Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/github_actions/aquasecurity/trivy…
Browse files Browse the repository at this point in the history 
…-action-0.13.1
  • Loading branch information
@hors
hors authored Nov 6, 2023
2 parents acc9949 + db3f350 commit 287aa83
Show file tree
Hide file tree
Showing 162 changed files with 787 additions and 563 deletions.
79 changes: 37 additions & 42 deletions Jenkinsfile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
GKERegion='us-central1-a'
region='us-central1-a'
testUrlPrefix="https://percona-jenkins-artifactory-public.s3.amazonaws.com/cloud-pxc-operator"
tests=[]

Expand All @@ -7,22 +7,20 @@ void createCluster(String CLUSTER_SUFFIX) {
sh """
NODES_NUM=3
export KUBECONFIG=/tmp/$CLUSTER_NAME-${CLUSTER_SUFFIX}
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
source $HOME/google-cloud-sdk/path.bash.inc
ret_num=0
while [ \${ret_num} -lt 15 ]; do
ret_val=0
gcloud auth activate-service-account --key-file $CLIENT_SECRET_FILE
gcloud config set project $GCP_PROJECT
gcloud container clusters list --filter $CLUSTER_NAME-${CLUSTER_SUFFIX} --zone $GKERegion --format='csv[no-heading](name)' | xargs gcloud container clusters delete --zone $GKERegion --quiet || true
gcloud container clusters list --filter $CLUSTER_NAME-${CLUSTER_SUFFIX} --zone $region --format='csv[no-heading](name)' | xargs gcloud container clusters delete --zone $region --quiet || true
gcloud container clusters create --zone $GKERegion $CLUSTER_NAME-${CLUSTER_SUFFIX} --cluster-version=1.25 --machine-type=n1-standard-4 --preemptible --disk-size 30 --num-nodes=\$NODES_NUM --network=jenkins-vpc --subnetwork=jenkins-${CLUSTER_SUFFIX} --no-enable-autoupgrade --cluster-ipv4-cidr=/21 --labels delete-cluster-after-hours=6 && \
gcloud container clusters create --zone $region $CLUSTER_NAME-${CLUSTER_SUFFIX} --cluster-version=1.25 --machine-type=n1-standard-4 --preemptible --disk-size 30 --num-nodes=\$NODES_NUM --network=jenkins-vpc --subnetwork=jenkins-${CLUSTER_SUFFIX} --no-enable-autoupgrade --cluster-ipv4-cidr=/21 --labels delete-cluster-after-hours=6 && \
kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user jenkins@"$GCP_PROJECT".iam.gserviceaccount.com || ret_val=\$?
if [ \${ret_val} -eq 0 ]; then break; fi
ret_num=\$((ret_num + 1))
done
if [ \${ret_num} -eq 15 ]; then
gcloud container clusters list --filter $CLUSTER_NAME-${CLUSTER_SUFFIX} --zone $GKERegion --format='csv[no-heading](name)' | xargs gcloud container clusters delete --zone $GKERegion --quiet || true
gcloud container clusters list --filter $CLUSTER_NAME-${CLUSTER_SUFFIX} --zone $region --format='csv[no-heading](name)' | xargs gcloud container clusters delete --zone $region --quiet || true
exit 1
fi
"""
Expand All @@ -33,8 +31,6 @@ void shutdownCluster(String CLUSTER_SUFFIX) {
withCredentials([string(credentialsId: 'GCP_PROJECT_ID', variable: 'GCP_PROJECT'), file(credentialsId: 'gcloud-key-file', variable: 'CLIENT_SECRET_FILE')]) {
sh """
export KUBECONFIG=/tmp/$CLUSTER_NAME-${CLUSTER_SUFFIX}
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
source $HOME/google-cloud-sdk/path.bash.inc
gcloud auth activate-service-account --key-file $CLIENT_SECRET_FILE
gcloud config set project $GCP_PROJECT
for namespace in \$(kubectl get namespaces --no-headers | awk '{print \$1}' | grep -vE "^kube-|^openshift" | sed '/-operator/ s/^/1-/' | sort | sed 's/^1-//'); do
Expand All @@ -46,17 +42,15 @@ void shutdownCluster(String CLUSTER_SUFFIX) {
kubectl delete pods --all -n \$namespace --force --grace-period=0 || true
done
kubectl get svc --all-namespaces || true
gcloud container clusters delete --zone $GKERegion $CLUSTER_NAME-${CLUSTER_SUFFIX}
gcloud container clusters delete --zone $region $CLUSTER_NAME-${CLUSTER_SUFFIX}
"""
}
}

