Opensource integrated CI

[shailesh-vaidya]

We need to create mechanism to build integrated build for all CORTX components. Same is requested in Seagate/cortx#204 . This ticket is to track development for this.

Plan -

• Create Docker image with required dependency packages and configuration for building CORTX component.
• Image will have Makefile which contains targets/steps to build components packages.
• End user will clone https://github.com/Seagate/cortx repo and execute docker command like docker run -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace cortx_build:7.7.1908 make clean cortx-prvsnr
• After successful execution rpm's will be available at /var/artifacts/

[shailesh-vaidya]

We have created cortx_build:7.7.1908 image. I have reused Makefile created by @gowthamchinna to build component packages. Currently this image support's building all control path components i.e.. provisioner, cortx-manager, cortx-management-portal, cortx-monitor etc.

Steps,

• Pull cortx_build:7.7.1908 image.

 export GITHUB_TOKEN=<GitHub Token>
 echo $GITHUB_TOKEN | docker login https://docker.pkg.github.com -u <User Name> --password-stdin
 docker pull docker.pkg.github.com/seagate/cortx-re/cortx_build:7.7.1908

• Clone https://github.com/Seagate/cortx in recursive mode.
  git clone https://github.com/Seagate/cortx --recursive

• Execute docker run command to build rpm's
  docker run -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace cortx_build:7.7.1908 make control-path

• After successful execution rpm's will be available at /var/artifacts/1/

Next Steps:

• Add support for IO path components i.e.. Motr, S3server, Hare and NFS
• Reduce Docker image size.

👋 Can you please review and suggest improvements.
@johnbent @amolkongre @justinzw @mukul-seagate11 @gauravchaudhari02 @pujamudaliar @venkuppu-chn @balajiramachandran-seagate @gowthamchinna

[mukul-seagate11]

One suggestion to add step for scan docker images, automatically find and fix vulnerabilities in docker images i.e. https://app.snyk.io/login

[shailesh-vaidya]

Added support for IO path also now. Please follow below steps to generate all component packages.

• Setup CentOS 7.8.2003 VM

• Install docker packages on it.

• Login to GitHub Docker

 echo  <GitHub Token> | docker login https://docker.pkg.github.com -u <User Name> --password-stdin

• Clone CORTX repo

git clone https://github.com/Seagate/cortx --recursive

• Execute below command,

docker run -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace docker.pkg.github.com/seagate/cortx-re/cortx-build:centos-7.8.2003 make clean build

• It takes around 55 mins to build all packages. After successful completion rpms will be available at /var/artifacts/1/

ls -l /var/artifacts/1/ 

Next Steps

• Reduce docker image size.
• Improve docker run command.

@Seagate/cortx-devops @gowthamchinna @swatiseagate Please test and let me know feedback

[shailesh-vaidya]

Updated centos-7.7.1908 image with latest build steps. Latest docker image along with steps is available at https://github.com/Seagate/cortx-re/packages/445892?version=centos-7.7.1908

[johnbent]

This is excellent work @shailesh-vaidya ! One question I have however is what is the process after the RPM's are built? How would someone run them? How would someone be able to combine them all into a working OVA?

[shailesh-vaidya]

@johnbent Thanks. I am planning to add steps like, yum repo creation, rpm signing etc. so that on dev system /var/artifacts/0 will be similar to CORTX integrated build.
However for user to deploy using locally build packages we need to make third party dependency packages available over GitHub for download. So that release build (CORTX packages + Third Party dependencies) will be available locally.
After that we can follow Provisioner instructions to deploy CORTX on VM and VMware api to extract OVA out of it. We may use scripts created by @gauravchaudhari02 for this. Need to verify and test,

[gauravchaudhari02]

Added support for IO path also now. Please follow below steps to generate all component packages.

• Setup CentOS 7.8.2003 VM
• Install docker packages on it.
• Login to GitHub Docker

 echo  <GitHub Token> | docker login https://docker.pkg.github.com -u <User Name> --password-stdin

• Clone CORTX repo

git clone https://github.com/Seagate/cortx --recursive

• Execute below command,

docker run -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace docker.pkg.github.com/seagate/cortx-re/cortx-build:centos-7.8.2003 make clean build

• It takes around 55 mins to build all packages. After successful completion rpms will be available at /var/artifacts/1/

ls -l /var/artifacts/1/ 

Next Steps

• Reduce docker image size.
• Improve docker run command.

@Seagate/cortx-devops @gowthamchinna @swatiseagate Please test and let me know feedback

@shailesh-vaidya @johnbent, I have tested the mentioned steps, and looks like it is working fine and creating all component rpms. 👍🏼

[shailesh-vaidya]

Added following functionalities for opensource ci -

• Added support for CentOS 7.8.2003
• Included Third party packages in release.
• Moved docker images from GitHub packages to GitHub Docker registry.
• Added ISO generation target.

We can use following steps to generate release build on any VM outside Seagate network

• Setup CentOS 7.8.2003 system. You can use Virtual Machine also.

