opendev/system-config
Code Issues Proposed changes
4b9d1a88bd
system-config/.zuul.yaml
Monty Taylor 4b9d1a88bd Use zuul checkouts of ansible roles from other repos 
We have two standalone roles, puppet and cloud-launcher, but we
currently install them with galaxy so depends-on patches don't
work. We also install them every time we run anything, even if
we don't need them for the playbook in question.

Add two roles, one to install a set of ansible roles needed by
the host in question, and the other to encapsulate the sequence
of running puppet, which now includes installing the puppet
role, installing puppet, disabling the puppet agent and then
running puppet.

As a followup, we'll do the same thing with the puppet modules,
so that we arent' cloning and rsyncing ALL of the puppet modules
all the time no matter what.

Change-Id: I69a2e99e869ee39a3da573af421b18ad93056d5b
2020-04-30 12:39:12 -05:00

3127 lines
100 KiB
YAML
Raw Blame History

# Image building jobs
- secret:
name: system-config-dockerhub
data:
username: opendevzuul
password: !encrypted/pkcs1-oaep
- FF2mwsdYo4b9QI/kEmeFdZS32I+OJUac2xy4JEQJaIevRK9E3rQ/11cBn7xX6zelA/htY
hENMM1gGTYO8BKgTVNijFfCiVCTYFJ9efsOrSeMdj2aLcq/OkZFeq8gMHAZDv+3qaiggq
hbDmldgSouNahhJByWMsDjYqnItfR8w1dYisNQBkDEJdNW5+Cin5WgHRYv2skui9pjumU
vWHjwLbITLEjb0hwVErggAzvED4x0UjNEMfb6KCpoXeKdlCaI8h1DXVD9RdQ4s1WvUCro
xwl4AIUyCmdtXbqW787PQ4j8BgdOi8RD40ZTSxpoV/bwT+/NrP3Jj2KVYdEKQJimzXnwL
goDclapu9aFrAaqwWSnWCRc7GQptSZ7DBXmA7MsNinBclWHX/chX5k9Q1+XifAhmKJZqP
ovkzEGtmUjTQZFjvuCtFxIWZEGVtGHDmgEkzevgVCeuHDTeIDlkAvA3+TT+/A70zyYdbP
EHOTSSjCU6RSlJxAXjNb5pzKjpeT7PyX2f4/8Zn3JnwTlfPJ0C7qdEYjQ54hbsKynjrpQ
7f6NN9pAeQS1pid5J7oH4f7YaKM78pnhoTxRl3LmeitIlAG+zCpiT4J+se2eG27ep4aUA
bYuO0L+KBosY6DcvEbR9TqkYLPgJuEPi/6SQr9bBOldEspXXAv9msyCB4VMhVU=
- job:
name: system-config-build-image
parent: opendev-build-docker-image
dependencies: opendev-buildset-registry
abstract: true
vars:
docker_mirror_base_url: "http://{{ zuul_site_mirror_fqdn }}/deb-docker"
zuul_work_dir: /home/zuul/src/opendev.org/opendev/system-config
- job:
name: system-config-upload-image
parent: opendev-upload-docker-image
dependencies: opendev-buildset-registry
abstract: true
vars:
zuul_work_dir: /home/zuul/src/opendev.org/opendev/system-config
secrets:
name: docker_credentials
secret: system-config-dockerhub
pass-to-parent: true
- job:
name: system-config-promote-image
parent: opendev-promote-docker-image
abstract: true
secrets:
name: docker_credentials
secret: system-config-dockerhub
pass-to-parent: true
# Jinja-init jobs
- job:
name: system-config-build-image-jinja-init
description: Build a jinja-init image.
parent: system-config-build-image
requires: python-base-3.7-container-image
provides: jinja-init-container-image
vars: &jinja-init_vars
docker_images:
- context: docker/jinja-init
target: jinja-init
repository: opendevorg/jinja-init
files: &jinja-init_files
- docker/jinja-init/
- docker/python-base/
- job:
name: system-config-upload-image-jinja-init
description: Build and upload a jinja-init image.
parent: system-config-upload-image
requires: python-base-3.7-container-image
provides: jinja-init-container-image
vars: *jinja-init_vars
files: *jinja-init_files
- job:
name: system-config-promote-image-jinja-init
description: Promote a previously published jinja-init image to latest.
parent: system-config-promote-image
vars: *jinja-init_vars
files: *jinja-init_files
# Gitea-init jobs
- job:
name: system-config-build-image-gitea-init
description: Build a gitea-init image.
parent: system-config-build-image
requires: jinja-init-container-image
vars: &gitea-init_vars
docker_images:
- context: docker/gitea-init
target: gitea-init
repository: opendevorg/gitea-init
files: &gitea-init_files
- docker/gitea-init/
- docker/jinja-init/
- docker/python-base/
- job:
name: system-config-upload-image-gitea-init
description: Build and upload a gitea-init image.
parent: system-config-upload-image
requires: jinja-init-container-image
vars: *gitea-init_vars
files: *gitea-init_files
- job:
name: system-config-promote-image-gitea-init
description: Promote a previously published gitea-init image to latest.
parent: system-config-promote-image
vars: *gitea-init_vars
files: *gitea-init_files
# Gitea jobs
- job:
name: system-config-build-image-gitea
description: Build a gitea image.
parent: system-config-build-image
vars: &gitea_vars
docker_images:
- context: docker/gitea
target: gitea
repository: opendevorg/gitea
- context: docker/gitea
target: gitea-openssh
repository: opendevorg/gitea-openssh
# Duplicate in the run-gitea job
files: &gitea_files
- docker/gitea/
- job:
name: system-config-upload-image-gitea
description: Build and upload a gitea image.
parent: system-config-upload-image
vars: *gitea_vars
files: *gitea_files
- job:
name: system-config-promote-image-gitea
description: Promote a previously published gitea image to latest.
parent: system-config-promote-image
vars: *gitea_vars
files: *gitea_files
# Etherpad jobs
- job:
name: system-config-build-image-etherpad
description: Build a etherpad image.
provides: etherpad-container-image
parent: system-config-build-image
vars: &etherpad_vars
docker_images:
- context: docker/etherpad
repository: opendevorg/etherpad
files: &etherpad_files
- docker/etherpad/
- job:
name: system-config-upload-image-etherpad
description: Build and upload a etherpad image.
provides: etherpad-container-image
parent: system-config-upload-image
vars: *etherpad_vars
files: *etherpad_files
- job:
name: system-config-promote-image-etherpad
description: Promote a previously published etherpad image to latest.
parent: system-config-promote-image
vars: *etherpad_vars
files: *etherpad_files
# Jitsi-meet jobs
- job:
name: system-config-build-image-jitsi-meet
description: Build jitsi-meet images.
parent: system-config-build-image
provides: jitsi-meet-container-image
vars: &jitsi-meet_vars
docker_images:
- context: docker/jitsi-meet
target: web
repository: opendevorg/jitsi-meet-web
- context: docker/jitsi-meet
target: prosody
repository: opendevorg/jitsi-meet-prosody
files: &jitsi-meet_files
- docker/jitsi-meet/
- job:
name: system-config-upload-image-jitsi-meet
description: Build and upload a jitsi-meet image.
parent: system-config-upload-image
requires: python-base-container-image
provides: jitsi-meet-container-image
vars: *jitsi-meet_vars
files: *jitsi-meet_files
- job:
name: system-config-promote-image-jitsi-meet
description: Promote a previously published jitsi-meet image to latest.
parent: system-config-promote-image
vars: *jitsi-meet_vars
files: *jitsi-meet_files
# Haproxy-statsd jobs
- job:
name: system-config-build-image-haproxy-statsd
description: Build a haproxy-statsd image.
parent: system-config-build-image
requires: python-base-3.7-container-image
vars: &haproxy-statsd_vars
docker_images:
- context: docker/haproxy-statsd
repository: opendevorg/haproxy-statsd
# Duplicate in the run-gitea job
files: &haproxy-statsd_files
- docker/haproxy-statsd/
- docker/python-base/
- job:
name: system-config-upload-image-haproxy-statsd
description: Build and upload a haproxy-statsd image.
parent: system-config-upload-image
requires: python-base-3.7-container-image
vars: *haproxy-statsd_vars
files: *haproxy-statsd_files
- job:
name: system-config-promote-image-haproxy-statsd
description: Promote a previously published haproxy-statsd image to latest.
parent: system-config-promote-image
vars: *haproxy-statsd_vars
files: *haproxy-statsd_files
# accessbot jobs
- job:
name: system-config-build-image-accessbot
description: Build a accessbot image.
parent: system-config-build-image
requires: python-base-3.7-container-image
provides: accessbot-container-image
vars: &accessbot_vars
docker_images:
- context: docker/accessbot
repository: opendevorg/accessbot
files: &accessbot_files
- docker/accessbot/
- docker/python-base/
- job:
name: system-config-upload-image-accessbot
description: Build and upload a accessbot image.
parent: system-config-upload-image
requires: python-base-3.7-container-image
provides: accessbot-container-image
vars: *accessbot_vars
files: *accessbot_files
- job:
name: system-config-promote-image-accessbot
description: Promote a previously published accessbot image to latest.
parent: system-config-promote-image
vars: *accessbot_vars
files: *accessbot_files
# Gerrit 2.13 jobs
- job:
name: system-config-build-image-gerrit-2.13
description: Build a gerrit 2.13 image.
