: Trevor Dolby * Minikube CP4i readme Signed-off-by: Trevor Dolby * Fix buildah image name Signed-off-by: Trevor Dolby * Update license Signed-off-by: Trevor Dolby * Enable CI action Signed-off-by: Trevor Dolby --------- Signed-off-by: Trevor Dolby --- .github/workflows/main.yml | 4 +- tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml | 10 +-- .../cp4i/13-component-test-in-cp4i-task.yaml | 9 +++ tekton/os/cp4i/22-deploy-to-cp4i-task.yaml | 9 +++ tekton/os/cp4i/cp4i-pipeline-run.yaml | 9 ++- .../os/cp4i/create-integrationruntime-ct.yaml | 4 +- tekton/os/cp4i/create-integrationruntime.yaml | 4 +- tekton/os/cp4i/minikube/README.md | 63 +++++++++++++++++++ .../minikube/minikube-dashboard-ingress.yaml | 8 +-- .../minikube/minikube-install-dashboard.yaml | 13 ++-- .../os/cp4i/minikube/minikube-install-og.yaml | 4 +- .../minikube-install-subscription.yaml | 4 +- .../cp4i/minikube/minikube-tea-ingress.yaml | 16 +++++ 13 files changed, 132 insertions(+), 25 deletions(-) create mode 100644 tekton/os/cp4i/minikube/README.md create mode 100644 tekton/os/cp4i/minikube/minikube-tea-ingress.yaml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d4c5fc2..d6c8604 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -6,9 +6,9 @@ name: CI on: # Triggers the workflow on push or pull request events but only for the main branch push: - branches: [ main, action-update ] + branches: [ main, minikube-cp4i ] pull_request: - branches: [ main, action-update ] + branches: [ main, minikube-cp4i ] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: diff --git a/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml b/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml index 41b3626..3c0311c 100644 --- a/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml +++ b/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml @@ -114,8 +114,9 @@ spec: - mountPath: /work name: work - name: docker-build-and-push - #image: quay.io/buildah/stable:v1 - image: registry.redhat.io/rhel8/buildah:8.9-5 + image: quay.io/buildah/stable:v1 + # registry.redhat.io requires auth which works with OpenShift but not Minikube + #image: registry.redhat.io/rhel8/buildah:8.9-5 securityContext: runAsUser: 0 # Needed for hostPath volumes on OpenShift @@ -208,8 +209,9 @@ spec: - mountPath: /work name: work - name: docker-build-and-push-ct - #image: quay.io/buildah/stable:v1 - image: registry.redhat.io/rhel8/buildah:8.9-5 + image: quay.io/buildah/stable:v1 + # registry.redhat.io requires auth which works with OpenShift but not Minikube + #image: registry.redhat.io/rhel8/buildah:8.9-5 securityContext: runAsUser: 0 # Needed for hostPath volumes on OpenShift diff --git a/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml b/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml index 219ef32..d9dc237 100644 --- a/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml +++ b/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml @@ -114,6 +114,15 @@ spec: rc=0 break fi + # Minikube doesn't have routes so the CR stays at phase Warning. + if [ "$lastError" == "Warning" ]; then + lastStatus=`kubectl get -n cp4i IntegrationRuntime/tea-tekton-cp4i-ct '--template={{(index .status.conditions 0).status}} {{(index .status.conditions 0).type}} {{(index .status.conditions 0).message}}' 2>&1` + if [ "$lastStatus" == "True Ready IntegrationRuntime is ready." ]; then + echo "Container is ready (Warning) at " `date` + rc=0 + break + fi + fi sleep 5 done if [ "$rc" == "1" ]; then diff --git a/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml b/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml index 4d29b20..1663ca7 100644 --- a/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml +++ b/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml @@ -58,6 +58,15 @@ spec: rc=0 break fi + # Minikube doesn't have routes so the CR stays at phase Warning. + if [ "$lastError" == "Warning" ]; then + lastStatus=`kubectl get -n cp4i IntegrationRuntime/tea-tekton-cp4i '--template={{(index .status.conditions 0).status}} {{(index .status.conditions 0).type}} {{(index .status.conditions 0).message}}' 2>&1` + if [ "$lastStatus" == "True Ready IntegrationRuntime is ready." ]; then + echo "Container is ready (Warning) at " `date` + rc=0 + break + fi + fi