Pre-build ldap image for integration test#92
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #92 +/- ##
=======================================
Coverage 83.69% 83.69%
=======================================
Files 13 13
Lines 1325 1325
=======================================
Hits 1109 1109
Misses 216 216
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
|
The plan made some incorrect assumptions about how the tests are going to run. Apparently when more than one component is built in a PR, each one gets a separate test pipeline, plus there is one "group" test pipeline. In each case the ITS is supposed to get a snapshot with all components. For pipelines running on a single component, the other components are supposed to be populated from latest stable build. In this case, that is not working as there is no stable build for the ldap-server component. We get:
The fallback in the ldap-server extraction is not helpful. If there was something to fall back to, it would have been included in the Snapshot in the first place. If the snapshot doesn't contain ldap-server, the test should just be skipped. This is only an issue for the initial PR. Once there is an ldap-server built from main branch, the snapshot should always have some url available. Also, the new build pipelines should be updated to match what Konflux onboarding proposed in |
Two issues addressed: Integration test skip when ldap-server is absent:
Build pipeline alignment with
|
Code ReviewAll 9 Acceptance Criteria are satisfied. The implementation correctly addresses the reviewer's feedback about skip-on-absence and alignment with the FindingsNIT —
|
|
The only difference to the reference pipeline on |
Add a Containerfile and server.py for the LDAP server image, build pipelines for Konflux (pull-request and push), and update the integration-test pipeline to consume the pre-built image from the Snapshot rather than installing ldaptor/twisted at test time. When the Snapshot does not contain the ldap-server component (e.g. on initial PRs before any push build exists), the integration test is skipped rather than failing. Generated-By: OpenCode (google-vertex-anthropic/claude-sonnet-4-6@default)
Both build pipeline files ( |
Summary
Pre-builds the LDAP server used by the integration test as a dedicated container
image instead of performing a live
pip install ldaptor twistedon every test run.Changes
New files
integration-tests/images/ldap-server/server.py– the existing in-memoryLDAP server script (extracted verbatim from the inline ConfigMap in the
integration-test pipeline). Listens on port 1389 as an arbitrary UID,
compatible with OpenShift's
restricted-v2SCC.integration-tests/images/ldap-server/Containerfile– builds afedora-minimal:40-based image that installsldaptorandtwistedviapip3and setsCMD ["python3", "/app/server.py"]..tekton/ldap-server-pull-request.yaml– Konflux build PipelineRun forpull requests. Triggers only when files under
integration-tests/images/ldap-server/change (pathChanged()CEL filter).Uses service account
build-pipeline-ldap-serverand setsimage-expires-after: 5d..tekton/ldap-server-push.yaml– Konflux build PipelineRun for pushes tomain. Same path filter. Applies themaintag via theapply-tagstask.Modified file
.tekton/integration-test-eaas.yaml:parse-snapshot: adds aldap-server-image-urlresult that extracts theldap-servercomponent'scontainerImagefrom the Snapshot JSON.deploy-openldap: replaces the inline ConfigMap creation,pip install,volume mount, and volumes with a single Deployment that references the
pre-built image passed as the
ldap-server-imageparameter.Notes
The
build-pipeline-ldap-serverservice account must be provisioned in theteam-sp-rhelcmp-tenantnamespace before the new pipelines can run; this isan operator/platform concern outside the scope of this PR.