From 3c4b29162e17960108a92ecc71274ecc4c9c3f76 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 8 Dec 2016 09:52:46 +0100 Subject: Use webapp/nickserver:master on leap_platform:master (#8678) --- tests/platform-ci/ci-build.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 85557b3f..0dfbb5c3 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -43,8 +43,7 @@ NAME="citest${CI_BUILD_ID}" TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -SEEDS='sources.platform.apt.basic:http://deb.leap.se/experimental-0.9 sources.webapp.revision:master sources.nickserver.revision:master' - +SEEDS='' # # Main -- cgit v1.2.3 From 747d3e9b55c8b7b7d98a63474b6de82d7114c389 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 29 Mar 2017 12:46:39 +0200 Subject: Run leap info after deploy --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 0dfbb5c3..af1dba0f 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -78,10 +78,10 @@ $LEAP_CMD compile "$TAG" $LEAP_CMD vm status "$TAG" $LEAP_CMD node init "$TAG" -$LEAP_CMD info "${TAG}" # Deploy and test $LEAP_CMD deploy "$TAG" +$LEAP_CMD info "${TAG}" $LEAP_CMD test "$TAG" # if everything succeeds, destroy the vm -- cgit v1.2.3 From 92f069fc456260c0cc394ab280e61a560ccb3345 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 20 Apr 2017 14:35:03 -0400 Subject: Enhance ci-build.sh for latest CI builds. . Reorganize script to allow for multiple builds . Add latest build, pulling from the ibex provider . Run the build as the cirunner unprivileged user . Set pipefail because job is run within a pipe . Change name of 'build' stage to 'deploy' . Setup an environment for the latest CI deployment --- tests/platform-ci/ci-build.sh | 118 ++++++++++++++++++++++++++---------------- 1 file changed, 74 insertions(+), 44 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index af1dba0f..869e7517 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -15,75 +15,105 @@ # * ssh private key used to login to remove vm # * `SSH_PRIVATE_KEY` # -# Todo: -# - Running locally works fine, now use it in gitlab CI ( which ssh-key ? create cloud.json from env vars ) -# - Speed up vm boot if possible ( right now 3-4mins ) # exit if any commands returns non-zero status set -e +# because the ci-build is running in a pipe we need to also set the following +# so exit codes will be caught correctly. +set -o pipefail # leap_platform/tests/platform-ci # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") -# leap_platform/tests/platform-ci/provider -PROVIDERDIR="${ROOTDIR}/provider" - # leap_platform PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") -LEAP_CMD="/usr/local/bin/bundle exec leap -v2 --yes" +LEAP_CMD() { + /usr/local/bin/bundle exec leap -v2 --yes "$@" +} + +deploy() { + LEAP_CMD deploy "$TAG" +} + +test() { + LEAP_CMD test "$TAG" +} + +build_from_scratch() { + # leap_platform/tests/platform-ci/provider + PROVIDERDIR="${ROOTDIR}/provider" + /bin/echo "Provider directory: ${PROVIDERDIR}" + cd "$PROVIDERDIR" -# create node(s) with unique id so we can run tests in parallel -NAME="citest${CI_BUILD_ID}" -# when using gitlab-runner locally, CI_BUILD_ID is always 1 which -# will conflict with running/terminating AWS instances in subsequent runs -# therefore we pick a random number in this case -[ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + # Create cloud.json needed for `leap vm` commands using AWS credentials + which jq || ( apt-get update -y && apt-get install jq -y ) + /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json -TAG='single' -SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -SEEDS='' + [ -d "./tags" ] || mkdir "./tags" + /bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" + + pwd + LEAP_CMD vm status "$TAG" + # shellcheck disable=SC2086 + LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS + LEAP_CMD compile "$TAG" + LEAP_CMD vm status "$TAG" + + LEAP_CMD node init "$TAG" + LEAP_CMD info "${TAG}" +} # # Main # - /bin/echo "CI directory: ${ROOTDIR}" -/bin/echo "Provider directory: ${PROVIDERDIR}" /bin/echo "Platform directory: ${PLATFORMDIR}" -cd "$PROVIDERDIR" # Ensure we don't output secret stuff to console even when running in verbose mode with -x set +x -# Create cloud.json needed for `leap vm` commands using AWS credentials -which jq || ( apt-get update -y && apt-get install jq -y ) -/usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json - # Configure ssh keypair [ -d ~/.ssh ] || /bin/mkdir ~/.ssh /bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa /bin/chmod 600 ~/.ssh/id_rsa -/bin/cp users/gitlab-runner/gitlab-runner_ssh.pub ~/.ssh/id_rsa.pub - -[ -d "./tags" ] || mkdir "./tags" -/bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" - -$LEAP_CMD vm status "$TAG" -# shellcheck disable=SC2086 -$LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS -$LEAP_CMD compile "$TAG" -$LEAP_CMD vm status "$TAG" - -$LEAP_CMD node init "$TAG" - -# Deploy and test -$LEAP_CMD deploy "$TAG" -$LEAP_CMD info "${TAG}" -$LEAP_CMD test "$TAG" - -# if everything succeeds, destroy the vm -$LEAP_CMD vm rm "${TAG}" -[ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" +/bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub + +case "$CI_BUILD_STAGE" in + build) + # create node(s) with unique id so we can run tests in parallel + NAME="citest${CI_BUILD_ID}" + # when using gitlab-runner locally, CI_BUILD_ID is always 1 which + # will conflict with running/terminating AWS instances in subsequent runs + # therefore we pick a random number in this case + [ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + + TAG='single' + SERVICES='couchdb,soledad,mx,webapp,tor,monitor' + SEEDS='' + build_from_scratch + # Deploy and test + deploy + test + # if everything succeeds, destroy