system-config/.zuul.yaml
Monty Taylor a8e1d1496d Build gerrit images with bazelisk
We need to use bazelisk to build gerrit so that we can properly
track bazel versions in the job. Use the roles developed for
gerrit-review to do that, then simplify the dockerfile to have
it simply copy the war into the target image.

Also add polymer-bridges.

Depends-On: https://review.opendev.org/709256
Change-Id: I7c13df51d3b8c117bcc9aab9caad59687471d622
2020-02-21 17:32:01 -06:00

1324 lines
43 KiB
YAML

- job:
name: puppet-beaker-rspec-puppet-4-infra-system-config
parent: puppet-beaker-rspec-puppet-4-infra
vars:
project_src_dir: "{{ zuul.project.src_dir }}/modules/openstack_project"
# Image building jobs
- secret:
name: system-config-dockerhub
data:
username: opendevzuul
password: !encrypted/pkcs1-oaep
- FF2mwsdYo4b9QI/kEmeFdZS32I+OJUac2xy4JEQJaIevRK9E3rQ/11cBn7xX6zelA/htY
hENMM1gGTYO8BKgTVNijFfCiVCTYFJ9efsOrSeMdj2aLcq/OkZFeq8gMHAZDv+3qaiggq
hbDmldgSouNahhJByWMsDjYqnItfR8w1dYisNQBkDEJdNW5+Cin5WgHRYv2skui9pjumU
vWHjwLbITLEjb0hwVErggAzvED4x0UjNEMfb6KCpoXeKdlCaI8h1DXVD9RdQ4s1WvUCro
xwl4AIUyCmdtXbqW787PQ4j8BgdOi8RD40ZTSxpoV/bwT+/NrP3Jj2KVYdEKQJimzXnwL
goDclapu9aFrAaqwWSnWCRc7GQptSZ7DBXmA7MsNinBclWHX/chX5k9Q1+XifAhmKJZqP
ovkzEGtmUjTQZFjvuCtFxIWZEGVtGHDmgEkzevgVCeuHDTeIDlkAvA3+TT+/A70zyYdbP
EHOTSSjCU6RSlJxAXjNb5pzKjpeT7PyX2f4/8Zn3JnwTlfPJ0C7qdEYjQ54hbsKynjrpQ
7f6NN9pAeQS1pid5J7oH4f7YaKM78pnhoTxRl3LmeitIlAG+zCpiT4J+se2eG27ep4aUA
bYuO0L+KBosY6DcvEbR9TqkYLPgJuEPi/6SQr9bBOldEspXXAv9msyCB4VMhVU=
- job:
name: system-config-build-image
parent: opendev-build-docker-image
dependencies: opendev-buildset-registry
abstract: true
vars:
docker_mirror_base_url: "http://{{ zuul_site_mirror_fqdn }}/deb-docker"
- job:
name: system-config-upload-image
parent: opendev-upload-docker-image
dependencies: opendev-buildset-registry
abstract: true
secrets:
name: docker_credentials
secret: system-config-dockerhub
pass-to-parent: true
- job:
name: system-config-promote-image
parent: opendev-promote-docker-image
abstract: true
secrets:
name: docker_credentials
secret: system-config-dockerhub
pass-to-parent: true
# Jinja-init jobs
- job:
name: system-config-build-image-jinja-init
description: Build a jinja-init image.
parent: system-config-build-image
vars: &jinja-init_vars
docker_images:
- context: docker/jinja-init
target: jinja-init
repository: opendevorg/jinja-init
files: &jinja-init_files
- docker/jinja-init/.*
- docker/python-base/.*
- job:
name: system-config-upload-image-jinja-init
description: Build and upload a jinja-init image.
parent: system-config-upload-image
vars: *jinja-init_vars
files: *jinja-init_files
- job:
name: system-config-promote-image-jinja-init
description: Promote a previously published jinja-init image to latest.
parent: system-config-promote-image
vars: *jinja-init_vars
files: *jinja-init_files
# Gitea-init jobs
- job:
name: system-config-build-image-gitea-init
description: Build a gitea-init image.
