Add ocp-29073-internalis testcase

e2e_mig_samples.yml

@@ -23,6 +23,7 @@
     - { role: ocp-24797-mongodb, tags: ["ocp-24797-mongodb", "ocp"] }
     # This tests deploys the official datagrid service application in openshift. It doesnt exist before 3.11
     - { role: ocp-24871-datagrid, tags: ["never" ,"ocp-24871-datagrid"] }
+    - { role: ocp-29073-internalis, tags: ["ocp-29073-internalis", "ocp"] }
   vars_files:
     - "{{ playbook_dir }}/config/mig_controller.yml"
     - "{{ playbook_dir }}/config/defaults.yml"

roles/ocp-29073-internalis/defaults/main.yml

@@ -0,0 +1,41 @@
+namespace: "ocp-29073-internalis"
+
+
+helper_namespace: "mirror-helper"
+source_image: "docker.io/library/alpine:latest"
+target_image: "{{ namespace }}/test-mirror:latest"
+
+
+image_streams:
+- external_image_name: docker.io/library/alpine
+  internal_image_name: internal-image
+  internal_image_tag: alp
+  external_image_tag: latest
+  extra_tags:
+  - name: tag1
+    alias: false
+  - name: tag2
+    alias: false
+- external_image_name: docker.io/library/busybox
+  internal_image_name: internal-image
+  internal_image_tag: busy
+  external_image_tag: latest
+  extra_tags:
+  - name: tag3
+    alias: false
+  - name: latest
+    alias: false
+  - name: tag4
+    alias: false
+
+
+migration_sample_name: "ocp-29073-internalis"
+migration_plan_name: "{{ migration_sample_name }}-migplan-{{ ansible_date_time.epoch }}"
+migration_name: "{{ migration_sample_name }}-mig-{{ ansible_date_time.epoch }}"
+#migration_sample_files: "{{ playbook_dir }}/mig-controller/docs/scenarios/{{ migration_sample_name }}"
+with_deploy: true
+with_migrate: true
+with_cleanup: true
+with_validate: true
+pv: false
+quiesce: true

roles/ocp-29073-internalis/tasks/deploy.yml

@@ -0,0 +1,96 @@
+- name: Check namespace
+  k8s_facts:
+    kind: Namespace
+    name: "{{ namespace }}"
+  register: ns
+
+- name: Create namespace
+  shell: "{{ oc_binary }} new-project {{ namespace }} --skip-config-write=true"
+  when: ns.resources | length == 0
+
+- name: Check helper namespace
+  k8s_facts:
+    kind: Namespace
+    name: "{{ helper_namespace }}"
+  register: ns
+
+- name: Create helper namespace
+  shell: "{{ oc_binary }} new-project {{ helper_namespace }} --skip-config-write=true"
+  when: ns.resources | length == 0
+
+
+- name: Get previous mirroring pods if any
+  k8s_facts:
+    kind: Pod
+    namespace: "{{ helper_namespace }}"
+    label_selectors: "nsowner={{namespace}}"
+  register: prevmirror
+
+- name: Delete previous mirroring pods if any
+  k8s:
+    state : absent
+    kind : Pod
+    name: "{{ item.metadata.name }}"
+    namespace: "{{ item.metadata.namespace }}"
+  loop: "{{ prevmirror.resources }}"
+  loop_control:
+    label: "Deleted mirror pod {{ item.metadata.name }} from namespace {{ item.metadata.namespace }}"
+  when: prevmirror.resources | length > 0
+
+- name: Mirror image to imagestream
+  k8s:
+    state : present
+    definition: "{{ lookup('template', 'mirror_helper.yml.j2' )}}"
+  vars:
+    source_image: "{{ item.external_image_name }}:{{ item.external_image_tag }}"
+    target_image: "{{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}"
+    internal_registry: "{{ default_registry }}"
+  loop: "{{ image_streams }}"
+  loop_control:
+    label: |
+           mirror:  {{ item.external_image_name }}:{{ item.external_image_tag }} 
+                --> {{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}"
+
+- name: Wait until mirroring is done
+  k8s_facts:
+    kind: Pod
+    namespace: "{{ helper_namespace }}"
+    label_selectors: "nsowner={{namespace}}"
+    field_selectors: 
+    - status.phase=Succeeded
+  register: mirrorpod
+  until: mirrorpod.get( 'resources', []) | length == image_streams | length
+  retries: 10
+  loop: "{{ image_streams }}"
+
+- name: Tag the imported images
+  shell: "{{ oc_binary }} -n  {{ namespace }} tag {{ item.0.internal_image_name }}:{{ item.0.internal_image_tag }}  {{ item.0.internal_image_name }}:{{ item.1.name }} --alias={{item.1.alias}}"
+  loop: "{{ image_streams|subelements('extra_tags') }}"
+  loop_control:
+    label: "{{ oc_binary }} -n  {{ namespace }} tag {{ item.0.internal_image_name }}:{{ item.0.internal_image_tag }}  {{ item.0.internal_image_name }}:{{ item.1.name }} --alias={{item.1.alias}}"
+
+## BZ https://bugzilla.redhat.com/show_bug.cgi?id=1820250
+#  This bug breaks the following part. Once it's fixed the pods creation should be uncommented.
+#
+#- name: Create test pods to pull images
+#  k8s:
+#    state : present
+#    definition: "{{ lookup('template', 'testpod.yml.j2' )}}"
+#  vars:
+#    name: "usetag-{{ item.internal_image_tag }}"
+#    image: "{{ default_registry }}/{{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}"
+#  loop: "{{ image_streams }}"
+#  loop_control:
+#    label: "Create pod for image {{ default_registry }}/{{ namespace }}/{{item.internal_image_name}}:{{item.internal_image_tag}}"
+#
+#- name: Create test pods to pull extra tags
+#  k8s:
+#    state : present
+#    definition: "{{ lookup('template', 'testpod.yml.j2' )}}"
+#  vars:
+#    name: "usetag-{{ item.1.name }}"
+#    image: "{{ default_registry }}/{{ namespace }}/{{item.0.internal_image_name}}:{{item.1.name}}"
+#  loop: "{{ image_streams|subelements('extra_tags') }}"
+#  loop_control:
+#    label: "Create pod for image {{ default_registry }}/{{ namespace }}/{{item.0.internal_image_name}}:{{item.1.name}}"
+#

roles/ocp-29073-internalis/tasks/main.yml

@@ -0,0 +1,24 @@
+- name: Get oc facts
+  include_role:
+    name: migration_getfacts
+
+- name: Cleanup resources
+  include_role:
+    name: migration_cleanup
+  when: with_cleanup|bool
+
+- name: Create resources
+  import_tasks: deploy.yml
+  when: with_deploy|bool
+
+- name: Start migration
+  import_tasks: migrate.yml
+  when: with_migrate|bool
+
+- name: Track migration
+  import_tasks: track.yml
+  when: with_migrate|bool
+
+- name: Validate migration
+  import_tasks: validate.yml
+  when: with_validate|bool

roles/ocp-29073-internalis/tasks/migrate.yml

@@ -0,0 +1,3 @@
+- name: Execute migration
+  include_role:
+    name: migration_run

roles/ocp-29073-internalis/tasks/track.yml

@@ -0,0 +1,3 @@
+- name: Track migration
+  include_role:
+    name: migration_track

