[kubevirtci] adding the bump scripts and run the bump for the first time

.gitleaks.toml

@@ -0,0 +1,5 @@
+[allowlist]
+  description = "kubevirtci allowlist"
+  paths = [
+    '''kubevirtci\/cluster-up\/hack\/common.key$''',
+  ]

Makefile

@@ -21,7 +21,8 @@
 		goveralls \
 		release-description \
 		bazel-build-images push-images \
-		fossa
+		fossa \
+		bump-kubevirtci
 all: build
 
 build:  wasp manifest-generator
@@ -89,3 +90,6 @@ fmt:
 
 run: build
 	sudo ./wasp
+
+bump-kubevirtci:
+	./hack/bump-kubevirtci.sh

hack/bump-kubevirtci.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+set -ex
+
+source $(dirname "$0")/config.sh
+
+val=$(curl -L https://storage.googleapis.com/kubevirt-prow/release/kubevirt/kubevirtci/latest)
+sed -i "/^[[:blank:]]*kubevirtci_git_hash[[:blank:]]*=/s/=.*/=\"${val}\"/" hack/config.sh
+
+hack/sync-kubevirtci.sh

hack/config.sh

@@ -0,0 +1 @@
+kubevirtci_git_hash="2412171619-fbd31717"

hack/sync-kubevirtci.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+
+set -ex
+
+# Required for kubevirtci_git_hash
+source $(dirname "$0")/config.sh
+
+WASP_DIR="$(
+    cd "$(dirname "$BASH_SOURCE[0]")/../"
+    pwd
+)"
+
+# update cluster-up if needed
+version_file="kubevirtci/cluster-up/version.txt"
+sha_file="kubevirtci/cluster-up-sha.txt"
+download_cluster_up=true
+function getClusterUpShasum() {
+    (
+        cd ${WASP_DIR}
+        # We use LC_ALL=C to make sort canonical between machines, this is
+        # from sort man page [1]:
+        # ```
+        # *** WARNING *** The locale specified by the environment affects sort
+        # order.  Set LC_ALL=C to get the traditional sort order that uses
+        # native byte values.
+        # ```
+        # [1] https://man7.org/linux/man-pages/man1/sort.1.html
+        find kubevirtci/cluster-up -type f | LC_ALL=C sort | xargs sha1sum | sha1sum | awk '{print $1}'
+    )
+}
+
+# check if we got a new cluster-up git commit hash
+if [[ -f "${version_file}" ]] && [[ $(cat ${version_file}) == ${kubevirtci_git_hash} ]]; then
+    # check if files are modified
+    current_sha=$(getClusterUpShasum)
+    if [[ -f "${sha_file}" ]] && [[ $(cat ${sha_file}) == ${current_sha} ]]; then
+        echo "cluster-up is up to date and not modified"
+        download_cluster_up=false
+    else
+        echo "cluster-up was modified"
+    fi
+else
+    echo "cluster-up git commit hash was updated"
+fi
+if [[ "$download_cluster_up" == true ]]; then
+    echo "downloading cluster-up"
+    rm -rf kubevirtci/cluster-up
+    (
+        cd kubevirtci
+        curl --fail -L https://github.com/kubevirt/kubevirtci/archive/refs/tags/${kubevirtci_git_hash}.tar.gz | tar xz kubevirtci-${kubevirtci_git_hash}/cluster-up --strip-component 1
+    )
+
+    echo ${kubevirtci_git_hash} >${version_file}
+    new_sha=$(getClusterUpShasum)
+    echo ${new_sha} >${sha_file}
+    echo "KUBEVIRTCI_TAG=${kubevirtci_git_hash}" >>kubevirtci/cluster-up/hack/common.sh
+fi

kubevirtci/cluster-up-sha.txt

@@ -0,0 +1 @@
+c8e41b0449bf6b53024d0f1b6eb4f07a7795e9ee

kubevirtci/cluster-up/.gitignore

@@ -0,0 +1 @@
+cluster/kind-k8s-sriov*/certcreator/*.cert

kubevirtci/cluster-up/README.md

@@ -0,0 +1,36 @@
+# cluster-up
+
+## Prerequisites: podman or docker
+
+cluster-up requires that either podman or docker be installed on the host.
+
+If podman is being used, it is also necessary to enable podman socket with:
+
+```
+sudo systemctl enable podman.socket
+sudo systemctl start podman.socket
+```
+
+for more information see:
+
+https://github.com/kubevirt/kubevirtci/blob/main/PODMAN.md
+
+
+## How to use cluster-up
+
+This directory provides a wrapper around gocli. It can be vendored into other
+git repos and integrated to provide in the kubevirt well-known cluster commands
+like `make cluster-up` and `make cluster-down`.
+
+In order to properly use it, one has to vendor this folder from a git tag,
+which can be found on the github release page.
+
+Then, before calling one of the make targets, the environment variable
+`KUBEVIRTCI_TAG` must be exported and set to the tag which was used to vendor
+kubevirtci. It allow the content to find the right `gocli` version.
+
+```
+export KUBEVIRTCI_TAG=`curl -L -Ss https://storage.googleapis.com/kubevirt-prow/release/kubevirt/kubevirtci/latest`
+```
+
+Find more kubevirtci tags at https://quay.io/repository/kubevirtci/gocli?tab=tags.

kubevirtci/cluster-up/check.sh

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+#
+# This file is part of the KubeVirt project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Copyright 2019 Red Hat, Inc.
+#
+
+set -e
+if [ ! -c /dev/kvm ]; then
+	echo "[ERR ] missing /dev/kvm"
+else
+	echo "[ OK ] found /dev/kvm"
+fi
+
+KVM_ARCH=""
+KVM_NESTED="unknown"
+KVM_HPAGE="unknown"
+if [ -f "/sys/module/kvm_intel/parameters/nested" ]; then
+	KVM_NESTED=$( cat /sys/module/kvm_intel/parameters/nested )
+	KVM_ARCH="intel"
+elif [ -f "/sys/module/kvm_amd/parameters/nested" ]; then
+	KVM_NESTED=$( cat /sys/module/kvm_amd/parameters/nested )
+	KVM_ARCH="amd"
+elif [ -f "/sys/module/kvm/parameters/nested" ]; then
+	KVM_NESTED=$( cat /sys/module/kvm/parameters/nested )
+	KVM_ARCH="s390x"
+	KVM_HPAGE=$( cat /sys/module/kvm/parameters/hpage )
+fi
+
+function is_enabled() {
+	if [ "$1" == "1" ]; then
+		return 0
+	fi
+	if [ "$1" == "Y" ] || [ "$1" == "y" ]; then
+		return 0
+	fi
+	return 1
+}
+
+if is_enabled "$KVM_NESTED"; then
+	echo "[ OK ] $KVM_ARCH nested virtualization enabled"
+else
+	echo "[ERR ] $KVM_ARCH nested virtualization not enabled"
+fi
+
+if is_enabled "$KVM_HPAGE" && [ "$(uname -m)" = "s390x" ]; then
+	echo "[ERR ] $KVM_HPAGE KVM hugepage enabled. It needs to be disabled while nested virtualization is enabled for s390x"
+fi

kubevirtci/cluster-up/cli.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+#
+# This file is part of the KubeVirt project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Copyright 2019 Red Hat, Inc.
+#
+
+set -e
+
+if [ -z "$KUBEVIRTCI_PATH" ]; then
+    KUBEVIRTCI_PATH="$(
+        cd "$(dirname "$BASH_SOURCE[0]")/"
+        echo "$(pwd)/"
+    )"
+fi
+
+source ${KUBEVIRTCI_PATH}/hack/common.sh
+
+test -t 1 && USE_TTY="-it"
+source ${KUBEVIRTCI_CLUSTER_PATH}/$KUBEVIRT_PROVIDER/provider.sh
+source ${KUBEVIRTCI_PATH}/hack/config.sh
+
+${_cli} --prefix $provider_prefix "$@"

kubevirtci/cluster-up/cluster/K8S.md

@@ -0,0 +1,103 @@
+# Kubernetes 1.x in ephemeral containers
+
+Provides a pre-deployed Kubernetes with version 1.x purely in docker
+containers with qemu. The provided VMs are completely ephemeral and are
+recreated on every cluster restart.
+
+## Docker registry
+
+There's a docker registry available which is exposed at `localhost:5000`.
+
+## Choosing a cluster version
+
+The env variable `KUBEVIRT_PROVIDER` tells kubevirtci what cluster version to spin up.
+
+```bash
+export KUBEVIRT_PROVIDER=k8s-1.22   # choose kubevirtci provider version by subdirectory name
+```
+
+## Bringing the cluster up
+
+```bash
+export KUBEVIRT_NUM_NODES=2         # control-plane + one node
+make cluster-up
+```
+
+The cluster can be accessed as usual:
+
+```bash
+$ cluster/kubectl.sh get nodes
+NAME      STATUS     ROLES          AGE       VERSION
+node01    NotReady   control-plane  31s       v1.22.1
+node02    NotReady   <none>         5s        v1.22.1
+```
+
+Note: for further configuration environment variables please see [cluster-up/hack/common.sh](../hack/common.sh)
+
+## Bringing the cluster up with cluster-network-addons-operator provisioned
+
+```bash
+export KUBEVIRT_WITH_CNAO=true
+make cluster-up
+```
+
+To get more info about CNAO you can check the github project documentation
+here https://github.com/kubevirt/cluster-network-addons-operator
+
+## Bringing the cluster up with cgroup v2
+
+```bash
+export KUBEVIRT_CGROUPV2=true
+make cluster-up
+```
+
+## Use slim provider (without pre-pulled images of the optional components such as CDI, CNAO etc)
+
+```bash
+export KUBEVIRT_SLIM=true
+make cluster-up
+```
+
+## Enabling IPv6 connectivity
+
+In order to be able to reach from the cluster to the host's IPv6 network, IPv6
+has to be enabled on your Docker. Add following to your
+`/etc/docker/daemon.json` and restart docker service:
+
+```json
+{
+    "ipv6": true,
+    "fixed-cidr-v6": "2001:db8:1::/64"
+}
+```
+
+```bash
+systemctl restart docker
+```
+
+With an IPv6-connected host, you may want the pods to be able to reach the rest
+of the IPv6 world, too. In order to allow that, enable IPv6 NAT on your host:
+
+```bash
+ip6tables -t nat -A POSTROUTING -s 2001:db8:1::/64 -j MASQUERADE
+```
+
+## Bringing the cluster down
+
+```bash
+make cluster-down
+```
+
+This destroys the whole cluster. Recreating the cluster is fast, since k8s is
+already pre-deployed. The only state which is kept is the state of the local
+docker registry.
+
+## Destroying the docker registry state
+
+The docker registry survives a `make cluster-down`. It's state is stored in a
+docker volume called `kubevirt_registry`. If the volume gets too big or the
+volume contains corrupt data, it can be deleted with
+
+```bash
+docker volume rm kubevirt_registry
+```

kubevirtci/cluster-up/cluster/K8S_AUTOMATION.md

@@ -0,0 +1,12 @@
+# KubeVirtCI K8S providers update automation
+
+There exist automated steps for creating, updating and integrating k8s providers. These are all described as prow jobs in [project-infra](https://github.com/kubevirt/project-infra/).
+
+| Trigger                                   | Job                                                                                                               | Result                    |
+| ----------- |  ----------- | ----------- |
+| release of a new kubernetes minor version | [`periodic-kubevirtci-cluster-minorversion-updater`](https://github.com/kubevirt/project-infra/search?q=periodic-kubevirtci-cluster-minorversion-updater)     | Creates a new provider for that release |
+| release of a new kubernetes minor version | [`periodic-kubevirtci-provider-presubmit-creator`](https://github.com/kubevirt/project-infra/search?q=periodic-kubevirtci-provider-presubmit-creator)                                                         | Creates a PR with a new check-provision job to enable testing of the new provider |
+| release of a new kubernetes minor version | [`periodic-kubevirt-job-copier`](https://github.com/kubevirt/project-infra/search?q=periodic-kubevirt-job-copier)                                                         | Creates a PR with a new set of kubevirt sig jobs to enable testing of kubevirt with the new provider |
+| release of new kubernetes patch version   | [`periodic-kubevirtci-cluster-patchversion-updater`](https://github.com/kubevirt/project-infra/search?q=periodic-kubevirtci-cluster-patchversion-updater)     | Creates a PR that updates the patch version for each KubeVirtCI k8s provider |  
+| merge to kubevirt/kubevirtci main branch  | [`periodic-kubevirtci-bump-kubevirt`](https://github.com/kubevirt/project-infra/search?q=periodic-kubevirtci-bump-kubevirt)                   | Creates a PR to update KubeVirtCI in kubevirt/kubevirt |
+| at the start of each month                              | [`periodic-kubevirt-presubmit-requirer`](https://github.com/kubevirt/project-infra/search?q=periodic-kubevirt-presubmit-requirer)                   | Checks always_run and optional states of latest kubevirt sig test jobs  |