From 4051ceebe536ccc2e460cc1fe8c60e55c944cb41 Mon Sep 17 00:00:00 2001 From: =?utf8?q?C=C3=A9dric=20Ollivier?= Date: Thu, 16 Jan 2025 17:50:11 +0100 Subject: [PATCH] Prepare Functest K8s v1.32 MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Change-Id: Iaa04d3fc408c6a92dcbbaf56b7922d7081ecd013 Signed-off-by: Cédric Ollivier --- .gitreview | 1 + README.md | 13 ++-- ansible/site.cntt.yml | 3 + ansible/site.gate.yml | 4 +- ansible/site.yml | 3 + build.sh | 70 +++++++++++----------- docker/benchmarking/Dockerfile | 6 +- docker/cnf/Dockerfile | 9 +-- docker/core/Dockerfile | 4 +- docker/healthcheck/Dockerfile | 13 ++-- docker/security/Dockerfile | 2 +- docker/smoke/Dockerfile | 2 +- .../install.d/16-functest-kubernetes | 10 ++-- .../security/kube-bench-master.yaml | 2 +- functest_kubernetes/security/kube-bench-node.yaml | 2 +- functest_kubernetes/security/kube-hunter.yaml | 2 +- tox.ini | 2 +- 17 files changed, 79 insertions(+), 69 deletions(-) diff --git a/.gitreview b/.gitreview index 84c0d555..1c514251 100644 --- a/.gitreview +++ b/.gitreview @@ -2,3 +2,4 @@ host=gerrit.opnfv.org port=29418 project=functest-kubernetes.git +defaultbranch=stable/v1.32 diff --git a/README.md b/README.md index 0b3d3b57..3252043b 100644 --- a/README.md +++ b/README.md @@ -21,7 +21,8 @@ datacenters as the lowest cost (50 euros hardware and software included). | v1.29 | v1.29 | | v1.30 | v1.30 | | v1.31 | v1.31 | -| **Master** | **latest** | +| **v1.32** | **v1.32** | +| Master | latest | ## Prepare your environment @@ -35,7 +36,7 @@ DEPLOY_SCENARIO=k8s-XXX ```bash sudo docker run --env-file env \ -v $(pwd)/config:/home/xtesting/.kube/config \ - opnfv/functest-kubernetes-healthcheck + opnfv/functest-kubernetes-healthcheck:v1.32 ``` ``` @@ -52,7 +53,7 @@ sudo docker run --env-file env \ ```bash sudo docker run --env-file env \ -v $(pwd)/config:/home/xtesting/.kube/config \ - opnfv/functest-kubernetes-smoke + opnfv/functest-kubernetes-smoke:v1.32 ``` ``` @@ -82,7 +83,7 @@ sudo docker run --env-file env \ ```bash sudo docker run --env-file env \ -v $(pwd)/config:/home/xtesting/.kube/config \ - opnfv/functest-kubernetes-security + opnfv/functest-kubernetes-security:v1.32 ``` ``` @@ -100,7 +101,7 @@ sudo docker run --env-file env \ ```bash sudo docker run --env-file env \ -v $(pwd)/config:/home/xtesting/.kube/config \ - opnfv/functest-kubernetes-benchmarking + opnfv/functest-kubernetes-benchmarking:v1.32 ``` ``` @@ -117,7 +118,7 @@ sudo docker run --env-file env \ ```bash sudo docker run --env-file env \ -v $(pwd)/config:/home/xtesting/.kube/config \ - opnfv/functest-kubernetes-cnf + opnfv/functest-kubernetes-cnf:v1.32 ``` ``` diff --git a/ansible/site.cntt.yml b/ansible/site.cntt.yml index f9bbef36..7822af28 100644 --- a/ansible/site.cntt.yml +++ b/ansible/site.cntt.yml @@ -4,6 +4,9 @@ - role: collivier.xtesting project: functest-kubernetes db_project: functest + docker_tags: + - v1.32: + branch: stable/v1.32 suites: - container: functest-kubernetes-healthcheck tests: diff --git a/ansible/site.gate.yml b/ansible/site.gate.yml index 1180905b..fbad221b 100644 --- a/ansible/site.gate.yml +++ b/ansible/site.gate.yml @@ -8,8 +8,8 @@ gerrit_project: functest-kubernetes