Currently tags aren't mirrored until the next patchset is merged,
which delays the Github release workflow.
Change-Id: Ib50b6369d4f8ddeaf832f1de2c8f6b133b9b40c5
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
Currently, about 15% of the last jobs were failed [1]
due to exceeding timeout error, however in most cases the job
was running just fine, but it was interrupted due to global
timeout. This patch increases timeout for this job by 20 minutes.
[1] https://zuul.opendev.org/t/openstack/builds?job_name=airship-airshipctl-gate-script-runner
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Change-Id: I5d8058aa5edd56052d51b67fbf23c0665ee1e6a9
Commit fixes CAPD deployment and removes redundant scripts
that check expiration for CAPD site.
They must be tested separately outside CAPD pipeline
Related-To: #482
Closes: #482
Change-Id: I60ffd76a4f3f08bd7bd198a0c2b15483dfbdd6a6
This patchset introduces a generated with template [1] and encrypted
VariableCatalogue generated-secrets that contains steps to
generate: ephemeral and target CA+admin key/cert and passwords for
users in ephemeral bootstrap iso.
It also introduces the way how these secrets are used in manifests:
They're decrypted by kustomize and incorporated into the folders
`catalogues` in the site, so they can be used by replacement plugin.
This patchset contains modifications in replacement plugin
configurations to put the decrypted values from VariableCatalogue
in place.
Since k8s secrets were substituted with generated values
this patchset removes pre-generated k8s secrets.
[1]
manifests/type/gating/target/generator/secret-template.yaml
Change-Id: I0898c74012833f0e171d36bb8145acf358510b69
the job takes around 45-60 minutes to complete on most of the nodes
however some nodes are slower and it make take a little bit more.
As future enhancement we should pararelize validation and refactor
scripts to run two cluster validation at the same time.
Change-Id: I01ac2ed15727931126058c343dbbb826790e940d
This job doesn't work properly since a lot of changes in the
airshipctl logic were applied. All the issues were addressed.
Change-Id: Iec6fa7e6a3aa1ab46d496a8fd63822df1f8124cc
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Relates-To: #19
This reverts commit 9bd01de3dad7304b4eaedf09dba081b92470d736.
Reason for revert: cloud instances we use for CI are more stable now.
Change-Id: Id14f84e2a5b40d537161f1b4ea35fc97e9b1467d
* Removed the duplicate script for CAPI ephemeral node deployment
* Updated the generic script to support all providers
Change-Id: Icc1bed5c1b62662109b43ec94ee2fdb5de6de09b
Since golint job was fixed and it's essential to maintain
code standards this job should have voting status.
Change-Id: I623171ce89b3906eac30e11fa3d7ebeb2725372b
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
* Removing the non-voting job from dependency. So that
for any reason if the dependent non-voting job fails,
the gate runner job will not be skipped.
Change-Id: If2f208d41a6df1ce7286654fe6e203d309042874
Add jobs in experimental pipeline to do the following:
- install Sonobuoy
- run CNCF Conformace Tests
- run CIS Benchmarks Tests
Conformance tests include:
- CNCF Compliance: uses sonobuoy end-to-end (e2e) and systemd-logs
plugins
- CIS Benchmarks: utilizes the kube-bench implementation
of the CIS security benchmarks plugin
Pipeline can be triggered by comment
- "check experimental"
Change-Id: I7d08ae42512dc4c83e2f550c4809ce1f8ddccc7b
Change-Id: I2e6469f5b8e229828532ce5499498da639d23fe6
This Patch Set uses docker zuul gate and
checks the certificate expiration
and certiticate rotate-sa-token commands
Change-Id: I76f902d4fcacdbfe168abd58ec707282e46a3f91
This introduces airshipctl integration with image-builder [0], which
replaces the existing isogen tool for ephemeral ISO generation.
The airshipctl isogen executor has been updated for building ephemeral
ISOs using the image-builder container. The ability for user-declared
filenames for cloud-init user data and network data was removed, since
the user's only interest is in supplying the relevant overrides, not in
transparent naming coordination with the image-builder container. A new
object is added to the document package to identify the document kind,
label, and key to retrieve data from since this is pattern we will
reuse elsewhere.
Progress flag removed as requsted. Progress is reported directly by the
image-builder container.
Isogen debug flag removed in favor of using log.DebugEnabled()
[0] https://review.opendev.org/#/c/730777/
Depends-On: https://review.opendev.org/c/airship/images/+/730777/
Change-Id: I545004feaf2116f8ffb29faf6f7f7f5fcfe24fff
* add common scripts for providers capd/capg/capz/capo
to do the following:
- install kind (reuses tools/document/get_kind.sh)
- improve tools/document/start_kind.sh to use
custom kind config file
- created a script similar to 26_deploy_metal3_capi_ephemeral_node.sh,
called tools/deployment/26_deploy_capi_ephemeral_node.sh and
made it flexible for all providers (metal3/capd/capz/capg/capo)
- deploy ephemeral control plane
- initialize target node
- move crds from ephemeral to target
- deploy target workers
Closes: #413
Change-Id: If3520d000a03e5ed26d54e1ceedb2febfceccb3d
The existing `image_repo` value was leading to invalid image tag name
errors e.g. "https://quay.io/api/v1//airshipit/airshipctl:latest". This
updates the value to match the default DOCKER_REGISTRY value in the Makefile.
Change-Id: Ifa9112c8b91475593300ff04fd069dff703762af
Closes: #437
Modify following roles to accept the proxy and env
variables from zuul jobs and project manifest so they
can be overwritten to run them on downstream zuul
- airshipctl-build-images
- airshipctl-publish-images
Change-Id: Ied06e60507f125c60ca7b9d47331e967fd69bf14
The airshipctl gate runner consumes 16GB RAM VM node. Currently we have
insufficient compute capacity to run it on every patch set change.
This patch set makes gate runner run only on request and on Zuul gate
(pre-merge) to reduce workload imposed onto community CI.
Request to run airshipctl gate runner is a comment
"check experimental"
left to a patch set in Gerrit.
Change-Id: I5cb2a80b5cdc9dd025249e313d29eab62cbb3446
* Recently the lint and test jobs are separated
* update the reference to lint and test job names
marked as dependency for azure gate runner
Change-Id: I9bf495143b14d248c54c20e4814ac236b167eba1
This would will make sure that issues like #382 would not arise
in the future.
Change-Id: I3f65c760fc2d893a2e93ae8d606b2282bb1008b3
Relates-To: #383
Closes: #383
This increases the timeout of the document validation job from
30min (default) to 60min. This is required because of the recent
addition of provider-specific site definitions; since a kind cluster
is set up / torn down for each site definition, it can take longer
than a half hour when running on slower open infra VMs.
Change-Id: I23e7201365058d96ccdc07e310c3c921daf952a7
* clusterctl commands are driven through phase run.
So removing install clusterctl CLI utility from gate
script
Change-Id: I1c57aa07a9e19495c94c3080d0ce40dfc0e5dd47
This commit integrates the Azure provider to the Airship 2.0 project.
It adds the following folders:
- manifest/function/capz: This folder contains all manifests required
for the integration of Azure provider.
- manifest/function/k8scontrol-capz: This folder contains the base
manifest for the Azure Workload cluster.
- manifest/site/az-test-site: This folder contains the manifests used
for initializing the CAPI and CAPZ components on the management cluster
invoking "airshipctl cluster init" and manifests used for deploying a
Workload cluster on the Azure Cloud by invoking the command
"airshipctl phase apply azure".
- tools/deployment/azure: provides the script shell that are used in the
zuul gates and local test.
Updated files:
- zuul.d/project.yaml and zuul.d/jobs.yaml have been updated to include
gates for validating the Azure provider integration.
Change-Id: Icbdc7f6f42c159f48dd11e35626da3bc016f5487
* The idea here is to execute all the applicable small jobs first.
* If all the applicable small jobs succeeds, then proceed with the
long running gate runner job.
Change-Id: I807ad3bf725db35945e83feff0601b011c771d5a
Added patterns of files which should and should not trigger jobs on Zuul CI,
to reduce workload imposed onto the CI infrastructure.
Change-Id: I7081c7a2a4902a29e571dce1133465f2821d71a3
Added patterns of files which should not trigger the most resource-consuming
job (on 16GB VM) on Zuul CI.
Change-Id: I143a15f531f5179cebf2741eacd67818976fda94
Currently we don't test document pull step by rewriting
manifest_directory variable as current source path, which
makes a mess in target_path, manifest_path and related paths
(concatenation of target_path+manifest_path won't return
an existing and proper location). This patch organizes
mentioned variables and enables document pull step which
starts working properly. The latest repo state used as
git source for this command.
Change-Id: I5abce73877441c7529f2f77add79cf410e2226d8
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
This adds gating for helm release management by including a minimal
example workload phase which consists of a HelmRelease for the nginx
ingress controller and a corresponding deployment script including
supporting validation logic.
Change-Id: Ia21a799030289c7e40a0e61292578987ea0f6c63
Relates-To: #351
When the successful gate test runs for approximately 1:20, current
timeout does not allow jobs to pass if there is bad latency at the
DC in which vm was spawned. This will reduce the amount of rechecks
that patch sets owners have to perform.
Change-Id: Icd7410126c6bcdf01ff6763255023539e1950c45
The job needs to be redesigned in general, and it doesn't belong
to airshipctl repository. Document validation should be performed
in treasure map repository.
Next step would be to move validation job to treasure map repo
Change-Id: I627eec5c5d7efddd22c6aaa672091210451e89ae