void deleteOldClusters(String FILTER) {
withCredentials([string(credentialsId: 'GCP_PROJECT_ID', variable: 'GCP_PROJECT'), file(credentialsId: 'gcloud-key-file', variable: 'CLIENT_SECRET_FILE')]) {
sh """
if [ -f $HOME/google-cloud-sdk/path.bash.inc ]; then
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
source $HOME/google-cloud-sdk/path.bash.inc
if gcloud --version > /dev/null 2>&1; then
gcloud auth activate-service-account --key-file $CLIENT_SECRET_FILE
gcloud config set project $GCP_PROJECT
for GKE_CLUSTER in \$(gcloud container clusters list --format='csv[no-heading](name)' --filter="$FILTER"); do
Expand All @@ -72,7 +66,7 @@ void deleteOldClusters(String FILTER) {
break
fi
done
gcloud container clusters delete --async --zone $GKERegion --quiet \$GKE_CLUSTER || true
gcloud container clusters delete --async --zone $region --quiet \$GKE_CLUSTER || true
done
fi
"""
Expand Down Expand Up @@ -140,8 +134,6 @@ void markPassedTests() {
void printKubernetesStatus(String LOCATION, String CLUSTER_SUFFIX) {
sh """
export KUBECONFIG=/tmp/$CLUSTER_NAME-$CLUSTER_SUFFIX
export USE_GKE_GCLOUD_AUTH_PLUGIN=True
source $HOME/google-cloud-sdk/path.bash.inc
echo "========== KUBERNETES STATUS $LOCATION TEST =========="
gcloud container clusters list|grep -E "NAME|$CLUSTER_NAME-$CLUSTER_SUFFIX "
echo
Expand Down Expand Up @@ -223,8 +215,7 @@ void runTest(Integer TEST_ID) {
fi
export KUBECONFIG=/tmp/$CLUSTER_NAME-$clusterSuffix
export MYSQL_VERSION=$mysqlVer
source $HOME/google-cloud-sdk/path.bash.inc
time bash ./e2e-tests/$testName/run
time bash e2e-tests/$testName/run
"""
}
pushArtifactFile("${env.GIT_BRANCH}-${env.GIT_SHORT_COMMIT}-$testNameWithMysqlVersion")
Expand Down Expand Up @@ -293,34 +284,39 @@ pipeline {
}
}
}
sh '''
sudo yum install -y https://repo.percona.com/yum/percona-release-latest.noarch.rpm || true
sudo percona-release enable-only tools
sudo yum install -y percona-xtrabackup-80 | true
if [ ! -d $HOME/google-cloud-sdk/bin ]; then
rm -rf $HOME/google-cloud-sdk
curl https://sdk.cloud.google.com | bash
fi
source $HOME/google-cloud-sdk/path.bash.inc
gcloud components install alpha
gcloud components install kubectl
curl -fsSL https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
curl -s -L https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz \
| sudo tar -C /usr/local/bin --strip-components 1 --wildcards -zxvpf - '*/oc'
sh """
sudo curl -s -L -o /usr/local/bin/kubectl https://dl.k8s.io/release/\$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl && sudo chmod +x /usr/local/bin/kubectl
kubectl version --client --output=yaml
curl -s -L https://github.com/mitchellh/golicense/releases/latest/download/golicense_0.2.0_linux_x86_64.tar.gz \
| sudo tar -C /usr/local/bin --wildcards -zxvpf -
curl -fsSL https://get.helm.sh/helm-v3.12.3-linux-amd64.tar.gz | sudo tar -C /usr/local/bin --strip-components 1 -xzf - linux-amd64/helm
sudo sh -c "curl -s -L https://github.com/mikefarah/yq/releases/download/v4.34.1/yq_linux_amd64 > /usr/local/bin/yq"
sudo sh -c "curl -s -L https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 > /usr/local/bin/jq"
sudo sh -c "curl -s -L https://github.com/mikefarah/yq/releases/download/v4.35.1/yq_linux_amd64 > /usr/local/bin/yq"
sudo chmod +x /usr/local/bin/yq
sudo sh -c "curl -s -L https://github.com/jqlang/jq/releases/download/jq-1.6/jq-linux64 > /usr/local/bin/jq"
sudo chmod +x /usr/local/bin/jq
'''
sudo tee /etc/yum.repos.d/google-cloud-sdk.repo << EOF
[google-cloud-cli]
name=Google Cloud CLI
baseurl=https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
sudo yum install -y google-cloud-cli google-cloud-cli-gke-gcloud-auth-plugin
curl -sL https://github.com/mitchellh/golicense/releases/latest/download/golicense_0.2.0_linux_x86_64.tar.gz | sudo tar -C /usr/local/bin -xzf - golicense
sudo yum install -y https://repo.percona.com/yum/percona-release-latest.noarch.rpm || true
sudo percona-release enable-only tools
sudo yum install -y percona-xtrabackup-80 | true
"""

