Retire Tripleo: remove repo content
TripleO project is retiring - https://review.opendev.org/c/openstack/governance/+/905145 this commit remove the content of this project repo Change-Id: Ib5a8155d76652044701ae05e5dbcc7078f41d863
This commit is contained in:
parent
b6eedb6fb1
commit
cbf9d36df6
@ -1,2 +0,0 @@
|
||||
---
|
||||
parseable: true
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +0,0 @@
|
||||
.eggs
|
||||
.tox
|
@ -1,40 +0,0 @@
|
||||
---
|
||||
repos:
|
||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||
rev: v2.4.0
|
||||
hooks:
|
||||
- id: end-of-file-fixer
|
||||
- id: trailing-whitespace
|
||||
- id: mixed-line-ending
|
||||
- id: check-byte-order-marker
|
||||
- id: check-executables-have-shebangs
|
||||
- id: check-merge-conflict
|
||||
- id: debug-statements
|
||||
- id: flake8
|
||||
- id: check-yaml
|
||||
files: .*\.(yaml|yml)$
|
||||
- repo: https://github.com/adrienverge/yamllint.git
|
||||
rev: v1.18.0
|
||||
hooks:
|
||||
- id: yamllint
|
||||
files: \.(yaml|yml)$
|
||||
types: [file, yaml]
|
||||
entry: yamllint --strict -f parsable
|
||||
- repo: https://github.com/ansible/ansible-lint.git
|
||||
rev: v4.1.1a2
|
||||
hooks:
|
||||
- id: ansible-lint
|
||||
files: \.(yaml|yml)$
|
||||
entry: ansible-lint --force-color -v
|
||||
- repo: https://github.com/openstack-dev/bashate.git
|
||||
rev: 0.6.0
|
||||
hooks:
|
||||
- id: bashate
|
||||
entry: bashate --error . --verbose --ignore=E006,E040
|
||||
# Run bashate check for all bash scripts
|
||||
# Ignores the following rules:
|
||||
# E006: Line longer than 79 columns (as many scripts use jinja
|
||||
# templating, this is very difficult)
|
||||
# E040: Syntax error determined using `bash -n` (as many scripts
|
||||
# use jinja templating, this will often fail and the syntax
|
||||
# error will be discovered in execution anyway)
|
@ -1,7 +0,0 @@
|
||||
---
|
||||
extends: default
|
||||
|
||||
rules:
|
||||
line-length:
|
||||
# matches hardcoded 160 value from ansible-lint
|
||||
max: 160
|
175
LICENSE
175
LICENSE
@ -1,175 +0,0 @@
|
||||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
334
README.rst
334
README.rst
@ -1,328 +1,10 @@
|
||||
TripleO Modify Image
|
||||
====================
|
||||
This project is no longer maintained.
|
||||
|
||||
A role to allow modification to container images built for the TripleO project.
|
||||
The contents of this repository are still available in the Git
|
||||
source code management system. To see the contents of this
|
||||
repository before it reached its end of life, please check out the
|
||||
previous commit with "git checkout HEAD^1".
|
||||
|
||||
Role Variables
|
||||
--------------
|
||||
|
||||
.. list-table:: Variables used for modify image
|
||||
:widths: auto
|
||||
:header-rows: 1
|
||||
|
||||
* - Name
|
||||
- Default Value
|
||||
- Description
|
||||
* - `source_image`
|
||||
- `[undefined]`
|
||||
- Mandatory fully qualified reference to the source image to be modified. The supplied Dockerfile will be copied and modified to make the FROM directive match this variable.
|
||||
* - `modify_dir_path`
|
||||
- `[undefined]`
|
||||
- Mandatory path to the directory containing the Dockerfile to modify the image
|
||||
* - `modified_append_tag`
|
||||
- `date +-modified-%Y%m%d%H%M%S`
|
||||
- String to be appended after the tag to indicate this is a modified version of the source image.
|
||||
* - `target_image`
|
||||
- `[undefined]`
|
||||
- If set, the modified image will be tagged with `target_image + modified_append_tag`. If `target_image` is not set, the modified image will be tagged with `source_image + modified_append_tag`. If the purpose of the image is not changing, it may be enough to rely on the `source_image + modified_append_tag` tag to identify that this is a modified version of the source image.
|
||||
|
||||
.. list-table:: Variables used for yum update
|
||||
:widths: auto
|
||||
:header-rows: 1
|
||||
|
||||
* - Name
|
||||
- Default Value
|
||||
- Description
|
||||
* - `source_image`
|
||||
- `[undefined]`
|
||||
- See modify image variables
|
||||
* - `modified_append_tag`
|
||||
- `date +-modified-%Y%m%d%H%M%S`
|
||||
- See modify image variables
|
||||
* - `target_image`
|
||||
- `''`
|
||||
- See modify image variables
|
||||
* - `rpms_path`
|
||||
- `''`
|
||||
- If set, packages present in rpms_path will be updated but dependencies must also be included if required as yum
|
||||
is called with localupdate.
|
||||
* - `update_repo`
|
||||
- `''`
|
||||
- If set, packages from this repo will be updated. Other repos will only be used for dependencies of these updates.
|
||||
* - `yum_repos_dir_path`
|
||||
- `None`
|
||||
- Optional path of directory to be used as `/etc/yum.repos.d` during the update
|
||||
* - `yum_cache`
|
||||
- `None`
|
||||
- Optional path to the host directory for yum cache during the update.
|
||||
Requires an overlay-enabled FS that also supports SE context relabling.
|
||||
* - `force_purge_yum_cache`
|
||||
- `False`
|
||||
- Optional argument that tells buildah to forcefully re-populate the yum
|
||||
cache with new contents.