sleep 5 done if [ "$rc" == "1" ]; then diff --git a/tekton/os/cp4i/cp4i-pipeline-run.yaml b/tekton/os/cp4i/cp4i-pipeline-run.yaml index 48f737d..dc38931 100644 --- a/tekton/os/cp4i/cp4i-pipeline-run.yaml +++ b/tekton/os/cp4i/cp4i-pipeline-run.yaml @@ -10,12 +10,15 @@ spec: params: - name: dockerRegistry value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default" + # Minikube + #value: "192.168.49.2:5000/default" - name: url value: "https://github.com/ot4i/ace-demo-pipeline" - name: revision value: "main" - name: buildImage - value: "cp.icr.io/cp/appc/ace:12.0.11.0-r1" - #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-minimal-build:12.0.11.0-alpine" + value: "cp.icr.io/cp/appc/ace:12.0.12.0-r1" + #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-minimal-build:12.0.1w.0-alpine" - name: runtimeBaseImage - value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-server-prod:12.0.11.1-r1-20240125-170703" + value: "cp.icr.io/cp/appc/ace-server-prod:12.0.12.0-r1-20240417-022324" + #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-server-prod:12.0.12.0-r1-20240417-022324" diff --git a/tekton/os/cp4i/create-integrationruntime-ct.yaml b/tekton/os/cp4i/create-integrationruntime-ct.yaml index b9a7880..d921928 100644 --- a/tekton/os/cp4i/create-integrationruntime-ct.yaml +++ b/tekton/os/cp4i/create-integrationruntime-ct.yaml @@ -10,7 +10,7 @@ spec: toolkitFlow: true license: accept: true - license: L-DMRW-D3HQHQ + license: L-QECF-MBXVLU use: AppConnectEnterpriseNonProductionFREE configurations: - teajdbc-policy @@ -38,4 +38,4 @@ spec: memory: 1024Mi imagePullSecrets: - name: regcred - version: 12.0.11.1-r1 \ No newline at end of file + version: 12.0.12.0-r2 diff --git a/tekton/os/cp4i/create-integrationruntime.yaml b/tekton/os/cp4i/create-integrationruntime.yaml index e5d1d08..580ec15 100644 --- a/tekton/os/cp4i/create-integrationruntime.yaml +++ b/tekton/os/cp4i/create-integrationruntime.yaml @@ -10,7 +10,7 @@ spec: toolkitFlow: true license: accept: true - license: L-DMRW-D3HQHQ + license: L-QECF-MBXVLU use: AppConnectEnterpriseNonProductionFREE template: spec: @@ -29,4 +29,4 @@ spec: - teajdbc-policy - default-policy - teajdbc - version: 12.0.11.1-r1 \ No newline at end of file + version: 12.0.12.0-r2 diff --git a/tekton/os/cp4i/minikube/README.md b/tekton/os/cp4i/minikube/README.md new file mode 100644 index 0000000..151c9e1 --- /dev/null +++ b/tekton/os/cp4i/minikube/README.md @@ -0,0 +1,63 @@ +# Minikube setup for CP4i + +[Minikube](https://minikube.sigs.k8s.io/docs/) is used extensively for local Kubernetes testing +and there are quite a few guides on the Internet to explain how to set it up and configure it. + +This directory contains the CP4i-specific Minikube information; see [/tekton/minikube/README.md](/tekton/minikube/README.md) +for plain Kubernetes. The same notes apply, along with the beginning of the setup. + +The definitive instructions for installing the ACE operator on non-OpenShift can be found at [https://www.ibm.com/docs/en/app-connect/containers_cd?topic=connect-installing-uninstalling-kubernetes](https://www.ibm.com/docs/en/app-connect/containers_cd?topic=connect-installing-uninstalling-kubernetes) +and the summary below tries to reflect the current state of the instructions. + +## Steps + +``` +minikube start --insecure-registry "192.168.0.0/16" +minikube addons enable dashboard +minikube addons enable registry +minikube addons enable metrics-server + +ubuntu@minikube-20231123:~/github.com/ace-demo-pipeline$ minikube ip +192.168.49.2 + +kubectl apply -f tekton/minikube/minikube-registry-nodeport.yaml + +kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml +kubectl get pods --namespace cert-manager +kubectl patch deployment \ + cert-manager \ + --namespace cert-manager \ + --type='json' \ + -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/args", "value": [ + "--v=2", + "--cluster-resource-namespace=$(POD_NAMESPACE)", + "--leader-election-namespace=kube-system", + "--enable-certificate-owner-ref" +]}]' + +operator-sdk olm install + +kubectl create namespace cp4i +kubectl apply -f tekton/os/cp4i/minikube/minikube-install-og.yaml +kubectl apply -f tekton/os/cp4i/minikube/minikube-install-catalog-source.yaml +kubectl get CatalogSources