diff --git a/.zuul.yaml b/.zuul.yaml index 90dc4740..66b7af1b 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -1,4 +1,33 @@ --- +- job: + name: validations-libs-podified-podman + parent: devstack-platform-fedora-latest + run: playbooks/validations-libs-podified.yaml + post-run: playbooks/post.yaml + timeout: 7200 + voting: true + required-projects: + - openstack/validations-libs + - openstack/validations-common + - name: openstack/openstacksdk + override-checkout: master + - name: opendev.org/openstack/devstack + override-checkout: master + vars: + container_engine: podman + devstack_localrc: + USE_PYTHON3: true + irrelevant-files: + - ^.*\.rst$ + - ^doc/.*$ + - ^releasenotes/.*$ + +- job: + name: validations-libs-podified-docker + parent: validations-libs-podified-podman + vars: + container_engine: docker + - job: name: validations-libs-functional parent: devstack @@ -58,6 +87,8 @@ - openstack-tox-linters - openstack-tox-cover - validations-libs-functional + - validations-libs-podified-podman + - validations-libs-podified-docker - openstack-tox-docs: &tripleo-docs files: - ^doc/.* @@ -65,11 +96,15 @@ - ^validations_libs/.* - ^CONTRIBUTING.rst - validations-libs-functional + - validations-libs-podified-podman + - validations-libs-podified-docker - tripleo-ci-centos-9-undercloud-containers: &undercloud_containers_job_params dependencies: - openstack-tox-linters - openstack-tox-cover - validations-libs-functional + - validations-libs-podified-podman + - validations-libs-podified-docker gate: jobs: - openstack-tox-linters @@ -77,11 +112,15 @@ - openstack-tox-py39 - openstack-tox-docs: *tripleo-docs - validations-libs-functional + - validations-libs-podified-podman + - validations-libs-podified-docker - tripleo-ci-centos-9-standalone-validation-libs: vars: *standalone_consumer_job_vars dependencies: - openstack-tox-linters - validations-libs-functional + - validations-libs-podified-podman + - validations-libs-podified-docker - tripleo-ci-centos-9-undercloud-containers: dependencies: - openstack-tox-linters diff --git a/container/validation b/container/validation index dc050d80..1b838046 100755 --- a/container/validation +++ b/container/validation @@ -26,9 +26,11 @@ import sys DESCRIPTION = "Build and execute Validations from a container." EPILOG = "Example: ./validation --run --cmd run --validation check-ftype,512e" -VALIDATIONS_LOG_BASEDIR = os.path.expanduser('~/validations') +LOCAL_USER = os.environ.get('SUDO_USER', os.environ.get('USER')) +VALIDATIONS_LOG_BASEDIR = os.path.expanduser(f'~{LOCAL_USER}/validations') CONTAINER_INVENTORY_PATH = '/tmp/inventory.yaml' -COMMUNITY_VALIDATION_PATH = os.path.expanduser('~/community-validations') +COMMUNITY_VALIDATION_PATH = \ + os.path.expanduser(f'~{LOCAL_USER}/community-validations') CONTAINERFILE_TEMPLATE = """ FROM %(image)s @@ -38,7 +40,7 @@ LABEL name="VF dockerfile" RUN groupadd -g %(gid)s -o %(user)s RUN useradd -m -u %(uid)s -g %(gid)s -o -s /bin/bash %(user)s -RUN dnf install -y python3-pip gcc python3-devel jq %(extra_pkgs)s +RUN dnf install -y python3-pip gcc python3-devel libffi-devel jq openssh openssh-clients %(extra_pkgs)s # Clone the Framework and common Validations RUN python3 -m pip install validations-libs validations-common @@ -90,13 +92,16 @@ class Validation(argparse.ArgumentParser): 'use --help to get more information. ' 'Only available in non-interactive mode. ') parser.add_argument('--user', '-u', type=str, default='validation', - help=('Set user in container. ')) + help=('Set user in the container. ')) + parser.add_argument('--user-home', type=str, default='/home/validation', + help=('User home path in the container. ' + 'Example: --user-home /home/validation ')) parser.add_argument('--uid', '-U', type=int, default=user_entry.pw_uid, help=('User UID in container. ')) parser.add_argument('--gid', '-G', type=int, default=user_entry.pw_gid, help=('Group UID in container. ')) - parser.add_argument('--image', type=str, default='fedora:30', - help='Container base image. Defaults to fedora:30') + parser.add_argument('--image', type=str, default='fedora:35', + help='Container base image. Defaults to fedora:35') parser.add_argument('--extra-pkgs', type=str, default='', help=('Extra packages to install in the container.' 