From 060c49e172f49722452bce2ee5d79637b9122b72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javier=20J=2E=20Salmer=C3=B3n-Garc=C3=ADa?= Date: Tue, 21 Nov 2023 16:58:46 +0100 Subject: [PATCH] [bitnami/ray,kuberay-apiserver,kuberay-operator] test: :construction_worker: Add VIB integration (#53026) * [bitnami/ray,kuberay-apiserver,kuberay-operator] test: :construction_worker: Add VIB integration Signed-off-by: Javier Salmeron Garcia * fix: :bug: Change incorrect paths Signed-off-by: Javier Salmeron Garcia * fix: :bug: Remove version check Signed-off-by: Javier Salmeron Garcia * chore: :bulb: Add procedence of the script Signed-off-by: Javier Salmeron Garcia --------- Signed-off-by: Javier Salmeron Garcia --- .vib/kuberay-apiserver/goss/goss.yaml | 13 ++++ .../goss/kuberay-apiserver.yaml | 15 ++++ .vib/kuberay-apiserver/goss/vars.yaml | 6 ++ .vib/kuberay-apiserver/vib-verify.json | 66 ++++++++++++++++++ .vib/kuberay-operator/goss/goss.yaml | 13 ++++ .../goss/kuberay-operator.yaml | 15 ++++ .vib/kuberay-operator/goss/vars.yaml | 6 ++ .vib/kuberay-operator/vib-verify.json | 66 ++++++++++++++++++ .vib/ray/goss/goss.yaml | 14 ++++ .vib/ray/goss/ray.yaml | 15 ++++ .vib/ray/goss/testfiles/basic_example.py | 69 +++++++++++++++++++ .vib/ray/goss/vars.yaml | 10 +++ .vib/ray/vib-verify.json | 66 ++++++++++++++++++ 13 files changed, 374 insertions(+) create mode 100644 .vib/kuberay-apiserver/goss/goss.yaml create mode 100644 .vib/kuberay-apiserver/goss/kuberay-apiserver.yaml create mode 100644 .vib/kuberay-apiserver/goss/vars.yaml create mode 100644 .vib/kuberay-apiserver/vib-verify.json create mode 100644 .vib/kuberay-operator/goss/goss.yaml create mode 100644 .vib/kuberay-operator/goss/kuberay-operator.yaml create mode 100644 .vib/kuberay-operator/goss/vars.yaml create mode 100644 .vib/kuberay-operator/vib-verify.json create mode 100644 .vib/ray/goss/goss.yaml create mode 100644 .vib/ray/goss/ray.yaml create mode 100644 .vib/ray/goss/testfiles/basic_example.py create mode 100644 .vib/ray/goss/vars.yaml create mode 100644 .vib/ray/vib-verify.json diff --git a/.vib/kuberay-apiserver/goss/goss.yaml b/.vib/kuberay-apiserver/goss/goss.yaml new file mode 100644 index 000000000000..4d85fbc760f5 --- /dev/null +++ b/.vib/kuberay-apiserver/goss/goss.yaml @@ -0,0 +1,13 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +gossfile: + # Goss tests exclusive to the current container + ../../kuberay-apiserver/goss/kuberay-apiserver.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/kuberay-apiserver/goss/kuberay-apiserver.yaml b/.vib/kuberay-apiserver/goss/kuberay-apiserver.yaml new file mode 100644 index 000000000000..7dd2821b66f4 --- /dev/null +++ b/.vib/kuberay-apiserver/goss/kuberay-apiserver.yaml @@ -0,0 +1,15 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +user: + kuberay-apiserver: + exists: true + uid: 1001 + gid: 0 + +command: + check-kuberay-apiserver: + exec: kuberay-apiserver --help + exit-status: 0 + stderr: + - "Paths to a kubeconfig" diff --git a/.vib/kuberay-apiserver/goss/vars.yaml b/.vib/kuberay-apiserver/goss/vars.yaml new file mode 100644 index 000000000000..6ac7441d4e16 --- /dev/null +++ b/.vib/kuberay-apiserver/goss/vars.yaml @@ -0,0 +1,6 @@ +binaries: + - kuberay-apiserver +root_dir: /opt/bitnami +directories: + - paths: + - /opt/bitnami/kuberay-apiserver diff --git a/.vib/kuberay-apiserver/vib-verify.json b/.vib/kuberay-apiserver/vib-verify.json new file mode 100644 index 000000000000..6301edc70755 --- /dev/null +++ b/.vib/kuberay-apiserver/vib-verify.json @@ -0,0 +1,66 @@ +{ + "context": { + "resources": { + "url": "{SHA_ARCHIVE}", + "path": "{VIB_ENV_PATH}" + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" + }, + "phases": { + "package": { + "actions": [ + { + "action_id": "container-image-package", + "params": { + "application": { + "details": { + "name": "{VIB_ENV_CONTAINER}", + "tag": "{VIB_ENV_TAG}" + } + }, + "architectures": ["linux/amd64", "linux/arm64"] + } + }, + { + "action_id": "container-image-lint", + "params": { + "threshold": "error" + } + } + ] + }, + "verify": { + "actions": [ + { + "action_id": "trivy", + "params": { + "threshold": "CRITICAL", + "vuln_type": ["OS"] + } + }, + { + "action_id": "grype", + "params": { + "threshold": "CRITICAL", + "package_type": ["OS"] + } + }, + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "kuberay-apiserver/goss/goss.yaml", + "vars_file": "kuberay-apiserver/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-kuberay-apiserver" + } + } + } + } + ] + } + } +} diff --git a/.vib/kuberay-operator/goss/goss.yaml b/.vib/kuberay-operator/goss/goss.yaml new file mode 100644 index 000000000000..0041ef3907dc --- /dev/null +++ b/.vib/kuberay-operator/goss/goss.yaml @@ -0,0 +1,13 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +gossfile: + # Goss tests exclusive to the current container + ../../kuberay-operator/goss/kuberay-operator.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/kuberay-operator/goss/kuberay-operator.yaml b/.vib/kuberay-operator/goss/kuberay-operator.yaml new file mode 100644 index 000000000000..567b5e268e90 --- /dev/null +++ b/.vib/kuberay-operator/goss/kuberay-operator.yaml @@ -0,0 +1,15 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +user: + kuberay: + exists: true + uid: 1001 + gid: 0 + +command: + check-kuberay-operator: + exec: manager --help + exit-status: 0 + stderr: + - "Forced cluster upgrade" diff --git a/.vib/kuberay-operator/goss/vars.yaml b/.vib/kuberay-operator/goss/vars.yaml new file mode 100644 index 000000000000..6e787d05035e --- /dev/null +++ b/.vib/kuberay-operator/goss/vars.yaml @@ -0,0 +1,6 @@ +binaries: + - manager +root_dir: /opt/bitnami +directories: + - paths: + - /opt/bitnami/kuberay diff --git a/.vib/kuberay-operator/vib-verify.json b/.vib/kuberay-operator/vib-verify.json new file mode 100644 index 000000000000..d943eb95926e --- /dev/null +++ b/.vib/kuberay-operator/vib-verify.json @@ -0,0 +1,66 @@ +{ + "context": { + "resources": { + "url": "{SHA_ARCHIVE}", + "path": "{VIB_ENV_PATH}" + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" + }, + "phases": { + "package": { + "actions": [ + { + "action_id": "container-image-package", + "params": { + "application": { + "details": { + "name": "{VIB_ENV_CONTAINER}", + "tag": "{VIB_ENV_TAG}" + } + }, + "architectures": ["linux/amd64", "linux/arm64"] + } + }, + { + "action_id": "container-image-lint", + "params": { + "threshold": "error" + } + } + ] + }, + "verify": { + "actions": [ + { + "action_id": "trivy", + "params": { + "threshold": "CRITICAL", + "vuln_type": ["OS"] + } + }, + { + "action_id": "grype", + "params": { + "threshold": "CRITICAL", + "package_type": ["OS"] + } + }, + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "kuberay-operator/goss/goss.yaml", + "vars_file": "kuberay-operator/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-kuberay-operator" + } + } + } + } + ] + } + } +} diff --git a/.vib/ray/goss/goss.yaml b/.vib/ray/goss/goss.yaml new file mode 100644 index 000000000000..2f90a468c144 --- /dev/null +++ b/.vib/ray/goss/goss.yaml @@ -0,0 +1,14 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +gossfile: + # Goss tests exclusive to the current container + ../../ray/goss/ray.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-app-version.yaml: {} + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-directories.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/ray/goss/ray.yaml b/.vib/ray/goss/ray.yaml new file mode 100644 index 000000000000..4dd3ba11b312 --- /dev/null +++ b/.vib/ray/goss/ray.yaml @@ -0,0 +1,15 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +user: + ray: + exists: true + uid: 1001 + gid: 0 +command: + basic-example: + exec: python ./ray/goss/testfiles/basic_example.py + timeout: 120000 + stdout: + - /Estimated value.