From 0f3336851d8f76d8d42c3cbc109aec8594bb4406 Mon Sep 17 00:00:00 2001 From: Trevor Dolby Date: Tue, 28 May 2024 19:43:08 -0500 Subject: [PATCH 1/6] Add CP4i enablement files Signed-off-by: Trevor Dolby --- .../os/cp4i/13-component-test-in-cp4i-task.yaml | 9 +++++++++ tekton/os/cp4i/22-deploy-to-cp4i-task.yaml | 9 +++++++++ tekton/os/cp4i/cp4i-pipeline-run.yaml | 9 ++++++--- tekton/os/cp4i/create-integrationruntime-ct.yaml | 4 ++-- tekton/os/cp4i/create-integrationruntime.yaml | 4 ++-- .../minikube/minikube-dashboard-ingress.yaml | 8 ++++---- .../minikube/minikube-install-dashboard.yaml | 11 ++++++++--- tekton/os/cp4i/minikube/minikube-install-og.yaml | 4 ++-- .../minikube/minikube-install-subscription.yaml | 4 ++-- .../os/cp4i/minikube/minikube-tea-ingress.yaml | 16 ++++++++++++++++ 10 files changed, 60 insertions(+), 18 deletions(-) create mode 100644 tekton/os/cp4i/minikube/minikube-tea-ingress.yaml diff --git a/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml b/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml index 219ef32..d9dc237 100644 --- a/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml +++ b/tekton/os/cp4i/13-component-test-in-cp4i-task.yaml @@ -114,6 +114,15 @@ spec: rc=0 break fi + # Minikube doesn't have routes so the CR stays at phase Warning. + if [ "$lastError" == "Warning" ]; then + lastStatus=`kubectl get -n cp4i IntegrationRuntime/tea-tekton-cp4i-ct '--template={{(index .status.conditions 0).status}} {{(index .status.conditions 0).type}} {{(index .status.conditions 0).message}}' 2>&1` + if [ "$lastStatus" == "True Ready IntegrationRuntime is ready." ]; then + echo "Container is ready (Warning) at " `date` + rc=0 + break + fi + fi sleep 5 done if [ "$rc" == "1" ]; then diff --git a/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml b/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml index 4d29b20..1663ca7 100644 --- a/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml +++ b/tekton/os/cp4i/22-deploy-to-cp4i-task.yaml @@ -58,6 +58,15 @@ spec: rc=0 break fi + # Minikube doesn't have routes so the CR stays at phase Warning. + if [ "$lastError" == "Warning" ]; then + lastStatus=`kubectl get -n cp4i IntegrationRuntime/tea-tekton-cp4i '--template={{(index .status.conditions 0).status}} {{(index .status.conditions 0).type}} {{(index .status.conditions 0).message}}' 2>&1` + if [ "$lastStatus" == "True Ready IntegrationRuntime is ready." ]; then + echo "Container is ready (Warning) at " `date` + rc=0 + break + fi + fi sleep 5 done if [ "$rc" == "1" ]; then diff --git a/tekton/os/cp4i/cp4i-pipeline-run.yaml b/tekton/os/cp4i/cp4i-pipeline-run.yaml index 48f737d..dc38931 100644 --- a/tekton/os/cp4i/cp4i-pipeline-run.yaml +++ b/tekton/os/cp4i/cp4i-pipeline-run.yaml @@ -10,12 +10,15 @@ spec: params: - name: dockerRegistry value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default" + # Minikube + #value: "192.168.49.2:5000/default" - name: url value: "https://github.com/ot4i/ace-demo-pipeline" - name: revision value: "main" - name: buildImage - value: "cp.icr.io/cp/appc/ace:12.0.11.0-r1" - #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-minimal-build:12.0.11.0-alpine" + value: "cp.icr.io/cp/appc/ace:12.0.12.0-r1" + #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-minimal-build:12.0.1w.0-alpine" - name: runtimeBaseImage - value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-server-prod:12.0.11.1-r1-20240125-170703" + value: "cp.icr.io/cp/appc/ace-server-prod:12.0.12.0-r1-20240417-022324" + #value: "image-registry.openshift-image-registry.svc.cluster.local:5000/default/ace-server-prod:12.0.12.0-r1-20240417-022324" diff --git a/tekton/os/cp4i/create-integrationruntime-ct.yaml b/tekton/os/cp4i/create-integrationruntime-ct.yaml index b9a7880..d921928 100644 --- a/tekton/os/cp4i/create-integrationruntime-ct.yaml +++ b/tekton/os/cp4i/create-integrationruntime-ct.yaml @@ -10,7 +10,7 @@ spec: toolkitFlow: true license: accept: true - license: L-DMRW-D3HQHQ + license: L-QECF-MBXVLU use: AppConnectEnterpriseNonProductionFREE configurations: - teajdbc-policy @@ -38,4 +38,4 @@ spec: memory: 1024Mi imagePullSecrets: - name: regcred - version: 12.0.11.1-r1 \ No newline at end of file + version: 12.0.12.0-r2 diff --git a/tekton/os/cp4i/create-integrationruntime.yaml b/tekton/os/cp4i/create-integrationruntime.yaml index e5d1d08..580ec15 100644 --- a/tekton/os/cp4i/create-integrationruntime.yaml +++ b/tekton/os/cp4i/create-integrationruntime.yaml @@ -10,7 +10,7 @@ spec: toolkitFlow: true license: accept: true - license: L-DMRW-D3HQHQ + license: L-QECF-MBXVLU use: AppConnectEnterpriseNonProductionFREE template: spec: @@ -29,4 +29,4 @@ spec: - teajdbc-policy - default-policy - teajdbc - version: 12.0.11.1-r1 \ No newline at end of file + version: 12.0.12.0-r2 diff --git a/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml b/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml index ed2d371..9a2c456 100644 --- a/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml +++ b/tekton/os/cp4i/minikube/minikube-dashboard-ingress.yaml @@ -2,15 +2,15 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: db01-ingress - namespace: ace-operator + namespace: cp4i spec: rules: - - http: + - https: paths: - pathType: Prefix - path: /tea/index + path: / backend: service: - name: tea-tekton-service + name: db01-dash port: number: 8300 diff --git a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml index 8d94f04..d67b6e2 100644 --- a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml @@ -2,11 +2,11 @@ apiVersion: appconnect.ibm.com/v1beta1 kind: Dashboard metadata: name: db01 - namespace: ace-operator + namespace: cp4i spec: license: accept: true - license: L-UTKS-P46KK2 + license: L-QECF-MBXVLU use: AppConnectEnterpriseProduction pod: containers: @@ -30,6 +30,11 @@ spec: storage: sizeLimit: 1Gi type: ephemeral - useCommonServices: false + authentication: + integrationKeycloak: + enabled: false + authorization: + integrationKeycloak: + enabled: false version: '12.0' displayMode: IntegrationRuntimes diff --git a/tekton/os/cp4i/minikube/minikube-install-og.yaml b/tekton/os/cp4i/minikube/minikube-install-og.yaml index 4cadf2a..9e8a854 100644 --- a/tekton/os/cp4i/minikube/minikube-install-og.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-og.yaml @@ -2,7 +2,7 @@ apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: name: ace-operator-group - namespace: ace-operator + namespace: cp4i spec: targetNamespaces: - - ace-operator + - cp4i diff --git a/tekton/os/cp4i/minikube/minikube-install-subscription.yaml b/tekton/os/cp4i/minikube/minikube-install-subscription.yaml index ab1a4a1..29c6cc0 100644 --- a/tekton/os/cp4i/minikube/minikube-install-subscription.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-subscription.yaml @@ -2,9 +2,9 @@ apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: name: ibm-appconnect - namespace: ace-operator + namespace: cp4i spec: - channel: v10.1 + channel: v11.5 name: ibm-appconnect source: ibm-appconnect-catalog sourceNamespace: olm diff --git a/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml b/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml new file mode 100644 index 0000000..ebbcb4c --- /dev/null +++ b/tekton/os/cp4i/minikube/minikube-tea-ingress.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: tea-ingress + namespace: cp4i +spec: + rules: + - http: + paths: + - pathType: Prefix + path: /tea/index + backend: + service: + name: tea-tekton-cp4i-ir + port: + number: 7800 From 85de3054848fd6bb6362a3b8b439a0c5a9ff537c Mon Sep 17 00:00:00 2001 From: Trevor Dolby Date: Tue, 28 May 2024 20:01:05 -0500 Subject: [PATCH 2/6] Minikube CP4i readme Signed-off-by: Trevor Dolby --- tekton/os/cp4i/minikube/README.md | 63 +++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 tekton/os/cp4i/minikube/README.md diff --git a/tekton/os/cp4i/minikube/README.md b/tekton/os/cp4i/minikube/README.md new file mode 100644 index 0000000..151c9e1 --- /dev/null +++ b/tekton/os/cp4i/minikube/README.md @@ -0,0 +1,63 @@ +# Minikube setup for CP4i + +[Minikube](https://minikube.sigs.k8s.io/docs/) is used extensively for local Kubernetes testing +and there are quite a few guides on the Internet to explain how to set it up and configure it. + +This directory contains the CP4i-specific Minikube information; see [/tekton/minikube/README.md](/tekton/minikube/README.md) +for plain Kubernetes. The same notes apply, along with the beginning of the setup. + +The definitive instructions