|
||||
|
||||
.. list-table:: Variables used for yum install
|
||||
:widths: auto
|
||||
:header-rows: 1
|
||||
|
||||
* - Name
|
||||
- Default Value
|
||||
- Description
|
||||
* - `source_image`
|
||||
- `[undefined]`
|
||||
- See modify image variables
|
||||
* - `modified_append_tag`
|
||||
- `date +-modified-%Y%m%d%H%M%S`
|
||||
- See modify image variables
|
||||
* - `target_image`
|
||||
- `''`
|
||||
- See modify image variables
|
||||
* - `yum_packages`
|
||||
- `[]`
|
||||
- Provide a list of packages to install via yum
|
||||
* - `yum_repos_dir_path`
|
||||
- `None`
|
||||
- Optional path of directory to be used as `/etc/yum.repos.d` during the update
|
||||
|
||||
|
||||
.. list-table:: Variables used for dev install
|
||||
:widths: auto
|
||||
:header-rows: 1
|
||||
|
||||
* - Name
|
||||
- Default Value
|
||||
- Description
|
||||
* - `source_image`
|
||||
- `[undefined]`
|
||||
- See modify image variables
|
||||
* - `modified_append_tag`
|
||||
- `date +-modified-%Y%m%d%H%M%S`
|
||||
- See modify image variables
|
||||
* - `target_image`
|
||||
- `''`
|
||||
- See modify image variables
|
||||
* - `refspecs`
|
||||
- `[]`
|
||||
- An array of project/refspec pairs that will be installed into the generated container. Currently only supports python source projects.
|
||||
* - `python_dir`
|
||||
- `[]`
|
||||
- Directory which contains a Python project ready to be installed with pip.
|
||||
|
||||
|
||||
Requirements
|
||||
------------
|
||||
|
||||
- ansible >= 2.4
|
||||
- python >= 2.6
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
||||
None
|
||||
|
||||
Warnings
|
||||
--------
|
||||
|
||||
On-disk repositories
|
||||
....................
|
||||
|
||||
Please ensure the SELinux label for the on-disk repositories are correct.
|
||||
Depending on your container-selinux (and podman) version, you may face issues.
|
||||
|
||||
Some examples of a correct type:
|
||||
|
||||
- ```system_u:object_r:rpm_var_cache_t```
|
||||
- ```system_u:object_r:container_file_t```
|
||||
|
||||
First one matches the one of /var/cache/dnf, and is accessible from within a
|
||||
container, while the second one may allow a container to actually write in
|
||||
there.
|
||||
|
||||
Directories located in the user's home
|
||||
......................................
|
||||
|
||||
You may want to avoid pointing to directories in your $HOME when running this
|
||||
role, especially when it's running from within TripleO client (for instance
|
||||
with the ```openstack tripleo container image prepare``` command). Doing so
|
||||
may break due to the SELinux labels and permissions associated to your home
|
||||
directory.
|
||||
|
||||
Please use another location, such as /opt, or even /tmp - and double-check the
|
||||
SELinux labels therein.
|
||||
|
||||
Example Playbooks
|
||||
-----------------
|
||||
|
||||
Modify Image
|
||||
~~~~~~~~~~~~
|
||||
|
||||
The following playbook will produce a modified image with the tag
|
||||
`:latest-modified-<timestamp>` based on the Dockerfile in the custom directory
|
||||
`/path/to/example_modify_dir`.
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
tasks:
|
||||
- name: include ansible-role-tripleo-modify-image
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
tasks_from: modify_image.yml
|
||||
vars:
|
||||
source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
|
||||
modify_dir_path: /path/to/example_modify_dir
|
||||
|
||||
The directory `example_modify_dir` contains the `Dockerfile` which will perform
|
||||
the modification, for example:
|
||||
|
||||
.. code-block::
|
||||
|
||||
# This will be replaced in the file Dockerfile.modified
|
||||
FROM centos-binary-nova-api
|
||||
|
||||
# switch to root to install packages
|
||||
USER root
|
||||
|
||||
# install packages
|
||||
RUN curl "https://bootstrap.pypa.io/get-pip.py" -o "/tmp/get-pip.py"
|
||||
RUN python /tmp/get-pip.py
|
||||
|
||||
# switch the container back to the default user
|
||||
USER nova
|
||||
|
||||
Yum update
|
||||
~~~~~~~~~~
|
||||
|
||||
The following playbook will produce a modified image with the tag
|
||||
`:latest-updated` which will do a yum update using the host's /etc/yum.repos.d.
|
||||
Only file repositories will be used (with baseurl=file://...).
|
||||
In this playbook the tasks\_from is set as a variable instead of an
|
||||
`import_role` parameter.
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
tasks:
|
||||
- name: include ansible-role-tripleo-modify-image
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
vars:
|
||||
tasks_from: yum_update.yml
|
||||
source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
|
||||
yum_repos_dir_path: /etc/yum.repos.d
|
||||
modified_append_tag: updated
|
||||
yum_cache: /tmp/containers-updater/yum_cache
|
||||
rpms_path: /opt/rpms
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
tasks:
|
||||
- name: include ansible-role-tripleo-modify-image
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
vars:
|
||||
tasks_from: yum_update.yml
|
||||
source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
|
||||
modified_append_tag: updated
|
||||
rpms_path: /opt/rpms/
|
||||
|
||||
Note, if you have a locally installed gating repo, you can add
|
||||
``update_repo: gating-repo``. This may be the case for the consequent in-place
|
||||
deployments, like those performed with the CI reproducer script.
|
||||
|
||||
|
||||
Yum install
|
||||
~~~~~~~~~~~
|
||||
|
||||
The following playbook will produce a modified image with the tag
|
||||
`:latest-updated` which will do a yum install of the requested packages
|
||||
using the host's /etc/yum.repos.d. In this playbook the tasks\_from is set as
|
||||
a variable instead of an `import_role` parameter.
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
tasks:
|
||||
- name: include ansible-role-tripleo-modify-image
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
vars:
|
||||
tasks_from: yum_install.yml
|
||||
source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
|
||||
yum_repos_dir_path: /etc/yum.repos.d
|
||||
yum_packages: ['foobar-nova-plugin', 'fizzbuzz-nova-plugin']
|
||||
|
||||
RPM install
|
||||
~~~~~~~~~~~
|
||||
|
||||
The following playbook will produce a modified image with RPMs from the
|
||||
specified rpms\_path on the local filesystem installed as a new layer
|
||||
for the container. The new container tag is appened with the '-hotfix'
|
||||
suffix. Useful for creating adhoc hotfix containers with local RPMs with no
|
||||
network connectivity.
