From 10d8f03c4e6fe2e78f06e9c59f44210c8c2e73eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rados=C5=82aw=20Piliszek?= Date: Wed, 17 Mar 2021 17:05:22 +0000 Subject: [PATCH] [CI] Publish images to quay.io on a daily basis Based on the discussions from the past 3 Kolla meetings [1][2][3], we established that, to avoid the DockerHub pull limit issues in our CI, we will try using quay.io. We still publish weekly to the DockerHub. [1] http://eavesdrop.openstack.org/meetings/kolla/2021/kolla.2021-03-17-15.00.log.html#l-102 [2] http://eavesdrop.openstack.org/meetings/kolla/2021/kolla.2021-03-24-15.00.log.html#l-137 [3] http://eavesdrop.openstack.org/meetings/kolla/2021/kolla.2021-03-31-15.01.log.html#l-50 Change-Id: I7c1f0c5fc643678b29f963b6769d8f900a03b726 Depends-On: Id113a53c083d105ac9200474ff20faacef6decaf --- .zuul.d/base.yaml | 26 ++++++++++++++ .zuul.d/centos.yaml | 43 +++++++++++++++++++---- .zuul.d/debian.yaml | 68 +++++++++++++++++++++++++++++++------ .zuul.d/ubuntu.yaml | 43 +++++++++++++++++++---- tests/playbooks/publish.yml | 38 +++++++++++++++------ tests/playbooks/run.yml | 2 +- 6 files changed, 184 insertions(+), 36 deletions(-) diff --git a/.zuul.d/base.yaml b/.zuul.d/base.yaml index 5cbfa3707b..e6ad6d20dd 100644 --- a/.zuul.d/base.yaml +++ b/.zuul.d/base.yaml @@ -25,6 +25,32 @@ Oz6nUZlML6sEyT0vilbDpo1RRweinE5J8mU+8joxeDpCHXBUYekFmgXDlpg58XmSp96fM C/rWcxTKlGJjjlVFZfhRHHy6gWBYH/SoozkbpkWbk0g43SLSxAuITy7nqLggOU= +- secret: + name: kolla_quay_io_creds + data: + username: !encrypted/pkcs1-oaep + - VsvMvV5wOUfl5B2HJboWfN8mta/Tuk7PXcJf5RfKk4uXP6qYGM4dcMB9EdoJNhMCi7FeA + NrTZaxf/AjLAkgKlRhz7sPKhmR95+jrFRgEzedpcCamdPkCa+wNQEMNMd0rTwioYUEWm4 + Y+Oa2mIswy5LcUViz38MPQhf0725U5sYtH2qkuhMbU8u8vzYhSk749xtAN6I1T8ziTKKB + 3FBowFc2rSRJUQPsLLZjTxBHbrk+00p/DPoHLOz9/9Jf5U//jkqx4ziE2w1a4+x/kWlYT + BPXuRL9wWN9ci2uKuoDRRd6QHJzPIJerKG07YU4PAcS3M245rbjjUQC3n3SQJs3u4kKI8 + rZrxfbmtbfjkzRQXnhnhPk47PebpjnpEUNw6+scnQ+ELdQ0QYGsVRM4x4/ywe5CeFYVDR + whQQ1iG21FOs3iv592I7P7l4cEKqKFyx9qiV4t2fyLrHgtU+L/05iENH9igGJ0tDCQ5zT + 2F2laUWGtzUh76txuFDjpBxR3qS62g825dZXaTegkA+v6c1az23lrYTqbTRf63cuAQyYX + APPRC5QU0URXBoIbWb0ry3O5lr/uudI1ZCLN8SSJhpmZAIlviOfaxrKu9fg2YY9e0xpz9 + CMEWQ/n1EsUyL34Wv189Rvpq4M4GTvozEKsRsjY3u0ygwEUXcH2lEXGOrs+hms= + password: !encrypted/pkcs1-oaep + - dR2beX9Bn7O8iCqNHtWo1FWX71vy+CwffDk5rafUh5yew2OVNcVtVjVOPvHwb5zZv1LCd + MVcgIJe513dM5tQkn2H/HvN/seVu/CfHA6lg6Tj+ueW9VdUH6KiBPr+NCgQWX+Xt3sXbt + sPzfNGpvTw1ZCUp0nnudZEKPZ2jn83baNMumW8E8xPb4s2kePzINsb8sGvqy6BOk5rUIo + 7DaEwWrNnq9TTnMcWGIF+fLP5Pin7+fmvnLkT6qRN4v5FszpHYm8YCpv02nzqI1/F9HeM + P3GtkUdIPxa1+3VwZ/DSA9BWi4VG15jDtaxeZFVGQuMqQAiCx8Jqvd+xX2qugAq1m+U7W + JobDbaeTYrUmJ1zUaspPZ16RTSf9UGCTaejoSVKM9lJHv6ixtsX7UWkgFvceVrlkt7TtH + 2mqhBnXvwB6VD5d311WRUfNXz7gb60otisB5G2k/UnRnv1Mu33TPVT7XOFDpVnAvRS3lt + haJ34N7AWnDIsllvzcmVWTw3wf/6LLfOQrW2Z+vNambyR4Oc+LVUTbEvZVIU65LpOTIn3 + LfDhCLDD3VtnVOrj4UxZsjzmPbday1fziua/7f+CXsShC5erz0ZM65rMCwkjWeI6Kc63A + 0M27tl+OWHO3KkfFR4tWc3dws3r1kYjQeds0adBHyYD0eL8SJfwZkbtojAQ1JM= + - nodeset: name: kolla-centos8-stream nodes: diff --git a/.zuul.d/centos.yaml b/.zuul.d/centos.yaml index e5be6d91a5..2826264305 100644 --- a/.zuul.d/centos.yaml +++ b/.zuul.d/centos.yaml @@ -16,15 +16,18 @@ - kolla-build-centos8s-source - kolla-ansible-centos8-source - kolla-ansible-centos8-source-upgrade - # NOTE(mgoddard): This can be switched to periodic to revert to daily publishing. + periodic: + jobs: + - kolla-publish-centos8s-source-quay + - kolla-publish-centos8s-binary-quay periodic-weekly: jobs: - - kolla-publish-centos8s-source - - kolla-publish-centos8s-binary + - kolla-publish-centos8s-source-dockerhub + - kolla-publish-centos8s-binary-dockerhub release: jobs: - - kolla-publish-centos8s-source - - kolla-publish-centos8s-binary + - kolla-publish-centos8s-source-dockerhub + - kolla-publish-centos8s-binary-dockerhub experimental: jobs: - kolla-build-no-infra-wheels-centos8s-source @@ -64,14 +67,27 @@ install_type: binary - job: - name: kolla-publish-centos8s-binary + name: kolla-publish-centos8s-binary-dockerhub parent: kolla-build-centos8s-binary post-run: tests/playbooks/publish.yml vars: publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla secrets: - kolla_dockerhub_creds +- job: + name: kolla-publish-centos8s-binary-quay + parent: kolla-build-centos8s-binary + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + - job: name: kolla-build-centos8s-source parent: kolla-base @@ -87,14 +103,27 @@ voting: false - job: - name: kolla-publish-centos8s-source + name: kolla-publish-centos8s-source-dockerhub parent: kolla-build-centos8s-source post-run: tests/playbooks/publish.yml vars: publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla secrets: - kolla_dockerhub_creds +- job: + name: kolla-publish-centos8s-source-quay + parent: kolla-build-centos8s-source + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + - job: name: kolla-build-no-infra-wheels-centos8s-source parent: kolla-build-no-infra-wheels-base diff --git a/.zuul.d/debian.yaml b/.zuul.d/debian.yaml index 1ac3605a82..60e65aaffc 100644 --- a/.zuul.d/debian.yaml +++ b/.zuul.d/debian.yaml @@ -9,16 +9,19 @@ jobs: - kolla-build-debian-source-aarch64 - kolla-ansible-debian-source-aarch64 - # NOTE(mgoddard): This can be switched to periodic to revert to daily publishing. + periodic: + jobs: + - kolla-publish-debian-source-quay + - kolla-publish-debian-source-aarch64-quay periodic-weekly: jobs: - - kolla-publish-debian-source - - kolla-publish-debian-source-aarch64 + - kolla-publish-debian-source-dockerhub + - kolla-publish-debian-source-aarch64-dockerhub release: jobs: - - kolla-publish-debian-source - - kolla-publish-debian-source-aarch64 - - kolla-publish-debian-binary + - kolla-publish-debian-source-dockerhub + - kolla-publish-debian-source-aarch64-dockerhub + - kolla-publish-debian-binary-dockerhub experimental: jobs: - kolla-build-no-infra-wheels-debian-source @@ -47,27 +50,70 @@ install_type: binary - job: - name: kolla-publish-debian-binary + name: kolla-publish-debian-binary-dockerhub parent: kolla-build-debian-binary post-run: tests/playbooks/publish.yml vars: publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla secrets: - kolla_dockerhub_creds - job: - name: kolla-publish-debian-source + name: kolla-publish-debian-binary-quay + parent: kolla-build-debian-binary + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + +- job: + name: kolla-publish-debian-source-dockerhub parent: kolla-build-debian-source post-run: tests/playbooks/publish.yml vars: publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla secrets: - kolla_dockerhub_creds - job: - name: kolla-publish-debian-source-aarch64 - parent: kolla-publish-debian-source - nodeset: kolla-debian-buster-aarch64 + name: kolla-publish-debian-source-quay + parent: kolla-build-debian-source + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + +- job: + name: kolla-publish-debian-source-aarch64-dockerhub + parent: kolla-build-debian-source-aarch64 + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla + secrets: + - kolla_dockerhub_creds + +- job: + name: kolla-publish-debian-source-aarch64-quay + parent: kolla-build-debian-source-aarch64 + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds - job: name: kolla-build-no-infra-wheels-debian-source diff --git a/.zuul.d/ubuntu.yaml b/.zuul.d/ubuntu.yaml index 9befdb4b4e..df1b809493 100644 --- a/.zuul.d/ubuntu.yaml +++ b/.zuul.d/ubuntu.yaml @@ -23,15 +23,18 @@ - kolla-ansible-ubuntu-source-upgrade: vars: kolla_python_version: 3.8 - # NOTE(mgoddard): This can be switched to periodic to revert to daily publishing. + periodic: + jobs: + - kolla-publish-ubuntu-source-quay + - kolla-publish-ubuntu-binary-quay periodic-weekly: jobs: - - kolla-publish-ubuntu-source - - kolla-publish-ubuntu-binary + - kolla-publish-ubuntu-source-dockerhub + - kolla-publish-ubuntu-binary-dockerhub release: jobs: - - kolla-publish-ubuntu-source - - kolla-publish-ubuntu-binary + - kolla-publish-ubuntu-source-dockerhub + - kolla-publish-ubuntu-binary-dockerhub experimental: jobs: - kolla-build-no-infra-wheels-ubuntu-source @@ -91,14 +94,27 @@ install_type: binary - job: - name: kolla-publish-ubuntu-binary + name: kolla-publish-ubuntu-binary-dockerhub parent: kolla-build-ubuntu-binary post-run: tests/playbooks/publish.yml vars: publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla secrets: - kolla_dockerhub_creds +- job: + name: kolla-publish-ubuntu-binary-quay + parent: kolla-build-ubuntu-binary + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + - job: name: kolla-build-ubuntu-source parent: kolla-base @@ -108,14 +124,27 @@ install_type: source - job: - name: kolla-publish-ubuntu-source + name: kolla-publish-ubuntu-source-dockerhub parent: kolla-build-ubuntu-source post-run: tests/playbooks/publish.yml vars: publisher: true + kolla_registry: dockerhub + kolla_namespace: kolla secrets: - kolla_dockerhub_creds +- job: + name: kolla-publish-ubuntu-source-quay + parent: kolla-build-ubuntu-source + post-run: tests/playbooks/publish.yml + vars: + publisher: true + kolla_registry: quay.io + kolla_namespace: openstack.kolla + secrets: + - kolla_quay_io_creds + - job: name: kolla-build-no-infra-wheels-ubuntu-source parent: kolla-build-no-infra-wheels-base diff --git a/tests/playbooks/publish.yml b/tests/playbooks/publish.yml index 1149408fe3..6c688b6641 100644 --- a/tests/playbooks/publish.yml +++ b/tests/playbooks/publish.yml @@ -11,16 +11,34 @@ docker_host_info: images: yes images_filters: - reference: "kolla/*" + reference: "{{ kolla_namespace }}/*" register: docker_host_info - - name: Login to Dockerhub - docker_login: - username: "{{ kolla_dockerhub_creds.user | trim }}" - password: "{{ kolla_dockerhub_creds.password | trim }}" + - block: + - name: Login to Dockerhub + docker_login: + username: "{{ kolla_dockerhub_creds.user | trim }}" + password: "{{ kolla_dockerhub_creds.password | trim }}" - - name: Push built container images - docker_image: - name: "{{ item.RepoTags.0 }}" - push: yes - loop: "{{ docker_host_info.images }}" + - name: Push built container images + docker_image: + name: "{{ item.RepoTags.0 }}" + push: yes + loop: "{{ docker_host_info.images }}" + when: kolla_registry == 'dockerhub' + + - block: + - name: Login to quay.io + docker_login: + registry: quay.io + username: "{{ kolla_quay_io_creds.username | trim }}" + password: "{{ kolla_quay_io_creds.password | trim }}" + + - name: Push built container images + docker_image: + name: "{{ item.RepoTags.0 }}" + push: yes + repository: "quay.io/{{ item.RepoTags.0 }}" + source: local + loop: "{{ docker_host_info.images }}" + when: kolla_registry == 'quay.io' diff --git a/tests/playbooks/run.yml b/tests/playbooks/run.yml index e71b7b17d4..66b8383bc9 100644 --- a/tests/playbooks/run.yml +++ b/tests/playbooks/run.yml @@ -27,7 +27,7 @@ vars: kolla_publisher_config: DEFAULT: - namespace: kolla + namespace: "{{ kolla_namespace }}" tag: "{{ (zuul.tag if zuul.pipeline == 'release' else zuul.branch | basename) ~ tag_suffix }}" set_fact: kolla_build_config: "{{ kolla_build_config | combine(kolla_publisher_config, recursive=True) }}"