Address comments.

Author: thompsonja

test/cluster/keytar/Dockerfile

@@ -1,9 +1,14 @@
-# This Dockerfile should be built from within the accompanying build.sh script.
+# Dockerfile for generating the keytar image. See README.md for more information.
 FROM debian:jessie
 
+ENV DEBIAN_FRONTEND noninteractive
+
 RUN apt-get update -y \
  && apt-get install --no-install-recommends -y -q \
+    apt-utils \
+    apt-transport-https \
     build-essential \
+    curl \
     python2.7 \
     python2.7-dev \
     python-pip \
@@ -12,6 +17,10 @@ RUN apt-get update -y \
  && pip install -U pip \
  && pip install virtualenv
 
+RUN echo "deb https://packages.cloud.google.com/apt cloud-sdk-jessie main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list
+RUN curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
+RUN apt-get update -y && apt-get install -y google-cloud-sdk && apt-get install -y kubectl
+
 WORKDIR /app
 RUN virtualenv /env
 ADD requirements.txt /app/requirements.txt
@@ -20,19 +29,15 @@ ADD keytar.py test_runner.py /app/
 ADD static /app/static
 
 ENV USER keytar
-ENV DEBIAN_FRONTEND noninteractive
 
 ENV PYTHONPATH /env/lib/python2.7/site-packages
 ENV CLOUDSDK_PYTHON_SITEPACKAGES $PYTHONPATH
 
-RUN wget https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-138.0.0-linux-x86_64.tar.gz
-RUN tar -xvf google-cloud-sdk-138.0.0-linux-x86_64.tar.gz
-RUN google-cloud-sdk/install.sh --usage-reporting false --path-update true --additional-components kubectl -q
 RUN /bin/bash -c "source ~/.bashrc"
 
 EXPOSE 8080
 CMD []
 ENTRYPOINT ["/env/bin/python", "keytar.py"]
 