git_url: https://gerrit.opnfv.org/gerrit/functest-kubernetes docker_tags: - - latest: - branch: master + - v1.32: + branch: stable/v1.32 dependency: '3.20' builds: dependency: diff --git a/ansible/site.yml b/ansible/site.yml index 7c8ddd7c..5989ab15 100644 --- a/ansible/site.yml +++ b/ansible/site.yml @@ -4,6 +4,9 @@ - role: collivier.xtesting project: functest-kubernetes db_project: functest + docker_tags: + - v1.32: + branch: stable/v1.32 suites: - container: functest-kubernetes-healthcheck tests: diff --git a/build.sh b/build.sh index 4db163de..659a5698 100644 --- a/build.sh +++ b/build.sh @@ -15,75 +15,75 @@ arm64_dirs=${arm64_dirs-${amd64_dirs}} build_opts=(--pull=true --no-cache --force-rm=true) find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-core|\ -${repo}/functest-kubernetes-core:amd64-latest|g" {} + + -e "s|opnfv/functest-kubernetes-core:v1.32|\ +${repo}/functest-kubernetes-core:amd64-v1.32|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-healthcheck|\ -${repo}/functest-kubernetes-healthcheck:amd64-latest|g" {} + + -e "s|opnfv/functest-kubernetes-healthcheck::v1.32|\ +${repo}/functest-kubernetes-healthcheck:amd64-v1.32|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-smoke|\ -${repo}/functest-kubernetes-smoke:amd64-latest|g" {} + + -e "s|opnfv/functest-kubernetes-smoke:v1.32|\ +${repo}/functest-kubernetes-smoke:amd64-v1.32|g" {} + for dir in ${amd64_dirs}; do (cd "${dir}" && docker build "${build_opts[@]}" \ - -t "${repo}/functest-kubernetes-${dir##**/}:amd64-latest" .) - docker push "${repo}/functest-kubernetes-${dir##**/}:amd64-latest" + -t "${repo}/functest-kubernetes-${dir##**/}:amd64-v1.32" .) + docker push "${repo}/functest-kubernetes-${dir##**/}:amd64-v1.32" [ "${dir}" != "docker/core" ] && (docker rmi \ - "${repo}/functest-kubernetes-${dir##**/}:amd64-latest" || true) + "${repo}/functest-kubernetes-${dir##**/}:amd64-v1.32" || true) done [ ! -z "${amd64_dirs}" ] && (docker rmi \ - "${repo}/functest-kubernetes-core:amd64-latest" \ - alpine:3.16 || true) + "${repo}/functest-kubernetes-core:amd64-v1.32" \ + alpine:3.20 || true) find . -name Dockerfile -exec git checkout {} + find . -name Dockerfile -exec sed -i \ - -e "s|alpine:3.16|arm64v8/alpine:3.16|g" {} + + -e "s|alpine:3.20|arm64v8/alpine:3.20|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-core|\ -${repo}/functest-kubernetes-core:arm64-latest|g" {} + + -e "s|opnfv/functest-kubernetes-core:v1.32|\ +${repo}/functest-kubernetes-core:arm64-v1.32|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-healthcheck|\ -${repo}/functest-kubernetes-healthcheck:arm64-latest|g" {} + + -e "s|opnfv/functest-kubernetes-healthcheck:v1.32|\ +${repo}/functest-kubernetes-healthcheck:arm64-v1.32|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-smoke|\ -${repo}/functest-kubernetes-smoke:arm64-latest|g" {} + + -e "s|opnfv/functest-kubernetes-smoke:v1.32|\ +${repo}/functest-kubernetes-smoke:arm64-v1.32|g" {} + for dir in ${arm64_dirs}; do (cd "${dir}" && docker build "${build_opts[@]}" \ - -t "${repo}/functest-kubernetes-${dir##**/}:arm64-latest" .) - docker push "${repo}/functest-kubernetes-${dir##**/}:arm64-latest" + -t "${repo}/functest-kubernetes-${dir##**/}:arm64-v1.32" .) + docker