After the introduction of ROOK_CEPH_CLUSTER_IMAGE in build.env, the
additional image needs to get pulled from the CI registry mirror and
pushed into the minikube VM.
Without this addition, the Docker Hub pull limits may prevent deploying
Rook.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
When the container image needs to be rebuild, two parallel jobs will try
to attempt that. With recent versions of Podman, this now fails.
When the image needs to be rebuild, do so in the stage where it would
otherwise get pulled. This makes sure the image gets build only once.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
There are timeouts happening where the logs do not show sufficient
output to diagnose the issue. These timeouts suggests that something
inside the minikube VM is not running as expected. Increasing the RAM to
12GB might help.
The bare-metal systems in the CentOS CI have a minimum of 16GB, so
running a single VM with 12GB should be possible.
See-also: https://wiki.centos.org/QaWiki/PubHardware
Updates: #1867
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Kubernetes v1.20 has been released, so lets use that for testing. Note
that v1.18 is still maintained, but our CI jobs will not consume it
anymore.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
New Kubernetes versions are now prefixed with "Kubernetes", like:
$ ./scripts/get_patch_release.py
Kubernetes v1.18.13
Kubernetes v1.17.15
Kubernetes v1.19.5
Kubernetes v1.20.0
Kubernetes v1.20.0-rc.0
v1.20.0-beta.2
v1.18.12
v1.19.4
v1.17.14
v1.20.0-beta.1
v1.20.0-beta.0
v1.20.0-alpha.3
v1.18.10
v1.17.13
The new "Kubernetes" prefix prevents the current logic to not match the
version. By splitting the returned version string on words, and
returning the last component in get_releases(), the script works as
intended again.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Add CI jobs for Kubernetes v1.20 testing. These jobs will run, but are
not (yet) required before changes get merged.
Updates: #1784
Signed-off-by: Niels de Vos <ndevos@redhat.com>
When podman2minukube is called, the output to stdout is lost. This makes
debugging issues difficult. Log the output, so that the name of the
image that is pushed into minikube can be verified.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The CI scripts pull all container images from the local CI registry. If
the image name starts with "docker.io/", the images will be pushed into
the test environment as "docker.io/docker.io/ceph/ceph:v15". This image
will not be used by the tests, so things can still fail in case Docker
Hub has reached the pull rate-limit.
By dropping the additional "docker.io/" from the BASE_IMAGE name, the
image gets pushed as "docker.io/ceph/ceph:v15" so the tests will use it
automatically.
Groovy-syntax: https://www.baeldung.com/groovy-remove-string-prefix#using-regex
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Instead of using a mirror, the CI registry is now pupulated with
container images that get pulled and tagged as if they get from Docker
Hub or other locations.
This is more of a manual mirror, as the Docker Registry mirror
functionality is not flexible enough for our usecase (push images
without providing them on docker.io).
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The mirror option of the Docker Registry container is very limited and
prevents updating or manually pushing images to the registry. Instead,
it tries to push the images to the docker.io, which is not what we need.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
docker.io/nginx:latest and docker.io/vault:latest are being redirected
to docker.io/library/. The redirection is not cached, and Docker Hub
might return an error during redirection when the pull rate-limit is
hit.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Deploying Ceph with Rook fails as the ceph/ceph:v15 base image can not
be pulled from within the minikube VM. By pushing the image into the VM,
but before deploying Rook, there should be no need to pull the image
from Docker Hub anymore.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Changes in scripts will affect the CI jobs as the scripts are used while
deploying minikube, Rook and other components. These changes need
testing, just like anything else.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Some versions of minikube/docker add a "localhost/" prefix to imported
images. In that case, the image needs to get tagged without the prefix
as well.
When running podman2minikube.sh, the docker process inside the minikube
VM sometimes responds with:
# ./podman2minikube.sh rook/ceph:v1.3.9
Loaded image: localhost/rook/ceph:v1.3.9
When the "localhost/" prefix is added to the image name, deploying Rook
will try to pull the rook/ceph:v1.3.9 image again. This can fail when
the Docker Hub pull rate-limit is hit.
Without the "localhost/" prefix, there should be no further attempt to
pull the image, as it should be detected that the image is available.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Unqualified container images are currently used for CI jobs. In the
future this is expected to change. By preparing the cache/mirror and
images in minikube with the qualified tags, transition to qualified
image names should become easier.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
In case ROOK_VERSION is set in build.env, use the version from there.
Otherwise fall back to version 1.3.9.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
This makes it possible to pull images from Docker Hub through the local
container image registry in the CI OpenShift deployment. The registry in
the CI is configured with the 'cephcsibot' account so that pulling
images is accounted towards the account, and not anonymous consumers
within the whole CentOS CI.
There should be no need to manually sync the images between the local
registry and Docker Hub anymore.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Functions with Groovy can not use `def ci_registry` as the variable is
not in the scope. Pass the registry to the podman_login() and
podman_pull() functions instead.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
A typo when calling podman_log() causes CI jobs to fail.
Fixes: 1eec379 "ci: pre-pull Ceph base-image and cephcsi:devel for mini-e2e-helm jobs"
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The same changes have been made for the mini-e2e jobs yesterday, and
those seem to work well. Use the same pre-pull method for the Helm
deployment.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
It seems that "podman pull" does not consume the authentication details
from ~/.docker/config.json, so store the results of "podman login" in
~/.podman-auth.json and use the file for all "podman pull" commands.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Once the ssh command finishes, the runtime directory is removed and the
results of "podman login" are lost. By storing the results in the
standard Docker configuration file, subsequent "podman pull" commands
will be able to re-use the authentication details.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The ${BASE_IMAGE} variable gets expanded by running the ssh command.
This becomes an empty variable, so the "echo" part of the command does
not output anything.
By escaping the command, there is no variable substitution, and the
BASE_IMAGE variable should get stored in the variable.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The commitlint job is not used normally, so there is no need to run it
when all CI jobs need retesting.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The BASE_IMAGE variable was not stored in the variable so that the CI
job can consume it. By using sh(), this should be the case now.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
In case the '--cmd' option is missing, usage() will be called and the
script exits with 0. A missing option is a failure, so make usage()
return and handle the exit status when usage() got called instead.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
As ${RUN_DISPLAY_URL} also matches the format for template
substitutions, it can not be used like this for all Jenkins Jobs Builder
files. Instead, $RUN_DISPLAY_URL can be used, as it does not have the
{curly_braces} format and the template engine skips it.
Fixes: 87870369 (ci: link to the job in the Blue Ocean webui)
Signed-off-by: Niels de Vos <ndevos@redhat.com>
In order to speed up testing, "go mod verify" can be run parallel from
other tests. Downloading and verifying all dependencies is the most time
consuming step in the containerized-test CI job.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
The new Blue Ocean webui is much easier to navigate than the traditional
Jenkins webui. Developers that want to check failures of CI jobs will be
able to find the logs much quicker as each stage/step has a clear
success or failed status.
Signed-off-by: Niels de Vos <ndevos@redhat.com>
There is no need to re-use different layers with the images that are
built. The separation of the layers causes more time to be used while
pulling the images, so flattening makes speeds up the CI jobs a little
(about 30 seconds from 2+ minutes).
Signed-off-by: Niels de Vos <ndevos@redhat.com>