nerc-project · knikolla · Jun 6, 2022 · Mar 8, 2022 · May 19, 2022 · May 19, 2022
diff --git a/.github/workflows/test-py38-functional-devstack.yaml b/.github/workflows/test-py38-functional-devstack.yaml
@@ -23,4 +23,4 @@ jobs:
 
       - name: Run functional tests
         run: |
-          ./ci/run_functional_tests.sh
+          ./ci/run_functional_tests_openstack.sh
diff --git a/.github/workflows/test-py39-functional-microshift.yaml b/.github/workflows/test-py39-functional-microshift.yaml
@@ -0,0 +1,31 @@
+name: test-py39-functional-microshift
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set up Python 3.9
+        uses: actions/setup-python@v1
+        with:
+          python-version: 3.9
+
+      - name: Install Microshift
+        run: |
+          ./ci/microshift.sh
+
+      - name: Install ColdFront and plugin
+        run: |
+          ./ci/setup.sh
+
+      - name: Run functional tests
+        run: |
+          ./ci/run_functional_tests_openshift.sh
diff --git a/.github/workflows/test-py39-functional.yaml b/.github/workflows/test-py39-functional.yaml
@@ -45,4 +45,4 @@ jobs:
           export OPENSTACK_PUBLIC_NETWORK_ID=$(microstack.openstack network show external -f value -c id)
           export OS_AUTH_URL="https://localhost:5000"
 
-          coldfront test coldfront_plugin_openstack.tests.functional
+          coldfront test coldfront_plugin_openstack.tests.functional.openstack
diff --git a/Vagrantfile b/Vagrantfile
@@ -1,21 +1,42 @@
 Vagrant.configure("2") do |config|
-    config.vm.box = "generic/ubuntu2004"
     config.vm.synced_folder ".", "/home/vagrant/coldfront-plugin-openstack/"
-
     config.vm.network :private_network
 
-    config.vm.provider "vmware_fusion" do |vb|
-        vb.gui = false
-        vb.memory = "9000"
-        vb.cpus = "4"
+    config.vm.define "openstack" do |openstack|
+        openstack.vm.box = "generic/ubuntu2004"
+
+        openstack.vm.provider "vmware_fusion" do |vb|
+            vb.gui = false
+            vb.memory = "9000"
+            vb.cpus = "4"
+        end
+
+        openstack.vm.provision "shell", privileged: false, inline: <<-SHELL
+            set -xe
+
+            cd ~/coldfront-plugin-openstack
+            ./ci/devstack.sh
+            ./ci/setup.sh
+            ./ci/run_functional_tests.sh
+        SHELL
     end
 
-    config.vm.provision "shell", privileged: false, inline: <<-SHELL
-        set -xe
+    config.vm.define "openshift" do |openshift|
+        openshift.vm.box = "generic/ubuntu2004"
 
-        cd ~/coldfront-plugin-openstack
-        ./ci/devstack.sh
-        ./ci/setup.sh
-        ./ci/run_functional_tests.sh
-    SHELL
+        openshift.vm.provider "vmware_fusion" do |vb|
+            vb.gui = false
+            vb.memory = "4096"
+            vb.cpus = "4"
+        end
+
+        openshift.vm.provision "shell", privileged: false, inline: <<-SHELL
+            set -xe
+
+            cd ~/coldfront-plugin-openstack
+            ./ci/microshift.sh
+            ./ci/setup.sh
+            ./ci/run_functional_tests_openshift.sh
+        SHELL
+    end
 end
diff --git a/ci/microshift.sh b/ci/microshift.sh
@@ -0,0 +1,44 @@
+#
+# Installs Microshift on Docker
+#
+set -xe
+
+export ACCT_MGT_VERSION="e955158dc9fbd2a7aa68a8818fb7018315141d2b"
+
+sudo apt-get update && sudo apt-get upgrade -y
+
+if [[ ! "${CI}" == "true" ]]; then
+    sudo apt-get install docker.io docker-compose python3-virtualenv -y
+fi
+
+echo '127.0.0.1  onboarding-onboarding.cluster.local' | sudo tee -a /etc/hosts
+
+sudo docker run -d --rm --name microshift --privileged \
+    --network host \
+    -v microshift-data:/var/lib \
+    quay.io/microshift/microshift-aio:latest
+
+sudo docker run -d --name registry --network host registry:2
+
+curl -O "https://mirror.openshift.com/pub/openshift-v4/$(uname -m)/clients/ocp/stable/openshift-client-linux.tar.gz"
+sudo tar -xf openshift-client-linux.tar.gz -C /usr/local/bin oc kubectl
+
+mkdir ~/.kube
+sudo docker cp microshift:/var/lib/microshift/resources/kubeadmin/kubeconfig ~/.kube/config
+
+while ! oc get all -h; do
+    echo "Waiting on Microshift"
+    sleep 5
+done
+
+# Install OpenShift Account Management
+git clone https://github.com/cci-moc/openshift-acct-mgt.git ~/openshift-acct-mgt
+cd ~/openshift-acct-mgt
+git checkout "$ACCT_MGT_VERSION"
+sudo docker build . -t "localhost:5000/cci-moc/openshift-acct-mgt:latest"
+sudo docker push "localhost:5000/cci-moc/openshift-acct-mgt:latest"
+
+oc apply -k k8s/overlays/crc
+oc wait -n onboarding --for=condition=available --timeout=800s deployment/onboarding
+
+sleep 60
diff --git a/ci/run_functional_tests_openshift.sh b/ci/run_functional_tests_openshift.sh
@@ -0,0 +1,17 @@
+# Creates the appropriate credentials and runs tests
+#
+# Tests expect the resource to be name Devstack
+set -xe
+
+export OPENSHIFT_MICROSHIFT_USERNAME="admin"
+export OPENSHIFT_MICROSHIFT_PASSWORD="pass"
+
+if [[ ! "${CI}" == "true" ]]; then
+    source /tmp/coldfront_venv/bin/activate
+fi
+
+export DJANGO_SETTINGS_MODULE="local_settings"
+export FUNCTIONAL_TESTS="True"
+export OS_AUTH_URL="https://onboarding-onboarding.cluster.local"
+
+coldfront test coldfront_plugin_openstack.tests.functional.openshift
diff --git a/ci/run_functional_tests.sh → ci/run_functional_tests_openstack.sh b/ci/run_functional_tests.sh → ci/run_functional_tests_openstack.sh
@@ -15,7 +15,9 @@ export OPENSTACK_DEVSTACK_APPLICATION_CREDENTIAL_ID=$(
 
 export OPENSTACK_PUBLIC_NETWORK_ID=$(openstack network show public -f value -c id)
 
-source /tmp/coldfront_venv/bin/activate
+if [[ ! "${CI}" == "true" ]]; then
+    source /tmp/coldfront_venv/bin/activate
+fi
 
 export DJANGO_SETTINGS_MODULE="local_settings"
 export FUNCTIONAL_TESTS="True"
@@ -25,6 +27,6 @@ export KEYCLOAK_USER="admin"
 export KEYCLOAK_PASS="nomoresecret"
 export KEYCLOAK_REALM="master"
 
-coldfront test coldfront_plugin_openstack.tests.functional
+coldfront test coldfront_plugin_openstack.tests.functional.openstack
 
 openstack application credential delete $OPENSTACK_DEVSTACK_APPLICATION_CREDENTIAL_ID
diff --git a/ci/setup.sh b/ci/setup.sh
@@ -1,7 +1,10 @@
 set -xe
 
-virtualenv -p python3 /tmp/coldfront_venv
-source /tmp/coldfront_venv/bin/activate
+# If running on Github actions, don't create a virtualenv
+if [[ ! "${CI}" == "true" ]]; then
+    virtualenv -p python3 /tmp/coldfront_venv
+    source /tmp/coldfront_venv/bin/activate
+fi
 
 pip3 install -r test-requirements.txt
 pip3 install -e .
diff --git a/src/coldfront_plugin_openstack/attributes.py b/src/coldfront_plugin_openstack/attributes.py
@@ -1,4 +1,4 @@
-RESOURCE_AUTH_URL = 'OpenStack Auth URL'
+RESOURCE_AUTH_URL = 'OpenStack Auth URL'  # TODO: remove OpenStack prefix
 RESOURCE_FEDERATION_PROTOCOL = 'OpenStack Federation Protocol'
 RESOURCE_IDP = 'OpenStack Identity Provider'
 RESOURCE_PROJECT_DOMAIN = 'OpenStack Domain for Projects'
@@ -16,6 +16,7 @@
                        RESOURCE_DEFAULT_PUBLIC_NETWORK,
                        RESOURCE_DEFAULT_NETWORK_CIDR]
 
