The opendev project has been moving away from puppet and this is one of
the puppet modules that is no longer used. To simplify things for us we
are taking the extra step of retiring this repo.
Change-Id: I1d3a8a3999e75be00844a314fa7f52c37e28f9d4
Addition of Zuul v3 initscripts raced the dynamic pidfile directory
creation fix Idfd5d19e5171278b9bb7005edb4ae927a01f3615. Port it to
them so that if the PIDFILE variable is overridden for a custom
path, we create the correct parent directory.
Change-Id: I3af4e0eb280eed5dfeab909ad4e3fb24ede75a5a
We need to communicate to apache vhost config that we want LE certs to
be used in some cases. Add a vhosts_flags flag to signal this then plumb
the correct data into the vhost when set.
Note this requires the vhost name and the le cert name to match as that
is our mapping between puppet and ansibe here.
Change-Id: I40131525c10152ebb0a7495588f137e3c019bbc5
ARA 1.0 will be released in the near future and isn't backwards
compatible. Pin it so it doesn't break things unexpectedly.
Change-Id: I6e239bb4b445163a3f0dd8c7557119b057da4ff0
The objgraph library is used to grab object counts for memory leak
detection. We already have this installed on zuul01, but that appears
to have been done manually. This cements the install.
Since puppet-nodepool requires the same packages (yappi and objgraph),
wrap both of the installs in a conditional check to prevent puppet
errors about being defined in multiple places.
Change-Id: I63ab5a21f7b98341bb203883f40c2df5404687ba
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.
This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.
This update should result in no functional change.
For more information see the thread at
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html
Change-Id: Ic33f4903f6ca065b733960e3c476f591d5774044
There are two deployment options for the new multi-ansible support:
the executor can install Ansible on startup (the default), or we
can pre-install ansible when we install Zuul, so that it's ready
for the next executor restart. This change implements the latter.
Change-Id: I0c75724b4376f68128590eaabdd8a10ed63dcda0
The user field no longer has a default, so if we want fingergw
to drop root privs, we need to set it.
Change-Id: I0bd16cbd23a30d2c643d1ac1840868e63f7adb4e
This updates the status_backups resource definition to allow for
specific uris to be set. This allows you to do per tenant backups
without tenant white labeling in the web server.
Change-Id: Ia94a16ef8b2a1069b9265bae2773cd323ac9a188
We want the t/ prefix to survive to requests to the backend when we are
hosting a global tenant UI. This rewrite appears to be causing 404s when
/t/tenant/status is rewritten to /tenant/status.
The upstream docs [0] also don't include this rewrite.
[0] https://zuul-ci.org/docs/zuul/admin/installation.html#static-offload
Change-Id: Id8f94581b9a1c8a383c7a0d40fb89ce49c50b2e3
FreeBSD libc's malloc implementation, jemalloc, performs better than
glibc's for some tasks. In the case of our Zuul executors, we've
seen useful improvements in memory efficiency. Update the Puppet
module to install the libjemalloc1 package on Zuul executor servers
and export the necessary LD_PRELOAD envvar to use it when launching
executor daemons.
Change-Id: I8d8de3c118bd09d408b23a16482f71198a1232fc
We are figuring out some github API interaction slowness and additional
api logging will help tremendously.
Change-Id: I80959b31d0fb8200a924d689e1bc27b9cde0ca31
This updates the zuul web config to manage both global web server and
whitelabeled per tenant webserver configs. A new set of config hashes is
introduced to do this. For backward compatibility we construct the
hashes from existing parameters if the new hashes are unset.
Change-Id: Ie8ba46111530e74b8b1d0ec1746df2e09754fe67
This change also removes backward compat /status rewrite
The new URL scheme actually uses /status for the status page,
and it should be rewritten to the index.html below instead.
Change-Id: I7ff5a8387ec6fb65bda55d3233b670180682d08d
This reverts commit ff1f91895df54c701da778e5de16f8237a058008.
See https://review.openstack.org/606611 which reverted the react
rewrite.
Change-Id: I41f12b0733a7ba3f0dfff265f806f3562879a160
This change makes the ProxyPass rewrites Last to stop as soon as they
match. Then any requests that doesn't match a file is served the
index.html.
Depends-On: https://review.openstack.org/591604
Change-Id: I363c2c4d3924074c8ff5c7fd9a410e357ed71b5d
This is no longer needed as if zuul is properly configured, will
create / delete the pidfile directly.
Change-Id: I51e100a293411695a31d438b5450e52498df7800
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This is to deal with pip10 issue around python-yaml.
| Jul 23 16:52:29 ze11 puppet-user[14344]: (/Stage[main]/Zuul/Exec[install_zuul]/returns) Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
Change-Id: I3f7b209f4b8b5ed7f826369c9f8ad171cb530925
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
PyYAML is already a dependency of zuul, so the distro package doesn't
need to be installed. This attempts to clean pip10 issues with OS
packages.
Change-Id: Ia17aa61ab3c153c82aeae7b99747d142dd75ff61
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
The logic in the Gemfile was relying on Zuulv2 variables to find out
whether the spec helper gem was already available on disk, and since
Zuulv3 has changed things it was failing to find it and downloading the
master version instead. This patch ensures the Gemfile looks for the gem
in the right place when running in CI.
Change-Id: I8d7185268ccde4d7fac867d9b92101294d1871bb
These are used by the zuul.conf template to write the zuul-web
configuration. The template compares the values to the empty string
to decide if they should be written, since they are undefined, they
are always written, but with no value. This adds them to the class
with empty-string defaults which should cause them to not appear in
the config file unless needed.
Change-Id: I065d18a0743179cb2c9827a8e6b1b70c169d9199
Dynamic scoping for variables in ERB templates was removed in puppet
4[1] which means that the variables defined in the zuul and zuul::web
classes cannot be found when it is referenced in the httpd::vhost
defined type and will be evaluated as nil when puppet runs. Use
scope.lookupvar instead to be explicit about the variable's source.
[1] https://puppet.com/docs/puppet/4.10/lang_updating_manifests.html#dynamic-scoping-in-erb
Change-Id: I321cc7215387723c787ebc5d359b27866da26995
Without this patch, puppet 4 apply tests can't find the mod defined type
and fail with:
Evaluation Error: Resource type not found: Mod at /etc/puppetlabs/code/modules/zuul/manifests/web.pp:284:15
This patch ensures the resource reference is namespaced just like all
the other resource references in the manifest already are.
Change-Id: Iac45cd1fe28fa9cb42751d2d879224ddc7f255ce
Commit 0c3b8fb96 of zuul added a dependency on fb-re2 which requires the
libre2-dev package to build. Ensure the puppet module installs it.
Change-Id: I5e66a5a2176012663add76ea5d68a22b04b93cf9
There is no such default fact as 'operatingsystemmajversion'. On puppet
3, this would not raise an error, but on puppet 4 this causes an error
when used in the versioncmp function which expects a string and not
undef. The correct name of the fact is 'operatingsystemmajrelease'.
Change-Id: Iafc4554cffd4a5406535e00e158af7bd04ca2f13
The previous layout meant we couldn't really do apache offloading of
static content and instead were proxying them to the aiohttp server.
The new update moves api calls below /api. Update the rewrite rules to
deal with this. Also, update the document root to point to where we
deploy the zuul dashboard so that it's picked up by apache.
This also updates the apache config to work for non-whitelabeled deploys
as well.
Depends-On: https://review.openstack.org/556967
Change-Id: I6e662e7bc97de96969828801bcb18c5f354965c5
In v3, we need to be able to use some variables from zuul/web.pp in the
vhost template, but the vhost is created in ::zuul because of how v2
worked.
Split the config, and split where we're defining it so that in the next
patch we can make use of variables from zuul/web.pp.
Change-Id: I3e1c72bb773be050854f5563d09f6c19af8bc6dc
Depends-On: https://review.openstack.org/557085
In the next patch we'll start using them, but we need to be able to add
them to system-config so that the acceptance tests will run.
Add the parameters but don't do anything with them yet.
Change-Id: I4a2062fc35f8861267f8b8ce3e6d0e9f1d6cffdc
Other packages, such as bup (for backups) depend on this, so removing
it also removes them. Just leave it alone.
Change-Id: I4d3d69f943cf5f625ff1d2af475e6a6ed0dfa411
With the update to the use of yarn/webpack for the zuul-web javascript
stack, there is now a pre-built tarball of the web assets. Update the
code to use it.
An alternative to this approach would be to install nodejs and yarn on
the machine and just do a pip install . in the zuul source dir which
would also work ... but since there is an option that doesn't require
the need to run the build tools, why not use it?
Because spec/acceptance/fixtures/default.pp is hard-coded to the
zuulv3 install path, we can remove the now unnecessary checks from it.
Move the status backups to /var/lib/zuul/backup, instead of www/backup
as the www directory no longer exists. Also remove it as the
documentroot.
Depends-On: https://review.openstack.org/547790
Change-Id: Ib88b48ddea26ef5d8d0d152774112844b180f77e
The match ^/jobs doesn't have an ending anchor, so it matches /jobs
and /jobs.html - which makes the url
https://zuul.openstack.org/jobs.html return JSON. While the JSON is
valid job data, raw JSON is less pleasant for a human to read than HTML
(go figure)
Move the less specific entries to after the more specific entries.
Change-Id: I80f7fbe54d96cc151ef8da28465445f93092aadd
Zuul is about to remove .json suffixes from the REST endpoints. Update
the puppet to deal with that.
Change-Id: Ic1df0c01eec57f163ce332518ebc560e77b92bf3
Depends-On: https://review.openstack.org/537010
OpenStack white-labels the dashboard specifically at the OpenStack
level, but there are some URLs, like the github connection payload
webhook receiver, that are global and not per-tenant. It's conceivable
that we might want to add richer support for single-tenant whitelabels
as well.
Change-Id: I03ea09e86168ed4e896f74db1b715131ad61f600
