Merge branch 'main' into sonarqube-e2e

Author: AndrienkoAleksandr

.ibm/pipelines/cluster/eks/aws.sh

@@ -45,7 +45,8 @@ initiate_rbac_eks_helm_deployment() {
 
   local rbac_rhdh_base_url="https://${K8S_CLUSTER_ROUTER_BASE}"
   apply_yaml_files "${DIR}" "${NAME_SPACE_RBAC}" "${rbac_rhdh_base_url}"
-  yq_merge_value_files "merge" "${DIR}/value_files/${HELM_CHART_RBAC_VALUE_FILE_NAME}" "${DIR}/value_files/${HELM_CHART_RBAC_EKS_DIFF_VALUE_FILE_NAME}" "/tmp/${HELM_CHART_RBAC_K8S_MERGED_VALUE_FILE_NAME}"
+  envsubst < "${DIR}/value_files/${HELM_CHART_RBAC_EKS_DIFF_VALUE_FILE_NAME}" > "/tmp/${HELM_CHART_RBAC_EKS_DIFF_VALUE_FILE_NAME}"
+  yq_merge_value_files "merge" "${DIR}/value_files/${HELM_CHART_RBAC_VALUE_FILE_NAME}" "/tmp/${HELM_CHART_RBAC_EKS_DIFF_VALUE_FILE_NAME}" "/tmp/${HELM_CHART_RBAC_K8S_MERGED_VALUE_FILE_NAME}"
   mkdir -p "${ARTIFACT_DIR}/${NAME_SPACE_RBAC}"
   cp -a "/tmp/${HELM_CHART_RBAC_K8S_MERGED_VALUE_FILE_NAME}" "${ARTIFACT_DIR}/${NAME_SPACE_RBAC}/" # Save the final value-file into the artifacts directory.
   echo "Deploying image from repository: ${QUAY_REPO}, TAG_NAME: ${TAG_NAME}, in NAME_SPACE: ${NAME_SPACE_RBAC}"

.ibm/pipelines/cluster/eks/eks-helm-deployment.sh

@@ -31,7 +31,8 @@ gcloud_ssl_cert_create() {
 
   # Check the return status
   if [ $? -eq 0 ]; then
-    echo "Certificate '${cert_name}' created successfully.\nThe test might fail if the certificate is not obtained from the certificate authority in time."
+    echo "Certificate '${cert_name}' created successfully."
+    echo "The test might fail if the certificate is not obtained from the certificate authority in time."
   else
     # Check if the error is due to certificate already existing
     if echo "$output" | grep -q "already exists"; then

.ibm/pipelines/cluster/gke/gcloud.sh

@@ -121,10 +121,10 @@ GKE_CERT_NAME=$(cat /tmp/secrets/GKE_CERT_NAME)
 GOOGLE_CLOUD_PROJECT=$(cat /tmp/secrets/GOOGLE_CLOUD_PROJECT)
 
 # EKS variables
-EKS_INSTANCE_DOMAIN_NAME=$(cat /tmp/secrets/EKS_INSTANCE_DOMAIN_NAME)
 AWS_ACCESS_KEY_ID=$(cat /tmp/secrets/AWS_ACCESS_KEY_ID)
 AWS_SECRET_ACCESS_KEY=$(cat /tmp/secrets/AWS_SECRET_ACCESS_KEY)
 AWS_DEFAULT_REGION=$(cat /tmp/secrets/AWS_DEFAULT_REGION)
+AWS_EKS_PARENT_DOMAIN=$(cat /tmp/secrets/AWS_EKS_PARENT_DOMAIN)
 
 # authentication providers variables
 

.ibm/pipelines/env_variables.sh

@@ -15,6 +15,21 @@ handle_eks_helm() {
 
   # Get cluster information
   aws_eks_get_cluster_info
+  set -x
+
+  # Generate dynamic domain name
+  echo "Generating dynamic domain name..."
+  local dynamic_domain
+  dynamic_domain=$(generate_dynamic_domain_name)
+  
+  if [[ $? -ne 0 ]]; then
+    echo "Error: Failed to generate dynamic domain name, using fallback"
+    export EKS_INSTANCE_DOMAIN_NAME="eks-ci-fallback.${AWS_EKS_PARENT_DOMAIN}"
+  else
+    export EKS_INSTANCE_DOMAIN_NAME="${dynamic_domain}"
+  fi
+  
+  echo "Using domain name: ${EKS_INSTANCE_DOMAIN_NAME}"
 
