fix oci-env + keycloak (#1838)

* More debug. No-Issue Signed-off-by: James Tanner <[email protected]> * Fix pip location in base init script. No-Issue Signed-off-by: James Tanner <[email protected]> * Don't just ignore 500ISE when polling tasks. No-Issue Signed-off-by: James Tanner <[email protected]> * Update pulpcore to fix otel weirdness. No-Issue Signed-off-by: James Tanner <[email protected]> * Use git requirement. No-Issue Signed-off-by: James Tanner <[email protected]> * Try pinning dynaconf to 3.1.x No-Issue Signed-off-by: James Tanner <[email protected]> * Lint. No-Issue Signed-off-by: James Tanner <[email protected]> * Dead code. No-Issue Signed-off-by: James Tanner <[email protected]> --------- Signed-off-by: James Tanner <[email protected]>
ansible · Aug 14, 2023 · 336365f · 336365f
1 parent 00edd0b
commit 336365f
Show file tree

Hide file tree

Showing 12 changed files with 55 additions and 18 deletions.
diff --git a/galaxy_ng/tests/integration/api/test_artifact_download.py b/galaxy_ng/tests/integration/api/test_artifact_download.py
@@ -47,6 +47,7 @@ def test_download_artifact(ansible_config, upload_artifact):
             assert resp["state"] == "completed"
 
     hub_4_5 = is_hub_4_5(ansible_config)
+
     set_certification(api_client, artifact, hub_4_5=hub_4_5)
 
     # download collection

diff --git a/galaxy_ng/tests/integration/utils/tasks.py b/galaxy_ng/tests/integration/utils/tasks.py
@@ -51,8 +51,9 @@ def wait_for_task(api_client, resp, task_id=None, timeout=6000, raise_on_error=F
                 if raise_on_error:
                     raise TaskFailed(resp["error"])
         except GalaxyError as e:
-            if "500" not in str(e):
-                raise
+            raise e
+            # if "500" not in str(e):
+            #    raise
         else:
             ready = resp["state"] not in ("running", "waiting")
         time.sleep(SLEEP_SECONDS_POLLING)

diff --git a/profiles/base/Dockerfile b/profiles/base/Dockerfile
@@ -6,10 +6,10 @@ WORKDIR /opt/galaxy_ng/
 RUN switch_python 3.11
 
 # preinstall galaxy_ng in thebase image
-RUN pip3.11 install .
+RUN python3.11 -m pip install .
 
 # set up venv for integration tests 
-RUN pip3.11 install virtualenv && python3.11 -m venv /tmp/gng_testing
+RUN python3.11 -m pip install virtualenv && python3.11 -m venv /tmp/gng_testing
 RUN bash profiles/base/setup_venv.sh
 
 WORKDIR /
diff --git a/profiles/base/compose.yaml b/profiles/base/compose.yaml
@@ -20,5 +20,8 @@ services:
     privileged: true
     extra_hosts:
       localhost: "host-gateway"
+    environment:
+      - PULP_WORKERS=1
+      #- LOCK_REQUIREMENTS=0
     depends_on:
       - _galaxy_base
diff --git a/profiles/base/init.sh b/profiles/base/init.sh
@@ -8,6 +8,8 @@ readonly ENABLE_SIGNING="${ENABLE_SIGNING:-0}"
 readonly UPDATE_UI="${UPDATE_UI:-1}"
 readonly SETUP_TEST_DATA="${SETUP_TEST_DATA:-0}"
 
+PIP="python3.11 -m pip"
+
 log_message() {
     echo "$@" >&2
 }
@@ -16,7 +18,7 @@ log_message() {
 # so this is a workaround to install the pulp container snippets
 setup_webserver_snippets() {
     log_message "setting up pulp container webserver snippets"
-    LOCATION=$(pip show pulp-container | grep  Location: | awk '{print$2}')
+    LOCATION=$(${PIP} show pulp-container | grep  Location: | awk '{print$2}')
     cp $LOCATION/pulp_container/app/webserver_snippets/nginx.conf /etc/nginx/pulp/pulp_container.conf || true
 }
 
@@ -137,4 +139,4 @@ fi
 
 # if [[ "$SETUP_TEST_DATA" -eq "1" ]]; then
 #     set_up_test_data
-# fi
+# fi
diff --git a/profiles/keycloak/compose.yaml b/profiles/keycloak/compose.yaml
@@ -42,6 +42,10 @@ services:
     ports:
       - "10389:10389"
       - "10636:10636"
+    ulimits:
+      nofile:
+        soft: 65536
+        hard: 65536
 
 volumes:
   kc_pg_data:

diff --git a/profiles/keycloak/init.sh b/profiles/keycloak/init.sh
@@ -1,6 +1,10 @@
 #!/bin/bash
 
