Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature: Use image digest in csv #274

Merged
merged 7 commits into from
Jul 8, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 12 additions & 2 deletions .ci/cico_olm_prcheck.sh
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -36,16 +36,26 @@ install_Dependencies() {
}

run_olm_tests() {
for platform in 'openshift' 'kubernetes'
for platform in 'kubernetes'
do
# set up ImagePullPolicy for che-operator image
packageName=eclipse-che-preview-${platform}
packageFolderPath="${OPERATOR_REPO}/olm/eclipse-che-preview-${platform}/deploy/olm-catalog/${packageName}"
packageFilePath="${packageFolderPath}/${packageName}.package.yaml"
CSV=$(yq -r ".channels[] | select(.name == \"${CHANNEL}\") | .currentCSV" "${packageFilePath}")
PackageVersion=$(echo "${CSV}" | sed -e "s/${packageName}.v//")
CSVBundle="${packageFolderPath}/${PackageVersion}/${packageName}.v${PackageVersion}.clusterserviceversion.yaml"
yq -rY '.spec.install.spec.deployments[0].spec.template.spec.containers[0].imagePullPolicy |= "IfNotPresent"' "${CSVBundle}" >> "${CSVBundle}"
if [[ ${platform} == 'kubernetes' ]]; then
buildCheOperatorImage "minikube"
printInfo "Starting minikube VM to test kubernetes olm files..."
source ${OPERATOR_REPO}/.ci/start-minikube.sh

sh "${OPERATOR_REPO}"/olm/testCatalogSource.sh ${platform} ${CHANNEL} ${NAMESPACE}
printInfo "Successfully verified olm files on kubernetes platform."
rm -rf ~/.kube && yes | minikube delete
fi
# todo implement check on the openshift 4(crc). To delivery che-operator image we can try to use imageStream feature: https://medium.com/@adilsonbna/importing-an-external-docker-image-into-red-hat-openshift-repository-c25894cd3199
done
}

Expand Down
4 changes: 2 additions & 2 deletions .ci/cico_operator_prcheck.sh
Original file line number Diff line number Diff line change
Expand Up @@ -53,8 +53,8 @@ run_tests() {
sh -c "OOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o /operator/run-tests /opt/app-root/src/go/src/github.com/eclipse/che-operator/e2e/*.go"

printInfo "Build operator docker image and load in to minishift VM..."
cd "$OPERATOR_REPO" && docker build -t che/operator -f Dockerfile . && docker save che/operator > operator.tar
eval $(minishift docker-env) && docker load -i operator.tar && rm operator.tar

buildCheOperatorImage "minishift"

printInfo "Runing e2e tests..."
${OPERATOR_REPO}/tmp/run-tests
Expand Down
10 changes: 10 additions & 0 deletions .ci/util/ci_common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,16 @@ github_token_set() {
fi
}

buildCheOperatorImage() {
if [ -z "${1}" ]; then
printError "Platform is required to build che operator image."
fi
PLATFORM="${1}"
OPERATOR_IMAGE="quay.io/eclipse/che-operator:nightly"
cd "$OPERATOR_REPO" && docker build -t "${OPERATOR_IMAGE}" -f Dockerfile . && docker save "${OPERATOR_IMAGE}" > operator.tar
eval $(${PLATFORM} docker-env) && docker load -i operator.tar && rm operator.tar
}

minishift_installation() {
MSFT_RELEASE="1.34.2"
printInfo "Downloading Minishift binaries"
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -109,5 +109,6 @@ tags

build/
bin/
olm/generated

# End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode
17 changes: 16 additions & 1 deletion .vscode/launch.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,22 @@
{
"version": "0.2.0",
"configurations": [