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
tasks:
|
||||
- name: include ansible-role-tripleo-modify-image
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
vars:
|
||||
tasks_from: rpm_install.yml
|
||||
source_image: docker.io/tripleomaster/centos-binary-nova-api:latest
|
||||
rpms_path: /opt/rpms
|
||||
modified_append_tag: -hotfix
|
||||
|
||||
Dev install
|
||||
~~~~~~~~~~~
|
||||
|
||||
The following playbook will produce a modified image with Python source
|
||||
code installed via pip. To minimize dependencies within the container
|
||||
we generate the sdist locally and then copy it into the resulting
|
||||
container image as an sdist tarball to run pip install locally.
|
||||
|
||||
It can be used to pull a review from OpenDev Gerrit:
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
connection: local
|
||||
tasks:
|
||||
- name: dev install heat-api
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
vars:
|
||||
tasks_from: dev_install.yml
|
||||
source_image: docker.io/tripleomaster/centos-binary-heat-api:current-tripleo
|
||||
refspecs:
|
||||
-
|
||||
project: heat
|
||||
refspec: refs/changes/12/1234/3
|
||||
modified_append_tag: -devel
|
||||
|
||||
or it can be used to build an image from a local Python directory:
|
||||
|
||||
.. code-block::
|
||||
|
||||
- hosts: localhost
|
||||
connection: local
|
||||
tasks:
|
||||
- name: dev install heat-api
|
||||
import_role:
|
||||
name: ansible-role-tripleo-modify-image
|
||||
vars:
|
||||
tasks_from: dev_install.yml
|
||||
source_image: docker.io/tripleomaster/centos-binary-heat-api:current-tripleo
|
||||
modified_append_tag: -devel
|
||||
python_dir:
|
||||
- /home/joe/git/openstack/heat
|
||||
|
||||
Note: here, we can use a directory located in the user's home because it's
|
||||
probably launched by the user.
|
||||
|
||||
License
|
||||
-------
|
||||
|
||||
Apache 2.0
|
||||
For any further questions, please email
|
||||
openstack-discuss@lists.openstack.org or join #openstack-dev on
|
||||
OFTC.
|
||||
|
@ -1,6 +0,0 @@
|
||||
# These are required here because ansible can't be in global-requirements due
|
||||
# to licensing conflicts. But we sill need to be able to pull them in for
|
||||
# lint checks and want to document these as ansible specific things that may
|
||||
# be required for this repository.
|
||||
ansible
|
||||
ansible-lint
|
11
ansible.cfg
11
ansible.cfg
@ -1,11 +0,0 @@
|
||||
[defaults]
|
||||
gathering = smart
|
||||
command_warnings = False
|
||||
retry_files_enabled = False
|
||||
callback_whitelist = profile_tasks
|
||||
|
||||
# Attempt to load custom modules whether it's installed system-wide or from a virtual environment
|
||||
roles_path = roles:$VIRTUAL_ENV/usr/share/ansible/roles/tripleo-modify-image:$VIRTUAL_ENV/share/ansible/roles/
|
||||
|
||||
[ssh_connection]
|
||||
control_path = %(directory)s/%C
|
@ -1,21 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# ANSIBLE0006: Using command rather than module
|
||||
# we have a few use cases where we need to use curl and rsync
|
||||
# ANSIBLE0007: Using command rather than an argument to e.g file
|
||||
# we have a lot of 'rm' command and we should use file module instead
|
||||
# ANSIBLE0010: Package installs should not use latest.
|
||||
# Sometimes we need to update some packages.
|
||||
# ANSIBLE0012: Commands should not change things if nothing needs doing
|
||||
# ANSIBLE0013: Use Shell only when shell functionality is required
|
||||
# ANSIBLE0016: Tasks that run when changed should likely be handlers
|
||||
# this requires refactoring roles, skipping for now
|
||||
SKIPLIST="ANSIBLE0006,ANSIBLE0007,ANSIBLE0010,ANSIBLE0012,ANSIBLE0013,ANSIBLE0016"
|
||||
|
||||
# Lin the role.
|
||||
ansible-lint -vvv -x $SKIPLIST ./ || lint_error=1
|
||||
|
||||
# exit with 1 if we had a least an error or warning.
|
||||
if [[ -n "$lint_error" ]]; then
|
||||
exit 1;
|
||||
fi
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
update_repo: ''
|
||||
python_dir: []
|
||||
refspecs: []
|
||||
yum_packages: []
|
||||
force_purge_yum_cache: false
|
@ -1,50 +0,0 @@
|
||||
set -eou pipefail
|
||||
|
||||
PYTHON_CMD=$(command -v python3 || command -v python2 || command -v python)
|
||||
|
||||
# Cherry-pick a refspec
|
||||
# $1 : project name e.g. keystone
|
||||
# $2 : Gerrit refspec(s) to cherry pick
|
||||
function cherrypick {
|
||||
local PROJ_NAME=$1
|
||||
local REFSPECS="$2"
|
||||
|
||||
# check that git is installed
|
||||
if ! rpm -qi git &> /dev/null && ! rpm -qi git-core &> /dev/null; then
|
||||
echo "Please install git before using this module."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -d "$PROJ_NAME" ]; then
|
||||
git clone "https://opendev.org/openstack/$PROJ_NAME"
|
||||
fi
|
||||
cd "$PROJ_NAME"
|
||||
for REFSPEC in $REFSPECS; do
|
||||
git fetch "https://review.opendev.org/openstack/$PROJ_NAME" "$REFSPEC"
