From 82467b9453cd0692e0696d7c153c8c226e60238d Mon Sep 17 00:00:00 2001
From: Evgeny L <eli@mirantis.com>
Date: Wed, 12 Jun 2019 19:38:29 +0000
Subject: [PATCH] [aiab] Add a site linting gate to Zuul

Lint site manifests for Airship in a Bottle when publishing
and merging patches.

The patch adds a pre-run step that generates a new set of
certificates that is required for the validation.

Change-Id: Iebd23dacb424953b95527dd90938f6b6aba93c21
---
 .zuul.yaml                                    | 22 +++++++++++++
 .../deployment/aiab/common/deploy-airship.sh  |  7 +++--
 tools/gate/playbooks/generate-certs.yaml      | 31 +++++++++++++++++++
 3 files changed, 58 insertions(+), 2 deletions(-)
 create mode 100644 tools/gate/playbooks/generate-certs.yaml

diff --git a/.zuul.yaml b/.zuul.yaml
index 3ab8bab7b..54d4550bd 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -21,12 +21,14 @@
         - treasuremap-seaworthy-site-lint
         - treasuremap-airskiff-site-lint
         - treasuremap-airsloop-site-lint
+        - treasuremap-aiab-site-lint
         - treasuremap-airskiff-deployment-ubuntu
     gate:
       jobs:
         - treasuremap-seaworthy-site-lint
         - treasuremap-airskiff-site-lint
         - treasuremap-airsloop-site-lint
+        - treasuremap-aiab-site-lint
         - treasuremap-airskiff-deployment-ubuntu
     post:
       jobs:
@@ -67,6 +69,7 @@
       - ^doc/.*$
       - ^site/airskiff/.*$
       - ^site/airsloop/.*$
+      - ^site/aiab/.*$
 
 - job:
     name: treasuremap-airskiff-site-lint
@@ -80,6 +83,7 @@
       - ^doc/.*$
       - ^site/seaworthy/.*$
       - ^site/airsloop/.*$
+      - ^site/aiab/.*$
 
 - job:
     name: treasuremap-airsloop-site-lint
@@ -93,6 +97,23 @@
       - ^doc/.*$
       - ^site/seaworthy/.*$
       - ^site/airskiff/.*$
+      - ^site/aiab/.*$
+
+- job:
+    name: treasuremap-aiab-site-lint
+    description: |
+      Lint the aiab site using Pegleg.
+    parent: treasuremap-site-lint
+    pre-run:
+      - tools/gate/playbooks/generate-certs.yaml
+    vars:
+      site: aiab
+    irrelevant-files:
+      - ^.*\.rst$
+      - ^doc/.*$
+      - ^site/seaworthy/.*$
+      - ^site/airskiff/.*$
+      - ^site/airsloop/.*$
 
 - job:
     name: treasuremap-airskiff-deployment-ubuntu
@@ -111,6 +132,7 @@
       - ^doc/.*$
       - ^site/seaworthy/.*$
       - ^site/airsloop/.*$
+      - ^site/aiab/.*$
 
 - secret:
     name: airshipit-github-secret
diff --git a/tools/deployment/aiab/common/deploy-airship.sh b/tools/deployment/aiab/common/deploy-airship.sh
index 9d5651450..76524f789 100755
--- a/tools/deployment/aiab/common/deploy-airship.sh
+++ b/tools/deployment/aiab/common/deploy-airship.sh
@@ -161,8 +161,10 @@ function install_dependencies() {
 }
 
 function run_pegleg_collect() {
-  # Runs pegleg collect to get the documents combined
   pushd ${WORKSPACE}
+  # Make sure certificates generated during prior runs are deleted.
+  rm -f treasuremap/site/${TARGET_SITE}/secrets/certificates.yaml
+  # Run pegleg collect to get the documents combined.
   ${PEGLEG} site -r /target/treasuremap collect ${TARGET_SITE} -s /target/collected
   popd
 }
@@ -182,7 +184,7 @@ function generate_certs() {
   # Generate certificates
   ${PROMENADE} generate-certs -o /target/genesis /target/genesis/treasuremap.yaml
   # Copy the generated certs back into the deployment_files structure
-  cp genesis/certificates.yaml treasuremap/site/${TARGET_SITE}/secrets
+  cp genesis/certificates.yaml treasuremap/site/${TARGET_SITE}/secrets/
   popd
 }
 
@@ -250,6 +252,7 @@ function setup_deploy_site() {
   cp ${WORKSPACE}/genesis/*.yaml ${WORKSPACE}/site
   print_shipyard_info2
 }
+
 function print_shipyard_info2() {
   set +x
   echo " "
diff --git a/tools/gate/playbooks/generate-certs.yaml b/tools/gate/playbooks/generate-certs.yaml
new file mode 100644
index 000000000..2a15e1779
--- /dev/null
+++ b/tools/gate/playbooks/generate-certs.yaml
@@ -0,0 +1,31 @@
+# Copyright 2019 AT&T Intellectual Property.  All other rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- hosts: ubuntu-xenial
+  tasks:
+    - name: Generate site certificates
+      shell: |
+        set -xe;
+        SITE="{{ site }}"
+
+        mkdir collected
+        ./tools/airship pegleg site \
+          -r . collect ${SITE} \
+          -s /target/collected
+        ./tools/airship promenade generate-certs \
+          -o /target/site/${SITE}/secrets \
+          /target/collected/treasuremap.yaml
+      args:
+        chdir: "{{ zuul.project.src_dir }}"
+      become: yes