From 068b0732ad8cdb80bf0383f8d40b218961d299ee Mon Sep 17 00:00:00 2001 From: Ritik Kapoor Date: Thu, 20 Apr 2023 20:12:10 +0530 Subject: [PATCH 1/4] Clone pipeline perf-testdata-provision --- .harness/hcdcautomationClone.yaml | 831 ++++++++++++++++++++++++++++++ 1 file changed, 831 insertions(+) create mode 100644 .harness/hcdcautomationClone.yaml diff --git a/.harness/hcdcautomationClone.yaml b/.harness/hcdcautomationClone.yaml new file mode 100644 index 0000000..bfce991 --- /dev/null +++ b/.harness/hcdcautomationClone.yaml @@ -0,0 +1,831 @@ +--- +pipeline: + projectIdentifier: "platformteam" + orgIdentifier: "QE_Team" + tags: {} + stages: + - stage: + name: "pre-requisite data" + identifier: "testdata" + description: "" + type: "Custom" + spec: + execution: + steps: + - step: + type: "ShellScript" + name: "pre-requisite data" + identifier: "testdata" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\n# generate random number to suffix with harness entities\ + \ eg: org, project, etc.,\nrandomNum=`date +%s`\n\n# assign\ + \ httpPort and httpsPort (currently, there is issue if same\ + \ port is re-used for installation)\n# SMP-980\nhttpPort=$((31500\ + \ + <+pipeline.sequenceId>))\nhttpsPort=$((31501 + <+pipeline.sequenceId>))\n\ + \n" + environmentVariables: [] + outputVariables: + - name: "randomNum" + type: "String" + value: "randomNum" + - name: "httpPort" + type: "String" + value: "httpPort" + - name: "httpsPort" + type: "String" + value: "httpsPort" + delegateSelectors: + - "" + timeout: "10m" + failureStrategies: [] + tags: {} + when: + pipelineStatus: "Success" + - stage: + name: "smp install" + identifier: "smp_installation" + template: + templateRef: "helm_branch_install" + versionLabel: "version1" + templateInputs: + type: "Deployment" + variables: + - name: "smp_setup" + type: "String" + value: "<+pipeline.variables.smp_setup>" + - name: "load_balancer_ip" + type: "String" + value: "<+pipeline.variables.load_balancer_ip>" + - name: "helm_charts_repo_branch" + type: "String" + value: "<+pipeline.variables.helm_charts_repo_branch>" + - name: "override_file" + type: "String" + value: "<+pipeline.variables.override_file>" + - name: "k8s_connector_id" + type: "String" + value: "<+pipeline.variables.cluster_connector_id>" + - name: "delegate_name" + type: "String" + value: "<+pipeline.variables.cluster_delegate_name>" + - name: "namespace" + type: "String" + value: "<+pipeline.variables.namespace>" + - name: "httpPort" + type: "String" + value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpPort>" + - name: "httpsPort" + type: "String" + value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpsPort>" + - stage: + name: "smp upgrade" + identifier: "smp_upgrade" + template: + templateRef: "helm_branch_upgrade" + versionLabel: "version1" + templateInputs: + type: "Deployment" + variables: + - name: "smp_setup" + type: "String" + value: "<+pipeline.variables.smp_setup>" + - name: "load_balancer_ip" + type: "String" + value: "<+pipeline.variables.load_balancer_ip>" + - name: "helm_charts_repo_branch" + type: "String" + value: "<+pipeline.variables.helm_charts_repo_branch>" + - name: "override_file" + type: "String" + value: "<+pipeline.variables.override_file>" + - name: "k8s_connector_id" + type: "String" + value: "<+pipeline.variables.cluster_connector_id>" + - name: "delegate_name" + type: "String" + value: "<+pipeline.variables.cluster_delegate_name>" + - name: "namespace" + type: "String" + value: "<+pipeline.variables.namespace>" + - name: "httpPort" + type: "String" + value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpPort>" + - name: "httpsPort" + type: "String" + value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpsPort>" + - stage: + name: "enable monitoring " + identifier: "enable_monitoring" + description: "" + type: "Custom" + spec: + execution: + steps: + - step: + type: "ShellScript" + name: "enable mongo monitoring" + identifier: "enable_mongo_monitoring" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\nns=<+pipeline.variables.namespace>\nMONGODB_USERNAME=admin;\n\ + MONGODB_PASSWORD=$(kubectl get secret -n $ns mongodb-replicaset-chart\ + \ -o jsonpath={.data.mongodb-root-password} | base64 --decode\ + \ | awk '{print $1}')\nMONGO_URI=\"mongodb://$MONGODB_USERNAME:$MONGODB_PASSWORD@mongodb-replicaset-chart-0.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-1.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-2.mongodb-replicaset-chart.$ns.svc:27017/harness?replicaSet=rs0&authSource=admin\"\ + \nkubectl exec -it mongodb-replicaset-chart-0 -n $ns -- mongo\ + \ \"$MONGO_URI\" --quiet --eval \"db.enableFreeMonitoring()\"\ + \n" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_name>" + timeout: "10m" + failureStrategies: [] + tags: {} + when: + pipelineStatus: "Success" + condition: "<+pipeline.variables.smp_setup> != \"NONE\"" + - stage: + name: "account and data setup" + identifier: "account_and_data_setup" + description: "" + type: "Custom" + spec: + execution: + steps: + - stepGroup: + name: "account" + identifier: "new_account" + steps: + - step: + type: "ShellScript" + name: "setup account" + identifier: "setup_account" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\niteration=<+strategy.iteration>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ + ns=<+pipeline.variables.namespace>\nurl=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ + \nname=smp_account_${randomNum}_${iteration}\nusername=admin_${randomNum}_${iteration}@harnessioprivate.testinator.com\n\ + password=<+secrets.getValue(\"perf_smp_password\")>\ngateway=/gateway\n\ + url=\"${url//$gateway/}\"\n\n# create new account\n\necho\ + \ \"CREATING NEW ACCOUNT in SMP..\"\nCREATE_SMP_ACCOUNT=\"\ + `curl --location --request POST $url'/api/users/new-trial'\ + \ \\\n--header 'Content-Type: application/json' \\\n--data-raw\ + \ '{\n \"name\": \"'$name'\",\n \"email\": \"'$username'\"\ + ,\n \"password\": \"'$password'\",\n \"accountName\"\ + : \"test account\",\n \"companyName\": \"test company\"\ + ,\n \"createdFromNG\": false\n}'`\"\necho \"CREATE_SMP_ACCOUNT_RESPONSE\ + \ ::\"\necho ${CREATE_SMP_ACCOUNT}\n\n# get invite token\n\ + MONGODB_USERNAME=admin;\nMONGODB_PASSWORD=$(kubectl get\ + \ secret -n $ns mongodb-replicaset-chart -o jsonpath={.data.mongodb-root-password}\ + \ | base64 --decode | awk '{print $1}')\nMONGO_URI=\"mongodb://$MONGODB_USERNAME:$MONGODB_PASSWORD@mongodb-replicaset-chart-0.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-1.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-2.mongodb-replicaset-chart.$ns.svc:27017/harness?replicaSet=rs0&authSource=admin\"\ + \ninviteToken=(`kubectl exec -it mongodb-replicaset-chart-0\ + \ -n $ns -- mongo \"$MONGO_URI\" --quiet --eval \"db.getCollection('userInvites').find({email:'$username'})\"\ + \ | grep _id | cut -d : -f2 | cut -d , -f1`)\nquotes='\\\ + \"'\ninviteToken=\"${inviteToken//$quotes/}\"\necho \"INVITE\ + \ TOKEN :: \" ${inviteToken} \n\n# accept invite and activate\ + \ account\nACTIVATE_ACCOUNT=\"`curl --location --request\ + \ PUT $url'/api/users/invites/trial/'${inviteToken}'/new-signin'\ + \ \\\n--header 'accept: application/json'`\"\necho \"ACTIVATE_ACCOUNT_RESPONSE\ + \ ::\"\necho ${ACTIVATE_ACCOUNT}\naccountId=(`echo ${ACTIVATE_ACCOUNT}\ + \ | grep -o '\"defaultAccountId\":\"[^\"]*' | cut -d : -f2\ + \ | cut -d \"\\\"\" -f2`)\n\nif [[ ${accountId} == \"\"\ + \ ]]; then\n echo \"ACCOUNT ACTIVATION FAILED..\"\n \ + \ exit 1\nelse\n echo \"ACCOUNT ACTIVATION SUCCESSFUL\"\ + \t\nfi\n\nsleep 1\n\n" + environmentVariables: [] + outputVariables: + - name: "accountId" + type: "String" + value: "accountId" + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_name>" + timeout: "10m" + failureStrategies: [] + - step: + type: "ShellScript" + name: "add licenses" + identifier: "add_licenses" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\niteration=<+strategy.iteration>\nadmin_portal_password=<+secrets.getValue(\"\ + admin_portal_password\")>\naccountId=<+execution.steps.new_account.steps.setup_account.output.outputVariables.accountId>\n\ + url=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ + \n# enable NG\nENABLE_NG=\"`curl --location --request PUT\ + \ $url'/api/admin/accounts/'${accountId}'/nextgen-enabled?enabled=true'\ + \ \\\n--header 'Authorization: AdminPortal '${admin_portal_password}''`\"\ + \necho \"ENABLE_NG_RESPONSE ::\"\necho ${ENABLE_NG}\n\n\ + # add licenses\nCD_LICENSE_RESULT=(`curl --location --request\ + \ POST $url'/api/admin/accounts/'${accountId}'/ng/license?routingId='${accountId}''\ + \ \\\n--header 'Accept: application/json' \\\n--header 'Authorization:\ + \ AdminPortal '${admin_portal_password}'' \\\n--header 'Content-Type:\ + \ application/json' \\\n--data-raw '{\n \"accountIdentifier\"\ + : \"'${accountId}'\",\n \"moduleType\": \"CI\",\n \ + \ \"edition\": \"ENTERPRISE\",\n \"licenseType\": \"\ + PAID\",\n \"status\": \"ACTIVE\",\n \"startTime\"\ + : 1676459368000,\n \"expiryTime\": 1992078568000,\n \ + \ \"numberOfCommitters\": 500,\n \"selfService\": true\n\ + }'`)\necho \"CD_LICENSE_RESULT :\"\necho ${CD_LICENSE_RESULT}\n\ + \nCI_LICENSE_RESULT=(`curl --location --request POST $url'/api/admin/accounts/'${accountId}'/ng/license?routingId='${accountId}''\ + \ \\\n--header 'Accept: application/json' \\\n--header 'Authorization:\ + \ AdminPortal '${admin_portal_password}'' \\\n--header 'Content-Type:\ + \ application/json' \\\n--data-raw '{\n \"accountIdentifier\"\ + : \"'${accountId}'\",\n \"moduleType\": \"CD\",\n \ + \ \"edition\": \"ENTERPRISE\",\n \"licenseType\": \"\ + PAID\",\n \"status\": \"ACTIVE\",\n \"startTime\"\ + : 1676459368000,\n \"expiryTime\": 1992078568000,\n \ + \ \"workloads\": 500,\n \"cdLicenseType\": \"SERVICES\"\ + ,\n \"selfService\": true\n}'`)\necho \"CI_LICENSE_RESULT\ + \ :\"\necho ${CI_LICENSE_RESULT}\n\n" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_name>" + timeout: "10m" + failureStrategies: [] + - step: + type: "ShellScript" + name: "add user to harnessUG" + identifier: "add_user_to_harnessUG" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\niteration=<+strategy.iteration>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ + ns=<+pipeline.variables.namespace>\n\nusername=admin_${randomNum}_${iteration}@harnessioprivate.testinator.com\n\ + admin_portal_password=<+secrets.getValue(\"admin_portal_password\"\ + )>\n\n# add user to harnessUG\nMONGODB_USERNAME=admin;\n\ + MONGODB_PASSWORD=$(kubectl get secret -n $ns mongodb-replicaset-chart\ + \ -o jsonpath={.data.mongodb-root-password} | base64 --decode\ + \ | awk '{print $1}')\nMONGO_URI=\"mongodb://$MONGODB_USERNAME:$MONGODB_PASSWORD@mongodb-replicaset-chart-0.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-1.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-2.mongodb-replicaset-chart.$ns.svc:27017/harness?replicaSet=rs0&authSource=admin\"\ + \n\nkubectl exec -it mongodb-replicaset-chart-0 -n $ns --\ + \ mongo \"$MONGO_URI\" --quiet --eval \"db.harnessUserGroups.insertOne({'name':'readOnly','memberIds':db.users.distinct('_id',{email:'\"\ + $username\"'})})\"\n\n" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_name>" + timeout: "10m" + failureStrategies: [] + when: + stageStatus: "Success" + condition: "<+pipeline.variables.new_account> == \"true\"" + failureStrategies: [] + spec: {} + - step: + type: "ShellScript" + name: "setup data" + identifier: "setup_data" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\niteration=<+strategy.iteration>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ + \nif [[ <+pipeline.variables.new_account> == \"true\" ]]; then\n\ + \ username=admin_${randomNum}_${iteration}@harnessioprivate.testinator.com\n\ + \ password=<+secrets.getValue(\"perf_smp_password\")>\nelse\n\ + \ username=<+pipeline.variables.existing_username>\n password=<+pipeline.variables.existing_password>\n\ + fi\n\n\n# create api key and api token\n\n# get bearer token\n\ + b64Str=$(echo -n ''${username}:${password}'' | base64 -w 0)\n\ + LOGIN_RESULT=\"`curl --location --request POST 'http://<+pipeline.variables.load_balancer_ip>/gateway/api/users/login'\ + \ \\\n--header 'content-type: application/json' \\\n--data-raw\ + \ '{\"authorization\":\"Basic '${b64Str}'\"}'`\"\necho \"LOGIN_RESULT\ + \ ::\"\necho ${LOGIN_RESULT}\naccountId=(`echo ${LOGIN_RESULT}\ + \ | grep -o '\"defaultAccountId\":\"[^\"]*' | cut -d : -f2 |\ + \ cut -d \"\\\"\" -f2`)\ntoken=(`echo ${LOGIN_RESULT} | grep\ + \ -o '\"token\":\"[^\"]*' | cut -d : -f2 | cut -d \"\\\"\" -f2`)\n\ + userId=(`echo ${LOGIN_RESULT} | grep -o '\"uuid\":\"[^\"]*'\ + \ | cut -d : -f2 | cut -d \"\\\"\" -f2`)\n\n# accountId=`echo\ + \ ${LOGIN_RESULT} | jq -r '.resource.defaultAccountId'`\n# token=`echo\ + \ ${LOGIN_RESULT} | jq -r '.resource.token'`\n# userId=`echo\ + \ ${LOGIN_RESULT} | jq -r '.resource.uuid'`\n\n# create apikey\n\ + APIKEY_RESULT=(`curl --location --request POST 'http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/apikey?accountId='${accountId}'&accountIdentifier='${accountId}''\ + \ \\\n--header 'authorization: Bearer '${token}'' \\\n--header\ + \ 'Content-Type: application/json' \\\n--data-raw '{\n \"\ + accountIdentifier\": \"'${accountId}'\",\n \"parentIdentifier\"\ + : \"'${userId}'\",\n \"apiKeyType\": \"USER\",\n \"identifier\"\ + : \"perf_apikey_'${randomNum}'_'${iteration}'\",\n \"name\"\ + : \"perf_apikey_'${randomNum}'_'${iteration}'\",\n \"description\"\ + : \"Automated api key\"\n}'`)\necho \"APIKEY_RESULT ::\"\necho\ + \ ${APIKEY_RESULT}\n\n# create api token\nAPITOKEN_RESULT=\"\ + `curl --location --request POST 'http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/token?accountId='${accountId}'&accountIdentifier='${accountId}''\ + \ \\\n--header 'authorization: Bearer '${token}'' \\\n--header\ + \ 'Content-Type: application/json' \\\n--data-raw '{\n \"\ + accountIdentifier\": \"'${accountId}'\",\n \"parentIdentifier\"\ + : \"'${userId}'\",\n \"apiKeyType\": \"USER\",\n \"apiKeyIdentifier\"\ + : \"perf_apikey_'${randomNum}'_'${iteration}'\",\n \"identifier\"\ + : \"perf_apitoken_'${randomNum}'_'${iteration}'\",\n \"name\"\ + : \"perf_apitoken_'${randomNum}'\",\n \"description\": \"\ + Automated token\",\n \"tags\": {\n \"tag\": \"Automation\ + \ Tag\"\n }\n}'`\"\necho \"APITOKEN_RESULT ::\"\necho ${APITOKEN_RESULT}\n\ + apiToken=(`echo ${APITOKEN_RESULT} | grep -o '\"data\":\"[^\"\ + ]*' | cut -d : -f2 | cut -d \"\\\"\" -f2`)\n\nsleep 1\n# update\ + \ default experience to NG\nCHANGE_DEFAULT_EXP_TO_NG=\"`curl\ + \ --location --request PUT 'http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/accounts/'${accountId}'/default-experience?routingId='${accountId}''\ + \ \\\n--header 'x-api-key: '${apiToken}'' \\\n--header 'Content-Type:\ + \ application/json' \\\n--data-raw '{\n \"defaultExperience\"\ + : \"NG\"\n}'`\"\necho \"CHANGE_DEFAULT_EXP_TO_NG_RESPONSE ::\"\ + \necho ${CHANGE_DEFAULT_EXP_TO_NG}\n\n\n# validation\n\nif [[\ + \ (\"$username\" != \"null\" && \"$username\" != \"\") && (\"\ + $password\" != \"null\" && \"$password\" != \"\") && (\"$accountId\"\ + \ != \"null\" && \"$accountId\" != \"\") && (\"$apiToken\" !=\ + \ \"null\" && \"$apiToken\" != \"\") && (\"$token\" != \"null\"\ + \ && \"$token\" != \"\") ]]; then\n echo \"ALL REQUIRED DETAILS\ + \ ARE AVAILABLE TO PROCEED..\"\nelse\n echo \"REQUIRED DETAILS\ + \ ARE MISSING..\"\n exit 1\nfi\n\ndelName=\"del-\"`echo $accountId\ + \ | sed -r 's/_/-/g' | tr '[:upper:]' '[:lower:]'`\"-gate\"\n\ + delNamespace=\"ns-\"`date +%s`\"-\"${iteration}\n" + environmentVariables: [] + outputVariables: + - name: "username" + type: "String" + value: "username" + - name: "password" + type: "String" + value: "password" + - name: "accountId" + type: "String" + value: "accountId" + - name: "token" + type: "String" + value: "token" + - name: "apiToken" + type: "String" + value: "apiToken" + - name: "delName" + type: "String" + value: "delName" + - name: "delNamespace" + type: "String" + value: "delNamespace" + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_name>" + timeout: "10m" + failureStrategies: [] + - stepGroup: + name: "delegate" + identifier: "new_delegate" + steps: + - step: + type: "ShellScript" + name: "check namespace" + identifier: "check_namespace" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "resp=`kubectl describe ns <+execution.steps.setup_data.output.outputVariables.delNamespace>\ + \ | grep \"Active\"`\n\nif [[ $resp == '' ]]; then\n\techo\ + \ \"namespace does not exists, will generate new namespace\ + \ with name = <+pipeline.variables.namespace>\"\n\tkubectl\ + \ create ns <+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ + \tkubectl get ns <+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ + else\n\techo \"namespace with name = <+execution.steps.setup_data.output.outputVariables.delNamespace>\ + \ already exists, skipping\"\nfi" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_1_name>" + timeout: "10m" + failureStrategies: [] + - step: + type: "ShellScript" + name: "configmap legacy delegate" + identifier: "configmap_legacy_delegate" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\nns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ + \necho 'apiVersion: v1\nkind: ConfigMap\nmetadata:\n name:\ + \ perf-vault-agent\n namespace: '$ns'\ndata:\n vault-agent.sh:\ + \ |\n apt-get update -y\n apt-get upgrade -y\n \ + \ apt-get install wget lsb-release jq -y\n wget -O- https://apt.releases.hashicorp.com/gpg\ + \ | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg\n\ + \ echo \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]\ + \ https://apt.releases.hashicorp.com $(lsb_release -cs)\ + \ main\" | tee /etc/apt/sources.list.d/hashicorp.list\n\ + \ apt update && apt install vault\n\n export VAULT_ADDR=https://vaultqa.harness.io\n\ + \ vault login s.2h94W3YBKnPda8YCcBBVSz77\n vault write\ + \ auth/approle/role/my_apps_v2 policies=vault_agent_write_v2_policy\ + \ token_ttl=18000h token_num_uses=0\n vault read auth/approle/role/my_apps_v2\n\ + \ vault read -format=json auth/approle/role/my_apps_v2/role-id\ + \ | jq -r '.data.role_id' > my_apps_v2_roleID_v2\n\ + \ vault read auth/approle/role/my_apps_v2/role-id\n \ + \ vault write -f -format=json auth/approle/role/my_apps_v2/secret-id\ + \ secret_id_ttl=999999999 secret_id_num_uses=999999999\ + \ | jq -r '.data.secret_id' > my_apps_v2_secretID_v2\n\ + \ secretID_v2=`cat my_apps_v2_secretID_v2`\n role_id_v2=`cat\ + \ my_apps_v2_roleID_v2`\n vault write auth/approle/login\ + \ role_id=\"${role_id_v2}\" secret_id=\"${secretID_v2}\"\ + \n nohup vault agent -config=agent-config-v-2.hcl -log-level=debug\ + \ &\n agent-config-v-2.hcl: |\n exit_after_auth = false\n\ + \ pid_file = \"./pidfile\"\n\n auto_auth {\n \ + \ method \"approle\" {\n mount_path = \"auth/approle\"\ + \n config = {\n role_id_file_path\ + \ = \"my_apps_v2_roleID_v2\"\n secret_id_file_path\ + \ = \"my_apps_v2_secretID_v2\"\n remove_secret_id_file_after_reading\ + \ = false\n }\n }\n\n sink \"file\"\ + \ {\n config = {\n path = \"approleTokenPerfv2\"\ + \n mode = 400\n }\n }\n \ + \ }\n\n vault {\n address = \"https://vaultqa.harness.io\"\ + \n }' > configmap_legacy_del_\"${ns}\".yaml\n\ncat configmap_legacy_del_\"\ + ${ns}\".yaml \n" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_1_name>" + timeout: "10m" + failureStrategies: [] + - step: + type: "ShellScript" + name: "configmap rhel delegate" + identifier: "configmap_rhel_delegate" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\nns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ + \necho 'apiVersion: v1\nkind: ConfigMap\nmetadata:\n name:\ + \ perf-vault-agent-rhel-based\n namespace: '$ns'\ndata:\n\ + \ vault-agent.sh: |\n microdnf install wget\n microdnf\ + \ install jq\n microdnf install redhat-lsb-core\n \ + \ microdnf install yum\n yum install -y yum-utils\n \ + \ yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo\n\ + \ yum -y install vault\n microdnf reinstall vault\n\ + \ wget -O- https://rpm.releases.hashicorp.com/gpg | gpg\ + \ --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg\n\ + \ echo \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]\ + \ https://rpm.releases.hashicorp.com $(lsb_release -cs)\ + \ main\" | tee /etc/apt/sources.list.d/hashicorp.list\n\n\ + \ export VAULT_ADDR=https://vaultqa.harness.io\n vault\ + \ login s.2h94W3YBKnPda8YCcBBVSz77\n vault write auth/approle/role/my_apps_v2\ + \ policies=vault_agent_write_v2_policy token_ttl=18000h\ + \ token_num_uses=0\n vault read auth/approle/role/my_apps_v2\n\ + \ vault read -format=json auth/approle/role/my_apps_v2/role-id\ + \ | jq -r '.data.role_id' > my_apps_v2_roleID_v2\n\ + \ vault read auth/approle/role/my_apps_v2/role-id\n \ + \ vault write -f -format=json auth/approle/role/my_apps_v2/secret-id\ + \ secret_id_ttl=999999999 secret_id_num_uses=999999999\ + \ | jq -r '.data.secret_id' > my_apps_v2_secretID_v2\n\ + \ secretID_v2=`cat my_apps_v2_secretID_v2`\n role_id_v2=`cat\ + \ my_apps_v2_roleID_v2`\n vault write auth/approle/login\ + \ role_id=\"${role_id_v2}\" secret_id=\"${secretID_v2}\"\ + \n nohup vault agent -config=agent-config-rhel-based.hcl\ + \ -log-level=debug &\n agent-config-rhel-based.hcl: |\n\ + \ exit_after_auth = false\n pid_file = \"./pidfile\"\ + \n\n auto_auth {\n method \"approle\" {\n \ + \ mount_path = \"auth/approle\"\n config\ + \ = {\n role_id_file_path = \"my_apps_v2_roleID_v2\"\ + \n secret_id_file_path = \"my_apps_v2_secretID_v2\"\ + \n remove_secret_id_file_after_reading = false\n\ + \ }\n }\n\n sink \"file\" {\n \ + \ config = {\n path = \"approleTokenPerfv2\"\ + \n mode = 400\n }\n }\n \ + \ }\n\n vault {\n address = \"https://vaultqa.harness.io\"\ + \n }' > configmap_rhel_del_\"${ns}\".yaml\n\ncat configmap_rhel_del_\"\ + ${ns}\".yaml" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_1_name>" + timeout: "10m" + failureStrategies: [] + - step: + type: "ShellScript" + name: "setup delegate" + identifier: "setup_delegate" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "# input\nurl=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ + randomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ + ns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ + \ncurl -k -o <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ + \ -X POST \\\n ''$url'/ng/api/download-delegates/kubernetes?accountIdentifier=<+execution.steps.setup_data.output.outputVariables.accountId>'\ + \ \\\n -H 'Content-Type: application/json' \\\n -H 'x-api-key:\ + \ <+execution.steps.setup_data.output.outputVariables.apiToken>'\ + \ \\\n -d '{\n \"name\": \"<+execution.steps.setup_data.output.outputVariables.delName>\"\ + ,\n \"description\": \"Testing\",\n \"size\": \"LAPTOP\"\ + ,\n \"tags\": [\n \"perf-delegate\"\n ],\n \ + \ \"tokenName\": \"default_token\",\n \"clusterPermissionType\"\ + : \"CLUSTER_ADMIN\",\n \"customClusterNamespace\": \"\ + '$ns'\"\n }'\n\nwhile ( cat <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ + \ | grep '\"code\":\"NG_ACCESS_DENIED\"' )\ndo \n echo\ + \ \"NG_ACCESS_DENIED..re-try DELEGATE DOWNLOAD after 30s\"\ + ;\n sleep 30\n curl -k -o <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ + \ -X POST \\\n ''$url'/ng/api/download-delegates/kubernetes?accountIdentifier=<+execution.steps.setup_data.output.outputVariables.accountId>'\ + \ \\\n -H 'Content-Type: application/json' \\\n -H 'x-api-key:\ + \ <+execution.steps.setup_data.output.outputVariables.apiToken>'\ + \ \\\n -d '{\n \"name\": \"<+execution.steps.setup_data.output.outputVariables.delName>\"\ + ,\n \"description\": \"Testing\",\n \"size\": \"LAPTOP\"\ + ,\n \"tags\": [\n \"perf-delegate\"\n ],\n \ + \ \"tokenName\": \"default_token\",\n \"clusterPermissionType\"\ + : \"CLUSTER_ADMIN\",\n \"customClusterNamespace\": \"\ + '$ns'\"\n }'\ndone\n\n \nsed -i 's/name: harness-delegate-ng/name:\ + \ '$ns'/g' <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + sed -i 's/namespace: harness-delegate-ng/namespace: '$ns'/g'\ + \ <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + sed -i 's/cpu: \\\"0.5\\\"/cpu: \\\"1\\\"/g' <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + # sed -i 's/replicas: 1/replicas: <+pipeline.variables.delegateReplicas>/g'\ + \ <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + \n# rhel based\nsed -i 's@log-service/\"@log-service/\"\\\ + n volumeMounts:\\n - name: config-volume\\\ + n mountPath: /opt/harness-delegate/agent-config-rhel-based.hcl\\\ + n subPath: agent-config-rhel-based.hcl\\n \ + \ - name: config-volume\\n mountPath: /opt/harness-delegate/vault-agent.sh\\\ + n subPath: vault-agent.sh\\n lifecycle:\\\ + n postStart:\\n exec:\\n \ + \ command: [\"/bin/sh\", \"-c\", \"./vault-agent.sh\ + \ > /opt/harness-delegate/vault.log 2> /dev/null \\&\"]\\\ + n volumes:\\n - name: config-volume\\n \ + \ configMap:\\n name: perf-vault-agent-rhel-based\\\ + n defaultMode: 0777@g' <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + \n# non-rhel based\n# sed -i 's@restartPolicy: Always@\\\ + n volumeMounts:\\n - name: config-volume\\\ + n mountPath: /opt/harness-delegate/agent-config-v-2.hcl\\\ + n subPath: agent-config-v-2.hcl\\n - name:\ + \ config-volume\\n mountPath: /opt/harness-delegate/vault-agent.sh\\\ + n subPath: vault-agent.sh\\n lifecycle:\\\ + n postStart:\\n exec:\\n \ + \ command: [\"/bin/sh\", \"-c\", \"./vault-agent.sh\ + \ > /opt/harness-delegate/vault.log 2> /dev/null \\&\"]\\\ + n volumes:\\n - name: config-volume\\n \ + \ configMap:\\n name: perf-vault-agent\\n \ + \ defaultMode: 0777\\n restartPolicy: Always\\\ + n@g' $fileName\n\nkubectl apply -f configmap_legacy_del_\"\ + ${ns}\".yaml\nkubectl apply -f configmap_rhel_del_\"${ns}\"\ + .yaml\n\nkubectl apply -f <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ + \ > <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n\ + \ \nif [[ ! -s <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\ + \ ]]\nthen\n echo \"DELEGATE CREATION FAILED\"\n echo\ + \ \"EMPTY LOG FILE\"\n echo \"printing delegate install\ + \ log..\"\n cat <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n\ + \ cat <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + \ exit 1\nelse\n if grep \"error\" <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\ + \ || grep \"ERROR\" <+execution.steps.setup_data.output.outputVariables.delName>_log.txt;\ + \ then\n echo \"DELEGATE CREATION FAILED\"\n echo\ + \ \"ERROR FOUND..\"\n echo \"printing delegate install\ + \ log..\"\n cat <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n\ + \ cat <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ + \ exit 1\n fi \nfi\n\necho \"printing delegate install\ + \ log..\"\ncat <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_1_name>" + timeout: "10m" + failureStrategies: [] + when: + stageStatus: "Success" + condition: "<+pipeline.variables.provision_data> == \"true\"" + failureStrategies: [] + spec: {} + - step: + type: "ShellScript" + name: "validate delegate conn" + identifier: "validate_delegate_conn" + spec: + shell: "Bash" + onDelegate: true + source: + type: "Inline" + spec: + script: "\n\nwhile !( echo `curl --location --request GET 'http://<+pipeline.variables.load_balancer_ip>/gateway/api/setup/delegates/ng/v2?routingId=<+execution.steps.setup_data.output.outputVariables.accountId>&accountId=<+execution.steps.setup_data.output.outputVariables.accountId>&pageIndex=0&pageSize=50'\ + \ --header 'Authorization: Bearer <+execution.steps.setup_data.output.outputVariables.token>'`\ + \ | grep '\"connectivityStatus\":\"connected\"' )\ndo \n \ + \ echo \"re-try DELEGATE STATUS..