parent: system-config-build-image
vars: &gitea-init_vars
docker_images:
- context: docker/gitea-init
target: gitea-init
repository: opendevorg/gitea-init
files: &gitea-init_files
- docker/gitea-init/.*
- docker/jinja-init/.*
- docker/python-base/.*
- job:
name: system-config-upload-image-gitea-init
description: Build and upload a gitea-init image.
parent: system-config-upload-image
vars: *gitea-init_vars
files: *gitea-init_files
- job:
name: system-config-promote-image-gitea-init
description: Promote a previously published gitea-init image to latest.
parent: system-config-promote-image
vars: *gitea-init_vars
files: *gitea-init_files
# Gitea jobs
- job:
name: system-config-build-image-gitea
description: Build a gitea image.
parent: system-config-build-image
vars: &gitea_vars
docker_images:
- context: docker/gitea
target: gitea
repository: opendevorg/gitea
- context: docker/gitea
target: gitea-openssh
repository: opendevorg/gitea-openssh
# Duplicate in the run-gitea job
files: &gitea_files
- docker/gitea/.*
- job:
name: system-config-upload-image-gitea
description: Build and upload a gitea image.
parent: system-config-upload-image
vars: *gitea_vars
files: *gitea_files
- job:
name: system-config-promote-image-gitea
description: Promote a previously published gitea image to latest.
parent: system-config-promote-image
vars: *gitea_vars
files: *gitea_files
# Haproxy-statsd jobs
- job:
name: system-config-build-image-haproxy-statsd
description: Build a haproxy-statsd image.
parent: system-config-build-image
vars: &haproxy-statsd_vars
docker_images:
- context: docker/haproxy-statsd
repository: opendevorg/haproxy-statsd
# Duplicate in the run-gitea job
files: &haproxy-statsd_files
- docker/haproxy-statsd/.*
- docker/python-base/.*
- job:
name: system-config-upload-image-haproxy-statsd
description: Build and upload a haproxy-statsd image.
parent: system-config-upload-image
vars: *haproxy-statsd_vars
files: *haproxy-statsd_files
- job:
name: system-config-promote-image-haproxy-statsd
description: Promote a previously published haproxy-statsd image to latest.
parent: system-config-promote-image
vars: *haproxy-statsd_vars
files: *haproxy-statsd_files
# Gerrit 2.13 jobs
- job:
name: system-config-build-image-gerrit-2.13
description: Build a gerrit 2.13 image.
parent: system-config-build-image
vars: &gerrit_vars_2_13
docker_images:
# The 2.13 image doesn't build from source, but from existing war file
- context: docker/gerrit/2.13
repository: opendevorg/gerrit
path: /home/zuul/src/opendev.org/opendev/system-config
tags:
- 2.13
files: &gerrit_files_2_13
- docker/gerrit/2.13/.*
- job:
name: system-config-upload-image-gerrit-2.13
description: Build and upload a gerrit 2.13 image.
parent: system-config-upload-image
vars: *gerrit_vars_2_13
files: *gerrit_files_2_13
- job:
name: system-config-promote-image-gerrit-2.13
description: Promote a previously published gerrit 2.13 image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_13
files: *gerrit_files_2_13
# Gerrit 2.15 jobs
- job:
name: system-config-build-image-gerrit-2.15
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: &gerrit_projects_2_15
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-2.15
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-2.15
vars: &gerrit_vars_2_15
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 2.15
files: &gerrit_files_2_15
- docker/bazel/.*
- docker/gerrit/base/.*
- docker/gerrit/bazel/.*
- playbooks/zuul/gerrit/.*
- job:
name: system-config-upload-image-gerrit-2.15
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: *gerrit_projects_2_15
vars: *gerrit_vars_2_15
files: *gerrit_files_2_15
- job:
name: system-config-promote-image-gerrit-2.15
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_15
files: *gerrit_files_2_15
# Gerrit 2.16 jobs
- job:
name: system-config-build-image-gerrit-2.16
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: &gerrit_projects_2_16
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/codemirror-editor
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-2.16
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-2.16
vars: &gerrit_vars_2_16
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 2.16
gerrit_additional_plugins:
- codemirror-editor
files: &gerrit_files_2_16
- docker/bazel/.*
- docker/gerrit/base/.*
- docker/gerrit/bazel/.*
- playbooks/zuul/gerrit/.*
- job:
name: system-config-upload-image-gerrit-2.16
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: *gerrit_projects_2_16
vars: *gerrit_vars_2_16
files: *gerrit_files_2_16
- job:
name: system-config-promote-image-gerrit-2.16
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_2_16
files: *gerrit_files_2_16
# Gerrit 3.0 jobs
- job:
name: system-config-build-image-gerrit-3.0
description: Build a gerrit image.
