Splitting configure-installer-test-cluster into a library. (#4194)

* Spliting configure-installer-test-cluster into a library. Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Fixing password for developer and libdir Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Some fixes Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Fixing periodic tests developer pass Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Changing way script gets it current dir Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Renameing function and doing a set -e Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Fixup for usage where caller script is called with `.` Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Updating remaining scripts to use same auth lib Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Moving htpass up one level Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Adding some echos Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Setting +e for login Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com> * Removing exit on error for parts of the script, where it should not matter Signed-off-by: Mohammed Zeeshan Ahmed <mohammed.zee1000@gmail.com>
2025-10-19 03:06:19 +03:00 · 2020-11-25 01:03:23 +05:30
parent 809462a1c9
commit c941d6932d
8 changed files with 134 additions and 254 deletions
--- a/scripts/configure-cluster/common/auth.sh
+++ b/scripts/configure-cluster/common/auth.sh
@@ -0,0 +1,108 @@
+#!/usr/bin/env bash
+
+set -e
+
+HTPASSWD_FILE="./htpass"
+HTPASSWD_SECRET="htpasswd-secret"
+USERPASS="password@123"
+
+createhtpasswd() {
+    echo "Creating htpasswd"
+    # List of users to create
+    USERS="developer odonoprojectattemptscreate odosingleprojectattemptscreate odologinnoproject odologinsingleproject1"
+    # Remove existing htpasswd file, if any
+    if [ -f $HTPASSWD_FILE ]; then
+        rm -rf $HTPASSWD_FILE
+    fi
+
+    # Set so first time -c parameter gets applied to htpasswd
+    HTPASSWD_CREATED=" -c "
+
+    # Create htpasswd entries for all listed users
+    for i in `echo $USERS`; do
+        htpasswd -b $HTPASSWD_CREATED $HTPASSWD_FILE $i $USERPASS
+        HTPASSWD_CREATED=""
+    done
+}
+
+createclustersecret() {
+    # Create secret in cluster, removing if it already exists
+    echo "Creating cluster secret for htpasswd"
+    oc get secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
+    if [ $? -eq 0 ]; then
+        oc delete secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
+    fi
+    oc create secret generic ${HTPASSWD_SECRET} --from-file=htpasswd=${HTPASSWD_FILE} -n openshift-config
+}
+
+configureclusterauth() {
+    # Upload htpasswd as new login config
+    echo "configuring cluster to use configured auth"
+oc apply -f - <<EOF
+apiVersion: config.openshift.io/v1
+kind: OAuth
+metadata:
+  name: cluster
+spec:
+  identityProviders:
+  - name: htpassidp1
+    challenge: true
+    login: true
+    mappingMethod: claim
+    type: HTPasswd
+    htpasswd:
+      fileData:
+        name: ${HTPASSWD_SECRET}
+EOF
+}
+
+waitforstablelogin() {
+    echo "ensuring login api stability"
+    OC_STABLE_LOGIN="false"
+    # Login as developer and check for stable server
+    for i in {1..40}; do
+        # Try logging in as developer
+        oc login -u developer -p $USERPASS &> /dev/null
+        if [ $? -eq 0 ]; then
+            # If login succeeds, assume success
+    	    OC_STABLE_LOGIN="true"
+            # Attempt failure of `oc whoami`
+            for j in {1..25}; do
+                oc whoami &> /dev/null
+                if [ $? -ne 0 ]; then
+                    # If `oc whoami` fails, assume fail and break out of trying `oc whoami`
+                    OC_STABLE_LOGIN="false"
+                    break
+                fi
+                sleep 2
+            done
+            # If `oc whoami` never failed, break out trying to login again
+            if [ $OC_STABLE_LOGIN == "true" ]; then
+                break
+            fi
+        fi
+        sleep 3
+    done
+    if [ $OC_STABLE_LOGIN == "false" ]; then
+        echo "Failed to login as developer"
+        exit 1
+    fi
+}
+
+setupfirstproject() {
+    echo "Setting up first project"
+    # Setup project
+    oc new-project myproject
+    sleep 4
+    oc version
+    # Project list
+    oc projects
+}
+
+createhtpasswd
+set +e
+createclustersecret
+configureclusterauth
+waitforstablelogin
+set -e
+setupfirstproject
--- a/scripts/configure-cluster/common/setup-operators.sh
+++ b/scripts/configure-cluster/common/setup-operators.sh
--- a/scripts/configure-installer-tests-cluster-ppc64le.sh
+++ b/scripts/configure-installer-tests-cluster-ppc64le.sh
@@ -2,10 +2,10 @@
 set -x
 # Setup to find nessasary data from cluster setup
 ## Constants
-HTPASSWD_FILE="./htpass"
-USERPASS="developer"
-HTPASSWD_SECRET="htpasswd-secret"
-#SETUP_OPERATORS="./scripts/setup-operators.sh"
+LIBDIR="./scripts/configure-cluster"
+LIBCOMMON="$LIBDIR/common"
+SETUP_OPERATORS="$LIBCOMMON/setup-operators.sh"
+AUTH_SCRIPT="$LIBCOMMON/auth.sh"
 # Overrideable information
 DEFAULT_INSTALLER_ASSETS_DIR=${DEFAULT_INSTALLER_ASSETS_DIR:-$(pwd)}
 KUBEADMIN_USER=${KUBEADMIN_USER:-"kubeadmin"}
@@ -55,7 +55,7 @@ fi
 ## Create a new namesapce which will be used for OperatorHub checks
 #oc new-project $CI_OPERATOR_HUB_PROJECT
 ## Let developer user have access to the project
-oc adm policy add-role-to-user edit developer
+#oc adm policy add-role-to-user edit developer

