Turns out our config has a bunch of hardcoded /home/gerrit2/acls
entries in it. That doesn't work if we're just pointing the
config file at /opt/project-config/gerrit/acls.
Change-Id: I387e446501e17a3bdd807807d5ef6b69b53abde5
We use this to make the .gitreview file too, so our thought that
we could just use localhost was a little misguided.
Change-Id: I501b10b2003c7e04ca1ac345d14fa33916b3e60b
When we run manage-projects, we always want the latest image.
Add a task file to the gerrit role so that it can have access
to role default variables. Then call it from the playbook
with tasks_from.
Change-Id: I08bd10539d7f08e8759f1c22d66dea18821c9d42
We have a wrapper script now that works on the gerrit servers.
Run it after we run the gitea repo creation.
Remove the -it since this is not an interactive run. Add net=host
so that localhost maps. And set the server to localhost.
Don't run manage-projects in gate jobs for run-review yet, because
we don't have a functioning enough gerrit. We can follow up with
that.
Change-Id: I8c0eb5d7973815ae21d4d5bc1be8d4bdfe56d7fc
jeepyb is installed in the gerrit image because of hook scripts.
To run manage-projects and track-upstream, make wrapper scripts
in /usr/local that runs the commands from in the container image
bind-mounting the appropriate dirs and files into the container.
Change-Id: I7ef1f00e69d4c310d69d83c80ca210e8f340878d
We set core size to 0 and number of files to twice the setting of
core.packedGitOpenFiles. Make gerrit_packed_git_open_files a role
variable so we can jinja the 2x transformation.
Change-Id: I05dbfe1f091e7014c47b0f1ba79f99b51d1a6c30
This is in anticipation of running manage-projects, which wants to
use the dev subdir of project-config when run on dev, but we're
currently not doing anything with that. Point at root or dev as
appropriate. Then we can do a similar thing - probably just
bind-mounting the root or the dev when we docker run for
manage-projects.
Change-Id: Ia13bbb0bf8dbe1f7e7c0f378ba9b41bef3ecd5c1
We install jeepyb and launchpadlib in gerrit-base. Those are
important. We also need to add cgi for gitweb.
The gerrit init command does two things that we don't actually
want it to do at runtime. It extracts the plugins into the
plugins dir, and it downloads the right database library.
We can extract the plugins for it during image creation, and
then we can also download the plugin it would have downloaded.
We can also download the mysql library for it:
https://gerrit.googlesource.com/gerrit/+/refs/heads/stable-2.13/gerrit-pgm/src/main/resources/com/google/gerrit/pgm/init/libraries.config
Finally, we tell it to not download or expand anything during
init, because we're running in a container and next time we run
the process that dir isn't going to be there.
Our gerrit integration tests don't depend on our gerrit image builds.
Put in image depends between run-review and gerrit builds.
We also need to depend directly on opendev-buildset-registry.
Add java.security.egd setting to java invocation
This tells java to be secure.
https://stackoverflow.com/questions/58991966/what-java-security-egd-option-is-for
Add support for setting heap limit properly
The gerrit init script does this based on the value in
container.javaOptions. We could, but then we'd have to
run an entrypoint script. Instead, set the value via
the JAVA_OPTIONS env var setting based on a value from
ansible.
Finally, make gerrit-master image build non-voting
It looks like there might be a real issue, but debugging that
is not important for us at this moment.
Depends-On: https://review.opendev.org/714216
Change-Id: I01e94c10f470fb3c8ddfce7b0e201357e5050679
The Airship project is continuously publishing documentation to AFS,
so serve that volume with a corresponding vhost on the static01
server. Also add it to the list of volumes for periodic vos release.
Change-Id: I718963533d9e8596d44d451b5e930314d699fa28
Depends-On: https://review.opendev.org/706599
We have a need to run ad-hoc commands with the various things
mounted, such as the gerrit init, as well as our friends like
manage-projects. Make a second "service" that doesn't do anything,
but allows us to run "docker-compose run".
Change-Id: Ic9bafe85b90af413c891b969273437be9df6a79f
We don't want to copy static and etc into the static and etc dirs
creating static/static and etc/etc.
It's possible this could also be done with trailing /'s?
Change-Id: I054158a677261743ed67107894e207f7b615ea7f
This should be mostly a no-op - but we will need to do a shutdown
in emergency mode.
Tell the gerrit role to not run compose up when run as part of
remote_puppet_git.
Change-Id: Id45376c2697656a12afeacf317b6f26c85c08dad
For our rollout, we need to be able to run this without actually
running the up.
Also, split out startup tasks so that we can run them from a
dedicated start playbook by themselves.
Change-Id: I08d994e496fbd8d5adbfa1ce344b0ae52f46535c
Gerrit replication plugin is good about retrying replication if its
connectivity to the remote fails. It however thinks everything is happy
if it can connect and push even when gitea-web isn't running.
Make the whole replication system happier by stopping gitea-ssh before
other services and starting it after other services. This way gerrit
should fail to replicate until gitea is ready for it to ssh in.
Change-Id: I3440d8dd8a01a3aaf5d18c9c2ca48e7ead63856f
We are starting over with the container nodepool host, and also moving
it to "nb04" to avoid any possibility of conflicting with the
short-hostname of nb01.openstack.org.
Story: #2007407
Task: #39064
Depends-On: https://review.opendev.org/713575
Depends-On: https://review.opendev.org/713571
Change-Id: I18ab9834ad4da201774e0abef56f618cd7839d36
After the big OpenDev rename, these repos got renamed again. Update the
redirects for git.airshipit.org and git.starlingx.io to point to the
current location.
Update test_static.py for this, change the test repo since
airship-in-a-bottle was first renamed to in-a-bottle and later to
airship-in-a-bottle.
Change-Id: I71b786cd528aac9ae68464618db02e22cd4c0b5b
zuul and nodepool now life in opendev, avoid double redirects and
redirect directly to final location.
Change-Id: Ia55d76b24f07ec64cb55055955c4549f3706a95b
We don't actually need version 3. Mark it as version 2 to keep it
inline with everything else. In general we should only increase
past v2 if we need a specific feature.
Change-Id: Ie243da369ddec30e0eca4805434d572e12c40491
Also - update the test job to use xenial nodes, since that's what
our gerrit servers are. docker-compose in xenial is too old for
version 3 file format - but we didn't get an error in the test
becuase we're running on bionic.
Change-Id: I855c3df241932098c95de84cf9f92383b335702f