Skip to content

Commit

Permalink
Merge pull request ceph#9 from subhamkrai/add-ci
Browse files Browse the repository at this point in the history 
ci: adding CI for flex migration and linters
  • Loading branch information
@Yuggupta27
Yuggupta27 authored Oct 25, 2021
2 parents 59301b8 + 7e7c1c1 commit 61f74d4
Show file tree
Hide file tree
Showing 6 changed files with 392 additions and 24 deletions.
49 changes: 49 additions & 0 deletions .github/workflows/flex-migration-test.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Migrate-to-Flex
on:
pull_request:

defaults:
run:
# reference: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell
shell: bash --noprofile --norc -eo pipefail -x {0}

jobs:
Intree-test:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: setup minikube
uses: manusa/actions-setup-minikube@v2.4.2
with:
minikube version: 'v1.23.2'
kubernetes version: 'v1.22.2'
start args: --memory 6g --cpus=2
github token: ${{ secrets.GITHUB_TOKEN }}

- name: print k8s cluster status
run: |
minikube status
kubectl get nodes
- name: use local disk
run: tests/script/github_action_helper.sh use_local_disk

- name: Install yq
run: |
sudo wget -O /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/3.3.0/yq_linux_amd64
sudo chmod +x /usr/local/bin/yq
- name: setup flex
run: tests/script/github_action_helper.sh deploy_rook_ceph_with_flex

- name: test flex migration
run: tests/script/github_action_helper.sh test_flex_migration

- name: setup tmate session for debugging when event is PR
if: failure()
uses: mxschmitt/action-tmate@v3
timeout-minutes: 300
24 changes: 0 additions & 24 deletions .github/workflows/get-runner-access.yaml
View file

This file was deleted.

16 changes: 16 additions & 0 deletions .github/workflows/shellcheck.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
name: ShellCheck
on:
pull_request:

jobs:
shellcheck:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
severity: warning
check_together: 'yes'
disable_matcher: false
153 changes: 153 additions & 0 deletions tests/manifests/modified_common.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,153 @@
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-tools
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get", "list", "watch", "create", "delete", "update", "patch"]
- apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get", "list", "watch", "update", "delete", "create","patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: ["storage.k8s.io"]
resources: ["volumeattachments/status"]
verbs: ["patch"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "watch", "create", "update", "patch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshots"]
verbs: ["get", "list", "watch", "update"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents"]
verbs: ["create", "get", "list", "watch", "update", "delete"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotclasses"]
verbs: ["get", "list", "watch"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshotcontents/status"]
verbs: ["update"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["create", "list", "watch", "delete", "get", "update"]
- apiGroups: ["snapshot.storage.k8s.io"]
resources: ["volumesnapshots/status"]
verbs: ["update"]
- apiGroups: [""]
resources: ["persistentvolumeclaims/status"]
verbs: ["update", "patch"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get"]
- apiGroups: ["replication.storage.openshift.io"]
resources: ["volumereplications", "volumereplicationclasses"]
verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
- apiGroups: ["replication.storage.openshift.io"]
resources: ["volumereplications/finalizers"]
verbs: ["update"]
- apiGroups: ["replication.storage.openshift.io"]
resources: ["volumereplications/status"]
verbs: ["get", "patch", "update"]
- apiGroups: ["replication.storage.openshift.io"]
resources: ["volumereplicationclasses/status"]
verbs: ["get"]
- apiGroups: [""]
resources: ["serviceaccounts"]
verbs: ["get"]
---

# Allow the ceph osd to access cluster-wide resources necessary for determining their topology location
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-tools
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: rook-ceph-tools
subjects:
- kind: ServiceAccount
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster

---
apiVersion: v1
kind: ServiceAccount
metadata:
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster
# imagePullSecrets:
# - name: my-registry-secret

# OLM: END SERVICE ACCOUNT OSD
# OLM: BEGIN SERVICE ACCOUNT MGR
---

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster
rules:
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["get", "list", "watch", "create", "update", "delete"]
- apiGroups: ["ceph.rook.io"]
resources: ["cephclusters", "cephclusters/finalizers"]
verbs: ["get", "list", "create", "update", "delete"]
---


# Allow the osd pods in this namespace to work with configmaps
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rook-ceph-tools
subjects:
- kind: ServiceAccount
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: rook-ceph-tools-psp
namespace: rook-ceph # namespace:cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: psp:rook
subjects:
- kind: ServiceAccount
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster
---
57 changes: 57 additions & 0 deletions tests/manifests/toolbox.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
# source https://github.com/rook/rook

apiVersion: apps/v1
kind: Deployment
metadata:
name: rook-ceph-tools
namespace: rook-ceph # namespace:cluster
labels:
app: rook-ceph-tools
spec:
replicas: 1
selector:
matchLabels:
app: rook-ceph-tools
template:
metadata:
labels:
app: rook-ceph-tools
spec:
serviceAccountName: rook-ceph-tools # only this field was newly added
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: rook-ceph-tools
image: rook/ceph:v1.7.5
command: ["/tini"]
args: ["-g", "--", "/usr/local/bin/toolbox.sh"]
imagePullPolicy: IfNotPresent
env:
- name: ROOK_CEPH_USERNAME
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: ceph-username
- name: ROOK_CEPH_SECRET
valueFrom:
secretKeyRef:
name: rook-ceph-mon
key: ceph-secret
volumeMounts:
- mountPath: /etc/ceph
name: ceph-config
- name: mon-endpoint-volume
mountPath: /etc/rook
volumes:
- name: mon-endpoint-volume
configMap:
name: rook-ceph-mon-endpoints
items:
- key: data
path: mon-endpoints
- name: ceph-config
emptyDir: {}
tolerations:
- key: "node.kubernetes.io/unreachable"
operator: "Exists"
effect: "NoExecute"
tolerationSeconds: 5
Loading

0 comments on commit 61f74d4

Please sign in to comment.