From aa6681d0c42a279f99cca50bba5719665e497ea3 Mon Sep 17 00:00:00 2001 From: DANIEL STOICA Date: Fri, 26 Jun 2020 15:19:49 +0300 Subject: [PATCH 1/5] os:vuls:Update vuls version Update vuls version to v0.10.0 In vuls v0.10.0 was deprecated the '-ssh-config' vuls argument and was moved in config.toml Signed-off-by: DANIEL STOICA Change-Id: Ia4c0357ec25725a0a2602c07f83edb397c203a04 --- docker/os/Dockerfile | 2 +- tests/os/vuls/config.toml | 1 + tests/os/vuls/vuls.robot | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/docker/os/Dockerfile b/docker/os/Dockerfile index 13a9c26..c447dea 100644 --- a/docker/os/Dockerfile +++ b/docker/os/Dockerfile @@ -69,7 +69,7 @@ RUN if [ $(uname -m) == 'aarch64' ]; then HOST_ARCH=arm64; else HOST_ARCH=amd64; export PATH=$PATH:/root/go/bin:/root/go/src/github.com/bin && \ mkdir -p /root/go/src/github.com/future-architect && \ cd /root/go/src/github.com/future-architect && \ - git clone https://github.com/future-architect/vuls -b v0.9.7 && \ + git clone https://github.com/future-architect/vuls -b v0.10.0 && \ cd vuls && \ make install && \ mkdir -p /root/go/src/github.com/kotakanbe && \ diff --git a/tests/os/vuls/config.toml b/tests/os/vuls/config.toml index 1329cd5..b1681c4 100644 --- a/tests/os/vuls/config.toml +++ b/tests/os/vuls/config.toml @@ -5,4 +5,5 @@ host = "HOST" port = "22" user = "USERNAME" keyPath = "/root/.ssh/id_rsa" +sshConfigPath = "/root/.ssh/config" containerType = "docker" diff --git a/tests/os/vuls/vuls.robot b/tests/os/vuls/vuls.robot index 9774be9..3118021 100644 --- a/tests/os/vuls/vuls.robot +++ b/tests/os/vuls/vuls.robot @@ -43,7 +43,7 @@ Run Vuls test Run Keyword IF '${SSH_KEYFILE}' == 'None' Create ssh_keyfile - ${rc} = Run And Return Rc vuls scan -config ${CURDIR}/config.toml -ssh-config + ${rc} = Run And Return Rc vuls scan -config ${CURDIR}/config.toml Should Be Equal As Integers ${rc} 0 Run Keyword IF '${os}' == 'ubuntu' Run vuls for ubuntu ELSE IF '${os}' == 'centos' Run vuls for centos ELSE FAIL Distro '${os}' not supported -- 2.16.6 From 82be52a9082be8cde1170e69d0f7f27e1225a208 Mon Sep 17 00:00:00 2001 From: Ioakeim Date: Mon, 31 May 2021 19:26:20 +0300 Subject: [PATCH 2/5] Add cryptography requirement Add cryptography in bluval requirements Signed-off-by: Ioakeim Samaras Change-Id: I8e01812d6aebcdf54d986aa139942475a1066767 --- bluval/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/bluval/requirements.txt b/bluval/requirements.txt index 7784bcd..0e89160 100644 --- a/bluval/requirements.txt +++ b/bluval/requirements.txt @@ -5,3 +5,4 @@ robotframework-httplibrary robotframework-jsonlibrary robotframework-requests robotframework-sshlibrary +cryptography==2.8 -- 2.16.6 From 120f1c310200e601f45a6601f2e7ec20f21fc744 Mon Sep 17 00:00:00 2001 From: Sirisha Gopigiri Date: Tue, 8 Jun 2021 13:12:19 +0530 Subject: [PATCH 3/5] Update sonobuoy kube-conformance docker images This PS updates the conformance test case to use kube-conformance and sonobuoy-systemd-logs images from gcr.io repo instead of akraino repo. Signed-off-by: SirishaGopigiri Change-Id: If97ec80b06910b06e923a4765d0f5fa6d454650d --- .coafile | 1 - .gitmodules | 8 --- docker/README.rst | 77 ++-------------------- docker/k8s/Dockerfile | 2 +- docker/kube-conformance/Makefile | 34 ---------- docker/kube-conformance/kube-conformance | 1 - ...1-Dockerfile-Makefile-Add-AArch64-support.patch | 55 ---------------- docker/sonobuoy-plugin-systemd-logs/Makefile | 31 --------- .../aarch64/0001-Dockerfile-AArch64-support.patch | 28 -------- .../sonobuoy-plugin-systemd-logs | 1 - tests/k8s/conformance/conformance.robot | 10 +-- tox.ini | 1 - 12 files changed, 13 insertions(+), 236 deletions(-) delete mode 100644 .gitmodules delete mode 100644 docker/kube-conformance/Makefile delete mode 160000 docker/kube-conformance/kube-conformance delete mode 100644 docker/kube-conformance/patches/aarch64/0001-Dockerfile-Makefile-Add-AArch64-support.patch delete mode 100644 docker/sonobuoy-plugin-systemd-logs/Makefile delete mode 100644 docker/sonobuoy-plugin-systemd-logs/patches/aarch64/0001-Dockerfile-AArch64-support.patch delete mode 160000 docker/sonobuoy-plugin-systemd-logs/sonobuoy-plugin-systemd-logs diff --git a/.coafile b/.coafile index c472b5d..4d8a321 100644 --- a/.coafile +++ b/.coafile @@ -5,7 +5,6 @@ ignore = .tox/**, .git/**, .gitignore, .gitreview, - .gitmodules, **.sw?, **.orig diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index a51136e..0000000 --- a/.gitmodules +++ /dev/null @@ -1,8 +0,0 @@ -[submodule "sonobuoy-plugin-systemd-logs"] - path = docker/sonobuoy-plugin-systemd-logs/sonobuoy-plugin-systemd-logs - url = https://github.com/heptio/sonobuoy-plugin-systemd-logs - branch = master -[submodule "kube-conformance"] - path = docker/kube-conformance/kube-conformance - url = https://github.com/heptio/kube-conformance - branch = master diff --git a/docker/README.rst b/docker/README.rst index 0fff3ed..74cd787 100644 --- a/docker/README.rst +++ b/docker/README.rst @@ -199,84 +199,19 @@ Example (assuming the default variables have been utilized for building the imag The kube-conformance container ============================== -Building and pushing the container ----------------------------------- - -To build just the kube-conformance container, use the command: - -.. code-block:: console - - make kube-conformance-build [ REGISTRY= NAME=] - -To both build and push the container, use the command: - -.. code-block:: console - - make kube-conformance [ REGISTRY= NAME=] +The current kube-conformance image used is being pulled from k8s.gcr.io +based on the kubernetes version the cluster is running on. -Using the container -------------------- - -This is a standalone container able to launch Kubernetes end-to-end tests, -for the purposes of conformance testing. - -It is a thin wrapper around the `e2e.test` binary in the upstream Kubernetes -distribution, which drops results in a predetermined location for use as a -[Heptio Sonobuoy](https://github.com/heptio/sonobuoy) plugin. - -To learn more about conformance testing and its Sonobuoy integration, read the -[conformance guide](https://github.com/heptio/sonobuoy/blob/master/docs/conformance-testing.md). - -Example: - -.. code-block:: console - - docker run -ti akraino/validation:kube-conformance-v1.16 - -By default, the container will run the `run_e2e.sh` script. If you want to -enter the container, add */bin/sh* at the end of the command above - -Normally, this conainer is not used directly, but instead leveraged via -sonobuoy. +For more information refer to https://sonobuoy.io/docs/v0.50.0/ The sonobuoy-plugin-systemd-logs container ========================================== -Building and pushing the container ----------------------------------- - -To build just the sonobuoy-plugin-systemd-logs container, use the command: - -.. code-block:: console - - make sonobuoy-plugin-systemd-logs-build [ REGISTRY= NAME=] - -To both build and push the container, use the command: - -.. code-block:: console - - make sonobuoy-plugin-systemd-logs [ REGISTRY= NAME=] - -Using the container -------------------- - -This is a simple standalone container that gathers log information from -systemd, by chrooting into the node's filesystem and running `journalctl`. - -This container is used by [Heptio Sonobuoy](https://github.com/heptio/sonobuoy) -for gathering host logs in a Kubernetes cluster. - -Example: - -.. code-block:: console - - docker run -ti akraino/validation:sonobuoy-plugin-systemd-logs-latest +The current sonobuoy-plugin-systemd-logs image used is being pulled from +gcr.io/heptio-images repo with latest tag. -By default, the container will run the `get_systemd_logs.sh` script. If you -want to enter the container, add */bin/sh* at the end of the command above. +For more information refer to https://sonobuoy.io/docs/v0.50.0/ -Normally, this conainer is not used directly, but instead leveraged via -sonobuoy. The openstack container ======================= diff --git a/docker/k8s/Dockerfile b/docker/k8s/Dockerfile index 3296fdf..37baf3f 100644 --- a/docker/k8s/Dockerfile +++ b/docker/k8s/Dockerfile @@ -21,7 +21,7 @@ FROM golang:alpine3.10 as build # minor versions before. ARG SB_TAG=v0.16.1 # Determine the latest stable git tag at build time based on stable major version -ARG K8S_VER=1.16 +ARG K8S_VER=1.18 # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt diff --git a/docker/kube-conformance/Makefile b/docker/kube-conformance/Makefile deleted file mode 100644 index 1c0f7f0..0000000 --- a/docker/kube-conformance/Makefile +++ /dev/null @@ -1,34 +0,0 @@ -############################################################################## -# Copyright (c) 2019 AT&T, ENEA AB, Nokia and others # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you maynot use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -export WORK_DIR?=$(TAG_PRE) -export KUBE_VERSION=1.16 -export TAG_VER=v$(KUBE_VERSION) - -.PHONY: .build -.build:: .submodules_patched - $(MAKE) -C $(TAG_PRE) e2e.test kubectl ginkgo - -.PHONY: all -all: push-image .push_manifest - -.PHONY: build -build: .build - -.PHONY: push-image -push-image: .push_image - -include ../build.mk diff --git a/docker/kube-conformance/kube-conformance b/docker/kube-conformance/kube-conformance deleted file mode 160000 index 9cdcb01..0000000 --- a/docker/kube-conformance/kube-conformance +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 9cdcb010918c815a51ac627ce68fa6f3165beaf8 diff --git a/docker/kube-conformance/patches/aarch64/0001-Dockerfile-Makefile-Add-AArch64-support.patch b/docker/kube-conformance/patches/aarch64/0001-Dockerfile-Makefile-Add-AArch64-support.patch deleted file mode 100644 index 770f6bd..0000000 --- a/docker/kube-conformance/patches/aarch64/0001-Dockerfile-Makefile-Add-AArch64-support.patch +++ /dev/null @@ -1,55 +0,0 @@ -From: Alexandru Avadanii -Date: Tue, 25 Jun 2019 17:59:13 +0200 -Subject: [PATCH] Dockerfile, Makefile: Add AArch64 support - -Signed-off-by: Alexandru Avadanii ---- - Dockerfile | 6 ++++-- - Makefile | 8 +++++--- - 2 files changed, 9 insertions(+), 5 deletions(-) - -diff --git a/Dockerfile b/Dockerfile -index 289ac88..102685d 100644 ---- a/Dockerfile -+++ b/Dockerfile -@@ -13,10 +13,12 @@ - # See the License for the specific language governing permissions and - # limitations under the License. - --FROM buildpack-deps:jessie-scm -+FROM arm64v8/buildpack-deps:jessie-scm - MAINTAINER Timothy St. Clair "tstclair@heptio.com" - --RUN apt-get update && apt-get -y --no-install-recommends install \ -+RUN echo 'Acquire::Check-Valid-Until "0";' > /etc/apt/apt.conf.d/10no--check-valid-until \ -+ && sed -i -e '/security/s/^/#/g' -e 's|deb.debian.org/debian|snapshot.debian.org/archive/debian/20190301T035241Z|g' /etc/apt/sources.list \ -+ && apt-get update && apt-get -y --no-install-recommends install \ - ca-certificates \ - && rm -rf /var/cache/apt/* \ - && rm -rf /var/lib/apt/lists/* -diff --git a/Makefile b/Makefile -index 4335cfd..bdaa52c 100644 ---- a/Makefile -+++ b/Makefile -@@ -29,6 +29,8 @@ is_root=$(filter 0,$(shell id -u)) - DOCKER?=$(if $(or $(in_docker_group),$(is_root)),docker,sudo docker) - DIR := ${CURDIR} - -+export KUBERNETES_SERVER_ARCH=arm64 -+ - .PHONY: all container getbins clean - - all: container -@@ -47,9 +49,9 @@ _cache/.getbins.$(kube_version_full).timestamp: - KUBERNETES_DOWNLOAD_TESTS=true \ - KUBERNETES_SKIP_CONFIRM=true ./kubernetes/cluster/get-kube-binaries.sh - mv _cache/$(kube_version_full)/kubernetes/cluster ./ -- mv _cache/$(kube_version_full)/kubernetes/platforms/linux/amd64/e2e.test ./ -- mv _cache/$(kube_version_full)/kubernetes/platforms/linux/amd64/ginkgo ./ -- mv _cache/$(kube_version_full)/kubernetes/platforms/linux/amd64/kubectl ./ -+ mv _cache/$(kube_version_full)/kubernetes/platforms/linux/arm64/e2e.test ./ -+ mv _cache/$(kube_version_full)/kubernetes/platforms/linux/arm64/ginkgo ./ -+ mv _cache/$(kube_version_full)/kubernetes/platforms/linux/arm64/kubectl ./ - touch $@ - - container: e2e.test kubectl ginkgo diff --git a/docker/sonobuoy-plugin-systemd-logs/Makefile b/docker/sonobuoy-plugin-systemd-logs/Makefile deleted file mode 100644 index 0af457a..0000000 --- a/docker/sonobuoy-plugin-systemd-logs/Makefile +++ /dev/null @@ -1,31 +0,0 @@ -############################################################################## -# Copyright (c) 2019 AT&T, ENEA AB, Nokia and others # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you maynot use this file except in compliance with the License. # -# # -# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -############################################################################## - -export WORK_DIR?