[ICN-360] Jenkins Bluval: always fresh-install KUD cluster Created: 13/May/20 Updated: 24/Jul/20 Resolved: 06/Jun/20 |
|
| Status: | Done |
| Project: | Integrated Cloud Native NFV |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Story | Priority: | Medium |
| Reporter: | Igor Duarte Cardoso | Assignee: | Igor Duarte Cardoso |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Epic Link: | ICN Bluval compliance |
| Sprint: | ICN Sprint 18, ICN Sprint 19 |
| Story Points: | 3 |
| Description |
|
Most kubernetes validation issues stem from how Kubernetes was deployed (with KUD). So it's important to make sure the CI not only tests ICN blueprint on a kubernetes cluster deployed by KUD (https://gerrit.onap.org/r/c/multicloud/k8s/) but that it freshly deploys KUD based on the latest available code. This way, we can catch newly-introduced vulnerabilities introduced by KUD or test whether KUD patches have improved ICN's security footprint. |
| Comments |
| Comment by Igor Duarte Cardoso [ 06/Jun/20 ] |
|
Pushed patch to ICN that installs k8s before running bluval and uninstall k8s after running bluval: https://gerrit.akraino.org/r/c/icn/+/3551. Wiki page/instructions updated at: https://wiki.akraino.org/display/AK/Deploy+ICN+Bluval See also: https://gerrit.akraino.org/r/c/icn/+/3541 https://gerrit.akraino.org/r/c/validation/+/3550 Resolving. |
| Comment by Igor Duarte Cardoso [ 03/Jun/20 ] |
|
This task depends on multicloud-k8s KUD baremetal deployment having the ability to fully uninstall KUD+docker across all installed nodes, which is lacking. |
| Comment by Igor Duarte Cardoso [ 01/Jun/20 ] |
|
Changing story points to 3. The solution to this is not trivial due to the dependency with existing ci-management templates and scripts. |
| Comment by Igor Duarte Cardoso [ 20/May/20 ] |
|
Repurposing story. |