the vm + LEAP_CMD vm rm "${TAG}" + [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" + ;; + latest) + TAG='latest' + echo "Cloning ibex provider..." + git clone -q --depth 1 ssh://gitolite@leap.se/ibex + cd ibex + git rev-parse HEAD + echo -n "Operating in the ibex directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test + ;; +esac -- cgit v1.2.3 From 9ab23ac448d629a362bdba142b685217b2103f07 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 20 Apr 2017 14:59:51 -0400 Subject: switch to using CI_ENVIRONMENT_NAME and defaulting to the basic deployment --- tests/platform-ci/ci-build.sh | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 869e7517..a9731fca 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -81,8 +81,23 @@ set +x /bin/chmod 600 ~/.ssh/id_rsa /bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub -case "$CI_BUILD_STAGE" in - build) +case "$CI_ENVIRONMENT_NAME" in + latest) + TAG='latest' + echo "Cloning ibex provider..." + git clone -q --depth 1 ssh://gitolite@leap.se/ibex + cd ibex + git rev-parse HEAD + echo -n "Operating in the ibex directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test + ;; + *) # create node(s) with unique id so we can run tests in parallel NAME="citest${CI_BUILD_ID}" # when using gitlab-runner locally, CI_BUILD_ID is always 1 which @@ -101,19 +116,4 @@ case "$CI_BUILD_STAGE" in LEAP_CMD vm rm "${TAG}" [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" ;; - latest) - TAG='latest' - echo "Cloning ibex provider..." - git clone -q --depth 1 ssh://gitolite@leap.se/ibex - cd ibex - git rev-parse HEAD - echo -n "Operating in the ibex directory: " - pwd - echo "Listing current node information..." - LEAP_CMD list - echo "Attempting a deploy..." - deploy - echo "Attempting to run tests..." - test - ;; esac -- cgit v1.2.3 From f5d1850e7b3831b1ee6374627bb403aa3858a320 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Apr 2017 13:42:14 -0400 Subject: Fix the pipefail by putting ts inside of ci-build.sh --- tests/platform-ci/ci-build.sh | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index a9731fca..b39f6874 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -22,6 +22,11 @@ set -e # so exit codes will be caught correctly. set -o pipefail +# we wrap the whole script in curly braces so we can pipe it all through ts to +# get timestamps. If we put it outside of the script, then we can't get proper +# pipefail results. + +{ # leap_platform/tests/platform-ci # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") @@ -117,3 +122,4 @@ case "$CI_ENVIRONMENT_NAME" in [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" ;; esac +} | /usr/bin/ts -s -- cgit v1.2.3 From 9d096ace3692f67fe82a97d648c930c2da19a830 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Apr 2017 19:40:28 -0400 Subject: Add a production environment for demovpn, demomail Pull duplicated bits into a function --- tests/platform-ci/ci-build.sh | 36 ++++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 12 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b39f6874..e25b8096 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -70,6 +70,21 @@ build_from_scratch() { LEAP_CMD info "${TAG}" } +run() { + echo "Cloning $1 repo: $2" + git clone -q --depth 1 "$2" + cd "$1" + git rev-parse HEAD + echo -n "Operating in the $1 directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test +} + # # Main # @@ -89,18 +104,15 @@ set +x case "$CI_ENVIRONMENT_NAME" in latest) TAG='latest' - echo "Cloning ibex provider..." - git clone -q --depth 1 ssh://gitolite@leap.se/ibex - cd ibex - git rev-parse HEAD - echo -n "Operating in the ibex directory: " - pwd - echo "Listing current node information..." - LEAP_CMD list - echo "Attempting a deploy..." - deploy - echo "Attempting to run tests..." - test + run ibex ssh://gitolite@leap.se/ibex + ;; + production/mail) + TAG='demomail' + run bitmask ssh://gitolite@leap.se/bitmask + ;; + production/vpn) + TAG='demovpn' + run bitmask ssh://gitolite@leap.se/bitmask ;; *) # create node(s) with unique id so we can run tests in parallel -- cgit v1.2.3 From a577fbf20357ae1bc611da975cde001ef9dfa310 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Apr 2017 11:59:57 +0200 Subject: Improve ci-build.sh (Closes #8771) * Change environment names for clarity: . Use staging for deploying to latest . Use production environments to deploy to demo: production/vpn production/mail * Install leap_cli if not present and define default values * Remove old nodes from cached runs * Remove no longer used SEEDS variable * Debugging improvements: . Hide secrets when calling ci-build.sh with xtrace enabled . Use unbuffer to we can add debug output locally . Add debugging to build_from_scratch() --- tests/platform-ci/ci-build.sh | 66 +++++++++++++++++++++++++++++++++---------- 1 file changed, 51 insertions(+), 15 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index e25b8096..747e09a7 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -22,11 +22,16 @@ set -e # so exit codes will be caught correctly. set -o pipefail -# we wrap the whole script in curly braces so we can pipe it all through ts to -# get timestamps. If we put it outside of the script, then we can't get proper -# pipefail results. +# Check if scipt is run in debug mode so we can hide secrets +if [[ "$-" =~ 'x' ]] +then + echo 'Running with xtrace enabled!' + xtrace=true +else + echo 'Running with xtrace disabled!' + xtrace=false +fi -{ # leap_platform/tests/platform-ci # shellcheck disable=SC2086 ROOTDIR=$(readlink -f "$(dirname $0)") @@ -34,9 +39,20 @@ ROOTDIR=$(readlink -f "$(dirname $0)") # leap_platform PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") -LEAP_CMD() { - /usr/local/bin/bundle exec