OCM-8285 | test: implement no-cni(cilium) supporting

openshift · Jun 28, 2024 · 0468497 · 0468497
1 parent 9cd807c
commit 0468497
Show file tree

Hide file tree

Showing 7 changed files with 251 additions and 0 deletions.
diff --git a/tests/ci/config/config.go b/tests/ci/config/config.go
@@ -18,6 +18,7 @@ type TestConfig struct {
 	// Env is the OpenShift Cluster Management environment used to provision clusters.
 	ENV               string `env:"OCM_LOGIN_ENV" default:""`
 	TestProfile       string `env:"TEST_PROFILE" default:""`
+	ResourcesDir      string `env:"RESOURCES_DIR" default:""`
 	OutputDir         string `env:"OUTPUT_DIR" default:""`
 	YAMLProfilesDir   string `env:"TEST_PROFILE_DIR" default:""`
 	RootDir           string `env:"WORKSPACE" default:""`
@@ -62,6 +63,8 @@ func init() {
 		path.Join(Test.RootDir, "tests", "ci", "data", "profiles"))
 	Test.OutputDir = common.ReadENVWithDefaultValue("SHARED_DIR",
 		path.Join(Test.RootDir, "tests", "output", Test.TestProfile))
+	Test.ResourcesDir = common.ReadENVWithDefaultValue("RESOURCES_DIR",
+		path.Join(Test.RootDir, "tests", "ci", "data", "resources"))
 	Test.ArtifactDir = common.ReadENVWithDefaultValue("ARTIFACT_DIR", Test.OutputDir)
 	err := os.MkdirAll(Test.OutputDir, 0777)
 	if err != nil {

diff --git a/tests/ci/data/resources/cilium.yaml b/tests/ci/data/resources/cilium.yaml
@@ -0,0 +1,39 @@
+apiVersion: cilium.io/v1alpha1
+kind: CiliumConfig
+metadata:
+  name: cilium
+  namespace: cilium
+spec:
+  debug:
+    enabled: true
+  k8s:
+    requireIPv4PodCIDR: true
+  logSystemLoad: true
+  bpf:
+    preallocateMaps: true
+  etcd:
+    leaseTTL: 30s
+  ipv4:
+    enabled: true
+  ipv6:
+    enabled: false
+  identityChangeGracePeriod: 0s
+  ipam:
+    mode: "cluster-pool"
+    operator:
+      clusterPoolIPv4PodCIDRList:
+        - "PODCIDR"
+      clusterPoolIPv4MaskSize: "HOSTPREFIX"
+  nativeRoutingCIDR: "PODCIDR"
+  endpointRoutes: {enabled: true}
+  clusterHealthPort: 9940
+  tunnelPort: 4789
+  cni:
+    binPath: "/var/lib/cni/bin"
+    confPath: "/var/run/multus/cni/net.d"
+    chainingMode: portmap
+  prometheus:
+    serviceMonitor: {enabled: false}
+  hubble:
+    tls: {enabled: false}
+  sessionAffinity: true
diff --git a/tests/e2e/e2e_setup_test.go b/tests/e2e/e2e_setup_test.go
@@ -1,11 +1,16 @@
 package e2e
 
