openstack
/
tripleo-ci
Code Issues Proposed changes
tripleo-ci/roles/build-containers/tasks/main.yaml

188 lines
6.3 KiB
YAML
Raw Blame History

---
- name: Set branch for building containers check jobs
set_fact:
ci_branch: "{{ zuul.branch | replace('stable/','') }}"
when: zuul is defined
- name: Set branch for building containers branchless
set_fact:
ci_branch: "{{ branch_override | replace('stable/','') }}"
when: branch_override is defined
- name: Set branch for building containers periodic
set_fact:
ci_branch: "{{ release }}"
when: release is defined
- name: Set facts for kolla-build.conf
set_fact:
push_registry: "{{ push_registry | default('127.0.0.1:8787') }}"
push_containers: "{{ push_containers | default(false) | bool }}"
container_config: ""
- name: Set arch_tag fact
set_fact:
# NOTE(mjturek): Push old style tag for x86_64 first to maintain compatibility.
arch_tag: "{{ '_' + ansible_architecture if ansible_architecture != 'x86_64' else ''}}"
- name: Get contents of openstack repo baseurl for the version hash
become: true
shell: >
set -o pipefail &&
cat /etc/yum.repos.d/{{ openstack_repo_name }}.repo |awk -F= '/baseurl/ {print $2}'
register: baseurl
when: buildcontainers_version_hash is not defined
- name: Set version_hash fact
set_fact:
version_hash: "{{ baseurl.stdout.split('/')[-1] }}"
when: buildcontainers_version_hash is not defined
- name: Set version_hash fact if buildcontainers_version_hash is defined
set_fact:
version_hash: "{{ buildcontainers_version_hash }}"
when: buildcontainers_version_hash is defined
- name: grab kolla patch rhel8
when: ansible_pkg_mgr == "dnf" and ansible_distribution|lower == "redhat"
shell: |
set -euxo pipefail
git config --global user.email "zuul@openstack.org"
git config --global user.name "Zuul"
git remote add upstream https://review.opendev.org/openstack/kolla
git ls-remote https://review.opendev.org/openstack/kolla | \
grep -E refs/changes/[[:digit:]]+/{{ kolla_rhel8_patch[branch_override|default('master')] }}/ | \
awk '{print $2}' | \
sort -t / -k 5 -g -r | \
head -1 | \
xargs -I{} git fetch https://review.opendev.org/openstack/kolla {} && \
git checkout -b rhel8 FETCH_HEAD
# Look for Kolla changes running in check queue and if present then
# set the git_rebase branch as kolla change as are already clonned and
# can be grabbed from zuul.ref var otherwise use master.
git_rebase_branch={{ branch_override|default('master') }}
{% if zuul.ref is defined and zuul.ref and zuul.pipeline in ['check', 'openstack-check'] %}
found=$(git ls-remote https://review.opendev.org/openstack/kolla | grep {{ zuul.ref }} || true);
echo $found;
if [[ -n "$found" ]] ; then
git_rebase_branch={{ zuul.ref }}
fi
{% endif %}
git pull --rebase upstream $git_rebase_branch
args:
chdir: "{{ openstack_git_root }}/kolla"
warn: false
register: result
changed_when: "'nothing to commit, working directory clean' not in result.stdout_lines"
- include_tasks: venv_setup.yml
when: buildcontainers_venv is defined and buildcontainers_venv
- include_tasks: package_setup.yml
when: buildcontainers_venv is defined and not buildcontainers_venv
# TODO(aschultz): make the kolla-build branch aware
- name: Generate kolla-build.conf
template:
src: templates/kolla-build.conf.j2
dest: "{{ workspace }}/kolla-build.conf"
mode: 0644
force: yes
- name: Set container cli
set_fact:
container_cli: "{% if use_buildah|bool %}buildah{% else %}docker{% endif %}"
- name: Set config-file
set_fact:
container_config: "--config-file $TRIPLEO_COMMON_PATH/container-images/overcloud_containers.yaml"
when: ci_branch in ['pike', 'queens', 'rocky']
- name: Set --config-file for component-ci if component_ci_containers is specified
set_fact:
container_config: "--config-file {{ component_ci_configs[component_ci_containers] }}"
when: component_ci_containers != ""
- name: build base rhel container
block:
- name: create docker-build dir
file:
path: /tmp/base-build
state: directory
- name: create docker-build repos dir
file:
path: /tmp/base-build/repos
state: directory
- name: Move delorean repos to base build
become: true
shell:
cmd: |
cp /etc/yum.repos.d/delorean* /tmp/base-build/repos/
chown -R {{ ansible_user }}: /tmp/base-build/repos/*
changed_when: true
- name: render dockerfile
template:
src: templates/Dockerfile.j2
dest: /tmp/base-build/Dockerfile
- name: create base container with repos from rhel container
shell:
cmd: |
set -x
sudo buildah --debug bud -t {{ kolla_base_image }}:{{ kolla_base_tag }} . \
2>&1 {{ timestamper_cmd }} > {{ workspace }}/build-rhel-base.log
args:
chdir: /tmp/base-build
when:
- ansible_distribution|lower == "redhat"
- kolla_base_image is defined
- kolla_base_tag is defined
- name: Generate building script
template:
src: templates/build.sh.j2
dest: "{{ workspace }}/build_containers.sh"
mode: 0777
force: yes
- name: "Run image build as ansible user > {{ workspace }}/build.log"
args:
chdir: '{{ workspace }}'
shell: set -o pipefail && bash build_containers.sh 2>&1 {{ timestamper_cmd }} > {{ workspace }}/build.log
when:
- ansible_distribution|lower != "redhat"
- name: "Run image build as root > {{ workspace }}/build.log"
args:
chdir: '{{ workspace }}'
shell: set -o pipefail && bash build_containers.sh 2>&1 {{ timestamper_cmd }} > {{ workspace }}/build.log
become: true
when:
- ansible_distribution|lower == "redhat"
- name: Retrieve list of built x86_64 images, retag, and push
when:
- ansible_architecture == "x86_64"
- push_containers | bool
- not push_containers_podman | default(false) | bool
block:
- name: Retrieve built images
command: "awk '{ print $1 }' {{ workspace }}/containers-successfully-built.log"
register: built_images
- name: Disable HTTPS and certificates to access registry (buildah)
set_fact:
container_cli_opt: '--tls-verify=false'
when: use_buildah | bool
- name: Tag images
vars:
image: "{{ item }}"
include: tag.yaml
static: no
with_items: "{{ built_images.stdout_lines }}"
become: true
View Git Blame Copy Permalink