|
||||
git cherry-pick FETCH_HEAD || git cherry-pick --abort
|
||||
done
|
||||
|
||||
SKIP_GENERATE_AUTHORS=1 SKIP_WRITE_GIT_CHANGELOG=1 $PYTHON_CMD setup.py sdist
|
||||
cp dist/*.tar.gz ../
|
||||
|
||||
}
|
||||
|
||||
# Copy a Python directory
|
||||
# $1 : Python directory to copy and install to generate a tarball.
|
||||
function copy {
|
||||
local PYTHON_DIR=$1
|
||||
|
||||
rm -rf dev
|
||||
cp -r $PYTHON_DIR dev
|
||||
cd dev
|
||||
SKIP_GENERATE_AUTHORS=1 SKIP_WRITE_GIT_CHANGELOG=1 $PYTHON_CMD setup.py sdist
|
||||
cp dist/*.tar.gz ../
|
||||
}
|
||||
|
||||
mkdir -p refspec_projects
|
||||
cd refspec_projects
|
||||
if [[ "$GERRIT_MODE" == 1 ]]; then
|
||||
cherrypick $1 $2
|
||||
else
|
||||
copy $1
|
||||
fi
|
@ -1,7 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
set -eox pipefail
|
||||
|
||||
rpm --replacepkgs --replacefiles --oldpackage -Uvh /tmp/*.rpm
|
||||
rm -f /tmp/*.rpm
|
||||
rm -f /tmp/rpm_install.sh
|
@ -1,16 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eou pipefail
|
||||
|
||||
PKG="$(command -v dnf || command -v yum)"
|
||||
PKG_MGR="$(echo ${PKG:(-3)})"
|
||||
|
||||
if [ -z "$1" ]; then
|
||||
echo "No packages were specified to install..."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
YUM_PACKAGES=$1
|
||||
|
||||
$PKG -y install $YUM_PACKAGES
|
||||
rm -rf /var/cache/$PKG_MGR
|
@ -1,22 +0,0 @@
|
||||
---
|
||||
galaxy_info:
|
||||
author: Steve Baker
|
||||
description: Modify container images built for TripleO
|
||||
company: Red Hat
|
||||
license: Apache 2.0
|
||||
min_ansible_version: 2.4
|
||||
|
||||
platforms:
|
||||
- name: EL
|
||||
versions:
|
||||
- 7
|
||||
|
||||
galaxy_tags:
|
||||
- buildah
|
||||
- container
|
||||
- openstack
|
||||
- tripleo
|
||||
- packaging
|
||||
- system
|
||||
|
||||
dependencies: []
|
@ -1,2 +0,0 @@
|
||||
pbr>=1.6
|
||||
ansible
|
41
setup.cfg
41
setup.cfg
@ -1,41 +0,0 @@
|
||||
[metadata]
|
||||
name = ansible-role-tripleo-modify-image
|
||||
summary = ansible-tripleo-modify-image - Ansible role to allow modification to container images built for the TripleO project.
|
||||
description_file =
|
||||
README.rst
|
||||
author = TripleO Team
|
||||
author_email = sbaker@redhat.com
|
||||
home_page = https://git.openstack.org/cgit/openstack/ansible-role-tripleo-modify-image
|
||||
classifier =
|
||||
License :: OSI Approved :: Apache Software License
|
||||
Development Status :: 4 - Beta
|
||||
Intended Audience :: Developers
|
||||
Intended Audience :: System Administrators
|
||||
Intended Audience :: Information Technology
|
||||
Topic :: Utilities
|
||||
|
||||
[global]
|
||||
setup_hooks =
|
||||
pbr.hooks.setup_hook
|
||||
|
||||
[files]
|
||||
data_files =
|
||||
share/ansible/roles/tripleo-modify-image/defaults = defaults/*
|
||||
share/ansible/roles/tripleo-modify-image/meta = meta/*
|
||||
share/ansible/roles/tripleo-modify-image/tasks = tasks/*
|
||||
share/ansible/roles/tripleo-modify-image/templates = templates/*
|
||||
share/ansible/roles/tripleo-modify-image/files = files/*
|
||||
share/ansible/roles/tripleo-modify-image/vars = vars/*
|
||||
|
||||
[wheel]
|
||||
universal = 1
|
||||
|
||||
[pbr]
|
||||
skip_authors = True
|
||||
skip_changelog = True
|
||||
|
||||
[flake8]
|
||||
# E123, E125 skipped as they are invalid PEP-8.
|
||||
show-source = True
|
||||
ignore = E123,E125
|
||||
builtins = _
|
21
setup.py
21
setup.py
@ -1,21 +0,0 @@
|
||||
# Copyright Red Hat, Inc. All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
import setuptools
|
||||
|
||||
setuptools.setup(
|
||||
long_description_content_type='text/markdown',
|
||||
setup_requires=['pbr'],
|
||||
py_modules=[],
|
||||
pbr=True)
|
@ -1,20 +0,0 @@
|
||||
---
|
||||
- name: List RPMs
|
||||
find:
|
||||
paths: "{{ rpms_path }}"
|
||||
patterns: "^.*?\\.rpm$"
|
||||
use_regex: true
|
||||
when: rpms_path is defined
|
||||
register: context_rpms
|
||||
|
||||
- name: Set rpms_list
|
||||
set_fact:
|
||||
rpms_list: "{{ context_rpms.files|json_query('[*].path') }}"
|
||||
when: rpms_path is defined
|
||||
|
||||
- name: Copy RPMs to context dir
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ modify_dir_path }}"
|
||||
with_list: "{{ rpms_list }}"
|
||||
when: rpms_path is defined
|
@ -1,47 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: get_original_user.yml
|
||||
|
||||
- name: Create image build context directory
|
||||
tempfile:
|
||||
state: directory
|
||||
prefix: tripleo-modify-image
|
||||
register: context_dir
|
||||
|
||||
- name: Set modify_dir_path
|
||||
set_fact:
|
||||
modify_dir_path: "{{ context_dir.path }}"
|
||||
|
||||
- name: Write Dockerfile to {{ modify_dir_path }}
|
||||
template:
|
||||
src: Dockerfile-dev.j2
|
||||
dest: "{{ modify_dir_path }}/Dockerfile"
|
||||
|
||||
- name: Write dev_install.sh
|
||||
copy:
|
||||
src: dev_install.sh
|
||||
dest: "{{ modify_dir_path }}/dev_install.sh"
|
||||
mode: '0555'
|
||||
|
||||
- name: Git checkout the refspecs into local temp dir
|
||||
command: "/bin/bash dev_install.sh {{ item.project }} {{ item.refspec }}"
|
||||
environment:
|
||||
GERRIT_MODE: 1
|
||||
args:
|
||||
chdir: "{{ modify_dir_path }}"
|
||||
loop: "{{ refspecs }}"
|
||||
when: item | length > 0
|
||||
|
||||
- name: Copy the Python directories into local temp dir
|
||||
command: "/bin/bash dev_install.sh {{ item }}"
|
||||
environment:
|
||||
GERRIT_MODE: 0
|
||||
args:
|
||||
chdir: "{{ modify_dir_path }}"
|
||||
loop: "{{ python_dir }}"
|
||||
when: item | length > 0
|
||||
|
||||
- include_tasks: modify_image.yml
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
- name: Ensure image exists
|
||||
shell: podman image exists {{ source_image }} || podman pull {{ source_image }}
|
||||
become: true
|
||||
- name: Inspect image with Buildah
|
||||
command: buildah inspect {{ source_image }}
|
||||
register: source_image_facts
|
||||
become: true
|
||||
- name: Set config with Buildah
|
||||
set_fact:
|
||||
buildah_config: "{{ source_image_facts.stdout_lines | join('') | from_json }}"
|
||||
- name: Set original_user with Buildah
|
||||
set_fact:
|
||||
original_user: "{{ buildah_config['Docker']['config']['User'] }}"
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: "{{ tasks_from | default('modify_image.yml') }}"
|
@ -1,45 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Ensure that modify_dir_path is defined
|
||||
assert:
|
||||
that:
|
||||
- modify_dir_path is defined
|
||||
- modify_dir_path | length > 0
|
||||
|
||||
- name: Create Dockerfile tempfile name
|
||||
tempfile:
|
||||
path: "{{ modify_dir_path }}"
|
||||
prefix: Dockerfile.