 
+set -x
+export S6_VERBOSITY=2
+
+
 cat /etc/pulp/settings.py | grep -q SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY
 
 STATUS=$?
@@ -13,10 +17,31 @@ set -e
 
 # intialize keycloak
 ansible-galaxy collection install /src/galaxy_ng/profiles/keycloak/community-general-5.7.0.tar.gz
-ansible-playbook /src/galaxy_ng/profiles/keycloak/keycloak-playbook.yaml
+ansible-playbook -v /src/galaxy_ng/profiles/keycloak/keycloak-playbook.yaml
+
+# Wait for s6 list to able able to take locks
+set +e
+while true; do
+    #s6-rc -a list
+    s6-rc-db list all
+    RC=$?
+    if [[ $RC == 0 ]]; then
+        break
+    fi
+    sleep 5
+done
+set -e
 
 # Restart pulp services so that settings are reloaded
-SERVICES=$(s6-rc -a list | grep -E ^pulp)
-echo "$SERVICES" | xargs -I {} s6-rc -d change {}
-echo "$SERVICES" | xargs -I {} s6-rc -u change {}
-s6-rc -u change nginx
+SERVICES=$(s6-rc-db list all | grep -E ^pulp)
+IFS=$'\n'
+for SERVICE in $SERVICES; do
+    echo "RESTARTING ${SERVICE}"
+    s6-svc -r /var/run/service/${SERVICE}
+done
+echo "RESTARTING NGINX"
+s6-svc -r /var/run/service/nginx
+sleep 10
+
+# this adds the social auth tables now that the INSTALLED_APPS is updated
+pulpcore-manager migrate
diff --git a/profiles/keycloak/keycloak-playbook.yaml b/profiles/keycloak/keycloak-playbook.yaml
@@ -401,8 +401,9 @@
       set_fact:
         keycloak_realm_public_key: "{{ keycloak_realm['json']['public_key']  }}"
 
-    - debug:
-        var: keycloak_realm_public_key
+    - name: Ensure variable is not empty or null
+      assert:
+        that: 'keycloak_realm_public_key is defined and keycloak_realm_public_key is not none and keycloak_realm_public_key != ""'
 
     - name: Ensure SELinux is set to enforcing mode
       ansible.builtin.lineinfile:

diff --git a/requirements/requirements.common.txt b/requirements/requirements.common.txt
@@ -321,7 +321,7 @@ pulp-container==2.15.1
     # via galaxy-ng (setup.py)
 pulp-glue==0.19.1
     # via pulpcore
-pulpcore==3.28.7
+pulpcore==3.28.10
     # via
     #   galaxy-ng (setup.py)
     #   pulp-ansible

diff --git a/requirements/requirements.insights.txt b/requirements/requirements.insights.txt
@@ -332,7 +332,7 @@ pulp-container==2.15.1
     # via galaxy-ng (setup.py)
 pulp-glue==0.19.1
     # via pulpcore
-pulpcore==3.28.7
+pulpcore==3.28.10
     # via
     #   galaxy-ng (setup.py)
     #   pulp-ansible

diff --git a/requirements/requirements.standalone.txt b/requirements/requirements.standalone.txt
@@ -321,7 +321,7 @@ pulp-container==2.15.1
     # via galaxy-ng (setup.py)
 pulp-glue==0.19.1
     # via pulpcore
-pulpcore==3.28.7
+pulpcore==3.28.10
     # via
     #   galaxy-ng (setup.py)
     #   pulp-ansible

diff --git a/setup.py b/setup.py
@@ -112,14 +112,14 @@ def _format_pulp_requirement(plugin, specifier=None, ref=None, gh_namespace="pul
 
 requirements = [
     "galaxy-importer>=0.4.11,<0.5.0",
-    "pulpcore>=3.28.7,<3.40.0",
+    "pulpcore>=3.28.10,<3.40.0",
     "pulp_ansible>=0.19.0,<0.20.0",
     "django-prometheus>=2.0.0",
     "drf-spectacular",
     "pulp-container>=2.15.0,<2.17.0",
     "social-auth-core>=4.4.2",
     "social-auth-app-django>=5.2.0",
-    "dynaconf>=3.1.12",
+    "dynaconf>=3.1.12,<3.1.13",
     "django-auth-ldap==4.0.0",
     "insights_analytics_collector>=0.3.0",
     "boto3",