From d708866b2ab8da48b08f70f55c996e06bf3def3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Doktor?= Date: Wed, 19 Mar 2025 11:37:36 +0100 Subject: [PATCH] ci.ocp: shellcheck various fixes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit various manual fixes. Related to: #10951 Signed-off-by: Lukáš Doktor --- ci/openshift-ci/bisect-range.sh | 5 ++- ci/openshift-ci/cleanup.sh | 9 +++-- ci/openshift-ci/cluster/deploy_webhook.sh | 3 +- ci/openshift-ci/cluster/install_kata.sh | 42 +++++++++++++---------- ci/openshift-ci/lib.sh | 1 + ci/openshift-ci/run_smoke_test.sh | 3 +- ci/openshift-ci/test.sh | 1 + 7 files changed, 40 insertions(+), 24 deletions(-) diff --git a/ci/openshift-ci/bisect-range.sh b/ci/openshift-ci/bisect-range.sh index cdf1ed2920..7cc49ab27f 100755 --- a/ci/openshift-ci/bisect-range.sh +++ b/ci/openshift-ci/bisect-range.sh @@ -14,13 +14,16 @@ ARCH=amd64 REPO="quay.io/kata-containers/kata-deploy-ci" TAGS=$(skopeo list-tags "docker://${REPO}") +# For testing +#echo "$TAGS" > tags +#TAGS=$(cat tags) # Only amd64 TAGS=$(echo "${TAGS}" | jq '.Tags' | jq "map(select(endswith(\"${ARCH}\")))" | jq -r '.[]') # Sort by git SORTED="" [[ -n "${BAD}" ]] && LOG_ARGS="${GOOD}~1..${BAD}" || LOG_ARGS="${GOOD}~1.." for TAG in $(git log --merges --pretty=format:%H --reverse "${LOG_ARGS}"); do - [[ "${TAGS}" =~ "${TAG}" ]] && SORTED+=" + [[ "${TAGS}" =~ ${TAG} ]] && SORTED+=" kata-containers-${TAG}-${ARCH}" done # Comma separated tags with repo diff --git a/ci/openshift-ci/cleanup.sh b/ci/openshift-ci/cleanup.sh index 6bd68660f8..36e359c10b 100755 --- a/ci/openshift-ci/cleanup.sh +++ b/ci/openshift-ci/cleanup.sh @@ -9,10 +9,13 @@ scripts_dir=$(dirname "$0") deployments_dir=${scripts_dir}/cluster/deployments -configs_dir=${scripts_dir}/configs +# shellcheck disable=SC1091 # import based on variable source "${scripts_dir}/lib.sh" +# Set your katacontainers repo dir location +[[ -z "${katacontainers_repo_dir}" ]] && echo "Please set katacontainers_repo_dir variable to your kata repo" + # Set to 'yes' if you want to configure SELinux to permissive on the cluster # workers. # @@ -43,12 +46,12 @@ fi [[ ${SELINUX_PERMISSIVE} == "yes" ]] && oc delete -f "${deployments_dir}/machineconfig_selinux.yaml.in" # Delete kata-containers -pushd "${katacontainers_repo_dir}/tools/packaging/kata-deploy" +pushd "${katacontainers_repo_dir}/tools/packaging/kata-deploy" || { echo "Failed to push to ${katacontainers_repo_dir}/tools/packaging/kata-deploy"; exit 125; } oc delete -f kata-deploy/base/kata-deploy.yaml oc -n kube-system wait --timeout=10m --for=delete -l name=kata-deploy pod oc apply -f kata-cleanup/base/kata-cleanup.yaml echo "Wait for all related pods to be gone" -( repeats=1; for i in $(seq 1 600); do +( repeats=1; for _ in $(seq 1 600); do oc get pods -l name="kubelet-kata-cleanup" --no-headers=true -n kube-system 2>&1 | grep "No resources found" -q && ((repeats++)) || repeats=1 [[ "${repeats}" -gt 5 ]] && echo kata-cleanup finished && break sleep 1 diff --git a/ci/openshift-ci/cluster/deploy_webhook.sh b/ci/openshift-ci/cluster/deploy_webhook.sh index 266abd9c25..b981192e70 100755 --- a/ci/openshift-ci/cluster/deploy_webhook.sh +++ b/ci/openshift-ci/cluster/deploy_webhook.sh @@ -13,8 +13,9 @@ set -e set -o nounset set -o pipefail -script_dir="$(realpath $(dirname "$0"))" +script_dir="$(realpath "$(dirname "$0")")" webhook_dir="${script_dir}/../../../tools/testing/kata-webhook" +# shellcheck disable=SC1091 # import based on variable source "${script_dir}/../lib.sh" KATA_RUNTIME=${KATA_RUNTIME:-kata-ci} diff --git a/ci/openshift-ci/cluster/install_kata.sh b/ci/openshift-ci/cluster/install_kata.sh index a1d2ed5fa0..314fd0d1bb 100755 --- a/ci/openshift-ci/cluster/install_kata.sh +++ b/ci/openshift-ci/cluster/install_kata.sh @@ -11,8 +11,12 @@ scripts_dir=$(dirname "$0") deployments_dir=${scripts_dir}/deployments configs_dir=${scripts_dir}/configs +# shellcheck disable=SC1091 # import based on variable source "${scripts_dir}/../lib.sh" +# Set your katacontainers repo dir location +[[ -z "${katacontainers_repo_dir}" ]] && echo "Please set katacontainers_repo_dir variable to your kata repo" + # Set to 'yes' if you want to configure SELinux to permissive on the cluster # workers. # @@ -40,7 +44,7 @@ WORKAROUND_9206_CRIO=${WORKAROUND_9206_CRIO:-no} # apply_kata_deploy() { local deploy_file="tools/packaging/kata-deploy/kata-deploy/base/kata-deploy.yaml" - pushd "${katacontainers_repo_dir}" + pushd "${katacontainers_repo_dir}" || die sed -ri "s#(\s+image:) .*#\1 ${KATA_DEPLOY_IMAGE}#" "${deploy_file}" info "Applying kata-deploy" @@ -51,7 +55,7 @@ apply_kata_deploy() { info "Adding the kata runtime classes" oc apply -f tools/packaging/kata-deploy/runtimeclasses/kata-runtimeClasses.yaml - popd + popd || die } @@ -64,8 +68,8 @@ wait_for_reboot() { local delta="${1:-900}" local sleep_time=60 declare -A BOOTIDS - local workers=($(oc get nodes | \ - awk '{if ($3 == "worker") { print $1 } }')) + local workers + mapfile -t workers < <(oc get nodes | awk '{if ($3 == "worker") { print $1 } }') # Get the boot ID to compared it changed over time. for node in "${workers[@]}"; do BOOTIDS[${node}]=$(oc get -o jsonpath='{.status.nodeInfo.bootID}'\ @@ -78,18 +82,18 @@ wait_for_reboot() { while [[ ${#workers[@]} -gt 0 ]]; do sleep "${sleep_time}" now=$(date +%s) - if [[ $((${timer_start} + ${delta})) -lt ${now} ]]; then + if [[ $((timer_start + delta)) -lt ${now} ]]; then echo "Timeout: not all workers rebooted" return 1 fi - echo "Checking after $((${now} - ${timer_start})) seconds" + echo "Checking after $((now - timer_start)) seconds" for i in "${!workers[@]}"; do current_id=$(oc get \ -o jsonpath='{.status.nodeInfo.bootID}' \ "node/${workers[i]}") - if [[ "${current_id}" != ${BOOTIDS[${workers[i]}]} ]]; then + if [[ "${current_id}" != "${BOOTIDS[${workers[i]}]}" ]]; then echo "${workers[i]} rebooted" - unset workers[i] + unset "workers[i]" fi done done @@ -102,7 +106,8 @@ wait_mcp_update() { # and none are degraded. local ready_count=0 local degraded_count=0 - local machine_count=$(oc get mcp worker -o jsonpath='{.status.machineCount}') + local machine_count + machine_count=$(oc get mcp worker -o jsonpath='{.status.machineCount}') if [[ -z "${machine_count}" && "${machine_count}" -lt 1 ]]; then warn "Unabled to obtain the machine count" @@ -110,12 +115,13 @@ wait_mcp_update() { fi echo "Set timeout to ${delta} seconds" - local deadline=$(($(date +%s) + ${delta})) + local deadline=$(($(date +%s) + delta)) + local now # The ready count might not have changed yet, so wait a little. while [[ "${ready_count}" != "${machine_count}" && \ "${degraded_count}" == 0 ]]; do # Let's check it hit the timeout (or not). - local now=$(date +%s) + now=$(date +%s) if [[ ${deadline} -lt ${now} ]]; then echo "Timeout: not all workers updated" >&2 