+# TODO: Migration to rename the OpenStack specific prefix out of these attrs
 ALLOCATION_PROJECT_ID = 'OpenStack Project ID'
 ALLOCATION_PROJECT_NAME = 'OpenStack Project Name'
 

diff --git a/src/coldfront_plugin_openstack/base.py b/src/coldfront_plugin_openstack/base.py
@@ -1,8 +1,11 @@
 import abc
+import functools
 
 from coldfront.core.allocation import models as allocation_models
 from coldfront.core.resource import models as resource_models
 
+from coldfront_plugin_openstack import attributes
+
 
 class ResourceAllocator(abc.ABC):
 
@@ -19,6 +22,14 @@ def get_or_create_federated_user(self, username):
             user = self.create_federated_user(username)
         return user
 
+    @functools.cached_property
+    def auth_url(self):
+        return self.resource.get_attribute(attributes.RESOURCE_AUTH_URL).rstrip("/")
+
+    @functools.cached_property
+    def member_role_name(self):
+        return self.resource.get_attribute(attributes.RESOURCE_ROLE) or 'member'
+
     @abc.abstractmethod
     def create_project(self, project_name) -> str:
         pass

diff --git a/src/coldfront_plugin_openstack/management/commands/add_openshift_resource.py b/src/coldfront_plugin_openstack/management/commands/add_openshift_resource.py
@@ -0,0 +1,45 @@
+from django.core.management.base import BaseCommand
+from django.core.management import call_command
+
+from coldfront.core.resource.models import (Resource,
+                                            ResourceAttribute,
+                                            ResourceAttributeType,
+                                            ResourceType)
+
+from coldfront_plugin_openstack import attributes
+
+
+class Command(BaseCommand):
+    help = 'Create OpenShift resource'
+
+    def add_arguments(self, parser):
+        parser.add_argument('--name', type=str, required=True,
+                            help='Name of OpenShift resource')
+        parser.add_argument('--auth-url', type=str, required=True,
+                            help='URL of the openshift-acct-mgt endpoint')
+        parser.add_argument('--role', type=str, default='edit',
+                            help='Role for user when added to project (default: edit)')
+
+    def handle(self, *args, **options):
+        openshift, _ = Resource.objects.get_or_create(
+            resource_type=ResourceType.objects.get(name='OpenShift'),
+            parent_resource=None,
+            name=options['name'],
+            description='OpenShift cloud environment',
+            is_available=True,
+            is_public=True,
+            is_allocatable=True
+        )
+
+        ResourceAttribute.objects.get_or_create(
+            resource_attribute_type=ResourceAttributeType.objects.get(
+                name=attributes.RESOURCE_AUTH_URL),
+            resource=openshift,
+            value=options['auth_url']
+        )
+        ResourceAttribute.objects.get_or_create(
+            resource_attribute_type=ResourceAttributeType.objects.get(
+                name=attributes.RESOURCE_ROLE),
+            resource=openshift,
+            value=options['role']
+        )
diff --git a/...commands/register_openstack_attributes.py → ...ent/commands/register_cloud_attributes.py b/...commands/register_openstack_attributes.py → ...ent/commands/register_cloud_attributes.py
@@ -7,7 +7,7 @@
 
 
 class Command(BaseCommand):
-    help = 'Add default OpenStack allocation related choices'
+    help = 'Add attributes for OpenStack and OpenShift resources/allocations'
 
     def register_allocation_attributes(self):
         def register(attribute_name, attribute_type):
@@ -36,7 +36,11 @@ def register_resource_attributes(self):
 
     def register_resource_type(self):
         resource_models.ResourceType.objects.get_or_create(
-            name='OpenStack', description='OpenStack Cloud')
+            name='OpenStack', description='OpenStack Cloud'
+        )
+        resource_models.ResourceType.objects.get_or_create(
+            name='OpenShift', description='OpenShift Cloud'
+        )
 
     def handle(self, *args, **options):
         self.register_resource_type()