• Install docker packages on it. You can refer - https://docs.docker.com/engine/install/centos/

• Login to GitHub Docker. This is required as cortx-build image is not made public yet. Once we keep image in public repo this steps can be omitted.
  echo | docker login ghcr.io -u USERNAME --password-stdin

• Clone CORTX repo at /root. You can use any location to clone repo. Just replace /root/cortx with location where repo is cloned.
  cd /root && git clone https://github.com/Seagate/cortx --recursive

• Build CORTX artifacts using docker run as below

  time docker run --rm -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace -e GITHUB_TOKEN=$GITHUB_TOKEN ghcr.io/seagate/cortx-re/cortx-build:centos-7.8.2003 make clean build

  Currently Third party packages are stored in cortx-re repo at https://github.com/Seagate/cortx-re/releases/tag/third-party-deps-1.0.0-2 . As It's private repo as of now hence need to pass GITHUB_TOKEN . It will not be required once we move Third party packages to cortx repo

  By default it will not create ISO. To generate ISO execute docker run --rm -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace ghcr.io/seagate/cortx-re/cortx-build:centos-7.8.2003 make iso_generation . You can append iso_generation target in make build command also.

• After docker run execution is complete release build will be available at,

  [root@ssc-vm-1321 opensource-ci]# ll /var/artifacts/0/
  total 824368
  drwxr-xr-x 10 root root 4096 Dec 16 05:34 3rd_party
  drwxr-xr-x 3 root root 4096 Dec 16 05:23 cortx_iso
  drwxr-xr-x 2 root root 4096 Dec 16 05:49 iso

[johnbent]

@shailesh-vaidya , excellent progress! Can you please remind me why cortx-re is private? I suggest we make it public (unless there is some good reason to keep it private).

As we continue making progress here, I think these instructions and commands should go into a Makefile in the cortx parent repo. Is that the plan?

@justinzw , can you attempt to follow these instructions please and see if they work for you?

[shailesh-vaidya]

Hi @johnbent - Yes we should make cortx-re open eventually. I have created tasks for license and secret text review as below.
EOS-15465 Review license information for tools, scripts used in cortx-re repo
EOS-15466 Review secret text, passwords or keys in cortx-re repo

@pujamudaliar is working on them. Once we are good with these report we should be good to make cortx-re public.

For now - We can make cortx-build:centos-7.8.2003 image public and add document to use it for generating packages locally.

[johnbent]

Thanks Shailesh!

…

________________________________ From: Shailesh Vadiya <notifications@github.com> Sent: Thursday, December 17, 2020 6:15 AM To: Seagate/cortx-re <cortx-re@noreply.github.com> Cc: John Bent <john.bent@seagate.com>; Mention <mention@noreply.github.com> Subject: Re: [Seagate/cortx-re] Opensource integrated CI (#89) Hi @johnbent<https://github.com/johnbent> - Yes we should make cortx-re open eventually. I have created tasks for license and secret text review as below. EOS-15465 Review license information for tools, scripts used in cortx-re repo EOS-15466 Review secret text, passwords or keys in cortx-re repo @pujamudaliar<https://github.com/pujamudaliar> is working on them. Once we are good with these report we should be good to make cortx-re public. For now - We can make cortx-build:centos-7.8.2003 image public and add document to use it for generating packages locally. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#89 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAPT2PTT5EXMIROIN3FPOQDSVH765ANCNFSM4R4TVWIA>.

[shailesh-vaidya]

Added help options to docker image to make it easy for developers to use.

[root@ssc-vm-1321 opensource-ci]# time docker run --rm -v /var/artifacts:/var/artifacts -v /root/cortx:/cortx-workspace -e GITHUB_TOKEN=$GITHUB_TOKEN ghcr.io/seagate/cortx-re/cortx-build:centos-7.8.2003 make
usage: make "target"

Please clone required component repositories in cortx-workspace directory before executing respective targets.

targets:
    help: print this help message.
    clean: remove existing /var/artifacts/0 directory.
    build: generate complete CORTX build including third-party-deps at "/var/artifacts/0"
    control-path: generate control-path packages. cortx-provisioner, cortx-monitor, cortx-manager, cortx-management-portal and cortx-ha.
    io-path: generate io-path packages. cortx-motr, cortx-s3server and cortx-hare.
    cortx-motr: generate cortx-motr packages.
    cortx-s3server: generate cortx-s3server packages.
    cortx-hare: generate cortx-hare packages.
    cortx-ha: generate cortx-ha packages.
    cortx-management-portal: generate cortx-management-portal packages.
    cortx-manager: generate cortx-manager packages.
    cortx-monitor: generate cortx-monitor packages.
    cortx-posix: generate cortx-posix (NFS) packages.
    cortx-prvsnr: generate cortx-prvsnr packages.
    iso_generation: generate ISO file from release build.

real    0m0.786s
user    0m0.045s
sys     0m0.059s
[root@ssc-vm-1321 opensource-ci]#

[johnbent]

@shailesh-vaidya , this looks awesome!

[shailesh-vaidya]

Docker image is ready and available at ghcr.io/seagate/cortx-build:centos-7.8.2003
We can make this docker image public without making https://github.com/Seagate/cortx-re repo public. Hence only pending tasks are,

• Document steps and add it to https://github.com/Seagate/cortx repo - @VenkyOS is working on this.
• Create GitHub Release similar as https://github.com/Seagate/cortx-re/releases/tag/third-party-deps-1.0.0-2 in https://github.com/Seagate/cortx repo.
• Make https://github.com/orgs/Seagate/packages/container/package/cortx-build public.

[shailesh-vaidya]

All tasks are done.

We have published docker image to build entire CORTX at https://github.com/orgs/Seagate/packages/container/package/cortx-build

Instructions to build CORTX packages using this Docker image is documented at - https://github.com/Seagate/cortx/blob/main/doc/Release_Build_Creation.rst