roles/ocp-29073-internalis/tasks/validate.yml

@@ -0,0 +1,45 @@
+- name: Check image streams
+  k8s_facts:
+    kind: ImageStream
+    namespace: "{{ namespace }}"
+    name: "{{ item.internal_image_name }}"
+  register: imagestream
+  until: imagestream.get('resources',[]) | length == 1
+  retries: 10
+  loop: "{{ image_streams }}"
+  loop_control:
+    label: "Check that imagestream {{ item.internal_image_name }} exists"
+
+- name: Check initial tags
+  k8s_facts:
+    kind: ImageStreamTag
+    namespace: "{{ namespace }}"
+    name: "{{ item.internal_image_name }}:{{ item.internal_image_tag }}"
+  register: istag
+  until: istag.get('resources',[]) | length == 1
+  retries: 10
+  loop: "{{ image_streams }}"
+  loop_control:
+    label: "Check that imagestream tag {{ item.internal_image_name}}:{{item.internal_image_tag }} exists"
+
+- name: Check extra tags
+  k8s_facts:
+    kind: ImageStreamTag
+    namespace: "{{ namespace }}"
+    name: "{{ item.0.internal_image_name }}:{{ item.1.name }}"
+  register: istag
+  until: istag.get('resources',[]) | length == 1
+  retries: 10
+  loop: "{{ image_streams|subelements('extra_tags') }}"
+  loop_control:
+    label: "Check that imagestream tag {{ item.0.internal_image_name}}:{{item.1.name }} exists"
+
+- name: Check pods running
+  k8s_facts:
+    kind: Pod
+    namespace: "{{ namespace }}"
+    field_selectors: 
+    - status.phase!=Running
+  register: pods
+  until: pods.get( 'resources',[]) | length == 0
+  retries: 10

roles/ocp-29073-internalis/templates/mirror_helper.yml.j2

@@ -0,0 +1,51 @@
+apiVersion: v1
+items:
+- apiVersion: v1
+  kind: ServiceAccount
+  metadata:
+    name: mirror-sa
+    namespace: {{helper_namespace}}
+
+#- apiVersion: rbac.authorization.k8s.io/v1
+- apiVersion: {{ rolebinding_api }}
+  kind: ClusterRoleBinding
+  metadata:
+    name: mirror-helper
+    namespace: {{helper_namespace}}
+  roleRef:
+    apiGroup: rbac.authorization.k8s.io
+    kind: ClusterRole
+    name: registry-editor
+  subjects:
+  - kind: ServiceAccount
+    name: mirror-sa
+    namespace: {{helper_namespace}}
+
+- apiVersion: v1
+  kind: Pod
+  metadata:
+    name: mirrorer-{{ lookup('password', '/dev/null length=15 chars=ascii_lowercase,digits') }}
+    labels:
+      nsowner: "{{ target_image.split('/')[0] }}"
+      app: "mirrorer"
+    namespace: {{helper_namespace}}
+  spec:
+    serviceAccountName: mirror-sa
+    restartPolicy: OnFailure
+    containers:
+    - name: podtest
+      image: quay.io/sregidor/oc44:latest
+      env:
+      - name: INTERNAL_REGISTRY
+        value: {{internal_registry}}
+      - name: SOURCE_IMAGE
+        value: {{source_image}}
+      - name: TARGET_IMAGE
+        value: {{target_image}}
+      command: [ "/bin/sh", "-c", "--" ]
+      args:
+      -  "set -x; echo '{\"auths\": {\"'${INTERNAL_REGISTRY}'\": { \"auth\": \"'$(echo -n $(oc whoami | sed 's/.*://')\":\"$(oc whoami -t) | base64 -w 0)'\"}}}' > /tmp/config ;
+         oc image  mirror ${SOURCE_IMAGE} ${INTERNAL_REGISTRY}/${TARGET_IMAGE} --insecure=true --registry-config=/tmp/config --force=true;"
+         #"while true; do sleep 30; done;"
+kind: List
+metadata: {}

roles/ocp-29073-internalis/templates/testpod.yml.j2

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ name }}"
+  namespace: {{ namespace }}
+spec:
+  restartPolicy: OnFailure
+  containers:
+  - name: podtest
+    imagePullPolicy: Always
+    image: {{ image }}
+    command: [ "/bin/sh", "-c", "--" ]
+    args:
+    -  "echo 'Hello world! I can load the image. {{ image }}';
+       while true; do sleep 30; done;"