opendev
/
system-config
Code Issues Proposed changes

Use promote pipeline for system-config images 

Upload an image to dockerhub with a change-specific tag in every
gate job, and then, if the change lands, re-tag the image in
dockerhub.

Change-Id: Ie57fc342cbe29d261d33845829b77a0c1bae5ff4
This commit is contained in:
James E. Blair 2019-01-10 17:04:09 -08:00
parent 83237bc01e
commit 899a2023d2
7 changed files with 104 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
.zuul.yaml
View File

@ -70,23 +70,49 @@
``password``. ``password``.
abstract: true abstract: true
pre-run: playbooks/zuul/build-image-pre.yaml pre-run: playbooks/zuul/build-image/pre.yaml
run: playbooks/zuul/build-image.yaml run: playbooks/zuul/build-image/run.yaml
post-run: playbooks/zuul/build-image-upload.yaml post-run: playbooks/zuul/build-image/upload.yaml
- job:
name: system-config-promote-image
description: |
Retag a previously-uploaded docker image.
.. zuul:jobvar:: images
.. zuul:jobvar:: repository
The name of the target repository in dockerhub for the
image.
.. zuul:jobvar:: tags
A list of tags to be added to the image. Default: ['latest'].
.. zuul:jobvar:: credentials
This should be a secret with two keys: ``username`` and
``password``.
abstract: true
run: playbooks/zuul/build-image/promote.yaml
nodeset:
nodes: []
- job: - job:
name: system-config-build-image-gitea name: system-config-build-image-gitea
description: Build a gitea image description: Build a gitea image
parent: system-config-build-image parent: system-config-build-image
vars: vars:
images: images: &gitea_images
- context: docker/gitea - context: docker/gitea
target: gitea target: gitea
repository: opendevorg/gitea repository: opendevorg/gitea
- context: docker/gitea - context: docker/gitea
target: gitea-openssh target: gitea-openssh
repository: opendevorg/gitea-openssh repository: opendevorg/gitea-openssh
files: files: &gitea_files
- docker/gitea/.* - docker/gitea/.*
- job: - job:
@ -97,16 +123,27 @@
name: credentials name: credentials
secret: system-config-dockerhub secret: system-config-dockerhub
- job:
name: system-config-promote-image-gitea
description: Promote a previously published gitea image to latest
parent: system-config-promote-image
secrets:
name: credentials
secret: system-config-dockerhub
vars:
images: *gitea_images
files: *gitea_files
- job: - job:
name: system-config-build-image-jinja-init name: system-config-build-image-jinja-init
description: Build a jinja-init image description: Build a jinja-init image
parent: system-config-build-image parent: system-config-build-image
vars: vars:
images: images: &jinja-init_images
- context: docker/jinja-init - context: docker/jinja-init
target: jinja-init target: jinja-init
repository: opendevorg/jinja-init repository: opendevorg/jinja-init
files: files: &jinja-init_files
- docker/jinja-init/.* - docker/jinja-init/.*
- job: - job:
@ -117,6 +154,17 @@
name: credentials name: credentials
secret: system-config-dockerhub secret: system-config-dockerhub
- job:
name: system-config-promote-image-jinja-init
description: Promote a previously published jinja-init image to latest
parent: system-config-promote-image
secrets:
name: credentials
secret: system-config-dockerhub
vars:
images: *jinja-init_images
files: *jinja-init_files
# Role integration jobs. These test the top-level generic roles/* # Role integration jobs. These test the top-level generic roles/*
# under Zuul. The range of platforms should be the same as those for # under Zuul. The range of platforms should be the same as those for
# openstack-zuul-jobs. # openstack-zuul-jobs.
@ -413,9 +461,9 @@
- system-config-run-eavesdrop - system-config-run-eavesdrop
- system-config-run-nodepool - system-config-run-nodepool
- system-config-run-docker - system-config-run-docker
- system-config-build-image-gitea
- system-config-build-image-jinja-init
post:
jobs:
- system-config-upload-image-gitea - system-config-upload-image-gitea
- system-config-upload-image-jinja-init - system-config-upload-image-jinja-init
promote:
jobs:
- system-config-promote-image-gitea
- system-config-promote-image-jinja-init

1
docker/gitea/Dockerfile
View File

@ -112,3 +112,4 @@ EXPOSE 22
VOLUME ["/data"] VOLUME ["/data"]
ENTRYPOINT ["/usr/bin/entrypoint"] ENTRYPOINT ["/usr/bin/entrypoint"]
CMD ["/usr/sbin/sshd", "-D"] CMD ["/usr/sbin/sshd", "-D"]
# this comment is here to perform a test run of the job.

0
playbooks/zuul/build-image-pre.yaml → playbooks/zuul/build-image/pre.yaml
View File

31
playbooks/zuul/build-image/promote-retag.yaml Normal file
View File

@ -0,0 +1,31 @@
- name: Get dockerhub token
no_log: true
uri:
url: "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{{image.repository}}:pull,push"
user: "{{ credentials.username }}"
password: "{{ credentials.password }}"
force_basic_auth: true
register: token
- name: Get manifest
no_log: true
uri:
url: "https://registry.hub.docker.com/v2/{{image.repository}}/manifests/change_{{zuul.change}}"
status_code: 200
headers:
Accept: "application/vnd.docker.distribution.manifestv2+json"
Authorization: "Bearer {{ token.json.token }}"
return_content: true
register: manifest
- name: "Put manifest"
no_log: true
loop: "{{ image.tags | default(['latest']) }}"
loop_control:
loop_var: new_tag
uri:
url: "https://registry.hub.docker.com/v2/{{image.repository}}/manifests/{{ new_tag }}"
method: PUT
status_code: 201
body: "{{ manifest.content | string }}"
headers:
Content-Type: "application/vnd.docker.distribution.manifestv2+json"
Authorization: "Bearer {{ token.json.token }}"

10
playbooks/zuul/build-image/promote.yaml Normal file
View File

@ -0,0 +1,10 @@
- hosts: all
tasks:
- name: Promote dockerhub image
when: credentials is defined
block:
- name: Promote image
loop: "{{ images }}"
loop_control:
loop_var: image
include_tasks: promote-retag.yaml

2
playbooks/zuul/build-image.yaml → playbooks/zuul/build-image/run.yaml
View File

@ -1,7 +1,7 @@
- hosts: all - hosts: all
tasks: tasks:
- name: Build a docker image - name: Build a docker image
command: "docker build . {{ target | default(false) | ternary('--target ', '') }}{{ target | default('') }} --tag {{ item.repository }}" command: "docker build . {{ target | default(false) | ternary('--target ', '') }}{{ target | default('') }} --tag {{ item.repository }}:change_{{ zuul.change }}"
args: args:
chdir: "{{ zuul.project.src_dir }}/{{ item.context }}" chdir: "{{ zuul.project.src_dir }}/{{ item.context }}"
loop: "{{ images }}" loop: "{{ images }}"

4
playbooks/zuul/build-image-upload.yaml → playbooks/zuul/build-image/upload.yaml
View File

@ -7,5 +7,5 @@
command: "docker login -u {{ credentials.username }} -p {{ credentials.password }}" command: "docker login -u {{ credentials.username }} -p {{ credentials.password }}"
no_log: true no_log: true
- name: Upload to dockerhub - name: Upload to dockerhub
command: "docker push {{ item.repository }}" command: "docker push {{ item.repository }}:change_{{ zuul.change }}"
loop: "{{ images }}" loop: "{{ images }}"