@@ -333,23 +333,29 @@ jobs:
333333 - checkout
334334 - run :
335335 command : |
336- sudo apt install -y uuid-runtime
336+ sudo apt update
337+ sudo apt install -y uuid-runtime make
337338 python -m pip install requests pyyaml
338- python -m pip install operator-courier==2.1.7
339+ python scripts/operator/download_operator_sdk.py
340+ # The machine executor uses an old debian version, the latest OPM 1.16.1 requires a later version of GLIBC that the current machine cannot have.
341+ # So instead of using the (currently) latest version, we have to use an older one that references an older GLIBC.
342+ OPM_VERSION=v1.13.0 python scripts/operator/download_operator_package_manager.py
343+ curl -L https://github.com/openshift/okd/releases/download/4.7.0-0.okd-2021-03-28-152009/openshift-client-linux-4.7.0-0.okd-2021-03-28-152009.tar.gz | tar xfz - -- oc
344+ sudo mv oc /usr/local/bin/oc
345+ curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
346+ sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
339347name : Install required packages
340348 - install_python_requests
349+ - setup_remote_docker
350+ - run : docker login --username ${DOCKERHUB_USER} --password ${DOCKERHUB_PASSWORD}
341351 - run :
342- command : echo "${OPENSHIFT4_ETC_HOSTS_ENTRY}" | sudo tee -a /etc/hosts
343- description : " The test cluster returns URLs that are local only to the cluster (e.g. https://api.crc.testing).\n These URLs don't make sense for the public internet, so we add a little hack in /etc/hosts \n that makes the URLs point to the IP address of the test cluster, allowing us to reach back to it.\n "
344- name : Update /etc/hosts with an entry to the OpenShift cluster
345- - redhat-openshift/login-and-update-kubeconfig :
346- insecure-skip-tls-verify : true
347- openshift-platform-version : 4.x
348- password : $OPENSHIFT4_PASSWORD
349- server-address : $OPENSHIFT4_CLUSTER_URL
350- username : $OPENSHIFT4_USER
352+ command : |
353+ oc login --token="${OPENSHIFT4_PASSWORD}" --server="${OPENSHIFT4_CLUSTER_URL}" --kubeconfig="$(pwd)/kubeconfig"
354+ echo "export KUBECONFIG=$(pwd)/kubeconfig" >> $BASH_ENV
355+ name : Login and update KUBECONFIG
351356 - run :
352357 command : |
358+ source $BASH_ENV
353359 set -xeo pipefail
354360
355361 OPERATOR_VERSION=$(python ./scripts/operator/get_last_published_operator_version.py)
@@ -359,6 +365,7 @@ jobs:
359365name : Get last released Operator version
360366 - run :
361367 command : |
368+ source $BASH_ENV
362369 LATEST_TAG_WITH_V=`git describe --abbrev=0 --tags ${CIRCLE_SHA1}`
363370 LATEST_TAG=${LATEST_TAG_WITH_V:1}
364371 echo "export LATEST_TAG=${LATEST_TAG}" >> $BASH_ENV
@@ -367,38 +374,35 @@ jobs:
367374name : Get latest snyk-monitor tag
368375 - run :
369376 command : |
377+ source $BASH_ENV
370378 if [[ "${LATEST_TAG}" == "${OPERATOR_VERSION}" ]]; then
371379 echo "export NOTHING_TO_TEST=true" >> $BASH_ENV
372380 exit 1
373381 fi
374382name : End tests early if no new Operator is to be released
375383 - run :
376384 command : |
385+ source $BASH_ENV
377386 set -xeo pipefail
378387
379- # Package Operator Bundle to be uploaded to Quay.io
388+ # Package Operator Bundle to be uploaded to Docker Hub
380389 SNYK_OPERATOR_IMAGE_TAG=${OPERATOR_VERSION}
381390 SNYK_MONITOR_IMAGE_TAG=${OPERATOR_VERSION}
382- OPERATOR_DIR=$(python scripts/operator/package_operator_bundle.py $OPERATOR_VERSION $SNYK_OPERATOR_IMAGE_TAG $SNYK_MONITOR_IMAGE_TAG)
383-
384- QUAY_TOKEN=$(python ./scripts/operator/get_quay_token.py "${QUAY_USERNAME}" "${QUAY_PASSWORD}")
391+ OPERATOR_DIR=$(python scripts/operator/package_operator_bundle.py $OPERATOR_VERSION $SNYK_OPERATOR_IMAGE_TAG $SNYK_MONITOR_IMAGE_TAG)
385392
386- QUAY_NAMESPACE=snyk-runtime
387- PACKAGE_NAME=snyk-operator
388-
389- operator-courier push "${OPERATOR_DIR}" "${QUAY_NAMESPACE}" "${PACKAGE_NAME}" "${OPERATOR_VERSION}" "${QUAY_TOKEN}"
393+ python scripts/operator/create_operator_bundle_and_index_and_push.py $OPERATOR_DIR $OPERATOR_VERSION $DOCKERHUB_USER $DOCKERHUB_PASSWORD
390394description : |
391395 Even though the Operator is released to the community-operators repo,
392396 we can reproduce it locally using our packaged scripts. This also helps us
393397 test the upgrade by pushing all tested Operators to our Quay repo.
394- name : Package Operator Bundle and push to Quay
398+ name : Package Operator Bundle and push to Docker Hub
395399 - run :
396400 command : |
397401 set +e
398402 kubectl patch customresourcedefinition snykmonitors.charts.helm.k8s.io -p '{"metadata":{"finalizers":[]}}' --type=merge -n snyk-monitor
399403 kubectl patch snykmonitors.charts.helm.k8s.io snyk-monitor -p '{"metadata":{"finalizers":[]}}' --type=merge -n snyk-monitor
400404 kubectl delete customresourcedefinition snykmonitors.charts.helm.k8s.io
401- kubectl delete operatorsource snyk-operator -n openshift-marketplace
405+ kubectl delete catalogsource snyk-operator -n openshift-marketplace
402406 kubectl delete clusterrolebinding snyk-monitor
403407 kubectl delete clusterrole snyk-monitor
404408 kubectl delete namespace services
@@ -424,25 +428,14 @@ jobs:
424428name : Configure snyk-monitor namespace
425429 - run :
426430 command : |
431+ source $BASH_ENV
427432 set -xe
428433
429- sed -i.bak "s|QUAY_USERNAME_OVERRIDE|${QUAY_USERNAME}|g" ./test/fixtures/operator/operator-source.yaml
430- kubectl apply -f ./test/fixtures/operator/operator-source.yaml
431-
432- set +e
433- opsrc=$(kubectl get operatorsource snyk-operator -n openshift-marketplace --no-headers 2>/dev/null | awk '{print $9}')
434-
435- set -e
436- while [[ "${opsrc}" != "Succeeded" ]]; do
437- if [[ -z "${opsrc}" || "${opsrc}" == "Failed" ]]; then
438- >&2 echo "failed to deploy operator source resource"
439- exit 1
440- fi
441- opsrc=$(kubectl get operatorsource snyk-operator -n openshift-marketplace --no-headers 2>/dev/null | awk '{print $9}')
442- done
434+ sed -i.bak "s|TAG_OVERRIDE|${OPERATOR_VERSION}|g" ./test/fixtures/operator/catalog-source.yaml
435+ kubectl apply -f ./test/fixtures/operator/catalog-source.yaml
443436
444437 kubectl apply -f ./test/fixtures/operator/installation.yaml
445- sleep 60
438+ sleep 120
446439 kubectl get pods -n snyk-monitor --no-headers | \
447440 grep "snyk-operator" | \