leap -v2 --yes "$@" -} +# In the gitlab CI pipeline leap is installed in a different +# stage by bundle. To debug you can run a single CI job locally +# so we install leap_cli as gem here. +if /usr/local/bin/bundle exec leap >/dev/null 2>&1 +then + LEAP_CMD() { + /usr/local/bin/bundle exec leap -v2 --yes "$@" + } +else + sudo gem install leap_cli + LEAP_CMD() { + leap -v2 --yes "$@" + } +fi deploy() { LEAP_CMD deploy "$TAG" @@ -54,19 +70,38 @@ build_from_scratch() { # Create cloud.json needed for `leap vm` commands using AWS credentials which jq || ( apt-get update -y && apt-get install jq -y ) + + # Dsiable xtrace + set +x /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json + # Enable xtrace again only if it was set at beginning of script + [[ $xtrace == true ]] && set -x [ -d "./tags" ] || mkdir "./tags" /bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" pwd + +# remove old cached nodes + echo "Removing old cached nodes..." + find nodes -name 'citest*' -exec rm {} \; + + echo "Listing current VM status..." LEAP_CMD vm status "$TAG" # shellcheck disable=SC2086 - LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" $SEEDS + echo "Adding VM $NAME with the services: $SERVICES and the tags: $TAG" + LEAP_CMD vm add "$NAME" services:"$SERVICES" tags:"$TAG" + echo "Compiling $TAG..." LEAP_CMD compile "$TAG" + echo "Listing current VM status for TAG: $TAG..." LEAP_CMD vm status "$TAG" + echo "Running leap list..." + LEAP_CMD list + + echo "Running leap node init on TAG: $TAG" LEAP_CMD node init "$TAG" + echo "Running leap info on $TAG" LEAP_CMD info "${TAG}" } @@ -101,30 +136,32 @@ set +x /bin/chmod 600 ~/.ssh/id_rsa /bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub +# Enable xtrace again only if it was set at beginning of script +[[ $xtrace == true ]] && set -x + case "$CI_ENVIRONMENT_NAME" in - latest) + staging) TAG='latest' run ibex ssh://gitolite@leap.se/ibex ;; - production/mail) + demo/mail) TAG='demomail' run bitmask ssh://gitolite@leap.se/bitmask ;; - production/vpn) + demo/vpn) TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; *) # create node(s) with unique id so we can run tests in parallel - NAME="citest${CI_BUILD_ID}" + NAME="citest${CI_BUILD_ID:-0}" # when using gitlab-runner locally, CI_BUILD_ID is always 1 which # will conflict with running/terminating AWS instances in subsequent runs # therefore we pick a random number in this case - [ "$CI_BUILD_ID" -eq "1" ] && NAME+="000${RANDOM}" + [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' - SEEDS='' build_from_scratch # Deploy and test deploy @@ -134,4 +171,3 @@ case "$CI_ENVIRONMENT_NAME" in [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" ;; esac -} | /usr/bin/ts -s -- cgit v1.2.3 From 8bc60685875e2eb289d0d860ebe7ba7839eb20e2 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 27 Apr 2017 13:41:22 -0400 Subject: change environment names to match ci-build.sh --- tests/platform-ci/ci-build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 747e09a7..34876a73 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -144,11 +144,11 @@ case "$CI_ENVIRONMENT_NAME" in TAG='latest' run ibex ssh://gitolite@leap.se/ibex ;; - demo/mail) + production/demo/mail) TAG='demomail' run bitmask ssh://gitolite@leap.se/bitmask ;; - demo/vpn) + production/demo/vpn) TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; -- cgit v1.2.3 From 9f315d37968f0135deb3fadcdf6cf54278153de0 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:20:30 +0200 Subject: [CI] Check for mandatory env variables on platform builds --- tests/platform-ci/ci-build.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 34876a73..e2485c0a 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -54,6 +54,11 @@ else } fi +fail() { + echo "$*" + exit 1 +} + deploy() { LEAP_CMD deploy "$TAG" } @@ -73,6 +78,11 @@ build_from_scratch() { # Dsiable xtrace set +x + + [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." + [ -z "$AWS_SECRET_KEY" ] && fail "\$AWS_SECRET_KEY is not set - please provide it as env variable." + [ -z "$SSH_PRIVATE_KEY" ] && fail "\$SSH_PRIVATE_KEY is not set - please provide it as env variable." + /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json # Enable xtrace again only if it was set at beginning of script [[ $xtrace == true ]] && set -x -- cgit v1.2.3 From a3fc434020da4ea8fb447536fd37906ca0a8d890 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:40:57 +0200 Subject: [CI] Use CI_JOB_NAME to determine what action to take --- tests/platform-ci/ci-build.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index e2485c0a..b554b1d3 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -92,7 +92,7 @@ build_from_scratch() { pwd -# remove old cached nodes + # remove old cached nodes echo "Removing old cached nodes..." find nodes -name 'citest*' -exec rm {} \; @@ -149,16 +149,16 @@ set +x # Enable xtrace again only if it was set at beginning of script [[ $xtrace == true ]] && set -x -case "$CI_ENVIRONMENT_NAME" in - staging) +case "$CI_JOB_NAME" in + ci.leap.se) TAG='latest' run ibex ssh://gitolite@leap.se/ibex ;; - production/demo/mail) + mail.bitmask.net) TAG='demomail' run bitmask ssh://gitolite@leap.se/bitmask ;; - production/demo/vpn) + demo.bitmask.net) TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; -- cgit v1.2.3 From 6e7b18f8732e79957aaa2e536b368aef8a9d6ab9 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:47:54 +0200 Subject: [CI] Move more commands into functions --- tests/platform-ci/ci-build.sh | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b554b1d3..abc5fec8 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -68,6 +68,16 @@ test() { } build_from_scratch() { + # create node(s) with unique id so we can run tests