diff --git a/.air.toml b/.air.toml index bff0eb5de..f5e8b5767 100644 --- a/.air.toml +++ b/.air.toml @@ -4,7 +4,6 @@ tmp_dir = "tmp" [build] args_bin = [] - bin = "env $(cat /vault/vault.env | xargs) ./tmp/jimm" cmd = "go build -gcflags='all=-N -l' -buildvcs=false -o ./tmp/jimm ./cmd/jimmsrv" delay = 1000 exclude_dir = [".vscode", "assets", "tmp", "vendor", "testdata"] diff --git a/.github/actions/test-server/README.md b/.github/actions/test-server/README.md new file mode 100644 index 000000000..2926efc38 --- /dev/null +++ b/.github/actions/test-server/README.md @@ -0,0 +1,28 @@ +# test-server +An action to create a JIMM server with real dependencies for integration test purposes. + +This action requires Docker to be installed to start JIMM and its related services. + +The action performs the following steps: +- Starts JIMM's docker compose test environment. +- Uses https://github.com/charmed-kubernetes/actions-operator action to start a Juju controller and connects it to JIMM. +- Ensures the local Juju CLI is setup to communicate with JIMM authenticating as a test user. + +Use the action by adding the following to a Github workflow: + +```yaml + integration-test: + runs-on: ubuntu-latest + name: Integration testing with JIMM + steps: + - name: Setup JIMM environment + uses: canonical/jimm@v3.1.7 + with: + jimm-version: "v3.1.7" + juju-channel: "3/stable" + ghcr-pat: ${{ secrets.GHCR_PAT }} +``` + +Note that it's recommended to pin the action version to the same version as `jimm-version` to ensure the action works as expected for that specific version of JIMM. + +For full details on the inputs see `action.yaml`. diff --git a/.github/actions/test-server/action.yaml b/.github/actions/test-server/action.yaml new file mode 100644 index 000000000..7fd42a836 --- /dev/null +++ b/.github/actions/test-server/action.yaml @@ -0,0 +1,99 @@ +name: JIMM Server Setup +description: "Create a JIMM environment" + +inputs: + jimm-version: + description: > + JIMM version tag to use. This will decide the version of JIMM to start e.g. v3.1.7 + A special tag of "dev" can be provided to use the current development version of JIMM. + required: true + juju-channel: + description: 'Juju snap channel to pass to charmed-kubernetes/actions-operator' + required: false + ghcr-pat: + description: > + PAT Token that has package:read access to canonical/JIMM + The PAT token can be left empty when building the development version of JIMM. + required: true + +output: + url: + description: 'URL where JIMM can be reached.' + value: "https://jimm.localhost" + client-id: + description: 'Test client ID to login to JIMM with a service account.' + value: "test-client-id" + client-secret: + description: 'Test client Secret to login to JIMM with a service account.' + value: "2M2blFbO4GX4zfggQpivQSxwWX1XGgNf" + +runs: + using: "composite" + steps: + - name: Login to GitHub Container Registry + if: ${{ inputs.jimm-version != 'dev' }} + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ inputs.ghcr-pat }} + + - name: Start server based on released version + if: ${{ inputs.jimm-version != 'dev' }} + run: make integration-test-env + shell: bash + env: + JIMM_VERSION: ${{ inputs.jimm-version }} + + - name: Start server based on development version + if: ${{ inputs.jimm-version == 'dev' }} + run: make dev-env + shell: bash + + - name: Initialise LXD + run: | + sudo lxd waitready && \ + sudo lxd init --auto && \ + sudo chmod a+wr /var/snap/lxd/common/lxd/unix.socket && \ + lxc network set lxdbr0 ipv6.address none && \ + sudo usermod -a -G lxd $USER + shell: bash + + - name: Setup cloud-init script for bootstraping Juju controllers + run: ./local/jimm/setup-controller.sh + shell: bash + env: + SKIP_BOOTSTRAP: true + CLOUDINIT_FILE: "cloudinit.temp.yaml" + + - name: Setup Juju Controller + uses: charmed-kubernetes/actions-operator@main + with: + provider: "lxd" + channel: "5.19/stable" + juju-channel: ${{ inputs.juju-channel }} + bootstrap-options: "--config cloudinit.temp.yaml --config login-token-refresh-url=https://jimm.localhost/.well-known/jwks.json" + + # As described in https://github.com/charmed-kubernetes/actions-operator grab the newly setup controller name + - name: Save LXD controller name + id: lxd-controller + run: echo "name=$CONTROLLER_NAME" >> $GITHUB_OUTPUT + shell: bash + + - name: Install jimmctl and yq + run: sudo snap install jimmctl --channel=3/stable && sudo snap install yq + shell: bash + + - name: Authenticate Juju CLI + run: chmod -R 666 ~/.local/share/juju/*.yaml && ./local/jimm/setup-cli-auth.sh + shell: bash + # Below is a hardcoded JWT using the same test-secret used in JIMM's docker compose and allows the CLI to authenticate as the jimm-test@canonical.com user. + env: + JWT: ZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKSVV6STFOaUo5LmV5SnBjM01pT2lKUGJteHBibVVnU2xkVUlFSjFhV3hrWlhJaUxDSnBZWFFpT2pFM01qUXlNamcyTmpBc0ltVjRjQ0k2TXprMk5EYzFNelEyTUN3aVlYVmtJam9pYW1sdGJTSXNJbk4xWWlJNkltcHBiVzB0ZEdWemRFQmpZVzV2Ym1sallXd3VZMjl0SW4wLkpTWVhXcGF6T0FnX1VFZ2hkbjlOZkVQdWxhWWlJQVdaX3BuSmRDbnJvWEk= + + - name: Add LXD Juju controller to JIMM + run: ./local/jimm/add-controller.sh + shell: bash + env: + JIMM_CONTROLLER_NAME: "jimm" + CONTROLLER_NAME: ${{ steps.lxd-controller.outputs.name }} diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e4ffac20e..6d43b9dce 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -54,21 +54,3 @@ jobs: PGSSLMODE: disable PGUSER: jimm PGPORT: 5432 - - smoke_test: - name: Smoke Test - runs-on: ubuntu-22.04 - # The docker compose has a healthcheck on the JIMM container. - # So if the compose returns with exit code 0 then the JIMM server successfully started. - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Add volume files - run: | - touch ./local/vault/approle.json - touch ./local/vault/roleid.txt - touch ./local/vault/vault.env - - - name: Run Smoke Test - run: docker compose --profile dev up -d --wait --timestamps diff --git a/.github/workflows/integration-test.yaml b/.github/workflows/integration-test.yaml new file mode 100644 index 000000000..9dd905e3b --- /dev/null +++ b/.github/workflows/integration-test.yaml @@ -0,0 +1,47 @@ +name: Integration Test + +on: + workflow_dispatch: + inputs: + jimm-version: + description: > + JIMM version tag to use. This will decide the version of JIMM to start e.g. v3.1.7. + View all available versions at https://github.com/canonical/jimm/pkgs/container/jimm. + required: true + pull_request: + +jobs: + startjimm: + name: Test JIMM with Juju controller + runs-on: ubuntu-22.04 + steps: + - name: Checkout JIMM repo + uses: actions/checkout@v4 + - name: Setup Go + if: ${{ github.event_name == 'pull_request' }} + uses: actions/setup-go@v4 + with: + go-version-file: 'go.mod' + - name: Go vendor to speed up docker build + if: ${{ github.event_name == 'pull_request' }} + run: go mod vendor + - name: Start JIMM (pull request) + if: ${{ github.event_name == 'pull_request' }} + uses: ./.github/actions/test-server + with: + jimm-version: dev + juju-channel: "3/stable" + ghcr-pat: ${{ secrets.GITHUB_TOKEN }} + - name: Start JIMM (manual run) + if: ${{ github.event_name == 'workflow_dispatch' }} + uses: ./.github/actions/test-server + with: + jimm-version: ${{ inputs.jimm-version }} + juju-channel: "3/stable" + ghcr-pat: ${{ secrets.GITHUB_TOKEN }} + - name: Create a model, deploy an application and run juju status + run: | + juju add-model