Merge branch 'main' into fix-links

redhat-developer · Jan 15, 2025 · c9ed902 · c9ed902
2 parents a5815f8 + 6bd09d9
commit c9ed902
Show file tree

Hide file tree

Showing 179 changed files with 2,264 additions and 1,420 deletions.
diff --git a/.github/actions/docker-build/action.yaml b/.github/actions/docker-build/action.yaml
@@ -1,4 +1,4 @@
-# Copyright 2023 The Janus IDP Authors
+# Copyright Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

diff --git a/.github/workflows/next-build-image.yaml b/.github/workflows/next-build-image.yaml
@@ -1,4 +1,4 @@
-# Copyright 2023 The Janus IDP Authors
+# Copyright Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -55,9 +55,9 @@ jobs:
         uses: ./.github/actions/docker-build
         with:
           registry: ${{ env.REGISTRY }}
-          username: ${{ vars.QUAY_USERNAME }}
+          username: ${{ secrets.QUAY_USERNAME }}
           password: ${{ secrets.QUAY_TOKEN }}
-          imageName: ${{ github.repository }}
+          imageName: rhdh-community/rhdh
           imageTags: |
             type=raw,value=next
             type=sha,prefix=next-

diff --git a/.github/workflows/pr-build-image.yaml b/.github/workflows/pr-build-image.yaml
@@ -1,4 +1,4 @@
-# Copyright 2023 The Janus IDP Authors
+# Copyright Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -45,14 +45,34 @@ jobs:
 
       - name: Get the latest commits from base branch
         run: |
-          git remote add base-origin https://github.com/janus-idp/backstage-showcase || true
+          git remote add base-origin https://github.com/${{ github.repository }} || true
           git config user.name "${{ github.event.pull_request.user.login }}"
           git config user.email "${{ github.event.pull_request.user.email }}"
           echo "Updating PR with latest commits from ${{ github.event.pull_request.base.ref }} ..."
           git fetch base-origin ${{ github.event.pull_request.base.ref }}
           git merge --no-edit base-origin/${{ github.event.pull_request.base.ref }}
 
+      - name: Determine Changed Files
+        id: changes
+        run: |
+          BASE_COMMIT=${{ github.event.pull_request.base.sha }}
+          HEAD_COMMIT=${{ github.event.pull_request.head.sha }}
+
+          CHANGED_FILES=$(git diff --name-only "$BASE_COMMIT" "$HEAD_COMMIT")
+
+          echo "Changed files:"
+          echo "$CHANGED_FILES"
+
+          if echo "$CHANGED_FILES" | grep -qv '^e2e-tests/'; then
+            echo "Changes detected outside the e2e-tests folder. Proceeding with the build."
+            echo "proceed_with_build=true" >> $GITHUB_ENV
+          else
+            echo "No changes outside the e2e-tests folder. Skipping the build."
+            echo "proceed_with_build=false" >> $GITHUB_ENV
+          fi
+
       - name: Get the last commit short SHA of the PR
+        if: env.proceed_with_build == 'true'
         run: |
           SHORT_SHA=$(git rev-parse --short=8 ${{ github.event.pull_request.head.sha }})
           echo "SHORT_SHA=$SHORT_SHA" >> $GITHUB_ENV
@@ -63,27 +83,44 @@ jobs:
               -e 's|("Last Commit:.+)|"Last Commit: '$repoPR' @ '$SHORT_SHA'"|'
           fi
 
+      - name: Check if Image Already Exists
+        if: env.proceed_with_build == 'true'
+        run: |
+          IMAGE_TAG="pr-${{ github.event.number }}"
+          IMAGE_NAME="${{ env.REGISTRY }}/janus-idp/backstage-showcase:${IMAGE_TAG}"
+
+          HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" "https://quay.io/v2/janus-idp/backstage-showcase/manifests/${IMAGE_TAG}")
+
+          if [ "$HTTP_CODE" -eq 200 ]; then
+            echo "Image $IMAGE_NAME already exists. Skipping the build."
+            echo "image_exists=true" >> $GITHUB_ENV
+          else
+            echo "Image $IMAGE_NAME does not exist. Proceeding with the build."
+            echo "image_exists=false" >> $GITHUB_ENV
+          fi
+
       - name: Build and Push with Buildx
+        if: env.proceed_with_build == 'true' && env.image_exists == 'false'
         uses: ./.github/actions/docker-build
         with:
           registry: ${{ env.REGISTRY }}
-          username: ${{ vars.QUAY_USERNAME }}
+          username: ${{ secrets.QUAY_USERNAME }}
           password: ${{ secrets.QUAY_TOKEN }}
-          imageName: ${{ github.repository }}
+          imageName: rhdh-community/rhdh
           imageTags: |
             type=ref,prefix=pr-,event=pr
             type=ref,prefix=pr-,suffix=-${{ env.SHORT_SHA }},event=pr
-          # to autodelete PR image tags, set an expiry date
           imageLabels: quay.expires-after=14d
           push: true
 