 import (
+	"fmt"
+
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 
 	"github.com/openshift/rosa/tests/ci/config"
 	"github.com/openshift/rosa/tests/ci/labels"
+	"github.com/openshift/rosa/tests/utils/common"
+	utilConfig "github.com/openshift/rosa/tests/utils/config"
+	"github.com/openshift/rosa/tests/utils/exec/occli"
 	"github.com/openshift/rosa/tests/utils/exec/rosacli"
 	"github.com/openshift/rosa/tests/utils/log"
 	"github.com/openshift/rosa/tests/utils/profilehandler"
@@ -20,6 +25,55 @@ var _ = Describe("Cluster preparation", labels.Feature.Cluster, func() {
 			cluster, err := profilehandler.CreateClusterByProfile(profile, client, config.Test.GlobalENV.WaitSetupClusterReady)
 			Expect(err).ToNot(HaveOccurred())
 			log.Logger.Infof("Cluster prepared successfully with id %s", cluster.ID)
+
+			if profile.ClusterConfig.HCP && profile.ClusterConfig.NetworkType == "other" {
+				clusterID = cluster.ID
+				profilehandler.WaitForClusterReady(client, clusterID, config.Test.GlobalENV.ClusterWaitingTime)
+
+				clusterService := client.Cluster
+				output, err := clusterService.DescribeCluster(clusterID)
+				Expect(err).To(BeNil())
+				clusterDetails, err := clusterService.ReflectClusterDescription(output)
+				Expect(err).To(BeNil())
+				if clusterDetails.ExternalAuthentication == "Enabled" {
+					//create break-glass-credential to get kubeconfig
+					_, err := client.BreakGlassCredential.CreateBreakGlassCredential(clusterID)
+					Expect(err).To(BeNil())
+					breakGlassCredList, err := client.BreakGlassCredential.ListBreakGlassCredentialsAndReflect(clusterID)
+					Expect(err).To(BeNil())
+					testDir := config.Test.OutputDir
+					kubeconfigFile := fmt.Sprintf("%s/%s.kubeconfig", testDir, clusterID)
+
+					By("Get the issued credential")
+					for _, i := range breakGlassCredList.BreakGlassCredentials {
+						if i.Status == "issued" {
+							output, err := client.BreakGlassCredential.GetIssuedCredential(clusterID, i.ID)
+							Expect(err).ToNot(HaveOccurred())
+							_, err = common.CreateFileWithContent(kubeconfigFile, output.String())
+							Expect(err).ToNot(HaveOccurred())
+							break
+						}
+					}
+					hostPrefix, podCIDR := "", ""
+					for _, networkLine := range clusterDetails.Network {
+						if value, containsKey := networkLine["Host Prefix"]; containsKey {
+							hostPrefix = value
+							break
+						}
+						if value, containsKey := networkLine["Pod CIDR"]; containsKey {
+							podCIDR = value
+							break
+						}
+					}
+					By("Deploy cilium configures")
+					ocClient := occli.NewOCClient(kubeconfigFile)
+					err = utilConfig.DeployCilium(ocClient, podCIDR, hostPrefix, testDir)
+					Expect(err).ToNot(HaveOccurred())
+					log.Logger.Infof("Deploy cilium for HCP cluster: %s successfully ", cluster.ID)
+				} else {
+					utilConfig.GetKubeconfigDummyFunc()
+				}
+			}
 		})
 
 	It("to wait for cluster ready",

diff --git a/tests/e2e/test_rosacli_cluster.go b/tests/e2e/test_rosacli_cluster.go
@@ -179,6 +179,7 @@ var _ = Describe("Edit cluster",
 
 				clusterDetail, err := clusterService.ReflectClusterDescription(output)
 				Expect(err).ToNot(HaveOccurred())
+				// nolint
 				expectedUWMValue := "Enabled"
 				recoverUWMStatus := false
 				if clusterConfig.DisableWorkloadMonitoring {