*3.14/ + exit-status: 0 diff --git a/.vib/ray/goss/testfiles/basic_example.py b/.vib/ray/goss/testfiles/basic_example.py new file mode 100644 index 000000000000..b9360a4d1cab --- /dev/null +++ b/.vib/ray/goss/testfiles/basic_example.py @@ -0,0 +1,69 @@ +# Taken from https://docs.ray.io/en/latest/ray-core/examples/gentle_walkthrough.html + +import ray +import math +import time +import random + +ray.init() + +@ray.remote +class ProgressActor: + def __init__(self, total_num_samples: int): + self.total_num_samples = total_num_samples + self.num_samples_completed_per_task = {} + + def report_progress(self, task_id: int, num_samples_completed: int) -> None: + self.num_samples_completed_per_task[task_id] = num_samples_completed + + def get_progress(self) -> float: + return ( + sum(self.num_samples_completed_per_task.values()) / self.total_num_samples + ) + +@ray.remote +def sampling_task(num_samples: int, task_id: int, + progress_actor: ray.actor.ActorHandle) -> int: + num_inside = 0 + for i in range(num_samples): + x, y = random.uniform(-1, 1), random.uniform(-1, 1) + if math.hypot(x, y) <= 1: + num_inside += 1 + + # Report progress every 1 million samples. + if (i + 1) % 1_000_000 == 0: + # This is async. + progress_actor.report_progress.remote(task_id, i + 1) + + # Report the final progress. + progress_actor.report_progress.remote(task_id, num_samples) + return num_inside + +# Change this to match your cluster scale. +NUM_SAMPLING_TASKS = 10 +NUM_SAMPLES_PER_TASK = 10_000_000 +TOTAL_NUM_SAMPLES = NUM_SAMPLING_TASKS * NUM_SAMPLES_PER_TASK + +# Create the progress actor. +progress_actor = ProgressActor.remote(TOTAL_NUM_SAMPLES) + +# Create and execute all sampling tasks in parallel. +results = [ + sampling_task.remote(NUM_SAMPLES_PER_TASK, i, progress_actor) + for i in range(NUM_SAMPLING_TASKS) +] + +# Query progress periodically. +while True: + progress = ray.get(progress_actor.get_progress.remote()) + print(f"Progress: {int(progress * 100)}%") + + if progress == 1: + break + + time.sleep(1) + +# Get all the sampling tasks results. +total_num_inside = sum(ray.get(results)) +pi = (total_num_inside * 4) / TOTAL_NUM_SAMPLES +print(f"Estimated value of π is: {pi}") diff --git a/.vib/ray/goss/vars.yaml b/.vib/ray/goss/vars.yaml new file mode 100644 index 000000000000..568406f069c0 --- /dev/null +++ b/.vib/ray/goss/vars.yaml @@ -0,0 +1,10 @@ +binaries: + - python +root_dir: /opt/bitnami +directories: + - paths: + # Paths to the client and server directories + - /opt/bitnami/python +version: + bin_name: python + flag: "-c 'import ray; print(ray.__version__)'" diff --git a/.vib/ray/vib-verify.json b/.vib/ray/vib-verify.json new file mode 100644 index 000000000000..bc0d0356cbba --- /dev/null +++ b/.vib/ray/vib-verify.json @@ -0,0 +1,66 @@ +{ + "context": { + "resources": { + "url": "{SHA_ARCHIVE}", + "path": "{VIB_ENV_PATH}" + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" + }, + "phases": { + "package": { + "actions": [ + { + "action_id": "container-image-package", + "params": { + "application": { + "details": { + "name": "{VIB_ENV_CONTAINER}", + "tag": "{VIB_ENV_TAG}" + } + }, + "architectures": ["linux/amd64", "linux/arm64"] + } + }, + { + "action_id": "container-image-lint", + "params": { + "threshold": "error" + } + } + ] + }, + "verify": { + "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "ray/goss/goss.yaml", + "vars_file": "ray/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-ray" + } + } + } + }, + { + "action_id": "trivy", + "params": { + "threshold": "CRITICAL", + "vuln_type": ["OS"] + } + }, + { + "action_id": "grype", + "params": { + "threshold": "CRITICAL", + "package_type": ["OS"] + } + } + ] + } + } +}