for installing the ACE operator on non-OpenShift can be found at [https://www.ibm.com/docs/en/app-connect/containers_cd?topic=connect-installing-uninstalling-kubernetes](https://www.ibm.com/docs/en/app-connect/containers_cd?topic=connect-installing-uninstalling-kubernetes) +and the summary below tries to reflect the current state of the instructions. + +## Steps + +``` +minikube start --insecure-registry "192.168.0.0/16" +minikube addons enable dashboard +minikube addons enable registry +minikube addons enable metrics-server + +ubuntu@minikube-20231123:~/github.com/ace-demo-pipeline$ minikube ip +192.168.49.2 + +kubectl apply -f tekton/minikube/minikube-registry-nodeport.yaml + +kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.yaml +kubectl get pods --namespace cert-manager +kubectl patch deployment \ + cert-manager \ + --namespace cert-manager \ + --type='json' \ + -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/args", "value": [ + "--v=2", + "--cluster-resource-namespace=$(POD_NAMESPACE)", + "--leader-election-namespace=kube-system", + "--enable-certificate-owner-ref" +]}]' + +operator-sdk olm install + +kubectl create namespace cp4i +kubectl apply -f tekton/os/cp4i/minikube/minikube-install-og.yaml +kubectl apply -f tekton/os/cp4i/minikube/minikube-install-catalog-source.yaml +kubectl get CatalogSources ibm-appconnect-catalog -n olm +kubectl create secret -n cp4i docker-registry ibm-entitlement-key --docker-username=cp --docker-password=IBMENTITLEMENTKEY --docker-server=cp.icr.io +kubectl apply -f tekton/os/cp4i/minikube/minikube-install-subscription.yaml + +kubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml +kubectl apply --filename https://storage.googleapis.com/tekton-releases/dashboard/latest/release.yaml +kubectl create secret -n cp4i docker-registry regcred --docker-server=us.icr.io --docker-username=notused --docker-password=notused +kubectl create secret -n cp4i generic jdbc-secret --from-literal=USERID='BLAH' --from-literal=PASSWORD='BLAH' --from-literal=databaseName='BLUDB' --from-literal=serverName='19af6446-6171-4641-8aba-9dcff8e1b6ff.c1ogj3sd0tgtu0lqde00.databases.appdomain.cloud' --from-literal=portNumber='30699' + +kubectl apply -f tekton/os/cp4i/service-account-cp4i.yaml + +kubectl apply -f tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml +kubectl apply -f tekton/os/cp4i/13-component-test-in-cp4i-task.yaml +kubectl apply -f tekton/os/cp4i/22-deploy-to-cp4i-task.yaml +kubectl apply -f tekton/os/cp4i/cp4i-pipeline.yaml +``` + +At this point, it should be possible to edit `tekton/os/cp4i/cp4i-pipeline-run.yaml` to reflect +the Minikube registry address and then run the pipeline as shown at [/tekton/os/cp4i/README.md#pipeline-setup-and-run](/tekton/os/cp4i/README.md#pipeline-setup-and-run) +with the main difference being the use of the Tekton dashboard to monitor the pipeline run +instead of using the RedHat OpenShift Pipelines UI. From 48658ba3358856c5fe0be94cf30d0ca15c890f89 Mon Sep 17 00:00:00 2001 From: Trevor Dolby Date: Wed, 29 May 2024 12:51:42 -0500 Subject: [PATCH 3/6] Fix buildah image name Signed-off-by: Trevor Dolby --- tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml b/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml index 41b3626..3c0311c 100644 --- a/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml +++ b/tekton/os/cp4i/12-ibmint-cp4i-build-task.yaml @@ -114,8 +114,9 @@ spec: - mountPath: /work name: work - name: docker-build-and-push - #image: quay.io/buildah/stable:v1 - image: registry.redhat.io/rhel8/buildah:8.9-5 + image: quay.io/buildah/stable:v1 + # registry.redhat.io requires auth which works with OpenShift but not Minikube + #image: registry.redhat.io/rhel8/buildah:8.9-5 securityContext: runAsUser: 0 # Needed for hostPath volumes on OpenShift @@ -208,8 +209,9 @@ spec: - mountPath: /work name: work - name: docker-build-and-push-ct - #image: quay.io/buildah/stable:v1 - image: registry.redhat.io/rhel8/buildah:8.9-5 + image: quay.io/buildah/stable:v1 + # registry.redhat.io requires auth which works with OpenShift but not Minikube + #image: registry.redhat.io/rhel8/buildah:8.9-5 securityContext: runAsUser: 0 # Needed for hostPath volumes on OpenShift From 0603775e2627b1022b0df8f89ceaf189d55da01a