-
Notifications
You must be signed in to change notification settings - Fork 1
Home
Welcome to the HAC-dev QE fork of an infra-deployments repository.
The code from this repository is used to run the long-living RHTAP backend used for HAC-dev jobs. It serves mainly for e2e tests running in the PR check and complex scenarios running daily.
As this fork is totally under the QE control, it allows them to choose a specific version in case some breaking change is introduced. In the past, it was useful when the core introduced an incompatible Chrome version. It's also possible to add some additional code to this repo.
This action synchronizes the upstream main branch with our main one. We use a preview.sh script with the main branch to deploy the backend for HAC-dev tests, which results in the backend watching the main-next branch. That means that the Merge upstream branches job is just updating the main branch, but the backend on the cluster is not updated.
This job bootstraps RHTAP backend on a cluster used for PR checks. It is mainly used to update the current version of the backend but also may be used to deploy the backend on a clean cluster in case the current one is destroyed. The code there also serves as a knowledge base for the setup of the testing cluster.
Pact broker is a database for contract testing between HAC-dev and other components. As it has to exist on some long-running cluster and is maintained by HAC-dev QE, it was decided to place it here. There is ApplicationSet described and deployment yamls live there. The script for the secret creation was also added to the hack folder. Using these resources, Pact broker can be deployed on any other cluster, if needed. The current Pact broker lives here. Ping kfoniok in case you need access and don't have credentials.
Related to the Pact broker deployment, there are some changes done in the hack/bootstrap-cluster.sh, hack/bootstrap-host-cluster.sh, hack/preview-template.env and hack/preview.sh files to include the broker as part of the application set maintained by ArgoCD. Those changes may cause the merge conflict during the Merge upstream branches job.
To get access to the cluster, ping kfoniok as she's the maintainer of the cluster. She will add your GitHub user ID to the cluster setup and invite your GitHub user to hac-devsandbox organization. Once you accept the invite, the cluster should be accessible to you.
- Log in to the OC server using oc login.
- Copy and run bellow script to create a new vCluster :
cat > "values.yaml" << EOF
openshift:
enable: true
sync:
networkpolicies:
enabled: true
serviceaccounts:
enabled: true
services:
syncServiceSelector: true
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
EOF
export VC_MANAGED=vc-e2e
echo "-- Creating a vcluster to import as a managed cluster"
oc create ns ${VC_MANAGED}
vcluster create ${VC_MANAGED} --connect=false --expose -f values.yaml --namespace=${VC_MANAGED}
echo "--- Export vcluster kubeconfig for managed cluster"
vcluster connect ${VC_MANAGED} --namespace="${VC_MANAGED}" --service-account=kube-system/admin --token-expiration=0 --cluster-role cluster-admin --update-current=false --insecure --kube-config=./${VC_MANAGED}.kubeconfig
- Retrieve the encoded vCluster kubeconfig and store it in the "vc-kubeconfig" vault key:
cat ./vc-e2e.kubeconfig | base64
- To delete the vCluster and namespace, use the following commands:
vcluster delete vc-e2e
oc delete ns vc-e2e
In case of any problems, feel free to contact kfoniok, jrichter or skhileri. You can also reach them on the hac-dev-qe slack channel.