|
||||
register: dockerfile
|
||||
|
||||
- name: Copy Dockerfile to {{ dockerfile.path }}
|
||||
copy:
|
||||
src: "{{ modify_dir_path }}/Dockerfile"
|
||||
dest: "{{ dockerfile.path }}"
|
||||
remote_src: true
|
||||
|
||||
- name: Replace FROM directive
|
||||
lineinfile:
|
||||
path: "{{ dockerfile.path }}"
|
||||
regexp: "^FROM "
|
||||
line: "FROM {{ source_image }}"
|
||||
|
||||
- name: Add LABEL modified_append_tag={{ modified_append_tag }}
|
||||
lineinfile:
|
||||
path: "{{ dockerfile.path }}"
|
||||
insertafter: "^FROM "
|
||||
line: "LABEL modified_append_tag={{ modified_append_tag }}"
|
||||
|
||||
- name: Modify image from {{ modify_dir_path }}
|
||||
command: >-
|
||||
buildah bud
|
||||
--format docker
|
||||
--tag {{ target_image | default(source_image) }}{{ modified_append_tag }}
|
||||
--file {{ dockerfile.path }} --network host ./
|
||||
# FIXME: buildah should not required root commands to build an image
|
||||
become: true
|
||||
args:
|
||||
chdir: "{{ modify_dir_path }}"
|
@ -1,11 +0,0 @@
|
||||
---
|
||||
- name: Ensure that source_image is defined
|
||||
assert:
|
||||
that:
|
||||
- source_image is defined
|
||||
- source_image | length > 0
|
||||
|
||||
- name: Set default modified_append_tag
|
||||
set_fact:
|
||||
modified_append_tag: "{{ lookup('pipe','date +-modified-%Y%m%d%H%M%S') }}"
|
||||
when: modified_append_tag is undefined
|
@ -1,36 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: get_original_user.yml
|
||||
|
||||
- name: Create image build context directory
|
||||
tempfile:
|
||||
state: directory
|
||||
prefix: tripleo-modify-image
|
||||
register: context_dir
|
||||
|
||||
- name: Set modify_dir_path
|
||||
set_fact:
|
||||
modify_dir_path: "{{ context_dir.path }}"
|
||||
|
||||
- import_tasks: copy_rpms.yml
|
||||
|
||||
- name: Write Dockerfile to {{ modify_dir_path }}
|
||||
template:
|
||||
src: Dockerfile-rpm.j2
|
||||
dest: "{{ modify_dir_path }}/Dockerfile"
|
||||
|
||||
- name: Write rpm_install.sh
|
||||
copy:
|
||||
src: rpm_install.sh
|
||||
dest: "{{ modify_dir_path }}/rpm_install.sh"
|
||||
mode: '0555'
|
||||
|
||||
- include_tasks: modify_image.yml
|
||||
|
||||
- name: Clean modify directory
|
||||
file:
|
||||
state: absent
|
||||
path: "{{ modify_dir_path }}"
|
@ -1,12 +0,0 @@
|
||||
---
|
||||
- name: Identify the primary package manager (dnf or yum)
|
||||
shell: command -v dnf || command -v yum
|
||||
register: pkg_mgr_output
|
||||
|
||||
- name: Set fact for the used package manager binary
|
||||
set_fact:
|
||||
pkg_mgr: "{{ pkg_mgr_output.stdout }}"
|
||||
|
||||
- name: Set fact for pkg_mgr_suffix
|
||||
set_fact:
|
||||
pkg_mgr_suffix: "{{ pkg_mgr.split('/')[-1] }}"
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: yum_install_buildah.yml
|
@ -1,108 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: From image {{ source_image }}
|
||||
command: buildah from {{ source_image }}
|
||||
register: from_image_cmd
|
||||
|
||||
- name: Set from_image
|
||||
set_fact:
|
||||
from_image: "{{ from_image_cmd.stdout }}"
|
||||
|
||||
- name: Run buildah config
|
||||
command: >
|
||||
buildah config
|
||||
--label modified_append_tag={{ modified_append_tag }}
|
||||
--workingdir / {{ from_image }}
|
||||
|
||||
- name: Create tempfile name for yum_install.sh
|
||||
tempfile:
|
||||
state: file
|
||||
register: yum_install
|
||||
|
||||
- import_tasks: yum_common.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Prepare yum_install.sh script
|
||||
copy:
|
||||
src: files/yum_install.sh
|
||||
dest: "{{ yum_install.path }}"
|
||||
mode: 0755
|
||||
|
||||
- name: List file repos
|
||||
shell: sed -n 's|baseurl=file://||p' *.repo
|
||||
args:
|
||||
chdir: "{{ yum_repos_dir_path }}"
|
||||
register: file_repos
|
||||
|
||||
- name: Find if /etc/{{ pkg_mgr_suffix }}/vars exists
|
||||
stat:
|
||||
path: /etc/{{ pkg_mgr_suffix }}/vars
|
||||
register: pkg_mgr_vars_stat
|
||||
|
||||
- block:
|
||||
- name: Run yum_install.sh
|
||||
command: >
|
||||
buildah run
|
||||
--volume {{ yum_install.path }}:/tmp/yum_install.sh
|
||||
--volume {{ yum_repos_dir_path }}:/etc/yum.repos.d
|
||||
{% if pkg_mgr_vars_stat.stat.exists %}
|
||||
--volume /etc/{{ pkg_mgr_suffix }}/vars:/etc/{{ pkg_mgr_suffix }}/vars
|
||||
{% endif %}
|
||||
{% for repo in file_repos.stdout_lines %}
|
||||
{% if repo is exists %}
|
||||
--volume {{ repo }}:{{ repo }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
--user root
|
||||
--net host
|
||||
{{ from_image }}
|
||||
/tmp/yum_install.sh "{{ yum_packages | join(' ') }}"
|
||||
register: result
|
||||
|
||||
rescue:
|
||||
- name: Run yum_install.sh (retry)
|
