openstack/project-config
Code Issues Proposed changes

Rework base-publish-static jobs using protected

Browse Source 
The new protected attribute means that only jobs in the same repo can
inherit from it. Use that on base-publish-static and move the secrets
from the inherited job to it now, it's now safe to have them here.

Since the secrets need to be available to the post-job and are not
available to post-jobs of inheried jobs, use a common post job for all
of these. Move static-special.yaml to static.yaml and set the location
for the publish location for the single previous user of static.yaml.

Change-Id: I3d749adf242eb87895ad10b6f9c4d12859882ac9
This commit is contained in:
Andreas Jaeger 2018-02-16 09:06:32 +01:00
parent 3cb19258b8
commit d719449ed1
3 changed files with 10 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
playbooks/publish/static-special.yaml
View File

@ -1,20 +0,0 @@
- hosts: all
roles:
- fetch-tox-output
- role: fetch-sphinx-output
sphinx_output_src: "src/{{ zuul.project.canonical_name }}/doc/build/html/"
zuul_executor_dest: "{{ zuul.executor.work_root }}/artifacts"
when: zuul_success | bool
- hosts: localhost
roles:
- add-fileserver
- hosts: "{{ fileserver.fqdn }}"
gather_facts: False
tasks:
- name: Upload docs to static site
synchronize:
src: "{{ zuul.executor.work_root }}/artifacts/"
dest: "{{ fileserver.path }}/{{ static_target }}/"
when: zuul_success | bool

2
playbooks/publish/static.yaml
View File

@ -16,5 +16,5 @@
- name: Upload docs to static site
synchronize:
src: "{{ zuul.executor.work_root }}/artifacts/"
dest: "{{ fileserver.path }}/{{ zuul.project.short_name }}/"
dest: "{{ fileserver.path }}/{{ static_target }}/"
when: zuul_success | bool

33
zuul.d/jobs.yaml
View File

@ -589,10 +589,18 @@
- job:
name: base-publish-static
abstract: true
protected: true
description: |
Base job for jobs that publish content to static.openstack.org.
Jobs need to set the variable ``static_target`` for site to
publish to.
pre-run: playbooks/sphinx/pre.yaml
run: playbooks/sphinx/run.yaml
post-run: playbooks/publish/static.yaml
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-static
@ -601,12 +609,9 @@
Publish content to static.openstack.org to
/srv/static/{{ zuul.project.short_name }}
final: true
post-run: playbooks/publish/static.yaml
vars:
static_target: "{{ zuul.project.short_name }}"
sphinx_python: python3
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-governance-sigs
@ -614,14 +619,10 @@
description: |
Publish content to static.openstack.org to /srv/static/sigs
final: true
post-run: playbooks/publish/static-special.yaml
allowed-projects:
- openstack/governance-sigs
vars:
static_target: sigs
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-governance-tc
@ -629,15 +630,11 @@
description: |
Publish content to static.openstack.org to /srv/static/tc
final: true
post-run: playbooks/publish/static-special.yaml
allowed-projects:
- openstack/governance
vars:
static_target: tc
sphinx_python: python3
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-governance-uc
@ -645,14 +642,10 @@
description: |
Publish content to static.openstack.org to /srv/static/uc
final: true
post-run: playbooks/publish/static-special.yaml
allowed-projects:
- openstack/governance-uc
vars:
static_target: uc
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-governance-website
@ -660,14 +653,10 @@
description: |
Publish content to static.openstack.org to /srv/static/governance
final: true
post-run: playbooks/publish/static-special.yaml
allowed-projects:
- openstack/governance-website
vars:
static_target: governance
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-security
@ -675,14 +664,10 @@
description: |
Publish content to static.openstack.org to /srv/static/security
final: true
post-run: playbooks/publish/static-special.yaml
allowed-projects:
- openstack/ossa
vars:
static_target: security
secrets:
- name: fileserver
secret: static_ssh_key
- job:
name: publish-openstack-manuals-base