update ods-ci to use the new hive server #1307
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -145,6 +146,7 @@ | |||
|
|
|||
| Wait For Cluster To Be Ready | |||
| ${pool_namespace} = Get Cluster Pool Namespace ${pool_name} | |||
| Set Task Variable ${pool_namespace} | |||
Check notice
Code scanning / Robocop
{{ set_variable_keyword }} can be replaced with VAR Note
| @@ -145,6 +146,7 @@ | |||
|
|
|||
| Wait For Cluster To Be Ready | |||
| ${pool_namespace} = Get Cluster Pool Namespace ${pool_name} | |||
| Set Task Variable ${pool_namespace} | |||
Check warning
Code scanning / Robocop
Test, suite and global variables should be uppercase Warning
Robot Results
|
kobihk
force-pushed
the
support_new_hive_master
branch
from
7dc2671 to
fe822ff
Compare
The changes that remove redundant spaces and add new lines were fixed automatically by my IDE and I think it better to fix it from time to time if we can. |
I agree but even in this case you can put these changes into a separate commits. Should be easy with the |
| export AWS_ACCESS_KEY_ID=${6:-$AWS_ACCESS_KEY_ID} | ||
| export AWS_SECRET_ACCESS_KEY=${7:-$AWS_SECRET_ACCESS_KEY} |
There was a problem hiding this comment.
Why do you need to pass credentials into the script args ? It is not too secured.
Can you set the AWS access before calling the script ?
There was a problem hiding this comment.
because we use the AWS hive credentials all over the provision process
here inside the script, the export limited the effect of changing of the AWS keys to this script only without the necessary of switch between profiles
There was a problem hiding this comment.
But these credentials are not used within the create_fips.sh:
I think you can remove them, and just switch AWS profile as needed before calling the script:
aws configure set profile $AWS_PROFILE
aws configure set aws_access_key_id ... --profile ${AWS_PROFILE}
aws configure set aws_secret_access_key ... --profile ${AWS_PROFILE}
aws configure --profile "$AWS_PROFILE"
But If you must use them inside the script as plain text (unsecured), please call it inside a subshell to hide output.
There was a problem hiding this comment.
We assume both AWS and PSI access were already set before calling the script.
There was a problem hiding this comment.
as you can see from the console the key and secret are masked
10:50:42 Creating Openstack Floating IPs and AWS DNS Records
10:50:42 Watching command output: /home/jenkins/workspace/rhods/rhods-smoke/ods-ci/ods_ci/tasks/Resources/Provisioning/Hive/OSP/create_fips.sh ods-qe-psi-02 [osp.rh-ods.com](http://osp.rh-ods.com/) provider_net_cci_14 rhos-d /home/jenkins/workspace/rhods/rhods-smoke/ods-ci/ods_ci/ods_ci/test-output/ods-ci-2024-03-19-08-50-CIdpRO2oYu/ **** ****
| export AWS_ACCESS_KEY_ID=${6:-$AWS_ACCESS_KEY_ID} | ||
| export AWS_SECRET_ACCESS_KEY=${7:-$AWS_SECRET_ACCESS_KEY} |
There was a problem hiding this comment.
But these credentials are not used within the create_fips.sh:
I think you can remove them, and just switch AWS profile as needed before calling the script:
aws configure set profile $AWS_PROFILE
aws configure set aws_access_key_id ... --profile ${AWS_PROFILE}
aws configure set aws_secret_access_key ... --profile ${AWS_PROFILE}
aws configure --profile "$AWS_PROFILE"
But If you must use them inside the script as plain text (unsecured), please call it inside a subshell to hide output.
kobihk
force-pushed
the
support_new_hive_master
branch
from
fe822ff to
701ca3a
Compare
| ${result} = Run Process | ||
| ... oc -n ${pool_namespace} get cd ${pool_namespace} -o json | jq -r '.status.webConsoleURL' --exit-status | ||
| ... shell=yes | ||
| Should Be True ${result.rc} == 0 |
Check notice
Code scanning / Robocop
'{{ block_name }}' condition can be simplified Note
related to jira ticket: RHOAIENG-3338 Signed-off-by: Kobi Hakimi <[email protected]>
kobihk
force-pushed
the
support_new_hive_master
branch
from
701ca3a to
b6fb7f7
Compare
|
kobihk
added
verified
This PR contains following fixes from the `master` branch: * edafbcc (#1296) * 5e7f4b1 (#1302) * b6fb7f7 (#1307) * 9485246 (#1314) * abfb8a5 (#1316) * fc76761 (#1317) * 439e2b3 (#1306) * 5db9e26 (#1324) --- I kept the order in which these commits were merged in the `master` branch and provided both link to the particular commit and also link to the particular PR so it's clearer to understand later on.
related to jira ticket: RHOAIENG-3338
Signed-off-by: Kobi Hakimi [email protected]