||||
command: >
|
||||
buildah --debug run
|
||||
--volume {{ yum_install.path }}:/tmp/yum_install.sh
|
||||
--volume {{ yum_repos_dir_path }}:/etc/yum.repos.d
|
||||
{% if pkg_mgr_vars_stat.stat.exists %}
|
||||
--volume /etc/{{ pkg_mgr_suffix }}/vars:/etc/{{ pkg_mgr_suffix }}/vars
|
||||
{% endif %}
|
||||
{% for repo in file_repos.stdout_lines %}
|
||||
{% if repo is exists %}
|
||||
--volume {{ repo }}:{{ repo }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
--user root
|
||||
--net host
|
||||
{{ from_image }}
|
||||
bash -x /tmp/yum_install.sh "{{ yum_packages | join(' ') }}"
|
||||
retries: 2
|
||||
delay: 3
|
||||
register: result
|
||||
until: result.rc == 0
|
||||
|
||||
- name: Remove temporary yum_install.sh script
|
||||
file:
|
||||
path: "{{ yum_install.path }}"
|
||||
state: absent
|
||||
|
||||
# NOTE(aschultz): remove --format docker when oci images are properly supported
|
||||
- name: Commit changes to image
|
||||
({{ target_image | default(source_image) }}{{ modified_append_tag }})
|
||||
command: >
|
||||
buildah commit
|
||||
--format docker
|
||||
{{ from_image }}
|
||||
{{ target_image | default(source_image) }}{{ modified_append_tag }}
|
||||
|
||||
- name: Cleanup working container
|
||||
command: >
|
||||
buildah rm {{ from_image }}
|
||||
retries: 5
|
||||
delay: 5
|
||||
ignore_errors: true
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- import_tasks: yum_update_buildah.yml
|
@ -1,191 +0,0 @@
|
||||
---
|
||||
- import_tasks: precheck.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: From image {{ source_image }}
|
||||
command: buildah from {{ source_image }}
|
||||
register: from_image_cmd
|
||||
retries: 3
|
||||
delay: 5
|
||||
until: from_image_cmd is succeeded
|
||||
|
||||
- name: Set from_image
|
||||
set_fact:
|
||||
from_image: "{{ from_image_cmd.stdout }}"
|
||||
|
||||
- name: Run buildah config
|
||||
command: >
|
||||
buildah config
|
||||
--label modified_append_tag={{ modified_append_tag }}
|
||||
--workingdir / {{ from_image }}
|
||||
|
||||
- name: Create tempfile name for yum_update.sh
|
||||
tempfile:
|
||||
state: file
|
||||
register: yum_update
|
||||
|
||||
- import_tasks: yum_common.yml
|
||||
tags:
|
||||
- always
|
||||
|
||||
- name: Set fact for the used cache path
|
||||
set_fact:
|
||||
cache_path: /var/cache/{{ pkg_mgr_suffix }}
|
||||
|
||||
- import_tasks: copy_rpms.yml
|
||||
|
||||
- name: Prepare yum_update.sh script
|
||||
template:
|
||||
src: yum_update.sh.j2
|
||||
dest: "{{ yum_update.path }}"
|
||||
mode: 0755
|
||||
|
||||
- name: List file repos
|
||||
shell: sed -n 's|baseurl=file://||p' *.repo
|
||||
args:
|
||||
chdir: "{{ yum_repos_dir_path }}"
|
||||
register: file_repos
|
||||
when: rpms_path is undefined
|
||||
|
||||
- name: Find if /etc/{{ pkg_mgr_suffix }}/vars exists
|
||||
stat:
|
||||
path: /etc/{{ pkg_mgr_suffix }}/vars
|
||||
register: pkg_mgr_vars_stat
|
||||
|
||||
- name: Define bind-mount modes for yum cache to be populated or used
|
||||
when: yum_cache is defined and yum_cache
|
||||
block:
|
||||
- name: Check for the cache existence
|
||||
stat:
|
||||
path: "{{ yum_cache }}"
|
||||
get_checksum: false
|
||||
register: yum_cache_stat
|
||||
|
||||
- name: Check for the cache contents
|
||||
shell: ls -A {{ yum_cache }}
|
||||
register: yum_cache_contents
|
||||
when: yum_cache_stat.stat.exists|default()
|
||||
|
||||
- name: Purge the cache on host
|
||||
file:
|
||||
path: "{{ yum_cache }}"
|
||||
state: absent
|
||||
when:
|
||||
- force_purge_yum_cache|bool
|
||||
- yum_cache_contents is defined
|
||||
- yum_cache_contents.stdout
|
||||
|
||||
- name: Ensure the cache path exists
|
||||
file:
|
||||
path: "{{ yum_cache }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
setype: svirt_sandbox_file_t
|
||||
when: not yum_cache_stat.stat.exists|default()
|
||||
|
||||
- name: Check if the cache path has been already mounted
|
||||
command: findmnt {{ yum_cache }}
|
||||
register: findmnt_result
|
||||
failed_when: false
|
||||
|
||||
- name: Use the pre-populated non-empty cache as an overlay fs
|
||||
set_fact:
|
||||
cache_volume: "{{ yum_cache }}:{{ cache_path }}:O"
|
||||
when:
|
||||
- yum_cache_stat.stat.exists|default()
|
||||
- yum_cache_contents.stdout
|
||||
- findmnt_result.rc != 0
|
||||
|
||||
- name: Define the cache populating mode otherwise
|
||||
set_fact:
|
||||
cache_volume: "{{ yum_cache }}:{{ cache_path }}:rw,z"
|
||||
when: cache_volume is not defined
|
||||
|
||||
- block:
|
||||
- name: Run yum_update.sh
|
||||
command: >
|
||||
buildah run
|
||||
--volume {{ yum_update.path }}:/tmp/yum_update.sh:z
|
||||
