3 # ============LICENSE_START====================================================
4 # Copyright (C) 2022-2024 Nordix Foundation.
5 # =============================================================================
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
18 # SPDX-License-Identifier: Apache-2.0
19 # ============LICENSE_END======================================================
21 # This script spins up kubernetes cluster in Microk8s for deploying policy helm charts.
22 # Runs CSITs in kubernetes.
24 WORKSPACE=$(git rev-parse --show-toplevel)
27 export GERRIT_BRANCH=$(awk -F= '$1 == "defaultbranch" { print $2 }' "${WORKSPACE}"/.gitreview)
29 CSIT_SCRIPT="scripts/run-test.sh"
30 ROBOT_DOCKER_IMAGE="policy-csit-robot"
31 POLICY_CLAMP_ROBOT="policy-clamp-test.robot"
32 POLICY_API_ROBOT="api-test.robot api-slas.robot"
33 POLICY_PAP_ROBOT="pap-test.robot pap-slas.robot"
34 POLICY_APEX_PDP_ROBOT="apex-pdp-test.robot apex-slas.robot"
35 POLICY_XACML_PDP_ROBOT="xacml-pdp-test.robot"
36 POLICY_DROOLS_PDP_ROBOT="drools-pdp-test.robot"
37 POLICY_DISTRIBUTION_ROBOT="distribution-test.robot"
39 POLICY_API_CONTAINER="policy-api"
40 POLICY_PAP_CONTAINER="policy-pap"
41 POLICY_CLAMP_CONTAINER="policy-clamp-runtime-acm"
42 POLICY_APEX_CONTAINER="policy-apex-pdp"
43 POLICY_DROOLS_CONTAINER="policy-drools-pdp"
44 POLICY_XACML_CONTAINER="policy-xacml-pdp"
45 POLICY_DISTRIBUTION_CONTAINER="policy-distribution"
46 POLICY_K8S_PPNT_CONTAINER="policy-clamp-ac-k8s-ppnt"
47 POLICY_HTTP_PPNT_CONTAINER="policy-clamp-ac-http-ppnt"
48 POLICY_PF_PPNT_CONTAINER="policy-clamp-ac-pf-ppnt"
49 KAFKA_CONTAINER="kafka-deployment"
50 ZK_CONTAINER="zookeeper-deployment"
51 KAFKA_DIR=${WORKSPACE}/helm/cp-kafka
54 DISTRIBUTION_CSAR=${WORKSPACE}/csit/resources/tests/data/csar
55 DIST_TEMP_FOLDER=/tmp/distribution
59 export ROBOT_LOG_DIR=${WORKSPACE}/csit/archives
60 export READINESS_CONTAINERS=()
63 function spin_microk8s_cluster() {
64 echo "Verify if Microk8s cluster is running.."
68 if [ "$exitcode" -ne 0 ]; then
69 echo "Microk8s cluster not available, Spinning up the cluster.."
70 sudo snap install microk8s --classic --channel=1.26/stable
72 if [ "${?}" -ne 0 ]; then
73 echo "Failed to install kubernetes cluster. Aborting.."