-ENV PATH /env/bin:/app/google-cloud-sdk/bin:$PATH
+ENV PATH /env/bin:$PATH
 

test/cluster/keytar/README.md

@@ -1,10 +1,15 @@
 # Keytar
-Keytar is a system for monitoring docker images on [docker hub](https://hub.docker.com). When a new image is created, Keytar can start a cluster on Google Compute Engine (GKE) and run Kubernetes applications for the purpose of executing cluster tests. It exposes a simple web status page showing test results.
+
+Keytar is an internally used Vitess system for continuous execution of cluster
+tests on Kubernetes/Google Cloud. It monitors docker images on [Docker Hub](https://hub.docker.com). When a new image is uploaded to Docker Hub, Keytar starts a cluster on Google Compute Engine (GKE) and runs Kubernetes applications for the purpose of executing cluster tests. It exposes a simple web status page showing test results.
+
 ## Setup
-How to set up keytar for Vitess:
+
+How to set up Keytar for Vitess:
+
 * Create service account keys with GKE credentials on the account to run the tests on. Follow [step 1 from the GKE developers page](https://developers.google.com/identity/protocols/application-default-credentials?hl=en_US#howtheywork).
-* Move the generated keyfile to $VTTOP/test/cluster/keytar/config.
-* Create or modify the test configuration file ($VTTOP/test/cluster/keytar/config/vitess_p0_config.yaml).
+* Move the generated keyfile to `$VTTOP/test/cluster/keytar/config`.
+* Create or modify the test configuration file (`$VTTOP/test/cluster/keytar/config/vitess_p0_config.yaml`).
 * Ensure the configuration has the correct values for GKE project name and keyfile:
   ```
   cluster_setup:
@@ -15,19 +20,24 @@ How to set up keytar for Vitess:
 * Then run the following commands:
   ```
   > cd $VTTOP/test/cluster/keytar
-  > KEYTAR_KEY=<desired password> KEYTAR_PORT=<desired port, default 8080> KEYTAR_CONFIG=<desired configuration, default vitess_p0_config.yaml> ./keytar-up.sh
+  > KEYTAR_PASSWORD=<desired password> KEYTAR_PORT=<desired port, default 8080> KEYTAR_CONFIG=<desired configuration, default vitess_p0_config.yaml> ./keytar-up.sh
   ```
-* Add a Docker hub webhook pointing to the Keytar service. The webhook URL should be in the form:
+* Add a Docker Hub webhook pointing to the Keytar service. The webhook URL should be in the form:
   ```
-  http://<keytar-service-IP>:80/test_request?key=<KEYTAR_KEY>
+  http://<keytar-service-IP>:80/test_request?password=<KEYTAR_PASSWORD>
   ```
-## Viewing Status
+
+## Dashboard
+
 The script to start Keytar should output a web address to view the current status. If not, the following command can also be run:
 ```shell
 > kubectl get service keytar -o template --template '{{if ge (len .status.loadBalancer) 1}}{{index (index .status.loadBalancer.ingress 0) "ip"}}{{end}}'
 ```
+
 ## Limitations
+
 Currently, Keytar has the following limitations:
+
 * Only one configuration file allowed at a time.
 * Configuration cannot be updated dynamically.
 * Test results are saved in memory and are not durable.

…ster/keytar/config/vitess_p0_config.yaml …cluster/keytar/config/vitess_config.yamltest/cluster/keytar/config/vitess_p0_config.yaml renamed to test/cluster/keytar/config/vitess_config.yaml test/cluster/keytar/config/vitess_p0_config.yaml renamed to test/cluster/keytar/config/vitess_config.yaml

@@ -46,7 +46,6 @@ install:
     - /app/linux-amd64/
   cluster_setup:
     - type: gke
-      project_name: e-sunlight-726
       keyfile: /config/keyfile.json
 config:
   - docker_image: vitess/root

test/cluster/keytar/dummy_test.py

@@ -1,5 +1,5 @@
 #!/usr/bin/env python
-"""Dummy no-op test."""
+"""Dummy no-op test to be used in the webdriver test."""
 
 import logging
 import sys

test/cluster/keytar/keytar-controller-template.yaml

@@ -12,15 +12,15 @@ spec:
     spec:
       containers:
         - name: keytar
-          image: thompsonja/keytar
+          image: vitess/keytar
           ports:
             - name: http-server
               containerPort: {{port}}
           resources:
             limits:
               memory: "4Gi"
               cpu: "500m"
-          args: ["--config_file", "{{config}}", "--port", "{{port}}", "--key", "{{key}}"]
+          args: ["--config_file", "{{config}}", "--port", "{{port}}", "--password", "{{password}}"]
           volumeMounts:
             - name: config
               mountPath: /config

