Add CRC + download_tools helper

splits the repo in devsetup and os (OpenStack) part. devsetup
helps to setup CRC environment and download_tools to install all
required operator dev tools with the correct versions.

.gitignore

@@ -1 +1,2 @@
 out
+pull-secret.txt

README.md

@@ -1,9 +1,11 @@
 # k8s yaml generator/installer for Cloud Native OpenStack
 
-Scripts to automate Installing OpenStack in your *pre-installed* OpenShift environment.
+The main purpose is to provide scripts to automate installing OpenStack in your *pre-installed* OpenShift environment.
 
 Aside from generating Yaml and running *oc* commands to apply them to your cluster nothing in this repo should modify the local machine, require sudo, or make any changes to the local machine.
 
+Helper scripts to automate installing CRC and required tools with versions used in openstack-k8s-operators can be found in [CRC/tools deployment](devsetup/README.md). These scripts/playbook required sudo permissions.
+
 ## Goals
 
 1) WIP: Support installing individual operators for fast testing iteration
@@ -26,4 +28,3 @@ make mariadb MARIADB_IMG=quay.io/openstack-k8s-operators/mariadb-operator-index:
 make keystone KEYSTONE_IMG=quay.io/openstack-k8s-operators/keystone-operator-index:latest
 
 ```
-

devsetup/Makefile

@@ -0,0 +1,39 @@
+CRC_URL ?= 'https://developers.redhat.com/content-gateway/rest/mirror/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz'
+KUBEADMIN_PWD ?= 12345678
+PULL_SECRET  ?= ${PWD}/pull-secret.txt
+
+##@ General
+
+# The help target prints out all targets with their descriptions organized
+# beneath their categories. The categories are represented by '##@' and the
+# target descriptions by '##'. The awk commands is responsible for reading the
+# entire set of makefiles included in this invocation, looking for lines of the
+# file as xyz: ## something, and then pretty-format the target and help. Then,
+# if there's a line with ##@ something, that gets pretty-printed as a category.
+# More info on the usage of ANSI control characters for terminal formatting:
+# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters
+# More info on the awk command:
+# http://linuxcommand.org/lc3_adv_awk.php
+
+.PHONY: help
+help: ## Display this help.
+	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf "  \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
+
+##@ CRC
+.PHONY: crc
+crc: ## Deploys CRC using CRC_URL to download and install CRC, KUBEADMIN_PWD as the password which defaults to 12345678 and PULL_SECRET to specify the file containing the pull secret, defaults to ${PWD}/pull-secret.txt.
+	bash scripts/crc-setup.sh ${CRC_URL} ${KUBEADMIN_PWD} ${PULL_SECRET}
+
+.PHONY: crc_cleanup
+crc_cleanup: ## Destroys the CRC env, but does NOT clear ( --clear-cache ) the cache to save time on next setup.
+	crc delete --force
+	crc cleanup
+	sudo rm -f /etc/pki/ca-trust/source/anchors/crc-router-ca.pem
+	sudo update-ca-trust
+
+##@ Download required tools and versions
+.PHONY: download_tools
+download_tools: ## Runs an ansible playbook to install required tools with the versions to develop the service operators. The tools get installed in ~/bin and go in /usr/local/go (alternatives get used to set it as the system wide go version)
+	ANSIBLE_FORCE_COLOR=true ansible-playbook \
+	-v -i hosts \
+	download_tools.yaml

devsetup/README.md

@@ -0,0 +1,53 @@
+# CRC automation + tool deployment
+### CRC
+CRC installation requires sudo to create a NetworkManager dispatcher file in /etc/NetworkManager/dispatcher.d/99-crc.sh, also the post step to add the CRC cert to the system store to be able to access the image registry from the host system.
+
+* Get the pull secret from `https://cloud.redhat.com/openshift/create/local` and save it in `pull-secret.txt` of the repo dir, or set the `PULL_SECRET` env var to point to a different location.
+* `CRC_URL` and `KUBEADMIN_PWD` can be used to change requirements for CRC install
+
+```bash
+make crc
+```
+