ibm-appconnect-catalog -n olm +kubectl create secret -n cp4i docker-registry ibm-entitlement-key --docker-username=cp --docker-password=IBMENTITLEMENTKEY --docker-server=cp.icr.io +kubectl apply -f tekton/os/cp4i/minikube/minikube-install-subscription.yaml + +kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml +kubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml +kubectl create secret -n cp4i docker-registry regcred --docker-server=us.icr.io --docker-username=notused --docker-password=notused +kubectl create secret -n cp4i generic jdbc-secret --from-literal=USERID='BLAH' --from-literal=PASSWORD='BLAH' --from-literal=databaseName='BLUDB' --from-literal=serverName='19af6446-6171-4641-8aba-9dcff8e1b6ff.c1ogj3sd0tgtu0lqde00.databases.appdomain.cloud' --from-literal=portNumber='30699' + +kubectl apply -f tekton/os/cp4i/service-account-cp4i.yaml + +kubectl apply -f tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml +kubectl apply -f tekton/os/cp4i/13-component-test-in-cp4i-task.yaml +kubectl apply -f tekton/os/cp4i/22-deploy-to-cp4i-task.yaml +kubectl apply -f tekton/os/cp4i/cp4i-pipeline.yaml +``` + +At this point, it should be possible to edit `tekton/os/cp4i/cp4i-pipeline-run.yaml` to reflect +the Minikube registry address and then run the pipeline as shown at [/tekton/os/cp4i/README.md#pipeline-setup-and-run](/tekton/os/cp4i/README.md#pipeline-setup-and-run) +with the main difference being the use of the Tekton dashboard to monitor the pipeline run +instead of using the RedHat OpenShift Pipelines UI. diff --git a/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml b/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml index ed2d371..9a2c456 100644 --- a/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml +++ b/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml @@ -2,15 +2,15 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: db01-ingress - namespace: ace-operator + namespace: cp4i spec: rules: - - http: + - https: paths: - pathType: Prefix - path: /tea/index + path: / backend: service: - name: tea-tekton-service + name: db01-dash port: number: 8300 diff --git a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml index 8d94f04..51ae5ab 100644 --- a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml @@ -2,12 +2,12 @@ apiVersion: appconnect.ibm.com/v1beta1 kind: Dashboard metadata: name: db01 - namespace: ace-operator + namespace: cp4i spec: license: accept: true - license: L-UTKS-P46KK2 - use: AppConnectEnterpriseProduction + license: L-QECF-MBXVLU + use: AppConnectEnterpriseNonProductionFREE pod: containers: content-server: @@ -30,6 +30,11 @@ spec: storage: sizeLimit: 1Gi type: ephemeral - useCommonServices: false + authentication: + integrationKeycloak: + enabled: false + authorization: + integrationKeycloak: + enabled: false version: '12.0' displayMode: IntegrationRuntimes diff --git a/tekton/os/cp4i/minikube/minikube-install-og.yaml b/tekton/os/cp4i/minikube/minikube-install-og.yaml index 4cadf2a..9e8a854 100644 --- a/tekton/os/cp4i/minikube/minikube-install-og.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-og.yaml @@ -2,7 +2,7 @@ apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: ace-operator-group - namespace: ace-operator + namespace: cp4i spec: targetNamespaces: - - ace-operator + - cp4i diff --git a/tekton/os/cp4i/minikube/minikube-install-subscription.yaml b/tekton/os/cp4i/minikube/minikube-install-subscription.yaml index ab1a4a1..29c6cc0 100644 --- a/tekton/os/cp4i/minikube/minikube-install-subscription.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-subscription.yaml @@ -2,9 +2,9 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: ibm-appconnect - namespace: ace-operator + namespace: cp4i spec: - channel: v10.1 + channel: v11.5 name: ibm-appconnect source: ibm-appconnect-catalog sourceNamespace: olm diff --git a/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml b/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml new file mode 100644 index 0000000..ebbcb4c --- /dev/null +++ b/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: tea-ingress + namespace: cp4i +spec: + rules: + - http: + paths: + - pathType: Prefix + path: /tea/index + backend: + service: + name: tea-tekton-cp4i-ir + port: + number: 7800