This adds a new script to the runner container that is run in the
entrypoint which runs the log gathering ansible playbook from
inside the runner container. The gate then extracts these logs
with a new role.
This also updates the image_build script to fix how it changes
the container imagePullPolicy
Closes: #658
Relates-To: #659
Change-Id: I24d11c66e7b71852256e164343f7bb2f331d1fef
* slightly increase timeout for gate script runner job
* disable capd job from voting due to instability
* fix validate_docs script:
we should either filter site to validate from command line or
from sites_to_skip variable
* enable document validation for docker test site
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Change-Id: If38e6e24f7187d59072bc7435c700b829e2dafba
Closes: #649
Current inheritance model we use site -> type -> global is currently
violated inheriting in global phases from type/gating.
Also makes capd job voting.
Change-Id: I9dd6e8b9050fa37b7f38690aebf4fcae71771b80
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
* adjust kubebench conformance scripts
to use ~/.airship/kubeconfig
* adjust sonobuoy conformance scripts
to use ~/.airship/kubeconfig
* update sonobuoy version to 0.51
Relates-To: #557
Change-Id: I5c300e6740f0d050c0619473934af6f4d3b48816
This PS introduces phase plan for CAPD provider
* Adds phase to merge kubeconfig
* Patches type/gating plan to use capd phase plan
* Patches cluster_map and executor to work with "default" namespace
* Fixes CAPD zuul failures
Relates-To: #564
Relates-To: #580
Relates-To: #587
Change-Id: I5007970c907bc87dccf6dd9fcb052afc1b5c13f7
This change aims to add the airship-in-a-pod test to the gates.
This is accomplished by creating new scripts to run which
install a minimal k8s environment, and then apply the
airship-in-a-pod.yaml.
Brief description of scripts
01_dns_settings: Running k8s pods in zuul has a lot of issues with
DNS resolution which this resolves.
10_install_minikube: grabs latest minikube and other dependencies.
11_build_images: builds the images under tools/airship-in-a-pod
and then adds patches to the kustomize configuration to use and
configure them.
12_start_minikube: starts minikube and makes sure kubectl will work
13_apply_dns.sh: This takes some of the effort from 01_dns_settings
and incorporates it into the minikube cluster by modifying coredns
20_apply_aiap: Applies the airship-in-a-pod.yaml to the cluster.
Has a few loops to check that the cluster is fully running
before applying, and to check on the pod to see if it is ready
before finishing.
Closes: #478
Change-Id: I4c02d04b0eda9395642032bf56b56a0f823c1969
* adds kubectl-get-pods once workload deployment is completed.
* fix docker gate jobs failing because of missing script.
Signed-off-by: Sreejith Punnapuzha <Sreejith.Punnapuzha@outlook.com>
Change-Id: I7f0bb0139b3fa3e5af524541b3e8f1978d640113
- moves metal3 worker definition to its own function
- removes workers-classification phase
- removes 37_verify_hwcc_profiles.sh script
Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
Co-authored-by: Matthew Fuller <mf4192@att.com>
Closes: #537
Change-Id: I844e88a1bf7a80954aca5afc8fa49a534c9ff2b0
This validation approach is no longer needed and less
effective than static one, so it should be deleted to not
consume additional time and resources during the validation
process.
Change-Id: I88603723d9a423955bd88d23e7b8e2a8275d9dde
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Closes: #543
This patch introduces ability to validate phases using kubeval.
Appropriate functionality was embedded into phase/plan validate
command.
Change-Id: I1e1ccae2b7e4948bdc97a199c96c07a3eb7292b2
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Relates-To: #503
Closes: #2
Closes: #19
With latest changes build images jobs uses zuul.change variable
which is not defined for merge event.
Also using build job as a parent for publish creates an unnessesarly
execution of make command which we repeat later under publish playbook.
That change removes that dependency.
Change-Id: I7e02c2f3ef2ccd8b9db9872b123222020f80664a
* airship-airshipctl-update-github-issues job adds comments
to related github issue on PS merge based on the tag(Realtes-To/Closes)
in commit message.
* airshipbot is already doing the job of adding comments to issues on new PSs
and updating the status (closed, reopen) as applicable.
* So the job airship-airshipctl-update-github-issues is redundant when airshipbot
is running.
Change-Id: I2c6fa748d3334384bf5b31c87d9501a006a153c1
Relates-To: #502
controlplane_target phase is needed for target cluster more than a
single node
Signed-off-by: James Gu <james.gu@att.com>
Change-Id: I6e77d4268cdee0ebcc65e1f9172ef645ced53337
Since [1] has been merged it's possible to use
that command to generate kubeconfig in proper
way.
This patchset introduces that changes as well as
cleans up for non-needed anymore due to that changes
steps in gating.
[1]:
https://review.opendev.org/c/airship/airshipctl/+/774709
Change-Id: Ifc07c56c126c782d940a8ca4d111c59c5d3c9c78
Currently, about 15% of the last jobs were failed [1]
due to exceeding timeout error, however in most cases the job
was running just fine, but it was interrupted due to global
timeout. This patch increases timeout for this job by 20 minutes.