test/cluster/keytar/keytar-up.sh

@@ -4,13 +4,13 @@ set -e
 
 KUBECTL=${KUBECTL:-kubectl}
 
-config_path=${KEYTAR_CONFIG_PATH:-"$VTTOP/test/cluster/keytar/config"}
+config_path=${KEYTAR_CONFIG_PATH:-"./config"}
 port=${KEYTAR_PORT:-8080}
-key=${KEYTAR_KEY:-"defaultkey"}
-config=${KEYTAR_CONFIG:-"/config/vitess_p0_config.yaml"}
+password=${KEYTAR_PASSWORD:-"defaultkey"}
+config=${KEYTAR_CONFIG:-"/config/vitess_config.yaml"}
 
 sed_script=""
-for var in config_path port config key; do
+for var in config_path port config password; do
   sed_script+="s,{{$var}},${!var},g;"
 done
 
@@ -29,11 +29,11 @@ echo "Creating firewall-rule"
 gcloud compute firewall-rules create keytar --allow tcp:80
 
 for i in `seq 1 20`; do
-  addr=`$KUBECTL get service keytar -o template --template '{{if ge (len .status.loadBalancer) 1}}{{index (index .status.loadBalancer.ingress 0) "ip"}}{{end}}'`
-  if [[ -n $addr ]]; then
-    echo Keytar address: http://${addr}:80
+  ip=`$KUBECTL get service keytar -o template --template '{{if ge (len .status.loadBalancer) 1}}{{index (index .status.loadBalancer.ingress 0) "ip"}}{{end}}'`
+  if [[ -n "$ip" ]]; then
+    echo "Keytar address: http://${ip}:80"
     break
   fi
-  echo Waiting for keytar external IP
+  echo "Waiting for keytar external IP"
   sleep 10
 done

test/cluster/keytar/keytar.py

@@ -1,5 +1,5 @@
 #!/usr/bin/env python
-"""Main python file."""
+"""Keytar flask app."""
 
 import argparse
 import datetime
@@ -20,36 +20,6 @@
 keytar_args = None
 keytar_config = None
 results = {}
-q = Queue.Queue()
-tasks = []
-
-
-def worker():
-  while True:
-    item = q.get()
-    run_test_config(item)
-    q.task_done()
-
-worker_thread = threading.Thread(target=worker)
-worker_thread.daemon = True
-worker_thread.start()
-
-
-def _add_new_result(timestamp):
-  result = {'time': timestamp, 'status': 'Start', 'tests': {}}
-  results[timestamp] = result
-
-
-def _get_download_github_repo_args(tempdir, github_config):
-  repo_prefix = 'github'
-  if 'repo_prefix' in github_config:
-    repo_prefix = github_config['repo_prefix']
-  repo_dir = os.path.join(tempdir, repo_prefix)
-  git_args = ['git', 'clone', 'https://github.com/%s' % github_config['repo'],
-              repo_dir]
-  if 'branch' in github_config:
-    git_args += ['-b', github_config['branch']]
-  return git_args, repo_dir
 
 
 def run_test_config(config):
@@ -110,7 +80,7 @@ def test_results():
 
 @app.route('/test_log')
 def test_log():
-  log = '%s.log' % flask.request.values['log_name']
+  log = '%s.log' % os.path.basename(flask.request.values['log_name'])
   return (flask.send_from_directory('/tmp/testlogs', log), 200,
           {'Content-Type': 'text/css'})
 
@@ -124,26 +94,27 @@ def update_results():
   return 'OK'
 
 
-def _validate_request(keytar_key, request_values):
-  if keytar_key:
-    if 'key' not in request_values:
-      return 'Expected key not provided in test_request!'
-    elif request_values['key'] != keytar_key:
-      return 'Incorrect key passed to test_request!'
+def _validate_request(keytar_password, request_values):
+  if keytar_password:
+    if 'password' not in request_values:
+      return 'Expected password not provided in test_request!'
+    elif request_values['password'] != keytar_password:
+      return 'Incorrect password passed to test_request!'
 
 
 @app.route('/test_request', methods=['POST'])
 def test_request():
   """Respond to a post request to execute tests.
 
   This expects a json payload containing the docker webhook information.
-  If this app is configured to use a key, the key should be passed in as part
-  of the POST request.
+  If this app is configured to use a password, the password should be passed in
+  as part of the POST request.
 
   Returns:
     HTML response.
   """
-  validation_error = _validate_request(keytar_args.key, flask.request.values)
+  validation_error = _validate_request(
+      keytar_args.password, flask.request.values)
   if validation_error:
     flask.abort(400, validation_error)
   webhook_data = flask.request.get_json()
@@ -152,7 +123,7 @@ def test_request():
   if not configs:
     return 'No config found for repo_name: %s' % repo_name
   for config in configs:
-    q.put(config)
+    test_worker.add_test(config)
   return 'OK'
 
 
@@ -169,9 +140,10 @@ def process_config(config):
           logging.info('authenticating using keyfile: %s',
