mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
31d05650fb
Currently, only one IPA environment is tested within Docker containers. This is not efficient because Azure's agent gives 6 GB of physical memory and 13 GB of total memory (Feb 2020), but limits CPU with 2 cores. Next examples are for 'master-only' topologies. Let's assume that only one member of github repo simultaneously run CI. This allows to get the full strength of Azure. Concurrency results for TestInstallMaster: ------------------------------------------ | job concurrency | time/jobs | ------------------------------------------ | 5 | 40/5 | | 4 | 34/4 | | 3 | 25/3 | | 2 | 19/2 | | 1 | 17/1 | ------------------------------------------ Results prove the limitation of 2 cores. So, in case of jobs' number not exceeds the max capacity for parallel jobs(10) the proposed method couldn't save time, but it reduces the used jobs number up to 2 times. In other words, in this case CI could pass 2 x tests. But what if CI was triggered by several PRs? or jobs' number is bigger than 10. For example, there are 20 tests to be run. Concurrency results for TestInstallMaster and 20 input jobs: ------------------------------------------------------------------ | job concurrency | time | jobs used | jobs free | ------------------------------------------------------------------ | 5 | 40 | 4 | 6 | | 4 | 34 | 5 | 5 | | 3 | 25 | 7 | 3 | | 2 | 19 | 10 | 0 | | 1 | 34 | 20 | 0 | ------------------------------------------------------------------ So, in this case the optimal concurrency would be 4 since it allows to run two CIs simultaneously (20 tasks on board) and get results in 34 minutes for both. In other words, two people could trigger CI from PR and don't wait for each other. New Azure IPA tests workflow: + 1) generate-matrix.py script generates JSON from user's YAML [0] 2) Azure generate jobs using Matrix strategy 3) each job is run in parallel (up to 10) within its own VM (Ubuntu-18.04): a) downloads prepared Docker container image (artifact) from Azure cloud (built on Build Job) and loads the received image into local pool + b) GNU 'parallel' launch each IPA environment in parallel: + 1) docker-compose creates the Docker environment having a required number of replicas and/or clients + 2) setup_containers.py script does the needed container's changes (DNS, SSH, etc.) + 3) launch IPA tests on tests' controller c) publish tests results in JUnit format to provide a comprehensive test reporting and analytics experience via Azure WebUI [1] d) publish regular system logs as artifacts [0]: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/phases?view=azure-devops&tabs=yaml Fixes: https://pagure.io/freeipa/issue/8202 Signed-off-by: Stanislav Levin <slev@altlinux.org> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
97 lines
2.7 KiB
Bash
Executable File
97 lines
2.7 KiB
Bash
Executable File
#!/bin/bash -eux
|
|
|
|
# this script is intended to be run within container
|
|
#
|
|
# distro-specifics
|
|
source "${IPA_TESTS_SCRIPTS}/variables.sh"
|
|
|
|
server_password=Secret123
|
|
|
|
echo "Installing FreeIPA master for the domain ${IPA_TESTS_DOMAIN} and realm ${IPA_TESTS_REALM}"
|
|
|
|
install_result=1
|
|
{ ipa-server-install -U \
|
|
--domain "$IPA_TESTS_DOMAIN" \
|
|
--realm "$IPA_TESTS_REALM" \
|
|
-p "$server_password" -a "$server_password" \
|
|
--setup-dns --setup-kra --auto-forwarders && install_result=0 ; } || \
|
|
install_result=$?
|
|
|
|
rm -rf "$IPA_TESTS_LOGSDIR"
|
|
mkdir "$IPA_TESTS_LOGSDIR"
|
|
pushd "$IPA_TESTS_LOGSDIR"
|
|
tests_result=1
|
|
|
|
if [ "$install_result" -eq 0 ] ; then
|
|
echo "Run IPA tests"
|
|
echo "Installation complete. Performance of individual steps:"
|
|
grep 'service duration:' /var/log/ipaserver-install.log | sed -e 's/DEBUG //g'
|
|
|
|
sed -ri "s/mode = production/mode = development/" /etc/ipa/default.conf
|
|
systemctl restart "$HTTPD_SYSTEMD_NAME"
|
|
firewalld_cmd --add-service={freeipa-ldap,freeipa-ldaps,dns}
|
|
|
|
echo ${server_password} | kinit admin && ipa ping
|
|
mkdir -p ~/.ipa
|
|
cp -r /etc/ipa/* ~/.ipa/
|
|
echo ${server_password} > ~/.ipa/.dmpw
|
|
echo 'wait_for_dns=5' >> ~/.ipa/default.conf
|
|
|
|
ipa-test-config --help
|
|
ipa-test-task --help
|
|
ipa-run-tests --help
|
|
|
|
{ ipa-run-tests \
|
|
--logging-level=debug \
|
|
--logfile-dir="$IPA_TESTS_LOGSDIR" \
|
|
--verbose \
|
|
--with-xunit \
|
|
'-k not test_dns_soa' \
|
|
$IPA_TESTS_TO_IGNORE \
|
|
$IPA_TESTS_TO_RUN && tests_result=0 ; } || \
|
|
tests_result=$?
|
|
else
|
|
echo "ipa-server-install failed with code ${install_result}, skip IPA tests"
|
|
fi
|
|
|
|
echo "Potential Python 3 incompatibilities in the IPA framework:"
|
|
grep -n -C5 BytesWarning "$HTTPD_ERRORLOG" || echo "Good, none detected"
|
|
|
|
echo "State of the directory server instance, httpd databases, PKI CA database:"
|
|
ls -laZ \
|
|
/etc/dirsrv/slapd-*/ \
|
|
"${HTTPD_ALIASDIR}/" \
|
|
/var/lib/ \
|
|
/etc/pki/pki-tomcat/alias/ \
|
|
||:
|
|
ls -laZ \
|
|
/var/lib/ipa/certs/ \
|
|
/var/lib/ipa/passwds/ \
|
|
/var/lib/ipa/private/ \
|
|
||:
|
|
|
|
echo "Uninstall the server"
|
|
ipa-server-install --uninstall -U
|
|
# second uninstall to verify that --uninstall without installation works
|
|
ipa-server-install --uninstall -U
|
|
|
|
|
|
if [ "$install_result" -eq 0 ] ; then
|
|
firewalld_cmd --remove-service={freeipa-ldap,freeipa-ldaps,dns}
|
|
fi
|
|
|
|
echo "Collect the logs"
|
|
journalctl -b --no-pager > systemd_journal.log
|
|
tar --ignore-failed-read --remove-files -czf var_log.tar.gz \
|
|
/var/log/dirsrv \
|
|
"$HTTPD_LOGDIR" \
|
|
/var/log/ipa* \
|
|
/var/log/krb5kdc.log \
|
|
/var/log/pki \
|
|
/var/log/samba \
|
|
"$BIND_DATADIR" \
|
|
systemd_journal.log
|
|
|
|
# Final result depends on the exit code of the ipa-run-tests
|
|
test "$tests_result" -eq 0 -a "$install_result" -eq 0
|