From 40426543385248300be3b12b134019ff058195b6 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 6 Mar 2025 09:33:16 +0100 Subject: [PATCH 01/57] Adding .gitignore file --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..69adda3 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +# editor and IDE paraphernalia +.idea From 7ef1ad8a84c5e97e6306d2c4f8ae110937c38ac0 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 6 Mar 2025 21:28:38 +0100 Subject: [PATCH 02/57] Reducing current pipeline --- pipelines/rhtas-operator-e2e.yaml | 105 +----------------------------- 1 file changed, 1 insertion(+), 104 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 1a94142..3fc6e49 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -308,107 +308,4 @@ spec: - name: KUBECONFIG value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir - value: source - - name: get-tuftool - ref: - resolver: git - params: - - name: url - value: https://github.com/securesign/pipelines.git - - name: revision - value: main - - name: pathInRepo - value: stepactions/extract-tuftool.yaml - params: - - name: volume - value: binaries - - name: get-cosign - ref: - resolver: git - params: - - name: url - value: https://github.com/securesign/pipelines.git - - name: revision - value: main - - name: pathInRepo - value: stepactions/extract-cosign.yaml - params: - - name: volume - value: binaries - - name: execute-e2e - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - onError: continue - results: - - name: status - type: string - env: - - name: OIDC_HOST - value: "$(steps.install-keycloak.results.oidc-hostname)" - - name: KUBECONFIG - value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - - name: CI - value: "true" - volumeMounts: - - name: credentials - mountPath: /credentials - - name: repository - mountPath: /repository - - name: binaries - mountPath: /binaries - - name: dump - mountPath: /dump - script: | - #!/bin/sh - set +e -o pipefail - cd /repository/source - export PATH="$PATH:/binaries" - export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer - openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert - export SSL_CERT_FILE=/tmp/ssl.cert - go mod vendor - make test-e2e | tee /dump/testOutput.log - - if [ $? -eq 0 ]; then - echo -n "success" > "$(step.results.status.path)" - else - cp test/**/k8s-dump-*.tar.gz /dump - echo "Dumping files:" - ls /dump - echo -n "fail" > "$(step.results.status.path)" - exit 1 - fi - - name: secure-push-oci - when: - - input: "$(steps.execute-e2e.results.status)" - operator: notin - values: [ "success" ] - ref: - resolver: git - params: - - name: url - value: https://github.com/securesign/pipelines.git - - name: revision - value: main - - name: pathInRepo - value: stepactions/secure-push-oci.yaml - params: - - name: oci-ref - value: "quay.io/securesign/test-dump-oci:$(tasks.parse-metadata.results.git-revision)" - - name: credentials-volume-name - value: push-creds - - name: artifacts-volume-name - value: dump - - name: oci-tag-expiration - value: 1d - # workaround - extract dump-push step to separate action once KONFLUX-5535 is resolved - - name: report-status - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - env: - - name: STATUS - value: "$(steps.execute-e2e.results.status)" - script: | - #!/bin/bash - if [ "$STATUS" != "success" ]; then - echo "Test failure" - exit 1 - fi + value: source \ No newline at end of file From c45a00680d251c7ad50c00ec05f6569bfcb539c5 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Sun, 9 Mar 2025 22:53:12 +0100 Subject: [PATCH 03/57] Cloning e2e tests --- pipelines/rhtas-operator-e2e.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 3fc6e49..bd04eca 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -308,4 +308,14 @@ spec: - name: KUBECONFIG value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir - value: source \ No newline at end of file + value: source + - name: git-clone-tas-e2e + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + volumeMounts: + - name: repository + mountPath: /repository + script: | + cd /repository + echo "Cloning TAS e2e tests" + git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e + cd sigstore-e2e From 97b058c831d19816dd2e80433b803d4c6cbcfdf1 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 13:34:59 +0100 Subject: [PATCH 04/57] Installing TAS --- pipelines/rhtas-operator-e2e.yaml | 21 ++++++++++++++ stepactions/install-tas.yaml | 46 +++++++++++++++++++++++++++++++ 2 files changed, 67 insertions(+) create mode 100644 stepactions/install-tas.yaml diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index bd04eca..a5ac7fd 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -309,6 +309,27 @@ spec: value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir value: source + - name: install-tas + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/install-tas.yaml + params: + - name: credentials + value: credentials + - name: repository + value: repository + - name: KUBECONFIG + value: "$(steps.get-kubeconfig.results.kubeconfig)" + - name: workdir + value: source + - name: clusterName + value: "$(tasks.provision-cluster.results.clusterName)" - name: git-clone-tas-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f volumeMounts: diff --git a/stepactions/install-tas.yaml b/stepactions/install-tas.yaml new file mode 100644 index 0000000..192c436 --- /dev/null +++ b/stepactions/install-tas.yaml @@ -0,0 +1,46 @@ +apiVersion: tekton.dev/v1alpha1 +kind: StepAction +metadata: + name: install-tas-from-repository +spec: + description: >- + This StepAction install trusted artifact signer. + image: registry.redhat.io/openshift4/ose-cli + params: + - name: credentials + type: string + description: Name of the volume with credentials. + - name: repository + type: string + description: Volume with resources to be applied. + - name: workdir + type: string + description: Repository home directory. + default: "" + - name: KUBECONFIG + type: string + description: KUBECONFIG path. + - name: clusterName + type: string + description: The name of a ClusterTemplateInstance. + volumeMounts: + - name: "$(params.credentials)" + mountPath: /credentials + - name: "$(params.repository)" + mountPath: /repository + env: + - name: KUBECONFIG + value: "/credentials/$(params.KUBECONFIG)" + - name: WORKDIR + value: "$(params.workdir)" + - name: CLUSTERNAME + value: "$(params.clusterName)" + script: | + echo "Cluster: $CLUSTERNAME" + cd /repository/$WORKDIR + sed -i 's#https://your-oidc-issuer-url#http://${CLUSTERNAME}/auth/realms/trusted-artifact-signer#' config/samples/rhtas_v1alpha1_securesign.yaml + sed -i 's#rhtas.redhat.com/metrics: "true"#rhtas.redhat.com/metrics: "false"#' config/samples/rhtas_v1alpha1_securesign.yaml + oc create ns tas-e2e + oc create -f config/samples/rhtas_v1alpha1_securesign.yaml -n tas-e2e + sleep 1 + oc wait --for=condition=Ready securesign/securesign-sample --timeout=5m -n tas-e2e From 046a9c34f134b8f082dcec8173e85792b2c510ae Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 14:06:10 +0100 Subject: [PATCH 05/57] Installing TAS --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index a5ac7fd..cf21c66 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -316,7 +316,7 @@ spec: - name: url value: https://github.com/securesign/pipelines.git - name: revision - value: main + value: ppinkas/konflux-e2e - name: pathInRepo value: stepactions/install-tas.yaml params: From 0bd6e51dc885bf364f451925d8bee9a7d8040933 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 16:39:51 +0100 Subject: [PATCH 06/57] Running TAS e2e tests --- pipelines/rhtas-operator-e2e.yaml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index cf21c66..b825500 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -339,4 +339,18 @@ spec: cd /repository echo "Cloning TAS e2e tests" git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e - cd sigstore-e2e + - name: execute-tas-e2e + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + onError: continue + volumeMounts: + - name: credentials + mountPath: /credentials + - name: repository + mountPath: /repository + - name: binaries + mountPath: /binaries + - name: dump + mountPath: /dump + script: | + cd /repository/sigstore-e2e + make all From 