parent: system-config-build-image
requires: gerrit-base-container-image
provides: gerrit-2.13-container-image
required-projects: &gerrit_projects_2_13
- name: opendev/system-config
override-checkout: master
vars: &gerrit_vars_2_13
docker_images:
# The 2.13 image doesn't build from source, but from existing war file
- context: docker/gerrit/2.13
repository: opendevorg/gerrit
path: /home/zuul/src/opendev.org/opendev/system-config
tags:
- 2.13
files: &gerrit_files_2_13
- docker/gerrit/base/
- docker/gerrit/2.13/
- jeepyb/
- job:
name: system-config-upload-image-gerrit-2.13
description: Build and upload a gerrit 2.13 image.
parent: system-config-upload-image
requires: gerrit-base-container-image
provides: gerrit-2.13-container-image
required-projects: *gerrit_projects_2_13
vars: *gerrit_vars_2_13
files: *gerrit_files_2_13
- job:
name: system-config-promote-image-gerrit-2.13
description: Promote a previously published gerrit 2.13 image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_13
files: *gerrit_files_2_13
# Gerrit 2.14 jobs
- job:
name: system-config-build-image-gerrit-2.14
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-2.14-container-image
required-projects: &gerrit_projects_2_14
- name: opendev/system-config
override-checkout: master
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-2.14
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-2.14
vars: &gerrit_vars_2_14
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 2.14
files: &gerrit_files_2_14
- docker/gerrit/base/
- docker/gerrit/bazel/
- playbooks/zuul/gerrit/
- jeepyb/
- job:
name: system-config-upload-image-gerrit-2.14
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-2.14-container-image
required-projects: *gerrit_projects_2_14
vars: *gerrit_vars_2_14
files: *gerrit_files_2_14
- job:
name: system-config-promote-image-gerrit-2.14
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_14
files: *gerrit_files_2_14
# Gerrit 2.15 jobs
- job:
name: system-config-build-image-gerrit-2.15
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-2.15-container-image
required-projects: &gerrit_projects_2_15
- name: opendev/system-config
override-checkout: master
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-2.15
vars: &gerrit_vars_2_15
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 2.15
files: &gerrit_files_2_15
- docker/gerrit/base/
- docker/gerrit/bazel/
- playbooks/zuul/gerrit/
- jeepyb/
- job:
name: system-config-upload-image-gerrit-2.15
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-2.15-container-image
required-projects: *gerrit_projects_2_15
vars: *gerrit_vars_2_15
files: *gerrit_files_2_15
- job:
name: system-config-promote-image-gerrit-2.15
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_15
files: *gerrit_files_2_15
# Gerrit 2.16 jobs
- job:
name: system-config-build-image-gerrit-2.16
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-2.16-container-image
required-projects: &gerrit_projects_2_16
- name: opendev/system-config
override-checkout: master
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/codemirror-editor
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-2.16
vars: &gerrit_vars_2_16
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 2.16
gerrit_additional_plugins:
- codemirror-editor
files: &gerrit_files_2_16
- docker/gerrit/base/
- docker/gerrit/bazel/
- playbooks/zuul/gerrit/
- jeepyb/
- job:
name: system-config-upload-image-gerrit-2.16
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-2.16-container-image
required-projects: *gerrit_projects_2_16
vars: *gerrit_vars_2_16
files: *gerrit_files_2_16
- job:
name: system-config-promote-image-gerrit-2.16
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_16
files: *gerrit_files_2_16
# Gerrit 3.0 jobs
- job:
name: system-config-build-image-gerrit-3.0
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-3.0-container-image
required-projects: &gerrit_projects_3_0
- name: opendev/system-config
override-checkout: master
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/codemirror-editor
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/delete-project
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/gitiles
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/plugin-manager
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/webhooks
override-checkout: stable-3.0
vars: &gerrit_vars_3_0
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 3.0
gerrit_additional_plugins:
- codemirror-editor
- delete-project
- gitiles
- plugin-manager
- webhooks
files: &gerrit_files_3_0
- docker/gerrit/base/
- docker/gerrit/bazel/
- playbooks/zuul/gerrit/
- jeepyb/
- job:
name: system-config-upload-image-gerrit-3.0
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-3.0-container-image
required-projects: *gerrit_projects_3_0
vars: *gerrit_vars_3_0
files: *gerrit_files_3_0
- job:
name: system-config-promote-image-gerrit-3.0
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_3_0
files: *gerrit_files_3_0
# Gerrit master jobs
- job:
name: system-config-build-image-gerrit-master-base
description: |
Build a gerrit image.
This job has no files matchers so it can be used in other repos.
parent: system-config-build-image
pre-run:
- playbooks/zuul/gerrit/repos.yaml
- playbooks/zuul/gerrit/submodules.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-master-container-image
required-projects: &gerrit_projects_master
- opendev/system-config
- gerrit.googlesource.com/jgit
- gerrit.googlesource.com/gerrit
- gerrit.googlesource.com/plugins/checks
- gerrit.googlesource.com/plugins/codemirror-editor
- gerrit.googlesource.com/plugins/commit-message-length-validator
- gerrit.googlesource.com/plugins/delete-project
- gerrit.googlesource.com/plugins/download-commands
- gerrit.googlesource.com/plugins/gitiles
- gerrit.googlesource.com/plugins/hooks
- gerrit.googlesource.com/plugins/its-base
- gerrit.googlesource.com/plugins/its-storyboard
- gerrit.googlesource.com/plugins/javamelody
- gerrit.googlesource.com/plugins/plugin-manager
- gerrit.googlesource.com/plugins/replication
- gerrit.googlesource.com/plugins/reviewnotes
- gerrit.googlesource.com/plugins/singleusergroup
- gerrit.googlesource.com/plugins/webhooks
- gerrit.googlesource.com/polymer-bridges
vars: &gerrit_vars_master
zuul_work_dir: src/opendev.org/opendev/system-config
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- master
gerrit_additional_plugins:
- checks
- codemirror-editor
- delete-project
- gitiles
- plugin-manager
- webhooks
- job:
name: system-config-build-image-gerrit-master
description: |
Build a gerrit image.
This job is used in system-config.
parent: system-config-build-image-gerrit-master-base
files: &gerrit_files_master
- docker/gerrit/base/
- docker/gerrit/bazel/
- playbooks/zuul/gerrit/
- jeepyb/
- job:
name: system-config-upload-image-gerrit-master
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run:
- playbooks/zuul/gerrit/repos.yaml
- playbooks/zuul/gerrit/submodules.yaml
run: playbooks/zuul/gerrit/run.yaml
requires: gerrit-base-container-image
provides: gerrit-master-container-image
required-projects: *gerrit_projects_master
vars: *gerrit_vars_master
files: *gerrit_files_master
- job:
name: system-config-promote-image-gerrit-master
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_master
files: *gerrit_files_master
# python-builder-3.7 jobs
- job:
name: system-config-build-image-python-builder-3.7
description: Build a python-builder-3.7 image.
parent: system-config-build-image
provides:
- python-builder-container-image
- python-builder-3.7-container-image
vars: &python-builder_3_7_vars
docker_images:
- context: docker/python-builder
repository: opendevorg/python-builder
tags:
- 3.7
- latest
build_args:
- PYTHON_VERSION=3.7
files: &python-builder_3_7_files
- docker/python-base/
- docker/python-builder/
- job:
name: system-config-upload-image-python-builder-3.7
description: Build and upload a python-builder-3.7 image.
parent: system-config-upload-image
provides:
- python-builder-container-image
- python-builder-3.7-container-image
vars: *python-builder_3_7_vars
files: *python-builder_3_7_files
- job:
name: system-config-promote-image-python-builder-3.7
description: Promote a previously published python-builder-3.7 image to latest.
parent: system-config-promote-image
vars: *python-builder_3_7_vars
files: *python-builder_3_7_files
# python-builder-3.8 jobs
- job:
name: system-config-build-image-python-builder-3.8
description: Build a python-builder-3.8 image.
parent: system-config-build-image
provides:
- python-builder-3.8-container-image
vars: &python-builder_3_8_vars
docker_images:
- context: docker/python-builder
repository: opendevorg/python-builder
tags:
- 3.8
build_args:
- PYTHON_VERSION=3.8
files: &python-builder_3_8_files
- docker/python-base/
- docker/python-builder/
- job:
name: system-config-upload-image-python-builder-3.8
description: Build and upload a python-builder-3.8 image.
parent: system-config-upload-image
provides: python-builder-3.8-container-image
vars: *python-builder_3_8_vars
files: *python-builder_3_8_files
- job:
name: system-config-promote-image-python-builder-3.8
description: Promote a previously published python-builder-3.8 image to latest.
parent: system-config-promote-image
vars: *python-builder_3_8_vars
files: *python-builder_3_8_files
# python-base-3.7 jobs
- job:
name: system-config-build-image-python-base-3.7
description: Build a python-base-3.7 image.
parent: system-config-build-image
provides:
- python-base-container-image
- python-base-3.7-container-image
vars: &python-base-3_7_vars
docker_images:
- context: docker/python-base
repository: opendevorg/python-base
tags:
- 3.7
- latest
build_args:
- PYTHON_VERSION=3.7
files: &python-base-3_7_files
- docker/python-base/
- docker/python-builder/
- job:
name: system-config-upload-image-python-base-3.7
description: Build and upload a python-base-3.7 image.
parent: system-config-upload-image
provides: python-base-3.7-container-image
vars: *python-base-3_7_vars
files: *python-base-3_7_files
- job:
name: system-config-promote-image-python-base-3.7
description: Promote a previously published python-base-3.7 image to latest.
parent: system-config-promote-image
vars: *python-base-3_7_vars
files: *python-base-3_7_files
# python-base-3.8 jobs
- job:
name: system-config-build-image-python-base-3.8
description: Build a python-base-3.8 image.
parent: system-config-build-image
provides: python-base-3.8-container-image
vars: &python-base-3_8_vars
docker_images:
- context: docker/python-base
repository: opendevorg/python-base
tags:
- 3.8
build_args:
- PYTHON_VERSION=3.8
files: &python-base-3_8_files
- docker/python-base/
- docker/python-builder/
- job:
name: system-config-upload-image-python-base-3.8
description: Build and upload a python-base-3.8 image.
parent: system-config-upload-image
provides: python-base-3.8-container-image
vars: *python-base-3_8_vars
files: *python-base-3_8_files
- job:
name: system-config-promote-image-python-base-3.8
description: Promote a previously published python-base-3.8 image to latest.
parent: system-config-promote-image
vars: *python-base-3_8_vars
files: *python-base-3_8_files
# uwsgi-base-3.7 jobs
- job:
name: system-config-build-image-uwsgi-base-3.7
description: Build a uwsgi-base-3.7 image.
parent: system-config-build-image
requires: &uwsgi-base_3_7_requires
- python-base-3.7-container-image
- python-builder-3.7-container-image
provides: uwsgi-base-3.7-container-image
dependencies:
- name: system-config-build-image-python-base-3.7
soft: true
- name: system-config-build-image-python-builder-3.7
soft: true
vars: &uwsgi-base_3_7_vars
docker_images:
- context: docker/uwsgi-base
repository: opendevorg/uwsgi-base
tags:
- 3.7
- latest
build_args:
- PYTHON_VERSION=3.7
files: &uwsgi-base_3_7_files
- docker/python-base/.*
- docker/python-builder/.*
- docker/uwsgi-base/.*
- job:
name: system-config-upload-image-uwsgi-base-3.7
description: Build and upload a uwsgi-base-3.7 image.
parent: system-config-upload-image
provides: uwsgi-base-3.7-container-image
requires: *uwsgi-base_3_7_requires
dependencies:
- name: system-config-upload-image-python-base-3.7
soft: true
- name: system-config-upload-image-python-builder-3.7
soft: true
vars: *uwsgi-base_3_7_vars
files: *uwsgi-base_3_7_files
- job:
name: system-config-promote-image-uwsgi-base-3.7
description: Promote a previously published uwsgi-base-3.7 image to latest.
parent: system-config-promote-image
vars: *uwsgi-base_3_7_vars
files: *uwsgi-base_3_7_files
# uwsgi-base-3.8 jobs
- job:
name: system-config-build-image-uwsgi-base-3.8
description: Build a uwsgi-base-3.8 image.
parent: system-config-build-image
provides: uwsgi-base-3.8-container-image
requires: &uwsgi-base_3_8_requires
- python-base-3.8-container-image
- python-builder-3.8-container-image
dependencies:
- name: system-config-build-image-python-base-3.8
soft: true
- name: system-config-build-image-python-builder-3.8
soft: true
vars: &uwsgi-base_3_8_vars
docker_images:
- context: docker/uwsgi-base
repository: opendevorg/uwsgi-base
tags:
- 3.8
build_args:
- PYTHON_VERSION=3.8
files: &uwsgi-base_3_8_files
- docker/python-base/.*
- docker/python-builder/.*
- docker/uwsgi-base/.*
- job:
name: system-config-upload-image-uwsgi-base-3.8
description: Build and upload a uwsgi-base-3.8 image.
parent: system-config-upload-image
provides: uwsgi-base-3.8-container-image
requires: *uwsgi-base_3_8_requires
dependencies:
- name: system-config-upload-image-python-base-3.8
soft: true
- name: system-config-upload-image-python-builder-3.8
soft: true
vars: *uwsgi-base_3_8_vars
files: *uwsgi-base_3_8_files
- job:
name: system-config-promote-image-uwsgi-base-3.8
description: Promote a previously published uwsgi-base-3.8 image to latest.
parent: system-config-promote-image
vars: *uwsgi-base_3_8_vars
files: *uwsgi-base_3_8_files
# gerrit-base jobs
- job:
name: system-config-build-image-gerrit-base
description: Build a gerrit-base image.
parent: system-config-build-image
required-projects: &gerrit_base_projects
- opendev/jeepyb
- opendev/system-config
requires: python-builder-3.7-container-image
provides: gerrit-base-container-image
vars: &gerrit-base_vars
docker_images:
- context: docker/gerrit/base
repository: opendevorg/gerrit-base
path: /home/zuul/src/opendev.org/opendev/jeepyb
files: &gerrit-base_files
- docker/gerrit/base/
- job:
name: system-config-upload-image-gerrit-base
description: Build and upload a gerrit-base image.
parent: system-config-upload-image
requires: python-builder-3.7-container-image
provides: gerrit-base-container-image
required-projects: *gerrit_base_projects
vars: *gerrit-base_vars
files: *gerrit-base_files
- job:
name: system-config-promote-image-gerrit-base
description: Promote a previously published gerrit-base image to latest.
parent: system-config-promote-image
required-projects: *gerrit_base_projects
vars: *gerrit-base_vars
files: *gerrit-base_files
# Role integration jobs. These test the top-level generic roles/*
# under Zuul. The range of platforms should be the same as those for
# openstack-zuul-jobs.
#
# NOTE(ianw): 2018-08 have left off Fedora & OpenSUSE because
# no roles currently run on them.
- job:
name: system-config-zuul-role-integration
description: Test roles provided by system-config with Zuul.
abstract: true
parent: base
run: roles-test/base.yaml
files:
- roles/
- job:
name: system-config-zuul-role-integration-xenial
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: ubuntu-xenial
- name: puppet4
label: ubuntu-xenial
groups:
- name: puppet3
nodes:
- base
- name: openafs
nodes:
- base
- job:
name: system-config-zuul-role-integration-bionic
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: ubuntu-bionic
groups:
- name: puppet5
nodes:
- base
- name: openafs
nodes:
- base
- job:
name: system-config-zuul-role-integration-debian-stable
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: debian-stretch
groups:
- name: openafs
nodes:
- base
- job:
name: system-config-zuul-role-integration-centos-8
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: centos-8
groups:
- name: openafs
nodes:
- base
- project-template:
name: system-config-zuul-role-integration
check:
jobs:
- system-config-zuul-role-integration-xenial
- system-config-zuul-role-integration-bionic
- system-config-zuul-role-integration-debian-stable
- system-config-zuul-role-integration-centos-8
gate:
jobs:
- system-config-zuul-role-integration-xenial
- system-config-zuul-role-integration-bionic
- system-config-zuul-role-integration-debian-stable
- system-config-zuul-role-integration-centos-8
- job:
name: system-config-run
description: |
Run the "base" playbook for system-config hosts.
This is a parent job designed to be inherited.
abstract: true
pre-run: playbooks/zuul/run-base-pre.yaml
run: playbooks/zuul/run-base.yaml
post-run: playbooks/zuul/run-base-post.yaml
vars:
install_ansible_ara_enable: true
zuul_copy_output: "{{ copy_output | combine(host_copy_output | default({})) }}"
stage_dir: "{{ ansible_user_dir }}/zuul-output"
copy_output:
'/var/log/syslog': logs_txt
'/var/log/messages': logs_txt
'/var/log/docker': logs
host-vars:
bridge.openstack.org:
host_copy_output:
'{{ zuul.project.src_dir }}/junit.xml': logs
# Note: the following two jobs implement the variant-based multiple
# inheritance trick. Both of these variants will always apply,
# therefore both parents will appear in the inheritance hierarchy).
- job:
name: system-config-run-containers
parent: system-config-run
# Note: see above re multiple-inheritance.
- job:
name: system-config-run-containers
parent: opendev-buildset-registry-consumer
description: |
Run the "base" playbook for system-config hosts which use
containers.
This is a parent job designed to be inherited. Use this job if
the service in question is container-based. It expects a
buildset registry and pulls images from the intermediate
registry.
- job:
name: system-config-run-base
parent: system-config-run
description: |
Run the "base" playbook on each of the node types
currently in use.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: xenial
label: ubuntu-xenial
- name: bionic
label: ubuntu-bionic
files:
- playbooks/
- roles/
- testinfra/
- job:
name: system-config-run-base-ansible-devel
parent: system-config-run-base
description: |
Run the base playbook with the latest ansible.
required-projects:
- name: github.com/ansible/ansible
override-checkout: devel
- name: github.com/philpep/testinfra
- name: openstack/openstacksdk
- name: recordsansible/ara
# NOTE(ianw): 2019-06-11 pinned to stable branch until we handle 1.0
# http://lists.openstack.org/pipermail/openstack-infra/2019-June/006400.html
override-checkout: stable/0.x
vars:
bridge_ansible_name: '{{ ansible_user_dir}}/src/github.com/ansible/ansible'
bridge_ansible_version: null
bridge_openstacksdk_name: '{{ ansible_user_dir }}/src/opendev.org/openstack/openstacksdk'
bridge_openstacksdk_version: null
bridge_ara_name: '{{ ansible_user_dir}}/src/opendev.org/recordsansible/ara'
bridge_ara_version: null
- job:
name: system-config-run-eavesdrop
parent: system-config-run-containers
description: |
Run the playbook for an eavesdrop server.
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
requires: accessbot-container-image
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: eavesdrop01.openstack.org
label: ubuntu-xenial
vars:
run_playbooks:
- playbooks/service-eavesdrop.yaml
files:
- playbooks/service-eavesdrop.yaml
- playbooks/run-accessbot.yaml
- playbooks/group_vars/eavesdrop.yaml
- playbooks/group_vars/puppet.yaml
- playbooks/roles/zuul-user
- playbooks/roles/install-docker
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- playbooks/roles/accessbot
- playbooks/roles/logrotate
- modules/openstack_project/manifests/eavesdrop.pp
- manifests/eavesdrop.pp
- docker/accessbot/
- testinfra/test_eavesdrop.py
- job:
name: system-config-run-codesearch
parent: system-config-run
description: |
Run the playbook for an codesearch server.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: codesearch01.openstack.org
label: ubuntu-xenial
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
files:
- playbooks/install-ansible.yaml
- playbooks/service-codesearch.yaml
- playbooks/group_vars/puppet.yaml
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/sync-project-config
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- modules/openstack_project/manifests/codesearch.pp
- modules/openstack_project/files/resync-hound-config.sh
- manifests/codesearch.pp
vars:
run_playbooks:
- playbooks/service-codesearch.yaml
- job:
name: system-config-run-letsencrypt
parent: system-config-run
description: |
Run the playbook for letsencrypt key acquisition
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: adns-letsencrypt.opendev.org
label: ubuntu-bionic
- name: letsencrypt01.opendev.org
label: ubuntu-bionic
- name: letsencrypt02.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-nameserver.yaml
- playbooks/service-letsencrypt.yaml
host-vars:
letsencrypt01.opendev.org:
host_copy_output:
'/var/log/acme.sh': logs
letsencrypt02.opendev.org:
host_copy_output:
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- playbooks/group_vars/letsencrypt.yaml
- playbooks/roles/letsencrypt
- job:
name: system-config-run-lists
parent: system-config-run
description: |
Run the playbook for a list server.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: lists.openstack.org
label: ubuntu-xenial
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
files:
- playbooks/install-ansible.yaml
- modules/openstack_project/manifests/lists.pp
- playbooks/host_vars/lists.openstack.org.yaml
- playbooks/group_vars/puppet
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- roles/exim
vars:
run_playbooks:
- playbooks/remote_puppet_else.yaml
- job:
name: system-config-run-nodepool
parent: system-config-run
description: |
Run the playbook for nodepool.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zk01.opendev.org
label: ubuntu-bionic
- name: nl01.openstack.org
label: ubuntu-xenial
- name: nb01.openstack.org
label: ubuntu-xenial
- name: nb04.opendev.org
label: ubuntu-bionic
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
host-vars:
nl01.openstack.org:
host_copy_output:
'/etc/nodepool/nodepool.yaml': logs
nb01.openstack.org:
host_copy_output:
'/etc/nodepool/nodepool.yaml': logs
nb04.opendev.org:
host_copy_output:
'/etc/nodepool/nodepool.yaml': logs
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-nodepool.yaml
- playbooks/remote_puppet_else.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/group_vars/nodepool.yaml
- playbooks/group_vars/nodepool-builder.yaml
- playbooks/group_vars/nodepool-launcher.yaml
- playbooks/group_vars/puppet
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/configure-openstacksdk/
- playbooks/roles/nodepool
- playbooks/templates/clouds/
- testinfra/test_nodepool.py
- job:
name: system-config-run-dns
parent: system-config-run
description: |
Run the playbook for dns.
required-projects:
- opendev/zone-opendev.org
- opendev/zone-zuul-ci.org
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: adns1.opendev.org
label: ubuntu-bionic
- name: ns1.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-nameserver.yaml
host-vars:
adns1.opendev.org:
host_copy_output:
'/etc/bind/named.conf': logs
'/var/lib/bind/zones': logs
files:
- playbooks/install-ansible.yaml
- playbooks/group_vars/adns.yaml
- playbooks/group_vars/dns.yaml
- playbooks/host_vars/(ad)?ns\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/adns.yaml.j2
- playbooks/zuul/templates/group_vars/ns.yaml.j2
- playbooks/roles/master-nameserver/
- playbooks/roles/nameserver/
- testinfra/test_adns.py
- testinfra/test_ns.py
- job:
name: system-config-run-backup
parent: system-config-run
description: |
Run the playbook for backup configuration
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: backup01.region.provider.opendev.org
label: ubuntu-bionic
- name: backup-test01.opendev.org
label: ubuntu-bionic
- name: backup-test02.opendev.org
label: ubuntu-xenial
vars:
run_playbooks:
- playbooks/service-backup.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/roles/backup
- playbooks/zuul/templates/host_vars/backup
- testinfra/test_backups.py
- job:
name: system-config-run-mirror-base
parent: system-config-run
abstract: true
description: |
Run the playbook for a mirror node
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-mirror.yaml
host-vars:
mirror01.openafs.provider.opendev.org:
host_copy_output:
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- roles/
- playbooks/group_vars/mirror_opendev.yaml
- playbooks/roles/mirror/
- playbooks/roles/letsencrypt
- playbooks/service-letsencrypt.yaml
- playbooks/service-mirror.yaml
- playbooks/zuul/templates/group_vars/mirror_opendev.yaml.j2
- testinfra/test_mirror.py
- job:
name: system-config-run-mirror-x86
parent: system-config-run-mirror-base
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: mirror01.openafs.provider.opendev.org
label: ubuntu-bionic
- job:
name: system-config-run-mirror-arm64
parent: system-config-run-mirror-base
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic-arm64
- name: mirror01.openafs.provider.opendev.org
label: ubuntu-bionic-arm64
- job:
name: system-config-run-mirror-update
parent: system-config-run
description: |
Run the playbook for a mirror update node
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: mirror-update01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-mirror-update.yaml
files:
- playbooks/install-ansible.yaml
- roles/
- playbooks/roles/mirror-update/
- playbooks/service-mirror-update.yaml
- testinfra/test_mirror-update.py
- job:
name: system-config-run-docker-registry
parent: system-config-run
description: |
Run the playbook for the docker registry.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: insecure-ci-registry01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-registry.yaml
host-vars:
insecure-ci-registry01.opendev.org:
host_copy_output:
'/var/registry/auth': logs
'/var/registry/certs': logs
files:
- playbooks/install-ansible.yaml
- playbooks/group_vars/registry.yaml
- playbooks/host_vars/insecure-ci-registry\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/registry.yaml.j2
- playbooks/roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
- playbooks/roles/registry/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- testinfra/test_registry.py
- job:
name: system-config-run-etherpad
parent: system-config-run-containers
description: |
Run the playbook for the etherpad servers.
timeout: 3600
requires: etherpad-container-image
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: etherpad01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-etherpad.yaml
files:
- playbooks/bridge.yaml
- playbooks/service-letsencrypt.yaml
- playbooks/service-etherpad.yaml
- playbooks/roles/etherpad/
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- docker/etherpad/
- job:
name: system-config-run-gitea
parent: system-config-run-containers
description: |
Run the playbook for the gitea servers.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: gitea-lb01.opendev.org
label: ubuntu-bionic
- name: gitea99.opendev.org
label: ubuntu-bionic
required-projects:
- openstack/project-config
- opendev/system-config
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-gitea-lb.yaml
- playbooks/service-gitea.yaml
- playbooks/manage-projects.yaml
run_test_playbook: playbooks/test-gitea.yaml
host-vars:
gitea99.opendev.org:
host_copy_output:
'/var/gitea/conf': logs
'/var/gitea/certs': logs
'/var/gitea/logs': logs
gitea-lb01.opendev.org:
host_copy_output:
'/var/haproxy/etc': logs
files:
- playbooks/install-ansible.yaml
- playbooks/service-letsencrypt.yaml
- playbooks/service-gitea-lb.yaml
- playbooks/service-gitea.yaml
- playbooks/manage-projects.yaml
- playbooks/test-gitea.yaml
- playbooks/group_vars/gitea.yaml
- playbooks/group_vars/gitea-lb.yaml
- playbooks/host_vars/gitea
- playbooks/zuul/templates/group_vars/gitea.yaml.j2
- playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/letsencrypt
- playbooks/roles/gerrit/
- playbooks/roles/gitea/
- playbooks/roles/gitea-git-repos/
- playbooks/roles/haproxy/
- playbooks/roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
- testinfra/test_gitea.py
- testinfra/test_gitea_lb.py
# From gitea_files -- If we rebuild the image, we want to run
# this job as well.
- docker/gitea/
# From haproxy-statsd_files -- If we rebuild the image, we want
# to run this job as well.
- docker/haproxy-statsd/
- job:
name: system-config-run-meetpad
parent: system-config-run-containers
requires: jitsi-meet-container-image
description: |
Run the playbook for jitsi-meet.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: meetpad01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-meetpad.yaml
host-vars:
meetpad01.opendev.org:
host_copy_output:
'/var/jitsi-meet': logs
files:
- playbooks/install-ansible.yaml
- playbooks/group_vars/meetpad.yaml
- playbooks/host_vars/meetpad\d+.opendev.org.yaml
- playbooks/roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
- playbooks/roles/jitsi-meet/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/zuul/templates/group_vars/meetpad.yaml.j2
- testinfra/test_meetpad.py
- job:
name: system-config-run-zookeeper
parent: system-config-run
description: |
Run the playbook for the zookeeper cluster.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zk01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-zookeeper.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/group_vars/zookeeper.yaml
- ^playbooks/host_vars/zk\d+\..*
- playbooks/roles/zookeeper/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- testinfra/test_zookeeper.py
- job:
name: system-config-run-zuul-preview
parent: system-config-run
description: |
Run the playbook for the zuul-preview service.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zp01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-zuul-preview.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/roles/zuul-preview/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- testinfra/test_zuul_preview.py
- job:
name: system-config-run-zuul
parent: system-config-run
description: |
Run the playbook for the main Zuul cluster.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zk01.opendev.org
label: ubuntu-bionic
- name: zm01.openstack.org
label: ubuntu-xenial
- name: ze01.openstack.org
label: ubuntu-xenial
- name: zuul01.openstack.org
label: ubuntu-xenial
required-projects:
- openstack/project-config
- opendev/system-config
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-zuul.yaml
host-vars:
zm01.openstack.org:
host_copy_output:
'/etc/zuul/zuul.conf': logs
ze01.openstack.org:
host_copy_output:
'/etc/zuul/zuul.conf': logs
zuul01.openstack.org:
host_copy_output:
'/etc/zuul/zuul.conf': logs
files:
- playbooks/install-ansible.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-zuul.yaml
- playbooks/group_vars/zuul
- playbooks/group_vars/zookeeper.yaml
- playbooks/host_vars/zk\d+
- playbooks/host_vars/zuul01.openstack.org
- playbooks/roles/zookeeper/
- playbooks/roles/zuul
- job:
name: system-config-run-review
parent: system-config-run-containers
description: |
Run the playbook for gerrit (in a container).
requires: gerrit-2.13-container-image
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: review01.openstack.org
label: ubuntu-xenial
- name: review-dev01.opendev.org
label: ubuntu-xenial
required-projects:
- openstack/project-config
- opendev/system-config
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-review-dev.yaml
- playbooks/service-review.yaml
host-vars:
review-dev01.opendev.org:
host_copy_output:
'/home/gerrit2/review_site/etc': logs
'/home/gerrit2/review_site/logs': logs
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
review01.openstack.org:
host_copy_output:
'/home/gerrit2/review_site/etc': logs
'/home/gerrit2/review_site/logs': logs
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- playbooks/service-letsencrypt.yaml
- playbooks/service-review.*.yaml
- playbooks/group_vars/review.yaml
- playbooks/host_vars/review\d+.openstack.org.yaml
- playbooks/group_vars/review-dev.yaml
- playbooks/host_vars/review-dev\d+.opendev.org.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/letsencrypt
- playbooks/roles/gerrit/
- playbooks/zuul/templates/group_vars/review-dev.yaml.j2
- playbooks/zuul/templates/group_vars/review.yaml.j2
- testinfra/test_gerrit.py
- job:
name: system-config-run-static
parent: system-config-run
description: |
Run the playbook for a static node.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: static01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-static.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/roles/static/
- playbooks/roles/letsencrypt
- playbooks/service-letsencrypt.yaml
- playbooks/service-static.yaml
- testinfra/test_static.py
host-vars:
static01.opendev.org:
host_copy_output:
'/var/log/acme.sh/': logs
'/etc/apache2/': logs
'/var/log/apache2/': logs
- job:
name: system-config-puppet-apply-4-ubuntu-xenial
# Required to install z-c for puppet module installs.
parent: legacy-base
timeout: 1800
nodeset: ubuntu-xenial
vars:
puppet_version: 4
required-projects:
- opendev/system-config
- opendev/ansible-role-puppet
- opendev/puppet-ansible
- opendev/puppet-apparmor
- opendev/puppet-askbot
- opendev/puppet-asterisk
- opendev/puppet-bandersnatch
- opendev/puppet-bugdaystats
- opendev/puppet-bup
- opendev/puppet-cgit
- opendev/puppet-ciwatch
- opendev/puppet-diskimage_builder
- opendev/puppet-drupal
- opendev/puppet-elastic_recheck
- opendev/puppet-elasticsearch
- opendev/puppet-ethercalc
- opendev/puppet-etherpad_lite
- opendev/puppet-exim
- opendev/puppet-germqtt
- opendev/puppet-gerrit
- opendev/puppet-gerritbot
- opendev/puppet-github
- opendev/puppet-grafyaml
- opendev/puppet-graphite
- opendev/puppet-haveged
- opendev/puppet-hound
- opendev/puppet-httpd
- opendev/puppet-infracloud
- opendev/puppet-infra-cookiecutter
- opendev/puppet-ipsilon
- opendev/puppet-iptables
- opendev/puppet-jeepyb
- opendev/puppet-jenkins
- opendev/puppet-kerberos
- opendev/puppet-kibana
- opendev/puppet-lodgeit
- opendev/puppet-log_processor
- opendev/puppet-logrotate
- opendev/puppet-logstash
- opendev/puppet-lpmqtt
- opendev/puppet-mailman
- opendev/puppet-mediawiki
- opendev/puppet-meetbot
- opendev/puppet-mosquitto
- opendev/puppet-mqtt_statsd
- opendev/puppet-mysql_backup
- opendev/puppet-nodepool
- opendev/puppet-openafs
- opendev/puppet-openstackci
- opendev/puppet-openstack_health
- opendev/puppet-openstackid
- opendev/puppet-openstack_infra_spec_helper
- opendev/puppet-os_client_config
- opendev/puppet-packagekit
- opendev/puppet-pgsql_backup
- opendev/puppet-phabricator
- opendev/puppet-pip
- opendev/puppet-planet
- opendev/puppet-project_config
- opendev/puppet-ptgbot
- opendev/puppet-puppet
- opendev/puppet-redis
- opendev/puppet-refstack
- opendev/puppet-reviewday
- opendev/puppet-simpleproxy
- opendev/puppet-snmpd
- opendev/puppet-ssh
- opendev/puppet-ssl_cert_check
- opendev/puppet-statusbot
- opendev/puppet-storyboard
- opendev/puppet-subunit2sql
- opendev/puppet-sudoers
- opendev/puppet-tmpreaper
- opendev/puppet-translation_checksite
- opendev/puppet-ulimit
- opendev/puppet-unattended_upgrades
- opendev/puppet-unbound
- opendev/puppet-user
- opendev/puppet-vcsrepo
- opendev/puppet-zanata
- opendev/puppet-zuul
pre-run: playbooks/zuul/infra-puppet-apply/pre.yaml
run: playbooks/zuul/infra-puppet-apply/run.yaml
post-run: playbooks/zuul/infra-puppet-apply/post.yaml
irrelevant-files:
- docker/.*
- playbooks/.*
- job:
name: system-config-puppet-beaker-rspec-infra
parent: legacy-base
description: |
Base job for beaker-rspec tests for Infra's puppet modules.
nodeset: ubuntu-xenial
run: playbooks/zuul/infra-puppet-beaker-rspec/run.yaml
vars:
nodeset: nodepool-xenial
project_src_dir: "{{ zuul.project.src_dir }}"
timeout: 3600
irrelevant-files:
- ^.*\.md$
- ^.*\.rst$
- ^doc/.*$
- ^etc/.*$
- ^metadata.json$
- ^releasenotes/.*$
- ^test-requirements.txt$
required-projects:
- openstack/project-config
- opendev/system-config
- opendev/puppet-openstack_infra_spec_helper
- opendev/puppet-bugdaystats
- opendev/puppet-mysql_backup
- opendev/puppet-openstackci
- opendev/puppet-zuul
- opendev/puppet-mqtt_statsd
- opendev/puppet-meetbot
- opendev/puppet-hound
- opendev/puppet-pip
- opendev/puppet-os_client_config
- opendev/puppet-openstackid
- opendev/puppet-bandersnatch
- opendev/puppet-project_config
- opendev/puppet-grafyaml
- opendev/puppet-refstack
- opendev/puppet-github
- opendev/puppet-ethercalc
- opendev/puppet-unattended_upgrades
- opendev/puppet-openafs
- opendev/puppet-httpd
- opendev/puppet-drupal
- opendev/puppet-subunit2sql
- opendev/puppet-reviewday
- opendev/puppet-kibana
- opendev/puppet-redis
- opendev/puppet-phabricator
- opendev/puppet-ssl_cert_check
- opendev/puppet-lpmqtt
- opendev/puppet-germqtt
- opendev/puppet-cgit
- opendev/puppet-packagekit
- opendev/puppet-haveged
- opendev/puppet-graphite
- opendev/puppet-diskimage_builder
- opendev/puppet-sudoers
- opendev/puppet-zanata
- opendev/puppet-logstash
- opendev/puppet-gerritbot
- opendev/puppet-asterisk
- opendev/puppet-statusbot
- opendev/puppet-gerrit
- opendev/puppet-mediawiki
- opendev/puppet-mailman
- opendev/puppet-exim
- opendev/puppet-tmpreaper
- opendev/puppet-elastic_recheck
- opendev/puppet-ulimit
- opendev/puppet-planet
- opendev/puppet-nodepool
- opendev/puppet-logrotate
- opendev/puppet-infracloud
- opendev/puppet-elasticsearch
- opendev/puppet-unbound
- opendev/puppet-storyboard
- opendev/puppet-openstack_health
- opendev/puppet-kerberos
- opendev/puppet-askbot
- opendev/puppet-log_processor
- opendev/puppet-simpleproxy
- opendev/puppet-iptables
- opendev/puppet-lodgeit
- opendev/puppet-etherpad_lite
- opendev/puppet-mosquitto
- opendev/puppet-bup
- opendev/puppet-pgsql_backup
- opendev/puppet-ansible
- opendev/puppet-ssh
- opendev/puppet-snmpd
- opendev/puppet-user
- opendev/puppet-jeepyb
- opendev/puppet-ptgbot
- opendev/puppet-jenkins
- opendev/puppet-vcsrepo
- job:
name: system-config-puppet-beaker-rspec-puppet-4-infra
parent: system-config-puppet-beaker-rspec-infra
description: |
Run beaker-rspec functional tests with puppet 4 on Ubuntu Xenial.
vars:
puppet_version: 4
- job:
name: system-config-openstackci-beaker-puppet-4
parent: system-config-puppet-beaker-rspec-infra
description: |
Run beaker-rspec functional tests with puppet 4 on Ubuntu Xenial for the
puppet-openstackci module.
vars:
project_src_dir: "{{ zuul.projects['opendev.org/opendev/puppet-openstackci'].src_dir }}"
puppet_version: 4
- project-template:
name: system-config-puppet-apply-jobs
description: |
Runs puppet apply tests for OpenStack Infrastructure.
check:
jobs:
- system-config-puppet-apply-4-ubuntu-xenial
- system-config-openstackci-beaker-puppet-4
gate:
jobs:
- system-config-puppet-apply-4-ubuntu-xenial
- system-config-openstackci-beaker-puppet-4
- project-template:
name: system-config-puppet-beaker-jobs
description: |
Runs puppet beaker tests for OpenStack Infrastructure.
The jobs are run on Ubuntu Xenial.
check:
jobs:
- system-config-puppet-beaker-rspec-puppet-4-infra
gate:
jobs:
- system-config-puppet-beaker-rspec-puppet-4-infra
- job:
name: system-config-legacy-logstash-filters
parent: legacy-base
required-projects:
- opendev/ansible-role-puppet
- openstack/logstash-filters
- opendev/puppet-ansible
- opendev/puppet-askbot
- opendev/puppet-asterisk
- opendev/puppet-bandersnatch
- opendev/puppet-bugdaystats
- opendev/puppet-bup
- opendev/puppet-cgit
- opendev/puppet-diskimage_builder
- opendev/puppet-drupal
- opendev/puppet-elastic_recheck
- opendev/puppet-elasticsearch
- opendev/puppet-ethercalc
- opendev/puppet-etherpad_lite
- opendev/puppet-exim
- opendev/puppet-germqtt
- opendev/puppet-gerrit
- opendev/puppet-gerritbot
- opendev/puppet-github
- opendev/puppet-grafyaml
- opendev/puppet-graphite
- opendev/puppet-haveged
- opendev/puppet-hound
- opendev/puppet-httpd
- opendev/puppet-infracloud
- opendev/puppet-iptables
- opendev/puppet-jeepyb
- opendev/puppet-jenkins
- opendev/puppet-kerberos
- opendev/puppet-kibana
- opendev/puppet-lodgeit
- opendev/puppet-log_processor
- opendev/puppet-logrotate
- opendev/puppet-logstash
- opendev/puppet-lpmqtt
- opendev/puppet-mailman
- opendev/puppet-mediawiki
- opendev/puppet-meetbot
- opendev/puppet-mosquitto
- opendev/puppet-mqtt_statsd
- opendev/puppet-mysql_backup
- opendev/puppet-nodepool
- opendev/puppet-openafs
- opendev/puppet-openstackci
- opendev/puppet-openstack_health
- opendev/puppet-openstackid
- opendev/puppet-os_client_config
- opendev/puppet-packagekit
- opendev/puppet-pgsql_backup
- opendev/puppet-phabricator
- opendev/puppet-pip
- opendev/puppet-planet
- opendev/puppet-project_config
- opendev/puppet-ptgbot
- opendev/puppet-redis
- opendev/puppet-refstack
- opendev/puppet-reviewday
- opendev/puppet-simpleproxy
- opendev/puppet-snmpd
- opendev/puppet-ssh
- opendev/puppet-ssl_cert_check
- opendev/puppet-statusbot
- opendev/puppet-storyboard
- opendev/puppet-subunit2sql
- opendev/puppet-sudoers
- opendev/puppet-tmpreaper
- opendev/puppet-ulimit
- opendev/puppet-unattended_upgrades
- opendev/puppet-unbound
- opendev/puppet-user
- opendev/puppet-vcsrepo
- opendev/puppet-zanata
- opendev/puppet-zuul
- opendev/system-config
run: playbooks/zuul/logstash-filters/run.yaml
post-run: playbooks/zuul/logstash-filters/post.yaml
timeout: 1800
nodeset: ubuntu-xenial
- project-template:
name: system-config-logstash-filter-jobs
check:
jobs:
- system-config-legacy-logstash-filters
gate:
jobs:
- system-config-legacy-logstash-filters
# Make sure only one run of a system-config playbook happens at a time
- semaphore:
name: infra-prod-playbook
max: 1
- job:
name: infra-prod-playbook
description: |
Run specified playbook against productions hosts.
This is a parent job designed to be inherited to enabled
CD deployment of our infrastructure. Set playbook_name to
specify the playbook relative to
/home/zuul/src/opendev.org/opendev/system-config/playbooks
on bridge.openstack.org.
abstract: true
semaphore: infra-prod-playbook
run: playbooks/zuul/run-production-playbook.yaml
required-projects:
- opendev/system-config
vars:
infra_prod_ansible_forks: 5
infra_prod_playbook_collect_log: false
nodeset:
nodes: []
- job:
name: infra-prod-install-ansible
parent: infra-prod-playbook
description: Install ansible on bridge.
vars:
playbook_name: install-ansible.yaml
files:
- inventory/
- roles/
- install_modules.sh
- modules.env
- playbooks/install-ansible.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-ansible/
- playbooks/roles/logrotate/
- playbooks/roles/root-keys/
- playbooks/host_vars/bridge.openstack.org.yaml
- playbooks/zuul/run-production-playbook.yaml
- job:
name: infra-prod-base
parent: infra-prod-playbook
description: Run the base playbook everywhere.
dependencies:
- name: infra-prod-install-ansible
soft: true
vars:
playbook_name: base.yaml
infra_prod_ansible_forks: 50
files:
- inventory/
- playbooks/host_vars/
- playbooks/group_vars/
- playbooks/base.yaml
- playbooks/roles/users/
- playbooks/roles/base-repos/
- playbooks/roles/base-server/
- playbooks/roles/timezone/
- playbooks/roles/unbound/
- playbooks/roles/exim/
- playbooks/roles/snmpd/
- playbooks/roles/iptables/
- job:
name: infra-prod-service-letsencrypt
parent: infra-prod-playbook
description: Run service-letsencrypt.yaml playbook.
vars:
playbook_name: service-letsencrypt.yaml
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
files:
- inventory/
- playbooks/service-letsencrypt.yaml
# Any touching of host_vars or group_vars can substantively
# change the certs we're doing, so be greedy here.
- playbooks/host_vars/
- playbooks/group_vars/
- playbooks/roles/letsencrypt
- playbooks/roles/logrotate/
- job:
name: infra-prod-manage-projects
parent: infra-prod-playbook
description: |
Create and update projects in gerrit and gitea.
allowed-projects:
- opendev/system-config
- openstack/project-config
required-projects:
- opendev/system-config
- openstack/project-config
vars:
playbook_name: manage-projects.yaml
infra_prod_ansible_forks: 10
infra_prod_playbook_collect_log: true
- job:
name: infra-prod-service-base
parent: infra-prod-playbook
description: Base job for most service playbooks.
abstract: true
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- job:
name: infra-prod-service-bridge
parent: infra-prod-service-base
description: Run service-bridge.yaml playbook.
vars:
playbook_name: service-bridge.yaml
files:
- inventory/
- playbooks/service-bridge.yaml
- playbooks/host_vars/bridge.openstack.org.yaml
- playbooks/roles/logrotate/
- playbooks/roles/edit-secrets-script/
- playbooks/roles/install-kubectl/
- playbooks/roles/configure-kubectl/
- playbooks/roles/configure-openstacksdk/
- playbooks/templates/clouds/bridge_all_clouds.yaml.j2
- job:
name: infra-prod-service-gitea-lb
parent: infra-prod-service-base
description: Run service-gitea-lb.yaml playbook.
vars:
playbook_name: service-gitea-lb.yaml
files:
- inventory/
- playbooks/service-gitea-lb.yaml
- playbooks/group_vars/gitea-lb.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/haproxy/
- job:
name: infra-prod-service-nameserver
parent: infra-prod-service-base
description: Run service-nameserver.yaml playbook.
vars:
playbook_name: service-nameserver.yaml
files:
- inventory/
- playbooks/service-nameserver.yaml
- playbooks/host_vars/adns1.opendev.org.yaml
- playbooks/host_vars/ns1.opendev.org.yaml
- playbooks/host_vars/ns2.opendev.org.yaml
- playbooks/group_vars/adns.yaml
- playbooks/group_vars/ns.yaml
- playbooks/roles/master-nameserver/
- playbooks/roles/nameserver/
- job:
name: infra-prod-service-nodepool
parent: infra-prod-service-base
description: Run service-nodepool.yaml playbook.
vars:
playbook_name: service-nodepool.yaml
required-projects:
- opendev/system-config
- openstack/project-config
files:
- inventory/
- playbooks/service-nodepool.yaml
- playbooks/host_vars/nb
- playbooks/host_vars/nl
- playbooks/group_vars/nodepool
- playbooks/group_vars/puppet
- playbooks/roles/install-ansible-roles/
- playbooks/roles/run-puppet/
- playbooks/roles/configure-kubectl/
- playbooks/roles/configure-openstacksdk/
- playbooks/roles/install-docker/
- playbooks/roles/nodepool
- playbooks/templates/clouds/nodepool_
- job:
name: infra-prod-service-etherpad
parent: infra-prod-service-base
description: Run service-etherpad.yaml playbook.
vars:
playbook_name: service-etherpad.yaml
files:
- inventory/
- playbooks/service-etherpad.yaml
- playbooks/host_vars/etherpad01.opendev.org.yaml
- playbooks/group_vars/etherpad
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- playbooks/roles/etherpad
- playbooks/roles/logrotate
- job:
name: infra-prod-service-meetpad
parent: infra-prod-service-base
description: Run service-meetpad.yaml playbook.
