diff --git a/.github/workflows/pre-merge.yml b/.github/workflows/pre-merge.yml index 6c6a8875..421cf240 100644 --- a/.github/workflows/pre-merge.yml +++ b/.github/workflows/pre-merge.yml @@ -85,6 +85,8 @@ jobs: - name: Deploy Umbrella Charts run: | set -x + # Generate a random password for CI testing + ORCH_DEFAULT_PASSWORD=$(openssl rand -base64 32 | tr -d "=+/" | cut -c1-25) PUBLIC_RS="registry-rs.edgeorchestration.intel.com/edge-orch/" DEV_VALUES="-f tools/latest-dev-components.yaml" CORE_DEV_VALUES="" @@ -120,7 +122,8 @@ jobs: --set import.credentials.enabled=false \ --set import.tenant-controller.enabled=false \ --set tenant-controller.managerArgs.disableCredentialsManagement=true \ - --set inventory.postgresql.pod.enabled=true ${CORE_DEV_VALUES} \ + --set inventory.postgresql.pod.enabled=true \ + --set inventory.postgresql.auth.password="${ORCH_DEFAULT_PASSWORD}" ${CORE_DEV_VALUES} \ infra-core ./infra-core helm install -n orch-infra --set global.registry.name="${PUBLIC_RS}" \ @@ -130,7 +133,8 @@ jobs: --set import.amt.enabled=false \ infra-external ./infra-external - helm install -n orch-infra --set global.registry.name="${PUBLIC_RS}" ${MANAGERS_DEV_VALUES} \ + helm install -n orch-infra --set global.registry.name="${PUBLIC_RS}" \ + --set inventory.postgresql.auth.password="${ORCH_DEFAULT_PASSWORD}" ${MANAGERS_DEV_VALUES} \ infra-managers ./infra-managers # TODO: find a way to at least deploy OM, it currently depends on the RS. @@ -160,6 +164,12 @@ jobs: kubectl get pvc -A kubectl describe nodes helm ls -A + echo "#############################LOGS################################" + for pod in $(kubectl get pods -n orch-infra -o jsonpath='{.items[*].metadata.name}'); do + echo "Logs for pod: $pod" + kubectl logs -n orch-infra "$pod" || echo "No logs for pod: $pod" + echo "-----------------------------------------------------" + done exit "$deploy_failed" fi echo "All services up and running" diff --git a/.github/workflows/sanity-tests.yml b/.github/workflows/sanity-tests.yml index d06e6b9a..056444d5 100644 --- a/.github/workflows/sanity-tests.yml +++ b/.github/workflows/sanity-tests.yml @@ -199,7 +199,7 @@ jobs: working-directory: virtual-edge-node/edge-node-simulator env: CA_PATH: ${{ github.workspace }}/orch-ca.crt - PASSWORD: 'ChangeMeOn1stLogin!' + PASSWORD: ${{ env.ORCH_DEFAULT_PASSWORD }} PROJECT: 'sample-project' shell: bash run: | @@ -283,7 +283,7 @@ jobs: env: KEYCLOAK_URL: "https://keycloak.kind.internal" USERNAME: "sample-project-api-user" - PASSWORD: 'ChangeMeOn1stLogin!' + PASSWORD: ${{ env.ORCH_DEFAULT_PASSWORD }} API_URL: "http://127.0.0.1:8080/" CA_PATH: ${{ github.workspace }}/orch-ca.crt shell: bash diff --git a/.github/workflows/sanity-upgrade-test.yml b/.github/workflows/sanity-upgrade-test.yml index 373f666c..f69d3754 100644 --- a/.github/workflows/sanity-upgrade-test.yml +++ b/.github/workflows/sanity-upgrade-test.yml @@ -180,27 +180,6 @@ jobs: run: | asdf install -# - name: Run E2E integration test - create Virtual Edge Node -# working-directory: virtual-edge-node/edge-node-simulator -# env: -# CA_PATH: ${{ github.workspace }}/orch-ca.crt -# PASSWORD: 'ChangeMeOn1stLogin!' -# PROJECT: 'sample-project' -# shell: bash -# run: | -# PROJECT_ID=$(kubectl get projects.project -o json | jq -r ".items[0].status.projectStatus.uID") -# echo "Set port-forward to ensim/api" -# kubectl port-forward svc/ensim -n orch-infra --address 0.0.0.0 3196:3196 & -# kubectl port-forward svc/api -n orch-infra --address 0.0.0.0 8080:8080 & - -# echo "Runs day0 tests - create Virtual Edge Node" -# # Runs day0 integration tests -# ginkgo -v -r --fail-fast --race --json-report infra-tests-day0.json --output-dir . --label-filter="infra-tests-custom-day0-create" ./test/infra -- \ -# -project=${PROJECT} -projectID=${PROJECT_ID} -caFilepath=${CA_PATH} -simAddress=127.0.0.1:3196 \ -# -orchFQDN=kind.internal -infraURL=http://127.0.0.1:8080/edge-infra.orchestrator.apis/v1 \ -# -edgeAPIUser=sample-project-api-user -edgeAPIPass=${PASSWORD} \ -# -edgeOnboardUser=sample-project-onboarding-user -edgeOnboardPass=${PASSWORD} - - name: Upgrade emf deployment with branch dev/infra-charts-upgr-test id: customize-charts-from-branch timeout-minutes: 15 @@ -282,29 +261,11 @@ jobs: kubectl -n dev get applications infra-onboarding -o yaml echo "Orchestrator upgrade verified!" -# - name: Run E2E integration test - check status and delete Virtual Edge Node -# working-directory: virtual-edge-node/edge-node-simulator -# env: -# CA_PATH: ${{ github.workspace }}/orch-ca.crt -# PASSWORD: 'ChangeMeOn1stLogin!' -# PROJECT: 'sample-project' -# shell: bash -# run: | -# PROJECT_ID=$(kubectl get projects.project -o json | jq -r ".items[0].status.projectStatus.uID") -# -# echo "Runs day0 tests - verify existing Virtual Edge Node is in running state and delete it" -# # Runs day0 integration tests -# ginkgo -v -r --fail-fast --race --json-report infra-tests-day0.json --output-dir . --label-filter="infra-tests-custom-day0-delete" ./test/infra -- \ -# -project=${PROJECT} -projectID=${PROJECT_ID} -caFilepath=${CA_PATH} -simAddress=127.0.0.1:3196 \ -# -orchFQDN=kind.internal -infraURL=http://127.0.0.1:8080/edge-infra.orchestrator.apis/v1 \ -# -edgeAPIUser=sample-project-api-user -edgeAPIPass=${PASSWORD} \ -# -edgeOnboardUser=sample-project-onboarding-user -edgeOnboardPass=${PASSWORD} - - name: Run infra E2E integration tests working-directory: virtual-edge-node/edge-node-simulator env: CA_PATH: ${{ github.workspace }}/orch-ca.crt - PASSWORD: 'ChangeMeOn1stLogin!' + PASSWORD: ${{ env.ORCH_DEFAULT_PASSWORD }} PROJECT: 'sample-project' shell: bash run: | diff --git a/infra-core/Chart.yaml b/infra-core/Chart.yaml index 611b3593..e1ff601a 100644 --- a/infra-core/Chart.yaml +++ b/infra-core/Chart.yaml @@ -5,8 +5,8 @@ apiVersion: v2 name: infra-core description: Edge Infrastructure Manager Core Umbrella Chart type: application -version: "2.18.0" -appVersion: "2.18.0" +version: "2.18.1" +appVersion: "2.18.1" annotations: {} home: edge-orchestrator.intel.com maintainers: @@ -26,7 +26,7 @@ dependencies: repository: "file://../exporter" - name: inventory condition: import.inventory.enabled - version: "2.29.0" + version: "2.29.1" repository: "file://../inventory" - name: credentials condition: import.credentials.enabled diff --git a/inventory/Chart.yaml b/inventory/Chart.yaml index b4d28dc9..b9e72ae9 100644 --- a/inventory/Chart.yaml +++ b/inventory/Chart.yaml @@ -5,7 +5,7 @@ apiVersion: v2 name: inventory description: Edge Infrastructure Manager Inventory type: application -version: 2.29.0 +version: 2.29.1 appVersion: "2.33.2" home: edge-orchestrator.intel.com maintainers: diff --git a/inventory/templates/postgresql-secrets.yml b/inventory/templates/postgresql-secrets.yml index 0dde4417..dc362403 100644 --- a/inventory/templates/postgresql-secrets.yml +++ b/inventory/templates/postgresql-secrets.yml @@ -9,7 +9,7 @@ metadata: name: {{ .Values.postgresql.secrets }} stringData: PGUSER: "admin" - PGPASSWORD: "ChangeMeOn1stLogin!" + PGPASSWORD: {{ required "PostgreSQL password" .Values.postgresql.auth.password | quote }} PGDATABASE: "postgres" PGPORT: "5432" PGHOST: "inventory-postgresql-0.inventory-postgresql" diff --git a/inventory/values.yaml b/inventory/values.yaml index d89061d8..78ad618a 100644 --- a/inventory/values.yaml +++ b/inventory/values.yaml @@ -137,6 +137,9 @@ postgresql: mountPath: "/var/lib/postgresql/data" # secrets with PGHOST, PGUSER, PGPASSWORD, PGDATABASE, PGPORT secrets: inventory-postgresql-config + # Authentication configuration + auth: + password: "" # Configuration for read-only replicas readOnlyReplicasEnabled: false # secrets for read-only replicas with PGHOST, PGUSER, PGPASSWORD, PGDATABASE, PGPORT