diff --git a/tests/utils/config/support.go b/tests/utils/config/support.go
@@ -0,0 +1,84 @@
+package config
+
+import (
+	"fmt"
+	"path"
+	"strings"
+	"time"
+
+	"github.com/openshift/rosa/tests/ci/config"
+	"github.com/openshift/rosa/tests/utils/exec/occli"
+	"github.com/openshift/rosa/tests/utils/log"
+)
+
+// DeployCilium The step is provided via here https://hypershift-docs.netlify.app/how-to/aws/other-sdn-providers/#cilium
+// Only for HCP cluster now
+func DeployCilium(ocClient *occli.Client, podCIDR string, hostPrefix string, outputDir string) error {
+	ciliumVersion := "1.14.5"
+	yamlFileNames := []string{
+		"cluster-network-03-cilium-ciliumconfigs-crd.yaml",
+		"cluster-network-06-cilium-00000-cilium-namespace.yaml",
+		"cluster-network-06-cilium-00001-cilium-olm-serviceaccount.yaml",
+		"cluster-network-06-cilium-00002-cilium-olm-deployment.yaml",
+		"cluster-network-06-cilium-00003-cilium-olm-service.yaml",
+		"cluster-network-06-cilium-00004-cilium-olm-leader-election-role.yaml",
+		"cluster-network-06-cilium-00005-cilium-olm-role.yaml",
+		"cluster-network-06-cilium-00006-leader-election-rolebinding.yaml",
+		"cluster-network-06-cilium-00007-cilium-olm-rolebinding.yaml",
+		"cluster-network-06-cilium-00008-cilium-cilium-olm-clusterrole.yaml",
+		"cluster-network-06-cilium-00009-cilium-cilium-clusterrole.yaml",
+		"cluster-network-06-cilium-00010-cilium-cilium-olm-clusterrolebinding.yaml",
+		"cluster-network-06-cilium-00011-cilium-cilium-clusterrolebinding.yaml",
+	}
+
+	url := "https://raw.githubusercontent.com/isovalent/olm-for-cilium/main/manifests"
+	for _, n := range yamlFileNames {
+		stdout, err := ocClient.Run(
+			fmt.Sprintf("oc apply -f %s/cilium.v%s/%s", url, ciliumVersion, n))
+		time.Sleep(3 * time.Second)
+
+		if err != nil {
+			if strings.Contains(err.Error(), "Warning") {
+				stdout, err = ocClient.Run(
+					fmt.Sprintf("oc apply -f %s/cilium.v%s/%s", url, ciliumVersion, n))
+			}
+			if err != nil {
+				log.Logger.Errorf("%s:%s", stdout, err.Error())
+				return err
+			}
+		}
+	}
+
+	//Set PODCIDR/HOSTPREFIX in gobal var to replace in cilium.yml
+	podCIDRReValue := podCIDR[:(len(podCIDR))-3] + "\\" + podCIDR[(len(podCIDR)-3):]
+
+	//Use the right configuration for each network stack: data/resources/cilium.yaml
+	var fileName string = path.Join(config.Test.ResourcesDir, "cilium.yaml")
+
+	resultFile := path.Join(outputDir, "cilium.yaml")
+
+	_, _, err := occli.RunCMD(
+		fmt.Sprintf("cat %s | sed -e 's/HOSTPREFIX/%v/g' >> %s", fileName, hostPrefix, resultFile))
+	if err != nil {
+		return err
+	}
+	_, _, err = occli.RunCMD(
+		fmt.Sprintf("cat %s | sed -e 's/PODCIDR/%s/g' >> %s", resultFile, podCIDRReValue, resultFile))
+	if err != nil {
+		return err
+	}
+
+	stdout, err := ocClient.Run(fmt.Sprintf("oc apply -f %s", resultFile))
+	time.Sleep(3 * time.Second)
+	if err != nil {
+		log.Logger.Errorf("%s", stdout)
+		return err
+	}
+
+	return err
+}
+
+func GetKubeconfigDummyFunc() {
+	// TODO: create IDP to get kubeconfig
+	// Refer to OCM-9183
+}
diff --git a/tests/utils/exec/occli/cmd_client.go b/tests/utils/exec/occli/cmd_client.go
@@ -0,0 +1,66 @@
+package occli
+
+import (
+	"bytes"
+	"fmt"
+	"os/exec"
+	"strings"
+)
+
+type Client struct {
+	KubePath string
+}
+
+func NewOCClient(kubePath ...string) *Client {
+	ocClient := &Client{}
+	if len(kubePath) > 0 {
+		ocClient = &Client{
+			KubePath: kubePath[0],
+		}
+	} else {
+		DummyGetKubeConfigFromEnv()
+	}
+	return ocClient
+}
+
+type RunCMDError struct {
+	Stderr string
+	Err    error
+	CMD    string
+}
+
+func (ocClient Client) Run(cmd string, pipeCommands ...string) (stdout string, err error) {
+
+	var stderr string
+	fmt.Println(">> Running CMD: ", cmd)
+	var pipeCommand string
+	for _, command := range pipeCommands {
+		pipeCommand += fmt.Sprintf("|%s", command)
+	}
+	cmd = fmt.Sprintf("%s --kubeconfig %s %s", cmd, ocClient.KubePath, pipeCommand)
+	stdout, stderr, err = RunCMD(cmd)
+	if err != nil {
+		t := &RunCMDError{Stderr: stderr, Err: err, CMD: cmd}
+		err = t.Err
+	}
+	stdout = strings.TrimSuffix(stdout, "\n")
+	fmt.Println(">> Got STDOUT: ", stdout)
+	return
+}
+
+func RunCMD(cmd string) (stdout string, stderr string, err error) {
+	var stdoutput bytes.Buffer
+	var stderroutput bytes.Buffer
+	CMD := exec.Command("bash", "-c", cmd)
+	CMD.Stderr = &stderroutput
+	CMD.Stdout = &stdoutput
+	err = CMD.Run()
+	stdout = strings.TrimPrefix(stdoutput.String(), "\n")
+	stderr = strings.TrimPrefix(stderroutput.String(), "\n")
+	return
+}
+
+func DummyGetKubeConfigFromEnv() {
+	// login with oc cmd and then get the kubeconfig from  ~/.kube/config
+	// Refer to OCM-9183
+}
diff --git a/tests/utils/profilehandler/profile_handler.go b/tests/utils/profilehandler/profile_handler.go
@@ -556,6 +556,10 @@ func GenerateClusterCreateFlags(profile *Profile, client *rosacli.Client) ([]str
 	if profile.ClusterConfig.ExternalAuthConfig {
 		flags = append(flags, "--external-auth-providers-enabled")
 	}
+	if profile.ClusterConfig.NetworkType == "other" {
+		flags = append(flags, "--no-cni")
+		clusterConfiguration.Networking.Type = profile.ClusterConfig.NetworkType
+	}
 
 	return flags, nil
 }