{
"type": "bashdb",
"request": "launch",
"name": "Bash-Debug (release-olm-files.sh)",
"cwd": "${workspaceFolder}",
"program": "${workspaceFolder}/olm/release-olm-files.sh",
"args": [
"7.13.2"
]
},
{
"type": "bashdb",
"request": "launch",
"name": "Bash-Debug (simplest configuration)",
"program": "${file}"
},
{
"name": "Launch Current File",
"type": "go",
Expand Down
2 changes: 1 addition & 1 deletion deploy/crds/org_v1_che_cr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ spec:
chePostgresPassword: ''
# Postgres database name that Che server uses to connect to. Defaults to dbche
chePostgresDb: ''
# Postgres deployment in format image:tag. Default in https://github.com/eclipse/che-operator/blob/master/deploy/operator.yaml#L57-L58 or operator metadata CSV environment variable IMAGE_default_postgres)
# Postgres deployment in format image:tag. Default in https://github.com/eclipse/che-operator/blob/master/deploy/operator.yaml#L57-L58 or operator metadata CSV environment variable RELATED_IMAGE_postgres)
postgresImage: ''
storage:
# persistent volume claim strategy for Che server. Can be common (all workspaces PVCs in one volume),
Expand Down
20 changes: 10 additions & 10 deletions deploy/operator-local.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,25 +45,25 @@ spec:
value: che-operator
- name: CHE_VERSION
value: nightly
- name: IMAGE_default_che_server
- name: RELATED_IMAGE_che_server
value: quay.io/eclipse/che-server:nightly
- name: IMAGE_default_plugin_registry
- name: RELATED_IMAGE_plugin_registry
value: quay.io/eclipse/che-plugin-registry:nightly
- name: IMAGE_default_devfile_registry
- name: RELATED_IMAGE_devfile_registry
value: quay.io/eclipse/che-devfile-registry:nightly
- name: IMAGE_default_che_tls_secrets_creation_job
- name: RELATED_IMAGE_che_tls_secrets_creation_job
value: quay.io/eclipse/che-tls-secret-creator:alpine-3029769
- name: IMAGE_default_pvc_jobs
- name: RELATED_IMAGE_pvc_jobs
value: registry.access.redhat.com/ubi8-minimal:8.2-301.1592810506
- name: IMAGE_default_postgres
- name: RELATED_IMAGE_postgres
value: centos/postgresql-96-centos7:9.6
- name: IMAGE_default_keycloak
- name: RELATED_IMAGE_keycloak
value: quay.io/eclipse/che-keycloak:nightly
- name: IMAGE_default_che_workspace_plugin_broker_metadata
- name: RELATED_IMAGE_che_workspace_plugin_broker_metadata
value: quay.io/eclipse/che-plugin-metadata-broker:v3.2.0
- name: IMAGE_default_che_workspace_plugin_broker_artifacts
- name: RELATED_IMAGE_che_workspace_plugin_broker_artifacts
value: quay.io/eclipse/che-plugin-artifacts-broker:v3.2.0
- name: IMAGE_default_che_server_secure_exposer_jwt_proxy_image
- name: RELATED_IMAGE_che_server_secure_exposer_jwt_proxy_image
value: quay.io/eclipse/che-jwtproxy:fd94e60
- name: CHE_FLAVOR
value: che
Expand Down
20 changes: 10 additions & 10 deletions deploy/operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -44,25 +44,25 @@ spec:
value: che-operator
- name: CHE_VERSION
value: nightly
- name: IMAGE_default_che_server
- name: RELATED_IMAGE_che_server
value: quay.io/eclipse/che-server:nightly
- name: IMAGE_default_plugin_registry
- name: RELATED_IMAGE_plugin_registry
value: quay.io/eclipse/che-plugin-registry:nightly
- name: IMAGE_default_devfile_registry
- name: RELATED_IMAGE_devfile_registry
value: quay.io/eclipse/che-devfile-registry:nightly
- name: IMAGE_default_che_tls_secrets_creation_job
- name: RELATED_IMAGE_che_tls_secrets_creation_job
value: quay.io/eclipse/che-tls-secret-creator:alpine-3029769
- name: IMAGE_default_pvc_jobs
- name: RELATED_IMAGE_pvc_jobs
value: registry.access.redhat.com/ubi8-minimal:8.2-301.1592810506
- name: IMAGE_default_postgres
- name: RELATED_IMAGE_postgres
value: centos/postgresql-96-centos7:9.6
- name: IMAGE_default_keycloak
- name: RELATED_IMAGE_keycloak
value: quay.io/eclipse/che-keycloak:nightly
- name: IMAGE_default_che_workspace_plugin_broker_metadata
- name: RELATED_IMAGE_che_workspace_plugin_broker_metadata
value: quay.io/eclipse/che-plugin-metadata-broker:v3.2.0
- name: IMAGE_default_che_workspace_plugin_broker_artifacts
- name: RELATED_IMAGE_che_workspace_plugin_broker_artifacts
value: quay.io/eclipse/che-plugin-artifacts-broker:v3.2.0
- name: IMAGE_default_che_server_secure_exposer_jwt_proxy_image
- name: RELATED_IMAGE_che_server_secure_exposer_jwt_proxy_image
value: quay.io/eclipse/che-jwtproxy:fd94e60
- name: CHE_FLAVOR
value: che
Expand Down
2 changes: 1 addition & 1 deletion make-release.sh
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ checkImageReferences() {
echo "[ERROR] Unable to find che-keycloak image with version ${RELEASE} in the $filename"; exit 1
fi