--volume {{ yum_repos_dir_path }}:/etc/yum.repos.d
|
||||
{% if pkg_mgr_vars_stat.stat.exists %}
|
||||
--volume /etc/{{ pkg_mgr_suffix }}/vars:/etc/{{ pkg_mgr_suffix }}/vars
|
||||
{% endif %}
|
||||
--volume /etc/pki:/etc/pki
|
||||
{% if cache_volume is defined and cache_volume %}
|
||||
--volume {{ cache_volume }}
|
||||
{% endif %}
|
||||
{% for repo in file_repos.stdout_lines %}
|
||||
{% if repo is exists %}
|
||||
--volume {{ repo }}:{{ repo }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
--user root
|
||||
--net host
|
||||
{{ from_image }}
|
||||
/tmp/yum_update.sh "{{ update_repo }}"
|
||||
register: result
|
||||
|
||||
rescue:
|
||||
- name: Run yum_update.sh (retry without yum cache)
|
||||
command: >
|
||||
buildah --debug run
|
||||
--volume {{ yum_update.path }}:/tmp/yum_update.sh:z
|
||||
--volume {{ yum_repos_dir_path }}:/etc/yum.repos.d
|
||||
{% if pkg_mgr_vars_stat.stat.exists %}
|
||||
--volume /etc/{{ pkg_mgr_suffix }}/vars:/etc/{{ pkg_mgr_suffix }}/vars
|
||||
{% endif %}
|
||||
--volume /etc/pki:/etc/pki
|
||||
{% for repo in file_repos.stdout_lines %}
|
||||
{% if repo is exists %}
|
||||
--volume {{ repo }}:{{ repo }}
|
||||
{% endif %}
|
||||
{% endfor %}
|
||||
--user root
|
||||
--net host
|
||||
{{ from_image }}
|
||||
bash -x /tmp/yum_update.sh "{{ update_repo }}"
|
||||
retries: 2
|
||||
delay: 3
|
||||
register: result
|
||||
until: result.rc == 0
|
||||
|
||||
- name: Remove temporary yum_update.sh script
|
||||
file:
|
||||
path: "{{ yum_update.path }}"
|
||||
state: absent
|
||||
|
||||
- name: Create the repo list
|
||||
set_fact:
|
||||
repo_list: "{{ update_repo.split(',') }}"
|
||||
|
||||
- name: Capture the update repos and installed rpms
|
||||
shell: >
|
||||
buildah run {{ from_image }} yum list installed > /var/log/container_info.log
|
||||
register: rpm_list
|
||||
|
||||
- name: Extract the updated rpms
|
||||
shell: |
|
||||
UPDATE_LOG=/var/log/container_image_update_output.log;
|
||||
touch $UPDATE_LOG;
|
||||
echo "** {{ target_image | default(source_image) }}{{ modified_append_tag }} **" >> $UPDATE_LOG;
|
||||
{% for repo in repo_list %}
|
||||
cat /var/log/container_info.log | grep -F "@{{ repo|replace(' ', '') }}" >> $UPDATE_LOG || true;
|
||||
{% endfor %}
|
||||
rm -f /var/log/container_info.log
|
||||
|
||||
# NOTE(aschultz): remove --format docker when oci images are properly supported
|
||||
- name: Commit changes to image
|
||||
({{ target_image | default(source_image) }}{{ modified_append_tag }})
|
||||
command: >
|
||||
buildah commit
|
||||
--format docker
|
||||
{{ from_image }}
|
||||
{{ target_image | default(source_image) }}{{ modified_append_tag }}
|
||||
|
||||
- name: Cleanup working container
|
||||
command: >
|
||||
buildah rm {{ from_image }}
|
||||
retries: 5
|
||||
delay: 5
|
||||
ignore_errors: true
|
@ -1,15 +0,0 @@
|
||||
FROM {{ source_image }}
|
||||
LABEL modified_append_tag={{ modified_append_tag }}
|
||||
|
||||
USER root
|
||||
|
||||
COPY refspec_projects /root/refspec_projects
|
||||
RUN /bin/bash -c 'PKG="$(command -v dnf || command -v yum)"; \
|
||||
PKG_MGR="$(echo ${PKG:(-3)})"; \
|
||||
if [ $PKG_MGR == "dnf" ]; then $PKG install -y python3-pip; PIP=pip3; else $PKG install -y python-pip; \
|
||||
PIP=pip; fi; \
|
||||
cd /; \
|
||||
for X in $(ls /root/refspec_projects/*.tar.gz); do $PIP install $X; done; \
|
||||
rm -Rf /root/refspec_projects'
|
||||
|
||||
USER "{{ original_user }}"
|
@ -1,14 +0,0 @@
|
||||
FROM {{ source_image }}
|
||||
LABEL modified_append_tag={{ modified_append_tag }}
|
||||
|
||||
WORKDIR /
|
||||
USER root
|
||||
|
||||
{% for rpm in rpms_list %}
|
||||
COPY {{ rpm | basename }} /tmp/
|
||||
{% endfor %}
|
||||
|
||||
COPY rpm_install.sh /tmp/
|
||||
RUN /tmp/rpm_install.sh
|
||||
|
||||
USER "{{ original_user }}"
|
@ -1,17 +0,0 @@
|
||||
FROM {{ source_image }}
|
||||
LABEL modified_append_tag={{ modified_append_tag }}
|
||||
|
||||
WORKDIR /
|
||||
USER root
|
||||
|
||||
COPY yum_install.sh /tmp/
|
||||
|
||||
{% if yum_repos_dir_path is defined %}
|
||||
RUN rm -rf /etc/yum.repos.d/
|
||||
COPY yum.repos.d /etc/yum.repos.d
|
||||
COPY repos /
|
||||
{% endif %}
|
||||
|
||||
RUN /tmp/yum_install.sh "{{ yum_packages | join(' ') }}"
|
||||
|
||||
USER "{{ original_user }}"
|
@ -1,22 +0,0 @@
|
||||
FROM {{ source_image }}
|
||||
LABEL modified_append_tag={{ modified_append_tag }}
|
||||
|
||||
WORKDIR /
|
||||
USER root
|
||||
|
||||
COPY yum_update.sh /tmp/
|
||||
|
||||
{% if yum_repos_dir_path is defined %}
|
||||
RUN rm -rf /etc/yum.repos.d/
|
||||
COPY yum.repos.d /etc/yum.repos.d
|
||||
COPY repos /
|
||||
{% endif %}
|
||||
