Allow tox targets that need sudo (functional jobs)

In python-k8sclient functional job, we need to sudo
perms to setup docker and then run k8s containers in
docker before we can run the tests. We cannot use
dsvm jobs as we are not really setting up openstack.
We are just testing kubernetes client and need to
setup/start kubernetes (as docker containers).

Change-Id: I4ddb6098ba2787a82f134619bcda077da49077a1

jenkins/jobs/projects.yaml

@@ -7273,7 +7273,7 @@
     jobs:
       - python-jobs
       - pypi-jobs
-      - gate-{name}-tox-db-{envlist}:
+      - gate-{name}-tox-with-sudo-{envlist}:
           envlist:
             - py27-functional
 

jenkins/jobs/python-jobs.yaml

@@ -330,6 +330,30 @@
       - console-log
 
 
+- job-template:
+    name: 'gate-{name}-tox-with-sudo-{envlist}'
+    description: 'Same job as gate-{name}-tox-{envlist}, allows sudo access.'
+    node: ubuntu-trusty
+
+    wrappers:
+      - build-timeout:
+          timeout: 40
+      - timestamps
+
+    builders:
+      - print-template-name:
+          template-name: "{template-name}"
+      - zuul-git-prep-upper-constraints
+      - install-distro-packages
+      - tox:
+          envlist: '{envlist}'
+      - assert-no-extra-files
+
+    publishers:
+      - test-results
+      - console-log
+
+
 - job-template:
     name: 'gate-{name}-tox-db-{envlist}'
     description: 'Same job as gate-{name}-tox-{envlist} but sets up databases.'

zuul/layout.yaml

@@ -10064,9 +10064,9 @@ projects:
       - name: check-requirements
       - name: publish-to-pypi
     check:
-      - gate-python-k8sclient-tox-db-py27-functional
+      - gate-python-k8sclient-tox-with-sudo-py27-functional
     gate:
-      - gate-python-k8sclient-tox-db-py27-functional
+      - gate-python-k8sclient-tox-with-sudo-py27-functional
 
   - name: openstack/python-keystoneclient
     template: