Cleanup namespaces (#4985)

* Script for cleaning projects Signed-off-by: anandrkskd <anandrkskd@gmail.com> * adding script,function for cleaning projects Signed-off-by: anandrkskd <anandrkskd@gmail.com> * generify function Signed-off-by: anandrkskd <anandrkskd@gmail.com> * updated with comment Signed-off-by: anandrkskd <anandrkskd@gmail.com> * update script and use ioutil.writefile Signed-off-by: anandrkskd <anandrkskd@gmail.com> * file permission change to 0600 Signed-off-by: anandrkskd <anandrkskd@gmail.com> * add labels and label checks Signed-off-by: anandrkskd <anandrkskd@gmail.com> * rebase typo fix Signed-off-by: anandrkskd <anandrkskd@gmail.com> * remove labels, add configmaps with data, team and type Signed-off-by: anandrkskd <anandrkskd@gmail.com> * use odo to create project Signed-off-by: anandrkskd <anandrkskd@gmail.com> * add team check for cleanup Signed-off-by: anandrkskd <anandrkskd@gmail.com> * remove namespace labeling Signed-off-by: anandrkskd <anandrkskd@gmail.com> * rebase Signed-off-by: anandrkskd <anandrkskd@gmail.com> * fix lint error Signed-off-by: anandrkskd <anandrkskd@gmail.com>
2025-10-19 03:06:19 +03:00 · 2021-09-03 11:15:11 +05:30
parent 354a9d033e
commit 74f63b9c4f
6 changed files with 122 additions and 1 deletions
--- a/scripts/clean-old-namespace-from-cluster.sh
+++ b/scripts/clean-old-namespace-from-cluster.sh
@@ -0,0 +1,47 @@
+#!/usr/bin/env sh
+# this scripts logins as kubeadmin and removes the namespaces that are more than oneday old.
+# this script is used in a kubernetes cronjob for PSI/IBM cloud openshift cluster.
+
+# TEAM_PROVIDED is used to check if the namespace belongs to that team or not 
+TEAM_PROVIDED=${TEAM_PROVIDED:-"odo"}
+
+# login as kubeadmin
+if [[ $CLUSTER_TYPE == "PSI" ]]; then
+     #PSI cluster login
+     oc login -u kubeadmin -p ${OCP4X_KUBEADMIN_PASSWORD} --insecure-skip-tls-verify ${OCP4X_API_URL}
+else
+     # Login to cluster in IBM Cloud using cluster API key
+     oc login -u ${IBM_OC_LOGIN_USER} -p ${IBMC_ADMIN_OCLOGIN_APIKEY} --server=${IBMC_OCP47_SERVER}
+fi
+
+# PROJECT_AND_TIME var will contain namespace and date with time seperated with `|`
+# PROJECT_AND_TIME is selected using labels app and team. e.g: app=test and team=odo
+# eg. cmd-push-test157kgb|2021-08-17T12:40:20Z
+PROJECT_AND_TIME=$(kubectl get namespace -o jsonpath='{range .items[*]}{.metadata.name}{"|"}{.metadata.creationTimestamp} {"\n"}{end}' | grep -v '^openshift\|^kube\|^default\|^ibm\|^calico\|^tigera\|^odo-operator-test')
+
+for PROJECT in ${PROJECT_AND_TIME}; do
+    IFS='|' read -r PRJ TIME <<<"$PROJECT" # seperate the Namespace and time of creation using IFS(Input Field Seperators) value `|`
+
+    CONFIGMAP=$(kubectl get configmaps -n $PRJ -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}' | grep config-map-for-cleanup) # check if PROJECT contains configmap named 'config-map-for-cleanup'
+                                                                                                                                    # if not then the value of CONFIGMAP will be empty
+    if [[ ! -z $CONFIGMAP ]]; then
+
+        TEAMANDTYPE=$(kubectl get configmaps $CONFIGMAP -n $PRJ -o jsonpath='{.data.team}{"|"}{.data.type}') # fetch team and tyoe(testing) data from the configmap
+        IFS='|' read -r TEAM TYPE <<<"$TEAMANDTYPE"                                                          # seperate the TEAM and TYPE of creation using IFS(Input Field Seperators) value `|`
+
+        if [[ $TYPE -eq "testing" ]] &&  [[ $TEAM -eq $TEAM_PROVIDED ]]; then # check if type if testing
+
+            dtSec=$(date --date "${TIME}" +'%s')    # convert time in sec for namespace age
+            taSec=$(date --date "1 days ago" +'%s') # convert time allowed for the namespace to be in the cluster
+
+            if [ $dtSec -lt $taSec ]; then
+                echo "INFO: Project="${PRJ}, "Date=" ${TIME}
+                echo too old project : ${TIME}
+                # delete namespace
+                echo Delete project : ${PRJ}
+                kubectl delete namespace ${PRJ} # delete namespace
+                echo ---------
+            fi
+        fi
+    fi
+done
--- a/tests/e2escenarios/e2e_images_test.go
+++ b/tests/e2escenarios/e2e_images_test.go
@@ -25,6 +25,7 @@ var _ = Describe("odo supported images e2e tests", func() {
 		// initialize oc runner
 		oc = helper.NewOcRunner("oc")
 		commonVar = helper.CommonBeforeEach()
+		oc.AddSecret(commonVar)
 	})