       - name: Comment the image pull link
+        if: env.proceed_with_build == 'true' && env.image_exists == 'false'
         uses: actions/github-script@v7
         with:
           script: |
             github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: 'The image is available at:\n* [`quay.io/${{ github.repository }}:pr-${{ github.event.number }}`](https://quay.io/${{ github.repository }}:pr-${{ github.event.number }}) or\n* [`quay.io/${{ github.repository }}:pr-${{ github.event.number }}-${{ env.SHORT_SHA }}`](https://quay.io/${{ github.repository }}:pr-${{ github.event.number }}-${{ env.SHORT_SHA }})'
+              body: 'The image is available at:\n* [`quay.io/rhdh-community/rhdh:pr-${{ github.event.number }}`](https://quay.io/rhdh-community/rhdh:pr-${{ github.event.number }}) or\n* [`quay.io/rhdh-community/rhdh:pr-${{ github.event.number }}-${{ env.SHORT_SHA }}`](https://quay.io/rhdh-community/rhdh:pr-${{ github.event.number }}-${{ env.SHORT_SHA }})'
             })
diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -1,4 +1,4 @@
-# Copyright 2023-2024 The Janus IDP Authors
+# Copyright Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

diff --git a/.github/workflows/renovate-checks.yaml b/.github/workflows/renovate-checks.yaml
@@ -0,0 +1,20 @@
+name: PR Renovate Config Validator
+
+on:
+  pull_request:
+    paths:
+      - '.github/renovate.json'
+    # Renovate always uses the config from the repository default branch
+    # https://docs.renovatebot.com/configuration-options/
+    branches: [ 'main' ]
+
+jobs:
+  renovate-config-validator:
+    runs-on: ubuntu-latest
+    name: Renovate Config Validator
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+      - name: Validate config
+        # See https://docs.renovatebot.com/config-validation/
+        run: |
+          npx --yes --package renovate -- renovate-config-validator --strict .github/renovate.json
diff --git a/.github/workflows/techdocs.yaml b/.github/workflows/techdocs.yaml
diff --git a/.github/workflows/update-backstage.yaml b/.github/workflows/update-backstage.yaml
@@ -1,4 +1,4 @@
-# Copyright 2024 The Janus IDP Authors
+# Copyright Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -46,8 +46,8 @@ jobs:
         id: generate-token
         uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
         with:
-          app-id: ${{ vars.JANUS_IDP_GITHUB_APP_ID }}
-          private-key: ${{ secrets.JANUS_IDP_GITHUB_APP_PRIVATE_KEY }}
+          app-id: ${{ secrets.RHDH_GITHUB_APP_ID }}
+          private-key: ${{ secrets.RHDH_GITHUB_APP_PRIVATE_KEY }}
 
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4

diff --git a/.github/workflows/versioned-build-image.yaml b/.github/workflows/versioned-build-image.yaml
@@ -1,4 +1,4 @@
-# Copyright 2023 The Janus IDP Authors
+# Copyright Red Hat, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-# on push of a tag, trigger a container build for that tag and push to http://quay.io/janus-idp/backstage-showcase
+# on push of a tag, trigger a container build for that tag and push to http://quay.io/rhdh-community/rhdh
 name: Versioned
 
 on:
@@ -57,9 +57,9 @@ jobs:
         uses: ./.github/actions/docker-build
         with:
           registry: ${{ env.REGISTRY }}
-          username: ${{ vars.QUAY_USERNAME }}
+          username: ${{ secrets.QUAY_USERNAME }}
           password: ${{ secrets.QUAY_TOKEN }}
-          imageName: ${{ github.repository }}
+          imageName: rhdh-community/rhdh
           imageTags: |
             type=raw,value=latest,enable=${{ env.is_latest }}
             type=semver,pattern={{version}}

