diff --git a/deploy/copy_cm.sh b/deploy/copy_cm.sh deleted file mode 100755 index d20a6cf2777..00000000000 --- a/deploy/copy_cm.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# Copy configmaps from other namespaces -# DST_NS: Destination namespace - -function copying_cm() { - UTIL_URL=https://raw.githubusercontent.com/mosip/mosip-infra/master/deployment/v3/utils/copy_cm_func.sh - COPY_UTIL=./copy_cm_func.sh - DST_NS=prereg - - wget -q $UTIL_URL -O copy_cm_func.sh && chmod +x copy_cm_func.sh - - $COPY_UTIL configmap global default $DST_NS - $COPY_UTIL configmap artifactory-share artifactory $DST_NS - $COPY_UTIL configmap config-server-share config-server $DST_NS - return 0 -} - -# set commands for error handling. -set -e -set -o errexit ## set -e : exit the script if any statement returns a non-true return value -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errtrace # trace ERR through 'time command' and other functions -set -o pipefail # trace ERR through pipes -copying_cm # calling function diff --git a/deploy/prereg-apitestrig/README.md b/deploy/prereg-apitestrig/README.md index 512b3d19c80..a5e277981d9 100644 --- a/deploy/prereg-apitestrig/README.md +++ b/deploy/prereg-apitestrig/README.md @@ -1,28 +1,44 @@ -# PREREG APITESTRIG +# APITESTRIG -# INSTALL +## Introduction +ApiTestRig will test the working of APIs of the MOSIP modules. -This `install.sh` script automates the process of cloning `mosip-functional-tests` repository from a user-defined specific branch from a Git repository, running an installation script to deploy prereg apitestrig within the cluster, and cleaning up the repository afterward. - -Note: This directory contains `values.yaml` file which contains the latest prereg apitestrig release changes with latest released Docker image and tag. The above install script uses this `values.yaml` by default to deploy apitestrig with latest changes. - -## Prerequisites - -- Ensure you have **git** installed on your machine. -- You need access to the Kubernetes cluster configuration file (`kubeconfig`). -- Ensure you have the necessary permissions to execute shell scripts. - -## Script Usage - -1. **Clone this script to your local machine**. -2. **Run the script using the following command**: - ```bash - ./script.sh - ``` - -## TL;DR - -```console -$ helm repo add mosip https://mosip.github.io -$ helm install my-release mosip/apitestrig -f values.yaml +## Install +* Review `values.yaml` and, Make sure to enable required modules for apitestrig operation. +* Install +```sh +./install.sh ``` +* During the execution of the `install.sh` script, a prompt appears requesting information regarding the presence of a public domain and a valid SSL certificate on the server. +* If the server lacks a public domain and a valid SSL certificate, it is advisable to select the `n` option. Opting it will enable the `init-container` with an `emptyDir` volume and include it in the deployment process. +* The init-container will proceed to download the server's self-signed SSL certificate and mount it to the specified location within the container's Java keystore (i.e., `cacerts`) file. +* This particular functionality caters to scenarios where the script needs to be employed on a server utilizing self-signed SSL certificates. + +## Uninstall +* To uninstall ApiTestRig, run `delete.sh` script. +```sh +./delete.sh +``` + +## Run apitestrig manually + +#### Rancher UI +* Run apitestrig manually via Rancher UI. + ![apitestrig-2.png](../../docs/apitestrig-2.png) +* There are two modes of apitestrig `smoke` & `smokeAndRegression`. +* By default, apitestrig will execute with `smokeAndRegression`.