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- name: system-config-promote-image-jitsi-meet
soft: true
vars:
playbook_name: service-meetpad.yaml
files:
- inventory/
- playbooks/service-meetpad.yaml
- playbooks/host_vars/meetpad01.opendev.org.yaml
- playbooks/group_vars/meetpad.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/jitsi-meet/
- job:
name: infra-prod-service-mirror-update
parent: infra-prod-service-base
description: Run service-mirror-update.yaml playbook.
vars:
playbook_name: service-mirror-update.yaml
files:
- inventory/
- playbooks/service-mirror-update.yaml
- playbooks/roles/kerberos-client/
- playbooks/roles/openafs-client/
- playbooks/roles/mirror-update/
- playbooks/roles/logrotate/
- job:
name: infra-prod-service-mirror
parent: infra-prod-service-base
description: Run service-mirror.yaml playbook.
vars:
playbook_name: service-mirror.yaml
files:
- inventory/
- playbooks/service-mirror.yaml
- playbooks/group_vars/mirror_opendev.yaml
- playbooks/roles/kerberos-client/
- playbooks/roles/openafs-client/
- playbooks/roles/mirror/
- playbooks/roles/afs-release/
- playbooks/roles/afsmon/
- playbooks/roles/logrotate/
- job:
name: infra-prod-service-static
parent: infra-prod-service-base
description: Run service-static.yaml playbook.
vars:
playbook_name: service-static.yaml
files:
- inventory/
- playbooks/service-static.yaml
- playbooks/host_vars/static01.opendev.org.yaml
- playbooks/group_vars/static.yaml
- playbooks/roles/kerberos-client/
- playbooks/roles/openafs-client/
- playbooks/roles/static/
- playbooks/roles/zuul-user/
- job:
name: infra-prod-service-backup
parent: infra-prod-service-base
description: Run service-backup.yaml playbook.
vars:
playbook_name: service-backup.yaml
files:
- inventory/
- playbooks/service-backup.yaml
- playbooks/roles/backup/
- playbooks/roles/backup-server/
- job:
name: infra-prod-service-registry
parent: infra-prod-service-base
description: Run service-registry.yaml playbook.
vars:
playbook_name: service-registry.yaml
files:
- inventory/
- playbooks/service-registry.yaml
- playbooks/group_vars/registry.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/registry/
- job:
name: infra-prod-service-zuul-preview
parent: infra-prod-service-base
description: Run service-zuul-preview.yaml playbook.
vars:
playbook_name: service-zuul-preview.yaml
files:
- inventory/
- playbooks/service-zuul-preview.yaml
- playbooks/group_vars/zuul-preview.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/zuul-preview/
- job:
name: infra-prod-service-zookeeper
parent: infra-prod-service-base
description: Run service-zookeeper.yaml playbook.
vars:
playbook_name: service-zookeeper.yaml
files:
- inventory/.*
- playbooks/group_vars/zookeeper.yaml
- ^playbooks/host_vars/zk\d+\..*
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/zookeeper/
- job:
name: infra-prod-service-zuul
parent: infra-prod-service-base
description: |
Run service-zuul.yaml playbook.
This configures the main Zuul cluster. It will perform a
smart-reconfigure of the scheduler if the tenant configuration
is changed.
vars:
playbook_name: service-zuul.yaml
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- name: infra-prod-manage-projects
soft: true
files:
- inventory/.*
- playbooks/install-ansible.yaml
- playbooks/service-zuul.yaml
- playbooks/group_vars/zuul
- playbooks/group_vars/zookeeper.yaml
- playbooks/host_vars/zk\d+
- playbooks/host_vars/zuul01.openstack.org
- playbooks/roles/install-docker/
- playbooks/roles/zookeeper/
- playbooks/roles/zuul
- job:
name: infra-prod-service-review
parent: infra-prod-service-base
description: Run service-review.yaml playbook.
vars:
playbook_name: service-review.yaml
dependencies: &infra_prod_service_review_deps
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- name: system-config-promote-image-gerrit-2.13
soft: true
files:
- inventory/
- playbooks/service-review.yaml
- playbooks/group_vars/gerrit.yaml
- playbooks/host_vars/review01.openstack.org.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/gerrit/
- job:
name: infra-prod-service-review-dev
parent: infra-prod-service-base
description: Run service-review-dev.yaml playbook.
vars:
playbook_name: service-review-dev.yaml
dependencies: *infra_prod_service_review_deps
files:
- inventory/
- playbooks/service-review-dev.yaml
- playbooks/group_vars/gerrit.yaml
- playbooks/host_vars/review-dev01.opendev.org.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/gerrit/
- job:
name: infra-prod-service-gitea
parent: infra-prod-service-base
description: Run service-gitea.yaml playbook.
vars:
playbook_name: service-gitea.yaml
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- name: system-config-promote-image-gitea-init
soft: true
- name: system-config-promote-image-gitea
soft: true
files:
- inventory/
- playbooks/service-gitea.yaml
- playbooks/group_vars/gitea.yaml
- playbooks/host_vars/gitea[0-9][0-9]
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- playbooks/roles/gitea/
- playbooks/roles/logrotate/
- docker/gitea/
- docker/gitea-init/
- docker/jinja-init/
- docker/python-base/
- job:
name: infra-prod-service-codesearch
parent: infra-prod-service-base
description: Run service-codesearch.yaml playbook.
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
vars:
playbook_name: service-codesearch.yaml
files:
- inventory/
- playbooks/install-ansible.yaml
- playbooks/service-codesearch.yaml
- playbooks/group_vars/puppet.yaml
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/sync-project-config
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- modules/openstack_project/manifests/codesearch.pp
- modules/openstack_project/files/resync-hound-config.sh
- manifests/codesearch.pp
- job:
name: infra-prod-service-eavesdrop
parent: infra-prod-service-base
description: Run service-eavesdrop.yaml playbook.
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
- openstack/project-config
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- name: system-config-promote-image-accessbot
soft: true
vars:
playbook_name: service-eavesdrop.yaml
files: &infra_prod_eavesdrop_files
- inventory/
- playbooks/service-eavesdrop.yaml
- playbooks/run-accessbot.yaml
- playbooks/group_vars/eavesdrop.yaml
- playbooks/group_vars/puppet.yaml
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/zuul-user
- playbooks/roles/install-docker
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- playbooks/roles/accessbot
- playbooks/roles/logrotate
- modules/openstack_project/manifests/eavesdrop.pp
- manifests/eavesdrop.pp
- docker/accessbot/
- job:
name: infra-prod-run-accessbot
parent: infra-prod-service-base
description: Run run-accessbot.yaml playbook.
required-projects:
- opendev/system-config
- openstack/project-config
dependencies:
- infra-prod-service-eavesdrop
vars:
playbook_name: run-accessbot.yaml
files: *infra_prod_eavesdrop_files
# Run AFS changes separately so we can make sure to only do one at a time
# (turns out quorum is nice to have)
- job:
name: infra-prod-remote-puppet-afs
parent: infra-prod-service-base
description: Run remote-puppet-afs.yaml playbook.
vars:
playbook_name: remote_puppet_afs.yaml
infra_prod_ansible_forks: 1
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
files:
- inventory/
- playbooks/remote_puppet_afs.yaml
- playbooks/group_vars/afs
- playbooks/group_vars/mirror-update
- playbooks/group_vars/puppet
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- playbooks/roles/vos-release/
- modules/
- manifests/
- job:
name: infra-prod-remote-puppet-else
parent: infra-prod-service-base
description: Run remote-puppet-else.yaml playbook.
vars:
playbook_name: remote_puppet_else.yaml
infra_prod_ansible_forks: 50
required-projects:
- opendev/ansible-role-puppet
- opendev/system-config
files:
- hiera/
- inventory/
- playbooks/remote_puppet_else.yaml
- playbooks/group_vars/
- playbooks/host_vars/
- playbooks/group_vars/puppet
- playbooks/roles/run-puppet/
- playbooks/roles/install-ansible-roles/
- playbooks/roles/puppet-install/
- playbooks/roles/disable-puppet-agent/
- modules/
- manifests/
- job:
name: infra-prod-run-cloud-launcher
parent: infra-prod-service-base
description: Run cloud launcher playbook
vars:
playbook_name: run_cloud_launcher.yaml
infra_prod_ansible_forks: 1
required-projects:
- opendev/ansible-role-cloud-launcher
- opendev/system-config
dependencies:
- name: infra-prod-service-bridge
soft: true
files:
- playbooks/run_cloud_launcher.yaml
- playbooks/host_vars/bridge.openstack.org.yaml
- job:
name: system-config-goaccess-report
description: |
Run goaccess tool on static.opendev.org hosted site.
abstract: true
protected: true
timeout: 7200
nodeset:
nodes: []
run: playbooks/periodic/goaccess.yaml
- job:
name: developer-openstack-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on developer.openstack.org.
final: true
protected: true
vars:
goaccess_site: developer.openstack.org
- job:
name: docs-opendev-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on docs.opendev.org.
final: true
protected: true
vars:
goaccess_site: docs.opendev.org
- job:
name: docs-openstack-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on docs.openstack.org.
final: true
protected: true
vars:
goaccess_site: docs.openstack.org
- job:
name: docs-starlingx-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on docs.starlingx.io.
final: true
protected: true
vars:
goaccess_site: docs.starlingx.io
- job:
name: governance-openstack-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on governance.openstack.org.