+After the installation is complete, proceed with the OpenStack service provisioning.
+
+The steps it runs are the following:
+```bash
+# Pre req
+# verifies that the pull secret is located at $(pwd)/pull-secret.txt (get it from https://cloud.redhat.com/openshift/create/local)
+
+* install crc
+mkdir -p ~/bin
+curl -L https://developers.redhat.com/content-gateway/rest/mirror/pub/openshift-v4/clients/crc/latest/crc-linux-amd64.tar.xz | tar -U --strip-components=1 -C ~/bin -xJf - crc
+
+# config CRC
+crc config set consent-telemetry no
+crc config set kubeadmin-password ${KUBEADMIN_PWD}
+crc config set pull-secret-file ${PULL_SECRET_FILE}
+crc setup
+
+crc start
+
+# show kubeadmin and devel login detains
+crc console --credentials
+
+# add crc provided oc client to PATH
+eval $(${CRC_BIN} oc-env)
+
+# login to crc env
+oc login -u kubeadmin -p ${KUBEADMIN_PWD} https://api.crc.testing:6443
+
+# make sure you can push to the internal registry; without this step you'll get x509 errors
+echo -n "Adding router-ca to system certs to allow accessing the crc image registry"
+oc extract secret/router-ca --keys=tls.crt -n openshift-ingress-operator --confirm
+sudo cp -f tls.crt /etc/pki/ca-trust/source/anchors/crc-router-ca.pem
+sudo update-ca-trust
+```
+
+
+### tool deployment
+All tools and specific version to develop operators for this Cloud Native OpenStack approch can be deployed via the download_tools make target. All components which don't get installed via rpm get installed to $HOME/bin or /usr/local/bin (go/gofmt).
+
+```bash
+make download_tools
+```

devsetup/download_tools.yaml

@@ -0,0 +1,6 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts: localhost
+  vars_files: "vars/default.yaml"
+  roles:
+  - download_tools

devsetup/hosts

@@ -0,0 +1 @@
+localhost ansible_connection=local

devsetup/roles/download_tools/defaults/main.yaml

@@ -0,0 +1,17 @@
+---
+# kuttl version to use (must be specific version)
+kuttl_version: 0.9.0
+
+# Released version of the opm package (can be set to 'latest')
+opm_version: latest
+
+# operator-sdk version to use (must be specific version)
+#sdk_version: v0.19.2 - cnosp is right now based on that version
+sdk_version: v1.14.0
+
+# golang version
+go_version: 1.16.9
+
+# kustomize version to use (must be specific version)
+kustomize_version: v4.0.1
+

devsetup/roles/download_tools/tasks/main.yaml

@@ -0,0 +1,110 @@
+- name: Install build dependencies
+  become: true
+  become_user: root
+  package:
+    name:
+      - jq
+      - skopeo
+      - sqlite
+
+- name: Set opm download url suffix
+  set_fact: opm_url_suffix="latest/download"
+  when: opm_version is undefined or opm_version == "latest"
+
+- name: Set opm download url suffix
+  set_fact: opm_url_suffix="download/{{ opm_version }}"
+  when: opm_version is defined and opm_version != "latest"
+
+- name: Create $HOME/bin dir
+  file:
+    path: "{{ lookup('env', 'HOME') }}/bin"
+    state: directory
+    mode: '0755'
+
+- name: Download opm
+  get_url:
+    url: https://github.com/operator-framework/operator-registry/releases/{{ opm_url_suffix }}/linux-amd64-opm
+    dest: "{{ lookup('env', 'HOME') }}/bin/opm"
+    mode: '0755'
+    timeout: 30
+
+- name: Get version from sdk_version
+  set_fact: _sdk_version="{{ sdk_version | regex_search('v(.*)', '\\1') | first }}"
+
+- name: Set operator-sdk file for version < 1.3.0
+  set_fact: _operator_sdk_file="operator-sdk-{{ sdk_version }}-x86_64-linux-gnu"
+  when: _sdk_version is version('1.3.0', 'lt', strict=True )
+
+- name: Set operator-sdk file for version >= 1.3.0
+  set_fact: _operator_sdk_file="operator-sdk_linux_amd64"
+  when: _sdk_version is version('1.3.0', 'ge', strict=True )
+
+- name: Download operator-sdk
+  get_url:
+    url: https://github.com/operator-framework/operator-sdk/releases/download/{{ sdk_version }}/{{ _operator_sdk_file }}
+    dest: "{{ lookup('env', 'HOME') }}/bin/operator-sdk"
+    mode: '0755'
+    force: yes
+    timeout: 30
+
+- name: Download and extract kustomize
+  unarchive:
+    src: https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2F{{ kustomize_version }}/kustomize_{{ kustomize_version }}_linux_amd64.tar.gz
+    dest: "{{ lookup('env', 'HOME') }}/bin/"
+    remote_src: yes
+
+- name: Download kuttl
+  get_url:
+    url: https://github.com/kudobuilder/kuttl/releases/download/v{{ kuttl_version }}/kubectl-kuttl_{{ kuttl_version }}_linux_x86_64
+    dest: "{{ lookup('env', 'HOME') }}/bin/kubectl-kuttl"
+    mode: '0755'
+    timeout: 30
+
+- name: Set proper golang on the system
+  become: true
+  become_user: root
+  block:
+
+  - name: Deinstall golang
+    package:
+      state: absent
+      name:
+      - golang-bin
+      - golang-src
+      - golang
+
+  - name: Delete old go version installed from upstream
+    file:
+      path: "{{ item }}"
+      state: absent
+    with_items:
+    - /usr/local/go
+    - "{{ lookup('env', 'HOME') }}/bin/go"
+    - "{{ lookup('env', 'HOME') }}/bin/gofmt"
+    - /usr/local/bin/go
+    - /usr/local/bin/gofmt
+
+  - name: Download and extract golang
+    unarchive:
+      src: "https://golang.org/dl/go{{ go_version }}.linux-amd64.tar.gz"
+      dest: "/usr/local"
+      remote_src: yes
+      extra_opts:
+        - "--exclude"
+        - "go/misc"
+        - "--exclude"
+        - "go/pkg/linux_amd64_race"
+        - "--exclude"
+        - "go/test"
+
+  - name: set alternatives link to installed go version
+    shell: |
+      set -e
+      update-alternatives --install /usr/local/bin/{{ item }} {{ item }} /usr/local/go/bin/{{ item }} 1
+    with_items:
+    - go
+    - gofmt
+
+- name: Clean bash cache
+  debug:
+    msg: When move from rpm to upstream version, make sure to clean bash cache using `hash -d go`

devsetup/scripts/crc-setup.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+# set -x
+
+if [ "$EUID" -eq 0 ]
+  then echo "Please do not run as root."
+  exit
+fi
+
+CRC_URL=$1
+KUBEADMIN_PWD=$2
+PULL_SECRET_FILE=$3
+
+if [ -z "${CRC_URL}" ]; then
+  echo "Please set CRC_URL as ARG1"; exit 1
+fi
+if [ -z "${KUBEADMIN_PWD}" ]; then
+  echo "Please set KUBEADMIN_PWD as ARG2"; exit 1
+fi
+if [ -z "${PULL_SECRET_FILE}" ]; then
+  echo "Please set PULL_SECRET_FILE as ARG3"; exit 1
+fi
+# verify pull secret file exist
+if [ ! -f "${PULL_SECRET_FILE}" ]; then
+  echo "Pull secret file ${PULL_SECRET_FILE} does not exist, Please download from https://cloud.redhat.com/openshift/create/local"; exit 1
+fi
+
+CRC_BIN=$(which crc)
+if [ -z "${CRC_BIN}" ]; then
+  mkdir -p ~/bin
+  curl -L "${CRC_URL}" | tar -U --strip-components=1 -C ~/bin -xJf - *crc
+  CRC_BIN=$(which crc)
+fi
+
+# config CRC
+${CRC_BIN} config set consent-telemetry no
+${CRC_BIN} config set kubeadmin-password ${KUBEADMIN_PWD}
+${CRC_BIN} config set pull-secret-file ${PULL_SECRET_FILE}
+# Executing systemctl action failed:  exit status 1: Failed to connect to bus: No such file or directory
+# https://github.com/code-ready/crc/issues/2674
+crc config set skip-check-daemon-systemd-unit true
+crc config set skip-check-daemon-systemd-sockets true
+${CRC_BIN} setup
+
+${CRC_BIN} start
+${CRC_BIN} console --credentials # get the kubeadmin login and then login
+
+# add crc provided oc client to PATH
+eval $(${CRC_BIN} oc-env)
+
+# login to crc env
+oc login -u kubeadmin -p ${KUBEADMIN_PWD} https://api.crc.testing:6443
+
+# make sure you can push to the internal registry; without this step you'll get x509 errors
+echo -n "Adding router-ca to system certs to allow accessing the crc image registry"
+oc extract secret/router-ca --keys=tls.crt -n openshift-ingress-operator --confirm --to=/tmp
+sudo cp -f /tmp/tls.crt /etc/pki/ca-trust/source/anchors/crc-router-ca.pem
+sudo update-ca-trust

devsetup/vars/default.yaml

@@ -0,0 +1,12 @@
+---
+# Released version of the opm package (can be set to 'latest')
+opm_version: latest
+
+# operator-sdk version to use (must be specific version)
+sdk_version: v1.20.0
+
+# golang version
+go_version: 1.17.9
+
+# kustomize version to use (must be specific version)
+kustomize_version: v4.5.4