[1] https://zuul.opendev.org/t/openstack/builds?job_name=airship-airshipctl-gate-script-runner
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Change-Id: I5d8058aa5edd56052d51b67fbf23c0665ee1e6a9
Commit fixes CAPD deployment and removes redundant scripts
that check expiration for CAPD site.
They must be tested separately outside CAPD pipeline
Related-To: #482
Closes: #482
Change-Id: I60ffd76a4f3f08bd7bd198a0c2b15483dfbdd6a6
This patchset introduces a generated with template [1] and encrypted
VariableCatalogue generated-secrets that contains steps to
generate: ephemeral and target CA+admin key/cert and passwords for
users in ephemeral bootstrap iso.
It also introduces the way how these secrets are used in manifests:
They're decrypted by kustomize and incorporated into the folders
`catalogues` in the site, so they can be used by replacement plugin.
This patchset contains modifications in replacement plugin
configurations to put the decrypted values from VariableCatalogue
in place.
Since k8s secrets were substituted with generated values
this patchset removes pre-generated k8s secrets.
[1]
manifests/type/gating/target/generator/secret-template.yaml
Change-Id: I0898c74012833f0e171d36bb8145acf358510b69
the job takes around 45-60 minutes to complete on most of the nodes
however some nodes are slower and it make take a little bit more.
As future enhancement we should pararelize validation and refactor
scripts to run two cluster validation at the same time.
Change-Id: I01ac2ed15727931126058c343dbbb826790e940d
This job doesn't work properly since a lot of changes in the
airshipctl logic were applied. All the issues were addressed.
Change-Id: Iec6fa7e6a3aa1ab46d496a8fd63822df1f8124cc
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Relates-To: #19
* Removed the duplicate script for CAPI ephemeral node deployment
* Updated the generic script to support all providers
Change-Id: Icc1bed5c1b62662109b43ec94ee2fdb5de6de09b
Since golint job was fixed and it's essential to maintain
code standards this job should have voting status.
Change-Id: I623171ce89b3906eac30e11fa3d7ebeb2725372b
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
* Removing the non-voting job from dependency. So that
for any reason if the dependent non-voting job fails,
the gate runner job will not be skipped.
Change-Id: If2f208d41a6df1ce7286654fe6e203d309042874
Add jobs in experimental pipeline to do the following:
- install Sonobuoy
- run CNCF Conformace Tests
- run CIS Benchmarks Tests
Conformance tests include:
- CNCF Compliance: uses sonobuoy end-to-end (e2e) and systemd-logs
plugins
- CIS Benchmarks: utilizes the kube-bench implementation
of the CIS security benchmarks plugin
Pipeline can be triggered by comment
- "check experimental"
Change-Id: I7d08ae42512dc4c83e2f550c4809ce1f8ddccc7b
Change-Id: I2e6469f5b8e229828532ce5499498da639d23fe6
This Patch Set uses docker zuul gate and
checks the certificate expiration
and certiticate rotate-sa-token commands
Change-Id: I76f902d4fcacdbfe168abd58ec707282e46a3f91
This introduces airshipctl integration with image-builder [0], which
replaces the existing isogen tool for ephemeral ISO generation.
The airshipctl isogen executor has been updated for building ephemeral
ISOs using the image-builder container. The ability for user-declared
filenames for cloud-init user data and network data was removed, since
the user's only interest is in supplying the relevant overrides, not in
transparent naming coordination with the image-builder container. A new
object is added to the document package to identify the document kind,
label, and key to retrieve data from since this is pattern we will
reuse elsewhere.
Progress flag removed as requsted. Progress is reported directly by the
image-builder container.
Isogen debug flag removed in favor of using log.DebugEnabled()
[0] https://review.opendev.org/#/c/730777/
Depends-On: https://review.opendev.org/c/airship/images/+/730777/
Change-Id: I545004feaf2116f8ffb29faf6f7f7f5fcfe24fff
* add common scripts for providers capd/capg/capz/capo
to do the following:
- install kind (reuses tools/document/get_kind.sh)
- improve tools/document/start_kind.sh to use
custom kind config file
- created a script similar to 26_deploy_metal3_capi_ephemeral_node.sh,
called tools/deployment/26_deploy_capi_ephemeral_node.sh and
made it flexible for all providers (metal3/capd/capz/capg/capo)
- deploy ephemeral control plane
- initialize target node
- move crds from ephemeral to target
- deploy target workers
Closes: #413
Change-Id: If3520d000a03e5ed26d54e1ceedb2febfceccb3d
Modify following roles to accept the proxy and env
variables from zuul jobs and project manifest so they
can be overwritten to run them on downstream zuul
- airshipctl-build-images
- airshipctl-publish-images
Change-Id: Ied06e60507f125c60ca7b9d47331e967fd69bf14
* Recently the lint and test jobs are separated
* update the reference to lint and test job names
marked as dependency for azure gate runner
Change-Id: I9bf495143b14d248c54c20e4814ac236b167eba1
