We need to default to false so that we can audit logs and then
enable them individually.

Change-Id: Iadb1f8f56ef43d1f35ca080318af22008525b643

We still need to run puppet here until they're replaced, but
we're triggering service-nodepool on project-config nodepool
changes. So run the puppet.

Change-Id: Ib0bdaeee98e19921b8c4117c12f8a0c05e64af57

The use of files matchers makes doing the infra-prod playbooks
in the promote pipeline problematic, because the deduplication
of changes can elide out changes that match a different set of
files, thus causing jobs to not trigger.

Use deploy instead.

Depends-On: https://review.opendev.org/717353
Change-Id: Ief53395eca1c1e6c711e689aa02abe95d81fd7e1

Change-Id: Ic5ececf20babf4ee1c5b77033b42129d51caca38

Change-Id: Ie6ef39d0141874570c7e623a1ec1141fa3897b22

Previous patches missed these because they're not in the main
playbook. Add them to the file matchers for the appropriate
service.

Change-Id: I387804c81a2053c19373d2b38b6e0ad29340a91b

Change-Id: I1aacc9375507ed06a890a68762f12433a9f97221

Change-Id: I8088090d9468c24653793a5f4bf64d9369e98033

Change-Id: Idfb8a78a901a8fd3e2e05e373470f4d2923566a2

Change-Id: I5b1590a310e7a64b3c2f05d121c68f90f2731231

Change-Id: I61df86d8f5898ed8510eee10ed97be23062ebfff

Change-Id: I41be75839a0b7495b041e381c1a9c677d1749ad8

It should run before other services but after base, so run it early
and add it to the dependency list in the infra-prod-service-base job.

Change-Id: I4f65b0ff0fbf3cf1f98060d2b3d3c77eb3c45ec7

Change-Id: I80e116c56b36579e1c06d2ffe283e5005fa41194

Make a base job for the various service playbooks to capture the
fact that we should run these after update-system-config, and if
they run, after both install-ansible and base.

Attach a semphore to the base job, because while many of the
playbooks should be independent, some may not be, and we need to
make sure things don't double-run in periodic and promote.

Transition service-bridge from run_all to zuul, basing it on the
new base job.

While we're in here, reduce manage-projects forks to 10, because
let's face it, that's a more sensible number when there aren't
that many hosts.

Change-Id: I22e9edaea75dcfdab56f667f7c93cdd3ee25406c

More importantly, put the log collection in an always
section of block, otherwise we won't get logs if a
playbook fails, which is pretty much exactly when we
want to get logs.

Change-Id: Ia8e581e522f75a5f5945bc2143eec63b93381a94

We want to trigger nameserver updates when we merge patches
to zone files.

The zuul zone repo is currently managed by infra-core. We need to
make an improvement to zuul before we can offload core role there
to the zuul-maint team.

Change-Id: I6192f2499465844ccf2a1f903a8897458814da5d

Kolla Monasca Grafana images are currently not buildable in CI
due to:
404 Not Found - GET http://mirror.bhs1.ovh.openstack.org:8080/registry.npmjs/@types%2fcolor-name

The url-escaped slash gets mangled by Apache on its way to
registry which causes 404.

This patch fixes that.

Change-Id: I5a3a6551536e2d1e87aa074e0de7619a367b1971

Make the jobs in the project config listed in order that they'll
run. Even though they have dependencies, this will help us see
visually the sequence, at least for the first ones.

Also - add file matchers on base - it's not quick and we really
don't need to run it that frequently.

Change-Id: I6865374499e77dbcd2a40e52ed8200b2f3182b51

We have a bridge.yaml and a service-bridge.yaml and it keeps
being confusing. Rename bridge.yaml to install-ansible.yaml to make
it clear what it is that it actually does.

Add a soft-depend on it for manage-projects, because if
something updates with the ansible config, we want it to
happen before running manage-projects.

Change-Id: Ia7c8dd0e32b2c4aaa674061037be5ab66d9a3581

We had this set in run_all and lost it in the zuul job transition.

Change-Id: Ie8ddc62ca729802589429d19cbfec5b1e5fd1f20

This is to test if newer etherpad-lite works with jitsi integration
better.

Note that etherpad-dev uses a self signed ssl cert. When testing this
you may have to navigate to https://etherpad-dev.openstack.org and
permanently accept the ssl cert there before using meetpad. Then when
testing is done you can go back and remove the exception to ssl
verification.

Change-Id: Ie5a3db3f3ab762445afff6281cb372f90afc1410

Change-Id: I35c1136f5cb81a0d884e58546c61df53d90397a7
Signed-off-by: smarcet <smarcet@gmail.com>

Currently used mirror is not up to date and is not on the list of official
CentOS mirrors.
Changing to a mirror also located somewhere in US,TX - which should be
close-ish to DFW servers.

Change-Id: Id8267bc7e6c8a96ccdfd98c16390d36842f26de3