withCredentials([file(credentialsId: 'cloud-secret-file', variable: 'CLOUD_SECRET_FILE')]) {
sh '''
cp $CLOUD_SECRET_FILE ./e2e-tests/conf/cloud-secret.yml
cp $CLOUD_SECRET_FILE e2e-tests/conf/cloud-secret.yml
'''
}
deleteOldClusters("jen-pxc-$CHANGE_ID")
Expand Down Expand Up @@ -509,9 +505,8 @@ pipeline {
}
deleteOldClusters("$CLUSTER_NAME")
sh """
sudo docker system prune -fa
sudo rm -rf ./*
sudo rm -rf $HOME/google-cloud-sdk
sudo docker system prune --volumes -af
sudo rm -rf *
"""
deleteDir()
}
Expand Down
63 changes: 57 additions & 6 deletions config/crd/bases/pxc.percona.com_perconaxtradbclusters.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1709,6 +1709,11 @@ spec:
items:
type: string
type: array
allocatedResourceStatuses:
additionalProperties:
type: string
type: object
x-kubernetes-map-type: granular
allocatedResources:
additionalProperties:
anyOf:
Expand Down Expand Up @@ -1749,8 +1754,6 @@ spec:
type: array
phase:
type: string
resizeStatus:
type: string
type: object
type: object
type: array
Expand Down Expand Up @@ -2904,6 +2907,8 @@ spec:
x-kubernetes-int-or-string: true
type: object
type: object
restartPolicy:
type: string
securityContext:
properties:
allowPrivilegeEscalation:
Expand Down Expand Up @@ -3241,6 +3246,42 @@ spec:
items:
type: string
type: array
initContainer:
properties:
image:
type: string
resources:
properties:
claims:
items:
properties:
name:
type: string
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
type: object
type: object
type: object
initImage:
type: string
logCollectorSecretName:
Expand Down Expand Up @@ -4341,6 +4382,11 @@ spec:
items:
type: string
type: array
allocatedResourceStatuses:
additionalProperties:
type: string
type: object
x-kubernetes-map-type: granular
allocatedResources:
additionalProperties:
anyOf:
Expand Down Expand Up @@ -4381,8 +4427,6 @@ spec:
type: array
phase:
type: string
resizeStatus:
type: string
type: object
type: object
type: array
Expand Down Expand Up @@ -5536,6 +5580,8 @@ spec:
x-kubernetes-int-or-string: true
type: object
type: object
restartPolicy:
type: string
securityContext:
properties:
allowPrivilegeEscalation:
Expand Down Expand Up @@ -6791,6 +6837,11 @@ spec:
items:
type: string
type: array
allocatedResourceStatuses:
additionalProperties:
type: string
type: object
x-kubernetes-map-type: granular
allocatedResources:
additionalProperties:
anyOf:
Expand Down Expand Up @@ -6831,8 +6882,6 @@ spec:
type: array
phase:
type: string
resizeStatus:
type: string
type: object
type: object
type: array
Expand Down Expand Up @@ -7986,6 +8035,8 @@ spec:
x-kubernetes-int-or-string: true
type: object
type: object
restartPolicy:
type: string
securityContext:
properties:
allowPrivilegeEscalation:
Expand Down
Loading

0 comments on commit 287aa83

Please sign in to comment.