                        cluster_setup['keyfile'])
           subprocess.call(gcloud_args)
-          subprocess.call(
-              ['gcloud', 'config', 'set', 'project',
-               cluster_setup['project_name']])
+          if 'project_name' in cluster_setup:
+            subprocess.call(
+                ['gcloud', 'config', 'set', 'project',
+                 cluster_setup['project_name']])
           os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = (
               cluster_setup['keyfile'])
     if 'dependencies' in install_config:
@@ -188,11 +160,52 @@ def process_config(config):
         os.environ['PATH'] = '%s:%s' % (path, os.environ['PATH'])
 
 
+def _add_new_result(timestamp):
+  result = {'time': timestamp, 'status': 'Start', 'tests': {}}
+  results[timestamp] = result
+
+
+def _get_download_github_repo_args(tempdir, github_config):
+  repo_prefix = 'github'
+  if 'repo_prefix' in github_config:
+    repo_prefix = github_config['repo_prefix']
+  repo_dir = os.path.join(tempdir, repo_prefix)
+  git_args = ['git', 'clone', 'https://github.com/%s' % github_config['repo'],
+              repo_dir]
+  if 'branch' in github_config:
+    git_args += ['-b', github_config['branch']]
+  return git_args, repo_dir
+
+
+class TestWorker(object):
+
+  def __init__(self):
+    # Create a simple test queue. HTTP requests simply append to the queue.
+    self.test_queue = Queue.Queue()
+    self.worker_thread = threading.Thread(target=self.worker_loop)
+    self.worker_thread.daemon = True
+
+  def worker_loop(self):
+    # Run forever, executing tests as they are added to the queue
+    while True:
+      item = self.test_queue.get()
+      run_test_config(item)
+      self.test_queue.task_done()
+
+  def start(self):
+    self.worker_thread.start()
+
+  def add_test(self, config):
+    self.test_queue.put(config)
+
+test_worker = TestWorker()
+
+
 if __name__ == '__main__':
   logging.getLogger().setLevel(logging.INFO)
   parser = argparse.ArgumentParser(description='Run keytar')
   parser.add_argument('--config_file', help='Keytar config file', required=True)
-  parser.add_argument('--key', help='Key', default=None)
+  parser.add_argument('--password', help='Password', default=None)
   parser.add_argument('--port', help='Port', default=8080, type=int)
   keytar_args = parser.parse_args()
   with open(keytar_args.config_file, 'r') as yaml_file:
@@ -204,4 +217,6 @@ def process_config(config):
   if not os.path.isdir('/tmp/testlogs'):
     os.mkdir('/tmp/testlogs')
 
+  test_worker.start()
+
   app.run(host='0.0.0.0', port=keytar_args.port, debug=True)

test/cluster/keytar/keytar_test.py

@@ -19,10 +19,10 @@ def setUpClass(cls):
       testlog.write('foo')
 
   def test_validate_request(self):
-    self.assertFalse(keytar._validate_request('foo', {'key': 'foo'}))
-    self.assertFalse(keytar._validate_request(None, {'key': 'foo'}))
+    self.assertFalse(keytar._validate_request('foo', {'password': 'foo'}))
+    self.assertFalse(keytar._validate_request(None, {'password': 'foo'}))
     self.assertFalse(keytar._validate_request(None, {}))
-    self.assertTrue(keytar._validate_request('foo', {'key': 'foo2'}))
+    self.assertTrue(keytar._validate_request('foo', {'password': 'foo2'}))
     self.assertTrue(keytar._validate_request('foo', {}))
 
   def test_get_download_github_repo_args(self):

test/cluster/keytar/static/script.js

@@ -3,7 +3,19 @@ $(document).ready(function() {
 
   var appendTestResults = function(data) {
     resultsElement.empty();
-    var html = "<table align='center' id='results' border='1'><thead><tr><th>Time</th><th>Docker Image</th><th>Sandbox Name</th><th>Status</th><th>Tests</th><th>Results</th></thead><tbody>";
+    var html = " \
+        <table align='center' id='results' border='1'> \
+        <thead> \
+          <tr> \
+            <th>Time</th> \
+            <th>Docker Image</th> \
+            <th>Sandbox Name</th> \
+            <th>Status</th> \
+            <th>Tests</th> \
+            <th>Results</th> \
+          </tr> \
+        </thead> \
+        <tbody>";
     $.each(data, function(key, value) {
       html += "<tr><td>" + value.time + "</td><td><a href=https://hub.docker.com/r/" + value.docker_image + ">" + value.docker_image + "</a></td><td>" + value.name + "</td><td>" + value.status + "</td><td><table>";
       $.each(value.tests, function(key, val) {