github.com/verrazzano/verrazzano@v1.7.1/ci/olcne/Jenkinsfile (about) 1 // Copyright (c) 2023, 2024, Oracle and/or its affiliates. 2 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 // This pipeline is configured to test Verrazzano using OCNE environment 5 // -> Setup OCNE environment with Kubernetes, Helm and OCI CCM modules 6 // -> Install Verrazzano 7 // -> Deploy Verrazzano test applications 8 // -> Run validations 9 // -> Undeploy the apps 10 // -> Uninstall Verrazzano 11 // -> Cleanup resources 12 13 def testEnvironments=["OCNE"] 14 def agentLabel=env.JOB_NAME.contains('-ocne') ? "" : env.JOB_NAME.contains('master') ? "2.0-large-phx" : "2.0-large" 15 // pulling "ap-*" from the test regions given discovery of image pull issues 16 def availableRegions=["us-ashburn-1"] 17 def availableDomains=["hXgQ:US-ASHBURN-AD-1", "hXgQ:US-ASHBURN-AD-2", "hXgQ:US-ASHBURN-AD-3"] 18 Collections.shuffle(availableDomains) 19 def ocneVersions=[ "1.7", "1.6", "1.5.13", "1.5.12"] 20 def osVersions=['8', '7.9'] 21 def uniquePrefix=UUID.randomUUID().toString().substring(0,4).replace('-','') 22 def EFFECTIVE_DUMP_K8S_CLUSTER_ON_SUCCESS=false 23 24 pipeline { 25 options { 26 skipDefaultCheckout true 27 copyArtifactPermission('*'); 28 timestamps () 29 } 30 31 agent { 32 docker { 33 image "${RUNNER_DOCKER_IMAGE}" 34 args "${RUNNER_DOCKER_ARGS} --cap-add=NET_ADMIN" 35 registryUrl "${RUNNER_DOCKER_REGISTRY_URL}" 36 label "$agentLabel" 37 } 38 } 39 40 parameters { 41 // Cluster type 42 choice ( 43 name: 'TEST_ENV', 44 description: 'Verrazzano Test Environment', 45 choices: testEnvironments) 46 // OCNE configuration 47 choice ( 48 name: 'OCNE_VERSION', 49 description: 'OCNE Version - OCNE-1.6(k8s-1.25.11), OCNE-1.5.13(k8s-1.24.15), OCNE-1.5.12(k8s-1.24.8), OCNE-1.7(k8s-1.26.6)', 50 choices: ocneVersions) 51 choice ( 52 name: 'OCNE_CLUSTER_REGION', 53 description: 'OCI region to launch OCNE clusters in.', 54 choices: availableRegions) 55 choice ( 56 name: 'OCNE_CLUSTER_AVAILABILITY_DOMAIN', 57 description: 'Availability domain for the cluster region.', 58 choices: availableDomains) 59 booleanParam ( 60 name: 'PRIVATE_K8S_API_ENDPOINT', 61 description: 'Whether to setup Kubernetes API server endpoint on a virtual IP address instead of a LB', 62 defaultValue: true) 63 string ( 64 name: "CONTROL_PLANE_NODE_COUNT", 65 defaultValue: '1', 66 description: 'Number of OCNE control plane nodes', 67 trim: true) 68 string ( 69 name: "WORKER_NODE_COUNT", 70 defaultValue: '2', 71 description: 'Number of OCNE worker nodes', 72 trim: true) 73 choice ( 74 name: "OCNE_OS_VERSION", 75 description: 'OracleLinux OS version for OCNE nodes', 76 choices: osVersions) 77 choice (name: 'CRD_API_VERSION', 78 description: 'This is the API crd version.', 79 // 1st choice is the default value 80 choices: [ "v1beta1", "v1alpha1"]) 81 string ( 82 name: "INSTALL_PROFILE", 83 defaultValue: 'prod', 84 description: 'Verrazzano install profile name', 85 trim: true) 86 string ( 87 name: 'GIT_COMMIT_TO_USE', 88 description: 'This is the full git commit hash from the source build to be used for all jobs', 89 defaultValue: 'NONE', 90 trim: true) 91 string (name: 'CONSOLE_REPO_BRANCH', 92 defaultValue: '', 93 description: 'The branch to check out after cloning the console repository.', 94 trim: true) 95 booleanParam ( 96 name: 'DUMP_K8S_CLUSTER_ON_SUCCESS', 97 description: 'Whether to dump k8s cluster on success (off by default can be useful to capture for comparing to failed cluster)', 98 defaultValue: false) 99 string (name: 'TAGGED_TESTS', 100 description: 'A comma separated list of build tags for tests that should be executed (e.g. unstable_test). Default:', 101 defaultValue: '', 102 trim: true) 103 string (name: 'INCLUDED_TESTS', 104 description: 'A regex matching any fully qualified test file that should be executed (e.g. examples/helidon/). Default: .*', 105 defaultValue: '.*', 106 trim: true) 107 string (name: 'EXCLUDED_TESTS', 108 description: 'A regex matching any fully qualified test file that should not be executed (e.g. multicluster/|_excluded_test). Default: _excluded_test', 109 defaultValue: '_excluded_test', 110 trim: true) 111 booleanParam ( 112 name: 'KEEP_RESOURCES_AFTER_RUN', 113 description: 'Whether to keep the k8s cluster and the other OCI resources alive after the run', 114 defaultValue: false) 115 } 116 117 environment { 118 // Repositories and credentials 119 GHCR_REPO='ghcr.io' 120 OCR_REPO='container-registry.oracle.com' 121 OCR_CREDS=credentials('ocr-pull-and-push-account') 122 NETRC_FILE=credentials('netrc') 123 GITHUB_PKGS_CREDS=credentials('github-packages-credentials-rw') 124 