feat: new CI/Test process and secret creation bug fix (#42)

fixes #34 and fixes #40 chore: update gitignore with files from VSCode test: update test script fix: ci refactor + fixes #34, fixes #40 chore: test more kube versions
kiwigrid · Oct 26, 2020 · 7264e21 · 7264e21
1 parent 28f9ee4
commit 7264e21
Show file tree

Hide file tree

Showing 29 changed files with 377 additions and 204 deletions.
diff --git a/.github/ci.docker-build.sh b/.github/ci.docker-build.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+#
+# build docker image and push it to kind nodes
+
+set -o errexit
+
+DOCKER_TAG="keycloak-controller:local"
+
+echo -e "\n##### create docker image with tag $DOCKER_TAG #####\n"
+docker build -t "$DOCKER_TAG" ./target
+
+echo -e "\n##### push docker image to kind nodes #####\n"
+kind --name chart-testing load docker-image "$DOCKER_TAG"
diff --git a/.github/ci.example.sh b/.github/ci.example.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+NAMESPACE="keycloak"
+
+echo -e "\n##### install keycloak-controller examples #####\n"
+while IFS= read -r KEYCLOAK_EXAMPLE; do
+    kubectl -n "$NAMESPACE" apply -f "${KEYCLOAK_EXAMPLE}"
+done < <(find examples -type f)
+
+echo -e "\n##### show keycloak-controller examples #####\n"
+kubectl -n "$NAMESPACE" get keycloaks.k8s.kiwigrid.com
+echo ""
+kubectl -n "$NAMESPACE" get keycloakrealms.k8s.kiwigrid.com
+echo ""
+kubectl -n "$NAMESPACE" get keycloakclients.k8s.kiwigrid.com
+echo ""
+kubectl -n "$NAMESPACE" get keycloakclientscopes.k8s.kiwigrid.com
+echo ""
diff --git a/.github/ci.helm.sh b/.github/ci.helm.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+echo -e "\n##### add helm repos #####\n"
+helm repo add bitnami https://charts.bitnami.com/bitnami
+helm repo add codecentric https://codecentric.github.io/helm-charts
+helm repo add kiwigrid https://kiwigrid.github.io
+
+echo -e "\n##### update helm repos #####\n"
+helm repo update
diff --git a/.github/ci.keycloak-controller.sh b/.github/ci.keycloak-controller.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+KEYCLOAK_CONTROLLER_CHART_VERSION="${1}"
+NAMESPACE="keycloak"
+
+echo -e "\n##### install keycloak-controller crds #####\n"
+while IFS= read -r CRD; do
+    kubectl apply -f "${CRD}"
+done < <(find src/main/k8s -type f)
+
+echo -e "\n##### test controller crds #####\n"
+kubectl -n "$NAMESPACE" wait --for condition=established --timeout=15s crd/keycloakclients.k8s.kiwigrid.com
+kubectl -n "$NAMESPACE" wait --for condition=established --timeout=15s crd/keycloakclientscopes.k8s.kiwigrid.com
+kubectl -n "$NAMESPACE" wait --for condition=established --timeout=15s crd/keycloakrealms.k8s.kiwigrid.com
+kubectl -n "$NAMESPACE" wait --for condition=established --timeout=15s crd/keycloaks.k8s.kiwigrid.com
+
+echo -e "\n##### install keycloak-controller #####\n"
+helm upgrade -i keycloak-controller kiwigrid/keycloak-controller \
+    --wait \
+    --namespace keycloak \
+    --version "$KEYCLOAK_CONTROLLER_CHART_VERSION" \
+    --set image.repository=keycloak-controller \
+    --set image.tag=local
diff --git a/.github/ci.keycloak.sh b/.github/ci.keycloak.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+KEYCLOAK_CHART_VERSION="${1}"
+NAMESPACE="keycloak"
+
+echo -e "\n##### create keycloak namespace #####\n"
+kubectl create namespace $NAMESPACE
+
+echo -e "\n##### install keycloak #####\n"
+kubectl create secret generic keycloak-auth \
+    --namespace $NAMESPACE \
+    --from-literal=username=keycloak \
+    --from-literal=password=keycloak
+
+helm upgrade -i keycloak codecentric/keycloak \
+    --wait \
+    --namespace $NAMESPACE \
+    --version "${KEYCLOAK_CHART_VERSION}" \
+    --values .github/keycloak-values.yaml
diff --git a/.github/ci.maven.sh b/.github/ci.maven.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
+
+mvn clean && mvn package
diff --git a/.github/ci.provision.helm.sh b/.github/ci.provision.helm.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -o errexit
+
+HELM_VERSION="${1}"
+
+echo -e "\n##### install helm #####\n"
+curl --silent --show-error --fail --location --output get_helm.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get
+chmod 700 get_helm.sh
+./get_helm.sh --version "${HELM_VERSION}"
+
+helm version
diff --git a/.github/ci.provision.kubernetes.sh b/.github/ci.provision.kubernetes.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -o errexit
+
+K8S_VERSION="${1}"
+
+echo -e "\n##### install kubectl #####\n"