in parallel + NAME="citest${CI_BUILD_ID:-0}" + # when using gitlab-runner locally, CI_BUILD_ID is always 1 which + # will conflict with running/terminating AWS instances in subsequent runs + # therefore we pick a random number in this case + [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" + + TAG='single' + SERVICES='couchdb,soledad,mx,webapp,tor,monitor' + # leap_platform/tests/platform-ci/provider PROVIDERDIR="${ROOTDIR}/provider" /bin/echo "Provider directory: ${PROVIDERDIR}" @@ -130,6 +140,12 @@ run() { test } +cleanup() { + # if everything succeeds, destroy the vm + LEAP_CMD vm rm "${TAG}" + [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" +} + # # Main # @@ -163,21 +179,9 @@ case "$CI_JOB_NAME" in run bitmask ssh://gitolite@leap.se/bitmask ;; *) - # create node(s) with unique id so we can run tests in parallel - NAME="citest${CI_BUILD_ID:-0}" - # when using gitlab-runner locally, CI_BUILD_ID is always 1 which - # will conflict with running/terminating AWS instances in subsequent runs - # therefore we pick a random number in this case - [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" - - TAG='single' - SERVICES='couchdb,soledad,mx,webapp,tor,monitor' build_from_scratch - # Deploy and test deploy test - # if everything succeeds, destroy the vm - LEAP_CMD vm rm "${TAG}" - [ -f "nodes/${NAME}.json" ] && /bin/rm "nodes/${NAME}.json" + cleanup ;; esac -- cgit v1.2.3 From 1bcd200ec20a28a1c360afdf097dc4fcaa9c00a8 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 16:51:58 +0200 Subject: [CI] Fail when CI_JOB_NAME is not recognized --- tests/platform-ci/ci-build.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index abc5fec8..b02fe89d 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -178,10 +178,13 @@ case "$CI_JOB_NAME" in TAG='demovpn' run bitmask ssh://gitolite@leap.se/bitmask ;; - *) + deploy_test*) build_from_scratch deploy test cleanup ;; + *) + fail "Don't know what to do for \$CI_JOB_NAME \"$CI_JOB_NAME\"!" + ;; esac -- cgit v1.2.3 From 5816661ab20f2b2641bc3c19dc495b28e531213e Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 17:14:45 +0200 Subject: [CI] Add upgrade tests to ci-build.sh --- tests/platform-ci/ci-build.sh | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b02fe89d..256164ac 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -140,6 +140,29 @@ run() { test } +upgrade_test() { + # Checkout stable branch containing last release + # and deploy this + cd "$PLATFORMDIR" + git remote add leap https://leap.se/git/leap_platform + git fetch leap + git checkout -b leap_stable remotes/leap/stable + cd "$PROVIDERDIR" + build_from_scratch + deploy + test + + # Checkout HEAD of current branch and re-deploy + cd "$PLATFORMDIR" + git checkout "$CI_COMMIT_REF" + cd "$PROVIDERDIR" + deploy + test + + cleanup + +} + cleanup() { # if everything succeeds, destroy the vm LEAP_CMD vm rm "${TAG}" @@ -184,6 +207,9 @@ case "$CI_JOB_NAME" in test cleanup ;; + upgrade_test) + upgrade_test + ;; *) fail "Don't know what to do for \$CI_JOB_NAME \"$CI_JOB_NAME\"!" ;; -- cgit v1.2.3 From c232b863172a4f5b511e64f02882e5a4804c337e Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 17:37:02 +0200 Subject: [CI] Run bundle install after checking out different platform branch --- tests/platform-ci/ci-build.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 256164ac..88856511 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -147,7 +147,13 @@ upgrade_test() { git remote add leap https://leap.se/git/leap_platform git fetch leap git checkout -b leap_stable remotes/leap/stable + # After checking out a different platform branch + # bundle install is needed again + cd "$ROOTDIR" + /usr/local/bin/bundle install + cd "$PROVIDERDIR" + build_from_scratch deploy test @@ -155,6 +161,11 @@ upgrade_test() { # Checkout HEAD of current branch and re-deploy cd "$PLATFORMDIR" git checkout "$CI_COMMIT_REF" + # After checking out a different platform branch + # bundle install is needed again + cd "$ROOTDIR" + /usr/local/bin/bundle install + cd "$PROVIDERDIR" deploy test -- cgit v1.2.3 From 0d304e582d643893f5e139eb5126c793bc82ae6d Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 29 Jun 2017 20:05:17 +0200 Subject: [CI] Fix node name for local tests --- tests/platform-ci/ci-build.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 88856511..9332c12c 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -68,12 +68,14 @@ test() { } build_from_scratch() { - # create node(s) with unique id so we can run tests in parallel - NAME="citest${CI_BUILD_ID:-0}" - # when using gitlab-runner locally, CI_BUILD_ID is always 1 which + # when using gitlab-runner locally, CI_JOB_ID is always 1 which # will conflict with running/terminating AWS instances in subsequent runs # therefore we pick a random number in this case - [ "${CI_BUILD_ID:-0}" -eq "1" ] && NAME+="000${RANDOM}" + [ "${CI_JOB_ID}" == "1" ] && CI_JOB_ID="000${RANDOM}" + + # create node(s) with unique id so we can run tests in parallel + NAME="citest${CI_JOB_ID:-0}" + TAG='single' SERVICES='couchdb,soledad,mx,webapp,tor,monitor' -- cgit v1.2.3 From 9adaa316050e3eed971fe316eb545ba74c562cca Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Jul 2017 12:00:20 -0700 Subject: Fix upgrade_test failure. See https://0xacab.org/leap/platform/-/jobs/14029 for an example. --- tests/platform-ci/ci-build.