 	// Clean up after the test
--- a/tests/e2escenarios/e2e_java_test.go
+++ b/tests/e2escenarios/e2e_java_test.go
@@ -23,6 +23,7 @@ var _ = Describe("odo java e2e tests", func() {
 		// initialize oc runner
 		oc = helper.NewOcRunner("oc")
 		commonVar = helper.CommonBeforeEach()
+		oc.AddSecret(commonVar)
 	})

 	// Clean up after the test
--- a/tests/e2escenarios/e2e_source_test.go
+++ b/tests/e2escenarios/e2e_source_test.go
@@ -18,6 +18,7 @@ var _ = Describe("odo source e2e tests", func() {
 		// initialize oc runner
 		oc = helper.NewOcRunner("oc")
 		commonVar = helper.CommonBeforeEach()
+		oc.AddSecret(commonVar)
 	})

 	// Clean up after the test
--- a/tests/helper/helper_kubectl.go
+++ b/tests/helper/helper_kubectl.go
@@ -163,6 +163,7 @@ func (kubectl KubectlRunner) createRandNamespaceProject(projectName string) stri
 	Cmd("kubectl", "config", "set-context", "--current", "--namespace", projectName).ShouldPass()
 	session := Cmd("kubectl", "get", "namespaces").ShouldPass().Out()
 	Expect(session).To(ContainSubstring(projectName))
+	kubectl.addConfigMapForCleanup(projectName) //add configmap for cleanup
 	return projectName
 }

@@ -339,3 +340,8 @@ func (kubectl KubectlRunner) GetEnvFromEntry(componentName string, appName strin
 func (kubectl KubectlRunner) GetVolumeNamesFromDeployment(componentName, appName, projectName string) map[string]string {
 	return GetVolumeNamesFromDeployment(kubectl.path, componentName, appName, projectName)
 }
+
+// add config map to the project for cleanup
+func (kubectl KubectlRunner) addConfigMapForCleanup(projectName string) {
+	Cmd(kubectl.path, "create", "configmap", "config-map-for-cleanup", "--from-literal", "type=testing", "--from-literal", "team=odo", "-n", projectName).ShouldPass()
+}
--- a/tests/helper/helper_oc.go
+++ b/tests/helper/helper_oc.go
@@ -3,6 +3,8 @@ package helper
 import (
 	"bufio"
 	"fmt"
+	"io/ioutil"
+	"os"
 	"regexp"
 	"strings"
 	"time"
@@ -629,8 +631,8 @@ func (oc OcRunner) CreateRandNamespaceProjectOfLength(i int) string {
 func (oc OcRunner) createRandNamespaceProject(projectName string) string {
 	fmt.Fprintf(GinkgoWriter, "Creating a new project: %s\n", projectName)
 	session := Cmd("odo", "project", "create", projectName, "-w", "-v4").ShouldPass().Out()
-	Expect(session).To(ContainSubstring("New project created"))
 	Expect(session).To(ContainSubstring(projectName))
+	oc.addConfigMapForCleanup(projectName)
 	return projectName
 }

@@ -772,6 +774,69 @@ func (oc OcRunner) GetVolumeNamesFromDeployment(componentName, appName, projectN
 	return GetVolumeNamesFromDeployment(oc.path, componentName, appName, projectName)
 }

+// AddSecret adds pull-secret to the namespace, for e2e-test
+func (oc OcRunner) AddSecret(comvar CommonVar) {
+
+	clusterType := os.Getenv("CLUSTER_TYPE")
+	if clusterType == "PSI" || clusterType == "IBM" {
+
+		token := oc.doAsAdmin(clusterType)
+
+		yaml := Cmd(oc.path, "get", "secret", "pull-secret", "-n", "openshift-config", "-o", "yaml").ShouldPass().Out()
+		newYaml := strings.Replace(yaml, "openshift-config", comvar.Project, -1)
+		filename := fmt.Sprint(RandString(4), ".yaml")
+		newYamlinByte := []byte(newYaml)
+		err := ioutil.WriteFile(filename, newYamlinByte, 0600)
+		if err != nil {
+			fmt.Println(err)
+		}
+		Cmd(oc.path, "apply", "-f", filename).ShouldPass()
+		os.Remove(filename)
+		oc.doAsDeveloper(token, clusterType)
+	}
+
+}
+
+// doAsAdmin logins as admin to perform some task that requires admin privileges
+func (oc OcRunner) doAsAdmin(clusterType string) string {
+	//save token for developer
+	token := oc.GetToken()
+	if clusterType == "PSI" || clusterType == "IBM" {
+
+		adminToken := os.Getenv("IBMC_OCLOGIN_APIKEY")
+		if adminToken != "" {
+			ibmcloudAdminToken := os.Getenv("IBMC_ADMIN_LOGIN_APIKEY")
+			cluster := os.Getenv("IBMC_OCP47_SERVER")
+			//login ibmcloud
+			Cmd("ibmcloud", "login", "--apikey", ibmcloudAdminToken, "-r", "eu-de", "-g", "Developer-CI-and-QE")
+			//login as admin in cluster
+			Cmd(oc.path, "login", "--token=", adminToken, "--server=", cluster)
+		} else {
+			pass := os.Getenv("OCP4X_KUBEADMIN_PASSWORD")
+			cluster := os.Getenv("OCP4X_API_URL")
+			//login as kubeadmin
+			Cmd(oc.path, "login", "-u", "kubeadmin", "-p", pass, cluster).ShouldPass()
+		}
+	}
+	return token
+}
+
+//  doAsDeveloper logins as developer to perform some task
+func (oc OcRunner) doAsDeveloper(token, clusterType string) {
+
+	if clusterType == "IBM" {
+		ibmcloudDeveloperToken := os.Getenv("IBMC_DEVELOPER_LOGIN_APIKEY")
+		Cmd("ibmcloud", "login", "--apikey", ibmcloudDeveloperToken, "-r", "eu-de", "-g", "Developer-CI-and-QE")
+		//login as developer using token
+	}
+	oc.LoginUsingToken(token)
+}
+
+// add config map to the project for cleanup
+func (oc OcRunner) addConfigMapForCleanup(projectName string) {
+	Cmd(oc.path, "create", "configmap", "config-map-for-cleanup", "--from-literal", "type=testing", "--from-literal", "team=odo", "-n", projectName).ShouldPass()
+}
+
 func (oc OcRunner) Logout() {
 	Cmd(oc.path, "logout")
 }