461585214aad99d8c0c312e083e37d97d640cd9c Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 20:34:21 +0100 Subject: [PATCH 07/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index b825500..20f1779 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -353,4 +353,5 @@ spec: mountPath: /dump script: | cd /repository/sigstore-e2e + go mod vendor make all From c3920be50f148f17f3f82a27233816cb159e787f Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 21:01:21 +0100 Subject: [PATCH 08/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 20f1779..d454b81 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -352,6 +352,7 @@ spec: - name: dump mountPath: /dump script: | + export PATH="$PATH:/binaries" cd /repository/sigstore-e2e go mod vendor make all From 271dcb30e65bcc4eef1059b1188ab6458e4f6e93 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 21:44:48 +0100 Subject: [PATCH 09/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index d454b81..5314525 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -340,7 +340,8 @@ spec: echo "Cloning TAS e2e tests" git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e - name: execute-tas-e2e - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + #image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + image: registry.redhat.io/openshift4/ose-cli onError: continue volumeMounts: - name: credentials @@ -353,6 +354,7 @@ spec: mountPath: /dump script: | export PATH="$PATH:/binaries" + echo "Path: $PATH" cd /repository/sigstore-e2e go mod vendor make all From b56f545a2f02abe1651268341e5ab27579569215 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 22:07:08 +0100 Subject: [PATCH 10/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 5314525..daadf6d 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -355,6 +355,7 @@ spec: script: | export PATH="$PATH:/binaries" echo "Path: $PATH" + source ./tas-env-variables.sh cd /repository/sigstore-e2e go mod vendor make all From 108c1b1295eff411ba1d09bb8db4278d894de6c7 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 22:29:18 +0100 Subject: [PATCH 11/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index daadf6d..36d0d28 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -355,7 +355,7 @@ spec: script: | export PATH="$PATH:/binaries" echo "Path: $PATH" - source ./tas-env-variables.sh cd /repository/sigstore-e2e + source ./tas-env-variables.sh go mod vendor make all From 71677ee6c93ea442426c5aa9aaad112a80a5f53f Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 22:54:16 +0100 Subject: [PATCH 12/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 36d0d28..9f7013d 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -339,10 +339,19 @@ spec: cd /repository echo "Cloning TAS e2e tests" git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e - - name: execute-tas-e2e - #image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + - name: prepare-tas-e2e image: registry.redhat.io/openshift4/ose-cli onError: continue + volumeMounts: + - name: repository + mountPath: /repository + script: | + oc status + cd /repository/sigstore-e2e + make env + - name: execute-tas-e2e + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + onError: continue volumeMounts: - name: credentials mountPath: /credentials @@ -356,6 +365,5 @@ spec: export PATH="$PATH:/binaries" echo "Path: $PATH" cd /repository/sigstore-e2e - source ./tas-env-variables.sh go mod vendor - make all + make build test From d40dfeb2077176a46d8007e244091e3d35e862f4 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 23:26:39 +0100 Subject: [PATCH 13/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 9f7013d..10bc009 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -342,9 +342,27 @@ spec: - name: prepare-tas-e2e image: registry.redhat.io/openshift4/ose-cli onError: continue + params: + - name: credentials + value: credentials + - name: repository + value: repository + - name: KUBECONFIG + value: "$(steps.get-kubeconfig.results.kubeconfig)" + - name: workdir + value: source + - name: clusterName + value: "$(tasks.provision-cluster.results.clusterName)" volumeMounts: - name: repository mountPath: /repository + env: + - name: KUBECONFIG + value: "/credentials/$(params.KUBECONFIG)" + - name: WORKDIR + value: "$(params.workdir)" + - name: CLUSTERNAME + value: "$(params.clusterName)" script: | oc status cd /repository/sigstore-e2e From addba39b58107bfc9f05ad6aa498bb7893112d46 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 23:34:27 +0100 Subject: [PATCH 14/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 10bc009..8c090c6 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -356,13 +356,6 @@ spec: volumeMounts: - name: repository mountPath: /repository - env: - - name: KUBECONFIG - value: "/credentials/$(params.KUBECONFIG)" - - name: WORKDIR - value: "$(params.workdir)" - - name: CLUSTERNAME - value: "$(params.clusterName)" script: | oc status cd /repository/sigstore-e2e From 89a366ad724d81f62b7b35d6e78ce20921e13d7e Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Mon, 10 Mar 2025 23:40:32 +0100 Subject: [PATCH 15/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 8c090c6..1370b24 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -342,20 +342,12 @@ spec: - name: prepare-tas-e2e image: registry.redhat.io/openshift4/ose-cli onError: continue - params: - - name: credentials - value: credentials - - name: repository - value: repository - - name: KUBECONFIG - value: "$(steps.get-kubeconfig.results.kubeconfig)" - - name: workdir - value: source - - name: clusterName - value: "$(tasks.provision-cluster.results.clusterName)" volumeMounts: - name: repository mountPath: /repository + env: + - name: KUBECONFIG + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" script: | oc status cd /repository/sigstore-e2e From 9e93eb7dc032c5b171660ed19307cd467756caf5 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 00:09:44 +0100 Subject: [PATCH 16/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 1370b24..fb52cfa 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -345,9 +345,11 @@ spec: volumeMounts: - name: repository mountPath: /repository + - name: credentials + mountPath: /credentials env: - - name: KUBECONFIG - value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" + - name: KUBECONFIG + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" script: | oc status cd /repository/sigstore-e2e From 69816b54f75572481fa5967b192749cd899f605b Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 09:21:24 +0100 Subject: [PATCH 17/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index fb52cfa..f16ec75 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -353,7 +353,7 @@ spec: script: | oc status cd /repository/sigstore-e2e - make env + ./tas-env-variables.sh > .env - name: execute-tas-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f onError: continue From b129618c5c463d388e62ef0cdd1f936a94741a36 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 10:23:22 +0100 Subject: [PATCH 18/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index f16ec75..8f4bf8b 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -341,7 +341,6 @@ spec: git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e - name: prepare-tas-e2e image: registry.redhat.io/openshift4/ose-cli - onError: continue volumeMounts: - name: repository mountPath: /repository @@ -352,11 +351,11 @@ spec: value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" script: | oc status + oc project tas-e2e cd /repository/sigstore-e2e ./tas-env-variables.sh > .env - name: execute-tas-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - onError: continue volumeMounts: - name: credentials mountPath: /credentials From 365b2e03d2ea6daa91624aaf13aaa950490946f9 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 10:52:56 +0100 Subject: [PATCH 19/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 8f4bf8b..46d82b4 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -365,6 +365,9 @@ spec: mountPath: /binaries - name: dump mountPath: /dump + env: + - name: CLI_STRATEGY + value: "openshift" script: | export PATH="$PATH:/binaries" echo "Path: $PATH" From 4cbfaf6152963176faffdcad5c966ac4a42b1d7d Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 12:12:06 +0100 Subject: [PATCH 