ansible-lints ability to find ansible files is less than
good. Go back to find - but leave the config in the .ansible-lint
file since that does clean up the command invocation.
While we're there - turn off quiet - let's be loud.
Change-Id: Ie495e3d9ff1b82e84069e07c60c7217fc8399a1c
This will give us a nice link to the goaccess reports on the zuul
dashboard build pages.
Move ansible-lint config into config file
As of 4.2.0 we can configure ansible-lint with a config file. It's
also apparently now smart enough to only find ansible yaml. Let's
see how that goes.
Add a fake zuul_return module
This should let us fake out ansible-lint without having to install
all of zuul.
Change-Id: Ib233eb577a8ca2aabfe3a49b2cd823dd4a00bd82
This has got me a number of times; I think we can tell in review if a
task firing in response to a "changed" is best in a handler or not.
Remove existing noqa flags
Change-Id: I80ad631f978eeeb9903abe230a95f23f5709d20e
This runs openstack/inventory.yaml through a basic syntax check. This
would have caught a typo such as in
I0e55d2c575427e404709e78d0c7a10a974117ac4 (fixed
I834411ef2dee458ae15fb99a3c88b6d2fee4cf1e)
Change-Id: I4cbf9898d598aeeef1583ab22ceb9d0cdf081064
In a follow-on change (I9bf74df351e056791ed817180436617048224d2c) I
want to use #noqa to ignore an ansible-lint rule on a task; however
emperical testing shows that it doesn't work with 3.5.1. Upgrading to
4.1.0 it seems whatever was wrong has been fixed.
This, however, requires upgrading to 4.1.0.
I've been through the errors ... the comments inline I think justify
what has been turned off. The two legitimate variable space issues I
have rolled into this change; all other hits were false positives as
described.
Change-Id: I7752648aa2d1728749390cf4f38459c1032c0877
Add an option to run a playbook (in the fake bridge context) after
running the base playbook. Use this to run a new playbook which
exercises gitea project creation after bootstrapping the gitea
service.
Disable ansible-lint 304 because it erroneously thinks shell and
command are the same thing.
Change-Id: I0394b614771bc62b9fe23d811defd7767b3d10db
It's designed to always be used from the latest version.
This trips an ansible lint rule (ANSIBLE0010) which we can ignore, as
we often have pip things that we want to install the latest release
of automatically.
Change-Id: Ieac93ab3a555f2423d4fbcf101d6d9681ae0e497
This mocks out enough of the Ansible inventory framework so we can
test the group matching against a range of corner cases as present in
the results.yaml file.
Change-Id: I05114d9aae6f149122da20f239c8b3546bc140bc
Add a job which runs testinfra for the eavesdrop server. When we
have a per-hostgroup playbook, we will add it to this job too.
The puppet group is removed from the run-base job because the
groups.yaml file is now used to construct groups (as it does
in production) and will construct the group correctly.
The testinfra iptables module may throw an error if it's run
multiple times simultaneously on the same host. To avoid this,
stop using parallel execution.
Change-Id: I1a7bab5c14b0da22393ab568000d0921c28675aa
And collect it on post, it is helpful to see the results.
Change-Id: I0dbecf57bf9182168eb6f99cdf88329fcdeb1bdc
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This adds a job which creates a bridge-like node and bootstraps it,
and then runs the base playbook against all of the node types we
use in our control plane. It uses testinfra to validate the results.
Change-Id: Ibdbaf511bbdaee46e1335f2c83b95ba1553a1d94
Depends-On: https://review.openstack.org/595905
With the dependent change, zuul-sphinx will raise a warning when the
autoroles matcher finds a role without a README.rst. Since we
error-on-warnings this will stop the docs build. Thus we don't need
this explicit linters check.
Change-Id: I02eefce2448152505bacba3b2a12021515b4a31a
Depends-On: https://review.openstack.org/596014
Move the exim role to be a "generic" role in the top-level roles/
directory, making it available for use as a Zuul role.
Update the linters jobs to look for roles in the top level
Update the Role documentation to explain what the split in roles is
about.
Change-Id: I6b49d2a4b120141b3c99f5f1e28c410da12d9dc3
These role docs aren't exactly War and Peace, but I think longer term
as we fiddle about making things generic or not and moving them
around, we'll be better off having kept ourselves to writing
*something*.
Add terse README.rst files for all existing roles, and add simple
linter check to ensure new roles get them too.
Change-Id: Ibc836310fb8a45e12c2e31f112d92509ac350413
Currently we're building docs with python 2. It works fine with
python3, so move the basepython override up to the top level so we're
all-python3-all-the-time.
Change-Id: I2c49a0b8bcda72385a9594f40a6b9db10403d688
Load our various cloud configuration files into openstacksdk for a
basic sanity check of the configuration.
Change-Id: Ieedb3439533f3162d2b5cecca4b7fc07b631019e
ansible-lint 3.4.22 seems to have introduced a change in behaviour
in how it parses the excludes (-x) back in March[1]. However, it
seems that the new release never got pushed to PyPi until now.
This has resulted in the linting jobs failing, so switching the
format to be the new one instead of pinning to an older release.
