With Ubuntu bionic base image for drydock docker image, uwsig crashes
with segmentation fault when it tries to load/import the psycopg2 package.
The reason for this is that uwsgi and psycopg2 packages are built with
incopatible ssl libraries.
Upgrading uwsgi and psycopg2 to address this issue for bionic based
images.
Change-Id: I3d0bfb96c19849f5c2925366f8712bf47985df67
Adds support to build drydock image using either a xenial or a bionic base
image. Currently only xenial base is supported.
The default base image is set to ubuntu bionic.
Change-Id: I93672cf35879d8525d28e870ea83e5512c1043f9
Updated Makefile to run the build baclient package for go on the
host instead of as a docker container, to allow the Makefile be
called from another container. Reason being, in a docker-in-docker,
volume mapping requires knowledge of host filesystem path instead
of the docker daemon filesystem path.
Corrected proxy configuration in the scripts to use the USE_PROXY,
PROXY and NO_PROXY environment variables.
Updated Dockerfile to add multi-stage build, to avoid including the
golang-go package in the docker image. Stage one creates the
baclient Go library, and stage two creates the drydock image, and
copies the baclient from stage one image.
Change-Id: I29a30e870da8f44279dcd62bb1173165fa939d43
This change updates the location of the kubernetes-entrypoint image to
point to its new home in the airshipit namespace on quay.io [0]. The
stackanetes image is no longer maintained.
[0] https://quay.io/repository/airshipit/kubernetes-entrypoint
Depends-On: 8314c530305a7a14cbf72bf0c2e873e0d01c595c
Change-Id: I08db87c2f97c687bd87162e2f7eaf81abe882c31
Signed-off-by: Drew Walters <andrew.walters@att.com>
This change updates the helm-toolkit version used to build the Drydock
chart in order to introduce a change that removes use of the echo binary
from the Kubernetes entrypoint init container [0]. This is required in
order to use the new Kubernetes entrypoint image, which does not include
the binary.
[0] https://review.opendev.org/688435
Change-Id: I3c291367541aca9d2d8f2a7c3c0600d9d9efb84f
Signed-off-by: Drew Walters <andrew.walters@att.com>
Update apiversion for deployment to apps/v1
Add selector match labels to deployment
This patch is similar to https://review.opendev.org/#/c/638276/
These changes are required to install drydock helm chart on k8s 1.16.0
Change-Id: Ie9b7344fc94058a6212d09a9b96fe1b2b9d07b4e
- Currently several failure paths won't log any messages
when doing a site validation. Add these messages
- Also, for validation steps that are dependent on external resources
make the resource inaccessibility a warning rather than a failure.
Change-Id: I431ed188e2f6cd3fc3fa41ae2729f3a099fdfbf5
The patch introduces network policy configuration similar
to openstack-helm services. It allows users to configure
policies depending on the environment.
* Network policies are disabled by default.
* When enabled default policies allow all ingress and
egress traffic (i.e. policy set to {}), this may be
changed in future patch-sets.
Change-Id: I2705fcf1d322ed06b124811b4ab91bfdfbdeacf3
Readthedocs failed to render Drydock exceptions with error:
> WARNING: autodoc: failed to import exception xxx from module
> 'drydock_provisioner'; the following exception was raised: No module
> named 'drydock_provisioner'
Trying to add Drydock requirements to the installed requirements list,
so that Readthedocs has all modules, including those needed for the
Drydock itself.
Unify docs building by utilizing Zuul docs-on-readthedocs template job.
Cosmetic readability changes:
1. combined all Makefile .PHONY targets into one
2. merged multiple LABEL instructions in Dockerfile into one
Change-Id: I6a9b47cffc66d739968fa886c51e25b1e09ef124
MAAS only accepts CIDR IPs that do not have host bits set otherwise
MAAS sees the CIDR as a second network. This commit adds a Drydock
validation that checks if the CIDR has host bits and also suggests
which CIDR to use if the provided one is not acceptable to MAAS.
Change-Id: Ib6d4d8277d0e1634524426a08e138e39fb37f14b
This PS allows to check the response code and if it's equal
to 22, the test will be considered as successful.
Change-Id: I3867c551be5785488248e956e6f8a124477232f5
This commit introduces a non-voting job to lint Helm charts against the
latest version of Helm toolkit from OpenStack-Helm Infra. This job
should serve as an indicator of when it's safe to advance the version of
Helm toolkit used by Airship.
Additionally, this commit modifies all Helm chart lint jobs to run on
each commit, regardless of the files modified by a change. This should
not introduce a noticeable difference in CI runtime, as these jobs
execute quicker than the tox jobs.
Change-Id: I90473fd73a740f2711eb85e131edfa457944ea5e
This updates the drydock chart to include the pod
security context on the pod template. This changes the pod's
user from root to the nobody user instead
This also adds the container security context to set
allowPrivilegeEscalation to false and readOnlyRootFilesystem to true
Change-Id: I0882622e672e5918da82b58b76697b8974cf0b16
- Zuul updated ansible to 2.7, no longer allows missing variables.
- Using default value when it isn't available.
Based on Aaron Sheffield's PS for Pegleg: https://review.openstack.org/#/c/645631/
Change-Id: Icf23f769ca1c82f20da77f2a0d67b788ca14facb
tgt service is exposed in maas-rack-controller as a root-owned process
We are not utilizing tgt so let's just disable it.
Needed for this: https://review.openstack.org/#/c/639432/
Change-Id: I89da1c033baa72ac9c2755af9eeff6b8cce47517
Currently, Drydock images are built using the Ubuntu:16.04 base image.
This change allows users to specify different base images using the
UBUNTU_BASE_IMAGE build argument.
Change-Id: I9ddaa89eb5262571703a3dbf7ebb6deed1505842
- Drydock should support defined networks that MAAS cannot
see. This fixes an issue that caused this use-case to fail
by ensuring that the MAAS client models with no internal
resource IDs work.
Change-Id: I1a20d4730e94eee7268ff0cc3451e4b459a1e62b
This commit introduces a chart build gate that triggers when changes are
made to charts in the charts/ directory.
Change-Id: I8c2c428302f3297109f37213b93c088321b13204
Ahmad Mahmoudi
Prateek Dodda
Zuul
Drew Walters
Hemanth Nakkina
Scott Hussey
Evgeny L
Roman Gorshunov
Carter, Matt (mc981n)
Mahmoudi, Ahmad (am495p)
Kumar, Nishant(nk613n)
Dejaeger, Darren (dd118r)
Kaspars Skels
Sean Eagan
Hussey, Scott (sh8121)
OpenDev Sysadmins
Zuul
BARTRA, RICK
Dmitrii Kabanov
Drew Walters
Smruti Soumitra Khuntia
Rahul Khiyani
Aaron Sheffield
Jared Miller
pd2839