From b9281cb851e14a54948a1879be16b49f35879c08 Mon Sep 17 00:00:00 2001 From: Giovanni Toraldo Date: Fri, 1 Sep 2023 16:59:08 +0200 Subject: [PATCH] OPSEXP-2222 Migrate helm enterprise to kind (#998) --- .github/workflows/helm-community.yml | 60 ++++++--- .github/workflows/helm-enterprise.yml | 99 +++++++++----- helm/alfresco-content-services/Chart.lock | 6 +- helm/alfresco-content-services/Chart.yaml | 2 +- helm/alfresco-content-services/README.md | 2 +- test/community-integration-test-values.yaml | 33 +++-- test/enterprise-integration-test-values.yaml | 135 +++++++++++++++++++ 7 files changed, 272 insertions(+), 65 deletions(-) create mode 100644 test/enterprise-integration-test-values.yaml diff --git a/.github/workflows/helm-community.yml b/.github/workflows/helm-community.yml index c04b00347..79df97559 100644 --- a/.github/workflows/helm-community.yml +++ b/.github/workflows/helm-community.yml @@ -14,45 +14,71 @@ on: branches: - master - release/** +concurrency: + group: helm-com-${{ github.head_ref || github.ref_name }} + cancel-in-progress: true jobs: community_charts: - runs-on: [self-hosted, linux, X64] + runs-on: [self-hosted] steps: - uses: actions/checkout@v3 + - uses: azure/setup-helm@v3 with: version: "3.12.1" + + - name: Login to Docker Hub + uses: docker/login-action@v2 + if: ${{ ! github.event.repository.fork }} + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Setup cluster uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v3.1.0 - - name: Community local deployment + + - name: Create registries auth secret + if: ${{ ! github.event.repository.fork }} + run: | + kubectl create secret generic regcred \ + --from-file=.dockerconfigjson=$HOME/.docker/config.json \ + --type=kubernetes.io/dockerconfigjson + + - name: Helm install run: | helm dep up ./helm/alfresco-content-services helm install acs ./helm/alfresco-content-services \ --set global.tracking.sharedsecret="$(openssl rand -hex 24)" \ --set global.known_urls=http://localhost \ + --set global.alfrescoRegistryPullSecrets=regcred \ --wait --timeout 15m0s --values \ test/community-integration-test-values.yaml + - name: Spit cluster status if: always() run: | helm ls --all-namespaces kubectl get all --all-namespaces kubectl describe pod + - name: Wait ACS to warm up run: sleep 60 - - name: run Postman tests - uses: matt-ball/newman-action@v1.0.4 + + - uses: nick-fields/retry@v2 + id: newman with: - globalVar: >- - [ - { - "key":"protocol", - "value":"http" - }, - { - "key":"url", - "value":"localhost" - } - ] - collection: test/postman/helm/acs-test-helm-collection.json - insecure: true + timeout_minutes: 1 + retry_wait_seconds: 30 + max_attempts: 5 + command: >- + docker run --network=host + -v $(pwd)/test/postman:/etc/postman + -t postman/newman run /etc/postman/helm/acs-test-helm-collection.json + --global-var protocol=http --global-var url=localhost + + - name: Spit cluster status after tests + if: always() && steps.newman.outcome != 'skipped' + run: | + helm ls --all-namespaces + kubectl get all --all-namespaces + kubectl describe pod diff --git a/.github/workflows/helm-enterprise.yml b/.github/workflows/helm-enterprise.yml index 4c5acc975..c24c6121a 100644 --- a/.github/workflows/helm-enterprise.yml +++ b/.github/workflows/helm-enterprise.yml @@ -14,15 +14,15 @@ on: - master - release/** concurrency: - group: ${{ github.head_ref || github.ref_name || github.run_id }} - cancel-in-progress: false + group: helm-ent-${{ github.head_ref || github.ref_name }} + cancel-in-progress: true