opendev/system-config
Code Issues Proposed changes

Merge "Migrate codesearch site to container"

Browse Source
This commit is contained in:
Zuul 2020-11-19 22:26:12 +00:00 committed by Gerrit Code Review
commit 1b16dae681
28 changed files with 419 additions and 215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/source/codesearch.rst
View File

@ -5,31 +5,29 @@
Code Search Code Search
########### ###########
The `Hound <https://github.com/etsy/Hound>`_ code search engine is deployed in The `Hound <https://github.com/hound-search/hound>`_ code search
our infrastructure to service all OpenStack repositories. engine is deployed in our infrastructure to service all OpenStack
repositories.
At a Glance At a Glance
=========== ===========
:Hosts: :Hosts:
* http://codesearch.openstack.org * http://codesearch.opendev.org
:Puppet: :Puppet:
* https://opendev.org/opendev/puppet-hound * :git_file:`playbooks/roles/codesearch`
* :git_file:`modules/openstack_project/manifests/codesearch.pp`
:Projects: :Projects:
* https://github.com/etsy/Hound * https://github.com/hound-search/hound
:Bugs: :Bugs:
* https://storyboard.openstack.org/#!/project/748 * https://storyboard.openstack.org/#!/project/748
* https://github.com/etsy/Hound/issues
:Resources: :Resources:
* `Hound README <https://github.com/etsy/hound/blob/master/README.md>`_ * `Hound README <https://github.com/hound-search/hound/blob/master/README.md>`_
Overview Overview
======== ========
Hound is configured to read projects from a config.json file that is Hound is configured to read projects from a config.json file that is
automatically generated from the Gerrit projects.yaml, defined in the automatically generated from the Gerrit projects.yaml
$::project_config::jeepyb_project_file variable in Puppet.
Maintenance Maintenance

37
docker/hound/Dockerfile Normal file
View File

@ -0,0 +1,37 @@
# Copyright (c) 2020 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FROM docker.io/opendevorg/python-base:3.8
ENV GOPATH /go
RUN apt-get update \
&& apt-get install -y curl golang git
RUN go get github.com/hound-search/hound/cmds/...
RUN pip install git+https://opendev.org/opendev/jeepyb#egg=jeepyb \
supervisor
RUN apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ADD supervisord.conf /etc/supervisor/conf.d/supervisord.conf
ADD start-container.sh /usr/bin/start-container
ADD update-hound-config.sh /usr/local/bin/update-hound-config
ADD resync-hound.sh /usr/local/bin/resync-hound
ADD sample-projects.yaml /var/run/sample-projects.yaml
ENTRYPOINT ["start-container"]

16
docker/hound/resync-hound.sh Executable file
View File

@ -0,0 +1,16 @@
#!/bin/bash
rc=0
update-hound-config || rc=$?
if [[ ${rc} == 2 ]]; then
echo "No project modified"
exit 0
elif [[ ${rc} == 0 ]]; then
echo "*** New projects found, restarting houndd"
supervisorctl restart houndd
else
echo "*** Unknown exit: ${rc}"
exit ${rc}
fi

15
docker/hound/sample-projects.yaml Normal file
View File

@ -0,0 +1,15 @@
- project: opendev/system-config
use-storyboard: true
groups:
- openstack-ci
description: System configuration for OpenStack Infrastructure
- project: openstack/project-config
use-storyboard: true
groups:
- openstack-ci
description: Configuration files for project CI systems
- project: zuul/zuul
use-storyboard: true
groups:
- zuul
description: The Gatekeeper, or a project gating system

9
docker/hound/start-container.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/sh
if [ $# -gt 0 ]; then
exec "$@"
else
if [ ! -f /var/run/config.json ]; then
update-hound-config;
fi
/usr/local/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
fi

19
docker/hound/supervisord.conf Normal file
View File

@ -0,0 +1,19 @@
[supervisord]
nodaemon = true
[supervisorctl]
[inet_http_server]
port = 127.0.0.1:9001
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
[program:houndd]
directory=/var/run
command=/go/bin/houndd -conf /var/run/config.json
logfile_maxbytes=0
stdout_logfile_maxbytes=0
stderr_logfile_maxbytes=0
stdout_logfile=/dev/stdout
stderr_logfile=/dev/stdout

34
docker/hound/update-hound-config.sh Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash -x
CONFIG_DIR=/var/run
PROJECTS_FILE_NAME=projects.yaml
CONFIG_FILE_NAME=config.json
PROJECTS_FILE=${CONFIG_DIR}/${PROJECTS_FILE_NAME}
CONFIG_FILE=${CONFIG_DIR}/${CONFIG_FILE_NAME}
PROJECT_CONFIG=https://opendev.org/openstack/project-config/raw/branch/master/gerrit/projects.yaml
pushd $CONFIG_DIR
# 2 signals nothing done, 0 means updated
_exit=2
if [ ${USE_HOUND_TEST_CONFIG:-} = 1 ]; then
PROJECTS_YAML=/var/run/sample-projects.yaml create-hound-config
exit 0
fi
curl -o ${PROJECTS_FILE}.tmp ${PROJECT_CONFIG}
md5sum ${PROJECTS_FILE}.tmp > ${PROJECTS_FILE}.tmp.md5
if [ ! -f ${PROJECTS_FILE} ] || \
! cmp --silent ${PROJECTS_FILE}.md5 ${PROJECTS_FILE}.tmp.md5; then
mv ${PROJECTS_FILE}.tmp ${PROJECTS_FILE}
mv ${PROJECTS_FILE}.tmp.md5 ${PROJECTS_FILE}.md5
PROJECTS_YAML=${PROJECTS_FILE} create-hound-config
_exit=0
fi
popd
exit $_exit

7
inventory/base/hosts.yaml
View File

@ -91,13 +91,6 @@ all:
region_name: DFW region_name: DFW
public_v4: 172.99.116.215 public_v4: 172.99.116.215
public_v6: 2001:4800:7821:105:be76:4eff:fe04:b9a5 public_v6: 2001:4800:7821:105:be76:4eff:fe04:b9a5
codesearch01.openstack.org:
ansible_host: 23.253.92.77
location:
cloud: openstackci-rax
region_name: DFW
public_v4: 23.253.92.77
public_v6: 2001:4800:7815:105:be76:4eff:fe04:5fdf
eavesdrop01.openstack.org: eavesdrop01.openstack.org:
ansible_host: 104.130.124.113 ansible_host: 104.130.124.113
location: location:

7
inventory/service/groups.yaml
View File

@ -56,7 +56,7 @@ groups:
cloud-launcher: cloud-launcher:
- bridge.openstack.org - bridge.openstack.org
codesearch: codesearch:
- codesearch[0-9]*.open*.org - codesearch[0-9]*.opendev.org
control-plane-clouds: control-plane-clouds:
- bridge.openstack.org - bridge.openstack.org
disabled: disabled:
@ -93,6 +93,7 @@ groups:
kdc: kdc:
- kdc[0-9]*.open*.org - kdc[0-9]*.open*.org
letsencrypt: letsencrypt:
- codesearch[0-9]*.opendev.org
- etherpad[0-9]*.opendev.org - etherpad[0-9]*.opendev.org
- gitea[0-9]*.opendev.org - gitea[0-9]*.opendev.org
- graphite[0-9]*.opendev.org - graphite[0-9]*.opendev.org
@ -143,7 +144,6 @@ groups:
- ask*.open*.org - ask*.open*.org
- backup[0-9]*.openstack.org - backup[0-9]*.openstack.org
- cacti[0-9]*.open*.org - cacti[0-9]*.open*.org
- codesearch[0-9]*.open*.org
- corvustest - corvustest
- eavesdrop[0-9]*.open*.org - eavesdrop[0-9]*.open*.org
- elasticsearch[0-9]*.open*.org - elasticsearch[0-9]*.open*.org
@ -178,7 +178,6 @@ groups:
- ask*.open*.org - ask*.open*.org
- ask-staging[0-9]*.open*.org - ask-staging[0-9]*.open*.org
- cacti[0-9]*.open*.org - cacti[0-9]*.open*.org
- codesearch[0-9]*.open*.org
- eavesdrop[0-9]*.open*.org - eavesdrop[0-9]*.open*.org
- elasticsearch[0-9]*.open*.org - elasticsearch[0-9]*.open*.org
- ethercalc[0-9]*.open*.org - ethercalc[0-9]*.open*.org
@ -234,7 +233,7 @@ groups:
webservers: webservers:
- ask*.open*.org - ask*.open*.org
- cacti[0-9]*.open*.org - cacti[0-9]*.open*.org
- codesearch[0-9]*.open*.org - codesearch[0-9]*.opendev.org
- eavesdrop[0-9]*.open*.org - eavesdrop[0-9]*.open*.org
- ethercalc[0-9]*.open*.org - ethercalc[0-9]*.open*.org
- etherpad[0-9]*.open*.org - etherpad[0-9]*.open*.org

5
inventory/service/host_vars/codesearch01.opendev.org.yaml Normal file
View File

@ -0,0 +1,5 @@
letsencrypt_certs:
codesearch01-opendev-org-main:
- codesearch01.opendev.org
- codesearch.opendev.org
- codesearch.openstack.org

5
manifests/codesearch.pp
View File

@ -1,5 +0,0 @@
# Node-OS: xenial
node /^codesearch\d*\.open.*\.org$/ {
$group = "codesearch"
class { 'openstack_project::codesearch': }
}

64
modules/openstack_project/files/resync-hound-config.sh
View File

@ -1,64 +0,0 @@
#!/bin/bash
# Copyright 2017 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
PROJECTS_YAML=${PROJECTS_YAML:-/etc/project-config/gerrit/projects.yaml}
REINDEX_LOCK=/var/www/hound/reindex.lock
TEMP_DIR=$(mktemp -d)
trap "rm -rf ${TEMP_DIR} EXIT"
pushd ${TEMP_DIR}
echo $(date)
echo "Starting hound config update"
# Generate the new config
PROJECTS_YAML=${PROJECTS_YAML} create-hound-config
# See if we need to update
NEW="$(md5sum config.json | awk '{print $1}')"
OLD="$(md5sum /home/hound/config.json | awk '{print $1}')"
if [[ ${NEW} == ${OLD} ]]; then
echo "Nothing to do"
exit 0
fi
echo "Recreating config"
# Move the new config into place
chown hound:hound config.json
chmod 0644 config.json
cp /home/hound/config.json /home/hound/config.json.bak
mv ./config.json /home/hound/config.json
# release the hounds
touch ${REINDEX_LOCK}
service hound stop
sleep 2
service hound start
# Hound takes a few minutes to go through all our projects. We know
# it's ready when we see it listening on port 6080
echo "Waiting for hound..."
while ! netstat -lnt | grep -q ':6080.*LISTEN\s*$' ; do
echo " ... still waiting"
sleep 5
done
rm ${REINDEX_LOCK}
echo "... done"

54
modules/openstack_project/manifests/codesearch.pp
View File

@ -1,54 +0,0 @@
# Class to configure hound on a node.
class openstack_project::codesearch {
class { 'hound':
manage_config => false,
}
include ::jeepyb
include ::logrotate
include ::pip
file { '/home/hound/config.json':
ensure => 'present',
}
file { '/usr/local/bin/resync-hound-config':
ensure => present,
owner => 'root',
group => 'root',
mode => '0755',
source => 'puppet:///modules/openstack_project/resync-hound-config.sh',
}
# Note: we could trigger this from project-config changes, but it
# does bring the service down for several minutes if something
# changes. Once a day should be enough.
cron { 'hound':
user => root,
hour => '4',
minute => '0',
command => 'flock -n /var/run/hound.sync.lock resync-hound-config >> /var/log/hound.sync.log 2>&1',
environment => [
'PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin',
"PROJECTS_YAML=/opt/project-config/projects.yaml",
],
require => [
File['/usr/local/bin/resync-hound-config'],
File['/home/hound/config.json'],
],
}
logrotate::file { 'hound-sync':
log => '/var/log/hound.sync.log',
options => [
'compress',
'copytruncate',
'missingok',
'rotate 7',
'daily',
'notifempty',
],
}
}

1
playbooks/roles/codesearch/README.rst Normal file
View File

@ -0,0 +1 @@
Run a hound container to index Opendev code

1
playbooks/roles/codesearch/defaults/main.yaml Normal file
View File

@ -0,0 +1 @@
codesearch_use_test_config: False

4
playbooks/roles/codesearch/handlers/main.yaml Normal file
View File

@ -0,0 +1,4 @@
- name: codesearch Reload apache2
service:
name: apache2
state: reloaded

78
playbooks/roles/codesearch/tasks/main.yaml Normal file
View File

@ -0,0 +1,78 @@
- name: Ensure docker-compose directory exists
file:
state: directory
path: /etc/hound-docker
- name: Write settings file
template:
src: docker-compose.yaml.j2
dest: /etc/hound-docker/docker-compose.yaml
- name: Install apache2
apt:
name:
- apache2
- apache2-utils
state: present
- name: Apache modules
apache2_module:
state: present
name: "{{ item }}"
loop:
- rewrite
- proxy
- proxy_http
- ssl
- headers
- proxy_wstunnel
- name: Copy apache config
template:
src: codesearch.vhost.j2
dest: /etc/apache2/sites-enabled/000-default.conf
owner: root
group: root
mode: 0644
notify: codesearch Reload apache2
- name: Create hound data storage area
file:
state: directory
path: /var/lib/hound/data
owner: root
group: root
mode: 0755
- name: Run docker-compose pull
shell:
cmd: docker-compose pull
chdir: /etc/hound-docker/
- name: Run docker-compose up
shell:
cmd: docker-compose up -d
chdir: /etc/hound-docker/
- name: Run docker prune to cleanup unneeded images
shell:
cmd: docker image prune -f
# Daily update of codesearch. This only reloads hound
# if the project-config yaml has changed
- name: Install update cron job
cron:
name: Update codesearch
state: present
user: root
job: >
/usr/local/bin/docker-compose -f /etc/hound-docker/docker-compose.yaml exec -T hound
/usr/local/bin/resync-hound >> /var/log/resync-hound.log 2>&1
hour: 5
minute: 30
- name: Rotate sync logs
include_role:
name: logrotate
vars:
logrotate_file_name: /var/log/resync-hound.log

41
playbooks/roles/codesearch/templates/codesearch.vhost.j2 Normal file
View File

@ -0,0 +1,41 @@
<VirtualHost *:80>
ServerName {{ inventory_hostname }}
ServerAdmin infra-root@openstack.org
ErrorLog ${APACHE_LOG_DIR}/codesearch-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/codesearch-access.log combined
Redirect / https://codesearch.opendev.org/
</VirtualHost>
<VirtualHost *:443>
ServerName {{ inventory_hostname }}
ServerAdmin webmaster@openstack.org
AllowEncodedSlashes On
ErrorLog ${APACHE_LOG_DIR}/codesearch-ssl-error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/codesearch-ssl-access.log combined
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
# Note: this list should ensure ciphers that provide forward secrecy
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP
SSLHonorCipherOrder on
SSLCertificateFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.cer
SSLCertificateKeyFile /etc/letsencrypt-certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key
SSLCertificateChainFile /etc/letsencrypt-certs/{{ inventory_hostname }}/ca.cer
ProxyPass / http://localhost:6080/ retry=0
ProxyPassReverse / http://localhost:6080/
</VirtualHost>

15
playbooks/roles/codesearch/templates/docker-compose.yaml.j2 Normal file
View File

@ -0,0 +1,15 @@
version: '3'
services:
hound:
restart: always
image: docker.io/opendevorg/hound
network_mode: host
environment:
- 'USE_HOUND_TEST_CONFIG={{ "1" if codesearch_use_test_config else "0" }}'
volumes:
- /var/lib/hound/data:/var/run/data
logging:
driver: syslog
options:
tag: "docker-hound"

3
playbooks/roles/letsencrypt-create-certs/handlers/main.yaml
View File

@ -120,6 +120,9 @@
- name: letsencrypt updated grafana01-opendev-org-main - name: letsencrypt updated grafana01-opendev-org-main
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
- name: letsencrypt updated codesearch01-opendev-org-main
include_tasks: roles/letsencrypt-create-certs/handlers/restart_apache.yaml
# nodepool # nodepool
- name: letsencrypt updated nb01-opendev-org-main - name: letsencrypt updated nb01-opendev-org-main

17
playbooks/service-codesearch.yaml
View File

@ -1,15 +1,6 @@
- hosts: 'localhost:!disabled' - hosts: "codesearch:!disabled"
name: Install puppet role/modules name: "Configure codesearch"
strategy: linear
roles:
- puppet-setup-ansible
- hosts: 'codesearch:!disabled'
name: "codesearch: run puppet on codesearch"
strategy: free
roles: roles:
- iptables - iptables
- sync-project-config - install-docker
- pip3 - codesearch
- name: puppet-run
manifest: /opt/system-config/production/manifests/codesearch.pp

1
playbooks/zuul/run-base.yaml
View File

@ -69,6 +69,7 @@
- group_vars/zuul-scheduler.yaml - group_vars/zuul-scheduler.yaml
- group_vars/zuul-web.yaml - group_vars/zuul-web.yaml
- host_vars/bridge.openstack.org.yaml - host_vars/bridge.openstack.org.yaml
- host_vars/codesearch01.opendev.org.yaml
- host_vars/etherpad01.opendev.org.yaml - host_vars/etherpad01.opendev.org.yaml
- host_vars/letsencrypt01.opendev.org.yaml - host_vars/letsencrypt01.opendev.org.yaml
- host_vars/letsencrypt02.opendev.org.yaml - host_vars/letsencrypt02.opendev.org.yaml

1
playbooks/zuul/templates/host_vars/codesearch01.opendev.org.yaml.j2 Normal file
View File

@ -0,0 +1 @@
codesearch_use_test_config: True

27
testinfra/test_codesearch.py Normal file
View File

@ -0,0 +1,27 @@
# Copyright 2020 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
testinfra_hosts = ['codesearch01.opendev.org']
def test_codesearch_container_listening(host):
codesearch = host.socket("tcp://127.0.0.1:6080")
assert codesearch.is_listening
def test_codesearch_proxy(host):
cmd = host.run('curl --insecure '
'--resolve codesearch.opendev.org:443:127.0.0.1 '
'https://codesearch.opendev.org')
assert '<title>Hound</title>' in cmd.stdout

27
zuul.d/docker-images/hound.yaml Normal file
View File

@ -0,0 +1,27 @@
# Hound jobs
- job:
name: system-config-build-image-hound
description: Build a hound image.
provides: hound-container-image
parent: system-config-build-image
vars: &hound_vars
docker_images:
- context: docker/hound
repository: opendevorg/hound
files: &hound_files
- docker/hound/
- job:
name: system-config-upload-image-hound
description: Build and upload a hound image.
provides: hound-container-image
parent: system-config-upload-image
vars: *hound_vars
files: *hound_files
- job:
name: system-config-promote-image-hound
description: Promote a previously published hound image to latest.
parent: system-config-promote-image
vars: *hound_vars
files: *hound_files

43
zuul.d/infra-prod.yaml
View File

@ -448,31 +448,6 @@
- docker/jinja-init/ - docker/jinja-init/
- docker/python-base/ - docker/python-base/
- job:
name: infra-prod-service-codesearch
parent: infra-prod-service-base
description: Run service-codesearch.yaml playbook.
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
vars:
playbook_name: service-codesearch.yaml
files:
- inventory/
- playbooks/install-ansible.yaml
- playbooks/service-codesearch.yaml
- inventory/service/group_vars/puppet.yaml
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/iptables/
- playbooks/roles/sync-project-config
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- modules/openstack_project/manifests/codesearch.pp
- modules/openstack_project/files/resync-hound-config.sh
- manifests/codesearch.pp
- job: - job:
name: infra-prod-service-eavesdrop name: infra-prod-service-eavesdrop
parent: infra-prod-service-base parent: infra-prod-service-base
@ -526,6 +501,24 @@
- playbooks/roles/accessbot - playbooks/roles/accessbot
- docker/accessbot/ - docker/accessbot/
- job:
name: infra-prod-service-codesearch
parent: infra-prod-service-base
description: Run service-codesearch.yaml playbook.
vars:
playbook_name: service-codesearch.yaml
files:
- docker/hound/
- inventory/
- playbooks/service-codesearch.yaml
- inventory/service/host_vars/codesearch01.opendev.yaml
- inventory/service/group_vars/codesearch
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- playbooks/roles/codesearch
- playbooks/roles/logrotate
- playbooks/roles/iptables
- job: - job:
name: infra-prod-service-grafana name: infra-prod-service-grafana
parent: infra-prod-service-base parent: infra-prod-service-base

25
zuul.d/project.yaml
View File

@ -21,7 +21,11 @@
- name: opendev-buildset-registry - name: opendev-buildset-registry
- name: system-config-build-image-accessbot - name: system-config-build-image-accessbot
soft: true soft: true
- system-config-run-codesearch - system-config-run-codesearch:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-hound
soft: true
- system-config-run-lists - system-config-run-lists
- system-config-run-nodepool - system-config-run-nodepool
- system-config-run-meetpad: - system-config-run-meetpad:
@ -70,6 +74,11 @@
- name: opendev-buildset-registry - name: opendev-buildset-registry
- name: system-config-build-image-jinja-init - name: system-config-build-image-jinja-init
soft: true soft: true
- system-config-build-image-hound:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-base-3.8
soft: true
- system-config-build-image-etherpad - system-config-build-image-etherpad
- system-config-build-image-gitea - system-config-build-image-gitea
- system-config-build-image-grafana - system-config-build-image-grafana
@ -107,7 +116,11 @@
- name: opendev-buildset-registry - name: opendev-buildset-registry
- name: system-config-upload-image-accessbot - name: system-config-upload-image-accessbot
soft: true soft: true
- system-config-run-codesearch - system-config-run-codesearch:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-hound
soft: true
- system-config-run-lists - system-config-run-lists
- system-config-run-nodepool - system-config-run-nodepool
- system-config-run-meetpad: - system-config-run-meetpad:
@ -156,6 +169,7 @@
- name: opendev-buildset-registry - name: opendev-buildset-registry
- name: system-config-upload-image-jinja-init - name: system-config-upload-image-jinja-init
soft: true soft: true
- system-config-upload-image-hound
- system-config-upload-image-etherpad - system-config-upload-image-etherpad
- system-config-upload-image-gitea - system-config-upload-image-gitea
- system-config-upload-image-grafana - system-config-upload-image-grafana
@ -181,6 +195,7 @@
- opendev-promote-docs - opendev-promote-docs
deploy: deploy:
jobs: jobs:
- system-config-promote-image-hound
- system-config-promote-image-jinja-init - system-config-promote-image-jinja-init
- system-config-promote-image-gitea-init - system-config-promote-image-gitea-init
- system-config-promote-image-gitea - system-config-promote-image-gitea
@ -218,6 +233,12 @@
- infra-prod-service-gitea-lb - infra-prod-service-gitea-lb
- infra-prod-service-nameserver - infra-prod-service-nameserver
- infra-prod-service-nodepool - infra-prod-service-nodepool
- infra-prod-service-codesearch:
dependencies:
- name: infra-prod-letsencrypt
soft: true
- name: system-config-promote-image-hound
soft: true
- infra-prod-service-etherpad: - infra-prod-service-etherpad:
dependencies: dependencies:
- name: infra-prod-install-ansible - name: infra-prod-install-ansible

60
zuul.d/system-config-run.yaml
View File

@ -156,37 +156,6 @@
- docker/accessbot/ - docker/accessbot/
- testinfra/test_eavesdrop.py - testinfra/test_eavesdrop.py
- job:
name: system-config-run-codesearch
parent: system-config-run
description: |
Run the playbook for an codesearch server.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: codesearch01.openstack.org
label: ubuntu-xenial
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
files:
- playbooks/install-ansible.yaml
- playbooks/service-codesearch.yaml
- inventory/service/group_vars/puppet.yaml
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/sync-project-config
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- modules/openstack_project/manifests/codesearch.pp
- modules/openstack_project/files/resync-hound-config.sh
- manifests/codesearch.pp
vars:
run_playbooks:
- playbooks/service-codesearch.yaml
- job: - job:
name: system-config-run-letsencrypt name: system-config-run-letsencrypt
parent: system-config-run parent: system-config-run
@ -501,6 +470,35 @@
- playbooks/roles/install-docker/ - playbooks/roles/install-docker/
- testinfra/test_registry.py - testinfra/test_registry.py
- job:
name: system-config-run-codesearch
parent: system-config-run-containers
description: |
Run the playbook for the codesearch server.
timeout: 3600
requires: codesearch-container-image
required-projects:
- opendev/system-config
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: codesearch01.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-codesearch.yaml
files:
- playbooks/bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-codesearch.yaml
- playbooks/roles/codesearch/
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- docker/codesearch/
- testinfra/test_codesearch.py
- job: - job:
name: system-config-run-etherpad name: system-config-run-etherpad
parent: system-config-run-containers parent: system-config-run-containers