=$(TAG_PRE) - -.PHONY: .build -.build:: .submodules_patched - -.PHONY: all -all: push-image .push_manifest - -.PHONY: build -build: .build - -.PHONY: push-image -push-image: .push_image - -include ../build.mk diff --git a/docker/sonobuoy-plugin-systemd-logs/patches/aarch64/0001-Dockerfile-AArch64-support.patch b/docker/sonobuoy-plugin-systemd-logs/patches/aarch64/0001-Dockerfile-AArch64-support.patch deleted file mode 100644 index 199e923..0000000 --- a/docker/sonobuoy-plugin-systemd-logs/patches/aarch64/0001-Dockerfile-AArch64-support.patch +++ /dev/null @@ -1,28 +0,0 @@ -From: Alexandru Avadanii -Date: Tue, 25 Jun 2019 17:45:29 +0200 -Subject: [PATCH] Dockerfile: AArch64 support - -Signed-off-by: Alexandru Avadanii ---- - Dockerfile | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/Dockerfile b/Dockerfile -index 06d872c..687d541 100644 ---- a/Dockerfile -+++ b/Dockerfile -@@ -13,10 +13,12 @@ - # See the License for the specific language governing permissions and - # limitations under the License. - --FROM buildpack-deps:jessie-scm -+FROM arm64v8/buildpack-deps:jessie-scm - MAINTAINER Ken Simon "ken@heptio.com" - --RUN apt-get update && apt-get -y --no-install-recommends install \ -+RUN echo 'Acquire::Check-Valid-Until "0";' > /etc/apt/apt.conf.d/10no--check-valid-until \ -+ && sed -i -e '/security/s/^/#/g' -e 's|deb.debian.org/debian|snapshot.debian.org/archive/debian/20190301T035241Z|g' /etc/apt/sources.list \ -+ && apt-get update && apt-get -y --no-install-recommends install \ - ca-certificates \ - && rm -rf /var/cache/apt/* \ - && rm -rf /var/lib/apt/lists/* diff --git a/docker/sonobuoy-plugin-systemd-logs/sonobuoy-plugin-systemd-logs b/docker/sonobuoy-plugin-systemd-logs/sonobuoy-plugin-systemd-logs deleted file mode 160000 index f49e35d..0000000 --- a/docker/sonobuoy-plugin-systemd-logs/sonobuoy-plugin-systemd-logs +++ /dev/null @@ -1 +0,0 @@ -Subproject commit f49e35d220772879aa057da7d103af35a21439b6 diff --git a/tests/k8s/conformance/conformance.robot b/tests/k8s/conformance/conformance.robot index c51f217..8cf83dd 100644 --- a/tests/k8s/conformance/conformance.robot +++ b/tests/k8s/conformance/conformance.robot @@ -39,10 +39,10 @@ ${LOG} ${LOG_PATH}${/}${SUITE_NAME.replace(' ','_')}.log &{SONOBUOY} path=gcr.io/heptio-images ... name=sonobuoy:v0.16.1 -&{E2E} path=akraino +&{E2E} path=k8s.gcr.io ... name=Actual value set dynamically -&{SYSTEMD_LOGS} path=akraino -... name=validation:sonobuoy-plugin-systemd-logs-latest +&{SYSTEMD_LOGS} path=gcr.io/heptio-images +... name=sonobuoy-plugin-systemd-logs:latest &{SONOBUOY_IMGS} sonobuoy=&{SONOBUOY} ... e2e=&{E2E} ... systemd_logs=&{SYSTEMD_LOGS} @@ -148,9 +148,11 @@ Define Images ${versions}= Convert String To JSON ${result.stdout} ${major}= Get Value From Json ${versions} $.serverVersion.major ${minor}= Get Value From Json ${versions} $.serverVersion.minor + ${gitVersion}= Get Value From Json ${versions} $.serverVersion.gitVersion ${major}= Get Regexp Matches ${major[0]} \\d+ ${minor}= Get Regexp Matches ${minor[0]} \\d+ - Set To Dictionary ${SONOBUOY_IMGS['e2e']} name=validation:kube-conformance-v${major[0]}.${minor[0]} + ${gitVersion}= Get Regexp Matches ${gitVersion[0]} \\d+ + Set To Dictionary ${SONOBUOY_IMGS['e2e']} name=conformance:${gitVersion[0]} Onboard Images ${INT_REG}= Get Variable Value ${INTERNAL_REGISTRY} ${EMPTY} diff --git a/tox.ini b/tox.ini index bfba457..09385ec 100644 --- a/tox.ini +++ b/tox.ini @@ -29,7 +29,6 @@ deps = requests~=2.21.0 nodeenv commands = - rm -rf docker/kube-conformance/kube-conformance docker/sonobuoy-plugin-systemd-logs/sonobuoy-plugin-systemd-logs nodeenv -p npm install --global write-good eslint complexity-report@2.0.0-alpha wget --timeout=120 -q https://github.com/pmd/pmd/releases/download/pmd_releases/6.15.0/pmd-bin-6.15.0.zip -- 2.16.6 From 17bfb0b141931c48ab07dd1303216624bc053aed Mon Sep 17 00:00:00 2001 From: Ioakeim Date: Tue, 8 Jun 2021 19:59:20 +0300 Subject: [PATCH 4/5] Update Dockerfiles Update Dockerfiles in order for the required images to be built successfully. Signed-off-by: Ioakeim Change-Id: I6bcdabc338378e980ecd8f7815586ba936342508 --- docker/docker/Dockerfile | 59 ++++++++++++++++++++++++++++++++---- docker/hardware/Dockerfile | 62 ++++++++++++++++++++++++++++++++------ docker/helm/Dockerfile | 59 ++++++++++++++++++++++++++++++++---- docker/k8s/Dockerfile | 69 +++++++++++++++++++++++++++++++++++++----- docker/openstack/Dockerfile | 73 ++++++++++++++++++++++++++++++++++++++++++--- docker/os/Dockerfile | 24 +++++++-------- docker/services/Dockerfile | 61 +++++++++++++++++++++++++++++++++---- 7 files changed, 355 insertions(+), 52 deletions(-) diff --git a/docker/docker/Dockerfile b/docker/docker/Dockerfile index 82c7040..cdf8f2f 100644 --- a/docker/docker/Dockerfile +++ b/docker/docker/Dockerfile @@ -15,18 +15,37 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM python:3.6-alpine3.9 as build +FROM python:3.10.0b1-alpine3.13 as build # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + freetype-dev \ gcc \ + gdk-pixbuf-dev \ + gettext \ git \ - libc-dev \ - libffi \ + jpeg-dev \ + lcms2-dev \ libffi-dev \ - make \ - openssl-dev + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev # Build binaries WORKDIR /wheels @@ -36,11 +55,39 @@ RUN git clone https://gerrit.akraino.org/r/validation /opt/akraino/validation RUN git clone https://github.com/docker/docker-bench-security.git /opt/akraino/docker-bench-security # Copy binaries in the final container and install requirements -FROM python:3.6-alpine3.9 +FROM python:3.10.0b1-alpine3.13 COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation /opt/akraino/validation COPY --from=build /opt/akraino/docker-bench-security /opt/akraino/docker-bench-security +RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + freetype-dev \ + gcc \ + gdk-pixbuf-dev \ + gettext \ + git \ + jpeg-dev \ + lcms2-dev \ + libffi-dev \ + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev + RUN pip3 install -r /wheels/requirements/pip-requirements.txt \ -f /wheels && \ rm -rf /wheels && \ diff --git a/docker/hardware/Dockerfile b/docker/hardware/Dockerfile index a21cb64..19836f0 100644 --- a/docker/hardware/Dockerfile +++ b/docker/hardware/Dockerfile @@ -15,20 +15,38 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM python:3.6-alpine3.9 as build +FROM python:3.10.0b1-alpine3.13 as build # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + freetype-dev \ gcc \ + gdk-pixbuf-dev \ + gettext \ git \ - libc-dev \ - libffi \ + jpeg-dev \ + lcms2-dev \ libffi-dev \ - make \ + musl-dev \ + openjpeg-dev \ openssl-dev \ - wget + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev # Build binaries WORKDIR /wheels @@ -42,12 +60,41 @@ RUN wget -qO- https://github.com/DMTF/Redfish-Usecase-Checkers/archive/master.zi unzip -qd /opt/akraino - # Copy binaries in the final contaier and install robot framework -FROM python:3.6-alpine3.9 +FROM python:3.10.0b1-alpine3.13 COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation /opt/akraino/validation COPY --from=build /opt/akraino/Redfish-Test-Framework-master /opt/akraino/Redfish-Test-Framework COPY --from=build /opt/akraino/Redfish-Usecase-Checkers-master /opt/akraino/Redfish-Usecase-Checkers +RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ + freetype-dev \ + gcc \ + gdk-pixbuf-dev \ + gettext \ + git \ + jpeg-dev \ + lcms2-dev \ + libffi-dev \ + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev + RUN