   K8S_CLUSTER_ROUTER_BASE=$EKS_INSTANCE_DOMAIN_NAME
   export K8S_CLUSTER_ROUTER_BASE
@@ -32,15 +47,15 @@ handle_eks_helm() {
 
   cluster_setup_k8s_helm
 
-  get_eks_certificate "${EKS_INSTANCE_DOMAIN_NAME}"
+  get_eks_certificate "${K8S_CLUSTER_ROUTER_BASE}"
 
   initiate_eks_helm_deployment
-  mock_eks_ingress_hosts "${NAME_SPACE}" "${RELEASE_NAME}-developer-hub"
+  configure_eks_ingress_and_dns "${NAME_SPACE}" "${RELEASE_NAME}-developer-hub"
   check_and_test "${RELEASE_NAME}" "${NAME_SPACE}" "https://${K8S_CLUSTER_ROUTER_BASE}" 50 30
   delete_namespace "${NAME_SPACE}"
 
   initiate_rbac_eks_helm_deployment
-  mock_eks_ingress_hosts "${NAME_SPACE_RBAC}" "${RELEASE_NAME_RBAC}-developer-hub"
+  configure_eks_ingress_and_dns "${NAME_SPACE_RBAC}" "${RELEASE_NAME_RBAC}-developer-hub"
   check_and_test "${RELEASE_NAME_RBAC}" "${NAME_SPACE_RBAC}" "https://${K8S_CLUSTER_ROUTER_BASE}" 50 30
   delete_namespace "${NAME_SPACE_RBAC}"
 } 

.ibm/pipelines/jobs/eks-helm.sh

@@ -18,6 +18,20 @@ handle_eks_operator() {
   # Get cluster information
   aws_eks_get_cluster_info
 
+  # Generate dynamic domain name
+  echo "Generating dynamic domain name..."
+  local dynamic_domain
+  dynamic_domain=$(generate_dynamic_domain_name)
+  
+  if [[ $? -ne 0 ]]; then
+    echo "Error: Failed to generate dynamic domain name, using fallback"
+    export EKS_INSTANCE_DOMAIN_NAME="eks-ci-fallback.${AWS_EKS_PARENT_DOMAIN}"
+  else
+    export EKS_INSTANCE_DOMAIN_NAME="${dynamic_domain}"
+  fi
+
+  echo "Using domain name: ${EKS_INSTANCE_DOMAIN_NAME}"
+
   K8S_CLUSTER_ROUTER_BASE=$EKS_INSTANCE_DOMAIN_NAME
   export K8S_CLUSTER_ROUTER_BASE
 
@@ -36,15 +50,15 @@ handle_eks_operator() {
 
   prepare_operator "3"
 
-  get_eks_certificate "${EKS_INSTANCE_DOMAIN_NAME}"
+  get_eks_certificate "${K8S_CLUSTER_ROUTER_BASE}"
 
   initiate_eks_operator_deployment "${NAME_SPACE}" "https://${K8S_CLUSTER_ROUTER_BASE}"
-  mock_eks_ingress_hosts "${NAME_SPACE}" "dh-ingress"
+  configure_eks_ingress_and_dns "${NAME_SPACE}" "dh-ingress"
   check_and_test "${RELEASE_NAME}" "${NAME_SPACE}" "https://${K8S_CLUSTER_ROUTER_BASE}" 50 30
   cleanup_eks_deployment "${NAME_SPACE}"
 
   initiate_rbac_eks_operator_deployment "${NAME_SPACE_RBAC}" "https://${K8S_CLUSTER_ROUTER_BASE}"
-  mock_eks_ingress_hosts "${NAME_SPACE_RBAC}" "dh-ingress"
+  configure_eks_ingress_and_dns "${NAME_SPACE_RBAC}" "dh-ingress"
   check_and_test "${RELEASE_NAME}" "${NAME_SPACE_RBAC}" "https://${K8S_CLUSTER_ROUTER_BASE}" 50 30
   cleanup_eks_deployment "${NAME_SPACE_RBAC}"
 } 