 #sh $SETUP_OPERATORS
 # OperatorHub setup complete
@@ -70,20 +70,6 @@ for i in `echo $IMAGE_TEST_NAMESPACES`; do
    oc adm policy add-role-to-user edit developer
 done

-# Remove existing htpasswd file, if any
-if [ -f $HTPASSWD_FILE ]; then
-    rm -rf $HTPASSWD_FILE
-fi
-
-# Set so first time -c parameter gets applied to htpasswd
-HTPASSWD_CREATED=" -c "
-
-# Create htpasswd entries for all listed users
-for i in `echo $USERS`; do
-    htpasswd -b $HTPASSWD_CREATED $HTPASSWD_FILE $i $USERPASS
-    HTPASSWD_CREATED=""
-done
-
 #Missing required images in OpenShift and Adding it manually to cluster
 oc apply -n openshift -f https://raw.githubusercontent.com/openshift/library/master/arch/ppc64le/official/nodejs/imagestreams/nodejs-rhel.json
 sleep 15
@@ -117,69 +103,11 @@ oc apply -n openshift -f https://raw.githubusercontent.com/openshift/library/mas
 sleep 15
 oc annotate istag/python:latest --namespace=openshift tags=builder --overwrite

-# Create secret in cluster, removing if it already exists
-oc get secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
-if [ $? -eq 0 ]; then
-    oc delete secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
-fi
-oc create secret generic ${HTPASSWD_SECRET} --from-file=htpasswd=${HTPASSWD_FILE} -n openshift-config
+sh $AUTH_SCRIPT

-# Upload htpasswd as new login config
-oc apply -f - <<EOF
-apiVersion: config.openshift.io/v1
-kind: OAuth
-metadata:
-  name: cluster
-spec:
-  identityProviders:
-  - name: htpassidp1
-    challenge: true
-    login: true
-    mappingMethod: claim
-    type: HTPasswd
-    htpasswd:
-      fileData:
-        name: ${HTPASSWD_SECRET}
-EOF
-
-# Login as developer and check for stable server
-for i in {1..40}; do
-    # Try logging in as developer
-    #oc login -u developer -p $USERPASS &> /dev/null
-    KUBEADMIN_PASSWORD=`cat $KUBEADMIN_PASSWORD_FILE`
-    oc login -u $KUBEADMIN_USER -p $KUBEADMIN_PASSWORD &> /dev/null
-    if [ $? -eq 0 ]; then
-        # If login succeeds, assume success
-	    OC_STABLE_LOGIN="true"
-        # Attempt failure of `oc whoami`
-        for j in {1..25}; do
-            oc whoami &> /dev/null
-            if [ $? -ne 0 ]; then
-                # If `oc whoami` fails, assume fail and break out of trying `oc whoami`
-                OC_STABLE_LOGIN="false"
-                break
-            fi
-            sleep 2
-        done
-        # If `oc whoami` never failed, break out trying to login again
-        if [ $OC_STABLE_LOGIN == "true" ]; then
-            break
-        fi
-    fi
-    sleep 3
-done
-
-if [ $OC_STABLE_LOGIN == "false" ]; then
-    echo "Failed to login as developer"
-    exit 1
-fi
-
-# Setup project
-oc new-project myproject
+KUBEADMIN_PASSWORD=`cat $KUBEADMIN_PASSWORD_FILE`
+oc login -u $KUBEADMIN_USER -p $KUBEADMIN_PASSWORD &> /dev/null
 oc get secret pull-secret -n openshift-config -o yaml | sed "s/openshift-config/myproject/g" | oc apply -f -
-oc adm policy add-role-to-user edit developer
-sleep 4
-oc version

 # Project list
 oc projects
--- a/scripts/configure-installer-tests-cluster-s390x.sh
+++ b/scripts/configure-installer-tests-cluster-s390x.sh
@@ -2,24 +2,19 @@
 set -x
 # Setup to find nessasary data from cluster setup
 ## Constants
-HTPASSWD_FILE="./htpass"
-USERPASS="developer"
-HTPASSWD_SECRET="htpasswd-secret"
-#SETUP_OPERATORS="./scripts/setup-operators.sh"
+LIBDIR="./scripts/configure-cluster"
+LIBCOMMON="$LIBDIR/common"
+SETUP_OPERATORS="$LIBCOMMON/setup-operators.sh"
+AUTH_SCRIPT="$LIBCOMMON/auth.sh"
 # Overrideable information
 DEFAULT_INSTALLER_ASSETS_DIR=${DEFAULT_INSTALLER_ASSETS_DIR:-$(pwd)}
 KUBEADMIN_USER=${KUBEADMIN_USER:-"kubeadmin"}
 KUBEADMIN_PASSWORD_FILE=${KUBEADMIN_PASSWORD_FILE:-"${DEFAULT_INSTALLER_ASSETS_DIR}/auth/kubeadmin-password"}
-# Default values
-OC_STABLE_LOGIN="false"
+
 #CI_OPERATOR_HUB_PROJECT="ci-operator-hub-project"
 # Exported to current env
 export KUBECONFIG=${KUBECONFIG:-"${DEFAULT_INSTALLER_ASSETS_DIR}/auth/kubeconfig"}

-# List of users to create
-USERS="developer odonoprojectattemptscreate odosingleprojectattemptscreate odologinnoproject odologinsingleproject1"
-
-
 # list of namespace to create
 IMAGE_TEST_NAMESPACES="openjdk-11-rhel8 nodejs-12-rhel7 nodejs-12"

@@ -55,7 +50,7 @@ fi
 ## Create a new namesapce which will be used for OperatorHub checks
 #oc new-project $CI_OPERATOR_HUB_PROJECT
 ## Let developer user have access to the project
-oc adm policy add-role-to-user edit developer
+##oc adm policy add-role-to-user edit developer

 #sh $SETUP_OPERATORS
 # OperatorHub setup complete
@@ -70,20 +65,6 @@ for i in `echo $IMAGE_TEST_NAMESPACES`; do
    oc adm policy add-role-to-user edit developer
 done

-# Remove existing htpasswd file, if any
-if [ -f $HTPASSWD_FILE ]; then
-    rm -rf $HTPASSWD_FILE
-fi
-
-# Set so first time -c parameter gets applied to htpasswd
-HTPASSWD_CREATED=" -c "
-
-# Create htpasswd entries for all listed users
-for i in `echo $USERS`; do
-    htpasswd -b $HTPASSWD_CREATED $HTPASSWD_FILE $i $USERPASS
-    HTPASSWD_CREATED=""
-done
-
 #Missing required images in OpenShift and Adding it manually to cluster
 oc apply -n openshift -f https://raw.githubusercontent.com/openshift/library/master/arch/s390x/official/nodejs/imagestreams/nodejs-rhel.json
 sleep 5
@@ -117,69 +98,11 @@ oc apply -n openshift -f https://raw.githubusercontent.com/openshift/library/mas
 sleep 5
 oc annotate istag/python:latest --namespace=openshift tags=builder --overwrite

