infrawatch · vkmc · Oct 21, 2022 · Oct 28, 2022 · Nov 8, 2022 · Nov 14, 2022
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -58,7 +58,7 @@ jobs:
         run: sudo mv operator-sdk /usr/local/bin
 
       - name: Generate bundle locally
-        run: operator-sdk generate bundle --manifests --metadata --default-channel unstable --channels unstable
+        run: operator-sdk generate bundle --manifests --metadata --default-channel stable-1.5 --channels stable-1.5
 
       - name: Check if bundle generation results in local changes
         run: git diff --exit-code

diff --git a/.gitleaks.toml b/.gitleaks.toml
@@ -0,0 +1,8 @@
+[allowlist]
+  description = "Global Allowlist"
+
+  # Ignore based on any subset of the file path
+  paths = [
+    # Ignore all example certs
+    '''roles\/servicetelemetry\/vars\/dummy_user_certs\.yml'''
+  ]
diff --git a/.zuul.yaml b/.zuul.yaml
@@ -1,8 +1,75 @@
 ---
+- nodeset:
+    name: stf-crc_extracted-ocp412
+    nodes:
+      - name: controller
+        label: cloud-centos-9-stream-tripleo
+      - name: crc
+        label: coreos-crc-extracted-2-19-0-xxl
+
+- nodeset:
+    name: stf-crc_extracted-ocp414
+    nodes:
+      - name: controller
+        label: cloud-centos-9-stream-tripleo
+      - name: crc
+        label: coreos-crc-extracted-2-30-0-xxl
+
+# Based on the 2-node job cookbook at https://github.com/openstack-k8s-operators/ci-framework/blob/main/docs/source/cookbooks/zuul-job-nodeset.md
+- job:
+    name: stf-base-2node
+    parent: podified-multinode-edpm-deployment-crc
+    abstract: true
+    required-projects:
+      - name: github.com/openstack-k8s-operators/dataplane-operator
+        override-checkout: main
+      - name: github.com/openstack-k8s-operators/infra-operator
+        override-checkout: main
+      - name: github.com/openstack-k8s-operators/openstack-operator
+        override-checkout: main
+      - name: github.com/openstack-k8s-operators/openstack-must-gather
+        override-checkout: main
+    pre-run:
+      - ci/pre-2node.yml
+    vars:
+      cifmw_deploy_edpm: false
+      podified_validation: true
+      cifmw_run_tests: false
+    extra-vars:
+      crc_ci_bootstrap_networking:
+        networks:
+          default:
+            range: 192.168.122.0/24
+            mtu: 1500
+          internal-api:
+            vlan: 20
+            range: 172.17.0.0/24
+          storage:
+            vlan: 21
+            range: 172.18.0.0/24
+          tenant:
+            vlan: 22
+            range: 172.19.0.0/24
+        instances:
+          controller:
+            networks:
+              default:
+                ip: 192.168.122.11
+          crc:
+            networks:
+              default:
+                ip: 192.168.122.10
+              internal-api:
+                ip: 172.17.0.5
+              storage:
+                ip: 172.18.0.5
+              tenant:
+                ip: 172.19.0.5
+
 - job:
     name: stf-base
     # defined in: https://review.rdoproject.org/cgit/config/tree/zuul.d/_jobs-crc.yaml
-    parent: base-simple-crc
+    parent: stf-base-2node
     abstract: true
     description: |
       Run the stf-run-ci role, and then test stf
@@ -12,39 +79,106 @@
     required-projects:
       - name: openstack-k8s-operators/ci-framework
         override-checkout: main
+      - name: github.com/infrawatch/service-telemetry-operator
+      - name: github.com/infrawatch/smart-gateway-operator
+      - name: github.com/infrawatch/sg-bridge
+      - name: github.com/infrawatch/sg-core
+      - name: github.com/infrawatch/prometheus-webhook-snmp
     pre-run:
       - ci/prepare.yml
     run:
       - ci/deploy_stf.yml
       - ci/test_stf.yml
     post-run:
       - ci/post-collect_logs.yml
-    nodeset: centos-9-crc-xxl
     # The default (~30 minutes) is not enough to run through all the job stages
     timeout: 3600
-    vars:
-      # Pass vars to crc cli https://review.rdoproject.org/cgit/config/tree/playbooks/crc/simple-start.yaml#n30
-      crc_parameters: '--memory 16000 --disk-size 80 --cpus 6'  # Increase from 14336
 