.ibm/pipelines/jobs/eks-operator.sh

@@ -112,6 +112,11 @@ main() {
       echo "Calling handle_ocp_pull"
       handle_ocp_pull
       ;;
+    *)
+      echo "ERROR: Unknown JOB_NAME pattern: $JOB_NAME"
+      echo "No matching handler found for this job type"
+      save_overall_result 1
+      ;;
   esac
 
   echo "Main script completed with result: ${OVERALL_RESULT}"

.ibm/pipelines/openshift-ci-tests.sh

@@ -31,7 +31,7 @@ integrations:
 auth:
   environment: development
   session:
-    secret: superSecretSecret 
+    secret: superSecretSecret
   providers:
     guest:
       dangerouslyAllowOutsideDevelopment: true

.ibm/pipelines/resources/config_map/app-config-rhdh-rbac.yaml

@@ -668,8 +668,8 @@ check_backstage_running() {
   local release_name=$1
   local namespace=$2
   local url=$3
-  local max_attempts=$4
-  local wait_seconds=$5
+  local max_attempts=${4:-30}
+  local wait_seconds=${5:-30}
 
   if [ -z "${url}" ]; then
     echo "Error: URL is not set. Please provide a valid URL."
@@ -679,11 +679,12 @@ check_backstage_running() {
   echo "Checking if Backstage is up and running at ${url}"
 
   for ((i = 1; i <= max_attempts; i++)); do
+    # Check HTTP status
     local http_status
     http_status=$(curl --insecure -I -s -o /dev/null -w "%{http_code}" "${url}")
 
     if [ "${http_status}" -eq 200 ]; then
-      echo "Backstage is up and running!"
+      echo "✅ Backstage is up and running!"
       export BASE_URL="${url}"
       echo "BASE_URL: ${BASE_URL}"
       return 0
@@ -694,7 +695,8 @@ check_backstage_running() {
     fi
   done
 
-  echo "Failed to reach Backstage at ${BASE_URL} after ${max_attempts} attempts." | tee -a "/tmp/${LOGFILE}"
+  echo "❌ Failed to reach Backstage at ${url} after ${max_attempts} attempts."
+  oc get events -n "${namespace}" --sort-by='.lastTimestamp' | tail -10
   mkdir -p "${ARTIFACT_DIR}/${namespace}"
   cp -a "/tmp/${LOGFILE}" "${ARTIFACT_DIR}/${namespace}/"
   save_all_pod_logs "${namespace}"

.ibm/pipelines/utils.sh

@@ -61,26 +61,31 @@ upstream:
       # could be changed to a [generic ephemeral volume](https://docs.openshift.com/container-platform/4.13/storage/generic-ephemeral-vols.html#generic-ephemeral-vols-procedure_generic-ephemeral-volumes).
       - name: dynamic-plugins-root
         emptyDir: {}
-      - name: rbac-policy
-        configMap:
-          defaultMode: 420
-          name: rbac-policy
-      - name: rbac-conditions
-        emptyDir: {}
       # Volume that will expose the `dynamic-plugins.yaml` file from the `dynamic-plugins` config map.
       # The `dynamic-plugins` config map is created by the helm chart from the content of the `global.dynamic` field.
       - name: dynamic-plugins
         configMap:
           defaultMode: 420
-          name: dynamic-plugins
+          name: '{{ printf "%s-dynamic-plugins" .Release.Name }}'
           optional: true
       # Optional volume that allows exposing the `.npmrc` file (through a `dynamic-plugins-npmrc` secret)
       # to be used when running `npm pack` during the dynamic plugins installation by the initContainer.
       - name: dynamic-plugins-npmrc
         secret:
           defaultMode: 420
           optional: true
-          secretName: dynamic-plugins-npmrc
+          secretName: '{{ printf "%s-dynamic-plugins-npmrc" .Release.Name }}'
+      - name: dynamic-plugins-registry-auth
+        secret:
+          defaultMode: 416
+          optional: true
+          secretName: '{{ printf "%s-dynamic-plugins-registry-auth" .Release.Name }}'
+      - name: rbac-policy
+        configMap:
+          defaultMode: 420
+          name: rbac-policy
+      - name: rbac-conditions
+        emptyDir: {}
     extraEnvVarsSecrets:
       - rhdh-secrets
     podSecurityContext: