The href url paths need to have quoted filenames to handle cases where
filenames have special characters like : in them.
Change-Id: I0bc0de8d27c6e45c4a6b8841985b8265f0219df2
Previously to persist the filewall we were including the
persistent-firewall role. This seems to occasionally break because the
second invocation of the role (on multinode jobs after setting up the
multinode bridge) fails with an RC of -13 when listing ipv4 iptables
roles. Then when we try to write them to disk the variable is empty.
One thought is that dynamically loading the role multiple times may be
confusing ansible. Use import_role to statically load the role instead
and see if this helps.
Change-Id: I2458f8eb4c2e4638336fa14e436e13b5a2263cce
In openSUSE Tumbleweed, the SuSEfirewall2 package was removed in favor
of firewalld[1]. This commit updates the iptables persistance tasks to
avoid using SuSEfirewall2 and instead use rc.local to restore saved
rules upon restart, and undefines the iptables_service variable for SUSE
since there is no service to restart any more. See the related change
for image builds[2].
[1] https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
[2] https://review.opendev.org/683236
Change-Id: I0f8d74dd00df192c20b96a9368b964839c306171
The argument here is an integer "limit", not the exception.
I think that we only notice this on Python 3 because of exception
chaining. It causes a real failure though because the exception
handler that is meant to fall into "pass" raises another exception
when ipv6 doesn't work.
Change-Id: I0908a0a3dbb2356caabbffd062379751a0b61c41
Under Python3, subprocess.check_output returns binary data,
convert to utf-8 so that it runs under both Python2 and 3.
Using decode works with both Py2 and Py3.
Note that in other places, we already convert the output of check_output
with decode, this change follows that pattern.
Change-Id: I727a2368233473f57978ba24947f6d861b02f7da
We should make it easy for users to view console logs by default.
Today, we compress and upload logs and by default apache / nginx will
not properly display them as plain text. This commit changes the
default to not compress, but allows more advanced users to enable this
logic. As mostly likley it also means additional configuration for
your web server.
Change-Id: Ic446db4f85e2098db8fa4568f8c5140ba564e931
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
We have been getting HTTP 401 unauthorized errors at the rate of about
once a day when trying to get containers in the swift logs role.
Manually getting and posting objects to the same container after the
jobs fail seems to work so this appears to be a transient failure.
Attempt to workaround this by retrying the container get calls several
times.
Change-Id: Ia7395ffa0b120fbbecde0c9bb6e8583078167143
The old code will log swift upload tracebacks via logging.exception()
which doesn't seem to bubble back up into ansible's logging. We address
this by using traceback.format_exc() to format an exception traceback
string which we pass to ansible's module.fail_json().
Change-Id: I524bd0d5a9529011cffb6d09866b22b2c97fab7d
In I32fb17bae98f13f735da4d5b9a6a01e948f21678, the evaluated facts
should also fallback to public_ipv4, when private_ipv4 is "empty-like",
e.g. contains no valid IP but something like '\n'.
It also restores the lost switch_private_ip fact just in case.
Change-Id: I139272746129213994f298a4a9178b4441d439af
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
This role sets up a host to report via netconsole. It is a port of
old devstack-gate functionality from circa
Iebc8e1812d1441aba7c18d3e7c982b620b5198a0.
Change-Id: I37c26fdbcdf61a55fae4cbee3eb61a4bc45ca628
In case of reused workspaces on static nodes remote
non-bare repos needs to be cleaned up to make sure
that any untracked files from any earlier jobs are removed.
Change-Id: I00dda298f499b241a224c19657ebbb8a9015eb4d
The upload logs roles can make use of the build logs sharding via their
calls into set-zuul-log-path-fact. Document this.
Change-Id: Ia57fc6a47227657f9fac70074e453cf8d4c16c26
For logs stored in object storage services we want to be able to shard
into different containers. This improves scalability of the object
stores. To do this consistently we prefix all log paths with the first 3
characters of the build uuid. This way we get container names like
log_123, log_abc, and so on for a total of 4096 containers.
This behavior is off by default because users of filesystems stores
without a zuul dashboard may still want periodic/ to be filed into a top
level dir for browseability.