20/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 46d82b4..ef26d6b 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -350,8 +350,11 @@ spec: - name: KUBECONFIG value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" script: | + oc version + oc get clusterversion oc status oc project tas-e2e + oc get consoleclidownloads cd /repository/sigstore-e2e ./tas-env-variables.sh > .env - name: execute-tas-e2e From 9f261129fd27db5a8f7d662086ee93270de85c56 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 12:54:35 +0100 Subject: [PATCH 21/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index ef26d6b..7b47f83 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -369,6 +369,8 @@ spec: - name: dump mountPath: /dump env: + - name: KUBECONFIG + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - name: CLI_STRATEGY value: "openshift" script: | From 178ae4f2299fe00f7a6b4d8256dbb1ce6069ac09 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 13:59:55 +0100 Subject: [PATCH 22/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 7b47f83..dd49c03 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -369,6 +369,8 @@ spec: - name: dump mountPath: /dump env: + - name: OIDC_HOST + value: "$(steps.install-keycloak.results.oidc-hostname)" - name: KUBECONFIG value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - name: CLI_STRATEGY @@ -377,5 +379,8 @@ spec: export PATH="$PATH:/binaries" echo "Path: $PATH" cd /repository/sigstore-e2e + export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer + openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert + export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor make build test From 4f3a627008a5886fcb5b55dae3aae8a1764eef9c Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 21:47:47 +0100 Subject: [PATCH 23/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index dd49c03..43e3eb4 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -382,5 +382,7 @@ spec: export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert + podman --version + docker --version go mod vendor make build test From 3ecd7f9492abb1cb665d5c4eeb7e44a11c58bdcf Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 22:59:03 +0100 Subject: [PATCH 24/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 43e3eb4..2a806f6 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -342,10 +342,10 @@ spec: - name: prepare-tas-e2e image: registry.redhat.io/openshift4/ose-cli volumeMounts: - - name: repository - mountPath: /repository - name: credentials mountPath: /credentials + - name: repository + mountPath: /repository env: - name: KUBECONFIG value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" @@ -364,10 +364,6 @@ spec: mountPath: /credentials - name: repository mountPath: /repository - - name: binaries - mountPath: /binaries - - name: dump - mountPath: /dump env: - name: OIDC_HOST value: "$(steps.install-keycloak.results.oidc-hostname)" @@ -382,7 +378,5 @@ spec: export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert - podman --version - docker --version go mod vendor make build test From d241cd7f3934bc7939ebd5bf16f097bd364e129e Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Tue, 11 Mar 2025 23:30:26 +0100 Subject: [PATCH 25/57] Running TAS e2e tests - improvements --- stepactions/install-tas.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/stepactions/install-tas.yaml b/stepactions/install-tas.yaml index 192c436..0896d42 100644 --- a/stepactions/install-tas.yaml +++ b/stepactions/install-tas.yaml @@ -36,7 +36,6 @@ spec: - name: CLUSTERNAME value: "$(params.clusterName)" script: | - echo "Cluster: $CLUSTERNAME" cd /repository/$WORKDIR sed -i 's#https://your-oidc-issuer-url#http://${CLUSTERNAME}/auth/realms/trusted-artifact-signer#' config/samples/rhtas_v1alpha1_securesign.yaml sed -i 's#rhtas.redhat.com/metrics: "true"#rhtas.redhat.com/metrics: "false"#' config/samples/rhtas_v1alpha1_securesign.yaml From 3dc2aa0bc11d4bdc7a8e4c8b0c69aa1c1733750b Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 11:08:31 +0100 Subject: [PATCH 26/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 2a806f6..bf92508 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -379,4 +379,5 @@ spec: openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor - make build test + make build + go test -v ./test/tuftool From 4d23eb80f87b6b1947d018916ab7364ea0678c23 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 11:39:08 +0100 Subject: [PATCH 27/57] Running TAS e2e tests - improvements --- stepactions/install-tas.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stepactions/install-tas.yaml b/stepactions/install-tas.yaml index 0896d42..2d8aecc 100644 --- a/stepactions/install-tas.yaml +++ b/stepactions/install-tas.yaml @@ -42,4 +42,4 @@ spec: oc create ns tas-e2e oc create -f config/samples/rhtas_v1alpha1_securesign.yaml -n tas-e2e sleep 1 - oc wait --for=condition=Ready securesign/securesign-sample --timeout=5m -n tas-e2e + oc wait --for=condition=Ready securesign/securesign-sample --timeout=9m -n tas-e2e From 125cbcdd6c6ab54c7db4ea52b3338a62ece04945 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 12:14:52 +0100 Subject: [PATCH 28/57] Running TAS e2e tests - improvements --- stepactions/install-tas.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/stepactions/install-tas.yaml b/stepactions/install-tas.yaml index 2d8aecc..7c7212f 100644 --- a/stepactions/install-tas.yaml +++ b/stepactions/install-tas.yaml @@ -43,3 +43,4 @@ spec: oc create -f config/samples/rhtas_v1alpha1_securesign.yaml -n tas-e2e sleep 1 oc wait --for=condition=Ready securesign/securesign-sample --timeout=9m -n tas-e2e + oc get pods From 4b32c9dece0ca6e72128ae154d6ee37b6e173c6c Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 12:44:51 +0100 Subject: [PATCH 29/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +++ stepactions/install-tas.yaml | 1 - 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index bf92508..5366848 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -319,6 +319,7 @@ spec: value: ppinkas/konflux-e2e - name: pathInRepo value: stepactions/install-tas.yaml + onError: continue params: - name: credentials value: credentials @@ -332,6 +333,7 @@ spec: value: "$(tasks.provision-cluster.results.clusterName)" - name: git-clone-tas-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + onError: continue volumeMounts: - name: repository mountPath: /repository @@ -355,6 +357,7 @@ spec: oc status oc project tas-e2e oc get consoleclidownloads + oc get pods cd /repository/sigstore-e2e ./tas-env-variables.sh > .env - name: execute-tas-e2e diff --git a/stepactions/install-tas.yaml b/stepactions/install-tas.yaml index 7c7212f..2d8aecc 100644 --- a/stepactions/install-tas.yaml +++ b/stepactions/install-tas.yaml @@ -43,4 +43,3 @@ spec: oc create -f config/samples/rhtas_v1alpha1_securesign.yaml -n tas-e2e sleep 1 oc wait --for=condition=Ready securesign/securesign-sample --timeout=9m -n tas-e2e - oc get pods From ecc5a78cb8029d56e08288e9d8c31917c8f85435 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 13:00:48 +0100 Subject: [PATCH 30/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 5366848..aafa8c0 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -310,6 +310,7 @@ spec: - name: workdir value: source - name: install-tas + onError: continue ref: resolver: git params: @@ -319,7 +320,6 @@ spec: value: ppinkas/konflux-e2e - name: pathInRepo value: stepactions/install-tas.yaml - onError: continue params: - name: credentials value: credentials From 7ba69189c06574484b3bb64b17869f860cec4d82 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 22:13:51 +0100 Subject: [PATCH 31/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 163 ++++++++++++++++++++---------- 1 file changed, 108 insertions(+), 55 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index aafa8c0..0dbc7d1 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -232,8 +232,7 @@ spec: - input: "$(tasks.parse-metadata.results.component)" operator: in values: [ "fbc-v4-17", "fbc-v4-16", "fbc-v4-15", "fbc-v4-14", "fbc-v4-13" ] - - name: run-e2e - runAfter: + - name: prepare-tests # run after either one - install-operator-from-image - install-operator-from-bundle @@ -242,6 +241,11 @@ spec: - name: namespace value: "$(params.NAMESPACE)" taskSpec: + results: + - name: kubeconfig + value: "$(steps.get-kubeconfig.results.kubeconfig)" + - name: oidc-hostname + value: "$(steps.install-keycloak.results.oidc-hostname)" volumes: - name: credentials emptyDir: { } @@ -306,81 +310,130 @@ spec: - name: repository value: repository - name: KUBECONFIG - value: "$(steps.get-kubeconfig.results.kubeconfig)" + value: "$(tasks.prepare-tests.results.kubeconfig)" - name: workdir value: source - - name: install-tas - onError: continue + - name: run-e2e + runAfter: + # run after either one + - prepare-tests + params: + - name: namespace + value: "$(params.NAMESPACE)" + taskSpec: + volumes: + - name: credentials + emptyDir: { } + - name: repository + emptyDir: { } + - name: binaries + emptyDir: { } + - name: dump + emptyDir: { } + - name: push-creds + secret: + secretName: securesign-test-dump-oci + steps: + - name: get-tuftool ref: resolver: git params: - name: url value: https://github.com/securesign/pipelines.git - name: revision - value: ppinkas/konflux-e2e + value: main - name: pathInRepo - value: stepactions/install-tas.yaml + value: stepactions/extract-tuftool.yaml params: - - name: credentials - value: credentials - - name: repository - value: repository - - name: KUBECONFIG - value: "$(steps.get-kubeconfig.results.kubeconfig)" - - name: workdir - value: source - - name: clusterName - value: "$(tasks.provision-cluster.results.clusterName)" - - name: git-clone-tas-e2e + - name: volume + value: binaries + - name: get-cosign + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/extract-cosign.yaml + params: + - name: volume + value: binaries + - name: execute-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f onError: continue - volumeMounts: - - name: repository - mountPath: /repository - script: | - cd /repository - echo "Cloning TAS e2e tests" - git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e - - name: prepare-tas-e2e - image: registry.redhat.io/openshift4/ose-cli - volumeMounts: - - name: credentials - mountPath: /credentials - - name: repository - mountPath: /repository + results: + - name: status + type: string env: + - name: OIDC_HOST + value: "$(tasks.prepare-tests.results.oidc-hostname)" - name: KUBECONFIG - value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - script: | - oc version - oc get clusterversion - oc status - oc project tas-e2e - oc get consoleclidownloads - oc get pods - cd /repository/sigstore-e2e - ./tas-env-variables.sh > .env - - name: execute-tas-e2e - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + - name: CI + value: "true" volumeMounts: - name: credentials mountPath: /credentials - name: repository mountPath: /repository - env: - - name: OIDC_HOST - value: "$(steps.install-keycloak.results.oidc-hostname)" - - name: KUBECONFIG - value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - - name: CLI_STRATEGY - value: "openshift" + - name: binaries + mountPath: /binaries + - name: dump + mountPath: /dump script: | + #!/bin/sh + set +e -o pipefail + cd /repository/source export PATH="$PATH:/binaries" - echo "Path: $PATH" - cd /repository/sigstore-e2e export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor - make build - go test -v ./test/tuftool + #make test-e2e | tee /dump/testOutput.log + + if [ $? -eq 0 ]; then + echo -n "success" > "$(step.results.status.path)" + else + cp test/**/k8s-dump-*.tar.gz /dump + echo "Dumping files:" + ls /dump + echo -n "fail" > "$(step.results.status.path)" + exit 1 + fi + - name: secure-push-oci + when: + - input: "$(steps.execute-e2e.results.status)" + operator: notin + values: [ "success" ] + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/secure-push-oci.yaml + params: + - name: oci-ref + value: "quay.io/securesign/test-dump-oci:$(tasks.parse-metadata.results.git-revision)" + - name: credentials-volume-name + value: push-creds + - name: artifacts-volume-name + value: dump + - name: oci-tag-expiration + value: 1d + # workaround - extract dump-push step to separate action once KONFLUX-5535 is resolved + - name: report-status + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + env: + - name: STATUS + value: "$(steps.execute-e2e.results.status)" + script: | + #!/bin/bash + if [ "$STATUS" != "success" ]; then + echo "Test failure" + exit 1 + fi From 8d868c5df8bb89665f4d0223fca90788c8e28184 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 22:18:24 +0100 Subject: [PATCH 32/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 0dbc7d1..b930f86 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -310,7 +310,7 @@ spec: - name: repository value: repository - name: KUBECONFIG - value: "$(tasks.prepare-tests.results.kubeconfig)" + value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir value: source - name: run-e2e From 435830a806fccc5bc1adddf67cc17ca6ddc6f0e8 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 22:27:17 +0100 Subject: [PATCH 33/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index b930f86..8f564fd 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -271,7 +271,7 @@ spec: value: stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml params: - name: eaasSpaceSecretRef - value: $(tasks.provision-eaas-space.results.secretRef) + value: "$(tasks.provision-eaas-space.results.secretRef)" - name: clusterName value: "$(tasks.provision-cluster.results.clusterName)" - name: credentials From 5d13eb3ed8ffb259a00e69178ea173df4890b197 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 22:35:47 +0100 Subject: [PATCH 34/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 35 +++++-------------------------- 1 file changed, 5 insertions(+), 30 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 8f564fd..f9c95bc 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -232,7 +232,8 @@ spec: - input: "$(tasks.parse-metadata.results.component)" operator: in values: [ "fbc-v4-17", "fbc-v4-16", "fbc-v4-15", "fbc-v4-14", "fbc-v4-13" ] - - name: prepare-tests + - name: run-e2e + runAfter: # run after either one - install-operator-from-image - install-operator-from-bundle @@ -241,11 +242,6 @@ spec: - name: namespace value: "$(params.NAMESPACE)" taskSpec: - results: - - name: kubeconfig - value: "$(steps.get-kubeconfig.results.kubeconfig)" - - name: oidc-hostname - value: "$(steps.install-keycloak.results.oidc-hostname)" volumes: - name: credentials emptyDir: { } @@ -271,7 +267,7 @@ spec: value: stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml params: - name: eaasSpaceSecretRef - value: "$(tasks.provision-eaas-space.results.secretRef)" + value: $(tasks.provision-eaas-space.results.secretRef) - name: clusterName value: "$(tasks.provision-cluster.results.clusterName)" - name: credentials @@ -313,27 +309,6 @@ spec: value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir value: source - - name: run-e2e - runAfter: - # run after either one - - prepare-tests - params: - - name: namespace - value: "$(params.NAMESPACE)" - taskSpec: - volumes: - - name: credentials - emptyDir: { } - - name: repository - emptyDir: { } - - name: binaries - emptyDir: { } - - name: dump - emptyDir: { } - - name: push-creds - secret: - secretName: securesign-test-dump-oci - steps: - name: get-tuftool ref: resolver: git @@ -368,9 +343,9 @@ spec: type: string env: - name: OIDC_HOST - value: "$(tasks.prepare-tests.results.oidc-hostname)" + value: "$(steps.install-keycloak.results.oidc-hostname)" - name: KUBECONFIG - value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - name: CI value: "true" volumeMounts: From 52dadf5280a85b80d559a78937d950c818b35bbe Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 23:10:08 +0100 Subject: [PATCH 35/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 40 ++++++++++++++++++++++++++++++- 1 file changed, 39 insertions(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index f9c95bc..84487dd 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -232,7 +232,7 @@ spec: - input: "$(tasks.parse-metadata.results.component)" operator: in values: [ "fbc-v4-17", "fbc-v4-16", "fbc-v4-15", "fbc-v4-14", "fbc-v4-13" ] - - name: run-e2e + - name: prepare-tests runAfter: # run after either one - install-operator-from-image @@ -241,6 +241,44 @@ spec: params: - name: namespace value: "$(params.NAMESPACE)" + taskSpec: + volumes: + - name: credentials + emptyDir: { } + - name: repository + emptyDir: { } + - name: binaries + emptyDir: { } + - name: dump + emptyDir: { } + - name: push-creds + secret: + secretName: securesign-test-dump-oci + steps: + - name: get-kubeconfig + ref: + resolver: git + params: + - name: url + value: https://github.com/konflux-ci/build-definitions.