Mon Sep 17 00:00:00 2001 From: Trevor Dolby Date: Wed, 29 May 2024 13:03:34 -0500 Subject: [PATCH 4/6] Update license Signed-off-by: Trevor Dolby --- tekton/os/cp4i/minikube/minikube-install-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml index d67b6e2..51ae5ab 100644 --- a/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml +++ b/tekton/os/cp4i/minikube/minikube-install-dashboard.yaml @@ -7,7 +7,7 @@ spec: license: accept: true license: L-QECF-MBXVLU - use: AppConnectEnterpriseProduction + use: AppConnectEnterpriseNonProductionFREE pod: containers: content-server: From 51046c262f11301c37f71df74a4e78ed9f790ef3 Mon Sep 17 00:00:00 2001 From: Trevor Dolby Date: Wed, 29 May 2024 13:08:47 -0500 Subject: [PATCH 5/6] Enable CI action Signed-off-by: Trevor Dolby --- .github/workflows/main.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d4c5fc2..d6c8604 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -6,9 +6,9 @@ name: CI on: # Triggers the workflow on push or pull request events but only for the main branch push: - branches: [ main, action-update ] + branches: [ main, minikube-cp4i ] pull_request: - branches: [ main, action-update ] + branches: [ main, minikube-cp4i ] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: From e6118472f2ec16c315368532753e22a6c48aaa6e Mon Sep 17 00:00:00 2001 From: Trevor Dolby Date: Thu, 30 May 2024 10:37:42 -0500 Subject: [PATCH 6/6] Update Minikube README Signed-off-by: Trevor Dolby --- tekton/minikube/README.md | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/tekton/minikube/README.md b/tekton/minikube/README.md index 12d520f..97bc906 100644 --- a/tekton/minikube/README.md +++ b/tekton/minikube/README.md @@ -43,20 +43,23 @@ For the `ace` image (following https://www.ibm.com/docs/en/app-connect/container kubectl create secret docker-registry ibm-entitlement-key --docker-username=cp --docker-password=myEntitlementKey --docker-server=cp.icr.io minikube ssh docker login cp.icr.io -u cp -p ibmEntitlementKey -docker pull cp.icr.io/cp/appc/ace:12.0.11.0-r1 -docker tag cp.icr.io/cp/appc/ace:12.0.11.0-r1 192.168.49.2:5000/default/ace:12.0.11.0-r1 -docker push 192.168.49.2:5000/default/ace:12.0.11.0-r1 +docker pull cp.icr.io/cp/appc/ace:12.0.12.0-r1 +docker tag cp.icr.io/cp/appc/ace:12.0.12.0-r1 192.168.49.2:5000/default/ace:12.0.12.0-r1 +docker push 192.168.49.2:5000/default/ace:12.0.12.0-r1 ``` -For `ace-minimal` and `ace-minimal-build`: +For `ace-minimal` and `ace-minimal-build`, update the `aceDownloadUrl` parameter in +tekton/minimal-image-build/ace-minimal-build-image-pipeline-run.yaml to a valid download URL +(see [setting-the-correct-product-version](/tekton/minimal-image-build/README.md#setting-the-correct-product-version) +for details) and then run: ``` kubectl apply -f tekton/minimal-image-build/01-ace-minimal-image-build-and-push-task.yaml kubectl apply -f tekton/minimal-image-build/02-ace-minimal-build-image-build-and-push-task.yaml kubectl apply -f tekton/minimal-image-build/ace-minimal-image-pipeline.yaml kubectl apply -f tekton/minimal-image-build/ace-minimal-build-image-pipeline.yaml -tkn pr delete ace-minimal-build-image-pipeline-run-1 -f ; kubectl apply -f tekton/minimal-image-build/ace-minimal-build-image-pipeline-run.yaml -tkn pr logs ace-minimal-build-image-pipeline-run-1 -f +kubectl create -f tekton/minimal-image-build/ace-minimal-build-image-pipeline-run.yaml +tkn pipelinerun logs -L -f ``` Building and deploying the application: @@ -65,14 +68,17 @@ kubectl apply -f tekton/10-ibmint-ace-build-task.yaml kubectl apply -f tekton/20-deploy-to-cluster-task.yaml kubectl apply -f tekton/21-knative-deploy-task.yaml kubectl apply -f tekton/ace-pipeline.yaml -tkn pr delete ace-pipeline-run-1 -f ; kubectl apply -f tekton/ace-pipeline-run.yaml -tkn pr logs ace-pipeline-run-1 -f + +kubectl create -f tekton/ace-pipeline-run.yaml +tkn pipelinerun logs -L -f minikube addons enable ingress kubectl apply -f tekton/minikube/tea-tekton-minikube-ingress.yaml ``` +The application should now be available and can be tested with `curl http://192.168.49.2/tea/index/2` to GET index 2. + -Knative setup: +## Knative setup: ``` kubectl apply -f https://github.com/knative/serving/releases/download/knative-v1.12.1/serving-crds.yaml