push "${repo}/functest-kubernetes-${dir##**/}:arm64-v1.32" [ "${dir}" != "docker/core" ] && (docker rmi \ - "${repo}/functest-kubernetes-${dir##**/}:arm64-latest" || true) + "${repo}/functest-kubernetes-${dir##**/}:arm64-v1.32" || true) done [ ! -z "${arm64_dirs}" ] && - (docker rmi "${repo}/functest-kubernetes-core:arm64-latest" \ - arm64v8/alpine:3.16 || true) + (docker rmi "${repo}/functest-kubernetes-core:arm64-v1.32" \ + arm64v8/alpine:3.20 || true) find . -name Dockerfile -exec git checkout {} + find . -name Dockerfile -exec sed -i \ - -e "s|alpine:3.16|arm32v7/alpine:3.16|g" {} + + -e "s|alpine:3.20|arm32v7/alpine:3.20|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-core|\ -${repo}/functest-kubernetes-core:arm-latest|g" {} + + -e "s|opnfv/functest-kubernetes-core:v1.32|\ +${repo}/functest-kubernetes-core:arm-v1.32|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-healthcheck|\ -${repo}/functest-kubernetes-healthcheck:arm-latest|g" {} + + -e "s|opnfv/functest-kubernetes-healthcheck:v1.32|\ +${repo}/functest-kubernetes-healthcheck:arm-v1.32|g" {} + find . -name Dockerfile -exec sed -i \ - -e "s|opnfv/functest-kubernetes-smoke|\ -${repo}/functest-kubernetes-smoke:arm-latest|g" {} + + -e "s|opnfv/functest-kubernetes-smoke:v1.32|\ +${repo}/functest-kubernetes-smoke:arm-v1.32|g" {} + for dir in ${arm_dirs}; do (cd "${dir}" && docker build "${build_opts[@]}" \ - -t "${repo}/functest-kubernetes-${dir##**/}:arm-latest" .) - docker push "${repo}/functest-kubernetes-${dir##**/}:arm-latest" + -t "${repo}/functest-kubernetes-${dir##**/}:arm-v1.32" .) + docker push "${repo}/functest-kubernetes-${dir##**/}:arm-v1.32" [ "${dir}" != "docker/core" ] && (docker rmi \ - "${repo}/functest-kubernetes-${dir##**/}:arm-latest" || true) + "${repo}/functest-kubernetes-${dir##**/}:arm-v1.32" || true) done [ ! -z "${arm_dirs}" ] && - (docker rmi "${repo}/functest-kubernetes-core:arm-latest" \ - arm32v7/alpine:3.16 || true) + (docker rmi "${repo}/functest-kubernetes-core:arm-v1.32" \ + arm32v7/alpine:3.20 || true) find . -name Dockerfile -exec git checkout {} + exit $? diff --git a/docker/benchmarking/Dockerfile b/docker/benchmarking/Dockerfile index 45c72277..0c1635db 100644 --- a/docker/benchmarking/Dockerfile +++ b/docker/benchmarking/Dockerfile @@ -1,7 +1,7 @@ -FROM opnfv/functest-kubernetes-smoke +FROM opnfv/functest-kubernetes-smoke:v1.32 -ARG NETPERF_TAG=master -ARG PLOTPERF_TAG=master +ARG NETPERF_TAG=1104ce23f6c1758796e88f3c23b050099074cf81 +ARG PLOTPERF_TAG=2455313f4b9581795a8f642243acaad472d91804 USER root COPY plotperf.py.patch /tmp/plotperf.py.patch diff --git a/docker/cnf/Dockerfile b/docker/cnf/Dockerfile index ceaf5ba4..12e1d8c9 100644 --- a/docker/cnf/Dockerfile +++ b/docker/cnf/Dockerfile @@ -1,14 +1,15 @@ -FROM opnfv/functest-kubernetes-core +FROM opnfv/functest-kubernetes-core:v1.32 -ARG CNF_TESTSUITE_TAG=v1.3.3 +ARG K8S_TAG=1.32 +ARG CNF_TESTSUITE_TAG=v1.4.0 ARG HELM_TAG=v3.6.0 USER root RUN apk --no-cache add --update wget curl ncurses git yaml openssl zlib && \ apk --no-cache add --virtual .build-deps --update crystal shards make yaml-dev openssl-dev zlib-dev patch openssl-libs-static yaml-static zlib-static && \ - tag=$(curl -s https://storage.googleapis.com/kubernetes-release/release/latest.txt) && \ + tag=$(curl -Ls https://dl.k8s.io/release/stable-$K8S_TAG.txt) && \ case $(uname -m) in armv7l) arch=arm;; aarch64) arch=arm64;; x86_64) arch=amd64;; esac && \ - curl https://storage.googleapis.com/kubernetes-release/release/$tag/bin/linux/$arch/kubectl \ + curl -Ls https://dl.k8s.io/release/$tag/bin/linux/$arch/kubectl \ --output /usr/local/bin/kubectl && \ curl https://get.helm.sh/helm-$HELM_TAG-linux-$arch.tar.gz \ --output /src/helm-$HELM_TAG-linux-$arch.tar.gz && \ diff --git a/docker/core/Dockerfile b/docker/core/Dockerfile index 8ebd2c51..0cfd953c 100644 --- a/docker/core/Dockerfile +++ b/docker/core/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.20 -ARG BRANCH=master -ARG OPENSTACK_TAG=master +ARG BRANCH=stable/v1.32 +ARG OPENSTACK_TAG=stable/2024.2 COPY Try-a-quick-fix-vs-asynchronuous-issues.patch /tmp/Try-a-quick-fix-vs-asynchronuous-issues.patch COPY Switch-to-threading.Thread-for-Rally-tasks.patch /tmp/Switch-to-threading.Thread-for-Rally-tasks.patch diff --git a/docker/healthcheck/Dockerfile b/docker/healthcheck/Dockerfile index b8970d98..a7a29347 100644 --- a/docker/healthcheck/Dockerfile +++ b/docker/healthcheck/Dockerfile @@ -1,13 +1,14 @@ -FROM opnfv/functest-kubernetes-core +FROM opnfv/functest-kubernetes-core:v1.32 +ARG K8S_TAG=1.32 USER root RUN apk --no-cache add --update curl libc6-compat && \ - tag=$(curl -s https://storage.googleapis.com/kubernetes-release/release/latest-1.30.txt) && \ + tag=$(curl -Ls https://dl.k8s.io/release/stable-$K8S_TAG.txt) && \ case $(uname -m) in armv7l) arch=arm;; aarch64) arch=arm64;; x86_64) arch=amd64;; esac && \ - curl https://storage.googleapis.com/kubernetes-release/release/$tag/bin/linux/$arch/kubectl \ - -s --output /usr/local/bin/kubectl && \ - curl https://storage.googleapis.com/kubernetes-release/release/$tag/kubernetes-test-linux-$arch.tar.gz \ - -s --output /src/kubernetes-test-linux-$arch.tar.gz && \ + curl -Ls https://dl.k8s.io/release/$tag/bin/linux/$arch/kubectl \ + --output /usr/local/bin/kubectl && \ + curl -Ls https://dl.k8s.io/release/$tag/kubernetes-test-linux-$arch.tar.gz \ + --output /src/kubernetes-test-linux-$arch.tar.gz && \ tar zxf /src/kubernetes-test-linux-$arch.tar.gz kubernetes/test/bin/e2e.test kubernetes/test/bin/ginkgo -C /src && \ mv /src/kubernetes/test/bin/e2e.test /src/kubernetes/test/bin/ginkgo /usr/local/bin/ && \ chmod +x /usr/local/bin/kubectl /usr/local/bin/e2e.test /usr/local/bin/ginkgo && \ diff --git a/docker/security/Dockerfile b/docker/security/Dockerfile index 5ecdc9bd..cc1e29a0 100644 --- a/docker/security/Dockerfile +++ b/docker/security/Dockerfile @@ -1,3 +1,3 @@ -FROM opnfv/functest-kubernetes-core +FROM opnfv/functest-kubernetes-core:v1.32 COPY testcases.yaml /etc/xtesting/testcases.yaml diff --git a/docker/smoke/Dockerfile b/docker/smoke/Dockerfile index 1ae498dc..7bb0bec7 100644 --- a/docker/smoke/Dockerfile +++ b/docker/smoke/Dockerfile @@ -1,4 +1,4 @@ -FROM opnfv/functest-kubernetes-healthcheck +FROM opnfv/functest-kubernetes-healthcheck:v1.32 COPY testcases.yaml /etc/xtesting/testcases.yaml CMD ["run_tests", "-t", "all"] diff --git a/elements/functest-kubernetes/install.d/16-functest-kubernetes b/elements/functest-kubernetes/install.d/16-functest-kubernetes index e2144e76..44395971 100755 --- a/elements/functest-kubernetes/install.d/16-functest-kubernetes +++ b/elements/functest-kubernetes/install.d/16-functest-kubernetes @@ -1,11 +1,11 @@ #!