From 6bfb59537ee854e10f82070cd3ec278efb7b2848 Mon Sep 17 00:00:00 2001 From: Radius CI Bot Date: Thu, 9 Jan 2025 23:01:01 +0000 Subject: [PATCH 1/4] Update samples for v0.42 --- bicepconfig.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bicepconfig.json b/bicepconfig.json index 2210b36d..0c243715 100644 --- a/bicepconfig.json +++ b/bicepconfig.json @@ -3,7 +3,7 @@ "extensibility": true }, "extensions": { - "radius": "br:biceptypes.azurecr.io/radius:latest", - "aws": "br:biceptypes.azurecr.io/aws:latest" + "radius": "br:biceptypes.azurecr.io/radius:0.42", + "aws": "br:biceptypes.azurecr.io/aws:0.42" } } From 885858d12d8c7f8987ded7431fc8b656a507fead Mon Sep 17 00:00:00 2001 From: Karishma Chawla Date: Fri, 24 Jan 2025 07:39:14 -0800 Subject: [PATCH 2/4] Update Test Samples Workflow - Set up Test EKS Cluster for Dapr (#2013) --- .github/workflows/test.yaml | 45 ++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 11 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5cc16cee..be5d4f13 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -111,18 +111,11 @@ jobs: RUN_TEST=true fi - if [[ "${{ matrix.enableDapr }}" == "true" ]]; then - ENABLE_DAPR=true - else - ENABLE_DAPR=false - fi - # Set output variables to be used in the other jobs echo "RUN_IDENTIFIER=${RUN_IDENTIFIER}" >> $GITHUB_OUTPUT echo "TEST_AZURE_RESOURCE_GROUP=rg-${RUN_IDENTIFIER}" >> $GITHUB_OUTPUT echo "TEST_EKS_CLUSTER_NAME=eks-${RUN_IDENTIFIER}" >> $GITHUB_OUTPUT echo "RUN_TEST=${RUN_TEST}" >> $GITHUB_OUTPUT - echo "ENABLE_DAPR=${ENABLE_DAPR}" >> $GITHUB_OUTPUT - name: Generate Radius version variables id: gen-radius-version if: steps.gen-id.outputs.RUN_TEST == 'true' @@ -233,26 +226,56 @@ jobs: if: steps.gen-id.outputs.RUN_TEST == 'true' && matrix.credential == 'aws' id: create-eks run: | + # Install eksctl curl --silent --location "https://github.com/weaveworks/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp sudo mv /tmp/eksctl /usr/local/bin + + # Create EKS cluster eksctl create cluster \ --name ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} \ --nodes-min 1 --nodes-max 2 --node-type t3.large \ --zones ${{ env.AWS_ZONES }} \ --managed \ --region ${{ env.AWS_REGION }} + + # Wait for the EKS cluster to be active while [[ "$(eksctl get cluster ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} --region ${{ env.AWS_REGION }} -o json | jq -r .[0].Status)" != "ACTIVE" ]]; do echo "Waiting for EKS cluster to be created..." sleep 60 done + + # Update kubeconfig aws eks update-kubeconfig --region ${{ env.AWS_REGION }} --name ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} timeout-minutes: 60 continue-on-error: false - - name: Install Dapr - if: steps.gen-id.outputs.RUN_TEST == 'true' && steps.gen-id.outputs.ENABLE_DAPR == 'true' + - name: Configure EKS for Dapr + if: steps.gen-id.outputs.RUN_TEST == 'true' && matrix.credential == 'aws' run: | - helm repo add dapr https://dapr.github.io/helm-charts/ - helm install dapr dapr/dapr --version=1.6 --namespace dapr-system --create-namespace --wait + # Fetch the node group name dynamically + NODEGROUP_NAME=$(eksctl get nodegroup \ + --cluster ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} \ + --region ${{ env.AWS_REGION }} \ + -o json | jq -r '.[0].Name') + + # Fetch the security group ID for the EKS worker nodes + NODE_SECURITY_GROUP_ID=$(eksctl get nodegroup \ + --cluster ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} \ + --name $NODEGROUP_NAME \ + --region ${{ env.AWS_REGION }} \ + -o json | jq -r '.[0].Resources.SecurityGroup.ID') + + # Authorize port 4000 for Dapr sidecar communication within the same security group + # https://docs.dapr.io/operations/hosting/kubernetes/cluster/setup-eks/#add-dapr-requirements-for-sidecar-access-and-default-storage-class + aws ec2 authorize-security-group-ingress \ + --group-id $NODE_SECURITY_GROUP_ID \ + --protocol tcp \ + --port 4000 \ + --source-group $NODE_SECURITY_GROUP_ID + + # Add a default storage class + kubectl patch storageclass gp2 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}' + timeout-minutes: 30 + continue-on-error: false - uses: oras-project/setup-oras@main if: steps.gen-id.outputs.RUN_TEST == 'true' with: From