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 9332c12c..1c9cc416 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -146,7 +146,8 @@ upgrade_test() { # Checkout stable branch containing last release # and deploy this cd "$PLATFORMDIR" - git remote add leap https://leap.se/git/leap_platform + # due to cache, this remote is sometimes already added + git remote add leap https://leap.se/git/leap_platform || true git fetch leap git checkout -b leap_stable remotes/leap/stable # After checking out a different platform branch -- cgit v1.2.3 From b9f562813b5005577bed3f2a40c5eb147696e18c Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Jul 2017 13:54:43 -0700 Subject: Additional fix for CI cache failure --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 1c9cc416..5c21bfb7 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -149,7 +149,7 @@ upgrade_test() { # due to cache, this remote is sometimes already added git remote add leap https://leap.se/git/leap_platform || true git fetch leap - git checkout -b leap_stable remotes/leap/stable + git checkout -b leap_stable remotes/leap/stable || true # After checking out a different platform branch # bundle install is needed again cd "$ROOTDIR" -- cgit v1.2.3 From ff3878a70235206d182116c74c4ac7b3cc1a478f Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 4 Jul 2017 14:31:38 -0700 Subject: Fix non-existent CI variable CI_COMMIT_REF (#8844) --- tests/platform-ci/ci-build.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 5c21bfb7..1445f562 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -149,7 +149,10 @@ upgrade_test() { # due to cache, this remote is sometimes already added git remote add leap https://leap.se/git/leap_platform || true git fetch leap + echo "Checking out leap/stable" git checkout -b leap_stable remotes/leap/stable || true + echo -n "Current version: " + git rev-parse HEAD # After checking out a different platform branch # bundle install is needed again cd "$ROOTDIR" @@ -163,7 +166,10 @@ upgrade_test() { # Checkout HEAD of current branch and re-deploy cd "$PLATFORMDIR" - git checkout "$CI_COMMIT_REF" + echo "Checking out: $CI_COMMIT_SHA" + git checkout "$CI_COMMIT_SHA" + echo -n "Current version: " + git rev-parse HEAD # After checking out a different platform branch # bundle install is needed again cd "$ROOTDIR" -- cgit v1.2.3 From 55b784f2ccd6336db4bab9157a8498cb87c562ff Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 25 Jul 2017 15:49:46 -0700 Subject: CI: Cleanup and enhance to specify platform branch Fix indentation; setup some more clear variables. Add a third variable to ensure the proper platform branch is checked out. This is necessary because otherwise environment deploys get stuck because the platform directory is in a detached state and then the environment deploys will not proceed because the branch check fails. This will fix #8843. --- tests/platform-ci/ci-build.sh | 42 +++++++++++++++++++++++++++++------------- 1 file changed, 29 insertions(+), 13 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 1445f562..57b874f9 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -128,18 +128,34 @@ build_from_scratch() { } run() { - echo "Cloning $1 repo: $2" - git clone -q --depth 1 "$2" - cd "$1" - git rev-parse HEAD - echo -n "Operating in the $1 directory: " - pwd - echo "Listing current node information..." - LEAP_CMD list - echo "Attempting a deploy..." - deploy - echo "Attempting to run tests..." - test + provider_name=$1 + provider_URI=$2 + platform_branch=$3 + + # If the third argument is set make sure we are on that platform branch + if [[ -n $platform_branch ]] + then + echo "Checking out $platform_branch branch of platform" + cd "$PLATFORMDIR" + git checkout -B "$platform_branch" + fi + + # Setup the provider repository + echo "Setting up the provider repository: $provider_name by cloning $provider_URI" + git clone -q --depth 1 "$provider_URI" "$ROOTDIR" + cd "$provider_name" + echo -n "$provider_name repo at revision: " + git rev-parse HEAD + echo -n "Operating in the $provider_name directory: " + pwd + echo "Listing current node information..." + LEAP_CMD list + + # Do the deployment + echo "Attempting a deploy..." + deploy + echo "Attempting to run tests..." + test } upgrade_test() { @@ -215,7 +231,7 @@ case "$CI_JOB_NAME" in ;; mail.bitmask.net) TAG='demomail' - run bitmask ssh://gitolite@leap.se/bitmask + run bitmask ssh://gitolite@leap.se/bitmask master ;; demo.bitmask.net) TAG='demovpn' -- cgit v1.2.3 From 33b56edf683b82acb3f3d077c1b2e907a1dc02dd Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 27 Jul 2017 14:18:46 -0700 Subject: CI: fix provider checkout Provider checkout was being done to a pre-existing directory, which resulted in an error about the directory already existing (see https://0xacab.org/leap/platform/-/jobs/15730), this should fix that problem. --- tests/platform-ci/ci-build.sh | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 57b874f9..459264d5 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -132,6 +132,16 @@ run() { provider_URI=$2 platform_branch=$3 + # Setup the provider repository + echo "Setting up the provider repository: $provider_name by cloning $provider_URI" + git clone -q --depth 1 "$provider_URI" + cd "$provider_name" + echo -n "$provider_name repo at revision: " + git rev-parse HEAD + echo -n "Operating in the $provider_name directory: " + pwd + + # If the third argument is set make sure we are on that platform branch if [[ -n $platform_branch ]] then @@ -140,14 +150,7 @@ run() { git checkout -B "$platform_branch" fi - # Setup the provider repository - echo "Setting up the provider repository: $provider_name by cloning $provider_URI" - git clone -q --depth 1 "$provider_URI" "$ROOTDIR" - cd "$provider_name" - echo -n "$provider_name repo at revision: " - git rev-parse HEAD - echo -n "Operating in the $provider_name directory: " - pwd + cd "${ROOTDIR}/${provider_name}" echo "Listing current node information..." LEAP_CMD list -- cgit v1.2.3 From d66bbeb065c2f8f38b946e45e77607629a96f2dc Mon Sep 17 00:00:00 2001 From: Varac Date: Wed, 13 Sep 2017 