parent: system-config-build-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: &gerrit_projects_3_0
- name: gerrit.googlesource.com/gerrit
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/codemirror-editor
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/commit-message-length-validator
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/delete-project
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/download-commands
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/gitiles
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/hooks
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/its-base
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/its-storyboard
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/javamelody
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/plugin-manager
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/replication
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/reviewnotes
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/singleusergroup
override-checkout: stable-3.0
- name: gerrit.googlesource.com/plugins/webhooks
override-checkout: stable-3.0
vars: &gerrit_vars_3_0
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- 3.0
gerrit_additional_plugins:
- codemirror-editor
- delete-project
- gitiles
- plugin-manager
- webhooks
files: &gerrit_files_3_0
- docker/bazel/.*
- docker/gerrit/base/.*
- docker/gerrit/bazel/.*
- playbooks/zuul/gerrit/.*
- job:
name: system-config-upload-image-gerrit-3.0
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run: playbooks/zuul/gerrit/repos.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: *gerrit_projects_3_0
vars: *gerrit_vars_3_0
files: *gerrit_files_3_0
- job:
name: system-config-promote-image-gerrit-3.0
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_3_0
files: *gerrit_files_3_0
# Gerrit master jobs
- job:
name: system-config-build-image-gerrit-master-base
description: |
Build a gerrit image.
This job has no files matchers so it can be used in other repos.
parent: system-config-build-image
pre-run:
- playbooks/zuul/gerrit/repos.yaml
- playbooks/zuul/gerrit/submodules.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: &gerrit_projects_master
- opendev/system-config
- gerrit.googlesource.com/jgit
- gerrit.googlesource.com/gerrit
- gerrit.googlesource.com/plugins/checks
- gerrit.googlesource.com/plugins/codemirror-editor
- gerrit.googlesource.com/plugins/commit-message-length-validator
- gerrit.googlesource.com/plugins/delete-project
- gerrit.googlesource.com/plugins/download-commands
- gerrit.googlesource.com/plugins/gitiles
- gerrit.googlesource.com/plugins/hooks
- gerrit.googlesource.com/plugins/its-base
- gerrit.googlesource.com/plugins/its-storyboard
- gerrit.googlesource.com/plugins/javamelody
- gerrit.googlesource.com/plugins/plugin-manager
- gerrit.googlesource.com/plugins/replication
- gerrit.googlesource.com/plugins/reviewnotes
- gerrit.googlesource.com/plugins/singleusergroup
- gerrit.googlesource.com/plugins/webhooks
- gerrit.googlesource.com/polymer-bridges
vars: &gerrit_vars_master
zuul_work_dir: src/opendev.org/opendev/system-config
docker_images:
- context: docker/gerrit/bazel
repository: opendevorg/gerrit
path: /home/zuul/src/gerrit.googlesource.com/gerrit
tags:
- master
gerrit_additional_plugins:
- checks
- codemirror-editor
- delete-project
- gitiles
- plugin-manager
- webhooks
- job:
name: system-config-build-image-gerrit-master
description: |
Build a gerrit image.
This job is used in system-config.
parent: system-config-build-image-gerrit-master-base
files: &gerrit_files_master
- docker/bazel/.*
- docker/gerrit/base/.*
- docker/gerrit/bazel/.*
- playbooks/zuul/gerrit/.*
- job:
name: system-config-upload-image-gerrit-master
description: Build and upload a gerrit image.
parent: system-config-upload-image
pre-run:
- playbooks/zuul/gerrit/repos.yaml
- playbooks/zuul/gerrit/submodules.yaml
run: playbooks/zuul/gerrit/run.yaml
required-projects: *gerrit_projects_master
vars: *gerrit_vars_master
files: *gerrit_files_master
- job:
name: system-config-promote-image-gerrit-master
description: Promote a previously published gerrit image to latest.
parent: system-config-promote-image
vars: *gerrit_vars_master
files: *gerrit_files_master
# python-builder jobs
- job:
name: system-config-build-image-python-builder
description: Build a python-builder image.
parent: system-config-build-image
vars: &python-builder_vars
docker_images:
- context: docker/python-builder
repository: opendevorg/python-builder
files: &python-builder_files
- docker/python-base/.*
- docker/python-builder/.*
- job:
name: system-config-upload-image-python-builder
description: Build and upload a python-builder image.
parent: system-config-upload-image
vars: *python-builder_vars
files: *python-builder_files
- job:
name: system-config-promote-image-python-builder
description: Promote a previously published python-builder image to latest.
parent: system-config-promote-image
vars: *python-builder_vars
files: *python-builder_files
# python-base jobs
- job:
name: system-config-build-image-python-base
description: Build a python-base image.
parent: system-config-build-image
vars: &python-base_vars
docker_images:
- context: docker/python-base
repository: opendevorg/python-base
files: &python-base_files
- docker/python-base/.*
- docker/python-builder/.*
- job:
name: system-config-upload-image-python-base
description: Build and upload a python-base image.
parent: system-config-upload-image
vars: *python-base_vars
files: *python-base_files
- job:
name: system-config-promote-image-python-base
description: Promote a previously published python-base image to latest.
parent: system-config-promote-image
vars: *python-base_vars
files: *python-base_files
# bazel jobs
- job:
name: system-config-build-image-bazel
description: Build a bazel image.
parent: system-config-build-image
vars: &bazel_vars
docker_images:
- context: docker/bazel
repository: opendevorg/bazel
files: &bazel_files
- docker/bazel/.*
- job:
name: system-config-upload-image-bazel
description: Build and upload a bazel image.
parent: system-config-upload-image
vars: *bazel_vars
files: *bazel_files
- job:
name: system-config-promote-image-bazel
description: Promote a previously published bazel image to latest.
parent: system-config-promote-image
vars: *bazel_vars
files: *bazel_files
# gerrit-base jobs
- job:
name: system-config-build-image-gerrit-base
description: Build a gerrit-base image.
parent: system-config-build-image
required-projects: &gerrit_base_projects
- opendev/jeepyb
vars: &gerrit-base_vars
docker_images:
- context: docker/gerrit/base
repository: opendevorg/gerrit-base
path: /home/zuul/src/opendev.org/opendev/jeepyb
files: &gerrit-base_files
- docker/gerrit/base/.*
- job:
name: system-config-upload-image-gerrit-base
description: Build and upload a gerrit-base image.
parent: system-config-upload-image
required-projects: *gerrit_base_projects
vars: *gerrit-base_vars
files: *gerrit-base_files
- job:
name: system-config-promote-image-gerrit-base
description: Promote a previously published gerrit-base image to latest.
parent: system-config-promote-image
required-projects: *gerrit_base_projects
vars: *gerrit-base_vars
files: *gerrit-base_files
# Role integration jobs. These test the top-level generic roles/*
# under Zuul. The range of platforms should be the same as those for
# openstack-zuul-jobs.
#
# NOTE(ianw): 2018-08 have left off Fedora & OpenSUSE because
# no roles currently run on them.
- job:
name: system-config-zuul-role-integration
description: |
Test roles provided by system-config with Zuul
abstract: true
parent: base
run: roles-test/base.yaml
files:
- roles/.*
- job:
name: system-config-zuul-role-integration-xenial
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: ubuntu-xenial
- name: puppet4
label: ubuntu-xenial
groups:
- name: puppet3
nodes:
- base
- name: openafs
nodes:
- base
- job:
name: system-config-zuul-role-integration-bionic
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: ubuntu-bionic
groups:
- name: puppet5
nodes:
- base
- name: openafs
nodes:
- base
- job:
name: system-config-zuul-role-integration-debian-stable
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: debian-stretch
groups:
- name: openafs
nodes:
- base
- job:
name: system-config-zuul-role-integration-centos-8
parent: system-config-zuul-role-integration
nodeset:
nodes:
- name: base
label: centos-8
groups:
- name: openafs
nodes:
- base
- project-template:
name: system-config-zuul-role-integration
check:
jobs:
- system-config-zuul-role-integration-xenial
- system-config-zuul-role-integration-bionic
- system-config-zuul-role-integration-debian-stable
- system-config-zuul-role-integration-centos-8
gate:
jobs:
- system-config-zuul-role-integration-xenial
- system-config-zuul-role-integration-bionic
- system-config-zuul-role-integration-debian-stable
- system-config-zuul-role-integration-centos-8
- job:
name: system-config-run
description: |
Run the "base" playbook for system-config hosts.
This is a parent job designed to be inherited.
abstract: true
pre-run: playbooks/zuul/run-base-pre.yaml
run: playbooks/zuul/run-base.yaml
post-run: playbooks/zuul/run-base-post.yaml
vars:
install_ansible_ara_enable: true
zuul_copy_output: "{{ copy_output | combine(host_copy_output | default({})) }}"
stage_dir: "{{ ansible_user_dir }}/zuul-output"
copy_output:
'/var/log/syslog': logs_txt
'/var/log/messages': logs_txt
'/var/log/docker': logs
host-vars:
bridge.openstack.org:
host_copy_output:
'{{ zuul.project.src_dir }}/junit.xml': logs
- job:
name: system-config-run-base
parent: system-config-run
description: |
Run the "base" playbook on each of the node types
currently in use.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: xenial
label: ubuntu-xenial
- name: bionic
label: ubuntu-bionic
files:
- playbooks/.*
- roles/.*
- testinfra/.*
- job:
name: system-config-run-base-ansible-devel
parent: system-config-run-base
description: |
Run the base playbook with the latest ansible
required-projects:
- name: github.com/ansible/ansible
override-checkout: devel
- name: github.com/philpep/testinfra
- name: openstack/openstacksdk
- name: recordsansible/ara
# NOTE(ianw): 2019-06-11 pinned to stable branch until we handle 1.0
# http://lists.openstack.org/pipermail/openstack-infra/2019-June/006400.html
override-checkout: stable/0.x
vars:
bridge_ansible_name: '{{ ansible_user_dir}}/src/github.com/ansible/ansible'
bridge_ansible_version: null
bridge_openstacksdk_name: '{{ ansible_user_dir }}/src/opendev.org/openstack/openstacksdk'
bridge_openstacksdk_version: null
bridge_ara_name: '{{ ansible_user_dir}}/src/opendev.org/recordsansible/ara'
bridge_ara_version: null
- job:
name: system-config-run-eavesdrop
parent: system-config-run
description: |
Run the playbook for an eavesdrop server.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: eavesdrop01.openstack.org
label: ubuntu-xenial
files:
- playbooks/bridge.yaml
- playbooks/group_vars/eavesdrop.yaml
- testinfra/test_eavesdrop.py
vars:
run_playbooks:
- playbooks/remote_puppet_else.yaml
- job:
name: system-config-run-letsencrypt
parent: system-config-run
description: |
Run the playbook for letsencrypt key acquisition
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: adns-letsencrypt.opendev.org
label: ubuntu-bionic
- name: letsencrypt01.opendev.org
label: ubuntu-bionic
- name: letsencrypt02.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-nameserver.yaml
- playbooks/service-letsencrypt.yaml
host-vars:
letsencrypt01.opendev.org:
host_copy_output:
'/var/log/acme.sh': logs
letsencrypt02.opendev.org:
host_copy_output:
'/var/log/acme.sh': logs
files:
- playbooks/bridge.yaml
- playbooks/group_vars/letsencrypt.yaml
- playbooks/roles/letsencrypt.*
- job:
name: system-config-run-lists
parent: system-config-run
description: |
Run the playbook for a list server.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: lists.openstack.org
label: ubuntu-xenial
files:
- playbooks/bridge.yaml
- modules/openstack_project/manifests/lists.pp
- playbooks/host_vars/lists.openstack.org.yaml
- roles/exim
vars:
run_playbooks:
- playbooks/remote_puppet_else.yaml
- job:
name: system-config-run-nodepool
parent: system-config-run
description: |
Run the playbook for nodepool.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: nl01.openstack.org
label: ubuntu-xenial
- name: nb01.openstack.org
label: ubuntu-xenial
vars:
run_playbooks:
- playbooks/service-nodepool.yaml
- playbooks/remote_puppet_else.yaml
files:
- playbooks/bridge.yaml
- playbooks/group_vars/nodepool.yaml
- playbooks/group_vars/nodepool-builder.yaml
- playbooks/group_vars/nodepool-launcher.yaml
- playbooks/roles/configure-openstacksdk/
- playbooks/templates/clouds/
- testinfra/test_nodepool.py
- job:
name: system-config-run-dns
parent: system-config-run
description: |
Run the playbook for dns.
required-projects:
- opendev/zone-opendev.org
- opendev/zone-zuul-ci.org
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: adns1.opendev.org
label: ubuntu-bionic
- name: ns1.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-nameserver.yaml
host-vars:
adns1.opendev.org:
host_copy_output:
'/etc/bind/named.conf': logs
'/var/lib/bind/zones': logs
files:
- playbooks/bridge.yaml
- playbooks/group_vars/adns.yaml
- playbooks/group_vars/dns.yaml
- ^playbooks/host_vars/(ad)?ns\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/adns.yaml.j2
- playbooks/zuul/templates/group_vars/ns.yaml.j2
- playbooks/roles/master-nameserver/
- playbooks/roles/nameserver/
- testinfra/test_adns.py
- testinfra/test_ns.py
- job:
name: system-config-run-backup
parent: system-config-run
description: |
Run the playbook for backup configuration
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: backup01.region.provider.opendev.org
label: ubuntu-bionic
- name: backup-test01.opendev.org
label: ubuntu-bionic
- name: backup-test02.opendev.org
label: ubuntu-xenial
vars:
run_playbooks:
- playbooks/service-backup.yaml
files:
- playbooks/bridge.yaml
- playbooks/roles/backup.*
- playbooks/zuul/templates/host_vars/backup.*
- testinfra/test_backups.py
- job:
name: system-config-run-mirror-base
parent: system-config-run
abstract: true
description: |
Run the playbook for a mirror node
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-mirror.yaml
host-vars:
mirror01.openafs.provider.opendev.org:
host_copy_output:
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
files:
- playbooks/bridge.yaml
- roles/
- playbooks/group_vars/mirror_opendev.yaml
- playbooks/roles/mirror/
- playbooks/roles/letsencrypt.*
- playbooks/service-letsencrypt.yaml
- playbooks/service-mirror.yaml
- playbooks/zuul/templates/group_vars/mirror_opendev.yaml.j2
- testinfra/test_mirror.py
- job:
name: system-config-run-mirror-x86
parent: system-config-run-mirror-base
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: mirror01.openafs.provider.opendev.org
label: ubuntu-bionic
- job:
name: system-config-run-mirror-arm64
parent: system-config-run-mirror-base
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic-arm64
- name: mirror01.openafs.provider.opendev.org
label: ubuntu-bionic-arm64
- job:
name: system-config-run-mirror-update
parent: system-config-run
description: |
Run the playbook for a mirror update node
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: mirror-update01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-mirror-update.yaml
files:
- playbooks/bridge.yaml
- roles/
- playbooks/roles/mirror-update/
- playbooks/service-mirror-update.yaml
- testinfra/test_mirror-update.py
- job:
name: system-config-run-docker-registry
parent: system-config-run
description: |
Run the playbook for the docker registry.
dependencies: opendev-buildset-registry
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: insecure-ci-registry01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-registry.yaml
host-vars:
insecure-ci-registry01.opendev.org:
host_copy_output:
'/var/registry/auth': logs
'/var/registry/certs': logs
files:
- playbooks/bridge.yaml
- playbooks/group_vars/registry.yaml
- ^playbooks/host_vars/insecure-ci-registry\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/registry.yaml.j2
- playbooks/roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
- playbooks/roles/registry/
- testinfra/test_registry.py
- job:
name: system-config-run-gitea
parent: system-config-run
description: |
Run the playbook for the gitea servers.
dependencies: opendev-buildset-registry
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: gitea-lb01.opendev.org
label: ubuntu-bionic
- name: gitea99.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-gitea-lb.yaml
- playbooks/remote_puppet_git.yaml
run_test_playbook: playbooks/test-gitea.yaml
host-vars:
gitea99.opendev.org:
host_copy_output:
'/var/gitea/conf': logs
'/var/gitea/certs': logs
'/var/gitea/logs': logs
gitea-lb01.opendev.org:
host_copy_output:
'/var/haproxy/etc': logs
files:
- playbooks/bridge.yaml
- playbooks/group_vars/gitea.yaml
- playbooks/group_vars/gitea-lb.yaml
- playbooks/host_vars/gitea.*
- playbooks/zuul/templates/group_vars/gitea.yaml.j2
- playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2
- playbooks/roles/gitea/
- playbooks/roles/gitea-git-repos/
- playbooks/roles/haproxy/
- playbooks/roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
- testinfra/test_gitea.py
- testinfra/test_gitea_lb.py
# From gitea_files -- If we rebuild the image, we want to run
# this job as well.
- docker/gitea/.*
# From haproxy-statsd_files -- If we rebuild the image, we want
# to run this job as well.
- docker/haproxy-statsd/.*
- job:
name: system-config-run-zuul-preview
parent: system-config-run
description: |
Run the playbook for the docker registry.
dependencies: opendev-buildset-registry
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zp01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-zuul.yaml
files:
- playbooks/bridge.yaml
- playbooks/roles/zuul-preview/
- testinfra/test_zuul_preview.py
- job:
name: system-config-run-review
parent: system-config-run
description: |
Run the playbook for gerrit (in a container).
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: review01.opendev.org
label: ubuntu-bionic
- name: review-dev01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-review-dev.yaml
- playbooks/service-review.yaml
host-vars:
review-dev01.opendev.org:
host_copy_output:
'/home/gerrit2/review_site/etc': logs
'/home/gerrit2/review_site/logs': logs
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
review01.opendev.org:
host_copy_output:
'/home/gerrit2/review_site/etc': logs
'/home/gerrit2/review_site/logs': logs
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
files:
- playbooks/group_vars/review.yaml
- ^playbooks/host_vars/review\d+.opendev.org.yaml
- playbooks/group_vars/review-dev.yaml
- ^playbooks/host_vars/review-dev\d+.opendev.org.yaml
- ^playbooks/service-review.*.yaml
- playbooks/roles/letsencrypt.*
- playbooks/service-letsencrypt.yaml
- playbooks/zuul/templates/group_vars/review-dev.yaml.j2
- playbooks/zuul/templates/group_vars/review.yaml.j2
- playbooks/roles/gerrit/
- testinfra/test_gerrit.py
- job:
name: system-config-run-static
parent: system-config-run
description: |
Run the playbook for a static node
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: static01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-letsencrypt.yaml
- playbooks/service-static.yaml
files:
- playbooks/bridge.yaml
- playbooks/roles/static/
- playbooks/roles/letsencrypt.*
- playbooks/service-letsencrypt.yaml
- playbooks/service-static.yaml
- testinfra/test_static.py
host-vars:
static01.opendev.org:
host_copy_output:
'/var/log/acme.sh/': logs
'/etc/apache2/': logs
'/var/log/apache2/': logs
- job:
name: infra-prod-playbook
description: |
Run specified playbook against productions hosts.
This is a parent job designed to be inherited to enabled
CD deployment of our infrastructure. Set playbook_name to
specify the playbook relative to
bridge.openstack.org:/opt/system-config/playbooks
abstract: true
run: playbooks/zuul/run-production-playbook.yaml
vars:
ansible_forks: 5
nodeset:
nodes: []
- job:
name: infra-prod-zuul_reconfigure
parent: infra-prod-playbook
description: |
Perform a full Zuul reconfiguration.