WEBLOGIC_PSW=credentials('weblogic-example-domain-password') // needed by install_todo.sh OAM example test 125 DATABASE_PSW=credentials('todo-mysql-password') // needed by install_todo.sh OAM example test 126 IMAGE_PULL_SECRET='verrazzano-container-registry' 127 128 // Verrazzano variables 129 TEST_ENV="${params.TEST_ENV}" 130 VZ_ENVIRONMENT_NAME="${params.TEST_ENV.toLowerCase()}" 131 VZ_PLATFORM_OPERTOR_YAML="$WORKSPACE/platform-operator.yaml" 132 CLUSTER_NAME="ocne-" + "$uniquePrefix" 133 INSTALL_PROFILE="${params.INSTALL_PROFILE}" 134 GOPATH="$HOME/go" 135 GO_REPO_PATH="$GOPATH/src/github.com/verrazzano" 136 TF_REPO_PATH="$GOPATH/src/github.com/terraform-oci-ocne" 137 KUBECONFIG="$WORKSPACE/kubeconfig" 138 VZ_COMMAND="$GO_REPO_PATH/vz" 139 INSTALL_CONFIG_FILE_OCNE="$GO_REPO_PATH/verrazzano/tests/e2e/config/scripts/${params.CRD_API_VERSION}/install-verrazzano-ocne.yaml" 140 OCNE_DUMP_DIR="$WORKSPACE/$VZ_ENVIRONMENT_NAME" 141 OCNE_TERRAFORM_GIT_URL="https://github.com/oracle-terraform-modules/terraform-oci-olcne.git" 142 OCNE_BRANCH_TO_USE="origin/main" 143 SSHUTTLE_PID_FILE="$WORKSPACE/sshuttle.pid" 144 145 // Terraform variables 146 TF_VAR_tenancy_id=credentials('oci-tenancy') 147 TF_VAR_compartment_id=credentials('oci-tiburon-dev-compartment-ocid') 148 TF_VAR_user_id=credentials('oci-user-ocid') 149 TF_VAR_fingerprint=credentials('oci-api-key-fingerprint') 150 TF_VAR_api_private_key_path=credentials('oci-api-key') 151 TF_VAR_region="${params.OCNE_CLUSTER_REGION}" 152 TF_VAR_availability_domain_id="${params.OCNE_CLUSTER_AVAILABILITY_DOMAIN}" 153 TF_VAR_deploy_networking="true" 154 TF_VAR_enable_bastion="true" 155 TF_VAR_bastion_private_key_path="$OCNE_DUMP_DIR/id_rsa" 156 TF_VAR_prefix="$CLUSTER_NAME" 157 TF_VAR_use_vault="false" 158 TF_VAR_ssh_public_key_path="$OCNE_DUMP_DIR/id_rsa.pub" 159 TF_VAR_ssh_private_key_path="$OCNE_DUMP_DIR/id_rsa" 160 TF_VAR_worker_node_count="${params.WORKER_NODE_COUNT}" 161 TF_VAR_control_plane_node_count="${params.CONTROL_PLANE_NODE_COUNT}" 162 TF_VAR_os_version="${params.OCNE_OS_VERSION}" 163 TF_VAR_s3_bucket_access_key=credentials('oci-s3-bucket-access-key') 164 TF_VAR_s3_bucket_secret_key=credentials('oci-s3-bucket-secret-key') 165 TF_VAR_instance_shape="{shape:\"VM.Standard.E4.Flex\",ocpus:4,memory:64,boot_volume_size:100}" 166 TF_VAR_bastion_shape="{shape:\"VM.Standard.E4.Flex\",ocpus:1,memory:4,boot_volume_size:50}" 167 TF_VAR_load_balancer_shape="{shape:\"flexible\",flex_min:10,flex_max:50}" 168 TF_VAR_provision_mode="OCNE" 169 TF_VAR_config_file_path="config-file_ociccm.yaml" 170 TF_VAR_debug="true" 171 TF_VAR_virtual_ip="${params.PRIVATE_K8S_API_ENDPOINT}" 172 OCNE_ENVNAME="myenv-${params.OCNE_VERSION}" 173 OCNE_K8SNAME="k8s" 174 OCNE_VERSION="${params.OCNE_VERSION}" 175 KUBE_VERSION=ocneKubeVersion() 176 177 // OCI variables 178 OCI_CLI_SUPPRESS_FILE_PERMISSIONS_WARNING='True' 179 OCI_CLI_REGION="${params.OCNE_CLUSTER_REGION}" 180 OCI_CLI_TENANCY=credentials('oci-tenancy') 181 OCI_CLI_USER=credentials('oci-user-ocid') 182 OCI_CLI_FINGERPRINT=credentials('oci-api-key-fingerprint') 183 OCI_CLI_KEY_FILE=credentials('oci-api-key') 184 185 // used for cluster dump 186 TEST_DUMP_ROOT="$WORKSPACE/test-cluster-snapshots" 187 POST_DUMP_FAILED='false' 188 POST_DUMP_FAILED_FILE="$WORKSPACE/post_dump_failed_file.tmp" 189 190 DISABLE_SPINNER=1 191 TIMESTAMP=sh(returnStdout: true, script: "date +%Y%m%d%H%M%S").trim() 192 SHORT_TIME_STAMP=sh(returnStdout: true, script: "date +%m%d%H%M%S").trim() 193 194 // used for console artifact capture on failure 195 JENKINS_READ=credentials('jenkins-auditor') 196 OCI_OS_NAMESPACE=credentials('oci-os-namespace') 197 OCI_OS_ARTIFACT_BUCKET="build-failure-artifacts" 198 // OCI_COMPARTMENT_ID=credentials('oci-tiburon-dev-compartment-ocid') 199 // OCI_TELEMETRY_URL=credentials('oci-telemetry-url') 200 VZ_CLI_TARGZ="vz-linux-amd64.tar.gz" 201 202 // used to emit metrics 203 PROMETHEUS_CREDENTIALS=credentials('prometheus-credentials') 204 TEST_ENV_LABEL="${params.TEST_ENV}" 205 206 // used to generate Ginkgo test reports 207 TEST_REPORT="test-report.xml" 208 GINKGO_REPORT_ARGS="--junit-report=${TEST_REPORT} --keep-separate-reports=true" 209 } 210 211 stages { 212 stage('Initialize') { 213 steps { 214 script { 215 // Proceed with checkout 216 EFFECTIVE_DUMP_K8S_CLUSTER_ON_SUCCESS=getEffectiveDumpOnSuccess() 217 if (params.GIT_COMMIT_TO_USE == "NONE") { 218 echo "[INFO] Specific GIT commit was not specified, use current head" 219 def scmInfo=checkout scm 220 env.GIT_COMMIT=scmInfo.GIT_COMMIT 221 env.GIT_BRANCH=scmInfo.GIT_BRANCH 222 } else { 223 echo "[INFO] SCM checkout of ${params.GIT_COMMIT_TO_USE}" 224 def scmInfo=checkout([ 225 $class: 'GitSCM', 226 branches: [[name: params.GIT_COMMIT_TO_USE]], 227 doGenerateSubmoduleConfigurations: false, 228 extensions: [], 229 submoduleCfg: [], 230 userRemoteConfigs: [[url: env.SCM_VERRAZZANO_GIT_URL]]]) 231 env.GIT_COMMIT=scmInfo.GIT_COMMIT 232 env.GIT_BRANCH=scmInfo.GIT_BRANCH 233 // If the commit we were handed is not what the SCM says we are using, fail 234 if (!env.GIT_COMMIT.equals(params.GIT_COMMIT_TO_USE)) { 235 echo "[ERROR] SCM didn't checkout the commit we expected. Expected: ${params.GIT_COMMIT_TO_USE}, Found: ${scmInfo.GIT_COMMIT}" 236 exit 1 237 } 238 } 239 echo "[INFO] SCM checkout of ${env.GIT_BRANCH} at ${env.GIT_COMMIT}" 240 241 sh """ 242 rm -rf $GO_REPO_PATH/verrazzano 243 mkdir -p $GO_REPO_PATH/verrazzano 244 tar cf - . | (cd $GO_REPO_PATH/verrazzano/ ; tar xf -) 245 rm -rf $WORKSPACE/* 246 """ 247 248 script { 249 echo "[INFO] ${params.OCNE_CLUSTER_REGION}" 250 echo "[INFO] agentlabel: $agentLabel" 251 echo "[INFO] $NODE_LABELS" 252 SHORT_COMMIT_HASH=sh(returnStdout: true, script: "git rev-parse --short=8 HEAD").trim() 253 // update the description with some meaningful info 254 setDisplayName() 255 currentBuild.description=SHORT_COMMIT_HASH + " : " + params.OCNE_CLUSTER_REGION + " : OCNE-" + params.OCNE_VERSION + " : k8s-" + ocneKubeVersion() 256 // derive the prefix for the OCNE cluster 257 OCNE_CLUSTER_PREFIX=sh(returnStdout: true, script: "$GO_REPO_PATH/verrazzano/ci/scripts/derive_oke_cluster_name.sh").trim() 258 } 259 260 echo "[INFO] SCM checkout of $OCNE_TERRAFORM_GIT_URL $OCNE_BRANCH_TO_USE" 261 def scmInfo=checkout([ 262 $class: 'GitSCM', 263 branches: [[name: env.OCNE_BRANCH_TO_USE]], 264 doGenerateSubmoduleConfigurations: false, 265 extensions: [], 266 submoduleCfg: [], 267 userRemoteConfigs: [[url: env.OCNE_TERRAFORM_GIT_URL]]]) 268 env.TF_GIT_COMMIT=scmInfo.GIT_COMMIT 269 env.TF_GIT_BRANCH=scmInfo.GIT_BRANCH 270 // If the commit we were handed is not what the SCM says we are using, fail 271 if (!env.TF_GIT_BRANCH.equals(env.OCNE_BRANCH_TO_USE)) { 272 echo "[ERROR] SCM didn't checkout the branch we expected. Expected: ${env.OCNE_BRANCH_TO_USE}, Found: ${scmInfo.GIT_BRANCH}" 273 exit 1 274 } 275 echo "[INFO] SCM checkout of ${env.TF_GIT_BRANCH} at ${env.TF_GIT_COMMIT}" 276 277 sh """ 278 rm -rf $TF_REPO_PATH 279 mkdir -p $TF_REPO_PATH 280 tar cf - . | (cd $TF_REPO_PATH ; tar xf -) 281 rm -rf $WORKSPACE/* 282 """ 283 284 // Install terraform and generate ssh keys 285 sh """ 286 sudo yum-config-manager --add-repo http://yum.oracle.com/repo/OracleLinux/OL7/developer/x86_64 287 sudo yum install -y terraform 288 mkdir -p $OCNE_DUMP_DIR 289 ssh-keygen -t rsa -b 4096 -q -N "" -f $TF_VAR_ssh_private_key_path 290 chmod 600 $TF_VAR_ssh_private_key_path 291 """ 292 293 sh """ 294 cp -f "$NETRC_FILE" $WORKSPACE/.netrc 295 chmod 600 $WORKSPACE/.netrc 296 """ 297 298 script { 299 sh """ 300 echo "Downloading VZ CLI from object storage" 301 oci --region us-phoenix-1 os object get --namespace ${OCI_OS_NAMESPACE} -bn ${OCI_OS_COMMIT_BUCKET} --name ephemeral/${env.BRANCH_NAME}/${SHORT_COMMIT_HASH}/${VZ_CLI_TARGZ} --file ${VZ_CLI_TARGZ} 302 tar xzf ${VZ_CLI_TARGZ} -C ${GO_REPO_PATH} 303 $VZ_COMMAND version 304 """ 305 } 306 } 307 } 308 } 309 310 stage("Create OCNE cluster") { 311 steps { 312 script { 313 echo "[INFO] Creating OCNE cluster" 314 createOCNECluster() 315 } 316 } 317 } 318 319 stage("Setup SSH access") { 320 steps { 321 script { 322 echo "[INFO] Setting up ssh access" 323 setupSSH() 324 } 325 } 326 } 327 328 stage("Setup Kubeconfig") { 329 steps { 330 script { 331 echo "[INFO] Setting up Kubeconfig" 332 setupKubeconfig() 333 } 334 } 335 } 336 337 stage("Setup OCI-CCM") { 338 steps { 339 script { 340 echo "[INFO] Setting up OCI-CCM" 341 setupOciCCM() 342 } 343 } 344 } 345 346 stage("Create image pull secrets") { 347 steps { 348 script { 349 echo "[INFO] Creating image pull secrets" 350 createImagePullSecrets() 351 } 352 } 353 } 354 355 stage("Update OCI-CCM StorageClass") { 356 steps { 357 script { 358 echo "[INFO] Update OCI-CCM StorageClass" 359 updateStorageClass() 360 } 361 } 362 } 363 364 stage("Download Verrazzano Platform Operator") { 365 environment { 366 OCI_CLI_AUTH="instance_principal" 367 } 368 steps { 369 script { 370 echo "[INFO] Download Verrazzano Platform Operator" 371 downloadVerrazzanoPlatformOperator() 372 } 373 } 374 post { 375 always { 376 archiveArtifacts artifacts: "$VZ_PLATFORM_OPERTOR_YAML", allowEmptyArchive: true 377 } 378 } 379 } 380 381 stage("Install Verrazzano") { 382 steps { 383 script { 384 echo "[INFO] Installing Verrazzano on $TEST_ENV" 385 installVerrazzano() 386 } 387 } 388 post { 389 always { 390 script { 391 dumpVerrazzanoInstallLogs() 392 } 393 } 394 } 395 } 396 397 stage('Post-install Verify Tests') { 398 steps { 399 script { 400 parallel generateVerifyInstallStages("${TEST_DUMP_ROOT}/post-install-verify-tests") 401 } 402 } 403 post { 404 always { 405 archiveArtifacts artifacts: '**/coverage.html,**/logs/*,**/test-cluster-snapshots/**', allowEmptyArchive: true 406 junit testResults: '**/*test-result.xml', allowEmptyResults: true 407 } 408 } 409 } 410 411 stage('Post-install Infra Tests') { 412 steps { 413 script { 414 parallel generateVerifyInfraStages("${TEST_DUMP_ROOT}/post-install-infra-tests") 415 } 416 } 417 post { 418 always { 419 archiveArtifacts artifacts: '**/coverage.html,**/logs/*,**/test-cluster-snapshots/**', allowEmptyArchive: true 420 junit testResults: '**/*test-result.xml', allowEmptyResults: true 421 } 422 } 423 } 424 425 stage('Post-install Acceptance Tests') { 426 steps { 427 script { 428 parallel generateAllAcceptanceTestStages("${TEST_DUMP_ROOT}/post-install-acceptance-tests", 'false', 'false') 429 } 430 } 431 post { 432 always { 433 archiveArtifacts artifacts: '**/coverage.html,**/logs/*,**/test-cluster-snapshots/**', allowEmptyArchive: true 434 junit testResults: '**/*test-result.xml', allowEmptyResults: true 435 } 436 } 437 } 438 } 439 post { 440 always { 441 script { 442 if (EFFECTIVE_DUMP_K8S_CLUSTER_ON_SUCCESS == true || currentBuild.currentResult == 'FAILURE') { 443 dumpK8sCluster('ocne-acceptance-tests-cluster-snapshot') 444 } 445 } 446 447 dumpVerrazzanoSystemPods() 448 dumpCattleSystemPods() 449 dumpCertManagerNamespaceLogs() 450 dumpNginxIngressControllerLogs() 451 dumpVerrazzanoPlatformOperatorLogs() 452 dumpVerrazzanoApplicationOperatorLogs() 453 dumpVerrazzanoApiLogs() 454 455 archiveArtifacts artifacts: "**/coverage.html,**/logs/**,**/*cluster-snapshot*/**,**/test-cluster-snapshots/**/,**/${TEST_REPORT},**/ocne/**", allowEmptyArchive: true 456 junit testResults: "**/${TEST_REPORT}", allowEmptyResults: true 457 sh """ 458 if [ -f ${POST_DUMP_FAILED_FILE} ]; then 459 echo "[INFO] Failures seen during dumping of artifacts, treat post as failed" 460 exit 1 461 fi 462 """ 463 } 464 failure { 465 sh """ 466 curl -k -u ${JENKINS_READ_USR}:${JENKINS_READ_PSW} -o $WORKSPACE/build-console-output.log ${BUILD_URL}consoleText 467 """ 468 archiveArtifacts artifacts: '**/build-console-output.log', allowEmptyArchive: true 469 sh """ 470 curl -k -u ${JENKINS_READ_USR}:${JENKINS_READ_PSW} -o archive.zip ${BUILD_URL}artifact/*zip*/archive.zip 471 OCI_CLI_AUTH="instance_principal" oci --region us-phoenix-1 os object put --force --namespace ${OCI_OS_NAMESPACE} -bn ${OCI_OS_ARTIFACT_BUCKET} --name ${env.JOB_NAME}/${env.BRANCH_NAME}/${env.BUILD_NUMBER}/archive.zip --file archive.zip 472 rm archive.zip 473 """ 474 } 475 cleanup { 476 script { 477 if (params.KEEP_RESOURCES_AFTER_RUN == false) { 478 if (env.installedVZ && env.installedVZ == "true") { 479 try { 480 echo "[INFO] Deleting Verrazzano" 481 deleteVerrazzano() 482 } catch (error) { 483 echo "Failed to delete Verrazzano" 484 } 485 } 486 if (env.createdOCNECluster && env.createdOCNECluster == "true") { 487 try { 488 echo "[INFO] Deleting OCNE Cluster" 489 deleteOCNECluster() 490 } catch (error) { 491 echo "Failed to delete OCNE Cluster" 492 } 493 } 494 } 495 } 496 deleteDir() 497 } 498 } 499 } 500 501 def generateAllAcceptanceTestStages(dumpRoot, skipDeploy='false', skipUndeploy='false') { 502 return generateSecurityTests(dumpRoot) + 503 generateNonWLSTests(dumpRoot, skipDeploy, skipUndeploy) + 504 generateWLSTests(dumpRoot, skipDeploy, skipUndeploy) 505 } 506 507 def generateVerifyInstallStages(dumpRoot) { 508 return [ 509 "verify-install keycloak": { 510 runGinkgoRandomize('verify-install/keycloak', "${dumpRoot}/verify-install-keycloak") 511 }, 512 "verify-install kubernetes": { 513 runGinkgoRandomize('verify-install/kubernetes', "${dumpRoot}/verify-install-kubernetes") 514 }, 515 "verify-install istio": { 516 runGinkgoRandomize('verify-install/istio', "${dumpRoot}/verify-install-istio") 517 }, 518 "verify-install kiali": { 519 runGinkgoRandomize('verify-install/kiali', "${dumpRoot}/verify-install-kiali") 520 }, 521 "verify-install verrazzano": { 522 runGinkgoRandomize('verify-install/verrazzano', "${dumpRoot}/verify-install-verrazzano") 523 }, 524 "verify-install web": { 525 runGinkgoRandomize('verify-install/web', "${dumpRoot}/verify-install-web") 526 }, 527 ] 528 } 529 530 def generateVerifyInfraStages(dumpRoot) { 531 return [ 532 "verify-scripts": { 533 runGinkgo('scripts', '', "$KUBECONFIG") 534 }, 535 "verify-infra oam": { 536 