chore(gate): adds to Jarvis Zuul jobs

This patch adds in Loki helm install scripts to a zuul job.
Loki-stack includes (Loki, Grafana, and Promtail charts).
Configuration for each can be set in loki-stack-values.yaml:

https://github.com/grafana/helm-charts/tree/main/charts/grafana
https://github.com/grafana/loki/tree/master/production/helm/loki
https://github.com/grafana/loki/tree/master/production/helm/promtail

Change-Id: Ia6c804e79bdaba0b342c38fac6696c94cf9121a5

tools/gate/loki/100-deploy-k8s.sh

@@ -0,0 +1 @@
+../deploy-k8s.sh

tools/gate/loki/200-install.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+set -eux
+
+NS="loki-stack"
+GNS="grafana"
+
+kubectl create ns $NS || true
+kubectl create ns $GNS || true
+helm repo add grafana https://grafana.github.io/helm-charts
+helm repo update
+
+# install loki-stack with Loki and Promtail from Grafana helm charts repo
+helm upgrade --install loki grafana/loki-stack --namespace $NS -f ./tools/gate/loki/loki-stack-values.yaml
+kubectl wait --for=condition=ready pod --timeout=600s --namespace $NS --all
+kubectl --namespace $NS get pod
+
+# install Grafana from Grafana helm charts repo
+helm upgrade --install grafana grafana/grafana --namespace $GNS -f ./tools/gate/loki/grafana-values.yaml
+kubectl wait --for=condition=ready pod --timeout=600s --namespace $GNS --all
+kubectl --namespace $GNS get pod

tools/gate/loki/300-test.sh

@@ -0,0 +1,14 @@
+#!/bin/bash
+
+set -eux
+
+NS="loki-stack"
+GNS="grafana"
+
+# Run helm test and check the loki runs
+helm test loki -n $NS
+kubectl --namespace $NS get pod
+
+# Run helm test and check the grafana runs
+helm test grafana -n $GNS
+kubectl --namespace $GNS get pod

tools/gate/loki/grafana-values.yaml

@@ -0,0 +1,79 @@
+ingress:
+  enabled: true
+  hosts: ["grafana","grafana.jarvis","grafana.jarvis.svc.cluster.local"]
+  public: true
+  annotations:
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_set_headers "X-Frame-Options: deny";
+      more_set_headers "X-XSS-Protection: 1; mode=block";
+    nginx.ingress.kubernetes.io/rewrite-target: /
+  labels: {}
+  path: /
+  hosts:
+    - grafana-jarvis.domain
+  ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
+  extraPaths: []
+  # - path: /*
+  #   backend:
+  #     serviceName: ssl-redirect
+  #     servicePort: use-annotation
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+resources:
+  limits:
+    cpu: 100m
+    memory: 128Mi
+  requests:
+    cpu: 100m
+    memory: 128Mi
+
+## Enable persistence using Persistent Volume Claims
+## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+persistence:
+  type: pvc
+  enabled: false
+  storageClassName: nfs-provisioner
+  accessModes:
+    - ReadWriteOnce
+  size: 10Gi
+  # annotations: {}
+  finalizers:
+    - kubernetes.io/pvc-protection
+  # selectorLabels: {}
+  # subPath: ""
+  # existingClaim:
+
+
+# Administrator credentials when not using an existing secret (see below)
+adminUser: admin
+# adminPassword: strongpassword
+
+# Use an existing secret for the admin user.
+admin:
+  existingSecret: ""
+  userKey: admin-user
+  passwordKey: admin-password
+
+## Define command to be executed at startup by grafana container
+## Needed if using `vault-env` to manage secrets (ref: https://banzaicloud.com/blog/inject-secrets-into-pods-vault/)
+## Default is "run.sh" as defined in grafana's Dockerfile
+# command:
+# - "sh"
+# - "/run.sh"
+
+## Configure grafana datasources
+## ref: http://docs.grafana.org/administration/provisioning/#datasources
+##
+datasources:
+  datasources.yaml:
+    apiVersion: 1
+    datasources:
+    - name: Loki
+      type: loki
+      access: proxy
+      url: http://loki-stack.loki-stack:3100
+      version: 1

tools/gate/loki/loki-stack-values.yaml

@@ -0,0 +1,19 @@
+loki:
+  enabled: true
+  ingress:
+    enabled: true
+    hosts:
+      - host: loki.jarvis.local
+        paths: ["/"]
+    public: true
+    annotations:
+      nginx.ingress.kubernetes.io/configuration-snippet: |
+        more_set_headers "X-Frame-Options: deny";
+        more_set_headers "X-XSS-Protection: 1; mode=block";
+      nginx.ingress.kubernetes.io/rewrite-target: /
+
+promtail:
+  enabled: true
+
+grafana:
+  enabled: false

tools/gate/pipelines/run-test.sh

@@ -8,6 +8,9 @@ set -eux
 # executes the tekton tests
 ./tools/gate/tekton/300-test.sh
 
