Add scs-0210-v2 and scs-0214-v1 zuul checks

Signed-off-by: Matej Feder <matej.feder@dnation.cloud>
SovereignCloudStack · Mar 7, 2024 · 1df9f7e · 1df9f7e
1 parent a4ced07
commit 1df9f7e
Show file tree

Hide file tree

Showing 4 changed files with 100 additions and 19 deletions.
diff --git a/.zuul.yaml b/.zuul.yaml
@@ -11,6 +11,11 @@
     cleanup-run: playbooks/cleanup.yaml  # executed also when the job is canceled
     vars:
       wait_for_cluster: 600  # 10min
+      extra_env: {}
+      sonobouy:
+        enabled: false
+      scs_compliance:
+        enabled: false
 
 - job:
     name: k8s-cluster-api-provider-e2e-conformance
@@ -21,7 +26,9 @@
       it will test if the Kubernetes cluster is conformant to the CNCF.
     timeout: 10800  # 3h
     vars:
-      sonobouy_mode: conformance
+      sonobouy:
+        enabled: true
+        mode: conformance
 
 - job:
     name: k8s-cluster-api-provider-e2e-quick
@@ -31,7 +38,22 @@
       [sonobuoy](https://sonobuoy.io/) with mode quick.
     timeout: 3600  # 1h
     vars:
-      sonobouy_mode: quick
+      sonobouy:
+        enabled: true
+        mode: quick
+      scs_compliance:
+        enabled: true
+
+- job:
+    name: k8s-cluster-api-provider-scs-compliance-1.27
+    parent: k8s-cluster-api-provider-e2e-abstract
+    description: |
+      Run SCS compliance KaaS tests.
+    vars:
+      extra_env:
+        TF_VAR_kubernetes_version: 1.27.x
+      scs_compliance:
+        enabled: true
 
 - project:
     name: SovereignCloudStack/k8s-cluster-api-provider

diff --git a/playbooks/e2e.yaml b/playbooks/e2e.yaml
@@ -17,9 +17,11 @@
     pr_or_main: "{{ 'pr' + zuul.change if zuul.change is defined else 'main' }}"
     prefix: "{{ (pr_or_main + '-' + zuul.build) | truncate(12, True, '') }}"
     testcluster_name: "{{ (pr_or_main + '-' + zuul.build) | truncate(12, True, '') }}"
-  environment:
-    ENVIRONMENT: "{{ cloud_provider }}"
-    PATH: "{{ ansible_user_dir }}/.local/bin:{{ ansible_env.PATH }}"
+    env_variables:
+      ENVIRONMENT: "{{ cloud_provider }}"
+      PATH: "{{ ansible_user_dir }}/.local/bin:{{ ansible_env.PATH }}"
+    env_variables_merged: "{{ env_variables | combine(extra_env | default({}) ) }}"
+  environment: "{{ env_variables_merged }}"
   tasks:
   - name: Prepare environment
     block:
@@ -87,7 +89,7 @@
       become: true
       when: mtu.stdout != "1500"
       changed_when: mtu.stdout != "1500"
-  - name: Create k8s cluster and execute sonobouy check
+  - name: Create k8s cluster and execute checks
     block:
     - name: Create k8s cluster
       ansible.builtin.command: "make create GITREFERENCE={{ git_branch_name }} GITREPO={{ git_repository_url }}"
@@ -106,25 +108,31 @@
       environment:
         KUBECONFIG: "{{ testcluster_name }}.yaml.{{ cloud_provider }}"
       changed_when: true
-    - name: Execute sonobouy check mode {{ sonobouy_mode }}
-      ansible.builtin.command: "make check-{{ sonobouy_mode }}"
-      register: sonobouy_results
-      args:
-        chdir: "{{ project_tf_dir }}"
-      changed_when: true
+    - name: Import sonobouy tasks
+      ansible.builtin.import_tasks: tasks/sonobouy.yaml
+      when: sonobouy.enabled
+    - name: Import scs_compliance tasks
+      ansible.builtin.import_tasks: tasks/scs_compliance.yaml
+      vars:
+        kubeconfig_path: "{{ project_tf_dir }}/{{ testcluster_name }}.yaml.{{ cloud_provider }}"
+      when: scs_compliance.enabled
+
     always:
-    - name: Parse sonobouy results  # noqa: ignore-errors
-      ansible.builtin.set_fact:
-        sonobouy_results_parsed: "{{ sonobouy_results.stdout | regex_search('=== Collecting results ===[\\S\\s]*') }}"
-      when: sonobouy_results is defined
-      ignore_errors: true  # ignore when this task failed as it is nice to have, and we should ensure that fullclean is reached
-    - name: Insert parsed sonobouy results to the warning message that will be appended to the comment zuul leaves on the PR  # noqa: ignore-errors
+    - name: Insert sonobouy results to the warning message that will be appended to the comment zuul leaves on the PR  # noqa: ignore-errors
       zuul_return:
         data:
           zuul:
             warnings:
               - "<details>\n  <summary><b>Sonobouy results</b></summary>\n{{ sonobouy_results_parsed }}\n</details>"
-      when: sonobouy_results_parsed is defined and sonobouy_results_parsed | length > 0
+      when: sonobouy.enabled and sonobouy_results_parsed is defined and sonobouy_results_parsed | length > 0
+      ignore_errors: true  # ignore when this task failed as it is nice to have, and we should ensure that fullclean is reached
+    - name: Insert SCS compliance results to the warning message that will be appended to the comment zuul leaves on the PR  # noqa: ignore-errors
+      zuul_return:
+        data:
+          zuul:
+            warnings:
+              - "<details>\n  <summary><b>SCS Compliance results</b></summary>\n{{ scs_compliance_results_parsed }}\n</details>"
+      when: scs_compliance.enabled and scs_compliance_results_parsed is defined and scs_compliance_results_parsed | length > 0
       ignore_errors: true  # ignore when this task failed as it is nice to have, and we should ensure that fullclean is reached
     - name: Cleanup - fullclean
       ansible.builtin.command: "make fullclean"