jobs: build_vars: runs-on: ubuntu-latest if: >- github.event_name == 'push' || ( - github.event.pull_request.head.user.login == 'Alfresco' + ! github.event.repository.fork && github.actor != 'dependabot[bot]' ) outputs: @@ -54,57 +54,90 @@ jobs: run: | CHARTS=$(jq -nc --argjson json '${{ env.JSON }}' '${{ env.JQ_FILTER }}') echo "json=$CHARTS" >> $GITHUB_OUTPUT + helm_integration: - runs-on: [self-hosted, linux, X64] + runs-on: [self-hosted] needs: - build_vars name: Helm ${{ matrix.name }} ${{ matrix.values }} strategy: fail-fast: false - max-parallel: 3 matrix: include: ${{ fromJSON(needs.build_vars.outputs.ver_json) }} steps: - uses: actions/checkout@v3 - with: - fetch-depth: 0 + - uses: azure/setup-helm@v3 with: version: "3.12.1" + - name: Setup aws cli run: | curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install + - name: Setup dnsutils run: | sudo apt update sudo apt install -y dnsutils - - name: compute version as expected by deployment script - id: values_to_version + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Login to Quay.io + uses: docker/login-action@v2 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_PASSWORD }} + + - name: Setup cluster + uses: Alfresco/alfresco-build-tools/.github/actions/setup-kind@v3.1.0 + + - name: Create registries auth secret run: | - VFILE="${{ matrix.values }}" - if [ "${VFILE}" == 'values.yaml' ]; then V='latest' - else V=${VFILE%_values.yaml} - fi - SANITIZED_V=$(echo ${{ matrix.name }} | sed -r 's/[[:punct:]]?(.)[[:alnum:]]*/\1/g')-${V//./} - SANITIZED_V=${SANITIZED_V,,} - echo "Release prefix to $SANITIZED_V" - echo "app_version=$V" >> $GITHUB_OUTPUT - echo "app_prefix=${SANITIZED_V}" >> $GITHUB_OUTPUT - - uses: >- - Alfresco/alfresco-build-tools/.github/actions/dbp-charts/verify-helm@v3.1.0 + kubectl create secret generic regcred \ + --from-file=.dockerconfigjson=$HOME/.docker/config.json \ + --type=kubernetes.io/dockerconfigjson + + - name: Helm install + run: | + helm dep up ./helm/alfresco-content-services + helm install acs ./helm/alfresco-content-services \ + --set global.tracking.sharedsecret="$(openssl rand -hex 24)" \ + --set global.known_urls=http://localhost \ + --set global.alfrescoRegistryPullSecrets=regcred \ + --set 'global.registryPullSecrets[0]=regcred' \ + --wait --timeout 15m0s \ + --values helm/${{ matrix.name }}/${{ matrix.values }} \ + --values test/enterprise-integration-test-values.yaml + + - name: Spit cluster status after install + if: always() + run: | + helm ls --all-namespaces + kubectl get all --all-namespaces + kubectl describe pod + + - uses: nick-fields/retry@v2 + id: newman with: - skip_checkout: "true" - test_newman: "true" - chart_name: ${{ matrix.name }} - release_prefix: ${{ steps.values_to_version.outputs.app_prefix }} - acs_version: ${{ steps.values_to_version.outputs.app_version }} - aws_access_key_id: ${{ secrets.ACS_CLUSTER_AWS_ACCESS_KEY_ID }} - aws_secret_access_key: ${{ secrets.ACS_CLUSTER_AWS_SECRET_ACCESS_KEY }} - docker_username: ${{ secrets.DOCKER_USERNAME }} - docker_password: ${{ secrets.DOCKER_PASSWORD }} - quay_username: ${{ secrets.QUAY_USERNAME }} - quay_password: ${{ secrets.QUAY_PASSWORD }} - acm_certificate: ${{ secrets.ACM_CERTIFICATE }} - aws_sg: ${{ secrets.AWS_SG }} + timeout_minutes: 1 + retry_wait_seconds: 30 + max_attempts: 5 + command: >- + docker run --network=host + -v $(pwd)/test/postman:/etc/postman + -t postman/newman run /etc/postman/helm/acs-test-helm-collection.json + --global-var protocol=http --global-var url=localhost + + - name: Spit cluster status after tests + if: always() && steps.newman.outcome != 'skipped' + run: | + helm ls --all-namespaces + kubectl get all --all-namespaces + kubectl describe pod diff --git a/helm/alfresco-content-services/Chart.lock b/helm/alfresco-content-services/Chart.lock index e378d3300..f6c22b817 100644 --- a/helm/alfresco-content-services/Chart.lock +++ b/helm/alfresco-content-services/Chart.lock @@ -13,7 +13,7 @@ dependencies: version: 7.11.0 - name: activemq repository: https://alfresco.github.io/alfresco-helm-charts/ - version: 3.2.0 + version: 3.3.0 - name: alfresco-transform-service repository: https://alfresco.github.io/alfresco-helm-charts/ version: 0.2.0 @@ -38,5 +38,5 @@ dependencies: - name: alfresco-ai-transformer repository: https://alfresco.github.io/alfresco-helm-charts/ version: 0.3.0 -digest: sha256:7d87e48347f65a83de9f44e7a22d3e55d94f34b6b1d84bbb36e3c9b65e6aecdb -generated: "2023-08-23T09:36:14.216027+02:00" +digest: sha256:6ad76091912aee0b130d5eef18bb86666eedabe0eb708d2b964c47ef5afe4fb6 +generated: "2023-08-29T09:00:00.411365+02:00" diff --git a/helm/alfresco-content-services/Chart.yaml b/helm/alfresco-content-services/Chart.yaml index 30184d8a6..5fb986482 100644 --- a/helm/alfresco-content-services/Chart.yaml +++ b/helm/alfresco-content-services/Chart.yaml @@ -36,7 +36,7 @@ dependencies: condition: >- alfresco-digital-workspace.enabled - name: activemq - version: 3.2.0 + version: 3.3.0 repository: https://alfresco.github.io/alfresco-helm-charts/ condition: activemq.enabled - name: alfresco-transform-service diff --git a/helm/alfresco-content-services/README.md b/helm/alfresco-content-services/README.md index 00dbdfdc7..8dc18be7e 100644 --- a/helm/alfresco-content-services/README.md +++ b/helm/alfresco-content-services/README.md @@ -18,7 +18,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b |------------|------|---------| | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-control-center(common) | 7.11.0 | | https://activiti.github.io/activiti-cloud-helm-charts | alfresco-digital-workspace(common) | 7.11.0 | -| https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.2.0 | +| https://alfresco.github.io/alfresco-helm-charts/ | activemq | 3.3.0 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-ai-transformer | 0.3.0 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-common | 2.1.0 | | https://alfresco.github.io/alfresco-helm-charts/ | alfresco-connector-ms365 | 0.4.0 | diff --git a/test/community-integration-test-values.yaml b/test/community-integration-test-values.yaml index c0b4d0b96..e1f03798a 100644 --- a/test/community-integration-test-values.yaml +++ b/test/community-integration-test-values.yaml @@ -5,6 +5,7 @@ repository: cpu: "0.01" memory: "1024Mi" limits: + cpu: "2" memory: "1560Mi" edition: Community replicaCount: 1 @@ -19,7 +20,14 @@ share: cpu: "0.01" memory: "256Mi" limits: + cpu: "2" memory: "512Mi" + readinessProbe: + initialDelaySeconds: 60 + timeoutSeconds: 45 + livenessProbe: + initialDelaySeconds: 60 + timeoutSeconds: 45 image: repository: alfresco/alfresco-share alfresco-search: @@ -28,12 +36,13 @@ alfresco-search: cpu: "0.01" memory: "512Mi" limits: + cpu: "2" memory: "1280Mi" searchServicesImage: repository: alfresco/alfresco-search-services alfresco-transform-service: enabled: true - pdfrenderer: &ats-pdf + pdfrenderer: livenessProbe: initialDelaySeconds: 30 resources: @@ -41,9 +50,10 @@ alfresco-transform-service: cpu: "0.01" memory: "256Mi" limits: + cpu: "2" memory: "512Mi" replicaCount: 1 - imagemagick: &ats-im + imagemagick: livenessProbe: initialDelaySeconds: 30 resources: @@ -51,9 +61,10 @@ alfresco-transform-service: cpu: "0.01" memory: "256Mi" limits: + cpu: "2" memory: "512Mi" replicaCount: 1 - libreoffice: &ats-lo + libreoffice: livenessProbe: initialDelaySeconds: 30 resources: @@ -61,9 +72,10 @@ alfresco-transform-service: cpu: "0.01" memory: "512Mi" limits: + cpu: "2" memory: "1024Mi" replicaCount: 1 - tika: &ats-tika + tika: livenessProbe: initialDelaySeconds: 30 resources: @@ -71,9 +83,10 @@ alfresco-transform-service: cpu: "0.01" memory: "256Mi" limits: + cpu: "2" memory: "512Mi" replicaCount: 1 - transformmisc: &ats-misc + transformmisc: livenessProbe: initialDelaySeconds: 30 resources: @@ -81,17 +94,13 @@ alfresco-transform-service: cpu: "0.01" memory: "256Mi" limits: + cpu: "2" memory: "512Mi" replicaCount: 1 transformrouter: enabled: false filestore: enabled: false -pdfrenderer: *ats-pdf -imagemagick: *ats-im -libreoffice: *ats-lo -tika: *ats-tika -transformmisc: *ats-misc # Disable features alfresco-digital-workspace: enabled: false @@ -102,6 +111,10 @@ postgresql: resources: requests: cpu: "0.01" + memory: "512Mi" + limits: + cpu: "2" + memory: "1Gi" ai: enabled: false s3connector: diff --git a/test/enterprise-integration-test-values.yaml b/test/enterprise-integration-test-values.yaml new file mode 100644 index 000000000..9a27b50a7 --- /dev/null +++ b/test/enterprise-integration-test-values.yaml @@ -0,0 +1,135 @@ +--- +repository: + resources: + requests: + cpu: "0.01" + memory: "1024Mi" + limits: + cpu: "2" + memory: "1560Mi" + replicaCount: 2 + persistence: + accessModes: + - ReadWriteOnce + startupProbe: + failureThreshold: 20 +share: + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + cpu: "2" + memory: "512Mi" + readinessProbe: + initialDelaySeconds: 60 + timeoutSeconds: 45 + livenessProbe: + initialDelaySeconds: 60 + timeoutSeconds: 45 +alfresco-search: + resources: + requests: + cpu: "0.01" + memory: "512Mi" + limits: + cpu: "2" + memory: "1280Mi" +alfresco-transform-service: + enabled: true + pdfrenderer: + livenessProbe: + initialDelaySeconds: 30 + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + cpu: "2" + memory: "512Mi" + replicaCount: 1 + imagemagick: + livenessProbe: + initialDelaySeconds: 30 + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + cpu: "2" + memory: "512Mi" + replicaCount: 1 + libreoffice: + livenessProbe: + initialDelaySeconds: 30 + resources: + requests: + cpu: "0.01" + memory: "512Mi" + limits: + cpu: "2" + memory: "1024Mi" + replicaCount: 1 + tika: + livenessProbe: + initialDelaySeconds: 30 + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + cpu: "2" + memory: "512Mi" + replicaCount: 1 + transformmisc: + livenessProbe: + initialDelaySeconds: 30 + periodSeconds: 60 + timeoutSeconds: 15 + resources: + requests: + cpu: "0.01" + memory: "256Mi" + limits: + cpu: "2" + memory: "512Mi" + replicaCount: 1 + transformrouter: + replicaCount: 1 + resources: + limits: + cpu: "2" + memory: "800Mi" + readinessProbe: + initialDelaySeconds: 40 + timeoutSeconds: 20 + livenessProbe: + initialDelaySeconds: 40 + timeoutSeconds: 20 +postgresql: + primary: + resources: + requests: + cpu: "0.01" + memory: "512Mi" + limits: + cpu: "2" + memory: "1Gi" +email: + server: + enabled: false + inbound: + enabled: false +imap: + server: + enabled: false +alfresco-sync-service: + postgresql: + primary: + resources: + requests: + cpu: "0.01" + memory: "512Mi" + limits: + cpu: "2" + memory: "1Gi"