-# Create secret in cluster, removing if it already exists
-oc get secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
-if [ $? -eq 0 ]; then
-    oc delete secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
-fi
-oc create secret generic ${HTPASSWD_SECRET} --from-file=htpasswd=${HTPASSWD_FILE} -n openshift-config
+sh $AUTH_SCRIPT

-# Upload htpasswd as new login config
-oc apply -f - <<EOF
-apiVersion: config.openshift.io/v1
-kind: OAuth
-metadata:
-  name: cluster
-spec:
-  identityProviders:
-  - name: htpassidp1
-    challenge: true
-    login: true
-    mappingMethod: claim
-    type: HTPasswd
-    htpasswd:
-      fileData:
-        name: ${HTPASSWD_SECRET}
-EOF
-
-# Login as developer and check for stable server
-for i in {1..40}; do
-    # Try logging in as developer
-    #oc login -u developer -p $USERPASS &> /dev/null
-    KUBEADMIN_PASSWORD=`cat $KUBEADMIN_PASSWORD_FILE`
-    oc login -u $KUBEADMIN_USER -p $KUBEADMIN_PASSWORD &> /dev/null
-    if [ $? -eq 0 ]; then
-        # If login succeeds, assume success
-	    OC_STABLE_LOGIN="true"
-        # Attempt failure of `oc whoami`
-        for j in {1..25}; do
-            oc whoami &> /dev/null
-            if [ $? -ne 0 ]; then
-                # If `oc whoami` fails, assume fail and break out of trying `oc whoami`
-                OC_STABLE_LOGIN="false"
-                break
-            fi
-            sleep 2
-        done
-        # If `oc whoami` never failed, break out trying to login again
-        if [ $OC_STABLE_LOGIN == "true" ]; then
-            break
-        fi
-    fi
-    sleep 3
-done
-
-if [ $OC_STABLE_LOGIN == "false" ]; then
-    echo "Failed to login as developer"
-    exit 1
-fi
-
-# Setup project
-oc new-project myproject
+KUBEADMIN_PASSWORD=`cat $KUBEADMIN_PASSWORD_FILE`
+oc login -u $KUBEADMIN_USER -p $KUBEADMIN_PASSWORD &> /dev/null
 oc get secret pull-secret -n openshift-config -o yaml | sed "s/openshift-config/myproject/g" | oc apply -f -
-oc adm policy add-role-to-user edit developer
-sleep 4
-oc version

 # Project list
 oc projects
--- a/scripts/configure-installer-tests-cluster.sh
+++ b/scripts/configure-installer-tests-cluster.sh
@@ -2,24 +2,20 @@
 set -x
 # Setup to find nessasary data from cluster setup
 ## Constants
-HTPASSWD_FILE="./htpass"
-USERPASS="developer"
-HTPASSWD_SECRET="htpasswd-secret"
-SETUP_OPERATORS="./scripts/setup-operators.sh"
+LIBDIR="./scripts/configure-cluster"
+LIBCOMMON="$LIBDIR/common"
+SETUP_OPERATORS="$LIBCOMMON/setup-operators.sh"
+AUTH_SCRIPT="$LIBCOMMON/auth.sh"
 # Overrideable information
 DEFAULT_INSTALLER_ASSETS_DIR=${DEFAULT_INSTALLER_ASSETS_DIR:-$(pwd)}
 KUBEADMIN_USER=${KUBEADMIN_USER:-"kubeadmin"}
 KUBEADMIN_PASSWORD_FILE=${KUBEADMIN_PASSWORD_FILE:-"${DEFAULT_INSTALLER_ASSETS_DIR}/auth/kubeadmin-password"}
-# Default values
-OC_STABLE_LOGIN="false"
+
 CI_OPERATOR_HUB_PROJECT="ci-operator-hub-project"
 # Exported to current env
 ORIGINAL_KUBECONFIG=${KUBECONFIG:-"${DEFAULT_INSTALLER_ASSETS_DIR}/auth/kubeconfig"}
 export KUBECONFIG=$ORIGINAL_KUBECONFIG

-# List of users to create
-USERS="developer odonoprojectattemptscreate odosingleprojectattemptscreate odologinnoproject odologinsingleproject1"
-
 # list of namespace to create
 IMAGE_TEST_NAMESPACES="openjdk-11-rhel8 nodejs-12-rhel7 nodejs-12"

@@ -70,86 +66,11 @@ for i in `echo $IMAGE_TEST_NAMESPACES`; do
    oc adm policy add-role-to-user edit developer
 done

-# Remove existing htpasswd file, if any
-if [ -f $HTPASSWD_FILE ]; then
-    rm -rf $HTPASSWD_FILE
-fi
-
-# Set so first time -c parameter gets applied to htpasswd
-HTPASSWD_CREATED=" -c "
-
-# Create htpasswd entries for all listed users
-for i in `echo $USERS`; do
-    htpasswd -b $HTPASSWD_CREATED $HTPASSWD_FILE $i $USERPASS
-    HTPASSWD_CREATED=""
-done
-
 # Workarounds - Note we should find better soulutions asap
 # Missing wildfly in OpenShift Adding it manually to cluster Please remove once wildfly is again visible
 oc apply -n openshift -f https://raw.githubusercontent.com/openshift/library/master/arch/x86_64/community/wildfly/imagestreams/wildfly-centos7.json

-# Create secret in cluster, removing if it already exists
-oc get secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
-if [ $? -eq 0 ]; then
-    oc delete secret $HTPASSWD_SECRET -n openshift-config &> /dev/null
-fi
-oc create secret generic ${HTPASSWD_SECRET} --from-file=htpasswd=${HTPASSWD_FILE} -n openshift-config
-
-# Upload htpasswd as new login config
-oc apply -f - <<EOF
-apiVersion: config.openshift.io/v1
-kind: OAuth
-metadata:
-  name: cluster
-spec:
-  identityProviders:
-  - name: htpassidp1
-    challenge: true
-    login: true
-    mappingMethod: claim
-    type: HTPasswd
-    htpasswd:
-      fileData:
-        name: ${HTPASSWD_SECRET}
-EOF
-
-# Login as developer and check for stable server
-for i in {1..40}; do
-    # Try logging in as developer
-    oc login -u developer -p $USERPASS &> /dev/null
-    if [ $? -eq 0 ]; then
-        # If login succeeds, assume success
-	    OC_STABLE_LOGIN="true"
-        # Attempt failure of `oc whoami`
-        for j in {1..25}; do
-            oc whoami &> /dev/null
-            if [ $? -ne 0 ]; then
-                # If `oc whoami` fails, assume fail and break out of trying `oc whoami`
-                OC_STABLE_LOGIN="false"
-                break
-            fi
-            sleep 2
-        done
-        # If `oc whoami` never failed, break out trying to login again
-        if [ $OC_STABLE_LOGIN == "true" ]; then
-            break
-        fi
-    fi
-    sleep 3
-done
-
-if [ $OC_STABLE_LOGIN == "false" ]; then
-    echo "Failed to login as developer"
-    exit 1
-fi
-
-# Setup project
-oc new-project myproject
-sleep 4
-oc version
-
-# Project list
-oc projects
+sh $AUTH_SCRIPT

 # KUBECONFIG cleanup only if CI is set
 if [ ! -f $CI ]; then
--- a/scripts/openshiftci-periodic-tests.sh
+++ b/scripts/openshiftci-periodic-tests.sh
@@ -22,7 +22,7 @@ chmod 640 $TMP_DIR/kubeconfig
 export KUBECONFIG=$TMP_DIR/kubeconfig

 # Login as developer
-odo login -u developer -p developer
+odo login -u developer -p password@123

 # Check login user name for debugging purpose
 oc whoami
--- a/scripts/openshiftci-presubmit-all-tests.sh
+++ b/scripts/openshiftci-presubmit-all-tests.sh
@@ -29,7 +29,7 @@ chmod 640 $TMP_DIR/kubeconfig
 export KUBECONFIG=$TMP_DIR/kubeconfig

 # Login as developer
-odo login -u developer -p developer
+odo login -u developer -p password@123

 # Check login user name for debugging purpose
 oc whoami