foo && \ + juju deploy haproxy && \ + sleep 5 && \ + juju status diff --git a/Makefile b/Makefile index f923ee7d8..3b6b63ba9 100644 --- a/Makefile +++ b/Makefile @@ -47,11 +47,14 @@ dev-env-setup: sys-deps certs @make version/commit.txt && make version/version.txt dev-env: dev-env-setup - @docker compose --profile dev up --force-recreate + @docker compose --profile dev up -d --force-recreate --wait dev-env-cleanup: @docker compose --profile dev down -v --remove-orphans +integration-test-env: dev-env-setup + @JIMM_VERSION=$(JIMM_VERSION) docker compose --profile test up -d --force-recreate --wait + # Reformat all source files. format: gofmt -w -l . @@ -116,17 +119,25 @@ define check_dep fi endef -# Install packages required to develop JIMM and run tests. +# Install packages required to develop JIMM and/or run tests. APT_BASED := $(shell command -v apt-get >/dev/null; echo $$?) sys-deps: ifeq ($(APT_BASED),0) +# golangci-lint is necessary for linting. @$(call check_dep,golangci-lint,Missing Golangci-lint - install from https://golangci-lint.run/welcome/install/) +# Go acts as the test runner. @$(call check_dep,go,Missing Go - install from https://go.dev/doc/install or 'sudo snap install go --classic') +# Git is useful to have. @$(call check_dep,git,Missing Git - install with 'sudo apt install git') +# GCC is required for the compilation process. @$(call check_dep,gcc,Missing gcc - install with 'sudo apt install build-essential') +# yq is necessary for some scripts that process controller-info yaml files. @$(call check_dep,yq,Missing yq - install with 'sudo snap install yq') - @$(call check_dep,gcc,Missing microk8s - install latest none-classic from snapstore') +# Microk8s is required if you want to start a Juju controller on Microk8s. + @$(call check_dep,microk8s,Missing microk8s - install with 'sudo snap install microk8s') +# Docker is required to start the test dependencies in containers. @$(call check_dep,docker,Missing Docker - install from https://docs.docker.com/engine/install/) +# juju-db is required for tests that use Juju's test fixture, requiring MongoDB. @$(call check_dep,juju-db.mongo,Missing juju-db - install with 'sudo snap install juju-db --channel=4.4/stable') else @echo sys-deps runs only on systems with apt-get diff --git a/compose-common.yaml b/compose-common.yaml new file mode 100644 index 000000000..3b12226e1 --- /dev/null +++ b/compose-common.yaml @@ -0,0 +1,62 @@ +# This file contains a collection of common configurations used in JIMM's Docker compose file. + +services: + jimm-base: + environment: + JIMM_LOG_LEVEL: "debug" + JIMM_UUID: "3217dbc9-8ea9-4381-9e97-01eab0b3f6bb" + JIMM_DSN: "postgresql://jimm:jimm@db/jimm" + # Not needed for local test (yet). + # BAKERY_AGENT_FILE: "" + JIMM_ADMINS: "jimm-test@canonical.com" + # Note: You can comment out the Vault ENV vars below and instead use INSECURE_SECRET_STORAGE to place secrets in Postgres. + VAULT_ADDR: "http://vault:8200" + VAULT_PATH: "/jimm-kv/" + # Note: By default we should use Vault as that is the primary means of secret storage. + # INSECURE_SECRET_STORAGE: "enabled" + # JIMM_DASHBOARD_LOCATION: "" + JIMM_DNS_NAME: "jimm.localhost" + JIMM_LISTEN_ADDR: "0.0.0.0:80" + JIMM_TEST_PGXDSN: "postgresql://jimm:jimm@db/jimm" + JIMM_JWT_EXPIRY: 30s + JIMM_AUDIT_LOG_RETENTION_PERIOD_IN_DAYS: "1" + TEST_LOGGING_CONFIG: "" + BAKERY_PUBLIC_KEY: "izcYsQy3TePp6bLjqOo3IRPFvkQd2IKtyODGqC6SdFk=" + BAKERY_PRIVATE_KEY: "ly/dzsI9Nt/4JxUILQeAX79qZ4mygDiuYGqc2ZEiDEc=" + OPENFGA_SCHEME: "http" + OPENFGA_HOST: "openfga" + OPENFGA_PORT: 8080 + OPENFGA_STORE: "01GP1254CHWJC1MNGVB0WDG1T0" + OPENFGA_AUTH_MODEL: "01GP1EC038KHGB6JJ2XXXXCXKB" + OPENFGA_TOKEN: "jimm" + JIMM_IS_LEADER: true + JIMM_OAUTH_ISSUER_URL: "http://keycloak.localhost:8082/realms/jimm" # Scheme required + JIMM_OAUTH_CLIENT_ID: "jimm-device" + JIMM_OAUTH_CLIENT_SECRET: "SwjDofnbDzJDm9iyfUhEp67FfUFMY8L4" + JIMM_OAUTH_SCOPES: "openid profile email" # Space separated list of scopes + JIMM_DASHBOARD_FINAL_REDIRECT_URL: "https://jaas.ai" # Example URL + JIMM_ACCESS_TOKEN_EXPIRY_DURATION: 1h + JIMM_SECURE_SESSION_COOKIES: false + JIMM_SESSION_COOKIE_MAX_AGE: 86400 + JIMM_SESSION_SECRET_KEY: Xz2RkR9g87M75xfoumhEs5OmGziIX8D88Rk5YW8FSvkBPSgeK9t5AS9IvPDJ3NnB + healthcheck: + test: [ "CMD", "curl", "http://jimm.localhost:80" ] + interval: 5s + timeout: 5s + retries: 50 # Should fail after approximately (interval*retry) seconds + depends_on: + db: + condition: service_healthy + openfga: + condition: service_healthy + traefik: + condition: service_healthy + insert-hardcoded-auth-model: + condition: service_completed_successfully + keycloak: + condition: service_healthy + labels: + traefik.enable: true + traefik.http.routers.jimm.rule: Host(`jimm.localhost`) + traefik.http.routers.jimm.entrypoints: websecure + traefik.http.routers.jimm.tls: true diff --git a/docker-compose.yaml b/docker-compose.yaml index 51fbaee36..e6a34cf77 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -2,7 +2,7 @@ services: traefik: image: "traefik:2.9" container_name: traefik - profiles: ["dev"] + profiles: ["dev", "test"] ports: - "80:80" - "443:443" @@ -19,8 +19,31 @@ services: interval: 10s timeout: 5s retries: 3 + + # An instance of JIMM used in integration tests, pulled from a tag. + jimm-test: + extends: + file: compose-common.yaml + service: jimm-base + image: ghcr.io/canonical/jimm:${JIMM_VERSION:-latest} + profiles: ["test"] + container_name: jimm-test + ports: + - 17070:80 + entrypoint: + - bash + - -c + - >- + apt update && apt install curl -y + && set -a && . /vault/vault.env && set +a && /usr/local/bin/jimmsrv + volumes: + - ./local/vault/vault.env:/vault/vault.env:rw - jimm: + # An instance of JIMM used for dev, built from source with hot-reloading. + jimm-dev: + extends: + file: compose-common.yaml + service: jimm-base image: cosmtrek/air:latest profiles: ["dev"] # working_dir value has to be the same of mapped volume @@ -36,69 +59,9 @@ services: ports: - 17070:80 - 2345:2345 - environment: - JIMM_LOG_LEVEL: "debug" - JIMM_UUID: "3217dbc9-8ea9-4381-9e97-01eab0b3f6bb" - JIMM_DSN: "postgresql://jimm:jimm@db/jimm" - # Not needed for local test (yet). - # BAKERY_AGENT_FILE: "" - JIMM_ADMINS: "jimm-test@canonical.com" - # Note: You can comment out the Vault ENV vars below and instead use INSECURE_SECRET_STORAGE to place secrets in Postgres. - VAULT_ADDR: "http://vault:8200" - VAULT_PATH: "/jimm-kv/" - # Note: By default we should use Vault as that is the primary means of secret storage. - # INSECURE_SECRET_STORAGE: "enabled" - # JIMM_DASHBOARD_LOCATION: "" - JIMM_DNS_NAME: "jimm.localhost" - JIMM_LISTEN_ADDR: "0.0.0.0:80" - JIMM_TEST_PGXDSN: "postgresql://jimm:jimm@db/jimm" - JIMM_JWT_EXPIRY: 30s - JIMM_AUDIT_LOG_RETENTION_PERIOD_IN_DAYS: "1" - TEST_LOGGING_CONFIG: "" - BAKERY_PUBLIC_KEY: "izcYsQy3TePp6bLjqOo3IRPFvkQd2IKtyODGqC6SdFk=" - BAKERY_PRIVATE_KEY: "ly/dzsI9Nt/4JxUILQeAX79qZ4mygDiuYGqc2ZEiDEc=" - OPENFGA_SCHEME: "http" - OPENFGA_HOST: "openfga" - OPENFGA_PORT: 8080 - OPENFGA_STORE: "01GP1254CHWJC1MNGVB0WDG1T0" - OPENFGA_AUTH_MODEL: "01GP1EC038KHGB6JJ2XXXXCXKB" - OPENFGA_TOKEN: "jimm" - JIMM_IS_LEADER: true - JIMM_OAUTH_ISSUER_URL: "http://keycloak.localhost:8082/realms/jimm" # Scheme required - JIMM_OAUTH_CLIENT_ID: "jimm-device" - JIMM_OAUTH_CLIENT_SECRET: "SwjDofnbDzJDm9iyfUhEp67FfUFMY8L4" - JIMM_OAUTH_SCOPES: "openid profile email" # Space separated list of scopes - JIMM_DASHBOARD_FINAL_REDIRECT_URL: "https://jaas.ai" # Example URL - JIMM_ACCESS_TOKEN_EXPIRY_DURATION: 1h - JIMM_SECURE_SESSION_COOKIES: false - JIMM_SESSION_COOKIE_MAX_AGE: 86400 - JIMM_SESSION_SECRET_KEY: Xz2RkR9g87M75xfoumhEs5OmGziIX8D88Rk5YW8FSvkBPSgeK9t5AS9IvPDJ3NnB volumes: - ./:/jimm/ - - ./local/vault/approle.json:/vault/approle.json:rw - - ./local/vault/roleid.txt:/vault/roleid.txt:rw - ./local/vault/vault.env:/vault/vault.env:rw - healthcheck: - test: [ "CMD", "curl", "http://jimm.localhost:80" ] - interval: 5s - timeout: 5s - retries: 50 # Should fail after approximately (interval*retry) seconds - depends_on: - db: - condition: service_healthy - openfga: - condition: service_healthy - traefik: - condition: service_healthy - insert-hardcoded-auth-model: - condition: service_completed_successfully - keycloak: - condition: service_healthy - labels: - traefik.enable: true - traefik.http.routers.jimm.rule: Host(`jimm.localhost`) - traefik.http.routers.jimm.entrypoints: websecure - traefik.http.routers.jimm.tls: true db: image: postgres @@ -193,7 +156,7 @@ services: # Adds the auth model and updates its authorisation model id to be the expected hard-coded id such that our local JIMM can utilise it for queries. # The auth model json is retrieved from file via volume mount. insert-hardcoded-auth-model: - profiles: ["dev"] + profiles: ["dev", "test"] image: governmentpaas/psql container_name: insert-hardcoded-auth-model volumes: diff --git a/local/jimm/add-controller.sh b/local/jimm/add-controller.sh index 23f89aca3..0600c0ac8 100755 --- a/local/jimm/add-controller.sh +++ b/local/jimm/add-controller.sh @@ -20,16 +20,27 @@ echo "JIMM controller name is: $JIMM_CONTROLLER_NAME" echo "Target controller name is: $CONTROLLER_NAME" echo "Target controller path is: $CONTROLLER_YAML_PATH" echo -echo "Building jimmctl..." -# Build jimmctl so we may add a controller. -go build ./cmd/jimmctl -echo "Built." -echo +which jimmctl +jimmctlAvailable=$? +if [ $jimmctlAvailable -ne 0 ]; then + echo "Building jimmctl..." + # Build jimmctl so we may add a controller. + go build ./cmd/jimmctl + echo "Built jimmctl." + echo +else + echo "jimmctl available, skipping build" +fi +if which jimmctl | grep -q 'snap'; then + CONTROLLER_YAML_PATH="$HOME/snap/jimmctl/common/$CONTROLLER_YAML_PATH" + echo "jimmctl is installed as a snap" + echo "placing controller info file at $CONTROLLER_YAML_PATH" +fi echo "Switching juju controller to $JIMM_CONTROLLER_NAME" juju switch "$JIMM_CONTROLLER_NAME" echo echo "Retrieving controller info for $CONTROLLER_NAME" -./jimmctl controller-info --local "$CONTROLLER_NAME" "$CONTROLLER_YAML_PATH" --tls-hostname juju-apiserver +jimmctl controller-info --local "$CONTROLLER_NAME" "$CONTROLLER_YAML_PATH" --tls-hostname juju-apiserver if [[ -f "$CONTROLLER_YAML_PATH" ]]; then echo "Controller info retrieved." else @@ -38,7 +49,7 @@ else fi echo echo "Adding controller from path: $CONTROLLER_YAML_PATH" -./jimmctl add-controller "$CONTROLLER_YAML_PATH" +jimmctl add-controller "$CONTROLLER_YAML_PATH" echo echo "Updating cloud credentials for: $JIMM_CONTROLLER_NAME, from client credential: $CLIENT_CREDENTIAL_NAME" juju update-credentials "$CLIENT_CREDENTIAL_NAME" --controller "$JIMM_CONTROLLER_NAME" diff --git a/local/jimm/setup-cli-auth.sh b/local/jimm/setup-cli-auth.sh new file mode 100755 index 000000000..57464c3d7 --- /dev/null +++ b/local/jimm/setup-cli-auth.