{% if rpms_path is defined %}
|
||||
{% for rpm in rpms_list %}
|
||||
COPY {{ rpm | basename }} /tmp/
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
RUN /tmp/yum_update.sh "{{ update_repo }}"
|
||||
|
||||
USER "{{ original_user }}"
|
@ -1,57 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eou pipefail
|
||||
|
||||
PKG="$(command -v dnf || command -v yum)"
|
||||
PKG_MGR="$(echo ${PKG:(-3)})"
|
||||
|
||||
{% if rpms_path is defined %}
|
||||
$PKG -y localupdate /tmp/*.rpm
|
||||
rm -f /tmp/*.rpm
|
||||
{% else %}
|
||||
if [ $PKG_MGR == "dnf" ]; then
|
||||
REPOQUERY_CMD="$PKG repoquery"
|
||||
else
|
||||
REPOQUERY_CMD="$(command -v repoquery)"
|
||||
fi
|
||||
|
||||
packages_for_update=
|
||||
if [ -n "$1" ] && [[ -n $REPOQUERY_CMD ]]; then
|
||||
installed_versions=$(rpm -qa --qf "%{NAME} = %{VERSION}-%{RELEASE}\n" | sort)
|
||||
# dnf repoquery return 1 when repo does not exists, but standalone does not
|
||||
available_versions=$($REPOQUERY_CMD --quiet --provides --disablerepo='*' --enablerepo=$1 -a | sort || true)
|
||||
uptodate_versions=$(comm -12 <(printf "%s\n" "$installed_versions") <(printf "%s\n" "$available_versions"))
|
||||
|
||||
installed=$(printf "%s\n" "$installed_versions" | cut -d= -f1 | sort)
|
||||
available=$(printf "%s\n" "$available_versions" | cut -d= -f1 | sort -u)
|
||||
uptodate=$(printf "%s\n" "$uptodate_versions" | cut -d= -f1 | sort)
|
||||
|
||||
installed_for_update=$(comm -23 <(printf "%s\n" "$installed") <(printf "%s\n" "$uptodate"))
|
||||
packages_for_update=$(comm -12 <(printf "%s\n" "$installed_for_update") <(printf "%s\n" "$available"))
|
||||
fi
|
||||
|
||||
if [ -z "$packages_for_update" ]; then
|
||||
echo "No packages were found for update..."
|
||||
exit
|
||||
fi
|
||||
|
||||
if [ $PKG_MGR == "dnf" ]; then
|
||||
plugin=dnf-plugins-core
|
||||
else
|
||||
plugin=yum-plugin-priorities
|
||||
fi
|
||||
|
||||
if $(! echo $installed | grep -qw $plugin) && $($PKG list available $plugin >/dev/null 2>&1); then
|
||||
$PKG install -y $plugin
|
||||
fi
|
||||
|
||||
YUM_OPTS="{% if yum_cache is defined and yum_cache %}--setopt=keepcache=1{% endif %}"
|
||||
|
||||
$PKG -y update $YUM_OPTS $packages_for_update
|
||||
{% endif %}
|
||||
|
||||
{% if yum_cache is defined and yum_cache %}
|
||||
sync
|
||||
{% else %}
|
||||
rm -rf /var/cache/$PKG_MGR
|
||||
{% endif %}
|
@ -1 +0,0 @@
|
||||
pre-commit # MIT
|
47
tox.ini
47
tox.ini
@ -1,47 +0,0 @@
|
||||
[tox]
|
||||
minversion = 2.0
|
||||
envlist = docs, linters
|
||||
skipdist = True
|
||||
|
||||
[testenv]
|
||||
usedevelop = True
|
||||
install_command = pip install -c{env:TOX_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages}
|
||||
setenv = VIRTUAL_ENV={envdir}
|
||||
passenv =
|
||||
CURL_CA_BUNDLE
|
||||
REQUESTS_CA_BUNDLE
|
||||
SSH_AUTH_SOCK
|
||||
SSL_CERT_FILE
|
||||
TERM
|
||||
deps = -r{toxinidir}/test-requirements.txt
|
||||
whitelist_externals = bash
|
||||
|
||||
[testenv:bindep]
|
||||
basepython = python3
|
||||
# Do not install any requirements. We want this to be fast and work even if
|
||||
# system dependencies are missing, since it's used to tell you what system
|
||||
# dependencies are missing! This also means that bindep must be installed
|
||||
# separately, outside of the requirements files.
|
||||
deps = bindep
|
||||
commands = bindep test
|
||||
|
||||
[testenv:linters]
|
||||
basepython = python3
|
||||
commands =
|
||||
python -m pre_commit run {posargs} -a
|
||||
|
||||
[testenv:releasenotes]
|
||||
basepython = python3
|
||||
whitelist_externals = bash
|
||||
commands = bash -c ci-scripts/releasenotes_tox.sh
|
||||
|
||||
[testenv:venv]
|
||||
basepython = python3
|
||||
commands = {posargs}
|
||||
|
||||
[flake8]
|
||||
# E123, E125 skipped as they are invalid PEP-8.
|
||||
# E265 deals with spaces inside of comments
|
||||
show-source = True
|
||||
ignore = E123,E125,E265
|
||||
builtins = _
|
@ -1,24 +0,0 @@
|
||||
---
|
||||
- project:
|
||||
templates:
|
||||
- tripleo-multinode-container-minimal-pipeline
|
||||
queue: tripleo
|
||||
check:
|
||||
jobs:
|
||||
- openstack-tox-linters
|
||||
- tripleo-ci-centos-9-content-provider
|
||||
- tripleo-ci-centos-9-scenario001-standalone: &scenario001
|
||||
vars:
|
||||
consumer_job: true
|
||||
tags:
|
||||
- standalone
|
||||
dependencies:
|
||||
- tripleo-ci-centos-9-content-provider
|
||||
gate:
|
||||
jobs:
|
||||
- openstack-tox-linters
|
||||
- tripleo-ci-centos-9-content-provider
|
||||
- tripleo-ci-centos-9-scenario001-standalone: *scenario001
|
||||
post:
|
||||
jobs:
|
||||
- publish-openstack-python-branch-tarball
|
Loading…
x
Reference in New Issue
Block a user