Bump cirros image versions to 5.1 and 5.2
Updated/Added:
- image sigining routine commands
- prepare.sh
- cmp-check.sh
- configure.sh updated with image versions 5.1 and 5.2
- rally scenarios updates
Related PROD: PROD-36794
Change-Id: I8e3ef81c3ecb51af97cb08c676dbfd9804e0d803
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..29374d8
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,71 @@
+*.py[cod]
+*.swp
+
+# C extensions
+*.so
+
+# Packages
+*.egg
+*.egg-info
+dist
+build
+include
+eggs
+parts
+bin
+var
+sdist
+develop-eggs
+.installed.cfg
+lib
+local
+lib64
+MANIFEST
+TAGS
+
+# Installer logs
+pip-log.txt
+
+# Unit test / coverage reports
+.coverage
+.tox
+nosetests.xml
+
+# Translations
+*.mo
+
+# Mr Developer
+.mr.developer.cfg
+.cache
+.project
+.pydevproject
+.idea
+.DS_Store
+.vscode
+.venv
+
+# Local example
+example_local.py
+
+# Local settings
+local_settings.py
+id_rsa*
+kaas-bm-uscloudrc*
+
+# Documentation
+doc/_build/
+
+# Logs
+/logs
+tests.log
+
+# Certs
+/ca.crt
+/ca.pem
+
+# Cache
+/.cache
+
+# Artifacts
+/artifacts/
+si_tests/kaas-bm-env/state/
diff --git a/cleanup.sh b/cleanup.sh
index 0e9b0ac..838f397 100644
--- a/cleanup.sh
+++ b/cleanup.sh
@@ -1,6 +1,6 @@
#!/bin/bash
export OS_INTERFACE='admin'
-mask='s_rally\|rally_\|tempest_\|tempest-\|spt-'
+mask='cvp\|s_rally\|rally_\|tempest_\|tempest-\|spt-'
exclude='manual\|-static-'
stack_alt=false
stack_regex='api-[0-9]+-[a-z]+'
diff --git a/configure.sh b/configure.sh
index 322ee01..2b33ff1 100755
--- a/configure.sh
+++ b/configure.sh
@@ -86,29 +86,48 @@
glance_image() {
current_path=$(pwd)
# fetch image with exact name: testvm
-IMAGE_NAME=cvp.cirros.35
-IMAGE_NAME2=cvp.cirros.40
+IMAGE_NAME=cvp.cirros.51
+IMAGE_NAME2=cvp.cirros.52
IMAGE_REF=$(glance image-list | grep "\b${IMAGE_NAME}\b" | awk '{print $2}')
IMAGE_REF2=$(glance image-list | grep "\b${IMAGE_NAME2}\b" | awk '{print $2}')
if [ "${IMAGE_REF2}" == "" ]; then
+ imagefile51=cirros-0.5.1-x86_64-disk.img
+ imagefile52=cirros-0.5.2-x86_64-disk.img
+ imageurl51=https://download.cirros-cloud.net/0.5.1/${imagefile51}
+ imageurl52=https://download.cirros-cloud.net/0.5.2/${imagefile52}
+ imagepath51=$current_path/cvp-configuration/${imagefile51}
+ imagepath52=$current_path/cvp-configuration/${imagefile52}
if [ "$PROXY" != "offline" ]; then
if [ -n "${PROXY}" ]; then
export http_proxy=$PROXY
export https_proxy=$PROXY
fi
- ls $current_path/cvp-configuration/cirros-0.3.4-x86_64-disk.img || wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img -O $current_path/cvp-configuration/cirros-0.3.4-x86_64-disk.img
+ ls ${imagepath51} || wget ${imageurl51} -O ${imagepath51}
+ ls ${imagepath52} || wget ${imageurl52} -O ${imagepath52}
unset http_proxy
unset https_proxy
fi
- if [ -e $current_path/cvp-configuration/cirros-0.3.4-x86_64-disk.img ]; then
- echo "MD5 should be ee1eca47dc88f4879d8a229cc70a07c6"
- md5sum $current_path/cvp-configuration/cirros-0.3.4-x86_64-disk.img
- glance image-create --name=${IMAGE_NAME2} --visibility=public --container-format=bare --disk-format=qcow2 < $current_path/cvp-configuration/cirros-0.3.4-x86_64-disk.img
+ # v5.1
+ if [ -e $current_path/cvp-configuration/${imagefile51} ]; then
+ echo "MD5 for the file is:"
+ md5sum ${imagepath51}
+ glance image-create --name=${IMAGE_NAME} --visibility=public --container-format=bare --disk-format=qcow2 < ${imagepath51}
+ IMAGE_REF=$(glance image-list | grep "\b${IMAGE_NAME}\b" | awk '{print $2}')
+ else
+ echo "Cirros image v5.1 was not downloaded! Some tests may fail"
+ IMAGE_REF=""
+ fi
+ # v5.2
+ if [ -e $current_path/cvp-configuration/${imagefile52} ]; then
+ echo "MD5 for the file is:"
+ md5sum ${imagepath52}
+ glance image-create --name=${IMAGE_NAME2} --visibility=public --container-format=bare --disk-format=qcow2 < ${imagepath52}
IMAGE_REF2=$(glance image-list | grep "\b${IMAGE_NAME2}\b" | awk '{print $2}')
else
- echo "Cirros image was not downloaded! Some tests may fail"
+ echo "Cirros image v5.2 was not downloaded! Some tests may fail"
IMAGE_REF2=""
fi
+
fi
sed -i 's/${IMAGE_REF}/'$IMAGE_REF'/g' $current_path/cvp-configuration/tempest/tempest_ext.conf
@@ -121,11 +140,19 @@
current_path=$(pwd)
#image
glance_image
-#flavor for rally
-nova flavor-list | grep tiny 2>&1 >/dev/null || {
- echo "Let's create m1.tiny flavor"
- nova flavor-create --is-public true m1.tiny auto 128 1 1
+
+#flavors for rally
+nova flavor-list | grep cvp.tiny 2>&1 >/dev/null || {
+ echo "Let's create cvp.tiny flavor"
+ #nova flavor-create --is-public true m1.tiny auto 128 1 1
+ openstack flavor create --id 1 --ram 64 --disk 1 --vcpus 1 cvp.tiny
}
+nova flavor-list | grep cvp.small 2>&1 >/dev/null || {
+ echo "Let's create cvp.small flavor"
+ openstack flavor create --id 2 --ram 256 --disk 2 --vcpus 1 cvp.small
+}
+
+
#shared fixed network
shared_count=`neutron net-list -c name -c shared | grep True | grep "fixed-net" | wc -l`
if [ $shared_count -eq 0 ]; then
diff --git a/k8s/rally-files/openstack-mos-scn-i1-static-users.json b/k8s/rally-files/openstack-mos-scn-i1-static-users.json
index f4ea078..4dfc36a 100644
--- a/k8s/rally-files/openstack-mos-scn-i1-static-users.json
+++ b/k8s/rally-files/openstack-mos-scn-i1-static-users.json
@@ -1,5 +1,5 @@
{% set flavor_name = flavor_name or "cvp.tiny" %}
-{% set image_name = image_name or "cvp.cirros.35" %}
+{% set image_name = image_name or "cvp.cirros.51" %}
{% set availability_zone = "nova" %}
{% set concurrency = 1 %}
{% set volume_size = 1 %}
diff --git a/k8s/rally-files/openstack-mos-scn-i1.json b/k8s/rally-files/openstack-mos-scn-i1.json
index cac67f4..7752c1f 100644
--- a/k8s/rally-files/openstack-mos-scn-i1.json
+++ b/k8s/rally-files/openstack-mos-scn-i1.json
@@ -1,5 +1,5 @@
{% set flavor_name = flavor_name or "cvp.tiny" %}
-{% set image_name = image_name or "cvp.cirros.35" %}
+{% set image_name = image_name or "cvp.cirros.51" %}
{% set availability_zone = "nova" %}
{% set concurrency = 1 %}
{% set volume_size = 1 %}
diff --git a/k8s/rally-files/openstack-mos-scn-i100-static-users.json b/k8s/rally-files/openstack-mos-scn-i100-static-users.json
index 7569449..b4f1c75 100644
--- a/k8s/rally-files/openstack-mos-scn-i100-static-users.json
+++ b/k8s/rally-files/openstack-mos-scn-i100-static-users.json
@@ -1,5 +1,5 @@
{% set flavor_name = flavor_name or "cvp.tiny" %}
-{% set image_name = image_name or "cvp.cirros.35" %}
+{% set image_name = image_name or "cvp.cirros.51" %}
{% set availability_zone = "nova" %}
{% set concurrency = 10 %}
{% set volume_size = %}
diff --git a/k8s/rally-files/openstack-mos-scn-i100.json b/k8s/rally-files/openstack-mos-scn-i100.json
index 58eb219..262a67d 100644
--- a/k8s/rally-files/openstack-mos-scn-i100.json
+++ b/k8s/rally-files/openstack-mos-scn-i100.json
@@ -5,10 +5,10 @@
{% set tenants = 3 %}
{% set flavor_name = flavor_name or "cvp.tiny" %}
-{% set image_name = image_name or "cvp.cirros.35" %}
+{% set image_name = image_name or "cvp.cirros.51" %}
{% set availability_zone = "nova" %}
{% set rbd_image = "http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img" %}
-{% set heat_template = "/artifacts/res-files/rally/default.yaml.template" %}
+{% set heat_template = "/artifacts/default.yaml.template" %}
{% set fixed_net = "id" %}
{
diff --git a/k8s/toolset.yaml b/k8s/toolset.yaml
index b005269..c8c7eac 100644
--- a/k8s/toolset.yaml
+++ b/k8s/toolset.yaml
@@ -65,7 +65,7 @@
name: keystone-keystone-admin
imagePullPolicy: IfNotPresent
name: toolset
- image: savex13/toolset:0.2
+ image: savex13/toolset:0.3
volumeMounts:
- mountPath: /artifacts
name: qa-pv-a
diff --git a/scripts/cmp_check.sh b/scripts/cmp_check.sh
index 9da254a..07bc9ca 100644
--- a/scripts/cmp_check.sh
+++ b/scripts/cmp_check.sh
@@ -124,10 +124,10 @@
function vm_create() {
[ ! "$silent" = true ] && set -x
- openstack server create --nic net-id=${fixed_net_left_id} --image ${cirros35_id} --flavor ${flavor_tiny_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
+ openstack server create --nic net-id=${fixed_net_left_id} --image ${cirros51_id} --flavor ${flavor_tiny_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
#openstack server create --nic net-id=${fixed_net_left_id} --image ${ubuntu16_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
#openstack server create --nic net-id=${fixed_net_right_id} --image ${ubuntu16_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
- #openstack server create --nic net-id=${fixed_net_left_id} --image ${ubuntuspt_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
+ #openstack server create --nic net-id=${fixed_net_left_id} --image ${ubuntu20_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
[ ! 0 -eq $? ] && errors+=("${1}/${2}: $(cat ${tmp_out})")
set +x
[ ! "$silent" = true ] && cat ${tmp_out}
diff --git a/scripts/manual_create_signed_images.sh b/scripts/manual_create_signed_images.sh
new file mode 100644
index 0000000..bab2c93
--- /dev/null
+++ b/scripts/manual_create_signed_images.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+# Preparing secretp
+openssl genrsa -out image_key.pem 1024
+openssl rsa -pubout -in image_key.pem -out image_key.pem.pub
+openssl req -new -key image_key.pem -out image_req.crt
+openssl x509 -req -days 180 -in image_req.crt -signkey image_key.pem -out image_cert.crt
+
+# Save secret to Barbican storage
+openstack secret store --name cvp.images --algorithm RSA --expiration 2023-06-15 --secret-type certificate --payload-content-type "application/octet-stream" --payload-content-encoding base64 --payload "$(base64 image_cert.crt)"
+
+# save ID from "Secret href" property
+export s_uuid=1149deef-13b1-4ace-8aef-613466ef6fe7
+
+# To Raw
+qemu-img convert -f qcow2 -O raw -p cvp.ubuntu.2004 /var/tmp/cvp.ubuntu.2004.raw
+qemu-img convert -f qcow2 -O raw -p cvp.ubuntu.1604 /var/tmp/cvp.ubuntu.1604.raw
+qemu-img convert -f qcow2 -O raw -p cvp.cirros.51 /var/tmp/cvp.cirros.51.raw
+qemu-img convert -f qcow2 -O raw -p cvp.cirros.52 /var/tmp/cvp.cirros.52.raw
+
+# Sign images
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.cirros.51.raw.signature /var/tmp/cvp.cirros.51.raw
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.cirros.52.raw.signature /var/tmp/cvp.cirros.52.raw
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.ubuntu.1604.raw.signature /var/tmp/cvp.ubuntu.1604.raw
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.ubuntu.2004.raw.signature /var/tmp/cvp.ubuntu.2004.raw
+
+base64 -w 0 cvp.cirros.51.raw.signature >cvp.cirros.51.raw.signature.b64
+base64 -w 0 cvp.cirros.52.raw.signature >cvp.cirros.52.raw.signature.b64
+base64 -w 0 cvp.ubuntu.1604.raw.signature >cvp.ubuntu.1604.raw.signature.b64
+base64 -w 0 cvp.ubuntu.2004.raw.signature >cvp.ubuntu.2004.raw.signature.b64
+
+export cirros51_sign=$(cat cvp.cirros.51.raw.signature.b64)
+export cirros52_sign=$(cat cvp.cirros.52.raw.signature.b64)
+export ubuntu1604_sign=$(cat cvp.ubuntu.1604.raw.signature.b64)
+export ubuntu2004_sign=$(cat cvp.ubuntu.2004.raw.signature.b64)
+
+# Upload
+glance image-create --name cvp.cirros.51.raw.signed --container-format bare --disk-format raw --property img_signature="$cirros51_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.cirros.51.raw
+glance image-create --name cvp.cirros.52.raw.signed --container-format bare --disk-format raw --property img_signature="$cirros52_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.cirros.52.raw
+glance image-create --name cvp.ubuntu.1604.raw.signed --container-format bare --disk-format raw --property img_signature="$ubuntu1604_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.ubuntu.1604.raw
+glance image-create --name cvp.ubuntu.2004.raw.signed --container-format bare --disk-format raw --property img_signature="$ubuntu2004_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.ubuntu.2004.raw
diff --git a/scripts/prepare.sh b/scripts/prepare.sh
index 10f005a..c0b58ba 100644
--- a/scripts/prepare.sh
+++ b/scripts/prepare.sh
@@ -39,14 +39,17 @@
router=${name_prefix}.router
# Images: cirros (3.5, 4.0), ubuntu (16.04)
-cirros3=${name_prefix}.cirros.35
-cirros4=${name_prefix}.cirros.40
+cirros51=${name_prefix}.cirros.51
+cirros52=${name_prefix}.cirros.52
ubuntu16=${name_prefix}.ubuntu.1604
-ubuntuspt=${name_prefix}.ubuntu.spt
+ubuntu20=${name_prefix}.ubuntu.2004
-cirros3_link=http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
-cirros4_link=http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-aarch64-disk.img
+#cirros3_link=http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
+#cirros4_link=http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-aarch64-disk.img
+cirros51_link=https://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img
+cirros52_link=https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
ubuntu16_link=https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
+ubuntu20_link=https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
# Volume (2GB)
volume=${name_prefix}.volume
@@ -144,14 +147,14 @@
put volume_id $(ol1 volume ${volume})
# images
- put cirros35_name ${cirros3}
- put cirros35_id $(ol1 image ${cirros3})
- put cirros40_name ${cirros4}
- put cirros40_id $(ol1 image ${cirros4})
+ put cirros51_name ${cirros51}
+ put cirros51_id $(ol1 image ${cirros51})
+ put cirros52_name ${cirros52}
+ put cirros52_id $(ol1 image ${cirros52})
put ubuntu16_name ${ubuntu16}
put ubuntu16_id $(ol1 image ${ubuntu16})
- put ubuntuspt_name ${ubuntuspt}
- put ubuntuspt_id $(ol1 image ${ubuntuspt})
+ put ubuntu20_name ${ubuntu20}
+ put ubuntu20_id $(ol1 image ${ubuntu20})
}
# create rc file out of current ENV vars
@@ -382,12 +385,10 @@
create_fixed_nets
# images
-#create_image cirros3
-#create_image cirros4
-#create_image ubuntu16
-# update image name to correct one uploaded
-#ubuntuspt_file="ubuntuspt.img"
-#openstack image create --public --disk-format qcow2 --container-format bare --file ${ubuntuspt_file} ${ubuntuspt} -c id -f value
+create_image cirros51
+create_image cirros52
+create_image ubuntu16
+create_image ubuntu20
### Manifest and fall back to original rc
print_manifest
diff --git a/tempest/tempest_ext.conf b/tempest/tempest_ext.conf
index 6d55002..6a18040 100644
--- a/tempest/tempest_ext.conf
+++ b/tempest/tempest_ext.conf
@@ -68,7 +68,7 @@
[validation]
run_validation = true
-image_ssh_password = cubswin:)
+image_ssh_password = gocubsgo
ssh_timeout = 130
ping_timeout = 20