76 echo "Microk8s cluster installed successfully"
77 sudo usermod -a -G microk8s $USER
78 echo "Enabling DNS and helm3 plugins"
79 sudo microk8s.enable dns helm3 hostpath-storage
80 echo "Creating configuration file for Microk8s"
81 sudo mkdir -p $HOME/.kube
82 sudo chown -R $USER:$USER $HOME/.kube
83 sudo microk8s kubectl config view --raw >$HOME/.kube/config
84 sudo chmod 600 $HOME/.kube/config
85 echo "K8s installation completed"
86 echo "----------------------------------------"
88 echo "K8s cluster is already running"
89 echo "----------------------------------------"
95 function install_kafka() {
96 echo "Installing Confluent kafka"
97 kubectl apply -f $KAFKA_DIR/zookeeper.yaml
98 kubectl apply -f $KAFKA_DIR/kafka.yaml
99 echo "----------------------------------------"
102 function uninstall_policy() {
103 echo "Removing the policy helm deployment"
104 sudo microk8s helm uninstall csit-policy
105 sudo microk8s helm uninstall prometheus
106 sudo microk8s helm uninstall csit-robot
107 sudo kubectl delete deploy $ZK_CONTAINER $KAFKA_CONTAINER
108 rm -rf ${WORKSPACE}/helm/policy/Chart.lock
109 if [ "$PROJECT" == "clamp" ] || [ "$PROJECT" == "policy-clamp" ]; then
110 sudo microk8s helm uninstall policy-chartmuseum
111 sudo microk8s helm repo remove chartmuseum-git policy-chartmuseum
113 sudo rm -rf /dockerdata-nfs/mariadb-galera/
114 sudo microk8s kubectl delete pvc --all
115 echo "Policy deployment deleted"
116 echo "Clean up docker"
117 docker image prune -f
120 function teardown_cluster() {
121 echo "Removing k8s cluster and k8s configuration file"
122 sudo snap remove microk8s;rm -rf $HOME/.kube/config
123 echo "MicroK8s Cluster removed"
126 function build_robot_image() {
127 echo "Build docker image for robot framework"
128 cd ${WORKSPACE}/csit/resources || exit
130 if [ "${PROJECT}" == "distribution" ] || [ "${PROJECT}" == "policy-distribution" ]; then
133 echo "Build robot framework docker image"
134 docker login -u docker -p docker nexus3.onap.org:10001
135 docker build . --file Dockerfile \
136 --build-arg CSIT_SCRIPT="$CSIT_SCRIPT" \
137 --build-arg ROBOT_FILE="$ROBOT_FILE" \
138 --tag "${ROBOT_DOCKER_IMAGE}" --no-cache
139 echo "---------------------------------------------"
142 function start_csit() {
144 if [ "${?}" -eq 0 ]; then
145 echo "Importing robot image into microk8s registry"
146 docker save -o policy-csit-robot.tar ${ROBOT_DOCKER_IMAGE}:latest
147 sudo microk8s ctr image import policy-csit-robot.tar
148 rm -rf ${WORKSPACE}/csit/resources/policy-csit-robot.tar
149 rm -rf ${WORKSPACE}/csit/resources/tests/models/
150 echo "---------------------------------------------"
151 if [ "$PROJECT" == "clamp" ] || [ "$PROJECT" == "policy-clamp" ]; then
152 POD_READY_STATUS="0/1"
153 while [[ ${POD_READY_STATUS} != "1/1" ]]; do
154 echo "Waiting for chartmuseum pod to come up..."
156 POD_READY_STATUS=$(sudo microk8s kubectl get pods | grep -e "policy-chartmuseum" | awk '{print $2}')
160 echo "Installing Robot framework pod for running CSIT"
162 mkdir -p ${ROBOT_LOG_DIR}
163 sudo microk8s helm install csit-robot robot --set robot="$ROBOT_FILE" --set "readiness={${READINESS_CONTAINERS[*]}}" --set robotLogDir=$ROBOT_LOG_DIR
168 function print_robot_log() {
170 while [[ ${count_pods} -eq 0 ]]; do
171 echo "Waiting for pods to come up..."
173 count_pods=$(sudo microk8s kubectl get pods --output name | wc -l)
175 robotpod=$(sudo microk8s kubectl get po | grep policy-csit)
176 podName=$(echo "$robotpod" | awk '{print $1}')
177 echo "The robot tests will begin once the policy components {${READINESS_CONTAINERS[*]}} are up and running..."
