Airskiff updates

This PS provides the following changes:

- updates ssh host key for github upload zuul job;
- updates global manifests to use locally built charts.

Change-Id: I1e60f08a2460ce528bb686f39cbb44888b936211

.zuul.yaml

@@ -210,11 +210,11 @@
 #       - ^site/aiab/.*$
 
 - secret:
-    name: airshipit-github-secret
+    name: airshipit-github-secret-2023-03-23
     data:
       user: git
       host: github.com
-      host_key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==
+      host_key: github.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=
       ssh_key: !encrypted/pkcs1-oaep
         - QhMLTtGvYN+GvEF28brcFNk3/2mXVea9ZoPU4SqUvqy+T/0kdpGZ8RZkZ9mr6Odsl/WJl
           K3n6ct6VYv0l6kCjSLYZd2BcNXTebFEYAAPAhpaUavltMiW1pv/U+1VV1e8Ry6YQWiGII
@@ -265,6 +265,6 @@
       git_mirror_repository: airshipit/treasuremap
     secrets:
       - name: git_mirror_credentials
-        secret: airshipit-github-secret
+        secret: airshipit-github-secret-2023-03-23
         pass-to-parent: true
 

global/software/charts/kubernetes/container-networking/calico.yaml

@@ -146,28 +146,4 @@ data:
       daemonset_calico_etcd: false
       job_image_repo_sync: false
       service_calico_etcd: false
-  dependencies:
-    - calico-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: calico-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.calico.calico-htk
-      dest:
-        path: .source
-data:
-  chart_name: calico-htk
-  release: calico-htk
-  namespace: calico-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/container-networking/etcd.yaml

@@ -109,28 +109,4 @@ data:
         name: service_peer
         port: 6667
         target_port: 6667
-  dependencies:
-    - kubernetes-calico-etcd-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-calico-etcd-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.calico.etcd-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-calico-etcd-htk
-  release: kubernetes-calico-etcd-htk
-  namespace: kubernetes-calico-etcd-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/core/apiserver.yaml

@@ -171,28 +171,4 @@ data:
           plugins:
           - name: EventRateLimit
             path: eventconfig.yaml
-  dependencies:
-    - kubernetes-apiserver-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-apiserver-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.apiserver-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-apiserver-htk
-  release: kubernetes-apiserver-htk
-  namespace: kubernetes-apiserver-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/core/controller-manager.yaml

@@ -111,28 +111,4 @@ data:
       - --pod-eviction-timeout=60s
     network:
       kubernetes_netloc: 127.0.0.1:6553
-  dependencies:
-    - kubernetes-controller-manager-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-controller-manager-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.controller-manager-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-controller-manager-htk
-  release: kubernetes-controller-manager-htk
-  namespace: kubernetes-controller-manager-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/core/scheduler.yaml

@@ -68,28 +68,4 @@ data:
   values:
     network:
       kubernetes_netloc: 127.0.0.1:6553
-  dependencies:
-    - kubernetes-scheduler-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-scheduler-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.scheduler-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-scheduler-htk
-  release: kubernetes-scheduler-htk
-  namespace: kubernetes-scheduler-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/dns/coredns.yaml

@@ -112,41 +112,4 @@ data:
       coredns:
         node_selector_key: kube-dns
         node_selector_value: enabled
-
-  dependencies:
-    - coredns-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: coredns-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.coredns-htk
-      dest:
-        path: .source
-data:
-  chart_name: coredns-htk
-  release: coredns-htk
-  namespace: coredns-htk
-  values:
-    pod:
-      # TODO: replicas can be removed once we switch coredns to
-      # DaemonSet-only.  It will be deployed with both DaemonSet
-      # and Deployment-managed pods as we transition to DaemonSet.
-      replicas:
-        coredns: 2
-    manifests:
-      daemonset: true
-      # TODO: `deployment` can be set to false once we switch coredns to
-      # DaemonSet-only.  It will be deployed with both DaemonSet
-      # and Deployment-managed pods as we transition to DaemonSet.
-      deployment: true
-  dependencies: []
 ...

global/software/charts/kubernetes/etcd/etcd.yaml

@@ -110,28 +110,4 @@ data:
         name: service_peer
         port: 2380
         target_port: 2380
-  dependencies:
-    - kubernetes-etcd-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-etcd-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.etcd-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-etcd-htk
-  release: kubernetes-etcd-htk
-  namespace: kubernetes-etcd-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/haproxy/haproxy.yaml

@@ -84,28 +84,4 @@ data:
                   - option tcpka
                   - option tcp-check
                   - option redispatch
-  dependencies:
-    - haproxy-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: haproxy-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.haproxy-htk
-      dest:
-        path: .source
-data:
-  chart_name: haproxy-htk
-  release: haproxy-htk
-  namespace: haproxy-htk
-  values: {}
-  dependencies: []
 ...

global/software/charts/kubernetes/ingress/ingress.yaml

@@ -62,27 +62,4 @@ data:
       replicas:
         ingress: 1
         error_page: 1
-  dependencies:
+...
-    - ingress-kube-system-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: ingress-kube-system-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.ingress-htk
-      dest:
-        path: .source
-data:
-  chart_name: ingress-kube-system-htk
-  release: ingress-kube-system-htk
-  namespace: ingress-kube-system-htk
-  values: {}
-  dependencies: []

global/software/charts/kubernetes/proxy/kubernetes-proxy.yaml

@@ -68,27 +68,4 @@ data:
     livenessProbe:
       whitelist:
         - tiller-deploy
-  dependencies:
-    - kubernetes-proxy-htk
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: kubernetes-proxy-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.kubernetes.proxy-htk
-      dest:
-        path: .source
-data:
-  chart_name: kubernetes-proxy-htk
-  release: kubernetes-proxy-htk
-  namespace: kubernetes-proxy-htk
-  dependencies: []
 ...

global/software/charts/osh/openstack-memcached/memcached.yaml

@@ -55,29 +55,4 @@ data:
       server:
         node_selector_key: openstack-control-plane
         node_selector_value: enabled
-  dependencies:
-    - memcached-htk
-...
----
-schema: armada/Chart/v1
-metadata:
-  schema: metadata/Document/v1
-  name: memcached-htk
-  layeringDefinition:
-    abstract: false
-    layer: global
-  storagePolicy: cleartext
-  substitutions:
-    - src:
-        schema: pegleg/SoftwareVersions/v1
-        name: software-versions
-        path: .charts.osh.memcached-htk
-      dest:
-        path: .source
-data:
-  chart_name: memcached-htk
-  release: memcached-htk
-  namespace: memcached-htk
-  values: {}
-  dependencies: []
 ...

global/software/config/versions.yaml

@@ -3,106 +3,46 @@ data:
   charts:
     kubernetes:
       apiserver:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/apiserver.tgz
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
+        subpath: apiserver
-        subpath: charts/apiserver
+        type: tar
-        type: git
-      apiserver-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       calico:
         calico:
-          location: https://opendev.org/openstack/openstack-helm-infra
+          location: http://control-plane.minikube.internal:8282/calico.tgz
-          reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
+          subpath: etcd
-          subpath: calico
+          type: calico
-          type: git
-        calico-htk:
-          location: https://opendev.org/openstack/openstack-helm-infra
-          reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-          subpath: helm-toolkit
-          type: git
         etcd:
-          location: https://opendev.org/airship/promenade
+          location: http://control-plane.minikube.internal:8282/etcd.tgz
-          reference: 64807416b71958e31156ef7a50e169813acc4e15
+          subpath: etcd
-          subpath: charts/etcd
+          type: tar
-          type: git
-        etcd-htk:
-          location: https://opendev.org/openstack/openstack-helm-infra
-          reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-          subpath: helm-toolkit
-          type: git
       controller-manager:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/controller_manager.tgz
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
+        subpath: controller_manager
-        subpath: charts/controller_manager
+        type: tar
-        type: git
-      controller-manager-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       coredns:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/etcd.tgz
-        reference: 2125b61b5769e1bc85707ff39f7566d42e49023a
+        subpath: etcd
-        subpath: charts/coredns
+        type: tar
-        type: git
-      coredns-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 2125b61b5769e1bc85707ff39f7566d42e49023a
-        subpath: helm-toolkit
-        type: git
       etcd:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/coredns.tgz
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
+        subpath: coredns
-        subpath: charts/etcd
+        type: tar
-        type: git
-      etcd-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       haproxy:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/haproxy.tgz
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
+        subpath: haproxy
-        subpath: charts/haproxy
+        type: tar
-        type: git
-      haproxy-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       ingress:
-        location: https://opendev.org/openstack/openstack-helm-infra
+        location: http://control-plane.minikube.internal:8282/ingress.tgz
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
         subpath: ingress
-        type: git
+        type: tar
-      ingress-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       proxy:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/proxy.tgz
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
+        subpath: proxy
-        subpath: charts/proxy
+        type: tar
-        type: git
-      proxy-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       scheduler:
-        location: https://opendev.org/airship/promenade
+        location: http://control-plane.minikube.internal:8282/scheduler.tgz
-        reference: 64807416b71958e31156ef7a50e169813acc4e15
+        subpath: scheduler
-        subpath: charts/scheduler
+        type: tar
-        type: git
-      scheduler-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
     osh:
       barbican:
         location: https://opendev.org/openstack/openstack-helm
@@ -140,10 +80,9 @@ data:
         subpath: helm-toolkit
         type: git
       helm_toolkit:
-        location: https://opendev.org/openstack/openstack-helm-infra
+        location: http://control-plane.minikube.internal:8282/helm-toolkit.tgz
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
         subpath: helm-toolkit
-        type: git
+        type: tar
       horizon:
         location: https://opendev.org/openstack/openstack-helm
         reference: 536eaed62d55eca694eaae0c50df910dbb55fff7
@@ -195,15 +134,9 @@ data:
         subpath: helm-toolkit
         type: git
       memcached:
-        location: https://opendev.org/openstack/openstack-helm-infra
+        location: http://control-plane.minikube.internal:8282/memcached.tgz
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
         subpath: memcached
-        type: git
+        type: tar
-      memcached-htk:
-        location: https://opendev.org/openstack/openstack-helm-infra
-        reference: 97ce6d7d8e9a090c748800d69a57bbd9af698b60
-        subpath: helm-toolkit
-        type: git
       neutron:
         location: https://opendev.org/openstack/openstack-helm
         reference: 536eaed62d55eca694eaae0c50df910dbb55fff7

tools/deployment/airskiff/developer/030-armada-bootstrap.sh

@@ -33,12 +33,6 @@ KUBE_CONFIG_PERMISSIONS=$(stat --format '%a' ~/.kube/config)
 sudo chmod 0644 airskiff.yaml
 # sudo chmod 0644 ~/.kube/config
 
-# start http server with artifacts
-docker rm artifacts --force || true
-docker run --name artifacts -p 8282:80 -v $(pwd)/../artifacts:/usr/share/nginx/html -d nginx
-sleep 10
-curl --verbose -I http://control-plane.minikube.internal:8282/ingress.tgz
-
 # Download latest Armada image and deploy Airship components
 docker run --rm --net host -p 8000:8000 --name armada \
     -v ~/.kube/config:/armada/.kube/config \

tools/deployment/airskiff/developer/100-deploy-osh.sh

@@ -24,15 +24,7 @@ set -xe
 : "${PL_SITE:="airskiff"}"
 
 # Source OpenStack credentials for Airship utility scripts
-. tools/deployment/airskiff/common/os-env.sh
+source ./tools/deployment/airskiff/common/os-env.sh
-
-
-# start http server with artifacts
-docker rm artifacts --force || true
-docker run --name artifacts -p 8282:80 -v $(pwd)/../artifacts:/usr/share/nginx/html -d nginx
-sleep 10
-curl --verbose -I http://control-plane.minikube.internal:8282/ingress.tgz
-
 
 # NOTE(drewwalters96): Disable Pegleg linting errors P001 and P009; a
 #  a cleartext storage policy is acceptable for non-production use cases

tools/gate/playbooks/airskiff-deploy-gate.yaml

@@ -52,6 +52,18 @@
         chdir: "{{ zuul.project.src_dir }}"
       become: yes
 
+    - name: Start artifactory
+      shell: |
+        set -ex
+        # start http server with artifacts
+        docker rm artifacts --force || true
+        docker run --name artifacts -p 8282:80 -v $(pwd)/../artifacts:/usr/share/nginx/html -d nginx
+        sleep 10
+        curl --verbose -I http://control-plane.minikube.internal:8282/memcached.tgz
+      args:
+        chdir: "{{ zuul.project.src_dir }}"
+      become: yes
+
     - name: Deploy Airship components using Armada
       shell: |
         set -ex
@@ -80,3 +92,12 @@
       args:
         chdir: "{{ zuul.project.src_dir }}"
       become: yes
+
+    - name: Stop artifactory
+      shell: |
+        set -ex
+        # terminate artifactory
+        docker rm artifacts --force || true
+      args:
+        chdir: "{{ zuul.project.src_dir }}"
+      become: yes

tools/openstack

@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Utility to execute OpenStack CLI using Heat container.
+# Utility to execute OpenStack CLI using utility container.
 # This is an example, and should be adjusted to ones needs.
 #
 # Usage: openstack endpoint list
@@ -37,5 +37,5 @@ exec sudo docker run --rm ${TERM_OPTS} --net host \
    -v $(pwd):/target \
    -v ${OS_CLOUD_CFG}:/etc/openstack/clouds.yaml:ro \
    -e OS_CLOUD=openstack_helm \
-   docker.io/openstackhelm/heat:ocata openstack "$@"
+   quay.io/airshipit/porthole-openstack-utility:latest-ubuntu_focal openstack "$@"