diff --git a/playbooks/tasks/scs_compliance.yaml b/playbooks/tasks/scs_compliance.yaml
@@ -0,0 +1,40 @@
+---
+- name: Download, install, configure, and execute SCS KaaS compliance check
+  vars:
+    check_dir: "{{ ansible_user_dir }}/scs-compliance"
+    python_venv_dir: "{{ ansible_user_dir }}/scs-compliance/venv"
+  block:
+  - name: Check if `kubeconfig_path` variable is defined
+    ansible.builtin.fail:
+      msg: "kubeconfig_path is not defined or empty"
+    when: kubeconfig_path is not defined or kubeconfig_path == ''
+  - name: Ensure check directory
+    ansible.builtin.file:
+      path: "{{ check_dir }}"
+      state: directory
+      mode: 0755
+  - name: Get SCS KaaS compliance check assets
+    ansible.builtin.git:
+      repo: https://github.com/SovereignCloudStack/standards.git
+      dest: "{{ check_dir }}"
+      single_branch: yes
+      version: main
+  - name: Install check requirements
+    ansible.builtin.pip:
+      requirements: "{{ check_dir }}/Tests/requirements.txt"
+      virtualenv: "{{ python_venv_dir }}"
+  - name: Execute k8s-node-distribution check
+    ansible.builtin.shell:
+      cmd:
+        ". {{ python_venv_dir }}/bin/activate &&
+         python3 {{ check_dir }}/Tests/scs-compliance-check.py Tests/scs-compatible-kaas.yaml kaas  -s KaaS_V1 -a kubeconfig={{ kubeconfig_path }}"
+    changed_when: false
+    register: scs_compliance_results
+  - name: Parse SCS KaaS compliance results
+    ansible.builtin.set_fact:
+      scs_compliance_results_parsed: "{{ scs_compliance_results.stdout }}"
+    when: scs_compliance_results is defined
+  - name: Print check_results to the STDOUT
+    ansible.builtin.debug:
+      msg: "{{ scs_compliance_results_parsed.stdout }}"
+    when: scs_compliance_results_parsed is defined
diff --git a/playbooks/tasks/sonobouy.yaml b/playbooks/tasks/sonobouy.yaml
@@ -0,0 +1,11 @@
+---
+- name: Execute sonobouy check mode {{ sonobouy.mode }}
+  ansible.builtin.command: "make check-{{ sonobouy.mode }}"
+  register: sonobouy_results
+  args:
+    chdir: "{{ project_tf_dir }}"
+  changed_when: true
+- name: Parse sonobouy results
+  ansible.builtin.set_fact:
+    sonobouy_results_parsed: "{{ sonobouy_results.stdout | regex_search('=== Collecting results ===[\\S\\s]*') }}"
+  when: sonobouy_results is defined