178 sudo microk8s kubectl wait --for=jsonpath='{.status.phase}'=Running --timeout=18m pod/"$podName"
179 echo "Policy deployment status:"
180 sudo microk8s kubectl get po
181 sudo microk8s kubectl get all -A
182 echo "Robot Test logs:"
183 sudo microk8s kubectl logs -f "$podName"
186 function clone_models() {
188 # download models examples
189 git clone -b "${GERRIT_BRANCH}" --single-branch https://github.com/onap/policy-models.git "${WORKSPACE}"/csit/resources/tests/models
191 # create a couple of variations of the policy definitions
192 sed -e 's!Measurement_vGMUX!ADifferentValue!' \
193 tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.json \
194 >tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.v1_2.json
196 sed -e 's!"version": "1.0.0"!"version": "2.0.0"!' \
197 -e 's!"policy-version": 1!"policy-version": 2!' \
198 tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.json \
199 >tests/models/models-examples/src/main/resources/policies/vCPE.policy.monitoring.input.tosca.v2.json
202 function copy_csar_file() {
203 zip -F ${DISTRIBUTION_CSAR}/sample_csar_with_apex_policy.csar \
204 --out ${DISTRIBUTION_CSAR}/csar_temp.csar -q
205 # Remake temp directory
206 sudo rm -rf "${DIST_TEMP_FOLDER}"
207 sudo mkdir "${DIST_TEMP_FOLDER}"
208 sudo cp ${DISTRIBUTION_CSAR}/csar_temp.csar ${DISTRIBUTION_CSAR}/temp.csar
209 sudo mv ${DISTRIBUTION_CSAR}/temp.csar ${DIST_TEMP_FOLDER}/sample_csar_with_apex_policy.csar
212 function set_project_config() {
213 echo "Setting project configuration for: $PROJECT"
216 clamp | policy-clamp)
217 export ROBOT_FILE=$POLICY_CLAMP_ROBOT
218 export READINESS_CONTAINERS=($POLICY_CLAMP_CONTAINER,$POLICY_APEX_CONTAINER,$POLICY_PF_PPNT_CONTAINER,$POLICY_K8S_PPNT_CONTAINER,
219 $POLICY_HTTP_PPNT_CONTAINER)
220 export SET_VALUES="--set $POLICY_CLAMP_CONTAINER.enabled=true --set $POLICY_APEX_CONTAINER.enabled=true
221 --set $POLICY_PF_PPNT_CONTAINER.enabled=true --set $POLICY_K8S_PPNT_CONTAINER.enabled=true --set $POLICY_HTTP_PPNT_CONTAINER.enabled=true"
226 export ROBOT_FILE=$POLICY_API_ROBOT
227 export READINESS_CONTAINERS=($POLICY_API_CONTAINER)
231 export ROBOT_FILE=$POLICY_PAP_ROBOT
232 export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_PAP_CONTAINER,$POLICY_API_CONTAINER,$POLICY_XACML_CONTAINER)
233 export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true --set $POLICY_XACML_CONTAINER.enabled=true"
236 apex-pdp | policy-apex-pdp)
237 export ROBOT_FILE=$POLICY_APEX_PDP_ROBOT
238 export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER)
239 export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true"
242 xacml-pdp | policy-xacml-pdp)
243 export ROBOT_FILE=($POLICY_XACML_PDP_ROBOT)
244 export READINESS_CONTAINERS=($POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,$POLICY_XACML_CONTAINER)
245 export SET_VALUES="--set $POLICY_XACML_CONTAINER.enabled=true"
248 drools-pdp | policy-drools-pdp)
249 export ROBOT_FILE=($POLICY_DROOLS_PDP_ROBOT)
250 export READINESS_CONTAINERS=($POLICY_DROOLS_CONTAINER)
251 export SET_VALUES="--set $POLICY_DROOLS_CONTAINER.enabled=true"
254 distribution | policy-distribution)
255 export ROBOT_FILE=($POLICY_DISTRIBUTION_ROBOT)
256 export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,
257 $POLICY_DISTRIBUTION_CONTAINER)
258 export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true --set $POLICY_DISTRIBUTION_CONTAINER.enabled=true"
262 echo "Unknown project supplied. Enabling all policy charts for the deployment"
263 export READINESS_CONTAINERS=($POLICY_APEX_CONTAINER,$POLICY_API_CONTAINER,$POLICY_PAP_CONTAINER,
264 $POLICY_DISTRIBUTION_CONTAINER,$POLICY_DROOLS_CONTAINER,$POLICY_XACML_CONTAINER,
265 $POLICY_CLAMP_CONTAINER,$POLICY_PF_PPNT_CONTAINER,$POLICY_K8S_PPNT_CONTAINER,
266 $POLICY_HTTP_PPNT_CONTAINER)
267 export SET_VALUES="--set $POLICY_APEX_CONTAINER.enabled=true --set $POLICY_XACML_CONTAINER.enabled=true
268 --set $POLICY_DISTRIBUTION_CONTAINER.enabled=true --set $POLICY_DROOLS_CONTAINER.enabled=true
269 --set $POLICY_CLAMP_CONTAINER.enabled=true --set $POLICY_PF_PPNT_CONTAINER.enabled=true
270 --set $POLICY_K8S_PPNT_CONTAINER.enabled=true --set $POLICY_HTTP_PPNT_CONTAINER.enabled=true"
276 function install_chartmuseum () {
277 echo "Installing Chartmuseum helm repository..."