'Comma or space separated list. ' @@ -147,6 +152,7 @@ class Validation(argparse.ArgumentParser): self.interactive = parsed_args.interactive self.cmd = parsed_args.cmd self.user = parsed_args.user + self.user_home = parsed_args.user_home self.uid = parsed_args.uid self.gid = parsed_args.gid self.repository = parsed_args.repository @@ -173,22 +179,20 @@ class Validation(argparse.ArgumentParser): clone_user_repo, install_user_repo, entrypoint = "", "", "" if self.repository: clone_user_repo = ("RUN git clone {} -b {} " - "/root/user_repo").format(self.repository, - self.branch) - install_user_repo = ("RUN cd /root/user_repo && \\" - "python3 -m pip install .") + "{}/user_repo").format(self.repository, + self.branch, + self.user_home) + install_user_repo = ("RUN cd {}/user_repo && \\" + "python3 -m pip install .").format( + self.user_home) if self.interactive: entrypoint = "ENTRYPOINT /usr/local/bin/validation" - if self.user == 'root': - user_dir = '/root' - else: - user_dir = '/home/{}'.format(self.user) param = {'image': self.image, 'extra_pkgs': self.extra_pkgs, 'clone_user_repo': clone_user_repo, 'install_user_repo': install_user_repo, 'entrypoint': entrypoint, 'user': self.user, 'uid': self.uid, 'gid': self.gid, - 'user_dir': user_dir} + 'user_dir': self.user_home} with open('./Containerfile', 'w+') as containerfile: containerfile.write(CONTAINERFILE_TEMPLATE % param) @@ -234,18 +238,18 @@ class Validation(argparse.ArgumentParser): container_args = '--rm' cmd = [self.engine, 'run', container_args] # Keyfile - cmd.append('-v%s:/root/containerhost_private_key:z' % - self.keyfile) + cmd.append('-v%s:%s/containerhost_private_key:z' % + (self.keyfile, self.user_home)) # log path self._create_volume(self.validation_log_dir) if os.path.isdir(os.path.abspath(self.validation_log_dir)): - cmd.append('-v%s:/root/validations:z' % - self.validation_log_dir) + cmd.append('-v%s:%s/validations:z' % + (self.validation_log_dir, self.user_home)) # community validation path self._create_volume(COMMUNITY_VALIDATION_PATH) if os.path.isdir(os.path.abspath(COMMUNITY_VALIDATION_PATH)): - cmd.append('-v%s:/root/community-validations:z' % - COMMUNITY_VALIDATION_PATH) + cmd.append('-v%s:%s/community-validations:z' % + (COMMUNITY_VALIDATION_PATH, self.user_home)) # Volumes if self.volumes: self._print('Adding volumes:') diff --git a/playbooks/validations-libs-podified.yaml b/playbooks/validations-libs-podified.yaml new file mode 100644 index 00000000..a0b512c2 --- /dev/null +++ b/playbooks/validations-libs-podified.yaml @@ -0,0 +1,63 @@ +--- +- hosts: tempest + name: validations-libs-podified + vars: + - container_executable: "{{ container_engine|default('podman') }}" + roles: + - ensure-tox + - ensure-pip + - ensure-virtualenv + - role: ensure-docker + when: + - "'{{ container_executable }}' == 'docker'" + - role: ensure-podman + when: + - "'{{ container_executable }}' == 'podman'" + - role: ensure-if-python + vars: + zuul_work_dir: "src/opendev.org/openstack/validations-libs" + tasks: + - name: gen key + shell: | + yes | ssh-keygen -f /home/zuul/.ssh/vf-key -N "" + + - name: get key + register: key + shell: cat /home/zuul/.ssh/vf-key.pub + + - name: add key + ansible.builtin.lineinfile: + path: /home/zuul/.ssh/authorized_keys + line: "{{ key.stdout }}" + create: yes + + - name: Create VF inventory + ansible.builtin.lineinfile: + path: /home/zuul/inventory.yaml + line: "[controller]\n{{ ansible_default_ipv4.address }}" + create: yes + + - name: Create home log directory for Validations + ansible.builtin.file: + path: /home/zuul/validations + state: directory + mode: '0755' + + - name: Build Validation container + shell: + cmd: >- + src/opendev.org/openstack/validations-libs/container/validation + -e {{ container_executable }} --user validation --build + executable: /bin/bash + + - name: Run Validation container + become: true + shell: + cmd: >- + src/opendev.org/openstack/validations-libs/container/validation -D + --user validation --keyfile /home/zuul/.ssh/vf-key + -e {{ container_executable }} -R + --cmd run --validation check-ram + --output-log /home/validation/output.log + --inventory /home/zuul/inventory.yaml --extra-vars minimal_ram_gb=1 + executable: /bin/bash