+ If you want to run apitestrig with only `smoke`.
+ You have to update the `apitestrig` configmap and rerun the specific apitestrig job. + +#### CLI +* Download Kubernetes cluster `kubeconfig` file from `rancher dashboard` to your local. + ![apitestrig-1.png](../../docs/apitestrig-1.png) +* Install `kubectl` package to your local machine. +* Run apitestrig manually via CLI by creating a new job from an existing k8s cronjob. + ``` + kubectl --kubeconfig= -n apitestrig create job --from=cronjob/ + ``` + example: + ``` + kubectl --kubeconfig=/home/xxx/Downloads/qa4.config -n apitestrig create job --from=cronjob/cronjob-apitestrig-masterdata cronjob-apitestrig-masterdata + ``` \ No newline at end of file diff --git a/deploy/prereg-apitestrig/delete.sh b/deploy/prereg-apitestrig/delete.sh new file mode 100644 index 00000000000..10790020391 --- /dev/null +++ b/deploy/prereg-apitestrig/delete.sh @@ -0,0 +1,30 @@ +#!/bin/bash +# Uninstalls apitestrig +## Usage: ./delete.sh [kubeconfig] + +if [ $# -ge 1 ] ; then + export KUBECONFIG=$1 +fi + +function deleting_apitestrig() { + NS=mimoto + while true; do + read -p "Are you sure you want to delete apitestrig helm charts?(Y/n) " yn + if [ $yn = "Y" ] + then + helm -n $NS delete apitestrig + break + else + break + fi + done + return 0 +} + +# set commands for error handling. +set -e +set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errtrace # trace ERR through 'time command' and other functions +set -o pipefail # trace ERR through pipes +deleting_apitestrig # calling function \ No newline at end of file diff --git a/deploy/prereg-apitestrig/install.sh b/deploy/prereg-apitestrig/install.sh index 6f6d7785930..f1a2b4dc91c 100644 --- a/deploy/prereg-apitestrig/install.sh +++ b/deploy/prereg-apitestrig/install.sh @@ -1,52 +1,130 @@ #!/bin/bash +# Installs apitestrig +## Usage: ./install.sh [kubeconfig] -# Prompt the user for the branch name -read -p "Enter the Git branch (default is 'develop'): " GIT_BRANCH -GIT_BRANCH=${GIT_BRANCH:-develop} # Default to 'develop' if no input is provided - -echo "set kubeconfig" -export KUBECONFIG=$1 - -# Set variables -REPO_URL="https://github.com/mosip/mosip-functional-tests.git" -INSTALL_SCRIPT="install.sh" -VALUES_FILE="../../../values.yaml" # Path to your custom values.yaml file - -# Clone the repository -echo "Cloning repository from $REPO_URL on branch $GIT_BRANCH..." -if git clone -b "$GIT_BRANCH" "$REPO_URL" ; then - echo "Repository cloned successfully." -else - echo "Failed to clone repository." - exit 1 +if [ $# -ge 1 ] ; then + export KUBECONFIG=$1 fi -# Navigate to the deployment directory -echo "Navigating to deploy directory..." -git_repo_name="$(basename "$REPO_URL" .git)" +NS=mimoto +CHART_VERSION=0.0.1-develop -cd $git_repo_name +echo Create $NS namespace +kubectl create ns $NS -git sparse-checkout init --cone && git sparse-checkout set deploy/apitestrig +function installing_apitestrig() { + echo Istio label + kubectl label ns $NS istio-injection=disabled --overwrite + helm repo update -find . -type f ! -path "./deploy/*" -exec rm -f {} \; + echo Copy Configmaps + COPY_UTIL=../copy_cm_func.sh + $COPY_UTIL configmap global default $NS + $COPY_UTIL configmap keycloak-host keycloak $NS + $COPY_UTIL configmap artifactory-share artifactory $NS + $COPY_UTIL configmap config-server-share config-server $NS -cd deploy/apitestrig || { echo "apitestrig directory not found."; exit 1; } -cp $VALUES_FILE values.yaml + echo echo Copy Secrtes + $COPY_UTIL secret keycloak-client-secrets keycloak $NS + $COPY_UTIL secret s3 s3 $NS + $COPY_UTIL secret postgres-postgresql postgres $NS -# Check if the install script exists and is executable -if [ -x "$INSTALL_SCRIPT" ]; then - echo "Running install script with values file $VALUES_FILE..." - source ./"$INSTALL_SCRIPT" - echo "Install script executed successfully." -else - echo "Install script not found or not executable." - exit 1 -fi + echo "Delete s3, db, & apitestrig configmap if exists" + kubectl -n $NS delete --ignore-not-found=true configmap s3 + kubectl -n $NS delete --ignore-not-found=true configmap db + kubectl -n $NS delete --ignore-not-found=true configmap apitestrig + + DB_HOST=$( kubectl -n default get cm global -o json |jq -r '.data."mosip-api-internal-host"' ) + API_INTERNAL_HOST=$( kubectl -n default get cm global -o json |jq -r '.data."mosip-api-internal-host"' ) + ENV_USER=$( kubectl -n default get cm global -o json |jq -r '.data."mosip-api-internal-host"' | awk -F '.' '/api-internal/{print $1"."$2}') + + read -p "Please enter the time(hr) to run the cronjob every day (time: 0-23) : " time + if [ -z "$time" ]; then + echo "ERROT: Time cannot be empty; EXITING;"; + exit 1; + fi + if ! [ $time -eq $time ] 2>/dev/null; then + echo "ERROR: Time $time is not a number; EXITING;"; + exit 1; + fi + if [ $time -gt 23 ] || [ $time -lt 0 ] ; then + echo "ERROR: Time should be in range ( 0-23 ); EXITING;"; + exit 1; + fi + + echo "Do you have public domain & valid SSL? (Y/n) " + echo "Y: if you have public domain & valid ssl certificate" + echo "n: If you don't have a public domain and a valid SSL certificate. Note: It is recommended to use this option only in development environments." + read -p "" flag + + if [ -z "$flag" ]; then + echo "'flag' was provided; EXITING;" + exit 1; + fi + ENABLE_INSECURE='' + if [ "$flag" = "n" ]; then + ENABLE_INSECURE='--set enable_insecure=true'; + fi + + read -p "Please provide the retention days to remove old reports ( Default: 3 )" reportExpirationInDays + + if [[ -z $reportExpirationInDays ]]; then + reportExpirationInDays=3 + fi + if ! [[ $reportExpirationInDays =~ ^[0-9]+$ ]]; then + echo "The variable \"reportExpirationInDays\" should contain only number; EXITING"; + exit 1; + fi + + read -p "Please provide slack webhook URL to notify server end issues on your slack channel : " slackWebhookUrl + + if [ -z $slackWebhookUrl ]; then + echo "slack webhook URL not provided; EXITING;" + exit 1; + fi + + valid_inputs=("yes" "no") + eSignetDeployed="" + + while [[ ! " ${valid_inputs[@]} " =~ " ${eSignetDeployed} " ]]; do + read -p "Is the eSignet service deployed? (yes/no): " eSignetDeployed + eSignetDeployed=${eSignetDeployed,,} # Convert input to lowercase + done + + if [[ $eSignetDeployed == "yes" ]]; then + echo "eSignet service is deployed. Proceeding with installation..." + else + echo "eSignet service is not deployed. hence will be skipping esignet related test-cases..." + fi + + echo Installing apitestrig + helm -n $NS install apitestrig mosip/apitestrig \ + --set crontime="0 $time * * *" \ + -f values.yaml \ + --version $CHART_VERSION \ + --set apitestrig.configmaps.s3.s3-host='http://minio.minio:9000' \ + --set apitestrig.configmaps.s3.s3-user-key='admin' \ + --set apitestrig.configmaps.s3.s3-region='' \ + --set apitestrig.configmaps.db.db-server="$DB_HOST" \ + --set apitestrig.configmaps.db.db-su-user="postgres" \ + --set apitestrig.configmaps.db.db-port="5432" \ + --set apitestrig.configmaps.apitestrig.ENV_USER="$ENV_USER" \ + --set apitestrig.configmaps.apitestrig.ENV_ENDPOINT="https://$API_INTERNAL_HOST" \ + --set apitestrig.configmaps.apitestrig.ENV_TESTLEVEL="smokeAndRegression" \ + --set apitestrig.configmaps.apitestrig.reportExpirationInDays="$reportExpirationInDays" \ + --set apitestrig.configmaps.apitestrig.slack-webhook-url="$slackWebhookUrl" \ + --set apitestrig.configmaps.apitestrig.eSignetDeployed="$eSignetDeployed" \ + --set apitestrig.configmaps.apitestrig.NS="$NS" \ + $ENABLE_INSECURE -# Cleanup cloned repository -echo "Cleaning up..." -cd ../../.. -rm -rf $git_repo_name + echo Installed apitestrig. + return 0 +} -echo "Deployment complete!" +# set commands for error handling. +set -e +set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errtrace # trace ERR through 'time command' and other functions +set -o pipefail # trace ERR through pipes +installing_apitestrig # calling function \ No newline at end of file diff --git a/deploy/prereg-apitestrig/values.yaml b/deploy/prereg-apitestrig/values.yaml index 2c6133ed550..2c9f8e9e13c 100644 --- a/deploy/prereg-apitestrig/values.yaml +++ b/deploy/prereg-apitestrig/values.yaml @@ -1,55 +1,7 @@ modules: - masterdata: - enabled: false - image: - repository: mosipqa/apitest-masterdata - tag: develop - pullPolicy: Always prereg: enabled: true image: repository: mosipqa/apitest-prereg tag: develop pullPolicy: Always - idrepo: - enabled: false - image: - repository: mosipqa/apitest-idrepo - tag: develop - pullPolicy: Always - partner: - enabled: false - image: - repository: mosipqa/apitest-partner - tag: develop - pullPolicy: Always - resident: - enabled: false - image: - repository: mosipqa/apitest-resident - tag: develop - pullPolicy: Always - auth: - enabled: false - image: - repository: mosipqa/apitest-auth - tag: develop - pullPolicy: Always - esignet: - enabled: false - image: - repository: mosipqa/apitest-esignet - tag: develop - pullPolicy: Always - mimoto: - enabled: false - image: - repository: mosipqa/apitest-mimoto - tag: develop - pullPolicy: Always - pms: - enabled: false - image: - repository: mosipqa/apitest-pms - tag: develop - pullPolicy: Always diff --git a/deploy/README.md b/deploy/prereg/README.md similarity index 95% rename from deploy/README.md rename to deploy/prereg/README.md index 23456638dd0..d68d55418a8 100644 --- a/deploy/README.md +++ b/deploy/prereg/README.md @@ -21,7 +21,7 @@ On a browser open `https:///pre-registration-ui/`. Example `h ## Rate Control Using Envoyfilter - Using Envoyfilter one can limit the rate of http requests coming in to a resource. Reference: [Istio Policty Enforcement](https://istio.io/latest/docs/tasks/policy-enforcement/rate-limit/#local-rate-limit) and [Rate Limit Filter](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/local_rate_limit_filter). -- Edit the envoyfilter [here](./rate-control-envoyfilter.yaml) +- Edit the envoyfilter [here](rate-control-envoyfilter.yaml) - Edit these values in the envoyfilter accordingly. ``` token_bucket: diff --git a/deploy/prereg/copy_cm_func.sh b/deploy/prereg/copy_cm_func.sh new file mode 100644 index 00000000000..e633442eea6 --- /dev/null +++ b/deploy/prereg/copy_cm_func.sh @@ -0,0 +1,28 @@ +#!