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml + params: + - name: eaasSpaceSecretRef + value: $(tasks.provision-eaas-space.results.secretRef) + - name: clusterName + value: "$(tasks.provision-cluster.results.clusterName)" + - name: credentials + value: credentials + # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task + - name: run-e2e + runAfter: + - prepare-tests + params: + - name: namespace + value: "$(params.NAMESPACE)" taskSpec: volumes: - name: credentials From 7ed0dc6b2c0df352ac29481f1fd3fc956b2144b4 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 23:40:43 +0100 Subject: [PATCH 36/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 84487dd..6f197ea 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -242,6 +242,9 @@ spec: - name: namespace value: "$(params.NAMESPACE)" taskSpec: + results: + - name: kubeconfig + value: "$(steps.get-kubeconfig.results.kubeconfig)" volumes: - name: credentials emptyDir: { } From 15c8e7ac5a407727121f48a734fe6f1bc8434e70 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Wed, 12 Mar 2025 23:58:13 +0100 Subject: [PATCH 37/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 21 ++------------------- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 6f197ea..8fefc09 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -296,23 +296,6 @@ spec: secret: secretName: securesign-test-dump-oci steps: - - name: get-kubeconfig - ref: - resolver: git - params: - - name: url - value: https://github.com/konflux-ci/build-definitions.git - - name: revision - value: main - - name: pathInRepo - value: stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml - params: - - name: eaasSpaceSecretRef - value: $(tasks.provision-eaas-space.results.secretRef) - - name: clusterName - value: "$(tasks.provision-cluster.results.clusterName)" - - name: credentials - value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f @@ -347,7 +330,7 @@ spec: - name: repository value: repository - name: KUBECONFIG - value: "$(steps.get-kubeconfig.results.kubeconfig)" + value: "$(tasks.prepare-tests.results.kubeconfig)" - name: workdir value: source - name: get-tuftool @@ -386,7 +369,7 @@ spec: - name: OIDC_HOST value: "$(steps.install-keycloak.results.oidc-hostname)" - name: KUBECONFIG - value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" + value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" - name: CI value: "true" volumeMounts: From 5f52e6415443f9ec0a1b3d348cf9e068be2dee9d Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 00:20:23 +0100 Subject: [PATCH 38/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 47 ++++++++++++++++--------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 8fefc09..1e5e56c 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -245,6 +245,8 @@ spec: results: - name: kubeconfig value: "$(steps.get-kubeconfig.results.kubeconfig)" + - name: oidc-hostname + value: "$(steps.install-keycloak.results.oidc-hostname)" volumes: - name: credentials emptyDir: { } @@ -276,27 +278,6 @@ spec: - name: credentials value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - - name: run-e2e - runAfter: - - prepare-tests - params: - - name: namespace - value: "$(params.NAMESPACE)" - taskSpec: - volumes: - - name: credentials - emptyDir: { } - - name: repository - emptyDir: { } - - name: binaries - emptyDir: { } - - name: dump - emptyDir: { } - - name: push-creds - secret: - secretName: securesign-test-dump-oci - steps: - # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f volumeMounts: @@ -330,9 +311,29 @@ spec: - name: repository value: repository - name: KUBECONFIG - value: "$(tasks.prepare-tests.results.kubeconfig)" + value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir value: source + - name: run-e2e + runAfter: + - prepare-tests + params: + - name: namespace + value: "$(params.NAMESPACE)" + taskSpec: + volumes: + - name: credentials + emptyDir: { } + - name: repository + emptyDir: { } + - name: binaries + emptyDir: { } + - name: dump + emptyDir: { } + - name: push-creds + secret: + secretName: securesign-test-dump-oci + steps: - name: get-tuftool ref: resolver: git @@ -367,7 +368,7 @@ spec: type: string env: - name: OIDC_HOST - value: "$(steps.install-keycloak.results.oidc-hostname)" + value: "$(tasks.prepare-tests.results.oidc-hostname)" - name: KUBECONFIG value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" - name: CI From 269543b8b16e34259e3995537b7a1c187b4cc91b Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 00:50:05 +0100 Subject: [PATCH 39/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 1e5e56c..27a66aa 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -360,6 +360,24 @@ spec: params: - name: volume value: binaries + # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task + - name: git-clone + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + volumeMounts: + - name: repository + mountPath: /repository + script: | + cd /repository + if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then + echo "Cloning from $(tasks.parse-metadata.results.git-url)" + git clone "$(tasks.parse-metadata.results.git-url)" source + cd source + git checkout $(tasks.parse-metadata.results.git-revision) + else + echo "Cloning from default url" + git clone "https://github.com/securesign/secure-sign-operator.git" source + cd source + fi - name: execute-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f onError: continue From 244b136ecca199cd2b76d72d3c3c89c097fd95da Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 01:16:07 +0100 Subject: [PATCH 40/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 112 ++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 27a66aa..92b42da 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -455,3 +455,115 @@ spec: echo "Test failure" exit 1 fi + - name: run-tas-e2e + runAfter: + - prepare-tests + params: + - name: namespace + value: "$(params.NAMESPACE)" + taskSpec: + volumes: + - name: credentials + emptyDir: { } + - name: repository + emptyDir: { } + - name: binaries + emptyDir: { } + - name: dump + emptyDir: { } + - name: push-creds + secret: + secretName: securesign-test-dump-oci + steps: + - name: git-clone + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + volumeMounts: + - name: repository + mountPath: /repository + script: | + cd /repository + if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then + echo "Cloning from $(tasks.parse-metadata.results.git-url)" + git clone "$(tasks.parse-metadata.results.git-url)" source + cd source + git checkout $(tasks.parse-metadata.results.git-revision) + else + echo "Cloning from default url" + git clone "https://github.com/securesign/secure-sign-operator.git" source + cd source + fi + - name: install-tas + onError: continue + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/install-tas.yaml + params: + - name: credentials + value: credentials + - name: repository + value: repository + - name: KUBECONFIG + value: "$(tasks.prepare-tests.results.kubeconfig)" + - name: workdir + value: source + - name: clusterName + value: "$(tasks.provision-cluster.results.clusterName)" + - name: git-clone-tas-e2e + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + onError: continue + volumeMounts: + - name: repository + mountPath: /repository + script: | + cd /repository + echo "Cloning TAS e2e tests" + git clone "https://github.com/securesign/sigstore-e2e" sigstore-e2e + - name: prepare-tas-e2e + image: registry.redhat.io/openshift4/ose-cli + volumeMounts: + - name: credentials + mountPath: /credentials + - name: repository + mountPath: /repository + env: + - name: KUBECONFIG + value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + script: | + oc version + oc get clusterversion + oc status + oc project tas-e2e + oc get consoleclidownloads + oc get pods + cd /repository/sigstore-e2e + ./tas-env-variables.sh > .env + - name: execute-tas-e2e + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + volumeMounts: + - name: credentials + mountPath: /credentials + - name: repository + mountPath: /repository + env: + - name: OIDC_HOST + value: "$(tasks.prepare-tests.results.oidc-hostname)" + - name: KUBECONFIG + value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + - name: CLI_STRATEGY + value: "openshift" + script: | + export PATH="$PATH:/binaries" + echo "Path: $PATH" + cd /repository/sigstore-e2e + export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer + openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert + export SSL_CERT_FILE=/tmp/ssl.cert + go mod vendor + make build + go test -v ./test/tuftool \ No newline at end of file From 7256983764f4a210f873dc61d9dc8de47b5d317a Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 01:34:03 +0100 Subject: [PATCH 41/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 92b42da..1882029 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -536,8 +536,6 @@ spec: value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" script: | oc version - oc get clusterversion - oc status oc project tas-e2e oc get consoleclidownloads oc get pods From 56b0781f3f4319cd8b431d782508f87f51f495b2 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 02:03:16 +0100 Subject: [PATCH 42/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 1882029..21c1a69 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -409,7 +409,7 @@ spec: openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor - #make test-e2e | tee /dump/testOutput.log + make test-e2e | tee /dump/testOutput.log if [ $? -eq 0 ]; then echo -n "success" > "$(step.results.status.path)" From 24a8112c510c8cf399ed11b198359a6e86fe7c5a Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 11:15:03 +0100 Subject: [PATCH 43/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 44 ++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 6 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 21c1a69..c97e7ac 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -243,8 +243,6 @@ spec: value: "$(params.NAMESPACE)" taskSpec: results: - - name: kubeconfig - value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: oidc-hostname value: "$(steps.install-keycloak.results.oidc-hostname)" volumes: @@ -360,6 +358,23 @@ spec: params: - name: volume value: binaries + - name: get-kubeconfig + ref: + resolver: git + params: + - name: url + value: https://github.com/konflux-ci/build-definitions.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml + params: + - name: eaasSpaceSecretRef + value: $(tasks.provision-eaas-space.results.secretRef) + - name: clusterName + value: "$(tasks.provision-cluster.results.clusterName)" + - name: credentials + value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f @@ -388,7 +403,7 @@ spec: - name: OIDC_HOST value: "$(tasks.prepare-tests.results.oidc-hostname)" - name: KUBECONFIG - value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - name: CI value: "true" volumeMounts: @@ -475,6 +490,23 @@ spec: secret: secretName: securesign-test-dump-oci steps: + - name: get-kubeconfig + ref: + resolver: git + params: + - name: url + value: https://github.com/konflux-ci/build-definitions.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/eaas-get-ephemeral-cluster-credentials/0.1/eaas-get-ephemeral-cluster-credentials.yaml + params: + - name: eaasSpaceSecretRef + value: $(tasks.provision-eaas-space.results.secretRef) + - name: clusterName + value: "$(tasks.provision-cluster.results.clusterName)" + - name: credentials + value: credentials - name: git-clone image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f volumeMounts: @@ -509,7 +541,7 @@ spec: - name: repository value: repository - name: KUBECONFIG - value: "$(tasks.prepare-tests.results.kubeconfig)" + value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir value: source - name: clusterName @@ -533,7 +565,7 @@ spec: mountPath: /repository env: - name: KUBECONFIG - value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" script: | oc version oc project tas-e2e @@ -552,7 +584,7 @@ spec: - name: OIDC_HOST value: "$(tasks.prepare-tests.results.oidc-hostname)" - name: KUBECONFIG - value: "/credentials/$(tasks.prepare-tests.results.kubeconfig)" + value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" - name: CLI_STRATEGY value: "openshift" script: | From f616617f27d9c571131a382093548afb9272fe36 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 12:04:41 +0100 Subject: [PATCH 44/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 32 ++++++++++++++-------------- stepactions/git-clone-operator.yaml | 33 +++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 16 deletions(-) create mode 100644 stepactions/git-clone-operator.yaml diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index c97e7ac..7bee103 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -277,22 +277,22 @@ spec: value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - volumeMounts: - - name: repository - mountPath: /repository - script: | - cd /repository - if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then - echo "Cloning from $(tasks.parse-metadata.results.git-url)" - git clone "$(tasks.parse-metadata.results.git-url)" source - cd source - git checkout $(tasks.parse-metadata.results.git-revision) - else - echo "Cloning from default url" - git clone "https://github.com/securesign/secure-sign-operator.git" source - cd source - fi + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/git-clone-operator.yaml + params: + - name: operator-component + value: "$(tasks.parse-metadata.results.component)" + - name: git-url + value: "$(tasks.parse-metadata.results.git-url)" + - name: git-revision + value: "$(tasks.parse-metadata.results.git-revision)" - name: install-keycloak ref: resolver: git diff --git a/stepactions/git-clone-operator.yaml b/stepactions/git-clone-operator.yaml new file mode 100644 index 0000000..f0ff736 --- /dev/null +++ b/stepactions/git-clone-operator.yaml @@ -0,0 +1,33 @@ +apiVersion: tekton.dev/v1alpha1 +kind: StepAction +metadata: + name: git-clone-operator +spec: + description: >- + This StepAction clones operator repository. + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + params: + - name: operator-component + type: string + description: Operator component used (operator, operator-bundle, ...). + - name: git-url + type: string + description: Operator repository url. + - name: git-revision + type: string + description: Operator repository revision. + volumeMounts: + - name: repository + mountPath: /repository + script: | + cd /repository + if [[ "$(params.operator-component)" == "rhtas-operator" || "$(params.operator-component)" == "rhtas-operator-bundle" ]]; then + echo "Cloning from $(params.git-url)" + git clone "$(params.git-url)" source + cd source + git checkout $(params.git-revision) + else + echo "Cloning from default url" + git clone "https://github.com/securesign/secure-sign-operator.git" source + cd source + fi From ce1fb4303a4ae641b02de9e4e9079e1c018d5337 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 12:48:20 +0100 Subject: [PATCH 45/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 21 +++++++++++++++++++++ stepactions/git-clone-operator.yaml | 25 ++++++++++++++----------- 2 files changed, 35 insertions(+), 11 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 7bee103..1e1c0c7 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -19,6 +19,25 @@ spec: default: default type: string tasks: + - name: git-clone + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/git-clone-operator.yaml + params: + - name: operator-component + value: "$(tasks.parse-metadata.results.component)" + - name: git-url + value: "$(tasks.parse-metadata.results.git-url)" + - name: git-revision + value: "$(tasks.parse-metadata.results.git-revision)" + - name: repository + value: repository - name: parse-metadata taskRef: resolver: git @@ -293,6 +312,8 @@ spec: value: "$(tasks.parse-metadata.results.git-url)" - name: git-revision value: "$(tasks.parse-metadata.results.git-revision)" + - name: repository + value: repository - name: install-keycloak ref: resolver: git diff --git a/stepactions/git-clone-operator.yaml b/stepactions/git-clone-operator.yaml index f0ff736..17bfc38 100644 --- a/stepactions/git-clone-operator.yaml +++ b/stepactions/git-clone-operator.yaml @@ -7,6 +7,9 @@ spec: This StepAction clones operator repository. image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f params: + - name: repository + type: string + description: Volume with resources to be applied. - name: operator-component type: string description: Operator component used (operator, operator-bundle, ...). @@ -17,17 +20,17 @@ spec: type: string description: Operator repository revision. volumeMounts: - - name: repository + - name: "$(params.repository)" mountPath: /repository script: | cd /repository - if [[ "$(params.operator-component)" == "rhtas-operator" || "$(params.operator-component)" == "rhtas-operator-bundle" ]]; then - echo "Cloning from $(params.git-url)" - git clone "$(params.git-url)" source - cd source - git checkout $(params.git-revision) - else - echo "Cloning from default url" - git clone "https://github.com/securesign/secure-sign-operator.git" source - cd source - fi + if [[ "$(params.operator-component)" == "rhtas-operator" || "$(params.operator-component)" == "rhtas-operator-bundle" ]]; then + echo "Cloning from $(params.git-url)" + git clone "$(params.git-url)" source + cd source + git checkout $(params.git-revision) + else + echo "Cloning from default url" + git clone "https://github.com/securesign/secure-sign-operator.git" source + cd source + fi From d257d43471f97edbe0f6ab696303f314da10cfa9 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 12:58:51 +0100 Subject: [PATCH 46/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 1e1c0c7..59fe8d0 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -74,6 +74,25 @@ spec: - name: clusterName value: "$(steps.create-cluster.results.clusterName)" steps: + - name: git-clone + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/git-clone-operator.yaml + params: + - name: operator-component + value: "$(tasks.parse-metadata.results.component)" + - name: git-url + value: "$(tasks.parse-metadata.results.git-url)" + - name: git-revision + value: "$(tasks.parse-metadata.results.git-revision)" + - name: repository + value: repository - name: pick-version ref: resolver: git From b6493bff7c7ed7cf208a1351f75a6bd7ba0abc64 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 13:06:13 +0100 Subject: [PATCH 47/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 58 +++++++++++++++---------------- 1 file changed, 28 insertions(+), 30 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 59fe8d0..ec4ac8f 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -74,6 +74,19 @@ spec: - name: clusterName value: "$(steps.create-cluster.results.clusterName)" steps: + - name: pick-version + ref: + resolver: git + params: + - name: url + value: https://github.com/konflux-ci/build-definitions.git + - name: revision + value: main + - name: pathInRepo + value: stepactions/eaas-get-latest-openshift-version-by-prefix/0.1/eaas-get-latest-openshift-version-by-prefix.yaml + params: + - name: prefix + value: "$(params.OCP_VERSION)" - name: git-clone ref: resolver: git @@ -93,19 +106,6 @@ spec: value: "$(tasks.parse-metadata.results.git-revision)" - name: repository value: repository - - name: pick-version - ref: - resolver: git - params: - - name: url - value: https://github.com/konflux-ci/build-definitions.git - - name: revision - value: main - - name: pathInRepo - value: stepactions/eaas-get-latest-openshift-version-by-prefix/0.1/eaas-get-latest-openshift-version-by-prefix.yaml - params: - - name: prefix - value: "$(params.OCP_VERSION)" - name: create-cluster ref: resolver: git @@ -315,24 +315,22 @@ spec: value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone - ref: - resolver: git - params: - - name: url - value: https://github.com/securesign/pipelines.git - - name: revision - value: ppinkas/konflux-e2e - - name: pathInRepo - value: stepactions/git-clone-operator.yaml - params: - - name: operator-component - value: "$(tasks.parse-metadata.results.component)" - - name: git-url - value: "$(tasks.parse-metadata.results.git-url)" - - name: git-revision - value: "$(tasks.parse-metadata.results.git-revision)" + image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f + volumeMounts: - name: repository - value: repository + mountPath: /repository + script: | + cd /repository + if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then + echo "Cloning from $(tasks.parse-metadata.results.git-url)" + git clone "$(tasks.parse-metadata.results.git-url)" source + cd source + git checkout $(tasks.parse-metadata.results.git-revision) + else + echo "Cloning from default url" + git clone "https://github.com/securesign/secure-sign-operator.git" source + cd source + fi - name: install-keycloak ref: resolver: git From 7c1f42e9006959ba9372cc1a87f081f936f10a7f Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 13:08:37 +0100 Subject: [PATCH 48/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index ec4ac8f..2e5eccc 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -19,25 +19,6 @@ spec: default: default type: string tasks: - - name: git-clone - ref: - resolver: git - params: - - name: url - value: https://github.com/securesign/pipelines.git - - name: revision - value: ppinkas/konflux-e2e - - name: pathInRepo - value: stepactions/git-clone-operator.yaml - params: - - name: operator-component - value: "$(tasks.parse-metadata.results.component)" - - name: git-url - value: "$(tasks.parse-metadata.results.git-url)" - - name: git-revision - value: "$(tasks.parse-metadata.results.git-revision)" - - name: repository - value: repository - name: parse-metadata taskRef: resolver: git From 1a5700accf30ee2dcbd2acf36e823632267e4fe6 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 13:15:27 +0100 Subject: [PATCH 49/57] Running TAS e2e tests - improvements --- stepactions/git-clone-operator.yaml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/stepactions/git-clone-operator.yaml b/stepactions/git-clone-operator.yaml index 17bfc38..9245a47 100644 --- a/stepactions/git-clone-operator.yaml +++ b/stepactions/git-clone-operator.yaml @@ -22,13 +22,20 @@ spec: volumeMounts: - name: "$(params.repository)" mountPath: /repository + env: + - name: OPERATOR_COMPONENT + value: "$(params.operator-component)" + - name: GIT_URL + value: "$(params.git-url)" + - name: GIT_REVISION + value: "$(params.git-revision)" script: | cd /repository - if [[ "$(params.operator-component)" == "rhtas-operator" || "$(params.operator-component)" == "rhtas-operator-bundle" ]]; then - echo "Cloning from $(params.git-url)" - git clone "$(params.git-url)" source + if [[ "$OPERATOR_COMPONENT" == "rhtas-operator" || "$OPERATOR_COMPONENT" == "rhtas-operator-bundle" ]]; then + echo "Cloning from $GIT_URL" + git clone $GIT_URL source cd source - git checkout $(params.git-revision) + git checkout $GIT_REVISION else echo "Cloning from default url" git clone "https://github.com/securesign/secure-sign-operator.git" source From 1dc04fcda6f94e155523045f9a3e6f9a410df991 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 13:22:20 +0100 Subject: [PATCH 50/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 2e5eccc..a0d9892 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -54,6 +54,9 @@ spec: results: - name: clusterName value: "$(steps.create-cluster.results.clusterName)" + volumes: + - name: repository + emptyDir: { } steps: - name: pick-version ref: From 9a0aa1bf82b22c1cffd17a63a0a02c0396c349af Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 13:27:24 +0100 Subject: [PATCH 51/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 118 +++++++++++++----------------- 1 file changed, 51 insertions(+), 67 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index a0d9892..10dc2f9 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -54,9 +54,6 @@ spec: results: - name: clusterName value: "$(steps.create-cluster.results.clusterName)" - volumes: - - name: repository - emptyDir: { } steps: - name: pick-version ref: @@ -71,25 +68,6 @@ spec: params: - name: prefix value: "$(params.OCP_VERSION)" - - name: git-clone - ref: - resolver: git - params: - - name: url - value: https://github.com/securesign/pipelines.git - - name: revision - value: ppinkas/konflux-e2e - - name: pathInRepo - value: stepactions/git-clone-operator.yaml - params: - - name: operator-component - value: "$(tasks.parse-metadata.results.component)" - - name: git-url - value: "$(tasks.parse-metadata.results.git-url)" - - name: git-revision - value: "$(tasks.parse-metadata.results.git-revision)" - - name: repository - value: repository - name: create-cluster ref: resolver: git @@ -299,22 +277,24 @@ spec: value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - volumeMounts: + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/git-clone-operator.yaml + params: + - name: operator-component + value: "$(tasks.parse-metadata.results.component)" + - name: git-url + value: "$(tasks.parse-metadata.results.git-url)" + - name: git-revision + value: "$(tasks.parse-metadata.results.git-revision)" - name: repository - mountPath: /repository - script: | - cd /repository - if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then - echo "Cloning from $(tasks.parse-metadata.results.git-url)" - git clone "$(tasks.parse-metadata.results.git-url)" source - cd source - git checkout $(tasks.parse-metadata.results.git-revision) - else - echo "Cloning from default url" - git clone "https://github.com/securesign/secure-sign-operator.git" source - cd source - fi + value: repository - name: install-keycloak ref: resolver: git @@ -399,22 +379,24 @@ spec: value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - name: git-clone - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - volumeMounts: + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/git-clone-operator.yaml + params: + - name: operator-component + value: "$(tasks.parse-metadata.results.component)" + - name: git-url + value: "$(tasks.parse-metadata.results.git-url)" + - name: git-revision + value: "$(tasks.parse-metadata.results.git-revision)" - name: repository - mountPath: /repository - script: | - cd /repository - if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then - echo "Cloning from $(tasks.parse-metadata.results.git-url)" - git clone "$(tasks.parse-metadata.results.git-url)" source - cd source - git checkout $(tasks.parse-metadata.results.git-revision) - else - echo "Cloning from default url" - git clone "https://github.com/securesign/secure-sign-operator.git" source - cd source - fi + value: repository - name: execute-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f onError: continue @@ -530,22 +512,24 @@ spec: - name: credentials value: credentials - name: git-clone - image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f - volumeMounts: + ref: + resolver: git + params: + - name: url + value: https://github.com/securesign/pipelines.git + - name: revision + value: ppinkas/konflux-e2e + - name: pathInRepo + value: stepactions/git-clone-operator.yaml + params: + - name: operator-component + value: "$(tasks.parse-metadata.results.component)" + - name: git-url + value: "$(tasks.parse-metadata.results.git-url)" + - name: git-revision + value: "$(tasks.parse-metadata.results.git-revision)" - name: repository - mountPath: /repository - script: | - cd /repository - if [[ "$(tasks.parse-metadata.results.component)" == "rhtas-operator" || "$(tasks.parse-metadata.results.component)" == "rhtas-operator-bundle" ]]; then - echo "Cloning from $(tasks.parse-metadata.results.git-url)" - git clone "$(tasks.parse-metadata.results.git-url)" source - cd source - git checkout $(tasks.parse-metadata.results.git-revision) - else - echo "Cloning from default url" - git clone "https://github.com/securesign/secure-sign-operator.git" source - cd source - fi + value: repository - name: install-tas onError: continue ref: From 668579ca07b617e0d0291b44f82feaabf072e144 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 13:28:47 +0100 Subject: [PATCH 52/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 10dc2f9..dd6583e 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -428,7 +428,7 @@ spec: openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor - make test-e2e | tee /dump/testOutput.log + #make test-e2e | tee /dump/testOutput.log if [ $? -eq 0 ]; then echo -n "success" > "$(step.results.status.path)" From f77900dae6b8c928d86aee5e49a05ff3196715d0 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 22:35:01 +0100 Subject: [PATCH 53/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index dd6583e..9619f30 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -276,7 +276,7 @@ spec: - name: credentials value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - - name: git-clone + - name: git-clone-operator ref: resolver: git params: @@ -378,7 +378,7 @@ spec: - name: credentials value: credentials # workaround - IntegrationTest pipelines does not support workspaces ATM - it is not possible to use git-clone task - - name: git-clone + - name: git-clone-operator ref: resolver: git params: @@ -511,7 +511,7 @@ spec: value: "$(tasks.provision-cluster.results.clusterName)" - name: credentials value: credentials - - name: git-clone + - name: git-clone-operator ref: resolver: git params: From 13ae1798ade06d8acb8287ccdc71f3e996012e77 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 23:17:00 +0100 Subject: [PATCH 54/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 9619f30..cf2a925 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -314,7 +314,7 @@ spec: value: "$(steps.get-kubeconfig.results.kubeconfig)" - name: workdir value: source - - name: run-e2e + - name: run-operator-e2e runAfter: - prepare-tests params: @@ -397,7 +397,7 @@ spec: value: "$(tasks.parse-metadata.results.git-revision)" - name: repository value: repository - - name: execute-e2e + - name: execute-operator-e2e image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f onError: continue results: @@ -441,7 +441,7 @@ spec: fi - name: secure-push-oci when: - - input: "$(steps.execute-e2e.results.status)" + - input: "$(steps.execute-operator-e2e.results.status)" operator: notin values: [ "success" ] ref: @@ -467,7 +467,7 @@ spec: image: brew.registry.redhat.io/rh-osbs/openshift-golang-builder:rhel_9_1.23@sha256:6a4a05d24acecde63d9c7c8c986ad9e5e20da2c2ce30312b328ed771736e7a1f env: - name: STATUS - value: "$(steps.execute-e2e.results.status)" + value: "$(steps.execute-operator-e2e.results.status)" script: | #!/bin/bash if [ "$STATUS" != "success" ]; then From c6e63cfc422e7366dfcb264e9d4dc0c732fcb183 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Thu, 13 Mar 2025 23:38:14 +0100 Subject: [PATCH 55/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index cf2a925..c61675b 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -594,12 +594,11 @@ spec: - name: CLI_STRATEGY value: "openshift" script: | - export PATH="$PATH:/binaries" - echo "Path: $PATH" cd /repository/sigstore-e2e export OIDC_ISSUER_URL=https://$OIDC_HOST/auth/realms/trusted-artifact-signer openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor make build - go test -v ./test/tuftool \ No newline at end of file + go test -v ./test/tuftool + \ No newline at end of file From cf214b6e86687613f2b4d9d8cacd4e2e6f60bc72 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Fri, 14 Mar 2025 00:04:34 +0100 Subject: [PATCH 56/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index c61675b..5d0eb4b 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -428,7 +428,7 @@ spec: openssl s_client -connect $OIDC_HOST:443 > /tmp/ssl.cert export SSL_CERT_FILE=/tmp/ssl.cert go mod vendor - #make test-e2e | tee /dump/testOutput.log + make test-e2e | tee /dump/testOutput.log if [ $? -eq 0 ]; then echo -n "success" > "$(step.results.status.path)" @@ -601,4 +601,3 @@ spec: go mod vendor make build go test -v ./test/tuftool - \ No newline at end of file From 7b92141b561e20a050269fd3f31c8ebe0c374043 Mon Sep 17 00:00:00 2001 From: Petr Pinkas Date: Fri, 14 Mar 2025 00:16:02 +0100 Subject: [PATCH 57/57] Running TAS e2e tests - improvements --- pipelines/rhtas-operator-e2e.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/pipelines/rhtas-operator-e2e.yaml b/pipelines/rhtas-operator-e2e.yaml index 5d0eb4b..c5e0700 100644 --- a/pipelines/rhtas-operator-e2e.yaml +++ b/pipelines/rhtas-operator-e2e.yaml @@ -573,6 +573,7 @@ spec: - name: KUBECONFIG value: "/credentials/$(steps.get-kubeconfig.results.kubeconfig)" script: | + oc get clusterversion oc version oc project tas-e2e oc get consoleclidownloads