[1]: https://github.com/willthames/ansible-lint/commit/96d0a0bc
Change-Id: I446e734364298e90a64063e811343aa11430765f
This fixes the issues we have with our rename_repos.yaml file. We are
also skipping additional failures for now, which will be cleaned up in
a follow up patch.
Change-Id: I726535e195a292e3f2d457f0ed039d01bb96c66b
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Merge the currently not used modulesenv target into the linters
target so that we test that modules are sorted properly which is
some kind of lint. There's no need to run an extra VM just
for checking the sorting, so include it here.
Change-Id: I547c77de92a00a42ac0841b087350144e760562f
Exclude .eggs directory from testing.
The run-pep8 script now calls "python setup.py sdist" and that
one creates an .eggs directory that should not be tested.
Change-Id: I854be157ed04d5bc9d8c568a37c00298cb4a71bf
Manage nodepool configurations using the common-ci solution
in puppet-openstackci
Remove nodepool.yaml.erb from this repo as openstackci::nodepool
will pull it in from project-config/nodepool/nodepool.yaml
Remove the tox nodepool environment and test dependency as it
has been migrated to project-config
The nodepool logging template file and associated tool that generates the file
will remain in this repo. In the short term, updates to nodepool.yaml in
project-config repo may require a related change in this repo to update the logging
configuration. In the longer term, nodepool will be updated to automatically
log image creations without needing a customized logging configuration.
Depends-on: I89207d100eb4b6bbb502a6ed38831f49e4b29096
Depends-on: I473a1b78acdb035eb379394a7ed5f771434dc942
Depends-on: I6b01ab7260a41927fff34b9b81b631ea2c933f22
Change-Id: I2b45a7145805368b1598d3a3e8a94f0e4eb8cf2d
Add validation test for the nodepool configuration. We get nodepool
directly from git so we can always handle the latest syntax changes
automatically.
Change-Id: I5d58648bca160d8afc81aae3d8daf0c7bd01c976
Depends-On: I250ea4959740cfc4650e9057caba09ae7bc25768
Fix all of the bashate failures. Also, bashate will install its negative
tests in its virtualenv, so we need to generate a list of files to pass to
bashate that excludes .tox/
Change-Id: I55559bf6137f705aec9a7f277928ad8d4cadc2ca
Commit number 3fa3be7edef356fe42ed3c6adc21590604634665 initially
added the upstream testenv, but it was merged to the 'projects'
testenv a long time ago. Which is now obsolete, because of the
split to project-config.
Change-Id: I2d011af7df2ad9d14d2db67fa78c4dc6e4e4cbb6
Since the split to project-config, there is no longer a need to
run 'tox' for projects_alphabetized, since those resources no
longer exist. Also removing the shell scripts that were running
the tests.
Change-Id: Ib7a762d872da9c5d945206807c405e7452b49638
Add bashate to test-requirements.txt, add a tox env for bashate, and start
running it on config. Also convert devstack to run bashate via tox rather than
via run_tests.sh (the needed tox.ini changes to devstack have already merged).
Change-Id: I205d675ff231c0403dd135eacc8d57b45317859f
According to https://docs.python.org/3/howto/pyporting.html the
syntax changed in Python 3.x. The new syntax is usable with
Python >= 2.6 and should be preferred to be compatible with Python3.
Enabled hacking check H231.
Change-Id: I4c20a04bc7732efc2d4bbcbc3d285107b244e5fa
Add a tox environment to run the zuul layout tests locally.
Modify run-layout.sh to ignore a missing mirror selection script
and assume that it is running with a valid mirror configuration.
This allows the script to be run locally without breaking a
dev environment.
Change-Id: I5b0c94ae51e7f41b8b26b3ef4f78b830031d263e
Add a check job to require upstream URLs to use a scheme
that we are confident won't cause connection errors during
the import.
Add a tox configuration for this new job, as well as the
existing alphabetical check script, to make it easier
for developers to run those tests locally just by running
"tox".
Change-Id: I894ac0f8afb234404bb6e80e64b90aa25e052f10
This does not perform all of the same tests as the check job for this
repo, but it does make it easy to run basic jenkins-job-builder tests.
Change-Id: I1a52deb2258801fa1863e7c57108de2ecaac324f
Run it whenever there is a change to the YAML channel config.
The script will ensure everyone listed in global has those perms
and anyone else found with access on a channel will be left as-is
except that their access will be limited to the relevant mask.
Move it and the previous change to add a permission checking
script into a new module, 'accessbot'.
Support SSL in both scripts.
Add a 1 second sleep in the check script to avoid flood protection.
Add all known channels to the channel config.
Closes-Bug: 1190296
Change-Id: I5072cb56ae83a70f4fa955362b8db909b2956d70
Add an IRC channel config file with some stub access information
for a few channels. A new tool can read this file and verify
that openstackinfra has founder access on all the channels listed
in the file.
Run a job on changes to that file to verify that access is correct.
Later, other tools (like statusbot or gerritbot) may read that
file directly to determine which channels to join. Or we can at
least add checks that all channels referenced by another tool
(like eavesdrop) are also listed in this file.
Related-Bug: 1190296
Change-Id: I38440e745402af5bbc3f0d0cc04a150c0a4bb47c