pip3 install -r /wheels/requirements/pip-requirements.txt \ -f /wheels && \ rm -rf /wheels && \ @@ -60,6 +107,3 @@ RUN pip install -r /opt/akraino/validation/bluval/requirements.txt RUN pip install html-testRunner \ -r /opt/akraino/Redfish-Usecase-Checkers/requirements.txt -# Install curl -RUN apk --no-cache add --update \ - curl diff --git a/docker/helm/Dockerfile b/docker/helm/Dockerfile index 5d9c9af..824c63e 100644 --- a/docker/helm/Dockerfile +++ b/docker/helm/Dockerfile @@ -15,20 +15,39 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM python:3.6-alpine3.9 as build +FROM python:3.10.0b1-alpine3.13 as build ARG HELM_TAG=v2.15.1 # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + freetype-dev \ gcc \ + gdk-pixbuf-dev \ + gettext \ git \ - libc-dev \ - libffi \ + jpeg-dev \ + lcms2-dev \ libffi-dev \ - make \ - openssl-dev + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev # Build binaries WORKDIR /wheels @@ -38,11 +57,39 @@ RUN git clone https://gerrit.akraino.org/r/validation /opt/akraino/validation RUN git clone -b $HELM_TAG https://github.com/helm/helm.git /opt/helm # Copy binaries in the final container and install requirements -FROM python:3.6-alpine3.9 +FROM python:3.10.0b1-alpine3.13 COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation /opt/akraino/validation COPY --from=build /opt/helm/docs/examples/alpine /opt/akraino/bluval-test-alpine +RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + freetype-dev \ + gcc \ + gdk-pixbuf-dev \ + gettext \ + git \ + jpeg-dev \ + lcms2-dev \ + libffi-dev \ + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev + RUN pip3 install -r /wheels/requirements/pip-requirements.txt \ -f /wheels && \ rm -rf /wheels && \ diff --git a/docker/k8s/Dockerfile b/docker/k8s/Dockerfile index 3296fdf..88b8609 100644 --- a/docker/k8s/Dockerfile +++ b/docker/k8s/Dockerfile @@ -15,7 +15,7 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM golang:alpine3.10 as build +FROM golang:1.16.5-alpine3.13 as build # Sonobuoy supports 3 Kubernetes minor versions: the current release and 2 # minor versions before. @@ -27,22 +27,40 @@ ARG K8S_VER=1.16 COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt RUN apk --no-cache add --update \ - curl \ - openssl \ - python3 \ bash \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ findutils \ + freetype-dev \ gcc \ + gdk-pixbuf-dev \ + gettext \ git \ grep \ + jpeg-dev \ + lcms2-dev \ libc-dev \ - libffi \ libffi-dev \ make \ + musl-dev \ + openjpeg-dev \ openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ python3-dev \ py3-pip \ - rsync + rsync \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev # Build binaries; detect the architecture automatically (default is amd64) RUN git clone https://github.com/kubernetes/kubernetes /src/k8s.io/kubernetes @@ -55,6 +73,7 @@ RUN if [ $(uname -m) == 'aarch64' ]; then HOST_ARCH=arm64; else HOST_ARCH=amd64; make WHAT=test/e2e/e2e.test ARCH=$HOST_ARCH RUN git clone https://github.com/heptio/sonobuoy /go/src/github.com/heptio/sonobuoy && \ cd /go/src/github.com/heptio/sonobuoy && \ + pwd \ git checkout $SB_TAG && \ go install RUN git clone https://gerrit.akraino.org/r/validation /opt/akraino/validation @@ -66,12 +85,48 @@ RUN pip3 install wheel RUN pip3 wheel -r /wheels/requirements/pip-requirements.txt # Copy binaries in the final container and install robot framework -FROM python:3.7-alpine3.10 +FROM python:3.10.0b1-alpine3.13 COPY --from=build /src/k8s.io/kubernetes/_output/bin /usr/local/bin COPY --from=build /go/bin/sonobuoy /bin/sonobuoy COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation/ /opt/akraino/validation/ +RUN apk --no-cache add --update \ + bash \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ + findutils \ + freetype-dev \ + gcc \ + gdk-pixbuf-dev \ + gettext \ + git \ + grep \ + jpeg-dev \ + lcms2-dev \ + libc-dev \ + libffi-dev \ + make \ + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + py3-pip \ + rsync \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev + RUN pip3 install -r /wheels/requirements/pip-requirements.txt \ -f /wheels && \ rm -rf /wheels && \ diff --git a/docker/openstack/Dockerfile b/docker/openstack/Dockerfile index 6717d4c..bb40764 100644 --- a/docker/openstack/Dockerfile +++ b/docker/openstack/Dockerfile @@ -15,21 +15,49 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM python:3.6-alpine3.9 as build +FROM python:3.10.0b1-alpine3.13 as build ARG REFSTACK_TARGET=2019.11 # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt + RUN apk --no-cache add --update \ + bash \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ + findutils \ + freetype-dev \ gcc \ + gdk-pixbuf-dev \ + gettext \ git \ + grep \ + jpeg-dev \ + lcms2-dev \ libc-dev \ - libffi \ libffi-dev \ make \ + musl-dev \ + openjpeg-dev \ openssl-dev \ - wget + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + py3-pip \ + rsync \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + wget \ + zlib-dev # Build binaries WORKDIR /wheels @@ -40,11 +68,48 @@ RUN wget -q -O /tmp/test_list.txt \ "https://refstack.openstack.org/api/v1/guidelines/$REFSTACK_TARGET/tests?target=platform&type=required&alias=true&flag=false" # Copy binaries in the final container and install requirements -FROM python:3.6-alpine3.9 +FROM python:3.10.0b1-alpine3.13 COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation /opt/akraino/validation COPY --from=build /tmp/test_list.txt /opt/akraino/validation/tests/openstack/tempest/test_list.txt +RUN apk --no-cache add --update \ + bash \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ + findutils \ + freetype-dev \ + gcc \ + gdk-pixbuf-dev \ + gettext \ + git \ + grep \ + jpeg-dev \ + lcms2-dev \ + libc-dev \ + libffi-dev \ + make \ + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + py3-pip \ + rsync \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + wget \ + zlib-dev + RUN pip3 install -r /wheels/requirements/pip-requirements.txt \ -f /wheels && \ rm -rf /wheels && \ diff --git a/docker/os/Dockerfile b/docker/os/Dockerfile index c447dea..2c16473 100644 --- a/docker/os/Dockerfile +++ b/docker/os/Dockerfile @@ -15,28 +15,24 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM ubuntu:18.04 as build +FROM ubuntu as build # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt RUN apt-get update && apt-get -y install \ - python3-pip \ gcc \ git \ - libc-dev \ - libffi6 \ - libffi-dev \ make \ - libssl-dev \ wget \ - golint \ - sqlite3 \ - debian-goodies \ - build-essential \ - pkg-config \ - autoconf automake autotools-dev m4 \ linux-headers-generic \ - libaio-dev libattr1-dev libcap-dev + build-essential \ + libssl-dev \ + libffi-dev \ + python-dev \ + python3-pip \ + automake \ + autoconf \ + pkgconf # Build binaries WORKDIR /wheels @@ -101,7 +97,7 @@ RUN \ rm *.sqlite3 # Copy binaries into the final container and install robot framework, bluval dependencies -FROM ubuntu:18.04 +FROM ubuntu COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation /opt/akraino/validation COPY --from=build /opt/akraino/ltp.tar.gz /opt/akraino/ltp.tar.gz diff --git a/docker/services/Dockerfile b/docker/services/Dockerfile index 5b25e76..e2e24d3 100644 --- a/docker/services/Dockerfile +++ b/docker/services/Dockerfile @@ -15,19 +15,39 @@ ############################################################################## # ref: https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#use-multi-stage-builds -FROM python:3.6-alpine3.9 as build +FROM python:3.10.0b1-alpine3.13 as build # Install dependencies COPY pip-requirements.txt /wheels/requirements/pip-requirements.txt RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ + freetype-dev \ gcc \ + gdk-pixbuf-dev \ + gettext \ git \ - libc-dev \ - libffi \ + jpeg-dev \ + lcms2-dev \ libffi-dev \ - make \ - openssl-dev + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev # Build binaries WORKDIR /wheels @@ -36,10 +56,39 @@ RUN pip3 wheel -r /wheels/requirements/pip-requirements.txt RUN git clone https://gerrit.akraino.org/r/validation /opt/akraino/validation # Copy binaries in the final contaier and install robot framework -FROM python:3.6-alpine3.9 +FROM python:3.10.0b1-alpine3.13 COPY --from=build /wheels /wheels COPY --from=build /opt/akraino/validation /opt/akraino/validation +RUN apk --no-cache add --update \ + build-base \ + cairo \ + cairo-dev \ + cargo \ + curl \ + freetype-dev \ + gcc \ + gdk-pixbuf-dev \ + gettext \ + git \ + jpeg-dev \ + lcms2-dev \ + libffi-dev \ + musl-dev \ + openjpeg-dev \ + openssl-dev \ + pango-dev \ + poppler-utils \ + postgresql-client \ + postgresql-dev \ + py-cffi \ + python3-dev \ + rust \ + tcl-dev \ + tiff-dev \ + tk-dev \ + zlib-dev + RUN pip3 install -r /wheels/requirements/pip-requirements.txt \ -f /wheels && \ rm -rf /wheels && \ -- 2.16.6 From 6df0350fa3956b1973aa0216564133c89fed0c75 Mon Sep 17 00:00:00 2001 From: Sirisha Gopigiri Date: Fri, 18 Jun 2021 09:58:25 +0530 Subject: [PATCH 5/5] Fix Sonobuoy systemd-image for k8 1.18 This PS upgrades the sonobuoy version, so that the systemd-logs pods get launched successfully on the kubernetes cluster. Signed-off-by: SirishaGopigiri Change-Id: I2f690fef2202528730b760a6a629bb83e6ddc611 --- docker/k8s/Dockerfile | 3 +-- tests/k8s/conformance/conformance.robot | 17 +++-------------- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/docker/k8s/Dockerfile b/docker/k8s/Dockerfile index 6b403c9..f9f992b 100644 --- a/docker/k8s/Dockerfile +++ b/docker/k8s/Dockerfile @@ -19,7 +19,7 @@ FROM golang:1.16.5-alpine3.13 as build # Sonobuoy supports 3 Kubernetes minor versions: the current release and 2 # minor versions before. -ARG SB_TAG=v0.16.1 +ARG SB_TAG=v0.18.2 # Determine the latest stable git tag at build time based on stable major version ARG K8S_VER=1.18 @@ -73,7 +73,6 @@ RUN if [ $(uname -m) == 'aarch64' ]; then HOST_ARCH=arm64; else HOST_ARCH=amd64; make WHAT=test/e2e/e2e.test ARCH=$HOST_ARCH RUN git clone https://github.com/heptio/sonobuoy /go/src/github.com/heptio/sonobuoy && \ cd /go/src/github.com/heptio/sonobuoy && \ - pwd \ git checkout $SB_TAG && \ go install RUN git clone https://gerrit.akraino.org/r/validation /opt/akraino/validation diff --git a/tests/k8s/conformance/conformance.robot b/tests/k8s/conformance/conformance.robot index 8cf83dd..ffffd77 100644 --- a/tests/k8s/conformance/conformance.robot +++ b/tests/k8s/conformance/conformance.robot @@ -37,15 +37,12 @@ Test Teardown Run Keywords *** Variables *** ${LOG} ${LOG_PATH}${/}${SUITE_NAME.replace(' ','_')}.log -&{SONOBUOY} path=gcr.io/heptio-images -... name=sonobuoy:v0.16.1 +&{SONOBUOY} path=sonobuoy +... name=sonobuoy:v0.18.2 &{E2E} path=k8s.gcr.io ... name=Actual value set dynamically -&{SYSTEMD_LOGS} path=gcr.io/heptio-images -... name=sonobuoy-plugin-systemd-logs:latest &{SONOBUOY_IMGS} sonobuoy=&{SONOBUOY} ... e2e=&{E2E} -... systemd_logs=&{SYSTEMD_LOGS} # Following tests assume DNS domain is "cluster.local" ${DNS_DOMAIN_TESTS} SEPARATOR= @@ -146,12 +143,7 @@ Define Images ${result}= Run Process kubectl version -o json Should Be Equal As Integers ${result.rc} 0 ${versions}= Convert String To JSON ${result.stdout} - ${major}= Get Value From Json ${versions} $.serverVersion.major - ${minor}= Get Value From Json ${versions} $.serverVersion.minor ${gitVersion}= Get Value From Json ${versions} $.serverVersion.gitVersion - ${major}= Get Regexp Matches ${major[0]} \\d+ - ${minor}= Get Regexp Matches ${minor[0]} \\d+ - ${gitVersion}= Get Regexp Matches ${gitVersion[0]} \\d+ Set To Dictionary ${SONOBUOY_IMGS['e2e']} name=conformance:${gitVersion[0]} Onboard Images @@ -187,7 +179,4 @@ Create Manifest File ... ${CURDIR}${/}custom_repos.yaml ${result}= Run Process sonobuoy gen @{flags} Should Be Equal As Integers ${result.rc} 0 - ${manifest}= Replace String ${result.stdout} - ... image: gcr.io/heptio-images/sonobuoy-plugin-systemd-logs:latest - ... image: ${SONOBUOY_IMGS.systemd_logs.path}/${SONOBUOY_IMGS.systemd_logs.name} - Create File ${CURDIR}${/}sonobuoy.yaml ${manifest} + Create File ${CURDIR}${/}sonobuoy.yaml ${result.stdout} -- 2.16.6