The bindep jobs have a file matcher on the general-roles-jobs.yaml
file, but that shouldn't be necessary since Zuul runs jobs if they
definitions change. Remove the extraneous match so that we don't
run lots of unecessary bindep jobs.
Change-Id: Ic8b1e7bf4cccf555b3c47a7ac9fcb9aee422714b
The stage-output role had two assumptions:
1) The zuul_copy_output variable would always be defined
2) The role would be able to sudo on the remote node
To make it easier for users who want to use this in a base job,
remove both of those assumptions.
1) We now supply a default empty dict if the variable is not defined
so that the role does not fail with an error.
2) We check to see if we can sudo on the remote node, and if we can,
we do when copying files; otherwise we don't, and assume that the
user will only specify files they have access to (if they don't then
the copy will fail).
Change-Id: I5428c44adfafac4872342b59a92de311f41687b6
Every time I open up the Zuul console for certain jobs it unrolls the
pre-playbook section in the console because it looks like this task
has a "FAILED" status.
pkill man page says that 0/1 are "process killed" and "no match"
respectively; set failed_when to >1 so these return codes don't cause
spurious failures.
Change-Id: I23112b1101c991c1714d69f7568f83c2dcd605dd
Role copied and modified from ensure-podman
As focal doesn't exist for project atomic ppa [1]
Install is performed from opensuse repository only
[1] http://ppa.launchpad.net/projectatomic/ppa/ubuntu/dists/
Change-Id: I72fc2e68768664b80c39bd47295330131337d8b5
Debian Buster is the current stable, and Bullseye is the impending
stable (likely within the month). The parent of this change aims to
fix security mirror configuration for Bullseye, but to do that we
need to add testing for it. While we're at it, drop the Stretch
(oldoldstable) jobs to keep the job count from exploding too much.
Change-Id: I278246eff347dd4bdb3471a8db95d30fcba0f17a
Starting with Debian 11 (bullseye), security packages are in
bullseye-security as opposed to older releases like buster/updates.
List the last several stable releases in hopes nobody is trying to
use this role to configure platforms older than Debian 8 (jessie,
the current "oldoldstable").
A followup change demonstrates this works in the test-base-roles
job, but because the job matrices have to be updated in one fell
swoop, and many of those jobs won't work without this change already
merged (due to protected use in our base job), it's not tested
directly within this change.
Change-Id: I2d7712cbfd037a65b9025980a6c0cccd917f8947
Fixes several rules with test-playbooks and remove path exclusions.
Since we introduced the progressive mode, exclusions are no longer
needed and not haivng them will assure newly added code follows
the same guidelines.
Change-Id: I0a72d34aff8cf23172e26c7f44e0f61571ec74b6
On Centos8, during the docker-ce installation, the docker.socket service
is start with a bogus state:
docker.socket: Socket unit configuration has changed while unit has been running, no open socket file descriptor left. The socket unit is not functional until restarted.
Later, when the `Assure docker service is running` task tries to start
the service, it fails with the following error:
dockerd[29743]: failed to load listeners: no sockets found via socket activation: make sure the service was started by systemd
Example:
https://0c7366f2ce9149f2de0c-399b55a396b5093070500a70ecbf09b9.ssl.cf1.rackcdn.com/410/c233496b96c70cfc6204e75d10116a96b08d4663/check/ansible-test-sanity-docker/787388f/ara-report/index.html
Another example: https://github.com/kata-containers/tests/issues/3103
Also: Remove use of kubectl --generator=run-pod/v1
This has been deprecated since 1.17 and removed since 1.20. run-pod wound
up being the only generator that did anything, so this parameter became a
no-op. This has to be squashed into this commit to unbreak the gate.
Change-Id: I666046fe2a3aa079643092c71573803851a67be2
After a docker failure on a recent job I noticed a single file called
"Got" in the container logs directory; turns out this had tried to
parse the error message "Got permission denied while trying to connect
to the Docker daemon socket ..." as containers.
We don't want this to fail the job hence the ignores here. However,
we shouldn't try to collect any logs if listing the containers fails.
Move creating the directory first as that is safe.
Change-Id: I41db956964f695cfcc15e30cab8cd4f8c31d3706
ARM64 nodes are currently unavailable, so temporarily remove these
jobs. Unfortunately due to the auto-generated job listings, we need
to completely remove them, not just comment them out.
To be clear, we should add these back (but possibly in a dedicated
secondary pipeline) when we're able.
Change-Id: I462596dfb47ed88e2ba19e314c075227f6f912ac
Reading the installation guide for podman, they reference opensuse.org
as the official package repos for ubuntu:
https://podman.io/getting-started/installation
Using this repo allows us to pull in much newer version of podman on
ubuntu. The current PPA package repo hasn't been updated since late
2019.
Change-Id: Ie34419184925a4bcf30422a782e6a238c11f2319
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
A recent hotfix added a fallback zuul_ssh_key_algorithm value for
the remove-build-sshkey role, reflect it in the role documentation.
Also remove some redundancies with default values specified in prose
for the add-build-sshkey role, when they were also indicated by the
:default: parameter.
Change-Id: If3f74256788283dedb17ad780da3ca4df4503cb4
This change enables using the ensure-zookeeper role in environments
where mounting a filesystem is not allowed.
Change-Id: I1a05a895a45896eca91dccfcfc85aeb1a58689ff
It looks like we never got around to cleaning this up after the npm
5.6.0 over 3 years ago. Now it seems to be causing the error
described in https://github.com/nodejs/help/issues/2874 so let's go
back to using the (presumed working) version of npm which the
node/nvm installation provides.
This reverts commit 0cd5075466ac77565f41074c28b05b0ad1459d86.
Change-Id: I0be3e8fd39845e82790b29d9f2c1e1179cb69e23
- bumps ansible-lint to 5.0
- updates our custom rules to make them compatible with 5.0
- replace custom module mocking with native ansible-lint ones
- remove custom call of ansible-playbook --syntax-check as now this
is done by ansible-lint
- assured molecule vars are hosted under a vars/ folder in order to
avoid confusing linter detection.
- replaced custom rule for loop var names in role as now this this an
optional core feature of the linter (see config)
- replaced custom rule no-same-owner with opt-in one (see config)
Change-Id: I233fae8c9036d295968a97ee80e07fde8846c633
- moved vars file under vars to avoid failure to load file (newer
version raise error if you try to put vars outside vars/defaults as
it will assume they are broken playbooks.
- added missing file-modes on few tasks
Change-Id: I7217469d089b655ee16cd038391cffa4197c8c83
Part-Of: https://review.opendev.org/c/zuul/zuul-jobs/+/773245
The init command was removed from helm with v3, no initialization is
needed anymore. So only run the init task if the version is <= 2.
Change-Id: I59b0c6efa0a2e6b94267fd3bb7a9701bc4c51048
This prepared for ansible-lint v5 which no longer has exceptions
for task naming, requiring all to be named.
Change-Id: I5e761d1e3836fa270d7afdcf01780320001f820d
Part-Of: #773245
Google keeps changing the with_scopes method signature. We need to
override that method in order to keep our path attribute around when
it re-instantiates the object. As long as we always call refresh
after the object is created, we can drop our custom constructor and
then change with_scopes to use generic arguments. This should keep
up with any further minor API changes without needing further local
changes.
Also, a minor inconsistency in command line arguments (used only for
local manual testing) is corrected.
Change-Id: Id41dfc464eb86429771a78c1fefae006e0915cb9
This reverts commit 862ae3f5d6b1c0e94bb24cfebf0b6b71e680e878.
We did not consider the effoct on the quick-download link that
is generated in opendev:
http://paste.openstack.org/show/802839/
Change-Id: I9702f8f1c0155ee3b13c74baaf2c09db72e690fd
Add zuul_log_storage_proxy_address variable attempting to replace
storage endpoint address with.
The usecase is when the storage proxy is positioned infront of storage
endpoint.
Change-Id: I353cd50b76683212b0319a1e28f34901267c08e4
Added default variables to customize the repo name to download
the chart testing helm chart and config files
Change-Id: I37f8db66bdfef7d64e59a89ca8d99b12f95c1be2
This change adds a new attribute to setup zookeeper TLS.
It also adds support for Debian-derived distros.
Change-Id: Ifb5fc51f3b66be0b2dd1b8003507e21d8afe16fc