return 1 @@ -138,7 +144,7 @@ enable_sandboxedcontainers_extension() { oc apply -f "${deployment_file}" oc get -f "${deployment_file}" || \ die "Sandboxed Containers extension machineconfig not found" - wait_mcp_update || die "Failed to update the machineconfigpool" + wait_mcp_update 3600 || die "Failed to update the machineconfigpool" } # Print useful information for debugging. @@ -174,16 +180,17 @@ wait_for_app_pods_message() { local i SECONDS=0 while :; do - pods=($(oc get pods -l app="${app}" --no-headers=true "${namespace}" | awk '{print $1}')) + mapfile -t pods < <(oc get pods -l app="${app}" --no-headers=true "${namespace}" | awk '{print $1}') [[ "${#pods}" -ge "${pod_count}" ]] && break if [[ "${SECONDS}" -gt "${timeout}" ]]; then printf "Unable to find ${pod_count} pods for '-l app=\"${app}\"' in ${SECONDS}s (%s)" "${pods[@]}" return 1 fi done + local log for pod in "${pods[@]}"; do while :; do - local log=$(oc logs "${namespace}" "${pod}") + log=$(oc logs "${namespace}" "${pod}") echo "${log}" | grep "${message}" -q && echo "Found $(echo "${log}" | grep "${message}") in ${pod}'s log (${SECONDS})" && break; if [[ "${SECONDS}" -gt "${timeout}" ]]; then echo -n "Message '${message}' not present in '${pod}' pod of the '-l app=\"${app}\"' " @@ -220,16 +227,15 @@ apply_kata_deploy if [[ ${SELINUX_PERMISSIVE} == "yes" ]]; then info "Configuring SELinux" if [[ -z "${SELINUX_CONF_BASE64}" ]]; then - export SELINUX_CONF_BASE64=$(echo \ - $(cat "${configs_dir}/selinux.conf"|base64) | \ - sed -e 's/\s//g') + SELINUX_CONF_BASE64=$(base64 -w0 < "${configs_dir}/selinux.conf") + export SELINUX_CONF_BASE64 fi envsubst < "${deployments_dir}"/machineconfig_selinux.yaml.in | \ oc apply -f - oc get machineconfig/51-kata-selinux || \ die "SELinux machineconfig not found" # The new SELinux configuration will trigger another reboot. - wait_for_reboot + wait_for_reboot 900 fi if [[ "${WORKAROUND_9206_CRIO}" == "yes" ]]; then diff --git a/ci/openshift-ci/lib.sh b/ci/openshift-ci/lib.sh index f6c4006fb4..dcbed1e700 100644 --- a/ci/openshift-ci/lib.sh +++ b/ci/openshift-ci/lib.sh @@ -14,6 +14,7 @@ else fi lib_dir=$(dirname "${BASH_SOURCE[0]}") +# shellcheck disable=SC1091 # import based on variable source "${lib_dir}/../../tests/common.bash" export katacontainers_repo=${katacontainers_repo:="github.com/kata-containers/kata-containers"} diff --git a/ci/openshift-ci/run_smoke_test.sh b/ci/openshift-ci/run_smoke_test.sh index 7317753ab8..69d54baf3c 100755 --- a/ci/openshift-ci/run_smoke_test.sh +++ b/ci/openshift-ci/run_smoke_test.sh @@ -8,6 +8,7 @@ # script_dir=$(dirname "$0") +# shellcheck disable=SC1091 # import based on variable source "${script_dir}/lib.sh" pod='http-server' @@ -45,7 +46,7 @@ info "Creating the service and route" if oc apply -f "${script_dir}/smoke/service.yaml"; then # Likely on OCP, use service is_ocp=1 - host=$(oc get route/http-server-route -o jsonpath={.spec.host}) + host=$(oc get route/http-server-route -o jsonpath="{.spec.host}") port=80 else # Likely on plain kubernetes, test using another container diff --git a/ci/openshift-ci/test.sh b/ci/openshift-ci/test.sh index 89ce5bc173..d012e5670f 100755 --- a/ci/openshift-ci/test.sh +++ b/ci/openshift-ci/test.sh @@ -9,6 +9,7 @@ export KATA_RUNTIME=${KATA_RUNTIME:-kata-qemu} script_dir=$(dirname "$0") +# shellcheck disable=SC1091 # import based on variable source "${script_dir}/lib.sh" suite=$1