We need to expose our public keys for secrets.
Change-Id: I3d80aaa008b3b0d18f6e8a6bc479352eb9c076d7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
It doens't have any other dependencies, but it's an optional depend for
Zuul itself, because plugins. Install it for the scheduler. Also,
provide an option flag to enable it.
Change-Id: I4cad419598ffefcdca5161664c6d073da37fb42f
github and mysql connections both contain secret data that is not
appropriate for public hiera. Create a second list of data that can go
into private hiera. If it's found, it will be added to the connection
config.
Change-Id: I265b445cfbf4b6d4555621e3663e71e9a0f85813
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We don't yet have socket support for zuul-web, revert to default way
of doing this.
Change-Id: I2ec2c928c43def839d0ba8a212135d5414da9a52
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
The console-stream URL needs to be talked to over ws:// to make sure the
WebSocket upgrade headers are sent.
Change-Id: I38f1f0b0f05403b9a47acdf88d5d8059f9af6295
We haven't added socket support yet to zuulv3, revert to the original
way of using SIGHUP for reloading zuul-scheduler.
Change-Id: Id466ccb28ea37a3b7171237e98ea08c8db7199cd
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Zuul v3 has a zuul-web service that provides web streaming and
eventually other web content. Add support for running it. Also add it to
the Apache mod_rewrite proxy info.
While we're adding things, add proxy info for plugin connections, which
should allow receiving github webhook events.
Change-Id: Ic79681b287dbd1a44469da70c680060940734f40
This reduces the log noise from gerrit -- we won't automatically
log all of the JSON values we get.
Change-Id: Ibfec14211f8c644a9c1e9104a96df5f47d5430ff
Without this patch, the SysV init scripts defined in this module will
not be recognized by systemd and puppet will fail to enable the
services. This is because between installing the init script and
starting the service, systemd needs to be reloaded. This patch adds a
new class to define the systemd reload. The conditional logic for
whether the reload exec should be in the catalog is defined in the
class. Then the file and service resources that depend on the reload
define their relationships to the new class rather than to the exec
resource so that the conditional logic does not have to be repeated for
every resource.
We also need to correct a bug in the init scripts themselves. The
Provides statement needs to give a unique service name, not just 'zuul'.
If it is not unique, insserv will error with "service zuul already
provided!" when systemd tries to enable the service.
Change-Id: Ica849094c6011806bdd0b205ba6b2b73856b7aa6
The previous patch incorrect add the SSL contents to zuul.conf, we
actually want the file path.
Change-Id: If1f9e9d333d23d22a9f3e2aa320b1b5cd1642d91
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Add a xenial nodeset and update the spec helper to install puppet 3 from
the Ubuntu repos instead of from puppetlabs.
Change-Id: I2c17666694ab95ea13a636e5939d507bf860df2b
With zuulv3 we have created per tenant status.json files. Expose this
to allow us to properly configure the 'openstack' tenant for the
webui.
Change-Id: I866e4ffa90930a44b4cdac5a48e7034bb0d6398d
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We didn't properly create our init script before, rebase from existing
zuul.init script.
We also need to add systemctl daemon-reload for scheduler / executor,
as we run them under xenial currently.
Change-Id: I0df2720750737fa7220c04a6d2d6506a45e2761e
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
zuul-executor will drop privileges to the zuul user.
Change-Id: I8f717a693e50a7e99c6d906860419161effc4718
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This is part of our zuulv3 effort. We want the ability to manage
zuul-executor on a server.
Change-Id: Iddac03a7187df47d2c72d957a50610f8b6a1dff5
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Rather then updating the existing zuul.conf.erb file, create a new
zuulv3.conf.erb specific to zuulv3. Add new settings for tennant /
zookeeper configurations.
Change-Id: I6d0ec2ef2d1b0c86fdcd06bfca01c02a6fffa7f3
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We need to ssl and ffi development libraries to properly compile
ansible. Now a dependency of zuulv3.
Change-Id: If7f64b9e74aaf5f0611343b9d323ae92c42be865
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Support using pip3 binary to install python applications under
python3.
Change-Id: I943e5cbcc55a09edb9431298e3f0a17e2aef5acf
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
The fixed 'gerrit' and 'smtp' connection entries are deprecated.
We should allow users to pass in any connection information and
write that to the config file.
Change-Id: I4ebb7cd6b64d1854cd2e8e6e146572330558864c
In order to address a dependency installation issue around PBR
version capping, update to the stable point release of
jenkins-job-builder which solves that problem.
Change-Id: I999e9490217ef3f03cee46b7843fedf53230d230
This is a halfway step to adding an explicit zuul::scheduler manifest to
run the zuulv3 scheduler daemon.
Change-Id: I99302505c4055559ee0ee09c42e69673aff57e97
This undoes the previous hacks that were used to install the 2.1.4 RC
and installs the new 2.1.4 release from pypi proper. This is just a
saner way to do package installation than the hack needed to install the
RC.
Change-Id: Ib2cecce5a629c866092370a1a0cf6cbf6e4194f4
This installs ansible 2.1.4.0 RC1 which includes some useful bug fixes
on the zuul launchers. Note that we couldn't easily use the pip package
provider for this beacuse ansible does not publish ansible RCs to pypi.
So we replace the package resource with an exec that invokes pip
directly to do what we want.
Change-Id: If49a64540258b3a7a7be4df7e86e23b14e019c52
This is needed for our AFSDocs migration to zuul-launcher.
Change-Id: Ia8f756c8482536a67f12ca5d76f3037d33055182
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This version of JJB has what we need, and since we're using an
internal API, probably best to stick with it for now.
Change-Id: I733d479539ef86dd315afe0279113a58995c33d6
This includes the fixes we are running in our forked version plus
more!
Change-Id: I95ba59c13ce1a0f6db49017e3561b393ddfd0ee5
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This is needed now for zuul_log with adds type=raw.
See: Icb4d20e3ef0166eb43b1b45aec049040813b5d37 which exposes this
issue.
{"changed": false, "failed": true, "msg": "implementation error:
unknown type raw requested for msg"}
Change-Id: I1ba1fc21d2a7b3f73aca73adf72fe3a1f2903af1
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
A new zuul.conf setting to check if jobs are registered with gearman
or not.
Change-Id: I745ef2342d8feb1695ce0b0d034caf428d6bef4f
Depends-On: I06f2221770e04f958ce7ac4cfe8d5d92d7164cac
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