f182cd9630d52883604060a22b959a06f3ae9296 Mon Sep 17 00:00:00 2001 From: Lakshmi Javadekar <103459615+lakshmimsft@users.noreply.github.com> Date: Fri, 24 Jan 2025 15:09:51 -0800 Subject: [PATCH 3/4] Add check to verify manifests are registered in test workflow (#2031) * Add dependabot file (#2003) * add dependabot file Signed-off-by: sk593 * remove dir Signed-off-by: sk593 * update dir Signed-off-by: sk593 * nit Signed-off-by: sk593 --------- Signed-off-by: sk593 * add check to verify manifests are registered Signed-off-by: lakshmimsft --------- Signed-off-by: sk593 Signed-off-by: lakshmimsft Co-authored-by: Shruthi Kumar --- .github/workflows/test.yaml | 45 +++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index be5d4f13..c7c29ae6 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -292,6 +292,51 @@ jobs: else rad install kubernetes --set rp.publicEndpointOverride=localhost fi + + echo "*** Verify manifests are registered ***" + rm -f registermanifest_logs.txt + # Find the pod with container "ucp" + POD_NAME=$( + kubectl get pods -n radius-system \ + -o jsonpath='{range .items[*]}{.metadata.name}{" "}{.spec.containers[*].name}{"\n"}{end}' \ + | grep "ucp" \ + | head -n1 \ + | cut -d" " -f1 + ) + echo "Found ucp pod: $POD_NAME" + + if [ -z "$POD_NAME" ]; then + echo "No pod with container 'ucp' found in namespace radius-system." + exit 1 + fi + + # Poll logs for up to iterations, 30 seconds each (upto 3 minutes total) + for i in {1..6}; do + kubectl logs "$POD_NAME" -n radius-system | tee registermanifest_logs.txt > /dev/null + + # Exit on error + if grep -qi "Service initializer terminated with error" registermanifest_logs.txt; then + echo "Error found in ucp logs." + grep -i "Service initializer terminated with error" registermanifest_logs.txt + exit 1 + fi + + # Check for success + if grep -q "Successfully registered manifests" registermanifest_logs.txt; then + echo "Successfully registered manifests - message found." + break + fi + + echo "Logs not ready, waiting 30 seconds..." + sleep 30 + done + + # Final check to ensure success message was found + if ! grep -q "Successfully registered manifests" registermanifest_logs.txt; then + echo "Manifests not registered after 3 minutes." + exit 1 + fi + rad group create default rad workspace create kubernetes default --group default rad group switch default From f17425a7c6d70c6e5eac9bbdc9dd2149279af2fb Mon Sep 17 00:00:00 2001 From: Karishma Chawla Date: Fri, 24 Jan 2025 15:27:43 -0800 Subject: [PATCH 4/4] Update command to fetch cluster security group (#2030) Signed-off-by: Karishma Chawla --- .github/workflows/test.yaml | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index c7c29ae6..8cdd0211 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -251,26 +251,20 @@ jobs: - name: Configure EKS for Dapr if: steps.gen-id.outputs.RUN_TEST == 'true' && matrix.credential == 'aws' run: | - # Fetch the node group name dynamically - NODEGROUP_NAME=$(eksctl get nodegroup \ - --cluster ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} \ - --region ${{ env.AWS_REGION }} \ - -o json | jq -r '.[0].Name') - - # Fetch the security group ID for the EKS worker nodes - NODE_SECURITY_GROUP_ID=$(eksctl get nodegroup \ - --cluster ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} \ - --name $NODEGROUP_NAME \ + # Fetch the security group ID for the EKS cluster + SECURITY_GROUP_ID=$(aws eks describe-cluster \ + --name ${{ steps.gen-id.outputs.TEST_EKS_CLUSTER_NAME }} \ + --query 'cluster.resourcesVpcConfig.clusterSecurityGroupId' \ --region ${{ env.AWS_REGION }} \ - -o json | jq -r '.[0].Resources.SecurityGroup.ID') + --output text) # Authorize port 4000 for Dapr sidecar communication within the same security group # https://docs.dapr.io/operations/hosting/kubernetes/cluster/setup-eks/#add-dapr-requirements-for-sidecar-access-and-default-storage-class aws ec2 authorize-security-group-ingress \ - --group-id $NODE_SECURITY_GROUP_ID \ + --group-id $SECURITY_GROUP_ID \ --protocol tcp \ --port 4000 \ - --source-group $NODE_SECURITY_GROUP_ID + --source-group $SECURITY_GROUP_ID # Add a default storage class kubectl patch storageclass gp2 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'