diff --git a/.ibm/pipelines/README.md b/.ibm/pipelines/README.md
@@ -1,3 +1,112 @@
+# OCP Ephemeral Environment
+
+## Overview
+
+The RHDH deployment for end-to-end (e2e) tests in CI has been updated to use **ephemeral clusters** on OpenShift Container Platform (OCP) instead of persistent clusters.  
+
+### Key Updates
+- Starting from version **1.5**, ephemeral clusters are used for:
+  - OCP nightly jobs (v4.17, v4.16, and v4.14).  
+  - PR checks on the main branch.  
+- Previously, RHDH PR checks utilized persistent clusters created on IBM Cloud.  
+- Now, ephemeral clusters are provisioned using the **OpenShift CI cluster claim** on AWS via the RHDH-QE account in the `us-east-2` region.
+
+---
+
+## Access Requirements
+
+To access ephemeral clusters, you must:  
+1. Be a **Cluster Pool Admin**.  
+2. Join the **Rover Group**: [rhdh-pool-admins](https://rover.redhat.com/groups/group/rhdh-pool-admins).
+
+---
+
+## Cluster Pools
+
+The following cluster pools are available for different OCP versions:
+
+- **RHDH-4-17-US-EAST-2**
+  - Usage: PR checks on the main branch and OCP v4.17 nightly jobs.  
+  - [Cluster Pool Configuration](https://github.com/openshift/release/blob/master/clusters/hosted-mgmt/hive/pools/rhdh/rhdh-ocp-4-17-0-amd64-aws-us-east-2_clusterpool.yaml).  
+
+- **RHDH-4-16-US-EAST-2**
+  - Usage: OCP v4.16 nightly jobs.  
+  - [Cluster Pool Configuration](https://github.com/openshift/release/blob/master/clusters/hosted-mgmt/hive/pools/rhdh/rhdh-ocp-4-16-0-amd64-aws-us-east-2_clusterpool.yaml).  
+
+- **RHDH-4-15-US-EAST-2**
+  - Usage: OCP v4.15 nightly jobs.  
+  - [Cluster Pool Configuration](https://github.com/openshift/release/blob/master/clusters/hosted-mgmt/hive/pools/rhdh/rhdh-ocp-4-15-0-amd64-aws-us-east-2_clusterpool.yaml).  
+
+---
+
+## Using Cluster Claims in OpenShift CI Jobs
+
+Ephemeral clusters can be utilized in CI jobs by defining a `cluster_claim` stanza with values matching the labels on the pool.  
+Additionally, include the workflow: `generic-claim` for setup and cleanup.
+
+### Example Configuration
+
+```yaml
+- as: e2e-tests-nightly
+  cluster_claim:
+    architecture: amd64
+    cloud: aws
+    labels:
+      region: us-east-2
+    owner: rhdh
+    product: ocp
+    timeout: 1h0m0s
+    version: "4.17"
+  cron: 0 7 * * *
+  steps:
+    test:
+    - ref: janus-idp-backstage-showcase-nightly
+    workflow: generic-claim
+```
+
+
+
+## Debugging
+
+If you are a member of the ```rhdh-pool-admins``` group, you can use the [.ibm/pipelines/ocp-cluster-claim-login.sh](ocp-cluster-claim-login.sh) script to log in and retrieve ephemeral environment credentials.
+
+### Steps:
+
+1. Run the script: 
+    ```bash
+    .ibm/pipelines/ocp-cluster-claim-login.sh
+    ```
+2. Provide the Prow log URL when prompted, for example: ```https://prow.ci.openshift.org/view/gs/test-platform-results/pr-logs/pull/janus-idp_backstage-showcase/2089/pull-ci-janus-idp-backstage-showcase-main-e2e-tests/1866766753132974080 ```
+3. The script will:
+    - Log in to the hosted-mgmt cluster, which manages ephemeral cluster creation.
+    - Retrieve admin credentials and log in to the ephemeral cluster.
+    - Prompt to open the OCP web console directly in the browser.
+4. Note:
+    - The ephemeral cluster is deleted as soon as the CI job terminates.
+    - To retain the cluster for a longer duration, add a sleep command in the [openshift-ci-tests.sh](openshift-ci-tests.sh) script, e.g.:
+        ```bash
+        ...
+        echo "Main script completed with result: ${OVERALL_RESULT}"
+        sleep 60*60
+        exit "${OVERALL_RESULT}"
+        ...
+        ```
+
+### For detailed documentation, refer to: [Openshift-ci cluster claim docs](https://docs.ci.openshift.org/docs/how-tos/cluster-claim/)
+
+
+## Keycloak Authentication for Tests
+- All tests on the main branch use Keycloak as the default authentication provider.
+- Keycloak is deployed on the pr-os cluster.
+### Keycloak Instance Details:
+- URL: [Keycloak Admin Console](https://keycloak-rhsso.rhdh-pr-os-a9805650830b22c3aee243e51d79565d-0000.us-east.containers.appdomain.cloud/auth/admin/master/console/#/realms/rhdh-login-test)
+- Credentials: These can be found in the RHDH-QE Vault under the following keys:
+    - ```KEYCLOAK_AUTH_BASE_URL```
+    - ```KEYCLOAK_AUTH_CLIENTID```
+    - ```KEYCLOAK_AUTH_CLIENT_SECRET```
+    - ```KEYCLOAK_AUTH_LOGIN_REALM```
+    - ```KEYCLOAK_AUTH_REALM```
+
 # Installation Instructions for Tests
 
 For tests dependent on `backstage-community-plugin-ocm-backend-dynamic` and `backstage-community-plugin-ocm`, it's necessary to install **Advanced Cluster Management for Kubernetes "MultiClusterHub"**.