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +# This script is used to setup a Juju CLI to be authenticated with JIMM without going through login. +# This is particularly useful in headless environments like CI/CD. + +set -eux + +# Note that we are working around the fact that yq is a snap and doesn't have permission to hidden folders due to snap confinement. +cat ~/.local/share/juju/accounts.yaml | yq '.controllers += {"jimm":{"type": "oauth2-device", "user": "jimm-test@canonical.com", "access-token": strenv(JWT)}}' | cat > temp-accounts.yaml && mv temp-accounts.yaml ~/.local/share/juju/accounts.yaml +cat ~/.local/share/juju/controllers.yaml | yq '.controllers += {"jimm":{"uuid": "3217dbc9-8ea9-4381-9e97-01eab0b3f6bb", "api-endpoints": ["jimm.localhost:443"]}}' | cat > temp-controllers.yaml && mv temp-controllers.yaml ~/.local/share/juju/controllers.yaml diff --git a/local/jimm/setup-controller.sh b/local/jimm/setup-controller.sh index 4c1a7a181..dca63e6c7 100755 --- a/local/jimm/setup-controller.sh +++ b/local/jimm/setup-controller.sh @@ -4,12 +4,7 @@ # It will bootstrap a Juju controller and configure the necessary config to enable the controller # to communicate with the docker compose -CLOUDINIT_FILE="cloudinit.temp.yaml" -function finish { - rm "$CLOUDINIT_FILE" -} -trap finish EXIT - +CLOUDINIT_FILE=${CLOUDINIT_FILE:-"cloudinit.temp.yaml"} CONTROLLER_NAME="${CONTROLLER_NAME:-qa-lxd}" CLOUDINIT_TEMPLATE=$'cloudinit-userdata: | preruncmd: @@ -18,7 +13,16 @@ CLOUDINIT_TEMPLATE=$'cloudinit-userdata: | trusted: - |\n%s' +# shellcheck disable=SC2059 +# We are using the variable as the printf template printf "$CLOUDINIT_TEMPLATE" "$(lxc network get lxdbr0 ipv4.address | cut -f1 -d/)" "$(cat local/traefik/certs/ca.crt | sed -e 's/^/ /')" > "${CLOUDINIT_FILE}" +echo "created cloud-init file" + +if [ "${SKIP_BOOTSTRAP:-false}" == true ]; then + echo "skipping controller bootstrap" + exit 0 +fi echo "Bootstrapping controller" juju bootstrap lxd "${CONTROLLER_NAME}" --config "${CLOUDINIT_FILE}" --config login-token-refresh-url=https://jimm.localhost/.well-known/jwks.json +rm "$CLOUDINIT_FILE" diff --git a/scripts/lxd-build-test.sh b/scripts/lxd-build-test.sh deleted file mode 100755 index 11a1d9003..000000000 --- a/scripts/lxd-build-test.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/bin/sh -# lxd-build-test.sh - run JIMM tests in a clean LXD environment - -set -eu - -image=${image:-ubuntu:18.04} -container=${container:-jimm-test-`uuidgen`} -packages="build-essential bzr git make" - -lxc launch -e $image $container -trap "lxc delete --force $container" EXIT - -lxc exec $container -- sh -c 'while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 0.1; done' - -lxc exec --env http_proxy=${http_proxy:-} --env no_proxy=${no_proxy:-} $container -- apt-get update -y -lxc exec --env http_proxy=${http_proxy:-} --env no_proxy=${no_proxy:-} $container -- apt-get install -y $packages -lxc exec $container -- snap set system proxy.http=${http_proxy:-} -lxc exec $container -- snap set system proxy.https=${https_proxy:-${http_proxy:-}} -lxc exec $container -- snap install go --classic -lxc exec $container -- snap install vault -lxc exec $container -- snap install juju-db --devmode -if [ -n "${http_proxy:-}" ]; then - lxc exec \ - --env HOME=/home/ubuntu \ - --cwd /home/ubuntu/ \ - --user 1000 \ - --group 1000 \ - $container -- git config --global http.proxy ${http_proxy:-} -fi - -lxc file push --uid 1000 --gid 1000 --mode 600 ${NETRC:-$HOME/.netrc} $container/home/ubuntu/.netrc -lxc exec --cwd /home/ubuntu/ --user 1000 --group 1000 $container -- mkdir -p /home/ubuntu/src -tar c . | lxc exec --cwd /home/ubuntu/src/ --user 1000 --group 1000 $container -- tar x -lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --cwd /home/ubuntu/src/ \ - --user 1000 \ - --group 1000 \ - $container -- go mod download - -if [ -n "${juju_version:-}" ]; then - lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --cwd /home/ubuntu/src/ \ - --user 1000 \ - --group 1000 \ - $container -- go get github.com/juju/juju@$juju_version -fi - -lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --cwd /home/ubuntu/src/ \ - --user 1000 \ - --group 1000 \ - $container -- make check diff --git a/scripts/lxd-charm-build.sh b/scripts/lxd-charm-build.sh deleted file mode 100755 index 48694127b..000000000 --- a/scripts/lxd-charm-build.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/sh -# lxd-snap-build.sh - build JIMM charm in a clean LXD environment - -set -eu - -charm_name=juju-jimm -image=${image:-ubuntu:20.04} -container=${container:-${charm_name}-charm-`uuidgen`} - -lxd_exec() { - lxc exec \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - $container -- "$@" -} - -lxd_exec_ubuntu() { - lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --user 1000 \ - --group 1000 \ - --cwd=${cwd:-/home/ubuntu} \ - $container -- "$@" -} - -lxc launch -e ${image} $container -trap "lxc stop $container" EXIT - -lxd_exec sh -c 'while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 0.1; done' - -lxd_exec apt-get update -q -y -lxd_exec apt-get upgrade -q -y -lxd_exec apt-get install -y build-essential autoconf python-dev-is-python3 -if [ -n "${http_proxy:-}" ]; then - lxd_exec snap set system proxy.http=${http_proxy:-} - lxd_exec snap set system proxy.https=${https_proxy:-${http_proxy:-}} - lxd_exec_ubuntu git config --global http.proxy ${http_proxy:-} -fi -lxd_exec snap install charmcraft --classic -echo "Push .netrc" -lxc file push --uid 1000 --gid 1000 --mode 600 ${NETRC:-$HOME/.netrc} $container/home/ubuntu/.netrc -echo "Create src" -lxd_exec_ubuntu mkdir -p /home/ubuntu/src -echo "Transfer data" -tar c -C `dirname $0`/.. . | cwd=/home/ubuntu/src lxd_exec_ubuntu tar x - - -echo "Charmcraft build" -cwd=/home/ubuntu/src/charms/jimm lxd_exec_ubuntu sudo -E charmcraft pack --verbose --destructive-mode -echo "Find file" -charmfile=`lxd_exec_ubuntu find /home/ubuntu/src/charms/jimm -name "${charm_name}_*.charm"| head -1` -echo "Pull file" -lxc file pull $container$charmfile . diff --git a/scripts/lxd-k8s-charm-build.sh b/scripts/lxd-k8s-charm-build.sh deleted file mode 100755 index a04edeac2..000000000 --- a/scripts/lxd-k8s-charm-build.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -# lxd-snap-build.sh - build JIMM charm in a clean LXD environment - -set -eu - -charm_name=juju-jimm-k8s -image=${image:-ubuntu:20.04} -container=${container:-${charm_name}-charm-`uuidgen`} - -lxd_exec() { - lxc exec \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - $container -- "$@" -} - -lxd_exec_ubuntu() { - lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --user 1000 \ - --group 1000 \ - --cwd=${cwd:-/home/ubuntu} \ - $container -- "$@" -} - -lxc launch -e ${image} $container -trap "lxc stop $container" EXIT - -lxd_exec sh -c 'while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 0.1; done' - -lxd_exec apt-get update -q -y -lxd_exec apt-get upgrade -q -y -lxd_exec apt-get install -y build-essential autoconf python-dev -if [ -n "${http_proxy:-}" ]; then - lxd_exec snap set system proxy.http=${http_proxy:-} - lxd_exec snap set system proxy.https=${https_proxy:-${http_proxy:-}} - lxd_exec_ubuntu git config --global http.proxy ${http_proxy:-} -fi -lxd_exec snap install charmcraft --classic -echo "Push .netrc" -lxc file push --uid 1000 --gid 1000 --mode 600 ${NETRC:-$HOME/.netrc} $container/home/ubuntu/.netrc -echo "Create src" -lxd_exec_ubuntu mkdir -p /home/ubuntu/src -echo "Transfer data" -tar c -C `dirname $0`/.. . | cwd=/home/ubuntu/src lxd_exec_ubuntu tar x - -echo "Charmcraft build" -cwd=/home/ubuntu/src/charms/jimm-k8s lxd_exec_ubuntu sudo -E charmcraft pack --verbose --destructive-mode -echo "Find file" -charmfile=`lxd_exec_ubuntu find /home/ubuntu/src/charms/jimm-k8s -name "${charm_name}_*.charm"| head -1` -echo "Pull file" -lxc file pull $container$charmfile . diff --git a/scripts/lxd-release-build.sh b/scripts/lxd-release-build.sh deleted file mode 100644 index ae4ebb066..000000000 --- a/scripts/lxd-release-build.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh -# lxd-release-build.sh - build JIMM releases in a clean LXD environment - -set -eu - -image=${image:-ubuntu:20.04} -container=${container:-jimm-release-`uuidgen`} - -lxd_exec() { - lxc exec \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - $container -- "$@" -} - -lxd_exec_ubuntu() { - lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --user 1000 \ - --group 1000 \ - --cwd=${cwd:-/home/ubuntu} \ - $container -- "$@" -} - -lxc launch -e ${image} $container -trap "lxc delete --force $container" EXIT - -lxd_exec sh -c 'while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 0.1; done' - -lxd_exec apt-get update -y -lxd_exec apt-get install -y build-essential bzr git make mongodb -if [ -n "${http_proxy:-}" ]; then - lxd_exec snap set system proxy.http=${http_proxy:-} - lxd_exec snap set system proxy.https=${https_proxy:-${http_proxy:-}} - lxd_exec_ubuntu git config --global http.proxy ${http_proxy:-} -fi -lxd_exec snap install go --classic -lxd_exec snap install vault - -lxc file push --uid 1000 --gid 1000 --mode 600 ${NETRC:-$HOME/.netrc} $container/home/ubuntu/.netrc -lxd_exec_ubuntu mkdir -p /home/ubuntu/src -tar c . | cwd=/home/ubuntu/src lxd_exec_ubuntu tar x -cwd=/home/ubuntu/src lxd_exec_ubuntu go mod download - -cwd=/home/ubuntu/src lxd_exec_ubuntu make check -cwd=/home/ubuntu/src lxd_exec_ubuntu make release - -tarfile=`lxd_exec_ubuntu find /home/ubuntu/src -name "jimm-*.tar.xz"| head -1` -lxc file pull $container$tarfile . diff --git a/scripts/lxd-snap-build.sh b/scripts/lxd-snap-build.sh deleted file mode 100755 index 438e3db07..000000000 --- a/scripts/lxd-snap-build.sh +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh -# lxd-snap-build.sh - build JIMM snaps in a clean LXD environment - -set -eu - -snap_name=${snap_name:-jimm} -image=${image:-ubuntu:20.04} -container=${container:-${snap_name}-snap} - -lxd_exec() { - lxc exec \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - $container -- "$@" -} - -lxd_exec_ubuntu() { - lxc exec \ - --env HOME=/home/ubuntu \ - --env http_proxy=${http_proxy:-} \ - --env https_proxy=${https_proxy:-${http_proxy:-}} \ - --env no_proxy=${no_proxy:-} \ - --user 1000 \ - --group 1000 \ - --cwd=${cwd:-/home/ubuntu} \ - $container -- "$@" -} - -lxc launch -e ${image} $container -trap "lxc stop $container" EXIT - -lxd_exec sh -c 'while [ ! -f /var/lib/cloud/instance/boot-finished ]; do sleep 0.1; done' - -lxd_exec apt-get update -q -y -lxd_exec apt-get upgrade -q -y -lxd_exec apt-get install build-essential -q -y -if [ -n "${http_proxy:-}" ]; then - lxd_exec snap set system proxy.http=${http_proxy:-} - lxd_exec snap set system proxy.https=${https_proxy:-${http_proxy:-}} - lxd_exec_ubuntu git config --global http.proxy ${http_proxy:-} -fi -lxd_exec snap install snapcraft --classic -lxc file push --uid 1000 --gid 1000 --mode 600 ${NETRC:-$HOME/.netrc} $container/home/ubuntu/.netrc -lxd_exec_ubuntu mkdir -p /home/ubuntu/src -tar c -C `dirname $0`/.. . | cwd=/home/ubuntu/src lxd_exec_ubuntu tar x -target= -if [ -n "${target_arch:-}" ]; then - target="--target-arch ${target_arch}" -fi -cwd=/home/ubuntu/src/snaps/$snap_name lxd_exec_ubuntu snapcraft --destructive-mode $target -snapfile=`lxd_exec_ubuntu find /home/ubuntu/src -name "${snap_name}_*.snap"| head -1` -lxc file pull $container$snapfile .