+# executes the loki tests
+./tools/gate/loki/300-test.sh
+
 # performs AIO integration tests
 CREDENTIAL="--username=admin --password=Harbor12345"
 

tools/utils/aio-setup.sh

@@ -91,31 +91,105 @@ config:
 EOF
 
 helm upgrade --install tekton-pipelines ${CHART_ROOT_PATH}/tekton-pipelines \
-  --namespace=$TEKTON_NS \
+  --namespace=${TEKTON_NS} \
   ${EXTRA_HELM_ARGS_TEKTON_PIPELINES}
 
 helm upgrade --install tekton-triggers ${CHART_ROOT_PATH}/tekton-triggers \
-  --namespace=$TEKTON_NS \
+  --namespace=${TEKTON_NS} \
   ${EXTRA_HELM_ARGS_TEKTON_TRIGGERS}
 
 helm upgrade --install tekton-dashboard ${CHART_ROOT_PATH}/tekton-dashboard \
-  --namespace=$TEKTON_NS \
+  --namespace=${TEKTON_NS} \
   --values=/tmp/dashboard.yaml \
   ${EXTRA_HELM_ARGS_TEKTON_DASHBOARD}
 
 # waits for the pods to get ready
-kubectl wait --for=condition=ready pod --timeout=600s --all -n $TEKTON_NS
-kubectl wait --for=condition=ready pod --timeout=600s --all -n $HARBOR_NS
+kubectl wait --for=condition=ready pod --timeout=600s --all -n ${TEKTON_NS}
+kubectl wait --for=condition=ready pod --timeout=600s --all -n ${HARBOR_NS}
 
-# installs grafana and loki from upstream chart
-helm upgrade --install grafana grafana/grafana \
-  --namespace=$GRAFANA_NS \
-  ${EXTRA_HELM_ARGS_GRAFANA}
+tee /tmp/loki.yaml << EOF
+loki:
+  enabled: true
+  ingress:
+    enabled: true
+    hosts:
+      - host: loki.jarvis.local
+        paths: ["/"]
+    public: true
+    annotations:
+      nginx.ingress.kubernetes.io/configuration-snippet: |
+        more_set_headers "X-Frame-Options: deny";
+        more_set_headers "X-XSS-Protection: 1; mode=block";
+      nginx.ingress.kubernetes.io/rewrite-target: /
+promtail:
+  enabled: true
+grafana:
+  enabled: false
+EOF
 
-helm upgrade --install loki-stack loki/loki-stack \
-  --namespace=$LOKI_NS \
+tee /tmp/grafana.yaml << EOF
+ingress:
+  enabled: true
+  hosts: ["grafana","grafana.jarvis","grafana.jarvis.svc.cluster.local"]
+  public: true
+  annotations:
+    nginx.ingress.kubernetes.io/configuration-snippet: |
+      more_set_headers "X-Frame-Options: deny";
+      more_set_headers "X-XSS-Protection: 1; mode=block";
+    nginx.ingress.kubernetes.io/rewrite-target: /
+  labels: {}
+  path: /
+  hosts:
+    - grafana-jarvis.domain
+  ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
+  extraPaths: []
+  tls: []
+resources:
+  limits:
+    cpu: 100m
+    memory: 128Mi
+  requests:
+    cpu: 100m
+    memory: 128Mi
+persistence:
+  type: pvc
+  enabled: false
+  storageClassName: nfs-provisioner
+  accessModes:
+    - ReadWriteOnce
+  size: 10Gi
+  # annotations: {}
+  finalizers:
+    - kubernetes.io/pvc-protection
+adminUser: admin
+# adminPassword: strongpassword
+admin:
+  existingSecret: ""
+  userKey: admin-user
+  passwordKey: admin-password
+datasources:
+  datasources.yaml:
+    apiVersion: 1
+    datasources:
+    - name: Loki
+      type: loki
+      access: proxy
+      url: http://loki.loki-stack:3100
+      version: 1
+EOF
+
+# install loki-stack with Loki and Promtail from Grafana helm charts repo
+helm upgrade --install loki grafana/loki-stack \
+  --namespace=${LOKI_NS} \
+  --values=/tmp/loki.yaml \
   ${EXTRA_HELM_ARGS_LOKI_STACK}
 
-# waits for the pods to get ready
-kubectl wait --for=condition=ready pod --timeout=600s --all -n $GRAFANA_NS
-kubectl wait --for=condition=ready pod --timeout=600s --all -n $LOKI_NS
+kubectl wait --for=condition=ready pod --timeout=600s --namespace ${LOKI_NS} --all
+
+# install Grafana from Grafana helm charts repo
+helm upgrade --install grafana grafana/grafana \
+  --namespace=${GRAFANA_NS} \
+  --values=/tmp/grafana.yaml \
+  ${EXTRA_HELM_ARGS_GRAFANA}
+
+kubectl wait --for=condition=ready pod --timeout=600s --namespace ${GRAFANA_NS} --all