/bin/bash +# Copy configmap and secret from one namespace to another. +# ./copy_cm_func.sh [name] +# Parameters: +# resource: configmap|secret +# name: Optional new name of the configmap or secret in destination namespace. This may be needed if there is +# clash of names + +if [ $1 = "configmap" ] +then + RESOURCE=configmap +elif [ $1 = "secret" ] +then + RESOURCE=secret +else + echo "Incorrect resource $1. Exiting.." + exit 1 +fi + + +if [ $# -ge 5 ] +then + kubectl -n $4 delete --ignore-not-found=true $RESOURCE $5 + kubectl -n $3 get $RESOURCE $2 -o yaml | sed "s/namespace: $3/namespace: $4/g" | sed "s/name: $2/name: $5/g" | kubectl -n $4 create -f - +else + kubectl -n $4 delete --ignore-not-found=true $RESOURCE $2 + kubectl -n $3 get $RESOURCE $2 -o yaml | sed "s/namespace: $3/namespace: $4/g" | kubectl -n $4 create -f - +fi diff --git a/deploy/delete.sh b/deploy/prereg/delete.sh similarity index 100% rename from deploy/delete.sh rename to deploy/prereg/delete.sh diff --git a/deploy/get_logs.sh b/deploy/prereg/get_logs.sh similarity index 100% rename from deploy/get_logs.sh rename to deploy/prereg/get_logs.sh diff --git a/deploy/install.sh b/deploy/prereg/install.sh similarity index 92% rename from deploy/install.sh rename to deploy/prereg/install.sh index e083e1254b7..3973014d94d 100755 --- a/deploy/install.sh +++ b/deploy/prereg/install.sh @@ -20,8 +20,9 @@ function installing_prereg() { helm repo update echo Copy configmaps - sed -i 's/\r$//' copy_cm.sh - ./copy_cm.sh + $COPY_UTIL configmap global default $NS + $COPY_UTIL configmap artifactory-share artifactory $NS + $COPY_UTIL configmap config-server-share config-server $NS API_HOST=`kubectl get cm global -o jsonpath={.data.mosip-api-host}` PREREG_HOST=`kubectl get cm global -o jsonpath={.data.mosip-prereg-host}` diff --git a/deploy/rate-control-envoyfilter.yaml b/deploy/prereg/rate-control-envoyfilter.yaml similarity index 100% rename from deploy/rate-control-envoyfilter.yaml rename to deploy/prereg/rate-control-envoyfilter.yaml diff --git a/deploy/restart.sh b/deploy/prereg/restart.sh similarity index 100% rename from deploy/restart.sh rename to deploy/prereg/restart.sh diff --git a/deploy/samples/sample_address_proof.pdf b/deploy/prereg/samples/sample_address_proof.pdf similarity index 100% rename from deploy/samples/sample_address_proof.pdf rename to deploy/prereg/samples/sample_address_proof.pdf diff --git a/deploy/samples/sample_exception_proof.pdf b/deploy/prereg/samples/sample_exception_proof.pdf similarity index 100% rename from deploy/samples/sample_exception_proof.pdf rename to deploy/prereg/samples/sample_exception_proof.pdf diff --git a/deploy/samples/sample_identity_proof.pdf b/deploy/prereg/samples/sample_identity_proof.pdf similarity index 100% rename from deploy/samples/sample_identity_proof.pdf rename to deploy/prereg/samples/sample_identity_proof.pdf diff --git a/deploy/samples/sample_relationship_proof.pdf b/deploy/prereg/samples/sample_relationship_proof.pdf similarity index 100% rename from deploy/samples/sample_relationship_proof.pdf rename to deploy/prereg/samples/sample_relationship_proof.pdf diff --git a/docs/apitestrig-1.png b/docs/apitestrig-1.png new file mode 100644 index 00000000000..a7f36f6f057 Binary files /dev/null and b/docs/apitestrig-1.png differ diff --git a/docs/apitestrig-2.png b/docs/apitestrig-2.png new file mode 100644 index 00000000000..c6e48e63d37 Binary files /dev/null and b/docs/apitestrig-2.png differ