Skip to content

Commit 1e59007

Browse files
saw-jannirajacharya2
saw-jan
authored and
nirajacharya2
committed
ci: fix privilege setting
Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com>
1 parent c0825b8 commit 1e59007

File tree

1 file changed

+128
-60
lines changed

1 file changed

+128
-60
lines changed

.drone.star

Lines changed: 128 additions & 60 deletions
Original file line numberDiff line numberDiff line change
@@ -138,17 +138,23 @@ config = {
138138
],
139139
"skip": False,
140140
},
141-
"davOperations": {
141+
"davOperations1": {
142142
"suites": [
143143
"apiSpacesDavOperation",
144-
"apiArchiver",
145144
"apiDownloads",
146-
"apiActivities",
147145
"apiAsyncUpload",
148146
"apiDepthInfinity",
149147
],
150148
"skip": False,
151149
},
150+
"davOperations2": {
151+
"suites": [
152+
"apiArchiver",
153+
"apiActivities",
154+
],
155+
"skip": False,
156+
"k3d": True,
157+
},
152158
"groupAndSearch1": {
153159
"suites": [
154160
"apiSearch1",
@@ -474,43 +480,43 @@ def main(ctx):
474480

475481
pipelines = []
476482

477-
# build_release_helpers = \
478-
# changelog() + \
479-
# docs() + \
480-
# licenseCheck(ctx)
483+
build_release_helpers = \
484+
changelog() + \
485+
docs() + \
486+
licenseCheck(ctx) + \
487+
deleteStaleBranches(ctx)
481488

482489
test_pipelines = \
483-
deployments(ctx)
484-
# codestyle(ctx) + \
485-
# checkGherkinLint(ctx) + \
486-
# checkTestSuitesInExpectedFailures(ctx) + \
487-
# buildWebCache(ctx) + \
488-
# getGoBinForTesting(ctx) + \
489-
# buildOcisBinaryForTesting(ctx) + \
490-
# checkStarlark() + \
491-
# build_release_helpers + \
492-
# testOcisAndUploadResults(ctx) + \
493-
# testPipelines(ctx) + \
494-
495-
# build_release_pipelines = \
496-
# dockerReleases(ctx) + \
497-
# binaryReleases(ctx)
498-
499-
# test_pipelines.append(
500-
# pipelineDependsOn(
501-
# purgeBuildArtifactCache(ctx),
502-
# testPipelines(ctx),
503-
# ),
504-
# )
505-
506-
# test_pipelines.append(
507-
# pipelineDependsOn(
508-
# uploadAPITestCoverageReport(ctx),
509-
# testPipelines(ctx),
510-
# ),
511-
# )
512-
513-
pipelines = deployments(ctx) #test_pipelines + build_release_pipelines
490+
codestyle(ctx) + \
491+
checkGherkinLint(ctx) + \
492+
checkTestSuitesInExpectedFailures(ctx) + \
493+
buildWebCache(ctx) + \
494+
getGoBinForTesting(ctx) + \
495+
buildOcisBinaryForTesting(ctx) + \
496+
checkStarlark() + \
497+
build_release_helpers + \
498+
testOcisAndUploadResults(ctx) + \
499+
testPipelines(ctx)
500+
501+
build_release_pipelines = \
502+
dockerReleases(ctx) + \
503+
binaryReleases(ctx)
504+
505+
test_pipelines.append(
506+
pipelineDependsOn(
507+
purgeBuildArtifactCache(ctx),
508+
testPipelines(ctx),
509+
),
510+
)
511+
512+
test_pipelines.append(
513+
pipelineDependsOn(
514+
uploadAPITestCoverageReport(ctx),
515+
testPipelines(ctx),
516+
),
517+
)
518+
519+
pipelines = test_pipelines + build_release_pipelines
514520

515521
if ctx.build.event == "cron":
516522
pipelines = \
@@ -592,7 +598,7 @@ def testPipelines(ctx):
592598
pipelines += localApiTestPipeline(ctx)
593599
pipelines += coreApiTestPipeline(ctx)
594600

595-
pipelines += e2eTestPipeline(ctx) + multiServiceE2ePipeline(ctx)
601+
# pipelines += e2eTestPipeline(ctx) + multiServiceE2ePipeline(ctx)
596602

597603
if ("skip" not in config["k6LoadTests"] or not config["k6LoadTests"]["skip"]) and ("k6-test" in ctx.build.title.lower() or ctx.build.event == "cron"):
598604
pipelines += k6LoadTests(ctx)
@@ -1065,6 +1071,7 @@ def localApiTestPipeline(ctx):
10651071
"collaborationServiceNeeded": False,
10661072
"extraCollaborationEnvironment": {},
10671073
"withRemotePhp": with_remote_php,
1074+
"k3d": False,
10681075
}
10691076

10701077
if "localApiTests" in config:
@@ -1084,21 +1091,41 @@ def localApiTestPipeline(ctx):
10841091
"arch": "amd64",
10851092
},
10861093
"steps": skipIfUnchanged(ctx, "acceptance-tests") +
1087-
restoreBuildArtifactCache(ctx, "ocis-binary-amd64", "ocis/bin") +
1094+
(restoreBuildArtifactCache(ctx, "ocis-binary-amd64", "ocis/bin") if not params["k3d"] else []) +
10881095
(tikaService() if params["tikaNeeded"] else []) +
10891096
(waitForServices("online-offices", ["collabora:9980", "onlyoffice:443", "fakeoffice:8080"]) if params["collaborationServiceNeeded"] else []) +
1090-
ocisServer(storage, extra_server_environment = params["extraServerEnvironment"], with_wrapper = True, tika_enabled = params["tikaNeeded"], volumes = ([stepVolumeOcisStorage] if name.startswith("cli") else [])) +
1097+
(waitk3() + install() + showPodsAfterInstall() if params["k3d"] else ocisServer(storage, extra_server_environment = params["extraServerEnvironment"], with_wrapper = True, tika_enabled = params["tikaNeeded"], volumes = ([stepVolumeOcisStorage])) if not name.startswith("cli") else []) +
10911098
(waitForClamavService() if params["antivirusNeeded"] else []) +
10921099
(waitForEmailService() if params["emailNeeded"] else []) +
10931100
(ocisServer(storage, deploy_type = "federation", extra_server_environment = params["extraServerEnvironment"]) if params["federationServer"] else []) +
10941101
((wopiCollaborationService("fakeoffice") + wopiCollaborationService("collabora") + wopiCollaborationService("onlyoffice")) if params["collaborationServiceNeeded"] else []) +
10951102
(ocisHealthCheck("wopi", ["wopi-collabora:9304", "wopi-onlyoffice:9304", "wopi-fakeoffice:9304"]) if params["collaborationServiceNeeded"] else []) +
1096-
localApiTests(ctx, name, params["suites"], storage, params["extraEnvironment"], run_with_remote_php) +
1103+
localApiTests(ctx, name, params["suites"], storage, params["extraEnvironment"], run_with_remote_php, params["k3d"]) +
10971104
apiTestFailureLog() +
1098-
generateCoverageFromAPITest(ctx, name),
1105+
(generateCoverageFromAPITest(ctx, name) if not params["k3d"] else []),
10991106
"services": (emailService() if params["emailNeeded"] else []) +
11001107
(clamavService() if params["antivirusNeeded"] else []) +
1101-
((fakeOffice() + collaboraService() + onlyofficeService()) if params["collaborationServiceNeeded"] else []),
1108+
((fakeOffice() + collaboraService() + onlyofficeService()) if params["collaborationServiceNeeded"] else []) +
1109+
([
1110+
{
1111+
"name": "k3d",
1112+
"image": "ghcr.io/k3d-io/k3d:5-dind",
1113+
"user": "root",
1114+
"privileged": True,
1115+
"commands": [
1116+
"git clone https://github.com/nirajacharya2/ocis-charts.git",
1117+
"nohup dockerd-entrypoint.sh &",
1118+
"until docker ps 2>&1 > /dev/null; do sleep 1s; done",
1119+
"k3d cluster create --config ./ocis-charts/ci/k3d-drone.yaml --api-port k3d:443",
1120+
"until kubectl get deployment coredns -n kube-system -o go-template='{{.status.availableReplicas}}' | grep -v -e '<no value>'; do sleep 1s; done",
1121+
"k3d cluster list",
1122+
"k3d kubeconfig get drone > kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
1123+
"chmod 0600 kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
1124+
"printf '@@@@@@@@@@@@@@@@@@@@@@@\n@@@@ k3d is ready @@@@\n@@@@@@@@@@@@@@@@@@@@@@@\n'",
1125+
"kubectl get events -Aw",
1126+
],
1127+
},
1128+
] if params["k3d"] else []),
11021129
"depends_on": getPipelineNames(buildOcisBinaryForTesting(ctx)),
11031130
"trigger": {
11041131
"ref": [
@@ -1152,12 +1179,12 @@ def generateCoverageFromAPITest(ctx, name):
11521179
},
11531180
]
11541181

1155-
def localApiTests(ctx, name, suites, storage = "ocis", extra_environment = {}, with_remote_php = False):
1182+
def localApiTests(ctx, name, suites, storage = "ocis", extra_environment = {}, with_remote_php = False, run_with_k3 = False):
11561183
test_dir = "%s/tests/acceptance" % dirs["base"]
11571184
expected_failures_file = "%s/expected-failures-localAPI-on-%s-storage.md" % (test_dir, storage.upper())
11581185

11591186
environment = {
1160-
"TEST_SERVER_URL": OCIS_URL,
1187+
"TEST_SERVER_URL": OCIS_URL if not run_with_k3 else "https://ocis:9200",
11611188
"TEST_SERVER_FED_URL": OCIS_FED_URL,
11621189
"OCIS_REVA_DATA_ROOT": "%s" % (dirs["ocisRevaDataRoot"] if storage == "owncloud" else ""),
11631190
"STORAGE_DRIVER": storage,
@@ -3718,7 +3745,7 @@ def deleteStaleBranches(ctx):
37183745
},
37193746
}]
37203747

3721-
def trivyScan(ctx):
3748+
def trivyScan():
37223749
steps = [
37233750
{
37243751
"name": "trivy-security-scan",
@@ -3752,27 +3779,28 @@ def trivyScan(ctx):
37523779
},
37533780
}
37543781

3755-
def deployments(ctx):
3782+
def deployments():
37563783
result = {
37573784
"kind": "pipeline",
37583785
"type": "docker",
37593786
"name": "k3d",
3760-
"privileged": True,
3761-
"steps": wait(ctx) + install(ctx) + showPodsAfterInstall(ctx),
3787+
"steps": waitk3() + install() + showPodsAfterInstall() + aftr(),
37623788
"services": [
37633789
{
37643790
"name": "k3d",
37653791
"image": "ghcr.io/k3d-io/k3d:5-dind",
37663792
"user": "root",
3793+
"privileged": True,
37673794
"commands": [
37683795
"git clone https://github.com/owncloud/ocis-charts.git",
3769-
"cd ocis-charts",
37703796
"nohup dockerd-entrypoint.sh &",
37713797
"until docker ps 2>&1 > /dev/null; do sleep 1s; done",
3772-
"k3d cluster create --config ci/k3d-drone.yaml --api-port k3d:6445",
3798+
"k3d cluster create --config ./ocis-charts/ci/k3d-drone.yaml --api-port k3d:443",
37733799
"until kubectl get deployment coredns -n kube-system -o go-template='{{.status.availableReplicas}}' | grep -v -e '<no value>'; do sleep 1s; done",
3800+
"k3d cluster list",
37743801
"k3d kubeconfig get drone > kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
37753802
"chmod 0600 kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
3803+
"kubectl cluster-info",
37763804
"printf '@@@@@@@@@@@@@@@@@@@@@@@\n@@@@ k3d is ready @@@@\n@@@@@@@@@@@@@@@@@@@@@@@\n'",
37773805
"kubectl get events -Aw",
37783806
],
@@ -3787,16 +3815,16 @@ def deployments(ctx):
37873815
],
37883816
"trigger": {
37893817
"ref": [
3818+
"refs/heads/master",
3819+
"refs/tags/**",
37903820
"refs/pull/**",
37913821
],
37923822
},
37933823
}
37943824

3795-
result["trigger"]["ref"].append("refs/heads/master")
3796-
37973825
return [result]
37983826

3799-
def wait(config):
3827+
def waitk3():
38003828
return [{
38013829
"name": "wait",
38023830
"image": "docker.io/bitnami/kubectl:1.31",
@@ -3807,9 +3835,15 @@ def wait(config):
38073835
"kubectl config view",
38083836
"kubectl get pods -A",
38093837
],
3838+
"volumes": [
3839+
{
3840+
"name": "gopath",
3841+
"path": "/go",
3842+
},
3843+
],
38103844
}]
38113845

3812-
def showPodsAfterInstall(config):
3846+
def showPodsAfterInstall():
38133847
return [{
38143848
"name": "testPodsAfterInstall",
38153849
"image": "docker.io/bitnami/kubectl:1.31",
@@ -3818,19 +3852,53 @@ def showPodsAfterInstall(config):
38183852
"export KUBECONFIG=kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
38193853
"until test -f $${KUBECONFIG}; do sleep 1s; done",
38203854
"kubectl get pods -n ocis",
3821-
"if [ \"$(kubectl get pods -n ocis --field-selector status.phase=Running | wc -l)\" -le \"32\" ]; then exit 1; fi", # there are 32 pods + 1 header line
3855+
"if [ \"$(kubectl get pods -n ocis --field-selector status.phase=Running | wc -l)\" -le \"33\" ]; then exit 1; fi", # there are 32 pods + 1 header line
38223856
"kubectl get ingress -n ocis",
38233857
"if [ \"$(kubectl get ingress -n ocis | wc -l)\" -le \"1\" ]; then exit 1; fi",
3858+
"kubectl get services",
3859+
"kubectl get ingress -n ocis",
3860+
"kubectl get ingress -n ocis -o jsonpath='{.items[*].spec.rules[*].host}'",
3861+
# "kubectl port-forward -n ocis svc/proxy 9200:9200 &",
3862+
# "sleep 5",
3863+
"kubectl get svc --namespace default ocis -o jsonpath='{.status.loadBalancer.ingress[0].ip}'",
3864+
"kubectl get --namespace default -o jsonpath='{.spec.ports[0].port}' services ocis",
3865+
"kubectl describe ingress -n ocis",
3866+
"kubectl get all",
3867+
"kubectl -n ocis get secrets/admin-user --template='{{.data.password | base64decode | printf \"%s\" }}'",
3868+
],
3869+
"volumes": [
3870+
{
3871+
"name": "gopath",
3872+
"path": "/go",
3873+
},
38243874
],
38253875
}]
38263876

3827-
def install(ctx):
3877+
def install():
38283878
return [{
3829-
"name": "helm-install",
3879+
"name": "ocis",
38303880
"image": "owncloudci/golang:latest",
38313881
"commands": [
3832-
"export KUBECONFIG=kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
3882+
"cd /drone/src/ocis-charts",
3883+
"export KUBECONFIG=/drone/src/kubeconfig-$${DRONE_BUILD_NUMBER}.yaml",
38333884
"make helm-install-atomic",
3885+
# "curl -kv https://k3d:6445/graph/v1.0/me -uadmin:admin",
3886+
# "curl -kv https://ocis/graph/v1.0/me -uadmin:admin",
3887+
],
3888+
"volumes": [
3889+
{
3890+
"name": "gopath",
3891+
"path": "/go",
3892+
},
3893+
],
3894+
}]
3895+
3896+
def aftr():
3897+
return [{
3898+
"name": "aftr",
3899+
"image": "owncloudci/golang:latest",
3900+
"commands": [
3901+
"curl -kv https://ocis/graph/v1.0/me -uadmin:admin",
38343902
],
38353903
"volumes": [
38363904
{

0 commit comments

Comments
 (0)