final: true
protected: true
vars:
goaccess_site: governance.openstack.org
- job:
name: releases-openstack-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on releases.openstack.org.
final: true
protected: true
vars:
goaccess_site: releases.openstack.org
- job:
name: security-openstack-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on security.openstack.org.
final: true
protected: true
vars:
goaccess_site: security.openstack.org
- job:
name: specs-openstack-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on specs.openstack.org.
final: true
protected: true
vars:
goaccess_site: specs.openstack.org
- job:
name: tarballs-opendev-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on tarballs.opendev.org.
final: true
protected: true
vars:
goaccess_site: tarballs.opendev.org
- job:
name: zuul-ci-goaccess-report
parent: system-config-goaccess-report
description: |
Run goaccess tool on zuul-ci.org.
final: true
protected: true
vars:
goaccess_site: zuul-ci.org
- project-template:
name: system-config-gerrit-images
check:
jobs:
- system-config-build-image-gerrit-base:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-builder-3.7
soft: true
- system-config-build-image-gerrit-2.13:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-builder-3.7
soft: true
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-2.14:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-2.15:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-2.16:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-3.0:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-master:
voting: false
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gerrit-base
soft: true
gate:
jobs:
- system-config-upload-image-gerrit-base:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-python-builder-3.7
soft: true
- system-config-upload-image-gerrit-2.13:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-python-builder-3.7
soft: true
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-2.14:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-2.15:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-2.16:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-3.0:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-gerrit-base
soft: true
deploy:
jobs:
- system-config-promote-image-gerrit-base
- system-config-promote-image-gerrit-2.13
- system-config-promote-image-gerrit-2.14
- system-config-promote-image-gerrit-2.15
- system-config-promote-image-gerrit-2.16
- system-config-promote-image-gerrit-3.0
- project:
templates:
- system-config-zuul-role-integration
- system-config-gerrit-images
- system-config-puppet-apply-jobs
- system-config-logstash-filter-jobs
check:
jobs:
- opendev-tox-docs
- opendev-buildset-registry
- tox-linters
- system-config-run-base
- system-config-run-base-ansible-devel:
voting: false
- system-config-run-backup
- system-config-run-dns
- system-config-run-eavesdrop:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-accessbot
soft: true
- system-config-run-codesearch
- system-config-run-lists
- system-config-run-nodepool
- system-config-run-meetpad:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-jitsi-meet
soft: true
- system-config-run-mirror-x86
- system-config-run-mirror-update
- system-config-run-static
- system-config-run-docker-registry
- system-config-run-etherpad:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-etherpad
soft: true
- system-config-run-gitea:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gitea
soft: true
- name: system-config-build-image-haproxy-statsd
soft: true
- system-config-run-review:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-gerrit-2.13
soft: true
- system-config-run-zookeeper
- system-config-run-zuul
- system-config-run-zuul-preview
- system-config-run-letsencrypt
- system-config-build-image-jinja-init:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-base-3.7
soft: true
- system-config-build-image-gitea-init:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-jinja-init
soft: true
- system-config-build-image-etherpad
- system-config-build-image-gitea
- system-config-build-image-jitsi-meet
- system-config-build-image-haproxy-statsd:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-base-3.7
soft: true
- system-config-build-image-accessbot:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-base-3.7
soft: true
- system-config-build-image-python-base-3.7
- system-config-build-image-python-base-3.8
- system-config-build-image-python-builder-3.7
- system-config-build-image-python-builder-3.8
- system-config-build-image-uwsgi-base-3.7
- system-config-build-image-uwsgi-base-3.8
check-arm64:
jobs:
- system-config-run-mirror-arm64
gate:
jobs:
- opendev-tox-docs
- opendev-buildset-registry
- tox-linters
- system-config-run-base
- system-config-run-dns
- system-config-run-eavesdrop:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-accessbot
soft: true
- system-config-run-codesearch
- system-config-run-lists
- system-config-run-nodepool
- system-config-run-meetpad:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-jitsi-meet
soft: true
- system-config-run-mirror-x86
- system-config-run-mirror-update
- system-config-run-static
- system-config-run-docker-registry
- system-config-run-etherpad:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-etherpad
soft: true
- system-config-run-gitea:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-gitea
soft: true
- name: system-config-upload-image-haproxy-statsd
soft: true
- system-config-run-review:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-gerrit-2.13
soft: true
- system-config-run-zookeeper
- system-config-run-zuul
- system-config-run-zuul-preview
- system-config-run-letsencrypt
- system-config-upload-image-jinja-init:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-python-base-3.7
soft: true
- system-config-upload-image-gitea-init:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-jinja-init
soft: true
- system-config-upload-image-etherpad
- system-config-upload-image-gitea
- system-config-upload-image-jitsi-meet
- system-config-upload-image-haproxy-statsd:
dependencies:
- name: opendev-buildset-registry
- name: system-config-upload-image-python-base-3.7
soft: true
- system-config-upload-image-accessbot:
dependencies:
- name: opendev-buildset-registry
- name: system-config-build-image-python-base-3.7
soft: true
- system-config-upload-image-python-base-3.7
- system-config-upload-image-python-base-3.8
- system-config-upload-image-python-builder-3.7
- system-config-upload-image-python-builder-3.8
- system-config-upload-image-uwsgi-base-3.7
- system-config-upload-image-uwsgi-base-3.8
promote:
jobs:
- opendev-promote-docs
deploy:
jobs:
- system-config-promote-image-jinja-init
- system-config-promote-image-gitea-init
- system-config-promote-image-gitea
- system-config-promote-image-etherpad
- system-config-promote-image-jitsi-meet
- system-config-promote-image-haproxy-statsd
- system-config-promote-image-accessbot
- system-config-promote-image-python-base-3.7
- system-config-promote-image-python-base-3.8
- system-config-promote-image-python-builder-3.7
- system-config-promote-image-python-builder-3.8
- system-config-promote-image-uwsgi-base-3.7
- system-config-promote-image-uwsgi-base-3.8
- infra-prod-install-ansible
- infra-prod-base
- infra-prod-service-letsencrypt
- infra-prod-manage-projects:
files:
- inventory/.*
- playbooks/manage-projects.yaml
- playbooks/group_vars/gerrit.yaml
- playbooks/group_vars/gitea.yaml
- playbooks/host_vars/gitea
- playbooks/host_vars/review
- playbooks/roles/gitea-git-repos/
- playbooks/roles/gerrit/defaults/main.yaml
- playbooks/roles/gerrit/tasks/manage-projects.yaml
dependencies:
- name: system-config-promote-image-gerrit-2.13
soft: true
- name: infra-prod-install-ansible
soft: true
- infra-prod-service-bridge
- infra-prod-service-gitea-lb
- infra-prod-service-nameserver
- infra-prod-service-nodepool
- infra-prod-service-etherpad:
dependencies:
- name: infra-prod-install-ansible
soft: true
- name: infra-prod-base
soft: true
- name: infra-prod-service-letsencrypt
soft: true
- name: system-config-promote-image-etherpad
soft: true
- infra-prod-service-meetpad
- infra-prod-service-mirror-update
- infra-prod-service-mirror
- infra-prod-service-static
- infra-prod-service-backup
- infra-prod-service-registry
- infra-prod-service-zookeeper
- infra-prod-service-zuul
- infra-prod-service-zuul-preview
- infra-prod-service-review
- infra-prod-service-review-dev
- infra-prod-service-gitea
- infra-prod-service-codesearch
- infra-prod-service-eavesdrop
- infra-prod-remote-puppet-afs
- infra-prod-remote-puppet-else
- infra-prod-run-cloud-launcher
periodic:
jobs:
- developer-openstack-goaccess-report
- docs-opendev-goaccess-report
- docs-openstack-goaccess-report
- docs-starlingx-goaccess-report
- governance-openstack-goaccess-report
- releases-openstack-goaccess-report
- security-openstack-goaccess-report
- specs-openstack-goaccess-report
- tarballs-opendev-goaccess-report
- zuul-ci-goaccess-report
# Nightly runs of ansible things for catchup
- infra-prod-install-ansible
- infra-prod-base
- infra-prod-service-letsencrypt
- infra-prod-service-bridge
- infra-prod-service-gitea-lb
- infra-prod-service-nameserver
- infra-prod-service-etherpad
- infra-prod-service-meetpad
- infra-prod-service-mirror-update
- infra-prod-service-mirror
- infra-prod-service-static
- infra-prod-service-backup
- infra-prod-service-zookeeper
- infra-prod-service-review
- infra-prod-service-review-dev
- infra-prod-service-gitea
- infra-prod-service-codesearch
- infra-prod-service-eavesdrop
- infra-prod-run-accessbot
- infra-prod-remote-puppet-afs
opendev-prod-hourly:
jobs:
- infra-prod-install-ansible
- infra-prod-service-bridge:
dependencies:
- name: infra-prod-install-ansible
soft: true
- infra-prod-run-cloud-launcher
- infra-prod-service-nodepool:
dependencies:
- name: infra-prod-install-ansible
soft: true
- infra-prod-service-registry:
dependencies:
- name: infra-prod-install-ansible
soft: true
- infra-prod-service-zuul:
dependencies:
- name: infra-prod-install-ansible
soft: true
- infra-prod-service-zuul-preview:
dependencies:
- name: infra-prod-install-ansible
soft: true
- infra-prod-remote-puppet-else:
dependencies:
- name: infra-prod-install-ansible
soft: true
- infra-prod-run-accessbot:
dependencies:
- name: infra-prod-install-ansible
soft: true
View Git Blame Copy Permalink