22:53:53 +0200 Subject: CI: Use master branch for demo.bitmask.net deploy Commit 55b784f2 fixed this for mail.bitmask.net, but not for demo.bitmask.net. See https://0xacab.org/leap/platform/commit/55b784f2ccd6336db4bab9157a8498cb87c562ff This fixes #8843. --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 459264d5..58e2bcc5 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -238,7 +238,7 @@ case "$CI_JOB_NAME" in ;; demo.bitmask.net) TAG='demovpn' - run bitmask ssh://gitolite@leap.se/bitmask + run bitmask ssh://gitolite@leap.se/bitmask master ;; deploy_test*) build_from_scratch -- cgit v1.2.3 From e2e3fa4ea0c26b4ccf226f4a3b692ce0f78f5bf5 Mon Sep 17 00:00:00 2001 From: Varac Date: Tue, 26 Sep 2017 20:36:06 +0200 Subject: Add cert renewal to production deployments --- tests/platform-ci/ci-build.sh | 1 + 1 file changed, 1 insertion(+) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 58e2bcc5..3c6a1ff4 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -156,6 +156,7 @@ run() { # Do the deployment echo "Attempting a deploy..." + LEAP_CMD cert renew "$provider_name" deploy echo "Attempting to run tests..." test -- cgit v1.2.3 From b566104d04ebe89d724c089491d9ba478b20d1a6 Mon Sep 17 00:00:00 2001 From: Varac Date: Tue, 26 Sep 2017 20:44:41 +0200 Subject: Use right domain name to renew certs --- tests/platform-ci/ci-build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 3c6a1ff4..120e2858 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -156,7 +156,7 @@ run() { # Do the deployment echo "Attempting a deploy..." - LEAP_CMD cert renew "$provider_name" + LEAP_CMD cert renew "$CI_JOB_NAME" deploy echo "Attempting to run tests..." test -- cgit v1.2.3 From d9d38bb283ff1c94cbf4bd488175cb77ae3fa3a4 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 28 Sep 2017 20:12:08 +0200 Subject: CI: Test staging deb repo component Resolves: #8871 --- tests/platform-ci/ci-build.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 120e2858..4710bc88 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -39,6 +39,9 @@ ROOTDIR=$(readlink -f "$(dirname $0)") # leap_platform PLATFORMDIR=$(readlink -f "${ROOTDIR}/../..") +# deb repo component to configure +COMPONENT=${COMPONENT:-"master"} + # In the gitlab CI pipeline leap is installed in a different # stage by bundle. To debug you can run a single CI job locally # so we install leap_cli as gem here. @@ -88,7 +91,7 @@ build_from_scratch() { # Create cloud.json needed for `leap vm` commands using AWS credentials which jq || ( apt-get update -y && apt-get install jq -y ) - # Dsiable xtrace + # Disable xtrace set +x [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." @@ -102,7 +105,8 @@ build_from_scratch() { [ -d "./tags" ] || mkdir "./tags" /bin/echo "{\"environment\": \"$TAG\"}" | /usr/bin/json_pp > "${PROVIDERDIR}/tags/${TAG}.json" - pwd + # configure deb repo component + echo '{}' | jq ".sources.platform.apt |= { \"source\": \"http://deb.leap.se/platform\", \"component\": \"${COMPONENT}\" }" > common.json # remove old cached nodes echo "Removing old cached nodes..." -- cgit v1.2.3 From 5b10def43d134e5735bfcec1237c04cf66e8610b Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 19 Sep 2017 15:36:06 -0400 Subject: Feat: Refactor tor services In order to refactor the tor services, we need to split them out into three different services. This adds the hidden service class that is necessary to support the previous commits. Fixes #8864. --- tests/platform-ci/ci-build.sh | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 4710bc88..06af59ca 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -71,6 +71,13 @@ test() { } build_from_scratch() { + # allow passing into the function the services, use a default set if empty + SERVICES=$1 + if [ -z "$SERVICES" ] + then + SERVICES='couchdb,soledad,mx,webapp,tor_relay,monitor' + fi + # when using gitlab-runner locally, CI_JOB_ID is always 1 which # will conflict with running/terminating AWS instances in subsequent runs # therefore we pick a random number in this case @@ -78,10 +85,7 @@ build_from_scratch() { # create node(s) with unique id so we can run tests in parallel NAME="citest${CI_JOB_ID:-0}" - - TAG='single' - SERVICES='couchdb,soledad,mx,webapp,tor,monitor' # leap_platform/tests/platform-ci/provider PROVIDERDIR="${ROOTDIR}/provider" @@ -184,7 +188,7 @@ upgrade_test() { cd "$PROVIDERDIR" - build_from_scratch + build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy test @@ -200,6 +204,11 @@ upgrade_test() { /usr/local/bin/bundle install cd "$PROVIDERDIR" + + # due to the 'tor' service no longer being valid in 0.10, we need to change + # that service to 'tor_relay'. This is done by changing the services array + # with jq to be set to the full correct list of services + jq '.services = ["couchdb","soledad","mx","webapp","tor_relay","monitor"]' < nodes/${NAME}.json deploy test -- cgit v1.2.3 From 6998301b6fa9485b940e23a9c753d32a76a98fc5 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 17 Oct 2017 16:28:17 -0400 Subject: Bug: replace single provider key with an unique one For the CI, we were using the gitlab-runner ssh key for all provider builds, this replaces it with an unique one for each provider. --- tests/platform-ci/ci-build.sh | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 06af59ca..39fc513b 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -12,9 +12,9 @@ # * AWS credentials as environment variables: # * `AWS_ACCESS_KEY` # * `AWS_SECRET_KEY` -# * ssh private key used to login to remove vm -# * `SSH_PRIVATE_KEY` -# +# * ssh private keys used to clone providers: +# * `BITMASK_PROVIDER_SSH_PRIVATE_KEY` +# * `IBEX_PROVIDER_SSH_PRIVATE_KEY` # exit if any commands returns non-zero status set -e @@ -100,7 +100,8 @@ build_from_scratch() { [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." [ -z "$AWS_SECRET_KEY" ] && fail "\$AWS_SECRET_KEY is not set - please provide it as env variable." - [ -z "$SSH_PRIVATE_KEY" ] && fail "\$SSH_PRIVATE_KEY is not set - please provide it as env variable." + [ -z "$BITMASK_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$BITMASK_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." + [ -z "$IBEX_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$IBEX_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json # Enable xtrace again only if it was set at beginning of script @@ -140,6 +141,12 @@ run() { provider_URI=$2 platform_branch=$3 + # Configure ssh keypair + [ -d ~/.ssh ] || /bin/mkdir ~/.ssh + /bin/echo "${provider_name}_PROVIDER_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa + /bin/chmod 600 ~/.ssh/id_rsa + /bin/cp "${ROOTDIR}/provider/users/gitlab-runner-${provider_name}/gitlab-runner-${provider_name}_ssh.pub" ~/.ssh/id_rsa.pub + # Setup the provider repository echo "Setting up the provider repository: $provider_name by cloning $provider_URI" git clone -q --depth 1 "$provider_URI" @@ -232,12 +239,6 @@ cleanup() { # Ensure we don't output secret stuff to console even when running in verbose mode with -x set +x -# Configure ssh keypair -[ -d ~/.ssh ] || /bin/mkdir ~/.ssh -/bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa -/bin/chmod 600 ~/.ssh/id_rsa -/bin/cp "${ROOTDIR}/provider/users/gitlab-runner/gitlab-runner_ssh.pub" ~/.ssh/id_rsa.pub - # Enable xtrace again only if it was set at beginning of script [[ $xtrace == true ]] && set -x -- cgit v1.2.3 From 2c50305985f171f80e406e5e430911cd3e9e0f07 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 19 Oct 2017 10:00:45 -0400 Subject: CI: fix variable names, abstract ssh setup --- tests/platform-ci/ci-build.sh | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 39fc513b..843642a4 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -13,8 +13,8 @@ # * `AWS_ACCESS_KEY` # * `AWS_SECRET_KEY` # * ssh private keys used to clone providers: -# * `BITMASK_PROVIDER_SSH_PRIVATE_KEY` -# * `IBEX_PROVIDER_SSH_PRIVATE_KEY` +# * `bitmask_PROVIDER_SSH_PRIVATE_KEY` +# * `ibex_PROVIDER_SSH_PRIVATE_KEY` # exit if any commands returns non-zero status set -e @@ -70,7 +70,26 @@ test() { LEAP_CMD test "$TAG" } +ssh_setup() { + # set the provider name from the first argument passed to the function + provider_name=$1 + # set CI_SSH_SECRET_PRIVATE_KEY to the variable name keyed off of the provider_name + CI_SSH_SECRET_PRIVATE_KEY=${provider_name}_PROVIDER_SSH_PRIVATE_KEY + # Set the SSH_PRIVATE_KEY to the value provided in the CI runner secret variable setting in gitlab + SSH_PRIVATE_KEY=${!CI_SSH_SECRET_PRIVATE_KEY} + echo "Working with provider: $provider_name" + [ -z "$SSH_PRIVATE_KEY" ] && fail "${provider_name}_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." + # Configure ssh keypair + [ -d ~/.ssh ] || /bin/mkdir ~/.ssh + /bin/echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa + /bin/chmod 600 ~/.ssh/id_rsa + /bin/cp "${ROOTDIR}/provider/users/gitlab-runner-${provider_name}/gitlab-runner-${provider_name}_ssh.pub" ~/.ssh/id_rsa.pub +} + build_from_scratch() { + # setup ssh keys + ssh_setup platform + # allow passing into the function the services, use a default set if empty SERVICES=$1 if [ -z "$SERVICES" ] @@ -100,8 +119,6 @@ build_from_scratch() { [ -z "$AWS_ACCESS_KEY" ] && fail "\$AWS_ACCESS_KEY is not set - please provide it as env variable." [ -z "$AWS_SECRET_KEY" ] && fail "\$AWS_SECRET_KEY is not set - please provide it as env variable." - [ -z "$BITMASK_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$BITMASK_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." - [ -z "$IBEX_PROVIDER_SSH_PRIVATE_KEY" ] && fail "\$IBEX_PROVIDER_SSH_PRIVATE_KEY is not set - please provide it as env variable." /usr/bin/jq ".platform_ci.auth |= .+ {\"aws_access_key_id\":\"$AWS_ACCESS_KEY\", \"aws_secret_access_key\":\"$AWS_SECRET_KEY\"}" < cloud.json.template > cloud.json # Enable xtrace again only if it was set at beginning of script @@ -141,11 +158,8 @@ run() { provider_URI=$2 platform_branch=$3 - # Configure ssh keypair - [ -d ~/.ssh ] || /bin/mkdir ~/.ssh - /bin/echo "${provider_name}_PROVIDER_SSH_PRIVATE_KEY" > ~/.ssh/id_rsa - /bin/chmod 600 ~/.ssh/id_rsa - /bin/cp "${ROOTDIR}/provider/users/gitlab-runner-${provider_name}/gitlab-runner-${provider_name}_ssh.pub" ~/.ssh/id_rsa.pub + # setup ssh keys + ssh_setup "$provider_name" # Setup the provider repository echo "Setting up the provider repository: $provider_name by cloning $provider_URI" -- cgit v1.2.3 From a0eea43cbb93665d9d1ac96765d1abdf2a665d15 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 7 Nov 2017 11:54:19 -0500 Subject: CI: do soledad migration during upgrade test Updating platfrom 0.9 (soledad 0.8.0) to 0.10 (soledad 0.10.3) requires a soledad-server migration. This integrates the migration in the CI upgrade_test. Fixes #8881 --- tests/platform-ci/ci-build.sh | 35 ++++++++++++++++++++++++++++++++--- 1 file changed, 32 insertions(+), 3 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 843642a4..4c9a516c 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -191,8 +191,32 @@ run() { test } +soledad_migration() { + # check the version of soledad installed + # if the version is not greater than 0.9, we need to do the migration + if ! LEAP_CMD run "dpkg --compare-versions \$(dpkg -l |grep soledad-server|grep ^ii|awk '{ print \$3}') gt 0.9" vm |grep -q oops + then + echo "Need to migrate from soledad 0.9!" + if ! LEAP_CMD run 'systemctl stop leap-mx' vm + then fail + fi + if ! LEAP_CMD run 'systemctl stop soledad-server' vm + then fail + fi + if ! LEAP_CMD run --stream '/usr/share/soledad-server/migration/0.9/migrate.py --verbose --log-file /var/log/leap/soledad_migration.log --do-migrate' vm + then fail + fi + if ! LEAP_CMD run 'systemctl start leap-mx' vm + then fail + fi + if ! LEAP_CMD run 'systemctl start soledad-server' vm + then fail + fi + fi +} + upgrade_test() { - # Checkout stable branch containing last release + # Checkout stable branch containing previous stable release # and deploy this cd "$PLATFORMDIR" # due to cache, this remote is sometimes already added @@ -208,7 +232,7 @@ upgrade_test() { /usr/local/bin/bundle install cd "$PROVIDERDIR" - + LEAP_CMD --version build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy test @@ -225,12 +249,17 @@ upgrade_test() { /usr/local/bin/bundle install cd "$PROVIDERDIR" - + LEAP_CMD --version + # due to the 'tor' service no longer being valid in 0.10, we need to change # that service to 'tor_relay'. This is done by changing the services array # with jq to be set to the full correct list of services jq '.services = ["couchdb","soledad","mx","webapp","tor_relay","monitor"]' < nodes/${NAME}.json deploy + + # check for soledad migration, and run it if necessary + soledad_migration + test cleanup -- cgit v1.2.3 From a2959d8696348220cc171da436c6703e1a2cb5fd Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 9 Nov 2017 10:43:21 -0500 Subject: CI: produce CI-useful output for soledad test --- tests/platform-ci/ci-build.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 4c9a516c..2b665749 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -203,7 +203,7 @@ soledad_migration() { if ! LEAP_CMD run 'systemctl stop soledad-server' vm then fail fi - if ! LEAP_CMD run --stream '/usr/share/soledad-server/migration/0.9/migrate.py --verbose --log-file /var/log/leap/soledad_migration.log --do-migrate' vm + if ! LEAP_CMD run --stream '/usr/share/soledad-server/migration/0.9/migrate.py --log-file /dev/stdout --verbose --do-migrate | tee /var/log/leap/soledad_migration.log' vm then fail fi if ! LEAP_CMD run 'systemctl start leap-mx' vm @@ -257,9 +257,13 @@ upgrade_test() { jq '.services = ["couchdb","soledad","mx","webapp","tor_relay","monitor"]' < nodes/${NAME}.json deploy + # pre-migration test + test + # check for soledad migration, and run it if necessary soledad_migration + # run the test again, this should succeed test cleanup -- cgit v1.2.3 From 5a25afe09665693f08f74d139cd52a671d0d05b6 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Thu, 16 Nov 2017 13:12:13 -0500 Subject: CI: fix soledad version number --- tests/platform-ci/ci-build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 2b665749..909ed1b1 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -194,9 +194,9 @@ run() { soledad_migration() { # check the version of soledad installed # if the version is not greater than 0.9, we need to do the migration - if ! LEAP_CMD run "dpkg --compare-versions \$(dpkg -l |grep soledad-server|grep ^ii|awk '{ print \$3}') gt 0.9" vm |grep -q oops + if ! LEAP_CMD run "dpkg --compare-versions \$(dpkg -l |grep soledad-server|grep ^ii|awk '{ print \$3}') gt 0.8" vm |grep -q oops then - echo "Need to migrate from soledad 0.9!" + echo "Need to migrate from soledad 0.8!" if ! LEAP_CMD run 'systemctl stop leap-mx' vm then fail fi -- cgit v1.2.3 From 464da0db5abe5008b281412548d4f85e1710ba43 Mon Sep 17 00:00:00 2001 From: Varac Date: Thu, 16 Nov 2017 18:41:58 +0100 Subject: CI: Run leap info,allow pre-migration test to fail --- tests/platform-ci/ci-build.sh | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index 909ed1b1..b2958f7c 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -66,6 +66,11 @@ deploy() { LEAP_CMD deploy "$TAG" } +leap_info() { + echo "Running leap info on $TAG" + LEAP_CMD info "${TAG}" +} + test() { LEAP_CMD test "$TAG" } @@ -149,8 +154,6 @@ build_from_scratch() { echo "Running leap node init on TAG: $TAG" LEAP_CMD node init "$TAG" - echo "Running leap info on $TAG" - LEAP_CMD info "${TAG}" } run() { @@ -235,6 +238,7 @@ upgrade_test() { LEAP_CMD --version build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy + leap_info test # Checkout HEAD of current branch and re-deploy @@ -250,7 +254,7 @@ upgrade_test() { cd "$PROVIDERDIR" LEAP_CMD --version - + # due to the 'tor' service no longer being valid in 0.10, we need to change # that service to 'tor_relay'. This is done by changing the services array # with jq to be set to the full correct list of services @@ -258,11 +262,14 @@ upgrade_test() { deploy # pre-migration test - test + # allowed to fail because when a migration is needed, soledad-server refuses to start + test || /bin/true # check for soledad migration, and run it if necessary soledad_migration + leap_info + # run the test again, this should succeed test @@ -305,6 +312,7 @@ case "$CI_JOB_NAME" in deploy_test*) build_from_scratch deploy + leap_info test cleanup ;; -- cgit v1.2.3 From 87896a7d79ecfe06d2538e719061d6e75e1d7952 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Tue, 21 Nov 2017 10:05:14 -0500 Subject: Docs: Update docs to prepare for 0.10.0 release Fixes: #8427, #8812 --- tests/platform-ci/ci-build.sh | 3 +++ 1 file changed, 3 insertions(+) (limited to 'tests/platform-ci/ci-build.sh') diff --git a/tests/platform-ci/ci-build.sh b/tests/platform-ci/ci-build.sh index b2958f7c..9bdf75fb 100755 --- a/tests/platform-ci/ci-build.sh +++ b/tests/platform-ci/ci-build.sh @@ -239,6 +239,9 @@ upgrade_test() { build_from_scratch 'couchdb,soledad,mx,webapp,tor,monitor' deploy leap_info + # In 0.9 leap info did not output apt sources, so we do it manually + # but can remove it for next release + cat /etc/apt/sources.list.d/* test # Checkout HEAD of current branch and re-deploy -- cgit v1.2.3