183164582 Test mysql using containers #717
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[#183164582] Signed-off-by: Fernando Naranjo <fnaranjo@vmware.com>
[#183164582] Also replace some additional commands performed on BOSH VM
[#183164582] Running os commands using goexec is not identical to running those commands in a shell such as bash. Some examples of known things to require a bash shell: - Pipes - Redirects Signed-off-by: Fernando Naranjo <fnaranjo@vmware.com>
[#183164582] Signed-off-by: Fernando Naranjo <fnaranjo@vmware.com>
|
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story. The labels on this github issue will be updated when the story is started. |
[#183164582] Mysql service is the one in charge of creating the certificates. To make these generated certificates available to the container running the tests we use a shared volume named `mysql-certs` which we mount in both containers.
[#183164582] For this we need to pass the MYSQL version we want to test as a Docker build arg
[#183164582] There are chances that the versions removed could also work with our current release but they need some packages not included by default in the Dockerimage. Doing the extra effort to make the pass is irrelevant to the BOSH release itself, since the filesystem is not identical to what will be included in the VM. We might need to investigate how to reduce this filesystem mismatch if possible. Signed-off-by: Fernando Naranjo <fnaranjo@vmware.com>
[#183164582] Signed-off-by: Gareth Smith <sgareth@vmware.com>
[#183164582] They seem to have inconsistent behaviour on different operating systems
[#183164582]
…operation" This reverts commit e102885. It seems `chmod root:root` counteracts `chmod mysql:mysql` causing a race condition between the two containers. It seems we are better off using `chmod 777` here.
…subfolder [#183164582] By doing this any error message in the logs would point to the exact path where the problem occurred instead of a docker-mounted path in an arbitrary location. This change pursues reducing the knowledge burden introduced by the use of Docker by trying to make the Docker integration as thin and transparent as possible. Ideally, not requiring any Docker knowledge to be able to work with the codebase.
…subfolder [#183164582] By doing this any error message in the logs would point to the exact path where the problem occurred instead of a docker-mounted path in an arbitrary location. This change pursues reducing the knowledge burden introduced by the use of Docker by trying to make the Docker integration as thin and transparent as possible. Ideally, not requiring any Docker knowledge to be able to work with the codebase.
[#183164582] Some goals of this refactor were: - Don't have an explicit ENTRYPOINT in Dockerfile, specify it in docker-compose - Move most of the boilerplate required by the tests to the tests folder - Remove hardcoded paths in boilerplate environment variables required by tests - Make scripts/run-system-db-tests-mysqsl more self-container and self-documenting - Flatten the path to start adding tests for other databases such as Postgres - Flatten the path to add some tests for testing the version detection logic
[#183164582] Original tests made use of two auxiliary scripts `backup`/`restore` to set the required environment variables every time they were used. Since these variables are static and never change we added these vars to the `run-system-db-tests-mysql.bash` script itself and invoke the `database-backup-restore` binary directly instead from the tests.
[#183164582] By aglutinating the three previous variables each one pointing to a different certificate into a single variable pointing to a folder we should contain the three files. These files are expected to always be named the same so there isn't a need to specify the full path for each of them individually.
[#183164582] Some of the environment variables which previously we thought were not needed explicitly by the tests were in fact required for mysql to successfully establish a connection using TLS certificates.
[#183164582] By looking at the source-code we determined that mysql5.7 binary is used to connect with the mysql database and ask for its version. Only later, the corresponding binary will be choosed and used. Signed-off-by: Fernando Naranjo <fnaranjo@vmware.com>
[#183164582] In this case we didn't copy the binary from the mariadb Docker image because it had unsatisfied dependencies (such as libssl3)
[#183164582]
[#183164582] Since bbr-sdk-release always uses 5.7 at least once (to query the db version) we always need to specify MYSQL_CLIENT_5_7_PATH. Since we are using GitHub matrixes to tests several MySQL versions using the same scripts, it seems difficult to use the MYSQL_VERSION variable to download only the required binaries since we will need some conditional logic to populate the right ENV variables. For that reason this commit simply downloads the latest MySQL 8.0 and MySQL 5.7 binaries and populates the corresponding ENV variables every time, without caring which specific MYSQL_VERSION we are currently testing.
[#183164582]
[#183164582]
[#183164582] To test compilation against diff stemcells we use multistage Docker containers to download bosh-lite warden tarballs and using the rootfs included in the tarball to create a container FROM scratch. Inside that dockerized stemcell we run the release packaging scripts which allows testing compilation against different stemcell using GHActions matrix strategies. Now that we are able to compile the release directly in GHActions, we can improve system tests by leveraging the binaries built on-the-fly from the blobs. This approach has huge benefits compared to the previous one: - Tests are more true to reality - Bosh blobs are fully tested (instead of testing just the GO code) - Compilation is being tested against different stemcells
[#183164582] Also, compiled database-backup-restorer using its packaging script instead of manually running golang during the `run-system-db-tests` scripts and refactored tests to use the binary located in /var/vcap/packages
[#183164582]
[#183164582] Signed-off-by: Fernando Naranjo <fnaranjo@vmware.com>
[#183164582]
…ach job [#183164582]
[#183164582] All tests were running the basic Postgres tests instead of TLS and MUTUAL
[#183164582] This change will help us differentiate how much time is spent in the actual tests versus compiling the release itself. This should serve as a first step towards optimizing builds
[#183164582] postgres:9.4-alpine doesn't have openssl package installed by default which causes the database to error before start and prevents tests from running. Testing Postgres 9.4 without TLS/MTLS should be enough for now to ensure this version is supported. Patching postgres Dockerfile to add openssl is possible but might no be needed or desirable since Postgres 9.4 reached EOGS in February 2020
[#183164582] Signed-off-by: Diego Lemos <dlemos@vmware.com>
[#183164582] The tests expected error messages to be available in stdout. Probably because when running the commands by SSHing into a BOSH VM the errors are retreived from Stdout
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.