 - job:
-    name: stf-crc-latest-nightly_bundles
+    name: stf-crc-nightly_bundles
     parent: stf-base
-    description:
-      Deploy STF nightly bundles
+    abstract: true
+    description: |
+      Deploy STF using the nightly bundles
     vars:
       scenario: "nightly_bundles"
-    
+
 - job:
-    name: stf-crc-latest-local_build
+    name: stf-crc-local_build
     parent: stf-base
+    abstract: true
     description: |
       Build images locally and deploy STF
     vars:
       scenario: "local_build"
 
+- job:
+    name: stf-crc-local_build-index_deploy
+    parent: stf-base
+    abstract: true
+    description: |
+      Build STF locally and deploy from index
+    vars:
+      scenario: "local_build-index_deploy"
+
+- job:
+    name: stf-crc-ocp_412-nightly_bundles
+    parent: stf-crc-nightly_bundles
+    description: |
+      Deploy STF using the nightly bundles on OCP 4.12
+    nodeset: stf-crc_extracted-ocp412
+
+- job:
+    name: stf-crc-ocp_414-nightly_bundles
+    parent: stf-crc-nightly_bundles
+    description: |
+      Deploy STF using the nightly bundles on OCP 4.14
+    nodeset: stf-crc_extracted-ocp414
+
+- job:
+    name: stf-crc-ocp_412-local_build
+    parent: stf-crc-local_build
+    description: |
+      Build images locally and deploy STF on OCP 4.12
+    nodeset: stf-crc_extracted-ocp412
+
+- job:
+    name: stf-crc-ocp_414-local_build
+    parent: stf-crc-local_build
+    description: |
+      Build images locally and deploy STF on OCP 4.14
+    nodeset: stf-crc_extracted-ocp414
+
+- job:
+    name: stf-crc-ocp_412-local_build-index_deploy
+    parent: stf-crc-local_build-index_deploy
+    description: |
+      Build STF locally and deploy from index on OCP 4.12
+    nodeset: stf-crc_extracted-ocp412
+
+- job:
+    name: stf-crc-ocp_414-local_build-index_deploy
+    parent: stf-crc-local_build-index_deploy
+    description: |
+      Build STF locally and deploy from index on OCP 4.14
+    nodeset: stf-crc_extracted-ocp414
+
+- project-template:
+    name: stf-crc-jobs
+    description: |
+      STF CRC jobs that build and deploy STF
+    github-check:
+      jobs:
+        - stf-crc-ocp_412-local_build
+        - stf-crc-ocp_414-local_build
+        - stf-crc-ocp_412-local_build-index_deploy
+        - stf-crc-ocp_414-local_build-index_deploy
+
 - project:
     name: infrawatch/service-telemetry-operator
-    github-check:
+    templates:
+      - stf-crc-jobs
+    periodic:
       jobs:
-        - stf-crc-latest-nightly_bundles
-        - stf-crc-latest-local_build
+        - stf-crc-ocp_412-nightly_bundles
+        - stf-crc-ocp_414-nightly_bundles
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -36,7 +36,6 @@ spec:
           strategy: ephemeral
   transports:
     qdr:
-      auth: none
       enabled: true
       deploymentSize: 1
       web:

diff --git a/build/Dockerfile b/build/Dockerfile
@@ -18,4 +18,3 @@ USER 1001
 # copy in required artifacts for the operator
 COPY watches.yaml ${HOME}/watches.yaml
 COPY roles/ ${HOME}/roles/
-COPY collections/ ${HOME}/.ansible/collections/
diff --git a/build/generate_bundle.sh b/build/generate_bundle.sh
@@ -29,12 +29,21 @@ generate_dockerfile() {
 }
 
 generate_bundle() {
-    REPLACE_REGEX="s#<<CREATED_DATE>>#${CREATED_DATE}#g;s#<<OPERATOR_IMAGE>>#${OPERATOR_IMAGE}#g;s#<<OPERATOR_TAG>>#${OPERATOR_TAG}#g;s#<<RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP>>#${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP}#g;s#<<RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG>>#${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG}#g;s#<<RELATED_IMAGE_OAUTH_PROXY>>#${RELATED_IMAGE_OAUTH_PROXY}#g;s#<<RELATED_IMAGE_OAUTH_PROXY_TAG>>#${RELATED_IMAGE_OAUTH_PROXY_TAG}#g;s#<<OPERATOR_BUNDLE_VERSION>>#${OPERATOR_BUNDLE_VERSION}#g;s#1.99.0#${OPERATOR_BUNDLE_VERSION}#g;s#<<OPERATOR_DOCUMENTATION_URL>>#${OPERATOR_DOCUMENTATION_URL}#g;s#<<BUNDLE_OLM_SKIP_RANGE_LOWER_BOUND>>#${BUNDLE_OLM_SKIP_RANGE_LOWER_BOUND}#g"
+    REPLACE_REGEX="s#<<CREATED_DATE>>#${CREATED_DATE}#g;s#<<OPERATOR_IMAGE>>#${OPERATOR_IMAGE}#g;s#<<OPERATOR_TAG>>#${OPERATOR_TAG}#g;s#<<RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP>>#${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP}#g;s#<<RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG>>#${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG}#g;s#<<RELATED_IMAGE_OAUTH_PROXY>>#${RELATED_IMAGE_OAUTH_PROXY}#g;s#<<RELATED_IMAGE_OAUTH_PROXY_TAG>>#${RELATED_IMAGE_OAUTH_PROXY_TAG}#g;s#<<RELATED_IMAGE_PROMETHEUS>>#${RELATED_IMAGE_PROMETHEUS}#g;s#<<RELATED_IMAGE_PROMETHEUS_TAG>>#${RELATED_IMAGE_PROMETHEUS_TAG}#g;s#<<RELATED_IMAGE_ALERTMANAGER>>#${RELATED_IMAGE_ALERTMANAGER}#g;s#<<RELATED_IMAGE_ALERTMANAGER_TAG>>#${RELATED_IMAGE_ALERTMANAGER_TAG}#g;s#<<OPERATOR_BUNDLE_VERSION>>#${OPERATOR_BUNDLE_VERSION}#g;s#1.99.0#${OPERATOR_BUNDLE_VERSION}#g;s#<<OPERATOR_DOCUMENTATION_URL>>#${OPERATOR_DOCUMENTATION_URL}#g;s#<<BUNDLE_OLM_SKIP_RANGE_LOWER_BOUND>>#${BUNDLE_OLM_SKIP_RANGE_LOWER_BOUND}#g"
 
     pushd "${REL}/../" > /dev/null 2>&1
     ${OPERATOR_SDK} generate bundle --verbose --channels ${BUNDLE_CHANNELS} --default-channel ${BUNDLE_DEFAULT_CHANNEL} --manifests --metadata --version "${OPERATOR_BUNDLE_VERSION}" --output-dir "${WORKING_DIR}" >> ${LOGFILE} 2>&1
     popd > /dev/null 2>&1
 
+    # CSVs without a spec.replaces field are valid, so fall back to those if
+    # latest released version is unknown.
+    # Placeholder value is validated by operator-sdk during local bundle
+    # generation and so needs to conform to RFC1123.
+    if [[ -n "$BUNDLE_LATEST_RELEASED_VERSION" ]]; then
+        REPLACE_REGEX="$REPLACE_REGEX;s#---bundle-latest-released-version#${BUNDLE_LATEST_RELEASED_VERSION}#g"
+    else sed -i '/---bundle-latest-released-version/d' "${WORKING_DIR}/manifests/${OPERATOR_NAME}.clusterserviceversion.yaml"
+    fi
+
     sed -i -E "${REPLACE_REGEX}" "${WORKING_DIR}/manifests/${OPERATOR_NAME}.clusterserviceversion.yaml"
 }
 
@@ -49,6 +58,18 @@ copy_extra_metadata() {
     cp ./deploy/olm-catalog/service-telemetry-operator/metadata/properties.yaml "${WORKING_DIR}/metadata/"
 }
 
+copy_extra_metadata() {
+    # We add this because our version of operator-sdk for building doesn't
+    # understand these files, but newer versions of operator-sdk (for testing
+    # purposes) does, and newer versions of opm (as used in both downstream and
+    # upstream index image builds) also understands these files. Just copy them
+    # into the bundle directory during building.
+    echo "-- Copy extra metadata in"
+    pushd "${REL}/../"
+    cp -r ./deploy/olm-catalog/service-telemetry-operator/tests/ "${WORKING_DIR}"
+    cp ./deploy/olm-catalog/service-telemetry-operator/metadata/properties.yaml "${WORKING_DIR}/metadata/"
+}
+
 build_bundle_instructions() {
     echo "-- Commands to create a bundle build"
     echo docker build -t "${OPERATOR_BUNDLE_IMAGE}:${OPERATOR_BUNDLE_VERSION}" -f "${WORKING_DIR}/Dockerfile" "${WORKING_DIR}"