\";\n sleep 10\ndone\n\n\ + # will timeout after 5mins\n" + environmentVariables: [] + outputVariables: [] + delegateSelectors: + - "<+pipeline.variables.cluster_delegate_name>" + timeout: "5m" + failureStrategies: [] + when: + stageStatus: "Success" + condition: "<+pipeline.variables.provision_data> == \"true\"" + - stepGroup: + name: "provision data" + identifier: "provision_data" + steps: + - step: + type: "Container" + name: "create users and user groups" + identifier: "jmeter" + spec: + connectorRef: "account.gcpplatform" + image: "us.gcr.io/platform-205701/perf-test:latest" + command: "# git clone\ngitoken=<+secrets.getValue(\"gitoken_donotuse\"\ + )>\ngit config --global user.email \"siraj.khan@harness.io\"\ + \ngit config --global user.name \"siraj-io\"\ngit clone \"https://siraj-io:\"\ + $gitoken\"@github.com/wings-software/Performance.git\"\n\n\n\ + # input\nurl=<+pipeline.variables.load_balancer_ip>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ + \noktaUrl=dev-274703.oktapreview.com\noktaKey='<+secrets.getValue(\"\ + perf_okta_key\")>'\n\n# user_scim_prefix = perf_user_scim__\ + \ (if left blank)\n# user_scim_prefix = perf_user_scim_ -> should\ + \ be set when there is no existing user with this prefix and\ + \ it would also match with actual scim users in okta\nuser_scim_prefix=perf_user_scim_\n\ + \n\ncd ../apache-jmeter-5.5/bin\n\nexport JVM_ARGS=\"-Dnashorn.args=--no-deprecation-warning\"\ + \n./jmeter -v\n./jmeter -n -t /harness/Performance/jmeter/perf_testdata.jmx\ + \ -l /harness/Performance/jmeter/results/output.csv -e -o /harness/Performance/jmeter/results\ + \ -Jurl=$url -JaccountId=<+execution.steps.setup_data.output.outputVariables.accountId>\ + \ -JuniqueId=$randomNum -Jusername=<+execution.steps.setup_data.output.outputVariables.username>\ + \ -Jpassword=<+execution.steps.setup_data.output.outputVariables.password>\ + \ -JapiToken=<+execution.steps.setup_data.output.outputVariables.apiToken>\ + \ \\\n-Jsuper_username=<+execution.steps.setup_data.output.outputVariables.username>\ + \ -Jsuper_password=<+execution.steps.setup_data.output.outputVariables.password>\ + \ -Jokta_url=$oktaUrl -Jokta_apikey=$oktaKey -Juser_scim_prefix=$user_scim_prefix\n\ + \n############\necho \"print path..\"\n\ncd /harness/Performance/jmeter/results\n\ + ls\n\ncd /apache-jmeter-5.5/bin\nls\n" + shell: "Bash" + infrastructure: + type: "KubernetesDirect" + spec: + connectorRef: "account.harnessciplatformng" + namespace: "harness-delegate-prod" + resources: + limits: + cpu: "2" + memory: "4000Mi" + outputVariables: [] + envVariables: {} + timeout: "1h" + - step: + type: "Http" + name: "user group count" + identifier: "user_group_count" + spec: + url: "http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/aggregate/acl/usergroups?routingId=<+execution.steps.setup_data.output.outputVariables.accountId>&accountIdentifier=<+execution.steps.setup_data.output.outputVariables.accountId>&pageIndex=0&pageSize=10&searchTerm=perf_ug_<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>&filterType=INCLUDE_INHERITED_GROUPS&sortOrders=lastModifiedAt%2CDESC" + method: "GET" + headers: + - key: "x-api-key" + value: "<+execution.steps.setup_data.output.outputVariables.apiToken>" + - key: "accept" + value: "application/json" + outputVariables: + - name: "ug_count" + value: "<+json.object(httpResponseBody).data.totalItems>" + type: "String" + assertion: "<+httpResponseCode> == 200" + timeout: "1m" + - step: + type: "Container" + name: "create entities" + identifier: "terraform" + spec: + connectorRef: "account.gcpplatform" + image: "us.gcr.io/platform-205701/perf-test:latest" + command: "# git clone\ngitoken=<+secrets.getValue(\"gitoken_donotuse\"\ + )>\ngit config --global user.email \"siraj.khan@harness.io\"\ + \ngit config --global user.name \"siraj-io\"\ngit clone \"https://siraj-io:\"\ + $gitoken\"@github.com/wings-software/Performance.git\"\ncd Performance\n\ + git checkout origin/<+pipeline.variables.provision_data_branch>\n\ + \n# input\nurl=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ + randomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ + ns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ + \n# run script\ncd terraform/scripts\n# get secrets (connector\ + \ credentials)\nsecrets='<+secrets.getValue(\"perf_conn_secrets\"\ + )>'\necho $secrets > secrets.json\n\n# export TF_LOG=DEBUG\n\ + ug_count=<+execution.steps.provision_data.steps.user_group_count.output.outputVariables.ug_count>\n\ + if [[ $ug_count == '' || $ug_count == 0 ]]; then\n ug_count=0\n\ + else\n ug_count=$(($ug_count-1))\nfi\n\norg_count=10\nproject_count=2\n\ + principal_identifier=\"perf_ug_\"$randomNum\n\nterraform init\n\ + terraform plan -var-file=\"secrets.json\" -var='account_info={\"\ + endpoint\":\"'$url'\",\"accountId\":\"<+execution.steps.setup_data.output.outputVariables.accountId>\"\ + ,\"uniqueId\":\"'$randomNum'\",\"apiToken\":\"<+execution.steps.setup_data.output.outputVariables.apiToken>\"\ + ,\"namespace\":\"'$ns'\"}' -var=\"org_count=$org_count\" -var=\"\ + project_count=$project_count\" -var=\"rg_count=$ug_count\" -var=\"\ + role_assignment_count=$ug_count\" -var=\"principal_identifier=$principal_identifier\"\ + \nterraform apply -parallelism=2 -auto-approve -var-file=\"\ + secrets.json\" -var='account_info={\"endpoint\":\"'$url'\",\"\ + accountId\":\"<+execution.steps.setup_data.output.outputVariables.accountId>\"\ + ,\"uniqueId\":\"'$randomNum'\",\"apiToken\":\"<+execution.steps.setup_data.output.outputVariables.apiToken>\"\ + ,\"namespace\":\"'$ns'\"}' -var=\"org_count=$org_count\" -var=\"\ + project_count=$project_count\" -var=\"rg_count=$ug_count\" -var=\"\ + role_assignment_count=$ug_count\" -var=\"principal_identifier=$principal_identifier\"\ + \n" + shell: "Bash" + infrastructure: + type: "KubernetesDirect" + spec: + connectorRef: "account.harnessciplatformng" + namespace: "harness-delegate-prod" + resources: + limits: + cpu: "2" + memory: "4000Mi" + annotations: {} + labels: {} + containerSecurityContext: + capabilities: + drop: [] + add: [] + nodeSelector: {} + outputVariables: [] + envVariables: {} + timeout: "1h" + failureStrategies: [] + when: + stageStatus: "Success" + condition: "<+pipeline.variables.provision_data> == \"true\"" + failureStrategies: [] + spec: {} + tags: {} + when: + pipelineStatus: "Success" + strategy: "<+input>" + variables: + - name: "load_balancer_ip" + type: "String" + default: "NONE" + description: "eg: 34.0.0.0" + value: "<+input>" + - name: "namespace" + type: "String" + default: "NONE" + description: "" + value: "<+input>" + - name: "smp_setup" + type: "String" + default: "NONE" + description: "" + value: "<+input>.allowedValues(install,upgrade,NONE)" + - name: "helm_charts_repo_branch" + type: "String" + description: "" + value: "<+input>" + - name: "override_file" + type: "String" + default: "/medium_overrides.yaml" + description: "" + value: "<+input>" + - name: "cluster_connector_id" + type: "String" + default: "NONE" + description: "" + value: "<+input>" + - name: "cluster_delegate_name" + type: "String" + description: "" + value: "<+input>" + - name: "cluster_delegate_1_name" + type: "String" + description: "" + value: "<+input>" + - name: "new_account" + type: "String" + default: "false" + description: "" + value: "<+input>.allowedValues(true,false)" + - name: "provision_data" + type: "String" + default: "true" + description: "" + value: "<+input>.allowedValues(true,false)" + - name: "provision_data_branch" + type: "String" + description: "" + value: "<+input>" + - name: "existing_username" + type: "String" + default: "NONE" + description: "" + value: "<+input>" + - name: "existing_password" + type: "String" + default: "NONE" + description: "" + value: "<+input>" + allowStageExecutions: false + identifier: "hcdcautomationClone" + name: "hcdc-automation-Clone" From 55502c8b817647cedcd66d8729965aed453c2aa9 Mon Sep 17 00:00:00 2001 From: RITIK KAPOOR <61417822+rkapoor10@users.noreply.github.com> Date: Fri, 28 Apr 2023 17:56:02 +0530 Subject: [PATCH 2/4] update: removed trial yaml --- .harness/hcdcautomationClone.yaml | 831 ------------------------------ 1 file changed, 831 deletions(-) delete mode 100644 .harness/hcdcautomationClone.yaml diff --git a/.harness/hcdcautomationClone.yaml b/.harness/hcdcautomationClone.yaml deleted file mode 100644 index bfce991..0000000 --- a/.harness/hcdcautomationClone.yaml +++ /dev/null @@ -1,831 +0,0 @@ ---- -pipeline: - projectIdentifier: "platformteam" - orgIdentifier: "QE_Team" - tags: {} - stages: - - stage: - name: "pre-requisite data" - identifier: "testdata" - description: "" - type: "Custom" - spec: - execution: - steps: - - step: - type: "ShellScript" - name: "pre-requisite data" - identifier: "testdata" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\n# generate random number to suffix with harness entities\ - \ eg: org, project, etc.,\nrandomNum=`date +%s`\n\n# assign\ - \ httpPort and httpsPort (currently, there is issue if same\ - \ port is re-used for installation)\n# SMP-980\nhttpPort=$((31500\ - \ + <+pipeline.sequenceId>))\nhttpsPort=$((31501 + <+pipeline.sequenceId>))\n\ - \n" - environmentVariables: [] - outputVariables: - - name: "randomNum" - type: "String" - value: "randomNum" - - name: "httpPort" - type: "String" - value: "httpPort" - - name: "httpsPort" - type: "String" - value: "httpsPort" - delegateSelectors: - - "" - timeout: "10m" - failureStrategies: [] - tags: {} - when: - pipelineStatus: "Success" - - stage: - name: "smp install" - identifier: "smp_installation" - template: - templateRef: "helm_branch_install" - versionLabel: "version1" - templateInputs: - type: "Deployment" - variables: - - name: "smp_setup" - type: "String" - value: "<+pipeline.variables.smp_setup>" - - name: "load_balancer_ip" - type: "String" - value: "<+pipeline.variables.load_balancer_ip>" - - name: "helm_charts_repo_branch" - type: "String" - value: "<+pipeline.variables.helm_charts_repo_branch>" - - name: "override_file" - type: "String" - value: "<+pipeline.variables.override_file>" - - name: "k8s_connector_id" - type: "String" - value: "<+pipeline.variables.cluster_connector_id>" - - name: "delegate_name" - type: "String" - value: "<+pipeline.variables.cluster_delegate_name>" - - name: "namespace" - type: "String" - value: "<+pipeline.variables.namespace>" - - name: "httpPort" - type: "String" - value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpPort>" - - name: "httpsPort" - type: "String" - value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpsPort>" - - stage: - name: "smp upgrade" - identifier: "smp_upgrade" - template: - templateRef: "helm_branch_upgrade" - versionLabel: "version1" - templateInputs: - type: "Deployment" - variables: - - name: "smp_setup" - type: "String" - value: "<+pipeline.variables.smp_setup>" - - name: "load_balancer_ip" - type: "String" - value: "<+pipeline.variables.load_balancer_ip>" - - name: "helm_charts_repo_branch" - type: "String" - value: "<+pipeline.variables.helm_charts_repo_branch>" - - name: "override_file" - type: "String" - value: "<+pipeline.variables.override_file>" - - name: "k8s_connector_id" - type: "String" - value: "<+pipeline.variables.cluster_connector_id>" - - name: "delegate_name" - type: "String" - value: "<+pipeline.variables.cluster_delegate_name>" - - name: "namespace" - type: "String" - value: "<+pipeline.variables.namespace>" - - name: "httpPort" - type: "String" - value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpPort>" - - name: "httpsPort" - type: "String" - value: "<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.httpsPort>" - - stage: - name: "enable monitoring " - identifier: "enable_monitoring" - description: "" - type: "Custom" - spec: - execution: - steps: - - step: - type: "ShellScript" - name: "enable mongo monitoring" - identifier: "enable_mongo_monitoring" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\nns=<+pipeline.variables.namespace>\nMONGODB_USERNAME=admin;\n\ - MONGODB_PASSWORD=$(kubectl get secret -n $ns mongodb-replicaset-chart\ - \ -o jsonpath={.data.mongodb-root-password} | base64 --decode\ - \ | awk '{print $1}')\nMONGO_URI=\"mongodb://$MONGODB_USERNAME:$MONGODB_PASSWORD@mongodb-replicaset-chart-0.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-1.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-2.mongodb-replicaset-chart.$ns.svc:27017/harness?replicaSet=rs0&authSource=admin\"\ - \nkubectl exec -it mongodb-replicaset-chart-0 -n $ns -- mongo\ - \ \"$MONGO_URI\" --quiet --eval \"db.enableFreeMonitoring()\"\ - \n" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_name>" - timeout: "10m" - failureStrategies: [] - tags: {} - when: - pipelineStatus: "Success" - condition: "<+pipeline.variables.smp_setup> != \"NONE\"" - - stage: - name: "account and data setup" - identifier: "account_and_data_setup" - description: "" - type: "Custom" - spec: - execution: - steps: - - stepGroup: - name: "account" - identifier: "new_account" - steps: - - step: - type: "ShellScript" - name: "setup account" - identifier: "setup_account" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\niteration=<+strategy.iteration>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ - ns=<+pipeline.variables.namespace>\nurl=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ - \nname=smp_account_${randomNum}_${iteration}\nusername=admin_${randomNum}_${iteration}@harnessioprivate.testinator.com\n\ - password=<+secrets.getValue(\"perf_smp_password\")>\ngateway=/gateway\n\ - url=\"${url//$gateway/}\"\n\n# create new account\n\necho\ - \ \"CREATING NEW ACCOUNT in SMP..\"\nCREATE_SMP_ACCOUNT=\"\ - `curl --location --request POST $url'/api/users/new-trial'\ - \ \\\n--header 'Content-Type: application/json' \\\n--data-raw\ - \ '{\n \"name\": \"'$name'\",\n \"email\": \"'$username'\"\ - ,\n \"password\": \"'$password'\",\n \"accountName\"\ - : \"test account\",\n \"companyName\": \"test company\"\ - ,\n \"createdFromNG\": false\n}'`\"\necho \"CREATE_SMP_ACCOUNT_RESPONSE\ - \ ::\"\necho ${CREATE_SMP_ACCOUNT}\n\n# get invite token\n\ - MONGODB_USERNAME=admin;\nMONGODB_PASSWORD=$(kubectl get\ - \ secret -n $ns mongodb-replicaset-chart -o jsonpath={.data.mongodb-root-password}\ - \ | base64 --decode | awk '{print $1}')\nMONGO_URI=\"mongodb://$MONGODB_USERNAME:$MONGODB_PASSWORD@mongodb-replicaset-chart-0.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-1.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-2.mongodb-replicaset-chart.$ns.svc:27017/harness?replicaSet=rs0&authSource=admin\"\ - \ninviteToken=(`kubectl exec -it mongodb-replicaset-chart-0\ - \ -n $ns -- mongo \"$MONGO_URI\" --quiet --eval \"db.getCollection('userInvites').find({email:'$username'})\"\ - \ | grep _id | cut -d : -f2 | cut -d , -f1`)\nquotes='\\\ - \"'\ninviteToken=\"${inviteToken//$quotes/}\"\necho \"INVITE\ - \ TOKEN :: \" ${inviteToken} \n\n# accept invite and activate\ - \ account\nACTIVATE_ACCOUNT=\"`curl --location --request\ - \ PUT $url'/api/users/invites/trial/'${inviteToken}'/new-signin'\ - \ \\\n--header 'accept: application/json'`\"\necho \"ACTIVATE_ACCOUNT_RESPONSE\ - \ ::\"\necho ${ACTIVATE_ACCOUNT}\naccountId=(`echo ${ACTIVATE_ACCOUNT}\ - \ | grep -o '\"defaultAccountId\":\"[^\"]*' | cut -d : -f2\ - \ | cut -d \"\\\"\" -f2`)\n\nif [[ ${accountId} == \"\"\ - \ ]]; then\n echo \"ACCOUNT ACTIVATION FAILED..\"\n \ - \ exit 1\nelse\n echo \"ACCOUNT ACTIVATION SUCCESSFUL\"\ - \t\nfi\n\nsleep 1\n\n" - environmentVariables: [] - outputVariables: - - name: "accountId" - type: "String" - value: "accountId" - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_name>" - timeout: "10m" - failureStrategies: [] - - step: - type: "ShellScript" - name: "add licenses" - identifier: "add_licenses" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\niteration=<+strategy.iteration>\nadmin_portal_password=<+secrets.getValue(\"\ - admin_portal_password\")>\naccountId=<+execution.steps.new_account.steps.setup_account.output.outputVariables.accountId>\n\ - url=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ - \n# enable NG\nENABLE_NG=\"`curl --location --request PUT\ - \ $url'/api/admin/accounts/'${accountId}'/nextgen-enabled?enabled=true'\ - \ \\\n--header 'Authorization: AdminPortal '${admin_portal_password}''`\"\ - \necho \"ENABLE_NG_RESPONSE ::\"\necho ${ENABLE_NG}\n\n\ - # add licenses\nCD_LICENSE_RESULT=(`curl --location --request\ - \ POST $url'/api/admin/accounts/'${accountId}'/ng/license?routingId='${accountId}''\ - \ \\\n--header 'Accept: application/json' \\\n--header 'Authorization:\ - \ AdminPortal '${admin_portal_password}'' \\\n--header 'Content-Type:\ - \ application/json' \\\n--data-raw '{\n \"accountIdentifier\"\ - : \"'${accountId}'\",\n \"moduleType\": \"CI\",\n \ - \ \"edition\": \"ENTERPRISE\",\n \"licenseType\": \"\ - PAID\",\n \"status\": \"ACTIVE\",\n \"startTime\"\ - : 1676459368000,\n \"expiryTime\": 1992078568000,\n \ - \ \"numberOfCommitters\": 500,\n \"selfService\": true\n\ - }'`)\necho \"CD_LICENSE_RESULT :\"\necho ${CD_LICENSE_RESULT}\n\ - \nCI_LICENSE_RESULT=(`curl --location --request POST $url'/api/admin/accounts/'${accountId}'/ng/license?routingId='${accountId}''\ - \ \\\n--header 'Accept: application/json' \\\n--header 'Authorization:\ - \ AdminPortal '${admin_portal_password}'' \\\n--header 'Content-Type:\ - \ application/json' \\\n--data-raw '{\n \"accountIdentifier\"\ - : \"'${accountId}'\",\n \"moduleType\": \"CD\",\n \ - \ \"edition\": \"ENTERPRISE\",\n \"licenseType\": \"\ - PAID\",\n \"status\": \"ACTIVE\",\n \"startTime\"\ - : 1676459368000,\n \"expiryTime\": 1992078568000,\n \ - \ \"workloads\": 500,\n \"cdLicenseType\": \"SERVICES\"\ - ,\n \"selfService\": true\n}'`)\necho \"CI_LICENSE_RESULT\ - \ :\"\necho ${CI_LICENSE_RESULT}\n\n" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_name>" - timeout: "10m" - failureStrategies: [] - - step: - type: "ShellScript" - name: "add user to harnessUG" - identifier: "add_user_to_harnessUG" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\niteration=<+strategy.iteration>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ - ns=<+pipeline.variables.namespace>\n\nusername=admin_${randomNum}_${iteration}@harnessioprivate.testinator.com\n\ - admin_portal_password=<+secrets.getValue(\"admin_portal_password\"\ - )>\n\n# add user to harnessUG\nMONGODB_USERNAME=admin;\n\ - MONGODB_PASSWORD=$(kubectl get secret -n $ns mongodb-replicaset-chart\ - \ -o jsonpath={.data.mongodb-root-password} | base64 --decode\ - \ | awk '{print $1}')\nMONGO_URI=\"mongodb://$MONGODB_USERNAME:$MONGODB_PASSWORD@mongodb-replicaset-chart-0.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-1.mongodb-replicaset-chart.$ns.svc,mongodb-replicaset-chart-2.mongodb-replicaset-chart.$ns.svc:27017/harness?replicaSet=rs0&authSource=admin\"\ - \n\nkubectl exec -it mongodb-replicaset-chart-0 -n $ns --\ - \ mongo \"$MONGO_URI\" --quiet --eval \"db.harnessUserGroups.insertOne({'name':'readOnly','memberIds':db.users.distinct('_id',{email:'\"\ - $username\"'})})\"\n\n" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_name>" - timeout: "10m" - failureStrategies: [] - when: - stageStatus: "Success" - condition: "<+pipeline.variables.new_account> == \"true\"" - failureStrategies: [] - spec: {} - - step: - type: "ShellScript" - name: "setup data" - identifier: "setup_data" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\niteration=<+strategy.iteration>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ - \nif [[ <+pipeline.variables.new_account> == \"true\" ]]; then\n\ - \ username=admin_${randomNum}_${iteration}@harnessioprivate.testinator.com\n\ - \ password=<+secrets.getValue(\"perf_smp_password\")>\nelse\n\ - \ username=<+pipeline.variables.existing_username>\n password=<+pipeline.variables.existing_password>\n\ - fi\n\n\n# create api key and api token\n\n# get bearer token\n\ - b64Str=$(echo -n ''${username}:${password}'' | base64 -w 0)\n\ - LOGIN_RESULT=\"`curl --location --request POST 'http://<+pipeline.variables.load_balancer_ip>/gateway/api/users/login'\ - \ \\\n--header 'content-type: application/json' \\\n--data-raw\ - \ '{\"authorization\":\"Basic '${b64Str}'\"}'`\"\necho \"LOGIN_RESULT\ - \ ::\"\necho ${LOGIN_RESULT}\naccountId=(`echo ${LOGIN_RESULT}\ - \ | grep -o '\"defaultAccountId\":\"[^\"]*' | cut -d : -f2 |\ - \ cut -d \"\\\"\" -f2`)\ntoken=(`echo ${LOGIN_RESULT} | grep\ - \ -o '\"token\":\"[^\"]*' | cut -d : -f2 | cut -d \"\\\"\" -f2`)\n\ - userId=(`echo ${LOGIN_RESULT} | grep -o '\"uuid\":\"[^\"]*'\ - \ | cut -d : -f2 | cut -d \"\\\"\" -f2`)\n\n# accountId=`echo\ - \ ${LOGIN_RESULT} | jq -r '.resource.defaultAccountId'`\n# token=`echo\ - \ ${LOGIN_RESULT} | jq -r '.resource.token'`\n# userId=`echo\ - \ ${LOGIN_RESULT} | jq -r '.resource.uuid'`\n\n# create apikey\n\ - APIKEY_RESULT=(`curl --location --request POST 'http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/apikey?accountId='${accountId}'&accountIdentifier='${accountId}''\ - \ \\\n--header 'authorization: Bearer '${token}'' \\\n--header\ - \ 'Content-Type: application/json' \\\n--data-raw '{\n \"\ - accountIdentifier\": \"'${accountId}'\",\n \"parentIdentifier\"\ - : \"'${userId}'\",\n \"apiKeyType\": \"USER\",\n \"identifier\"\ - : \"perf_apikey_'${randomNum}'_'${iteration}'\",\n \"name\"\ - : \"perf_apikey_'${randomNum}'_'${iteration}'\",\n \"description\"\ - : \"Automated api key\"\n}'`)\necho \"APIKEY_RESULT ::\"\necho\ - \ ${APIKEY_RESULT}\n\n# create api token\nAPITOKEN_RESULT=\"\ - `curl --location --request POST 'http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/token?accountId='${accountId}'&accountIdentifier='${accountId}''\ - \ \\\n--header 'authorization: Bearer '${token}'' \\\n--header\ - \ 'Content-Type: application/json' \\\n--data-raw '{\n \"\ - accountIdentifier\": \"'${accountId}'\",\n \"parentIdentifier\"\ - : \"'${userId}'\",\n \"apiKeyType\": \"USER\",\n \"apiKeyIdentifier\"\ - : \"perf_apikey_'${randomNum}'_'${iteration}'\",\n \"identifier\"\ - : \"perf_apitoken_'${randomNum}'_'${iteration}'\",\n \"name\"\ - : \"perf_apitoken_'${randomNum}'\",\n \"description\": \"\ - Automated token\",\n \"tags\": {\n \"tag\": \"Automation\ - \ Tag\"\n }\n}'`\"\necho \"APITOKEN_RESULT ::\"\necho ${APITOKEN_RESULT}\n\ - apiToken=(`echo ${APITOKEN_RESULT} | grep -o '\"data\":\"[^\"\ - ]*' | cut -d : -f2 | cut -d \"\\\"\" -f2`)\n\nsleep 1\n# update\ - \ default experience to NG\nCHANGE_DEFAULT_EXP_TO_NG=\"`curl\ - \ --location --request PUT 'http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/accounts/'${accountId}'/default-experience?routingId='${accountId}''\ - \ \\\n--header 'x-api-key: '${apiToken}'' \\\n--header 'Content-Type:\ - \ application/json' \\\n--data-raw '{\n \"defaultExperience\"\ - : \"NG\"\n}'`\"\necho \"CHANGE_DEFAULT_EXP_TO_NG_RESPONSE ::\"\ - \necho ${CHANGE_DEFAULT_EXP_TO_NG}\n\n\n# validation\n\nif [[\ - \ (\"$username\" != \"null\" && \"$username\" != \"\") && (\"\ - $password\" != \"null\" && \"$password\" != \"\") && (\"$accountId\"\ - \ != \"null\" && \"$accountId\" != \"\") && (\"$apiToken\" !=\ - \ \"null\" && \"$apiToken\" != \"\") && (\"$token\" != \"null\"\ - \ && \"$token\" != \"\") ]]; then\n echo \"ALL REQUIRED DETAILS\ - \ ARE AVAILABLE TO PROCEED..\"\nelse\n echo \"REQUIRED DETAILS\ - \ ARE MISSING..\"\n exit 1\nfi\n\ndelName=\"del-\"`echo $accountId\ - \ | sed -r 's/_/-/g' | tr '[:upper:]' '[:lower:]'`\"-gate\"\n\ - delNamespace=\"ns-\"`date +%s`\"-\"${iteration}\n" - environmentVariables: [] - outputVariables: - - name: "username" - type: "String" - value: "username" - - name: "password" - type: "String" - value: "password" - - name: "accountId" - type: "String" - value: "accountId" - - name: "token" - type: "String" - value: "token" - - name: "apiToken" - type: "String" - value: "apiToken" - - name: "delName" - type: "String" - value: "delName" - - name: "delNamespace" - type: "String" - value: "delNamespace" - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_name>" - timeout: "10m" - failureStrategies: [] - - stepGroup: - name: "delegate" - identifier: "new_delegate" - steps: - - step: - type: "ShellScript" - name: "check namespace" - identifier: "check_namespace" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "resp=`kubectl describe ns <+execution.steps.setup_data.output.outputVariables.delNamespace>\ - \ | grep \"Active\"`\n\nif [[ $resp == '' ]]; then\n\techo\ - \ \"namespace does not exists, will generate new namespace\ - \ with name = <+pipeline.variables.namespace>\"\n\tkubectl\ - \ create ns <+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ - \tkubectl get ns <+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ - else\n\techo \"namespace with name = <+execution.steps.setup_data.output.outputVariables.delNamespace>\ - \ already exists, skipping\"\nfi" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_1_name>" - timeout: "10m" - failureStrategies: [] - - step: - type: "ShellScript" - name: "configmap legacy delegate" - identifier: "configmap_legacy_delegate" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\nns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ - \necho 'apiVersion: v1\nkind: ConfigMap\nmetadata:\n name:\ - \ perf-vault-agent\n namespace: '$ns'\ndata:\n vault-agent.sh:\ - \ |\n apt-get update -y\n apt-get upgrade -y\n \ - \ apt-get install wget lsb-release jq -y\n wget -O- https://apt.releases.hashicorp.com/gpg\ - \ | gpg --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg\n\ - \ echo \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]\ - \ https://apt.releases.hashicorp.com $(lsb_release -cs)\ - \ main\" | tee /etc/apt/sources.list.d/hashicorp.list\n\ - \ apt update && apt install vault\n\n export VAULT_ADDR=https://vaultqa.harness.io\n\ - \ vault login s.2h94W3YBKnPda8YCcBBVSz77\n vault write\ - \ auth/approle/role/my_apps_v2 policies=vault_agent_write_v2_policy\ - \ token_ttl=18000h token_num_uses=0\n vault read auth/approle/role/my_apps_v2\n\ - \ vault read -format=json auth/approle/role/my_apps_v2/role-id\ - \ | jq -r '.data.role_id' > my_apps_v2_roleID_v2\n\ - \ vault read auth/approle/role/my_apps_v2/role-id\n \ - \ vault write -f -format=json auth/approle/role/my_apps_v2/secret-id\ - \ secret_id_ttl=999999999 secret_id_num_uses=999999999\ - \ | jq -r '.data.secret_id' > my_apps_v2_secretID_v2\n\ - \ secretID_v2=`cat my_apps_v2_secretID_v2`\n role_id_v2=`cat\ - \ my_apps_v2_roleID_v2`\n vault write auth/approle/login\ - \ role_id=\"${role_id_v2}\" secret_id=\"${secretID_v2}\"\ - \n nohup vault agent -config=agent-config-v-2.hcl -log-level=debug\ - \ &\n agent-config-v-2.hcl: |\n exit_after_auth = false\n\ - \ pid_file = \"./pidfile\"\n\n auto_auth {\n \ - \ method \"approle\" {\n mount_path = \"auth/approle\"\ - \n config = {\n role_id_file_path\ - \ = \"my_apps_v2_roleID_v2\"\n secret_id_file_path\ - \ = \"my_apps_v2_secretID_v2\"\n remove_secret_id_file_after_reading\ - \ = false\n }\n }\n\n sink \"file\"\ - \ {\n config = {\n path = \"approleTokenPerfv2\"\ - \n mode = 400\n }\n }\n \ - \ }\n\n vault {\n address = \"https://vaultqa.harness.io\"\ - \n }' > configmap_legacy_del_\"${ns}\".yaml\n\ncat configmap_legacy_del_\"\ - ${ns}\".yaml \n" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_1_name>" - timeout: "10m" - failureStrategies: [] - - step: - type: "ShellScript" - name: "configmap rhel delegate" - identifier: "configmap_rhel_delegate" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\nns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ - \necho 'apiVersion: v1\nkind: ConfigMap\nmetadata:\n name:\ - \ perf-vault-agent-rhel-based\n namespace: '$ns'\ndata:\n\ - \ vault-agent.sh: |\n microdnf install wget\n microdnf\ - \ install jq\n microdnf install redhat-lsb-core\n \ - \ microdnf install yum\n yum install -y yum-utils\n \ - \ yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo\n\ - \ yum -y install vault\n microdnf reinstall vault\n\ - \ wget -O- https://rpm.releases.hashicorp.com/gpg | gpg\ - \ --dearmor | tee /usr/share/keyrings/hashicorp-archive-keyring.gpg\n\ - \ echo \"deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg]\ - \ https://rpm.releases.hashicorp.com $(lsb_release -cs)\ - \ main\" | tee /etc/apt/sources.list.d/hashicorp.list\n\n\ - \ export VAULT_ADDR=https://vaultqa.harness.io\n vault\ - \ login s.2h94W3YBKnPda8YCcBBVSz77\n vault write auth/approle/role/my_apps_v2\ - \ policies=vault_agent_write_v2_policy token_ttl=18000h\ - \ token_num_uses=0\n vault read auth/approle/role/my_apps_v2\n\ - \ vault read -format=json auth/approle/role/my_apps_v2/role-id\ - \ | jq -r '.data.role_id' > my_apps_v2_roleID_v2\n\ - \ vault read auth/approle/role/my_apps_v2/role-id\n \ - \ vault write -f -format=json auth/approle/role/my_apps_v2/secret-id\ - \ secret_id_ttl=999999999 secret_id_num_uses=999999999\ - \ | jq -r '.data.secret_id' > my_apps_v2_secretID_v2\n\ - \ secretID_v2=`cat my_apps_v2_secretID_v2`\n role_id_v2=`cat\ - \ my_apps_v2_roleID_v2`\n vault write auth/approle/login\ - \ role_id=\"${role_id_v2}\" secret_id=\"${secretID_v2}\"\ - \n nohup vault agent -config=agent-config-rhel-based.hcl\ - \ -log-level=debug &\n agent-config-rhel-based.hcl: |\n\ - \ exit_after_auth = false\n pid_file = \"./pidfile\"\ - \n\n auto_auth {\n method \"approle\" {\n \ - \ mount_path = \"auth/approle\"\n config\ - \ = {\n role_id_file_path = \"my_apps_v2_roleID_v2\"\ - \n secret_id_file_path = \"my_apps_v2_secretID_v2\"\ - \n remove_secret_id_file_after_reading = false\n\ - \ }\n }\n\n sink \"file\" {\n \ - \ config = {\n path = \"approleTokenPerfv2\"\ - \n mode = 400\n }\n }\n \ - \ }\n\n vault {\n address = \"https://vaultqa.harness.io\"\ - \n }' > configmap_rhel_del_\"${ns}\".yaml\n\ncat configmap_rhel_del_\"\ - ${ns}\".yaml" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_1_name>" - timeout: "10m" - failureStrategies: [] - - step: - type: "ShellScript" - name: "setup delegate" - identifier: "setup_delegate" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "# input\nurl=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ - randomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ - ns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ - \ncurl -k -o <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ - \ -X POST \\\n ''$url'/ng/api/download-delegates/kubernetes?accountIdentifier=<+execution.steps.setup_data.output.outputVariables.accountId>'\ - \ \\\n -H 'Content-Type: application/json' \\\n -H 'x-api-key:\ - \ <+execution.steps.setup_data.output.outputVariables.apiToken>'\ - \ \\\n -d '{\n \"name\": \"<+execution.steps.setup_data.output.outputVariables.delName>\"\ - ,\n \"description\": \"Testing\",\n \"size\": \"LAPTOP\"\ - ,\n \"tags\": [\n \"perf-delegate\"\n ],\n \ - \ \"tokenName\": \"default_token\",\n \"clusterPermissionType\"\ - : \"CLUSTER_ADMIN\",\n \"customClusterNamespace\": \"\ - '$ns'\"\n }'\n\nwhile ( cat <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ - \ | grep '\"code\":\"NG_ACCESS_DENIED\"' )\ndo \n echo\ - \ \"NG_ACCESS_DENIED..re-try DELEGATE DOWNLOAD after 30s\"\ - ;\n sleep 30\n curl -k -o <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ - \ -X POST \\\n ''$url'/ng/api/download-delegates/kubernetes?accountIdentifier=<+execution.steps.setup_data.output.outputVariables.accountId>'\ - \ \\\n -H 'Content-Type: application/json' \\\n -H 'x-api-key:\ - \ <+execution.steps.setup_data.output.outputVariables.apiToken>'\ - \ \\\n -d '{\n \"name\": \"<+execution.steps.setup_data.output.outputVariables.delName>\"\ - ,\n \"description\": \"Testing\",\n \"size\": \"LAPTOP\"\ - ,\n \"tags\": [\n \"perf-delegate\"\n ],\n \ - \ \"tokenName\": \"default_token\",\n \"clusterPermissionType\"\ - : \"CLUSTER_ADMIN\",\n \"customClusterNamespace\": \"\ - '$ns'\"\n }'\ndone\n\n \nsed -i 's/name: harness-delegate-ng/name:\ - \ '$ns'/g' <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - sed -i 's/namespace: harness-delegate-ng/namespace: '$ns'/g'\ - \ <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - sed -i 's/cpu: \\\"0.5\\\"/cpu: \\\"1\\\"/g' <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - # sed -i 's/replicas: 1/replicas: <+pipeline.variables.delegateReplicas>/g'\ - \ <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - \n# rhel based\nsed -i 's@log-service/\"@log-service/\"\\\ - n volumeMounts:\\n - name: config-volume\\\ - n mountPath: /opt/harness-delegate/agent-config-rhel-based.hcl\\\ - n subPath: agent-config-rhel-based.hcl\\n \ - \ - name: config-volume\\n mountPath: /opt/harness-delegate/vault-agent.sh\\\ - n subPath: vault-agent.sh\\n lifecycle:\\\ - n postStart:\\n exec:\\n \ - \ command: [\"/bin/sh\", \"-c\", \"./vault-agent.sh\ - \ > /opt/harness-delegate/vault.log 2> /dev/null \\&\"]\\\ - n volumes:\\n - name: config-volume\\n \ - \ configMap:\\n name: perf-vault-agent-rhel-based\\\ - n defaultMode: 0777@g' <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - \n# non-rhel based\n# sed -i 's@restartPolicy: Always@\\\ - n volumeMounts:\\n - name: config-volume\\\ - n mountPath: /opt/harness-delegate/agent-config-v-2.hcl\\\ - n subPath: agent-config-v-2.hcl\\n - name:\ - \ config-volume\\n mountPath: /opt/harness-delegate/vault-agent.sh\\\ - n subPath: vault-agent.sh\\n lifecycle:\\\ - n postStart:\\n exec:\\n \ - \ command: [\"/bin/sh\", \"-c\", \"./vault-agent.sh\ - \ > /opt/harness-delegate/vault.log 2> /dev/null \\&\"]\\\ - n volumes:\\n - name: config-volume\\n \ - \ configMap:\\n name: perf-vault-agent\\n \ - \ defaultMode: 0777\\n restartPolicy: Always\\\ - n@g' $fileName\n\nkubectl apply -f configmap_legacy_del_\"\ - ${ns}\".yaml\nkubectl apply -f configmap_rhel_del_\"${ns}\"\ - .yaml\n\nkubectl apply -f <+execution.steps.setup_data.output.outputVariables.delName>.yaml\ - \ > <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n\ - \ \nif [[ ! -s <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\ - \ ]]\nthen\n echo \"DELEGATE CREATION FAILED\"\n echo\ - \ \"EMPTY LOG FILE\"\n echo \"printing delegate install\ - \ log..\"\n cat <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n\ - \ cat <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - \ exit 1\nelse\n if grep \"error\" <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\ - \ || grep \"ERROR\" <+execution.steps.setup_data.output.outputVariables.delName>_log.txt;\ - \ then\n echo \"DELEGATE CREATION FAILED\"\n echo\ - \ \"ERROR FOUND..\"\n echo \"printing delegate install\ - \ log..\"\n cat <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n\ - \ cat <+execution.steps.setup_data.output.outputVariables.delName>.yaml\n\ - \ exit 1\n fi \nfi\n\necho \"printing delegate install\ - \ log..\"\ncat <+execution.steps.setup_data.output.outputVariables.delName>_log.txt\n" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_1_name>" - timeout: "10m" - failureStrategies: [] - when: - stageStatus: "Success" - condition: "<+pipeline.variables.provision_data> == \"true\"" - failureStrategies: [] - spec: {} - - step: - type: "ShellScript" - name: "validate delegate conn" - identifier: "validate_delegate_conn" - spec: - shell: "Bash" - onDelegate: true - source: - type: "Inline" - spec: - script: "\n\nwhile !( echo `curl --location --request GET 'http://<+pipeline.variables.load_balancer_ip>/gateway/api/setup/delegates/ng/v2?routingId=<+execution.steps.setup_data.output.outputVariables.accountId>&accountId=<+execution.steps.setup_data.output.outputVariables.accountId>&pageIndex=0&pageSize=50'\ - \ --header 'Authorization: Bearer <+execution.steps.setup_data.output.outputVariables.token>'`\ - \ | grep '\"connectivityStatus\":\"connected\"' )\ndo \n \ - \ echo \"re-try DELEGATE STATUS..\";\n sleep 10\ndone\n\n\ - # will timeout after 5mins\n" - environmentVariables: [] - outputVariables: [] - delegateSelectors: - - "<+pipeline.variables.cluster_delegate_name>" - timeout: "5m" - failureStrategies: [] - when: - stageStatus: "Success" - condition: "<+pipeline.variables.provision_data> == \"true\"" - - stepGroup: - name: "provision data" - identifier: "provision_data" - steps: - - step: - type: "Container" - name: "create users and user groups" - identifier: "jmeter" - spec: - connectorRef: "account.gcpplatform" - image: "us.gcr.io/platform-205701/perf-test:latest" - command: "# git clone\ngitoken=<+secrets.getValue(\"gitoken_donotuse\"\ - )>\ngit config --global user.email \"siraj.khan@harness.io\"\ - \ngit config --global user.name \"siraj-io\"\ngit clone \"https://siraj-io:\"\ - $gitoken\"@github.com/wings-software/Performance.git\"\n\n\n\ - # input\nurl=<+pipeline.variables.load_balancer_ip>\nrandomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ - \noktaUrl=dev-274703.oktapreview.com\noktaKey='<+secrets.getValue(\"\ - perf_okta_key\")>'\n\n# user_scim_prefix = perf_user_scim__\ - \ (if left blank)\n# user_scim_prefix = perf_user_scim_ -> should\ - \ be set when there is no existing user with this prefix and\ - \ it would also match with actual scim users in okta\nuser_scim_prefix=perf_user_scim_\n\ - \n\ncd ../apache-jmeter-5.5/bin\n\nexport JVM_ARGS=\"-Dnashorn.args=--no-deprecation-warning\"\ - \n./jmeter -v\n./jmeter -n -t /harness/Performance/jmeter/perf_testdata.jmx\ - \ -l /harness/Performance/jmeter/results/output.csv -e -o /harness/Performance/jmeter/results\ - \ -Jurl=$url -JaccountId=<+execution.steps.setup_data.output.outputVariables.accountId>\ - \ -JuniqueId=$randomNum -Jusername=<+execution.steps.setup_data.output.outputVariables.username>\ - \ -Jpassword=<+execution.steps.setup_data.output.outputVariables.password>\ - \ -JapiToken=<+execution.steps.setup_data.output.outputVariables.apiToken>\ - \ \\\n-Jsuper_username=<+execution.steps.setup_data.output.outputVariables.username>\ - \ -Jsuper_password=<+execution.steps.setup_data.output.outputVariables.password>\ - \ -Jokta_url=$oktaUrl -Jokta_apikey=$oktaKey -Juser_scim_prefix=$user_scim_prefix\n\ - \n############\necho \"print path..\"\n\ncd /harness/Performance/jmeter/results\n\ - ls\n\ncd /apache-jmeter-5.5/bin\nls\n" - shell: "Bash" - infrastructure: - type: "KubernetesDirect" - spec: - connectorRef: "account.harnessciplatformng" - namespace: "harness-delegate-prod" - resources: - limits: - cpu: "2" - memory: "4000Mi" - outputVariables: [] - envVariables: {} - timeout: "1h" - - step: - type: "Http" - name: "user group count" - identifier: "user_group_count" - spec: - url: "http://<+pipeline.variables.load_balancer_ip>/gateway/ng/api/aggregate/acl/usergroups?routingId=<+execution.steps.setup_data.output.outputVariables.accountId>&accountIdentifier=<+execution.steps.setup_data.output.outputVariables.accountId>&pageIndex=0&pageSize=10&searchTerm=perf_ug_<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>&filterType=INCLUDE_INHERITED_GROUPS&sortOrders=lastModifiedAt%2CDESC" - method: "GET" - headers: - - key: "x-api-key" - value: "<+execution.steps.setup_data.output.outputVariables.apiToken>" - - key: "accept" - value: "application/json" - outputVariables: - - name: "ug_count" - value: "<+json.object(httpResponseBody).data.totalItems>" - type: "String" - assertion: "<+httpResponseCode> == 200" - timeout: "1m" - - step: - type: "Container" - name: "create entities" - identifier: "terraform" - spec: - connectorRef: "account.gcpplatform" - image: "us.gcr.io/platform-205701/perf-test:latest" - command: "# git clone\ngitoken=<+secrets.getValue(\"gitoken_donotuse\"\ - )>\ngit config --global user.email \"siraj.khan@harness.io\"\ - \ngit config --global user.name \"siraj-io\"\ngit clone \"https://siraj-io:\"\ - $gitoken\"@github.com/wings-software/Performance.git\"\ncd Performance\n\ - git checkout origin/<+pipeline.variables.provision_data_branch>\n\ - \n# input\nurl=http://<+pipeline.variables.load_balancer_ip>/gateway\n\ - randomNum=<+pipeline.stages.testdata.spec.execution.steps.testdata.output.outputVariables.randomNum>\n\ - ns=<+execution.steps.setup_data.output.outputVariables.delNamespace>\n\ - \n# run script\ncd terraform/scripts\n# get secrets (connector\ - \ credentials)\nsecrets='<+secrets.getValue(\"perf_conn_secrets\"\ - )>'\necho $secrets > secrets.json\n\n# export TF_LOG=DEBUG\n\ - ug_count=<+execution.steps.provision_data.steps.user_group_count.output.outputVariables.ug_count>\n\ - if [[ $ug_count == '' || $ug_count == 0 ]]; then\n ug_count=0\n\ - else\n ug_count=$(($ug_count-1))\nfi\n\norg_count=10\nproject_count=2\n\ - principal_identifier=\"perf_ug_\"$randomNum\n\nterraform init\n\ - terraform plan -var-file=\"secrets.json\" -var='account_info={\"\ - endpoint\":\"'$url'\",\"accountId\":\"<+execution.steps.setup_data.output.outputVariables.accountId>\"\ - ,\"uniqueId\":\"'$randomNum'\",\"apiToken\":\"<+execution.steps.setup_data.output.outputVariables.apiToken>\"\ - ,\"namespace\":\"'$ns'\"}' -var=\"org_count=$org_count\" -var=\"\ - project_count=$project_count\" -var=\"rg_count=$ug_count\" -var=\"\ - role_assignment_count=$ug_count\" -var=\"principal_identifier=$principal_identifier\"\ - \nterraform apply -parallelism=2 -auto-approve -var-file=\"\ - secrets.json\" -var='account_info={\"endpoint\":\"'$url'\",\"\ - accountId\":\"<+execution.steps.setup_data.output.outputVariables.accountId>\"\ - ,\"uniqueId\":\"'$randomNum'\",\"apiToken\":\"<+execution.steps.setup_data.output.outputVariables.apiToken>\"\ - ,\"namespace\":\"'$ns'\"}' -var=\"org_count=$org_count\" -var=\"\ - project_count=$project_count\" -var=\"rg_count=$ug_count\" -var=\"\ - role_assignment_count=$ug_count\" -var=\"principal_identifier=$principal_identifier\"\ - \n" - shell: "Bash" - infrastructure: - type: "KubernetesDirect" - spec: - connectorRef: "account.harnessciplatformng" - namespace: "harness-delegate-prod" - resources: - limits: - cpu: "2" - memory: "4000Mi" - annotations: {} - labels: {} - containerSecurityContext: - capabilities: - drop: [] - add: [] - nodeSelector: {} - outputVariables: [] - envVariables: {} - timeout: "1h" - failureStrategies: [] - when: - stageStatus: "Success" - condition: "<+pipeline.variables.provision_data> == \"true\"" - failureStrategies: [] - spec: {} - tags: {} - when: - pipelineStatus: "Success" - strategy: "<+input>" - variables: - - name: "load_balancer_ip" - type: "String" - default: "NONE" - description: "eg: 34.0.0.0" - value: "<+input>" - - name: "namespace" - type: "String" - default: "NONE" - description: "" - value: "<+input>" - - name: "smp_setup" - type: "String" - default: "NONE" - description: "" - value: "<+input>.allowedValues(install,upgrade,NONE)" - - name: "helm_charts_repo_branch" - type: "String" - description: "" - value: "<+input>" - - name: "override_file" - type: "String" - default: "/medium_overrides.yaml" - description: "" - value: "<+input>" - - name: "cluster_connector_id" - type: "String" - default: "NONE" - description: "" - value: "<+input>" - - name: "cluster_delegate_name" - type: "String" - description: "" - value: "<+input>" - - name: "cluster_delegate_1_name" - type: "String" - description: "" - value: "<+input>" - - name: "new_account" - type: "String" - default: "false" - description: "" - value: "<+input>.allowedValues(true,false)" - - name: "provision_data" - type: "String" - default: "true" - description: "" - value: "<+input>.allowedValues(true,false)" - - name: "provision_data_branch" - type: "String" - description: "" - value: "<+input>" - - name: "existing_username" - type: "String" - default: "NONE" - description: "" - value: "<+input>" - - name: "existing_password" - type: "String" - default: "NONE" - description: "" - value: "<+input>" - allowStageExecutions: false - identifier: "hcdcautomationClone" - name: "hcdc-automation-Clone" From 3d76823c1034b17843412407cc74c05dd64ee4c7 Mon Sep 17 00:00:00 2001 From: rkapoor10 Date: Fri, 28 Apr 2023 18:24:50 +0530 Subject: [PATCH 3/4] Update docker-compose.yml --- docker-compose/harness/docker-compose.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/docker-compose/harness/docker-compose.yml b/docker-compose/harness/docker-compose.yml index 833d27a..1fbb585 100644 --- a/docker-compose/harness/docker-compose.yml +++ b/docker-compose/harness/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.7" services: ng-ui: - image: harness/nextgenui-signed:0.339.20 + image: harness/nextgenui-signed:0.344.19 deploy: resources: limits: @@ -17,7 +17,7 @@ services: harness-network: ng-auth-ui: - image: harness/ng-auth-ui-signed:1.3.3 + image: harness/ng-auth-ui-signed:1.4.0 deploy: resources: limits: @@ -32,7 +32,7 @@ services: harness-network: manager: - image: harness/manager-signed:78425 + image: harness/manager-signed:78927 deploy: resources: limits: @@ -54,7 +54,7 @@ services: harness-network: ng-manager: - image: harness/ng-manager-signed:78425 + image: harness/ng-manager-signed:78927 deploy: resources: limits: @@ -70,7 +70,7 @@ services: harness-network: pipeline-service: - image: harness/pipeline-service-signed:1.21.13 + image: harness/pipeline-service-signed:1.26.9 deploy: resources: limits: @@ -87,7 +87,7 @@ services: harness-network: platform-service: - image: harness/platform-service-signed:78202 + image: harness/platform-service-signed:78602 deploy: resources: limits: @@ -102,7 +102,7 @@ services: harness-network: log-service: - image: harness/log-service-signed:release-18 + image: harness/log-service-signed:release-61-ubi deploy: resources: limits: @@ -130,7 +130,7 @@ services: harness-network: delegate-proxy: - image: harness/delegate-proxy-signed:78111 + image: harness/delegate-proxy-signed:78904 deploy: resources: limits: @@ -181,7 +181,7 @@ services: harness-network: mongo: - image: harness/mongo:4.2.19 + image: harness/mongo:4.4.19 deploy: resources: limits: From bb28072ca94d1926cf9a17f9ed3a1986791d27dd Mon Sep 17 00:00:00 2001 From: rkapoor10 Date: Fri, 28 Apr 2023 18:25:14 +0530 Subject: [PATCH 4/4] Update values.yml --- helm/harness/values.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/helm/harness/values.yaml b/helm/harness/values.yaml index 1a02907..6c3b777 100644 --- a/helm/harness/values.yaml +++ b/helm/harness/values.yaml @@ -47,17 +47,17 @@ secret: # Harness application versions versions: busybox: 1.35.0 - log_service: release-18 - manager: 78425 - mongo: 4.2.19 - ng_auth_ui: 1.3.3 - ng_ui: 0.339.20 + log_service: release-61-ubi + manager: 78927 + mongo: 4.4.19 + ng_auth_ui: 1.4.0 + ng_ui: 0.344.19 nginx: 1.21.4 redis: 6.2.7-alpine scm: release-114-ubi - platform_service: 78202 - delegate_proxy: 78111 - pipeline_service: 1.21.13 + platform_service: 78602 + delegate_proxy: 78904 + pipeline_service: 1.26.9 # Resource request & limit configuration per application ng_ui: