Airskiff updates

This PS provides the following changes: - updates ssh host key for github upload zuul job; - updates global manifests to use locally built charts. Change-Id: I1e60f08a2460ce528bb686f39cbb44888b936211
2023-07-12 17:00:31 +00:00 · 2023-07-12 17:00:31 +00:00 · 559b553b3f
parent e5ad9e5bd2
commit 559b553b3f
17 changed files with 53 additions and 383 deletions
--- a/.zuul.yaml
+++ b/.zuul.yaml
@ -210,11 +210,11 @@
 #       - ^site/aiab/.*$

 - secret:
-    name: airshipit-github-secret
+    name: airshipit-github-secret-2023-03-23
    data:
      user: git
      host: github.com
-      host_key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+      host_key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
      ssh_key: !encrypted/pkcs1-oaep
        - QhMLTtGvYN+GvEF28brcFNk3/2mXVea9ZoPU4SqUvqy+T/0kdpGZ8RZkZ9mr6Odsl/WJl
          K3n6ct6VYv0l6kCjSLYZd2BcNXTebFEYAAPAhpaUavltMiW1pv/U+1VV1e8Ry6YQWiGII
@ -265,6 +265,6 @@
      git_mirror_repository: airshipit/treasuremap
    secrets:
      - name: git_mirror_credentials
-        secret: airshipit-github-secret
+        secret: airshipit-github-secret-2023-03-23
        pass-to-parent: true

--- a/global/software/charts/kubernetes/container-networking/calico.yaml
+++ b/global/software/charts/kubernetes/container-networking/calico.yaml
@ -146,28 +146,4 @@ data:
      daemonset_calico_etcd: false
      job_image_repo_sync: false
      service_calico_etcd: false
-  dependencies:
-    - calico-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: calico-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.calico.calico-htk
-      dest:
-        path: .source
-data:
-  chart_name: calico-htk
-  release: calico-htk
-  namespace: calico-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/container-networking/etcd.yaml
+++ b/global/software/charts/kubernetes/container-networking/etcd.yaml
@ -109,28 +109,4 @@ data:
        name: service_peer
        port: 6667
        target_port: 6667
-  dependencies:
-    - kubernetes-calico-etcd-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-calico-etcd-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.calico.etcd-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-calico-etcd-htk
-  release: kubernetes-calico-etcd-htk
-  namespace: kubernetes-calico-etcd-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/core/apiserver.yaml
+++ b/global/software/charts/kubernetes/core/apiserver.yaml
@ -171,28 +171,4 @@ data:
          plugins:
          - name: EventRateLimit
            path: eventconfig.yaml
-  dependencies:
-    - kubernetes-apiserver-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-apiserver-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.apiserver-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-apiserver-htk
-  release: kubernetes-apiserver-htk
-  namespace: kubernetes-apiserver-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/core/controller-manager.yaml
+++ b/global/software/charts/kubernetes/core/controller-manager.yaml
@ -111,28 +111,4 @@ data:
      - --pod-eviction-timeout=60s
    network:
      kubernetes_netloc: 127.0.0.1:6553
-  dependencies:
-    - kubernetes-controller-manager-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-controller-manager-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.controller-manager-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-controller-manager-htk
-  release: kubernetes-controller-manager-htk
-  namespace: kubernetes-controller-manager-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/core/scheduler.yaml
+++ b/global/software/charts/kubernetes/core/scheduler.yaml
@ -68,28 +68,4 @@ data:
  values:
    network:
      kubernetes_netloc: 127.0.0.1:6553
-  dependencies:
-    - kubernetes-scheduler-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-scheduler-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.scheduler-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-scheduler-htk
-  release: kubernetes-scheduler-htk
-  namespace: kubernetes-scheduler-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/dns/coredns.yaml
+++ b/global/software/charts/kubernetes/dns/coredns.yaml
@ -112,41 +112,4 @@ data:
      coredns:
        node_selector_key: kube-dns
        node_selector_value: enabled
-
-  dependencies:
-    - coredns-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: coredns-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.coredns-htk
-      dest:
-        path: .source
-data:
-  chart_name: coredns-htk
-  release: coredns-htk
-  namespace: coredns-htk
-  values:
-    pod:
-      # TODO: replicas can be removed once we switch coredns to
-      # DaemonSet-only.  It will be deployed with both DaemonSet
-      # and Deployment-managed pods as we transition to DaemonSet.
-      replicas:
-        coredns: 2
-    manifests:
-      daemonset: true
-      # TODO: `deployment` can be set to false once we switch coredns to
-      # DaemonSet-only.  It will be deployed with both DaemonSet
-      # and Deployment-managed pods as we transition to DaemonSet.
-      deployment: true
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/etcd/etcd.yaml
+++ b/global/software/charts/kubernetes/etcd/etcd.yaml
@ -110,28 +110,4 @@ data:
        name: service_peer
        port: 2380
        target_port: 2380
-  dependencies:
-    - kubernetes-etcd-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-etcd-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.etcd-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-etcd-htk
-  release: kubernetes-etcd-htk
-  namespace: kubernetes-etcd-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/haproxy/haproxy.yaml
+++ b/global/software/charts/kubernetes/haproxy/haproxy.yaml
@ -84,28 +84,4 @@ data:
                  - option tcpka
                  - option tcp-check
                  - option redispatch
-  dependencies:
-    - haproxy-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: haproxy-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.haproxy-htk
-      dest:
-        path: .source
-data:
-  chart_name: haproxy-htk
-  release: haproxy-htk
-  namespace: haproxy-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/charts/kubernetes/ingress/ingress.yaml
+++ b/global/software/charts/kubernetes/ingress/ingress.yaml
@ -62,27 +62,4 @@ data:
      replicas:
        ingress: 1
        error_page: 1
-  dependencies:
-    - ingress-kube-system-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: ingress-kube-system-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.ingress-htk
-      dest:
-        path: .source
-data:
-  chart_name: ingress-kube-system-htk
-  release: ingress-kube-system-htk
-  namespace: ingress-kube-system-htk
-  values: {}
-  dependencies: []
+...
--- a/global/software/charts/kubernetes/proxy/kubernetes-proxy.yaml
+++ b/global/software/charts/kubernetes/proxy/kubernetes-proxy.yaml
@ -68,27 +68,4 @@ data:
    livenessProbe:
      whitelist:
        - tiller-deploy
-  dependencies:
-    - kubernetes-proxy-htk
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-proxy-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.proxy-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-proxy-htk
-  release: kubernetes-proxy-htk
-  namespace: kubernetes-proxy-htk
-  dependencies: []
 ...
--- a/global/software/charts/osh/openstack-memcached/memcached.yaml
+++ b/global/software/charts/osh/openstack-memcached/memcached.yaml
@ -55,29 +55,4 @@ data:
      server:
        node_selector_key: openstack-control-plane
        node_selector_value: enabled
-  dependencies:
-    - memcached-htk
-...
---
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: memcached-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.osh.memcached-htk
-      dest:
-        path: .source
-data:
-  chart_name: memcached-htk
-  release: memcached-htk
-  namespace: memcached-htk
-  values: {}
-  dependencies: []
 ...
--- a/global/software/config/versions.yaml
+++ b/global/software/config/versions.yaml
@ -3,106 +3,46 @@ data:
  charts:
    kubernetes:
      apiserver:
-        location: https://opendev.org/airship/promenade
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
-        subpath: charts/apiserver
-        type: git
-      apiserver-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/apiserver.tgz
+        subpath: apiserver
+        type: tar
      calico:
        calico:
-          location: https://opendev.org/openstack/openstack-helm-infra
-          reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-          subpath: calico
-          type: git
-        calico-htk:
-          location: https://opendev.org/openstack/openstack-helm-infra
-          reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-          subpath: helm-toolkit
-          type: git
+          location: http://control-plane.minikube.internal:8282/calico.tgz
+          subpath: etcd
+          type: calico
        etcd:
-          location: https://opendev.org/airship/promenade
-          reference: 64807416b71958e31156ef7a50e169813acc4e15
-          subpath: charts/etcd
-          type: git
-        etcd-htk:
-          location: https://opendev.org/openstack/openstack-helm-infra
-          reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-          subpath: helm-toolkit
-          type: git
+          location: http://control-plane.minikube.internal:8282/etcd.tgz
+          subpath: etcd
+          type: tar
      controller-manager:
-        location: https://opendev.org/airship/promenade
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
-        subpath: charts/controller_manager
-        type: git
-      controller-manager-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/controller_manager.tgz
+        subpath: controller_manager
+        type: tar
      coredns:
-        location: https://opendev.org/airship/promenade
-        reference: 2125b61b5769e1bc85707ff39f7566d42e49023a
-        subpath: charts/coredns
-        type: git
-      coredns-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 2125b61b5769e1bc85707ff39f7566d42e49023a
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/etcd.tgz
+        subpath: etcd
+        type: tar
      etcd:
-        location: https://opendev.org/airship/promenade
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
-        subpath: charts/etcd
-        type: git
-      etcd-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/coredns.tgz
+        subpath: coredns
+        type: tar
      haproxy:
-        location: https://opendev.org/airship/promenade
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
-        subpath: charts/haproxy
-        type: git
-      haproxy-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/haproxy.tgz
+        subpath: haproxy
+        type: tar
      ingress:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
+        location: http://control-plane.minikube.internal:8282/ingress.tgz
        subpath: ingress
-        type: git
-      ingress-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        type: tar
      proxy:
-        location: https://opendev.org/airship/promenade
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
-        subpath: charts/proxy
-        type: git
-      proxy-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/proxy.tgz
+        subpath: proxy
+        type: tar
      scheduler:
-        location: https://opendev.org/airship/promenade
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
-        subpath: charts/scheduler
-        type: git
-      scheduler-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        location: http://control-plane.minikube.internal:8282/scheduler.tgz
+        subpath: scheduler
+        type: tar
    osh:
      barbican:
        location: https://opendev.org/openstack/openstack-helm
@ -140,10 +80,9 @@ data:
        subpath: helm-toolkit
        type: git
      helm_toolkit:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
+        location: http://control-plane.minikube.internal:8282/helm-toolkit.tgz
        subpath: helm-toolkit
-        type: git
+        type: tar
      horizon:
        location: https://opendev.org/openstack/openstack-helm
        reference: 536eaed62d55eca694eaae0c50df910dbb55fff7
@ -195,15 +134,9 @@ data:
        subpath: helm-toolkit
        type: git
      memcached:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
+        location: http://control-plane.minikube.internal:8282/memcached.tgz
        subpath: memcached
-        type: git
-      memcached-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
+        type: tar
      neutron:
        location: https://opendev.org/openstack/openstack-helm
        reference: 536eaed62d55eca694eaae0c50df910dbb55fff7
--- a/tools/deployment/airskiff/developer/030-armada-bootstrap.sh
+++ b/tools/deployment/airskiff/developer/030-armada-bootstrap.sh
@ -50,3 +50,6 @@ docker run --rm --net host -p 8000:8000 --name armada \
 # # Set back permissions of the files
 sudo chmod "${AIRSKIFF_PERMISSIONS}" airskiff.yaml
 # sudo chmod "${KUBE_CONFIG_PERMISSIONS}" ~/.kube/config
+
+# terminate artifactory
+docker rm artifacts --force || true
--- a/tools/deployment/airskiff/developer/100-deploy-osh.sh
+++ b/tools/deployment/airskiff/developer/100-deploy-osh.sh
@ -24,7 +24,7 @@ set -xe
 : "${PL_SITE:="airskiff"}"

 # Source OpenStack credentials for Airship utility scripts
-. tools/deployment/airskiff/common/os-env.sh
+source ./tools/deployment/airskiff/common/os-env.sh


 # start http server with artifacts
@ -51,3 +51,6 @@ ${SHIPYARD} create configdocs airskiff-design \
             --directory=${PL_OUTPUT}
 ${SHIPYARD} commit configdocs
 ${SHIPYARD} create action update_software --allow-intermediate-commits
+
+# terminate artifactory
+docker rm artifacts --force || true
--- a/tools/gate/playbooks/airskiff-deploy-gate.yaml
+++ b/tools/gate/playbooks/airskiff-deploy-gate.yaml
@ -13,6 +13,10 @@
 # limitations under the License.

 - hosts: all
+  roles:
+    - role: add-authorized-keys
+      public_keys:
+        - public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDA7eM8WFJrqQmki8rR0O3QBHyl8xq42jb1RduwuRwjWoGYJI5cX7Fx+7VR4A9ITCoiqxKS8DMfgKbt5jKC6SmvMALULZsnYlthB34KywurgxsW6fgp68DHWQ7J4CCBhoIpl0W3JW7s6b0vHLhab59r0E+AYemBVuWUqbFEy8nDAHcQv1S/2o1udhmljIN7c2ogO4KAJ7Lge0BoIP9ps4u6AVwyQZixp4anU9DHGNA/UQj4M5UyuALj5buEAuATBe9Vqj4sOvZjObPJAGPUrNRrGEWAFk+lSZHRzKXo0eeWtPqoh5UN9UDb5Pocg1krncMIZwjHKovlD1z/O1y91aY5LM1wxm/7aaIiX8eCihyVZaOuDCLF7WDT2SMs7ABcotX2MDtVQTrNNV3MmMAScFNDflzPKszd7cdjLl6PBq8bvPxmCkLmnitPTGOoh9d8i+JlbINvgx1pguYrpeciIyreCO1rjTW3MgB0tyoMEa31V+7HrauBMeNnE68YTqLTIB0= smarkin@mirantis.com

  tasks:
    - name: Clone dependencies
@ -68,6 +72,9 @@
        set -ex
        export PL_SITE="{{ site }}"
        ./tools/deployment/airskiff/developer/100-deploy-osh.sh
+
+        while true; do sleep 100; done
+
      args:
        chdir: "{{ zuul.project.src_dir }}"
      become: yes
--- a/tools/openstack
+++ b/tools/openstack
@ -1,6 +1,6 @@
 #!/bin/bash

-# Utility to execute OpenStack CLI using Heat container.
+# Utility to execute OpenStack CLI using utility container.
 # This is an example, and should be adjusted to ones needs.
 #
 # Usage: openstack endpoint list
@ -37,5 +37,5 @@ exec sudo docker run --rm ${TERM_OPTS} --net host \
   -v $(pwd):/target \
   -v ${OS_CLOUD_CFG}:/etc/openstack/clouds.yaml:ro \
   -e OS_CLOUD=openstack_helm \
-   docker.io/openstackhelm/heat:ocata openstack "$@"
+   quay.io/airshipit/porthole-openstack-utility:latest-ubuntu_focal openstack "$@"