freeipa/ipatests/azure/scripts/azure-run-base-tests.sh

97 lines
2.7 KiB
Bash
Raw Normal View History

Azure: Add support for testing multi IPA environments Currently, only one IPA environment is tested within Docker containers. This is not efficient because Azure's agent gives 6 GB of physical memory and 13 GB of total memory (Feb 2020), but limits CPU with 2 cores. Next examples are for 'master-only' topologies. Let's assume that only one member of github repo simultaneously run CI. This allows to get the full strength of Azure. Concurrency results for TestInstallMaster: ------------------------------------------ | job concurrency | time/jobs | ------------------------------------------ | 5 | 40/5 | | 4 | 34/4 | | 3 | 25/3 | | 2 | 19/2 | | 1 | 17/1 | ------------------------------------------ Results prove the limitation of 2 cores. So, in case of jobs' number not exceeds the max capacity for parallel jobs(10) the proposed method couldn't save time, but it reduces the used jobs number up to 2 times. In other words, in this case CI could pass 2 x tests. But what if CI was triggered by several PRs? or jobs' number is bigger than 10. For example, there are 20 tests to be run. Concurrency results for TestInstallMaster and 20 input jobs: ------------------------------------------------------------------ | job concurrency | time | jobs used | jobs free | ------------------------------------------------------------------ | 5 | 40 | 4 | 6 | | 4 | 34 | 5 | 5 | | 3 | 25 | 7 | 3 | | 2 | 19 | 10 | 0 | | 1 | 34 | 20 | 0 | ------------------------------------------------------------------ So, in this case the optimal concurrency would be 4 since it allows to run two CIs simultaneously (20 tasks on board) and get results in 34 minutes for both. In other words, two people could trigger CI from PR and don't wait for each other. New Azure IPA tests workflow: + 1) generate-matrix.py script generates JSON from user's YAML [0] 2) Azure generate jobs using Matrix strategy 3) each job is run in parallel (up to 10) within its own VM (Ubuntu-18.04): a) downloads prepared Docker container image (artifact) from Azure cloud (built on Build Job) and loads the received image into local pool + b) GNU 'parallel' launch each IPA environment in parallel: + 1) docker-compose creates the Docker environment having a required number of replicas and/or clients + 2) setup_containers.py script does the needed container's changes (DNS, SSH, etc.) + 3) launch IPA tests on tests' controller c) publish tests results in JUnit format to provide a comprehensive test reporting and analytics experience via Azure WebUI [1] d) publish regular system logs as artifacts [0]: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/phases?view=azure-devops&tabs=yaml Fixes: https://pagure.io/freeipa/issue/8202 Signed-off-by: Stanislav Levin <slev@altlinux.org> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2020-02-10 10:12:23 -06:00
#!/bin/bash -eux
# this script is intended to be run within container
#
# distro-specifics
source "${IPA_TESTS_SCRIPTS}/variables.sh"
server_password=Secret123
echo "Installing FreeIPA master for the domain ${IPA_TESTS_DOMAIN} and realm ${IPA_TESTS_REALM}"
install_result=1
{ ipa-server-install -U \
--domain "$IPA_TESTS_DOMAIN" \
--realm "$IPA_TESTS_REALM" \
-p "$server_password" -a "$server_password" \
--setup-dns --setup-kra --auto-forwarders && install_result=0 ; } || \
install_result=$?
rm -rf "$IPA_TESTS_LOGSDIR"
mkdir "$IPA_TESTS_LOGSDIR"
pushd "$IPA_TESTS_LOGSDIR"
tests_result=1
if [ "$install_result" -eq 0 ] ; then
echo "Run IPA tests"
echo "Installation complete. Performance of individual steps:"
grep 'service duration:' /var/log/ipaserver-install.log | sed -e 's/DEBUG //g'
sed -ri "s/mode = production/mode = development/" /etc/ipa/default.conf
systemctl restart "$HTTPD_SYSTEMD_NAME"
firewalld_cmd --add-service={freeipa-ldap,freeipa-ldaps,dns}
echo ${server_password} | kinit admin && ipa ping
mkdir -p ~/.ipa
cp -r /etc/ipa/* ~/.ipa/
echo ${server_password} > ~/.ipa/.dmpw
echo 'wait_for_dns=5' >> ~/.ipa/default.conf
ipa-test-config --help
ipa-test-task --help
ipa-run-tests --help
{ ipa-run-tests \
--logging-level=debug \
--logfile-dir="$IPA_TESTS_LOGSDIR" \
--verbose \
--with-xunit \
'-k not test_dns_soa' \
$IPA_TESTS_TO_IGNORE \
$IPA_TESTS_TO_RUN && tests_result=0 ; } || \
tests_result=$?
else
echo "ipa-server-install failed with code ${install_result}, skip IPA tests"
fi
echo "Potential Python 3 incompatibilities in the IPA framework:"
grep -n -C5 BytesWarning "$HTTPD_ERRORLOG" || echo "Good, none detected"
echo "State of the directory server instance, httpd databases, PKI CA database:"
ls -laZ \
/etc/dirsrv/slapd-*/ \
"${HTTPD_ALIASDIR}/" \
/var/lib/ \
/etc/pki/pki-tomcat/alias/ \
||:
ls -laZ \
/var/lib/ipa/certs/ \
/var/lib/ipa/passwds/ \
/var/lib/ipa/private/ \
||:
echo "Uninstall the server"
ipa-server-install --uninstall -U
# second uninstall to verify that --uninstall without installation works
ipa-server-install --uninstall -U
if [ "$install_result" -eq 0 ] ; then
firewalld_cmd --remove-service={freeipa-ldap,freeipa-ldaps,dns}
fi
echo "Collect the logs"
journalctl -b --no-pager > systemd_journal.log
tar --ignore-failed-read --remove-files -czf var_log.tar.gz \
/var/log/dirsrv \
"$HTTPD_LOGDIR" \
/var/log/ipa* \
/var/log/krb5kdc.log \
/var/log/pki \
/var/log/samba \
"$BIND_DATADIR" \
systemd_journal.log
# Final result depends on the exit code of the ipa-run-tests
test "$tests_result" -eq 0 -a "$install_result" -eq 0