ci/jjb/shell/bluval.sh

   1 #!/usr/bin/env bash
   2
   3 # Ensure we fail the job if any steps fail
   4 # Disable 'globbing'
   5 set -eux -o pipefail
   6
   7 echo "[ICN] Downloading ICN"
   8 git clone "https://gerrit.akraino.org/r/icn" ${WORKSPACE}/icn
   9
  10 echo "[ICN] Bringing up test cluster"
  11 function clean_vm {
  12     pushd ${WORKSPACE}/icn
  13     # TODO Vagrant has a known issue
  14     # (https://github.com/vagrant-libvirt/vagrant-libvirt/issues/1371)
  15     # destroying the VMs, so destroy them manually here
  16     vagrant destroy -f jump
  17     virsh -c qemu:///system destroy vm-machine-1
  18     virsh -c qemu:///system undefine --nvram --remove-all-storage vm-machine-1
  19     virsh -c qemu:///system destroy vm-machine-2
  20     virsh -c qemu:///system undefine --nvram --remove-all-storage vm-machine-2
  21     popd
  22 }
  23 trap clean_vm EXIT
  24 pushd ${WORKSPACE}/icn
  25 # TODO Improve VM performance by only using cores on the same node
  26 #sed -i -e '/^\s\+libvirt.cpus/!b' -e "h;s/\S.*/libvirt.cpuset = '0-21,44-65'/;H;g" Vagrantfile
  27 vagrant destroy -f
  28 vagrant up --no-parallel
  29 vagrant ssh jump -c "
  30 set -exuf
  31 cd /icn
  32 sudo su -c 'make jump_server vm_cluster'
  33 "
  34 popd
  35
  36 echo "[ICN] Installing jenkins identity into test cluster"
  37 cp ${WORKSPACE}/icn/deploy/site/vm/id_rsa site-vm-rsa
  38 chmod 0600 site-vm-rsa
  39 ssh-keygen -f ${CLUSTER_SSH_KEY} -y > ${CLUSTER_SSH_KEY}.pub
  40 ssh-copy-id -i ${CLUSTER_SSH_KEY} -f ${CLUSTER_SSH_USER}@${CLUSTER_MASTER_IP} -o IdentityFile=site-vm-rsa -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
  41
  42 echo "[ICN] Patching kube-hunter image location"
  43 cat <<'EOF' | patch -p1
  44 diff --git a/tests/variables.yaml b/tests/variables.yaml
  45 index fa3fe71..c54f37f 100644
  46 --- a/tests/variables.yaml
  47 +++ b/tests/variables.yaml
  48 @@ -82,3 +82,7 @@ dns_domain: cluster.local                     # cluster's DNS domain
  49  # NONE, WARN, INFO, DEBUG, and TRACE.
  50  # Default is INFO
  51  loglevel: INFO
  52 +
  53 +kube_hunter:
  54 +  path: 'aquasec'
  55 +  name: 'kube-hunter:edge'
  56 EOF
  57
  58 echo "[ICN] Downloading run_bluval.sh from upstream ci-management"
  59 wget --read-timeout=10 --timeout=10 --waitretry=10 -t 10 https://raw.githubusercontent.com/akraino-edge-stack/ci-management/master/jjb/shell/run_bluval.sh
  60
  61 echo "[ICN] Patching run_bluval.sh"
  62 cat <<'EOF' | patch -p3
  63 diff --git a/jjb/shell/run_bluval.sh b/jjb/shell/run_bluval.sh
  64 index 75d20eb..dbfad03 100755
  65 --- a/jjb/shell/run_bluval.sh
  66 +++ b/jjb/shell/run_bluval.sh
  67 @@ -177,6 +177,7 @@ if [ "$pull" == "true" ] || [ "$PULL" == "yes" ]
  68  then
  69      options+=" -P"
  70  fi
  71 +options+=" -t amd64-latest"
  72
  73  set +e
  74  if python3 --version > /dev/null; then
  75 @@ -209,4 +210,3 @@ else
  76      rm results.zip
  77  fi
  78
  79 -rm -f ~/.netrc
  80 EOF
  81
  82 echo "[ICN] Executing run_bluval.sh"
  83 /bin/bash run_bluval.sh