diff --git a/build/metadata.sh b/build/metadata.sh
@@ -8,22 +8,26 @@ OPERATOR_SDK=${OPERATOR_SDK:-operator-sdk}
 OPERATOR_NAME=${OPERATOR_NAME:-service-telemetry-operator}
 IMAGE_BUILDER=${IMAGE_BUILDER:-podman}
 IMAGE_BUILD_ARGS=${IMAGE_BUILD_ARGS:-''}
-IMAGE_TAG=${IMAGE_TAG:-latest}
+IMAGE_TAG=${IMAGE_TAG:-stable-1.5}
 REQUIRED_OPERATOR_SDK_VERSION=${REQUIRED_OPERATOR_SDK_VERSION:-v0.19.4}
 SERVICE_TELEMETRY_SUBSCRIPTION=${SERVICE_TELEMETRY_SUBSCRIPTION:-service-telemetry-operator-stable-infrawatch-operators-openshift-marketplace}
 OPERATOR_IMAGE=${OPERATOR_IMAGE:-"quay.io/infrawatch/${OPERATOR_NAME}"}
-OPERATOR_TAG=${OPERATOR_TAG:-latest}
+OPERATOR_TAG=${OPERATOR_TAG:-stable-1.5}
 OPERATOR_CSV_MAJOR_VERSION=${OPERATOR_CSV_MAJOR_VERSION:-1.5}
 OPERATOR_DOCUMENTATION_URL=${OPERATOR_DOCUMENTATION_URL:-"https://infrawatch.github.io/documentation"}
 BUNDLE_OLM_SKIP_RANGE_LOWER_BOUND=${BUNDLE_OLM_SKIP_RANGE_LOWER_BOUND:-1.3.0}
 CREATED_DATE=${CREATED_DATE:-$(date +'%Y-%m-%dT%H:%M:%SZ')}
 RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP=${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP:-quay.io/infrawatch/prometheus-webhook-snmp}
-RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG=${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG:-latest}
+RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG=${RELATED_IMAGE_PROMETHEUS_WEBHOOK_SNMP_TAG:-stable-1.5}
 RELATED_IMAGE_OAUTH_PROXY=${RELATED_IMAGE_OAUTH_PROXY:-quay.io/openshift/origin-oauth-proxy}
 RELATED_IMAGE_OAUTH_PROXY_TAG=${RELATED_IMAGE_OAUTH_PROXY_TAG:-latest}
+RELATED_IMAGE_PROMETHEUS=${RELATED_IMAGE_PROMETHEUS:-quay.io/prometheus/prometheus}
+RELATED_IMAGE_PROMETHEUS_TAG=${RELATED_IMAGE_PROMETHEUS_TAG:-latest}
+RELATED_IMAGE_ALERTMANAGER=${RELATED_IMAGE_ALERTMANAGER:-quay.io/prometheus/alertmanager}
+RELATED_IMAGE_ALERTMANAGER_TAG=${RELATED_IMAGE_ALERTMANAGER_TAG:-latest}
 BUNDLE_PATH=${BUNDLE_PATH:-deploy/olm-catalog/service-telemetry-operator}
-BUNDLE_CHANNELS=${BUNDLE_CHANNELS:-unstable}
-BUNDLE_DEFAULT_CHANNEL=${BUNDLE_DEFAULT_CHANNEL:-unstable}
+BUNDLE_CHANNELS=${BUNDLE_CHANNELS:-stable-1.5}
+BUNDLE_DEFAULT_CHANNEL=${BUNDLE_DEFAULT_CHANNEL:-stable-1.5}
 OPERATOR_BUNDLE_IMAGE=${OPERATOR_BUNDLE_IMAGE:-"quay.io/infrawatch-operators/${OPERATOR_NAME}-bundle"}
 
 # Automatic

diff --git a/build/run-ci.yaml b/build/run-ci.yaml
@@ -7,9 +7,14 @@
   - name: Run the STF CI system
     import_role:
       name: stf-run-ci
-
+
+  - name: Create Log directory
+    file:
+      path: "{{ playbook_dir }}/working/logs"
+      state: directory
+
   - name: Collect the logs
     import_role:
       name: stf-collect-logs
     vars:
-      logfile_dir: "{{ playbook_dir }}/"
+      logfile_dir: "{{ playbook_dir }}/working/logs/"