Change-Id: I8e72a6e587edcbdf89b793cad2d7c96c535601e7
Some Swift API implementations (ceph) require globally unique container
names. Document how zuul users can deal with this by setting a unique
value for the zuul_log_container var when using the upload-logs-swift
role.
Change-Id: Ib9c72cf4a08412615c8a45f3eab8d3eb37c61138
Further work on the PDF generation showed that many projects have
project logos as svg files with the name PROJECT.svg, those get
converted to PROJECT.pdf and collide with the default name used here.
Change the default to "doc-PROJECT.pdf" to have a unique name.
This is a change in the default but we only added this 11 days ago, so
I hope it's fine to change.
Change-Id: I4f2224633fd4edbc3121af53d0202796cf8a0a60
cecf9e902c
broke Openstack jobs running on Red Hat 7.
This review includes the ansible_distribution_major_version
when deciding which repos to include for openvswitch.
Change-Id: I6ec32e2913843adb0778a63133296bb26a0b5e6e
There may be broken symlinks within the log directories, those fail with
an error when os.stat() is executed on them. So if/else is replaced with
try/except while TypeError used to catch when self.full_path is None
Change-Id: Iffee97760a39fa4f7760bd67fb63c5f0905064bd
There may be broken symlinks within the log directories, those fail with
an error when os.stat() is executed on them. Let's just skip those.
Change-Id: I3e6982c53a08f57ac0e592b8a0041bbb39812d1f
Some repos produce intermediate PDF files, for example from svg files,
and thus we have multiple PDF files.
Change the PDF fetching to a list of pdf_files which can be supplied,
the default is the name of the repos with ".pdf" attached, like
"octavia.pdf".
https://review.opendev.org/#/c/667249/3 illustrates the problem.
Change-Id: I5d3b6d6c2884ba66bdd35639b023d6d76f64ac01
This enhances fetch-sphinx-tarball to fetch PDF files as well if
they are published
For now, it collects a single PDF file since sphinx only generates one.
The name of the PDF file is not known in advance.
The publishing is done with https://review.opendev.org/678142.
This will then be used by https://review.opendev.org/664555.
Change-Id: I872ab1f696495dc40cb845e0eee5f6f0ffe892d8
By default kubernetes wants to use the local resolvers on the host
system. But in many cases the local resolver may be 127.0.0.1 which is a
different localhost on the host system then in the container network
namespaces. To address this disconnect you can supply a different
resolv.conf with a list of nameservers to use instead. Add support for
this.
Note that the test currently only uses ipv4 resolvers because by default
k8s has no support for ipv6.
Change-Id: I3c0d7d88613e2c9112e809f036aef3dfeaf7ab72
Import keystoneauth1.exceptions to access the exceptions. HttpError
also lives under "exceptions.http.", so update that reference.
Change-Id: I4afe8c9fc8239a31d62a2a1d09794211b5066472
this is a partial revert of Ifd270cbc2d4bd42418b89a3b3061748ce537ae42,
we do not need sphinx_output_dir anymore, the single use that needed it
has been changed.
Change-Id: I95543b1a56c04dbfb8591612e4c48be0d8631633
This adds a generic retry handler that takes a callable, and uses
that not only for the exsting retries around the POST call, but
also the actions when creating the container.
Change-Id: I910b8e886f107d4fe38a9334ba836f010f92557c
If we get an unexpected exception, it's helpful to know the
cloud and region involved. It's also nice to return that information
for maybe better readability.
Change-Id: I1c589744103512d981e64e1a3f9506d40e1bf4cf
We don't need this here - let's change openstack-manuals instead.
This reverts commit 75ae975235305b7a832dd0dc7c8d4ce540df4794.
Change-Id: I9611950a391823efd2f7d2187da0992f00e0e454
This adds an extra variable to the role which can be used to
better control the URL which is returned as the artifact.
Change-Id: Ifd270cbc2d4bd42418b89a3b3061748ce537ae42
This parameter was deprecated. Now it should be removed so that
the name field can be freed up to be a human-readable name.
Change-Id: I0ace733e037ebeffcaf516332e7c5b48b3c7a1a3