278 sudo microk8s helm repo add chartmuseum-git https://chartmuseum.github.io/charts
279 sudo microk8s helm repo update
280 sudo microk8s helm install policy-chartmuseum chartmuseum-git/chartmuseum --set env.open.DISABLE_API=false --set service.type=NodePort --set service.nodePort=30208
281 sudo microk8s helm plugin install https://github.com/chartmuseum/helm-push
282 echo "---------------------------------------------"
285 function push_acelement_chart() {
286 echo "Pushing acelement chart to the chartmuseum repo..."
287 sudo microk8s helm repo add policy-chartmuseum http://localhost:30208
289 # download clamp repo
290 git clone -b "${GERRIT_BRANCH}" --single-branch https://github.com/onap/policy-clamp.git "${WORKSPACE}"/csit/resources/tests/clamp
291 ACELEMENT_CHART=${WORKSPACE}/csit/resources/tests/clamp/examples/src/main/resources/clamp/acm/acelement-helm/acelement
292 sudo microk8s helm cm-push $ACELEMENT_CHART policy-chartmuseum
293 sudo microk8s helm repo update
294 rm -rf ${WORKSPACE}/csit/resources/tests/clamp/
295 echo "-------------------------------------------"
298 function get_pod_name() {
299 microk8s kubectl get pods --no-headers -o custom-columns=':metadata.name' | grep $1
302 wait_for_pods_running() {
305 local timeout_seconds="$1"
308 IFS=',' read -ra pod_names <<< "$1"
311 local pending_pods=("${pod_names[@]}")
314 start_time=$(date +%s)
316 while [ ${#pending_pods[@]} -gt 0 ]; do
318 current_time=$(date +%s)
320 elapsed_time=$((current_time - start_time))
322 if [ "$elapsed_time" -ge "$timeout_seconds" ]; then
323 echo "Timed out waiting for all pods to reach 'Running' state."
327 local newly_running_pods=()
329 for pod_name_prefix in "${pending_pods[@]}"; do
330 local pod_name=$(get_pod_name "$pod_name_prefix")
332 pod_status=$(kubectl get pod "$pod_name" -n "$namespace" --no-headers -o custom-columns=STATUS:.status.phase 2>/dev/null)
334 if [ "$pod_status" == "Running" ]; then
335 echo "Pod '$pod_name' in namespace '$namespace' is now in 'Running' state."
337 newly_running_pods+=("$pod_name")
338 echo "Waiting for pod '$pod_name' in namespace '$namespace' to reach 'Running' state..."
342 pending_pods=("${newly_running_pods[@]}")
347 echo "All specified pods are in the 'Running' state. Exiting the function."
361 if [ $OPERATION == "install" ]; then
362 spin_microk8s_cluster
363 if [ "${?}" -eq 0 ]; then
364 export KAFKA_CONTAINERS=($KAFKA_CONTAINER,$ZK_CONTAINER)
366 wait_for_pods_running default 300 $KAFKA_CONTAINERS
368 echo "Installing policy helm charts in the default namespace"
369 source ${WORKSPACE}/compose/get-k8s-versions.sh
370 if [ $LOCALIMAGE == "true" ]; then
371 echo "loading local image"
372 source ${WORKSPACE}/compose/get-versions.sh
373 ${WORKSPACE}/compose/loaddockerimage.sh
375 cd ${WORKSPACE}/helm || exit
376 sudo microk8s helm dependency build policy
377 sudo microk8s helm install csit-policy policy ${SET_VALUES}
378 sudo microk8s helm install prometheus prometheus
379 wait_for_pods_running default 300 $READINESS_CONTAINERS
380 echo "Policy chart installation completed"
381 echo "-------------------------------------------"
384 if [ "$PROJECT" ]; then
385 export ROBOT_LOG_DIR=${WORKSPACE}/csit/archives/${PROJECT}
386 echo "CSIT will be invoked from $ROBOT_FILE"
387 echo "Readiness containers: ${READINESS_CONTAINERS[*]}"
388 echo "-------------------------------------------"
391 echo "No project supplied for running CSIT"
394 elif [ $OPERATION == "uninstall" ]; then
397 elif [ $OPERATION == "clean" ]; then
401 echo "Invalid arguments provided. Usage: $0 [options..] {install {project_name} | uninstall | clean} {uselocalimage = true/false}"