if ! grep -q "value: $IMAGE_default_pvc_jobs" $filename; then
if ! grep -q "value: $RELATED_IMAGE_pvc_jobs" $filename; then
echo "[ERROR] Unable to find ubi8_minimal image in the $filename"; exit 1
fi

Expand Down
127 changes: 87 additions & 40 deletions olm/addDigests.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/bash
#
# Copyright (c) 2019 Red Hat, Inc.
# Copyright (c) 2019-2020 Red Hat, Inc.
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
Expand All @@ -10,6 +10,9 @@
# Contributors:
# Red Hat, Inc. - initial API and implementation

set +x
set -e

SCRIPTS_DIR=$(cd "$(dirname "$0")"; pwd)
BASE_DIR="$(pwd)"
QUIET=""
Expand All @@ -25,9 +28,8 @@ fi
command -v yq >/dev/null 2>&1 || { echo "yq is not installed. Aborting."; exit 1; }

usage () {
echo "Usage: $0 [-w WORKDIR] -s [SOURCE_PATH] -n [csv name] -v [VERSION] "
echo "Example: $0 -w $(pwd) -s eclipse-che-preview-openshift/deploy/olm-catalog/eclipse-che-preview-openshift -n eclipse-che-preview-openshift -v 7.9.0"
echo "Example: $0 -w $(pwd) -s controller-manifests -n codeready-workspaces -v 2.1.0"
echo "Usage: $0 [-w WORKDIR] [-s SOURCE_PATH] -r [CSV_FILE_PATH_REGEXP] -t [IMAGE_TAG] "
echo "Example: $0 -w $(pwd) -r \"eclipse-che-preview-.*/eclipse-che-preview-.*\.v7.15.0.*yaml\" -t 7.15.0"
}

if [[ $# -lt 1 ]]; then usage; exit; fi
Expand All @@ -36,53 +38,98 @@ while [[ "$#" -gt 0 ]]; do
case $1 in
'-w') BASE_DIR="$2"; shift 1;;
'-s') SRC_DIR="$2"; shift 1;;
'-n') CSV_NAME="$2"; shift 1;;
'-v') VERSION="$2"; shift 1;;
'-t') IMAGE_TAG="$2"; shift 1;;
'-r') CSV_FILE_PATH_REGEXP="$2"; shift 1;;
'-q') QUIET="-q"; shift 0;;
'--help'|'-h') usage; exit;;
esac
shift 1
done

if [[ ! $SRC_DIR ]] || [[ ! $CSV_NAME ]] || [[ ! $VERSION ]]; then usage; exit 1; fi
if [[ ! ${CSV_FILE_PATH_REGEXP} ]] || [[ ! $IMAGE_TAG ]]; then usage; exit 1; fi

rm -Rf ${BASE_DIR}/generated/${CSV_NAME}/
mkdir -p ${BASE_DIR}/generated/${CSV_NAME}/
cp -R ${BASE_DIR}/${SRC_DIR}/* ${BASE_DIR}/generated/${CSV_NAME}/
CSV_FILES_DIR=${BASE_DIR}
if [ -n "${SRC_DIR}" ]; then
CSV_FILES_DIR="${BASE_DIR}/${SRC_DIR}"
fi
echo "Resolved CSV files dir: ${CSV_FILES_DIR}"

CSV_FILE="$(find ${BASE_DIR}/generated/${CSV_NAME}/*${VERSION}/ -name "${CSV_NAME}.*${VERSION}.clusterserviceversion.yaml" | tail -1)"; # echo "[INFO] CSV = ${CSV_FILE}"
${SCRIPTS_DIR}/buildDigestMap.sh -w ${BASE_DIR} -c ${CSV_FILE} -v ${VERSION} ${QUIET}
echo "find ${CSV_FILES_DIR} -regextype posix-egrep -regex \"${CSV_FILES_DIR}/?${CSV_FILE_PATH_REGEXP}\""
CSV_FILES=( $(find ${CSV_FILES_DIR} -regextype posix-egrep -regex "${CSV_FILES_DIR}/?${CSV_FILE_PATH_REGEXP}") )
RELATED_IMAGE_PREFIX="RELATED_IMAGE_"

# inject relatedImages block
names=" "
count=1
RELATED_IMAGES='. * { spec : { relatedImages: [ '
if [[ ! "${QUIET}" ]]; then cat ${BASE_DIR}/generated/digests-mapping.txt; fi
for mapping in $(cat ${BASE_DIR}/generated/digests-mapping.txt)
rm -Rf "${BASE_DIR}/generated/csv"
mkdir -p "${BASE_DIR}/generated/csv"
# Copy original csv files
for CSV_FILE in "${CSV_FILES[@]}"
do
source=$(echo "${mapping}" | sed -e 's/\(.*\)=.*/\1/')
dest=$(echo "${mapping}" | sed -e 's/.*=\(.*\)/\1/')
sed -i -e "s;${source};${dest};" ${CSV_FILE}
name=$(echo "${dest}" | sed -e 's;.*/\([^\/][^\/]*\)@.*;\1;')
nameWithSpaces=" ${name} "
if [[ "${names}" != *${nameWithSpaces}* ]]; then
if [ "${names}" != " " ]; then
RELATED_IMAGES="${RELATED_IMAGES},"
fi
RELATED_IMAGES="${RELATED_IMAGES} { name: \"${name}\", image: \"${dest}\", tag: \"${source}\"}"
names="${names} ${name} "
fi
echo "CSV file: ${CSV_FILE}"
cp -pR "${CSV_FILE}" "${BASE_DIR}/generated/csv"
csvs_args="${csvs_args} -c ${CSV_FILE}"
done
RELATED_IMAGES="${RELATED_IMAGES} ] } }"
mv ${CSV_FILE} ${CSV_FILE}.old
yq -Y "$RELATED_IMAGES" ${CSV_FILE}.old > ${CSV_FILE}
sed -i ${CSV_FILE} -r -e "s|tag: |# tag: |"
rm -f ${CSV_FILE}.old

# update original file with generated changes
CSV_FILE_ORIG=$(find ${BASE_DIR} -name "${CSV_FILE##*/}" | grep -v generated | tail -1)
mv "${CSV_FILE}" "${CSV_FILE_ORIG}"
echo "[INFO] CSV updated: ${CSV_FILE_ORIG}"
# shellcheck source=buildDigestMap.sh
eval "${SCRIPTS_DIR}/buildDigestMap.sh" -w "${BASE_DIR}" -t "${IMAGE_TAG}" "${csvs_args}" ${QUIET}

if [[ ! "${QUIET}" ]]; then cat "${BASE_DIR}"/generated/digests-mapping.txt; fi
for CSV_FILE in "${CSV_FILES[@]}"
do
CSV_FILE_COPY=${BASE_DIR}/generated/csv/$(basename ${CSV_FILE})

echo "[INFO] Generate digest update for CSV file ${CSV_FILE}"
RELATED_IMAGES=""
RELATED_IMAGES_ENV=""
for mapping in $(cat "${BASE_DIR}/generated/digests-mapping.txt")
do
source=$(echo "${mapping}" | sed -e 's;\(.*\)=.*=.*;\1;')
# Image with digest.
dest=$(echo "${mapping}" | sed -e 's;.*=.*=\(.*\);\1;')
# Image label to set image target. For example: 'devfile-registry-image'
imageLabel=$(echo "${mapping}" | sed -e 's;.*=\(.*\)=.*;\1;')
name=$(echo "${dest}" | sed -e 's;.*/\([^\/][^\/]*\)@.*;\1;')
tagOrDigest=""
if [[ ${source} == *"@"* ]]; then
tagOrDigest="@${source#*@}"
elif [[ ${source} == *":"* ]]; then
tagOrDigest="${source#*:}"
fi

if [[ ${imageLabel} == "plugin-registry-image" ]] || [[ ${imageLabel} == "devfile-registry-image" ]]; then
# Image tag could contains invalid for Env variable name characters, so let's encode it using base32.
# But alphabet of base32 uses one invalid for env variable name character '=' at the end of the line, so let's replace it by '_'.
# To recovery original tag should be done opposite actions: replace '_' to '=', and decode string using 'base32 -d'.
encodedTag=$(echo "${tagOrDigest}" | base32 -w 0 | tr "=" "_")
relatedImageEnvName=$(echo "${RELATED_IMAGE_PREFIX}${name}_${imageLabel}_${encodedTag}" | sed -r 's/[-.]/_/g')
ENV="{ name: \"${relatedImageEnvName}\", value: \"${dest}\"}"
if [[ -z ${RELATED_IMAGES_ENV} ]]; then
RELATED_IMAGES_ENV="${ENV}"
else
RELATED_IMAGES_ENV="${RELATED_IMAGES_ENV}, ${ENV}"
fi
fi

RELATED_IMAGE="{ name: \"${name}-${tagOrDigest}\", image: \"${dest}\", tag: \"${source}\"}"
if [[ -z ${RELATED_IMAGES} ]]; then
RELATED_IMAGES="${RELATED_IMAGE}"
else
RELATED_IMAGES="${RELATED_IMAGES}, ${RELATED_IMAGE}"
fi

sed -i -e "s;${source};${dest};" "${CSV_FILE_COPY}"
done

mv "${CSV_FILE_COPY}" "${CSV_FILE_COPY}.old"
yq -ryY "
( .spec.relatedImages ) += [${RELATED_IMAGES}] |
( .spec.install.spec.deployments[0].spec.template.spec.containers[0].env ) += [${RELATED_IMAGES_ENV}]
" "${CSV_FILE_COPY}.old" > "${CSV_FILE_COPY}"
sed -i "${CSV_FILE_COPY}" -r -e "s|tag: |# tag: |"
rm -f "${CSV_FILE_COPY}.old"

# update original file with generated changes
mv "${CSV_FILE_COPY}" "${CSV_FILE}"
echo "[INFO] CSV updated: ${CSV_FILE}"
done

# cleanup
rm -fr ${BASE_DIR}/generated
rm -fr "${BASE_DIR}/generated"
Loading