This reloads the tenant config file and clears all configuration
caches.
vars:
playbook_name: zuul_reconfigure.yaml
- project:
templates:
- system-config-zuul-role-integration
- infra-puppet-apply-jobs
- infra-logstash-filter-jobs
- publish-tox-docs-infra
check:
jobs:
- opendev-buildset-registry:
vars:
docker_mirror_base_url: "http://{{ zuul_site_mirror_fqdn }}/deb-docker"
- tox-linters
- puppet-beaker-rspec-puppet-4-infra-system-config
- system-config-run-base
- system-config-run-base-ansible-devel:
voting: false
- system-config-run-backup
- system-config-run-dns
- system-config-run-eavesdrop
- system-config-run-lists
- system-config-run-nodepool
- system-config-run-mirror-x86
- system-config-run-mirror-update
- system-config-run-static
- system-config-run-docker-registry
- system-config-run-gitea:
dependencies:
- name: system-config-build-image-gitea
soft: true
- name: system-config-build-image-haproxy-statsd
soft: true
- system-config-run-review
- system-config-run-zuul-preview
- system-config-run-letsencrypt
- system-config-build-image-bazel
- system-config-build-image-jinja-init:
dependencies:
- name: system-config-build-image-python-base
soft: true
- system-config-build-image-gitea-init:
dependencies:
- name: system-config-build-image-jinja-init
soft: true
- system-config-build-image-gitea
- system-config-build-image-gerrit-base:
dependencies:
- name: system-config-build-image-python-builder
soft: true
- system-config-build-image-gerrit-2.13
- system-config-build-image-gerrit-2.15:
dependencies:
- name: system-config-build-image-bazel
soft: true
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-2.16:
dependencies:
- name: system-config-build-image-bazel
soft: true
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-3.0:
dependencies:
- name: system-config-build-image-bazel
soft: true
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-gerrit-master:
dependencies:
- name: system-config-build-image-bazel
soft: true
- name: system-config-build-image-gerrit-base
soft: true
- system-config-build-image-haproxy-statsd:
dependencies:
- name: system-config-build-image-python-base
soft: true
- system-config-build-image-python-base
- system-config-build-image-python-builder
check-arm64:
jobs:
- system-config-run-mirror-arm64
gate:
jobs:
- opendev-buildset-registry:
vars:
docker_mirror_base_url: "http://{{ zuul_site_mirror_fqdn }}/deb-docker"
- tox-linters
- puppet-beaker-rspec-puppet-4-infra-system-config
- system-config-run-base
- system-config-run-dns
- system-config-run-eavesdrop
- system-config-run-lists
- system-config-run-nodepool
- system-config-run-mirror-x86
- system-config-run-mirror-update
- system-config-run-static
- system-config-run-docker-registry
- system-config-run-gitea:
dependencies:
- name: system-config-upload-image-gitea
soft: true
- name: system-config-upload-image-haproxy-statsd
soft: true
- system-config-run-review
- system-config-run-zuul-preview
- system-config-run-letsencrypt
- system-config-upload-image-bazel
- system-config-upload-image-jinja-init:
dependencies:
- name: system-config-upload-image-python-base
soft: true
- system-config-upload-image-gitea-init:
dependencies:
- name: system-config-upload-image-jinja-init
soft: true
- system-config-upload-image-gitea
- system-config-upload-image-gerrit-base:
dependencies:
- name: system-config-upload-image-python-builder
soft: true
- system-config-upload-image-gerrit-2.13
- system-config-upload-image-gerrit-2.15:
dependencies:
- name: system-config-upload-image-bazel
soft: true
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-2.16:
dependencies:
- name: system-config-upload-image-bazel
soft: true
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-3.0:
dependencies:
- name: system-config-upload-image-bazel
soft: true
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-gerrit-master:
dependencies:
- name: system-config-upload-image-bazel
soft: true
- name: system-config-upload-image-gerrit-base
soft: true
- system-config-upload-image-haproxy-statsd:
dependencies:
- name: system-config-upload-image-python-base
soft: true
- system-config-upload-image-python-base
- system-config-upload-image-python-builder
promote:
jobs:
- system-config-promote-image-bazel
- system-config-promote-image-jinja-init
- system-config-promote-image-gitea-init
- system-config-promote-image-gitea
- system-config-promote-image-gerrit-base
- system-config-promote-image-gerrit-2.13
- system-config-promote-image-gerrit-2.15
- system-config-promote-image-gerrit-2.16
- system-config-promote-image-gerrit-3.0
- system-config-promote-image-gerrit-master
- system-config-promote-image-haproxy-statsd
- system-config-promote-image-python-base
- system-config-promote-image-python-builder