448441 awk 'END { if (NR==0) exit 1; else print $1 }' | \
@@ -453,7 +446,7 @@ jobs:
453446 set -o pipefail
454447
455448 kubectl apply -f ./test/fixtures/operator/custom-resource.yaml
456- sleep 60
449+ sleep 120
457450
458451 kubectl get pods -n snyk-monitor --no-headers | \
459452 grep "snyk-monitor" | \
@@ -462,27 +455,23 @@ jobs:
462455name : Deploy snyk-monitor resource
463456 - run :
464457 command : |
458+ source $BASH_ENV
465459 set -eo pipefail
466460
467461 REPLACES_VERSION=${OPERATOR_VERSION}
468462
469463 OPERATOR_DIR=$(python scripts/operator/package_operator_bundle.py "${LATEST_TAG}" "${LATEST_TAG}" "${LATEST_TAG}" "${REPLACES_VERSION}")
470-
471- export QUAY_TOKEN=$(python ./scripts/operator/get_quay_token.py "${QUAY_USERNAME}" "${QUAY_PASSWORD}")
472-
473- QUAY_NAMESPACE=snyk-runtime
474- PACKAGE_NAME=snyk-operator
475-
476- set +x
477- operator-courier push "${OPERATOR_DIR}" "${QUAY_NAMESPACE}" "${PACKAGE_NAME}" "${LATEST_TAG}" "${QUAY_TOKEN}"
478- set -x
479- name : Package Operator Bundle upgrade and push to Quay
464+ python scripts/operator/create_operator_bundle_and_index_and_push.py $OPERATOR_DIR $LATEST_TAG $DOCKERHUB_USER $DOCKERHUB_PASSWORD $REPLACES_VERSION
465+ description : Now we are testing that any upgrades to the Operator are detected and applied in the cluster.
466+ name : Package Operator Bundle upgrade and push to Docker Hub
480467 - run :
481468 command : |
469+ source $BASH_ENV
482470 set -xeo pipefail
483471
484- # NOTE: This is the action that actually refreshes the source and makes OLM "see" the new version in Quay!
485- oc patch operatorsource snyk-operator -n openshift-marketplace -p '[{"op":"replace","path":"/status","value":{}}]' --type json
472+ sed -i.bak "s|${OPERATOR_VERSION}|${LATEST_TAG}|g" ./test/fixtures/operator/catalog-source.yaml
473+ kubectl apply -f ./test/fixtures/operator/catalog-source.yaml
474+
486475 sleep 120
487476
488477 VERSION=$(kubectl get pods -n snyk-monitor --no-headers | \
@@ -500,18 +489,14 @@ jobs:
500489name : Upgrade Operator and check that snyk-monitor also upgraded
501490 - run :
502491 command : |
492+ source $BASH_ENV
503493 ./scripts/slack/notify_success_openshift_upgrade.py "${OPERATOR_VERSION}" "${LATEST_TAG}"
504494name : Notify Slack on successful upgrade
505495 - run :
506496 command : |
507497 set +e
508498
509- curl -XDELETE -H "Accept: application/json" -H "Content-Type: application/json" \
510- -H "Authorization: ${QUAY_DELETE_TOKEN}" "https://quay.io/cnr/api/v1/packages/snyk-runtime/snyk-operator/${OPERATOR_VERSION}/helm"
511- curl -XDELETE -H "Accept: application/json" -H "Content-Type: application/json" \
512- -H "Authorization: ${QUAY_DELETE_TOKEN}" "https://quay.io/cnr/api/v1/packages/snyk-runtime/snyk-operator/${LATEST_TAG}/helm"
513-
514- kubectl delete -f ./test/fixtures/operator/operator-source.yaml
499+ kubectl delete -f ./test/fixtures/operator/catalog-source.yaml
515500 kubectl delete -f ./test/fixtures/operator/installation.yaml
516501
517502 kubectl patch customresourcedefinition snykmonitors.charts.helm.k8s.io -p '{"metadata":{"finalizers":[]}}' --type=merge -n snyk-monitor
0 commit comments