/bin/bash download-frozen-image-v2.sh /data/docker/functest-kubernetes \ - opnfv/functest-kubernetes-healthcheck:latest \ - opnfv/functest-kubernetes-smoke:latest \ - opnfv/functest-kubernetes-benchmarking:latest \ - opnfv/functest-kubernetes-security:latest \ - opnfv/functest-kubernetes-cnf:latest + opnfv/functest-kubernetes-healthcheck:v1.32 \ + opnfv/functest-kubernetes-smoke:v1.32 \ + opnfv/functest-kubernetes-benchmarking:v1.32 \ + opnfv/functest-kubernetes-security:v1.32 \ + opnfv/functest-kubernetes-cnf:v1.32 git clone https://git.opnfv.org/functest-kubernetes /home/debian/functest-kubernetes chown -R 1000:1000 /home/debian/functest-kubernetes diff --git a/functest_kubernetes/security/kube-bench-master.yaml b/functest_kubernetes/security/kube-bench-master.yaml index ccfc842b..b901bc51 100644 --- a/functest_kubernetes/security/kube-bench-master.yaml +++ b/functest_kubernetes/security/kube-bench-master.yaml @@ -26,7 +26,7 @@ spec: effect: NoSchedule containers: - name: kube-bench - image: {{ dockerhub_repo }}/aquasec/kube-bench:latest + image: {{ dockerhub_repo }}/aquasec/kube-bench:v0.6.10 command: ["kube-bench", "run", "--targets", "master", "--json"] volumeMounts: - name: var-lib-etcd diff --git a/functest_kubernetes/security/kube-bench-node.yaml b/functest_kubernetes/security/kube-bench-node.yaml index 03d428ad..43746a0b 100644 --- a/functest_kubernetes/security/kube-bench-node.yaml +++ b/functest_kubernetes/security/kube-bench-node.yaml @@ -9,7 +9,7 @@ spec: hostPID: true containers: - name: kube-bench - image: {{ dockerhub_repo }}/aquasec/kube-bench:latest + image: {{ dockerhub_repo }}/aquasec/kube-bench:v0.6.10 command: ["kube-bench", "run", "--targets", "node", "--json"] volumeMounts: - name: var-lib-etcd diff --git a/functest_kubernetes/security/kube-hunter.yaml b/functest_kubernetes/security/kube-hunter.yaml index 0b58cab7..d1169618 100644 --- a/functest_kubernetes/security/kube-hunter.yaml +++ b/functest_kubernetes/security/kube-hunter.yaml @@ -7,7 +7,7 @@ spec: spec: containers: - name: kube-hunter - image: {{ dockerhub_repo }}/aquasec/kube-hunter:latest + image: {{ dockerhub_repo }}/aquasec/kube-hunter:0.6.8 command: ["kube-hunter"] args: ["--pod", "--report", "json", "--statistics"] restartPolicy: Never diff --git a/tox.ini b/tox.ini index 99fd41b6..7853c1b9 100644 --- a/tox.ini +++ b/tox.ini @@ -5,7 +5,7 @@ envlist = pep8,pylint,yamllint,bashate,py312,bandit,perm usedevelop = True deps = -c{toxinidir}/upper-constraints.txt - -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/openstack/requirements/raw/branch/master/upper-constraints.txt} + -c{env:UPPER_CONSTRAINTS_FILE:https://opendev.org/openstack/requirements/raw/branch/stable/2024.2/upper-constraints.txt} -r{toxinidir}/requirements.txt -r{toxinidir}/test-requirements.txt install_command = pip install --use-deprecated=legacy-resolver {opts} {packages} -- 2.16.6