runGinkgoRandomize('verify-infra/oam', "${dumpRoot}/verify-infra-oam") 537 }, 538 "system component metrics": { 539 runGinkgoRandomize('metrics/syscomponents', "${dumpRoot}/system-component-metrics") 540 }, 541 "console": { 542 acceptanceTestsConsole("${dumpRoot}") 543 }, 544 ] 545 } 546 547 def generateSecurityTests(dumpRoot) { 548 return [ 549 "istio authorization policy": { 550 runGinkgo('istio/authz', "${dumpRoot}/istio-authz-policy") 551 }, 552 "security rbac": { 553 runGinkgo('security/rbac', "${dumpRoot}/sec-role-based-access") 554 }, 555 "security network policies": { 556 if (params.CREATE_CLUSTER_USE_CALICO == true) { 557 runGinkgo('security/netpol', "${dumpRoot}/netpol") 558 } else { 559 echo "[INFO] Calico not enabled, skipping network policies tests" 560 } 561 }, 562 ] 563 } 564 565 def generateNonWLSTests(dumpRoot, skipDeploy='false', skipUndeploy='false') { 566 return [ 567 "deployment metrics": { 568 runGinkgo('metrics/deploymetrics', "${dumpRoot}/k8sdeploy-workload-metrics") 569 }, 570 "examples logging helidon": { 571 runGinkgo('logging/helidon', "${dumpRoot}/examples-logging-helidon") 572 }, 573 "examples springboot": { 574 runGinkgoAppTest('examples/springboot', "springboot", "${dumpRoot}/examples-spring", skipDeploy, skipUndeploy) 575 }, 576 "examples helidon": { 577 runGinkgoAppTest('examples/helidon', "hello-helidon", "${dumpRoot}/examples-helidon", skipDeploy, skipUndeploy) 578 }, 579 "examples helidon-config": { 580 runGinkgoAppTest('examples/helidonconfig', "helidon-config", "${dumpRoot}/examples-helidon-config", skipDeploy, skipUndeploy) 581 }, 582 ] 583 } 584 585 def generateWLSTests(dumpRoot, skipDeploy='false', skipUndeploy='false') { 586 return [ 587 "weblogic workload": { 588 runGinkgoAppTest('workloads/weblogic', "hello-wls", "${dumpRoot}/weblogic-workload", skipDeploy, skipUndeploy) 589 }, 590 "coherence workload": { 591 runGinkgoAppTest('workloads/coherence', "hello-coherence", "${dumpRoot}/coherence-workload", skipDeploy, skipUndeploy) 592 }, 593 "console ingress": { 594 // doesn't work with the deployment hooks 595 runGinkgo('ingress/console', "wls-console") 596 }, 597 ] 598 } 599 600 // Called in parallel Stage console of Stage Run Acceptance Tests 601 def acceptanceTestsConsole(dumpRoot) { 602 catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') { 603 try { 604 sh "CONSOLE_REPO_BRANCH=${params.CONSOLE_REPO_BRANCH} $GO_REPO_PATH/verrazzano/ci/scripts/run_console_tests.sh" 605 } catch (err) { 606 saveConsoleScreenShots() 607 error "${err}" 608 } 609 } 610 } 611 612 def saveConsoleScreenShots() { 613 sh "$GO_REPO_PATH/verrazzano/ci/scripts/save_console_test_artifacts.sh" 614 } 615 616 def runGinkgoRandomize(testSuitePath, dumpDir='') { 617 catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { 618 sh """ 619 if [ ! -z "${dumpDir}" ]; then 620 export DUMP_DIRECTORY=${dumpDir} 621 fi 622 cd $GO_REPO_PATH/verrazzano/tests/e2e 623 ginkgo -p --randomize-all -v --keep-going --no-color ${GINKGO_REPORT_ARGS} -tags="${params.TAGGED_TESTS}" --focus-file="${params.INCLUDED_TESTS}" --skip-file="${params.EXCLUDED_TESTS}" ${testSuitePath}/... 624 """ 625 } 626 } 627 628 def runGinkgo(testSuitePath, dumpDir='', kubeconfig='') { 629 catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { 630 sh """ 631 if [ ! -z "${dumpDir}" ]; then 632 export DUMP_DIRECTORY=${dumpDir} 633 fi 634 if [ ! -z "${kubeconfig}" ]; then 635 export KUBECONFIG="$kubeconfig" 636 fi 637 cd $GO_REPO_PATH/verrazzano/tests/e2e 638 ginkgo -v --keep-going --no-color ${GINKGO_REPORT_ARGS} -tags="${params.TAGGED_TESTS}" --focus-file="${params.INCLUDED_TESTS}" --skip-file="${params.EXCLUDED_TESTS}" ${testSuitePath}/... 639 """ 640 } 641 } 642 643 def runGinkgoFailFast(testSuitePath, dumpDir='') { 644 catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { 645 sh """ 646 if [! -z "${dumpDir}" ]; then 647 export DUMP_DIRECTORY=${dumpDir} 648 fi 649 cd $GO_REPO_PATH/verrazzano/tests/e2e 650 ginkgo -v --fail-fast --no-color ${GINKGO_REPORT_ARGS} -tags="${params.TAGGED_TESTS}" --focus-file="${params.INCLUDED_TESTS}" --skip-file="${params.EXCLUDED_TESTS}" ${testSuitePath}/... 651 """ 652 } 653 } 654 655 def runGinkgoAppTest(testSuitePath, namespace, dumpDir='', skipDeploy='false', skipUndeploy='false') { 656 catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') { 657 sh """ 658 if [ ! -z "${dumpDir}" ]; then 659 export DUMP_DIRECTORY=${dumpDir} 660 fi 661 cd $GO_REPO_PATH/verrazzano/tests/e2e 662 ginkgo -v --keep-going --no-color ${GINKGO_REPORT_ARGS} -tags="${params.TAGGED_TESTS}" --focus-file="${params.INCLUDED_TESTS}" --skip-file="${params.EXCLUDED_TESTS}" ${testSuitePath}/... -- --skipDeploy=${skipDeploy} --skipUndeploy=${skipUndeploy} --namespace=${namespace} 663 """ 664 } 665 } 666 667 def dumpK8sCluster(dumpDirectory) { 668 sh """ 669 ${GO_REPO_PATH}/verrazzano/ci/scripts/capture_cluster_snapshot.sh ${dumpDirectory} 670 """ 671 } 672 673 def dumpVerrazzanoSystemPods() { 674 sh """ 675 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-system-pods.log" 676 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n verrazzano-system -m "verrazzano system pods" || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 677 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-system-certs.log" 678 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o cert -n verrazzano-system -m "verrazzano system certs" || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 679 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-system-osd.log" 680 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n verrazzano-system -r "vmi-system-osd-*" -m "verrazzano system opensearchdashboards log" -l -c osd || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 681 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-system-es-master.log" 682 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n verrazzano-system -r "vmi-system-es-master-*" -m "verrazzano system opensearchdashboards log" -l -c es-master || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 683 """ 684 } 685 686 def dumpCertManagerNamespaceLogs() { 687 sh """ 688 kubectl logs --selector=app=cert-manager -n cert-manager > $WORKSPACE/platform-operator/scripts/install/build/logs/cert-manager.log || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 689 kubectl logs --selector=app.kubernetes.io/name=external-dns -n cert-manager > $WORKSPACE/platform-operator/scripts/install/build/logs/external-dns.log || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 690 """ 691 } 692 693 def dumpCattleSystemPods() { 694 sh """ 695 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/cattle-system-pods.log" 696 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n cattle-system -m "cattle system pods" || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 697 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/rancher.log" 698 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n cattle-system -r "rancher-*" -m "Rancher logs" -c rancher -l || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 699 """ 700 } 701 702 def dumpNginxIngressControllerLogs() { 703 sh """ 704 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/nginx-ingress-controller.log" 705 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n ingress-nginx -r "nginx-ingress-controller-*" -m "Nginx Ingress Controller" -c controller -l || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 706 """ 707 } 708 709 def dumpVerrazzanoPlatformOperatorLogs() { 710 sh """ 711 ## dump out verrazzano-platform-operator logs 712 mkdir -p $WORKSPACE/verrazzano-platform-operator/logs 713 kubectl -n verrazzano-install logs --selector=app=verrazzano-platform-operator > $WORKSPACE/verrazzano-platform-operator/logs/verrazzano-platform-operator-pod.log --tail -1 || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 714 kubectl -n verrazzano-install describe pod --selector=app=verrazzano-platform-operator > $WORKSPACE/verrazzano-platform-operator/logs/verrazzano-platform-operator-pod.out || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 715 echo "[INFO] verrazzano-platform-operator logs dumped to verrazzano-platform-operator-pod.log" 716 echo "[INFO] verrazzano-platform-operator pod description dumped to verrazzano-platform-operator-pod.out" 717 echo "[INFO] ------------------------------------------" 718 """ 719 } 720 721 def dumpVerrazzanoApplicationOperatorLogs() { 722 sh """ 723 ## dump out verrazzano-application-operator logs 724 mkdir -p $WORKSPACE/verrazzano-application-operator/logs 725 kubectl -n verrazzano-system logs --selector=app=verrazzano-application-operator > $WORKSPACE/verrazzano-application-operator/logs/verrazzano-application-operator-pod.log --tail -1 || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 726 kubectl -n verrazzano-system describe pod --selector=app=verrazzano-application-operator > $WORKSPACE/verrazzano-application-operator/logs/verrazzano-application-operator-pod.out || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 727 echo "[INFO] verrazzano-application-operator logs dumped to verrazzano-application-operator-pod.log" 728 echo "[INFO] verrazzano-application-operator pod description dumped to verrazzano-application-operator-pod.out" 729 echo "[INFO] ------------------------------------------" 730 """ 731 } 732 