From 6f3a2792cc59542bb3066f9f41eee62fe10b69d5 Mon Sep 17 00:00:00 2001 From: Monty Taylor Date: Tue, 14 Jan 2020 12:04:15 -0600 Subject: [PATCH] Switch to ansible on review-dev The review-dev service playbook should do everything now that the puppet did. Update how we're running things. Change-Id: I70303c48328ea6713c24bf9c6f63d4808d30b95c --- inventory/groups.yaml | 2 - manifests/site.pp | 32 --- .../openstack_project/manifests/review_dev.pp | 271 ------------------ run_all.sh | 4 + 4 files changed, 4 insertions(+), 305 deletions(-) delete mode 100644 modules/openstack_project/manifests/review_dev.pp diff --git a/inventory/groups.yaml b/inventory/groups.yaml index cdb16240ad..b818c60c60 100644 --- a/inventory/groups.yaml +++ b/inventory/groups.yaml @@ -136,7 +136,6 @@ groups: - pbx[0-9]*.opendev.org - planet[0-9]*.open*.org - refstack*.open*.org - - review-dev[0-9]*.open*.org - review[0-9]*.open*.org - static*.open*.org - status*.open*.org @@ -186,7 +185,6 @@ groups: - planet[0-9]*.open*.org - refstack*.open*.org - review[0-9]*.open*.org - - review-dev[0-9]*.open*.org - static*.open*.org - status*.open*.org - storyboard[0-9]*.opendev.org diff --git a/manifests/site.pp b/manifests/site.pp index 4b9395fe90..d7300e9b91 100644 --- a/manifests/site.pp +++ b/manifests/site.pp @@ -73,38 +73,6 @@ node /^review\d*\.open.*\.org$/ { } } -# Node-OS: xenial -node /^review-dev\d*\.open.*\.org$/ { - $group = "review-dev" - - class { 'openstack_project::server': - afs => true, - } - - class { 'openstack_project::review_dev': - project_config_repo => 'https://opendev.org/openstack/project-config', - github_oauth_token => hiera('gerrit_dev_github_token'), - github_project_username => hiera('github_dev_project_username', 'username'), - github_project_password => hiera('github_dev_project_password'), - mysql_host => hiera('gerrit_dev_mysql_host', 'localhost'), - mysql_password => hiera('gerrit_dev_mysql_password'), - email_private_key => hiera('gerrit_dev_email_private_key'), - ssh_dsa_key_contents => hiera('gerrit_dev_ssh_dsa_key_contents'), - ssh_dsa_pubkey_contents => hiera('gerrit_dev_ssh_dsa_pubkey_contents'), - ssh_rsa_key_contents => hiera('gerrit_dev_ssh_rsa_key_contents'), - ssh_rsa_pubkey_contents => hiera('gerrit_dev_ssh_rsa_pubkey_contents'), - ssh_project_rsa_key_contents => hiera('gerrit_dev_project_ssh_rsa_key_contents'), - ssh_project_rsa_pubkey_contents => hiera('gerrit_dev_project_ssh_rsa_pubkey_contents'), - ssh_replication_rsa_key_contents => hiera('gerrit_dev_replication_ssh_rsa_key_contents'), - ssh_replication_rsa_pubkey_contents => hiera('gerrit_dev_replication_ssh_rsa_pubkey_contents'), - lp_access_token => hiera('gerrit_dev_lp_access_token'), - lp_access_secret => hiera('gerrit_dev_lp_access_secret'), - lp_consumer_key => hiera('gerrit_dev_lp_consumer_key'), - storyboard_password => hiera('gerrit_dev_storyboard_token'), - storyboard_ssl_cert => hiera('gerrit_dev_storyboard_ssl_crt'), - } -} - # Node-OS: xenial # Puppet-Version: !3 node /^grafana\d*\.open.*\.org$/ { diff --git a/modules/openstack_project/manifests/review_dev.pp b/modules/openstack_project/manifests/review_dev.pp deleted file mode 100644 index 3b6f751bd2..0000000000 --- a/modules/openstack_project/manifests/review_dev.pp +++ /dev/null @@ -1,271 +0,0 @@ -# == Class: openstack_project::review_dev -# -class openstack_project::review_dev ( - $github_oauth_token = '', - $github_project_username = '', - $github_project_password = '', - $mysql_host = '', - $mysql_password = '', - $email_private_key = '', - $ssh_dsa_key_contents = '', - $ssh_dsa_pubkey_contents = '', - $ssh_rsa_key_contents = '', - $ssh_rsa_pubkey_contents = '', - $ssh_project_rsa_key_contents = '', - $ssh_project_rsa_pubkey_contents = '', - # SSH key for outbound ssh-based replication. - $ssh_replication_rsa_key_contents='', - $ssh_replication_rsa_pubkey_contents='', - # Launchpad creds for bug/blueprint updates - $lp_access_token = '', - $lp_access_secret = '', - $lp_consumer_key = '', - $swift_username = '', - $swift_password = '', - $storyboard_password = '', - $storyboard_ssl_cert = '', - $project_config_repo = '', - $projects_config = 'openstack_project/review-dev.projects.ini.erb', - $gerrit_configure = true, -) { - - case $::lsbdistcodename { - 'trusty': { - $jre_package = 'openjdk-7-jre-headless' - $java_home = '/usr/lib/jvm/java-7-openjdk-amd64/jre' - } - 'xenial': { - $jre_package = 'openjdk-8-jre-headless' - $java_home = '/usr/lib/jvm/java-8-openjdk-amd64/jre' - } - default: { - fail("Operating system release ${::lsbdistcodename} not supported.") - } - } - - class { 'project_config': - url => $project_config_repo, - base => 'dev/', - } - - if ($gerrit_configure) { - $accountpatchreviewdb_url = "jdbc:mysql://${mysql_host}:3306/accountPatchReviewDb?characterSetResults=utf8&characterEncoding=utf8&connectionCollation=utf8_bin&useUnicode=yes&user=gerrit2&password=${mysql_password}" - class { 'openstack_project::gerrit': - vhost_name => 'review-dev.openstack.org', - canonicalweburl => 'https://review-dev.openstack.org/', - ssl_cert_file => '/etc/ssl/certs/ssl-cert-snakeoil.pem', - ssl_key_file => '/etc/ssl/private/ssl-cert-snakeoil.key', - ssl_chain_file => '', - ssh_dsa_key_contents => $ssh_dsa_key_contents, - ssh_dsa_pubkey_contents => $ssh_dsa_pubkey_contents, - ssh_rsa_key_contents => $ssh_rsa_key_contents, - ssh_rsa_pubkey_contents => $ssh_rsa_pubkey_contents, - ssh_project_rsa_key_contents => $ssh_project_rsa_key_contents, - ssh_project_rsa_pubkey_contents => $ssh_project_rsa_pubkey_contents, - ssh_replication_rsa_key_contents => $ssh_replication_rsa_key_contents, - ssh_replication_rsa_pubkey_contents => $ssh_replication_rsa_pubkey_contents, - email => 'review-dev@openstack.org', - war => - 'https://tarballs.openstack.org/gerrit/gerrit-v2.13.12.11.1707fec.war', - acls_dir => $::project_config::gerrit_acls_dir, - notify_impact_file => $::project_config::gerrit_notify_impact_file, - projects_file => $::project_config::jeepyb_project_file, - projects_config => $projects_config, - github_username => 'openstack-gerrit-dev', - github_oauth_token => $github_oauth_token, - github_project_username => $github_project_username, - github_project_password => $github_project_password, - mysql_host => $mysql_host, - mysql_password => $mysql_password, - accountpatchreviewdb_url => $accountpatchreviewdb_url, - email_private_key => $email_private_key, - gitweb => false, - cgit => true, - web_repo_url => 'https://git.openstack.org/cgit/', - web_repo_url_encode => false, - swift_username => $swift_username, - swift_password => $swift_password, - replication_force_update => true, - replication_auto_reload => true, - commentlinks => [ - { - name => 'bugheader', - match => '([Cc]loses|[Pp]artial|[Rr]elated)-[Bb]ug:\\\\s*#?(\\\\d+)', - link => 'https://launchpad.net/bugs/$2', - }, - { - name => 'bug', - match => '\\\\b[Bb]ug:? #?(\\\\d+)', - link => 'https://launchpad.net/bugs/$1', - }, - { - name => 'story', - match => '\\\\b[Ss]tory:? #?(\\\\d+)', - link => 'https://storyboard-dev.openstack.org/#!/story/$1', - }, - { - name => 'task', - match => '\\\\b[Tt]ask:? #?(\\\\d+)', - link => 'https://storyboard-dev.openstack.org/#!/task/$1', - }, - { - name => 'its-storyboard', - match => '\\\\b[Tt]ask:? #?(\\\\d+)', - link => 'task: $1', - }, - { - name => 'blueprint', - match => '(\\\\b[Bb]lue[Pp]rint\\\\b|\\\\b[Bb][Pp]\\\\b)[ \\\\t#:]*([A-Za-z0-9\\\\-]+)', - link => 'https://blueprints.launchpad.net/openstack/?searchtext=$2', - }, - { - name => 'testresult', - match => '
  • ([^ ]+) ([^<]+) : ([^ ]+)([^<]*)
  • ', - html => '
  • $1 $3$4
  • ', - }, - { - name => 'testresultabort', - match => '
  • ([^ ]*) (finger://[^ ]*) : ([^ ]*)([^<]*)
  • ', - html => '
  • $1 $3$4
  • ', - }, - { - name => 'launchpadbug', - match => '[^<]+', - html => '$1' - }, - { - name => 'changeid', - match => '(I[0-9a-f]{8,40})', - link => '/#/q/$1', - }, - { - name => 'gitsha', - match => '(

    |[\\\\s(])([0-9a-f]{40})(

    |[\\\\s.,;:)])', - html => '$1$2$3', - }, - ], - its_plugins => [ - { - name => 'its-storyboard', - password => $storyboard_password, - url => 'https://storyboard-dev.openstack.org', - }, - ], - # See https://gerrit.googlesource.com/plugins/its-storyboard - # /+/stable-2.13/src/main/resources/Documentation - # /quick-install-guide.md#its_actions_its_actionsconfigure-its-actions - # for documentation on these options. - its_rules => [ - { - name => 'LOG', - action => 'log-event error', - }, - { - name => 'comment-on-status-update', - event_type => 'patchset-created,change-abandoned,change-restored,change-merged', - action => 'add-standard-comment', - }, - { - name => 'change_abandoned', - event_type => 'change-abandoned', - action => 'set-status TODO', - }, - { - name => 'change_in_progress', - event_type => 'patchset-created,change-restored', - action => 'set-status REVIEW', - }, - { - name => 'change_merged', - event_type => 'change-merged', - action => 'set-status MERGED', - }, - ], - replication => [ - { - name => 'github', - url => 'git@github.com:', - authGroup => 'Anonymous Users', - replicationDelay => '1', - replicatePermissions => false, - mirror => true, - projects => [ - 'gtest-org/*', - 'kdc*', - ] - }, - { - name => 'local', - url => 'file:///opt/lib/git/', - replicationDelay => '1', - threads => '4', - mirror => true, - }, - { - name => 'afs', - url => 'file:///afs/openstack.org/mirror/git-sandbox/', - replicationDelay => '1', - threads => '4', - mirror => true, - }, - ], - require => $::project_config::config_dir, - } - - gerrit::plugin { 'javamelody': version => 'v2.13.3.e4233d6' } - gerrit::plugin { 'its-storyboard': version => '805f9ac' } - - - # create a file containing the ssl certificate - file { '/home/gerrit2/storyboard-dev.crt': - ensure => present, - owner => 'gerrit2', - group => 'gerrit2', - mode => '0600', - content => $storyboard_ssl_cert, - replace => true, - require => User['gerrit2'], - } - - # Import certificate to java to allow gerrit its plugins to POST to storyboard - exec { 'import-java-certs': - user => 'root', - command => "keytool -import -alias storyboard-dev.openstack.org -keystore $java_home/lib/security/cacerts -file /home/gerrit2/storyboard-dev.crt -storepass changeit -noprompt", - unless => "keytool -list -alias storyboard-dev.openstack.org -storepass changeit -keystore $java_home/lib/security/cacerts >/dev/null 2>&1", - path => '/bin:/usr/bin', - require => [ - Package[$jre_package], - File['/home/gerrit2/storyboard-dev.crt'], - ], - } - } else { - # Only create gerrit user / group so we can bring a server online. - include ::gerrit::user - } - - package { 'python-launchpadlib': - ensure => present, - } - file { '/home/gerrit2/.launchpadlib': - ensure => directory, - owner => 'gerrit2', - group => 'gerrit2', - mode => '0775', - require => User['gerrit2'], - } - file { '/home/gerrit2/.launchpadlib/creds': - ensure => present, - owner => 'gerrit2', - group => 'gerrit2', - mode => '0600', - content => template('openstack_project/infra_lp_creds.erb'), - replace => true, - require => User['gerrit2'], - } - - include bup - bup::site { 'ord.rax': - backup_user => 'bup-review-dev', - backup_server => 'backup01.ord.rax.ci.openstack.org', - } -} diff --git a/run_all.sh b/run_all.sh index 5f594d9965..e8758aed52 100755 --- a/run_all.sh +++ b/run_all.sh @@ -129,6 +129,10 @@ start_timer timeout -k 2m 30m ansible-playbook -f 50 ${ANSIBLE_PLAYBOOKS}/service-zuul.yaml send_timer zuul +start_timer +timeout -k 2m 30m ansible-playbook -f 50 ${ANSIBLE_PLAYBOOKS}/service-review-dev.yaml +send_timer nodepool + # Run the git/gerrit/zuul sequence, since it's important that they all work together start_timer timeout -k 2m 30m ansible-playbook -f 50 ${ANSIBLE_PLAYBOOKS}/remote_puppet_git.yaml