From f18644891dbae6a4523863b2fbdc9b5bc8eb625a Mon Sep 17 00:00:00 2001
From: Benjamin Schanzel <benjamin.schanzel@bmw.de>
Date: Mon, 9 Mar 2020 14:33:31 +0100
Subject: [PATCH] Kubernetes Node Support for Mirroring Git Repos

The `mirror-workspace-git-repos` uses Git to mirror repos from the
executor to build nodes. This comes in handy when the node already
holds a copy of the repo(s), as Git can incrementally update them.
Currently, `mirror-workspace-git-repos` assumes the build node is
directly reachable via ssh. This is (usually) not the case when
running against a Kubernetes Pod build node, thus we can not
efficiently update repos on such nodes using Git.
This change allows pushing Git repos to Kubernetes Pods by bridging
the Git communication over `kubectl` and thereby allowing for the
same behaviour as for standard, non-container, ssh-reachable build
nodes.
(cf. https://git-scm.com/docs/git-remote-ext)

Change-Id: I71919d3bc93e48d5bb24234265fca9c84ce23b87
---
 roles/mirror-workspace-git-repos/tasks/main.yaml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/roles/mirror-workspace-git-repos/tasks/main.yaml b/roles/mirror-workspace-git-repos/tasks/main.yaml
index 41cefa961..39d6202c9 100644
--- a/roles/mirror-workspace-git-repos/tasks/main.yaml
+++ b/roles/mirror-workspace-git-repos/tasks/main.yaml
@@ -7,9 +7,16 @@
   with_dict: "{{ zuul.projects }}"
 
 - name: Synchronize src repos to workspace directory
-  command: "git push {% if mirror_workspace_quiet %}--quiet{% endif %} --mirror git+ssh://{{ ansible_user }}@{{ ansible_host | ipwrap }}:{{ ansible_port }}/{{ ansible_user_dir }}/{{ item.value.src_dir }}"
+  command: |-
+    {% if ansible_connection == "kubectl" %}
+      git push {% if mirror_workspace_quiet %}--quiet{% endif %} --mirror "ext::kubectl -n {{ zuul.resources[inventory_hostname].namespace }} exec -i {{ zuul.resources[inventory_hostname].pod }} -- %S {{ ansible_user_dir }}/{{ item.value.src_dir }}"
+    {% else %}
+      git push {% if mirror_workspace_quiet %}--quiet{% endif %} --mirror git+ssh://{{ ansible_user }}@{{ ansible_host | ipwrap }}:{{ ansible_port }}/{{ ansible_user_dir }}/{{ item.value.src_dir }}
+    {% endif %}
   args:
     chdir: "{{ zuul.executor.work_root }}/{{ item.value.src_dir }}"
+  environment:
+    GIT_ALLOW_PROTOCOL: ext:ssh
   with_dict: "{{ zuul.projects }}"
   delegate_to: localhost
   # We occasionally see git pushes in the middle of this loop fail then