733 def dumpVerrazzanoApiLogs() { 734 sh """ 735 export DIAGNOSTIC_LOG="$WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-authproxy.log" 736 $GO_REPO_PATH/verrazzano/platform-operator/scripts/install/k8s-dump-objects.sh -o pods -n verrazzano-system -r "verrazzano-authproxy-*" -m "verrazzano api" -c verrazzano-authproxy -l || echo "[ERROR] failed" > ${POST_DUMP_FAILED_FILE} 737 """ 738 } 739 740 def dumpVerrazzanoInstallLogs() { 741 sh """ 742 ## dump out install logs 743 mkdir -p $WORKSPACE/platform-operator/scripts/install/build/logs 744 kubectl -n verrazzano-install logs --selector=job-name=verrazzano-install-my-verrazzano > $WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-install.log --tail -1 745 kubectl -n verrazzano-install describe pod --selector=job-name=verrazzano-install-my-verrazzano > $WORKSPACE/platform-operator/scripts/install/build/logs/verrazzano-install-job-pod.out 746 echo "[INFO] Verrazzano Installation logs dumped to verrazzano-install.log" 747 echo "[INFO] Verrazzano Install pod description dumped to verrazzano-install-job-pod.out" 748 """ 749 } 750 751 def getEffectiveDumpOnSuccess() { 752 def effectiveValue=params.DUMP_K8S_CLUSTER_ON_SUCCESS 753 if (FORCE_DUMP_K8S_CLUSTER_ON_SUCCESS.equals("true") && (env.BRANCH_NAME.equals("master"))) { 754 effectiveValue=true 755 echo "[INFO] Forcing dump on success based on global override setting" 756 } 757 return effectiveValue 758 } 759 760 def setDisplayName() { 761 echo "[INFO] Start setDisplayName" 762 def causes=currentBuild.getBuildCauses() 763 echo "[INFO] causes: " + causes.toString() 764 for (cause in causes) { 765 def causeString=cause.toString() 766 echo "[INFO] current cause: " + causeString 767 if (causeString.contains("UpstreamCause") && causeString.contains("Started by upstream project")) { 768 echo "[INFO] This job was caused by " + causeString 769 if (causeString.contains("verrazzano-periodic-triggered-tests")) { 770 currentBuild.displayName=env.BUILD_NUMBER + " : PERIODIC" 771 } else if (causeString.contains("verrazzano-flaky-tests")) { 772 currentBuild.displayName=env.BUILD_NUMBER + " : FLAKY" 773 } 774 } 775 } 776 echo "[INFO] End setDisplayName" 777 } 778 779 def createOCNECluster() { 780 env.createdOCNECluster="true" 781 sh """ 782 cd $TF_REPO_PATH 783 cat << EOF > config-file_ociccm.yaml 784 environments: 785 - environment-name: ${OCNE_ENVNAME} 786 globals: 787 version: ${OCNE_VERSION} 788 modules: 789 - module: kubernetes 790 name: ${OCNE_K8SNAME} 791 args: 792 restrict-service-externalip: false 793 #- module: oci-ccm 794 # name: ociccm 795 EOF 796 terraform init -input=false 797 terraform plan -input=false -out=tfplan -no-color 798 terraform apply -input=false -no-color -auto-approve tfplan 799 terraform output > $OCNE_DUMP_DIR/terraform.out 800 """ 801 env.API_SERVER_IP=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -raw apiserver_ip """).trim() 802 sh 'echo "API_SERVER_IP: $API_SERVER_IP"' 803 env.WORKER_NODES_IP=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -json worker_nodes""").replaceAll(/["\[\]]/, "").replaceAll(",", " ").trim() 804 sh 'echo "WORKER_NODES_IP: $WORKER_NODES_IP"' 805 env.CONTROL_PLANE_NODES_IP=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -json control_plane_nodes """).replaceAll(/["\[\]]/, "").replaceAll(",", " ").trim() 806 sh 'echo "CONTROL_PLANE_NODES_IP: $CONTROL_PLANE_NODES_IP"' 807 env.VCN_OCID=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -raw vcn_id """).trim() 808 sh 'echo "VCN_OCID: $VCN_OCID"' 809 env.VCN_CIDR=sh(returnStdout: true, script: """ oci network vcn get --vcn-id "$VCN_OCID" | jq -r '.data."cidr-block"' """).trim() 810 sh 'echo "VCN_CIDR: $VCN_CIDR"' 811 env.NODE_SUBNET_OCID=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -raw subnet_id """).trim() 812 sh 'echo "NODE_SUBNET_OCID: $NODE_SUBNET_OCID"' 813 env.BASTION_SUBNET_OCID=sh(returnStdout: true, script: """ oci network subnet list -c "$TF_VAR_compartment_id" --vcn-id "$VCN_OCID" --display-name "$TF_VAR_prefix-bastion" | jq -r '.data[0].id' """).trim() 814 sh 'echo "BASTION_SUBNET_OCID: $BASTION_SUBNET_OCID"' 815 env.BASTION_IP=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -raw bastion_public_ip """).trim() 816 sh 'echo "BASTION_IP: $BASTION_IP"' 817 env.BASTION_USER=sh(returnStdout: true, script: """ cd $TF_REPO_PATH && terraform output -raw bastion_user """).trim() 818 sh 'echo "BASTION_USER: $BASTION_USER"' 819 } 820 821 def setupSSH() { 822 env.CONTROL_PLANE_IP=CONTROL_PLANE_NODES_IP.split(" ")[0].replaceAll(" ", "").trim() 823 echo CONTROL_PLANE_IP 824 sh ''' 825 sudo yum -y install oracle-epel-release-el7 826 sudo yum -y install sshuttle 827 if [ $? -ne 0 ]; then 828 echo "[ERROR] Failed to install sshuttle" 829 exit 1 830 fi 831 sshuttle -r $BASTION_USER@$BASTION_IP $VCN_CIDR --ssh-cmd 'ssh -o StrictHostKeyChecking=no -i '$TF_VAR_bastion_private_key_path'' --daemon --pidfile=$SSHUTTLE_PID_FILE 832 if [ $? -ne 0 ]; then 833 echo "[ERROR] Failed to ssh tunnel to the bastion host $TF_VAR_prefix-bastion at $BASTION_USER@$BASTION_IP" 834 exit 1 835 fi 836 ssh -i "$TF_VAR_ssh_private_key_path" -fN4 -L 6443:$CONTROL_PLANE_IP:6443 "$BASTION_USER"@"$BASTION_IP" 837 ''' 838 } 839 840 def setupKubeconfig() { 841 sh """ 842 cp ${TF_REPO_PATH}/kubeconfig "$KUBECONFIG" 843 yq -i 'del(.clusters[0].cluster."certificate-authority-data")' "$KUBECONFIG" 844 yq -i eval '.clusters[0].cluster.server = "https://127.0.0.1:6443"' "$KUBECONFIG" 845 yq -i eval '.clusters[0].cluster."insecure-skip-tls-verify" = true' "$KUBECONFIG" 846 cp "$KUBECONFIG" $OCNE_DUMP_DIR/kubeconfig 847 kubectl get nodes 848 kubectl get po -A 849 """ 850 } 851 852 def setupOciCCM() { 853 sh """ 854 cd $TF_REPO_PATH 855 $GO_REPO_PATH/verrazzano/ci/scripts/ocne_ociccm.sh 856 kubectl get po -A 857 kubectl get po -o yaml -n kube-system -l app=csi-oci-controller | grep image: 858 """ 859 } 860 861 def updateStorageClass() { 862 env.CONTROL_PLANE_IP=CONTROL_PLANE_NODES_IP.split(" ")[0] 863 echo CONTROL_PLANE_IP 864 sh """ 865 # Add annotation to the storageclass created by OCNE oci-ccm module 866 kubectl annotate storageclass oci-bv "storageclass.kubernetes.io/is-default-class"="true" --overwrite=true 867 # Create a CSI Driver 868 cat << EOF | kubectl apply -f - 869 apiVersion: storage.k8s.io/v1 870 kind: CSIDriver 871 metadata: 872 name: blockvolume.csi.oraclecloud.com 873 spec: 874 fsGroupPolicy: File 875 EOF 876 """ 877 } 878 879 def createImagePullSecrets() { 880 sh """ 881 $GO_REPO_PATH/verrazzano/tests/e2e/config/scripts/create-image-pull-secret.sh "$IMAGE_PULL_SECRET" "$GHCR_REPO" "$GITHUB_PKGS_CREDS_USR" "$GITHUB_PKGS_CREDS_PSW" 882 $GO_REPO_PATH/verrazzano/tests/e2e/config/scripts/create-image-pull-secret.sh github-packages "$GHCR_REPO" "$GITHUB_PKGS_CREDS_USR" "$GITHUB_PKGS_CREDS_PSW" 883 $GO_REPO_PATH/verrazzano/tests/e2e/config/scripts/create-image-pull-secret.sh ocr "$OCR_REPO" "$OCR_CREDS_USR" "$OCR_CREDS_PSW" 884 if kubectl get ns | grep verrazzano-install > /dev/null 2>&1 ; then 885 echo "Namespace verrazzano-install already exists (with OCNE-1.7 OCI-CCM)" 886 else 887 kubectl create namespace verrazzano-install 888 fi 889 $GO_REPO_PATH/verrazzano/tests/e2e/config/scripts/create-image-pull-secret.sh "$IMAGE_PULL_SECRET" "$GHCR_REPO" "$GITHUB_PKGS_CREDS_USR" "$GITHUB_PKGS_CREDS_PSW" "verrazzano-install" 890 """ 891 } 892 893 def downloadVerrazzanoPlatformOperator() { 894 sh """ 895 oci --region us-phoenix-1 os object get \ 896 --namespace "$OCI_OS_NAMESPACE" -bn "$OCI_OS_COMMIT_BUCKET" \ 897 --name "ephemeral/${env.BRANCH_NAME}/$SHORT_COMMIT_HASH/operator.yaml" \ 898 --file $VZ_PLATFORM_OPERTOR_YAML 899 """ 900 } 901 902 def installVerrazzano() { 903 env.installedVZ="true" 904 sh """ 905 # Install Verrazzano 906 $VZ_COMMAND install -f $INSTALL_CONFIG_FILE_OCNE --set profile="$INSTALL_PROFILE" --set environmentName="$VZ_ENVIRONMENT_NAME" --manifests="$VZ_PLATFORM_OPERTOR_YAML" 907 $VZ_COMMAND status 908 909 # Print out the namespaces 910 kubectl get namespaces 911 912 # Print out the username and passwords 913 echo "Verrazzano username: verrazzano" 914 kubectl get secret --namespace verrazzano-system verrazzano -o jsonpath={.data.password} | base64 --decode; echo 915 echo "Rancher username: admin" 916 kubectl get secret --namespace cattle-system rancher-admin-secret -o jsonpath={.data.password} | base64 --decode; echo 917 echo "Keycloak username: keycloakadmin" 918 kubectl get secret --namespace keycloak keycloak-http -o jsonpath={.data.password} | base64 --decode; echo 919 """ 920 } 921 922 def deleteVerrazzano() { 923 sh """ 924 $VZ_COMMAND uninstall -y --wait 925 """ 926 } 927 928 def deleteOCNECluster() { 929 sh ''' 930 cd $TF_REPO_PATH 931 $GO_REPO_PATH/verrazzano/ci/scripts/ocne_delete_lb_subnet.sh 932 terraform destroy -auto-approve 933 for x in {1..3}; do 934 if [[ $? -ne 0 ]]; then 935 echo "[INFO] Failed to destroy terraform resources. Retrying ..." 936 terraform destroy -auto-approve 937 else 938 break 939 fi 940 done 941 ''' 942 } 943 944 def ocneKubeVersion() { 945 if ( params.OCNE_VERSION.equals("1.6") ) { 946 return "1.25.11" 947 } else if ( params.OCNE_VERSION.equals("1.5.13") ) { 948 return "1.24.15" 949 } else if ( params.OCNE_VERSION.equals("1.5.12") ) { 950 return "1.24.8" 951 } 952 return "1.26.6" 953 }