+curl --silent --show-error --fail --location --output kubectl "https://storage.googleapis.com/kubernetes-release/release/${K8S_VERSION}/bin/linux/amd64/kubectl"
+chmod +x ./kubectl
+sudo mv ./kubectl /usr/local/bin/kubectl
diff --git a/.github/ci.provision.maven.sh b/.github/ci.provision.maven.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+set -o errexit
+
+echo -e "\n##### install mvn & java #####\n"
+sudo apt-get update && sudo apt-get install -y maven openjdk-11-jdk
+export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64
+
+mvn --version
diff --git a/.github/ci.verify.sh b/.github/ci.verify.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -o errexit
+
+NAMESPACE="keycloak"
+
+echo -e "\n##### check for errors in keycloak-controller logs #####\n"
+sleep 60
+if kubectl -n "${NAMESPACE}" logs -l app.kubernetes.io/name=keycloak-controller | grep -q ERROR; then
+    echo "errors found in logs :("
+    kubectl -n "${NAMESPACE}" logs -l app.kubernetes.io/name=keycloak-controller
+    exit 1
+else
+    echo "no errors found in logs :)"
+    kubectl -n "${NAMESPACE}" logs -l app.kubernetes.io/name=keycloak-controller
+fi
diff --git a/.github/docker-build.sh b/.github/docker-build.sh
diff --git a/.github/k8s-install.sh b/.github/k8s-install.sh
diff --git a/.github/keycloak-values.yaml b/.github/keycloak-values.yaml
@@ -0,0 +1,15 @@
+extraEnv: |
+  - name: KEYCLOAK_USER_FILE
+    value: /secrets/keycloak-auth/username
+  - name: KEYCLOAK_PASSWORD_FILE
+    value: /secrets/keycloak-auth/password
+  - name: PROXY_ADDRESS_FORWARDING
+    value: "true"
+extraVolumeMounts: |
+  - name: keycloak-auth
+    mountPath: /secrets/keycloak-auth
+    readOnly: true
+extraVolumes: |
+  - name: keycloak-auth
+    secret:
+      secretName: keycloak-auth
diff --git a/.github/kind-config.yaml b/.github/kind-config.yaml
@@ -1,8 +1,8 @@
 kind: Cluster
-apiVersion: kind.sigs.k8s.io/v1alpha3
+apiVersion: kind.x-k8s.io/v1alpha4
 nodes:
 # the control plane node config
 - role: control-plane
 # the 2 workers
 - role: worker
-- role: worker
+- role: worker
diff --git a/.github/local.kind.sh b/.github/local.kind.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+kind create cluster --config .github/kind-config.yaml --name chart-testing
diff --git a/.github/local.maven.sh b/.github/local.maven.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# ci for keycloak-controller
+#
+
+set -o errexit
+
+mvn clean && mvn package
diff --git a/.github/mvn-build.sh b/.github/mvn-build.sh
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -20,37 +20,46 @@ jobs:
     needs: 
       - lint-bash-scripts
     env:
-      HELM_VERSION: v3.2.4
+      HELM_VERSION: v3.3.4
     strategy:
       matrix:
         k8s-version:
          - v1.14.10
-         - v1.15.7
-         - v1.16.9
-         - v1.17.5
-         - v1.18.6
+         - v1.15.12
+         - v1.16.15
+         - v1.17.11
+         - v1.18.8
+         - v1.19.1
         keycloak-chart:
-         # keycloak 9.0.0
-         - 7.7.1
-         # keycloak 10.0.0
-         - 8.3.0
-         # keycloak 11.0.0
          - 9.0.1
         keycloak-controller-chart:
          - 0.6.1
     steps:
       - name: Checkout
         uses: actions/checkout@v2
-      - name: Fetch history
-        run: git fetch --prune --unshallow
+      - name: provision
+        run: |
+          .github/ci.provision.kubernetes.sh ${{ matrix.k8s-version }} & \
+          .github/ci.provision.helm.sh $HELM_VERSION & \
+          .github/ci.provision.maven.sh & \
+          wait
+      - name: maven
+        run: .github/ci.maven.sh
       - name: Create kind ${{ matrix.k8s-version }} cluster
         uses: helm/kind-action@master
         with:
           config: .github/kind-config.yaml
           node_image: kindest/node:${{ matrix.k8s-version }}
-      - name: mvn build
-        run: .github/mvn-build.sh
       - name: build docker image & push to kind nodes
-        run: .github/docker-build.sh
-      - name: test keycloak-controller
-        run: .github/k8s-install.sh ${{ matrix.keycloak-chart }} ${{ matrix.keycloak-controller-chart }} ${{ matrix.k8s-version }}
+        run: .github/ci.docker-build.sh
+      - name: helm
+        run: .github/ci.helm.sh
+      - name: keycloak and keycloak controller
+        run: |
+          .github/ci.keycloak.sh ${{ matrix.keycloak-chart }} & \
+          .github/ci.keycloak-controller.sh ${{ matrix.keycloak-controller-chart }} & \
+          wait
+      - name: examples
+        run: .github/ci.example.sh
+      - name: verify
+        run: .github/ci.verify.sh