diff --git a/.zuul.yaml b/.zuul.yaml index f4d11626..2a08e068 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -13,46 +13,73 @@ - project: check: jobs: - - airship-drydock-linter - - airship-drydock-ubuntu: - voting: false - irrelevant-files: - - ^.*\.rst$ - - ^doc/.*$ - - ^releasenotes/.*$ + - airship-drydock-lint-ws + - airship-drydock-lint-pep8: + files: + - ^.*\.py$ + - airship-drydock-lint-chart: + files: + - ^charts/.*$ + - airship-drydock-unit-py35 + - airship-drydock-security-bandit: + files: + - ^.*\.py$ gate: jobs: - - airship-drydock-linter - # NOTE(portdirect): enable when voting enabled. - # - airship-drydock-ubuntu: - # irrelevant-files: - # - ^.*\.rst$ - # - ^doc/.*$ - # - ^releasenotes/.*$ + - airship-drydock-lint-ws + - airship-drydock-lint-pep8: + files: + - ^.*\.py$ + - airship-drydock-lint-chart: + files: + - ^charts/.*$ + - airship-drydock-unit-py35 + - airship-drydock-security-bandit: + files: + - ^.*\.py$ + +- nodeset: + name: airship-drydock-single-node + nodes: + - name: primary + label: ubuntu-xenial - job: - name: airship-drydock-linter + name: airship-drydock-lint-ws + description: | + Lints all files for trailing whitespace run: tools/gate/playbooks/zuul-linter.yaml - nodeset: openstack-helm-single-node + timeout: 300 + nodeset: airship-drydock-single-node - job: - name: airship-drydock - roles: - - zuul: openstack/openstack-helm-infra - vars: - zuul_osh_infra_relative_path: ../openstack-helm-infra/ - timeout: 7200 - pre-run: - - tools/gate/playbooks/osh-infra-upgrade-host.yaml - - tools/gate/playbooks/osh-infra-deploy-docker.yaml - - tools/gate/playbooks/osh-infra-build.yaml - - tools/gate/playbooks/osh-infra-deploy-k8s.yaml - run: tools/gate/playbooks/airship-drydock-check.yaml - post-run: tools/gate/playbooks/osh-infra-collect-logs.yaml - required-projects: - - openstack/openstack-helm-infra + name: airship-drydock-lint-pep8 + description: | + Lints Python files against the PEP8 standard + run: tools/gate/playbooks/pep8-linter.yaml + timeout: 300 + nodeset: airship-drydock-single-node - job: - name: airship-drydock-ubuntu - parent: airship-drydock - nodeset: openstack-helm-single-node + name: airship-drydock-lint-chart + description: | + Lints Helm charts for validity + run: tools/gate/playbooks/helm-linter.yaml + timeout: 300 + nodeset: airship-drydock-single-node + +- job: + name: airship-drydock-unit-py35 + description: | + Executes unit tests under Python 3.5 + run: tools/gate/playbooks/unit-py35.yaml + timeout: 300 + nodeset: airship-drydock-single-node + +- job: + name: airship-drydock-security-bandit + description: | + Executes the Bandit security scanner against Python files + run: tools/gate/playbooks/security-bandit.yaml + timeout: 300 + nodeset: airship-drydock-single-node diff --git a/Makefile b/Makefile index 010269e3..d79f4e8a 100644 --- a/Makefile +++ b/Makefile @@ -35,12 +35,12 @@ run_images: run_drydock # Run tests .PHONY: tests -tests: external_dep pep8 security docs unit_tests +tests: pep8 security docs unit_tests # Intall external (not managed by tox/pip) dependencies -.PHONY: external_dep -external_dep: +external_dep: requirements-host.txt sudo ./hostdeps.sh + touch external_dep # Run unit and Postgres integration tests in coverage mode .PHONY: coverage_test @@ -49,7 +49,7 @@ coverage_test: build_drydock external_dep # Run just unit tests .PHONY: unit_tests -unit_tests: +unit_tests: external_dep tox -re unit # Run the drydock container and exercise simple tests @@ -104,11 +104,11 @@ endif docs: clean drydock_docs .PHONY: security -security: +security: external_dep tox -e bandit .PHONY: drydock_docs -drydock_docs: +drydock_docs: external_dep tox -e docs .PHONY: clean @@ -120,10 +120,10 @@ clean: rm -rf charts/drydock/requirements.lock .PHONY: pep8 -pep8: +pep8: external_dep tox -e pep8 .PHONY: helm_lint -helm_lint: clean +helm_lint: clean helm-init tools/helm_tk.sh $(HELM) $(HELM) lint charts/drydock diff --git a/charts/drydock/values.yaml b/charts/drydock/values.yaml index 73262091..62db3f49 100644 --- a/charts/drydock/values.yaml +++ b/charts/drydock/values.yaml @@ -24,7 +24,7 @@ labels: images: tags: drydock: quay.io/attcomdev/drydock:1.0.1 - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1 + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 ks_user: docker.io/openstackhelm/heat:newton ks_service: docker.io/openstackhelm/heat:newton ks_endpoints: docker.io/openstackhelm/heat:newton diff --git a/drydock_provisioner/drydock.py b/drydock_provisioner/drydock.py index 6f30b1cd..04ff518a 100644 --- a/drydock_provisioner/drydock.py +++ b/drydock_provisioner/drydock.py @@ -11,6 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +"""Service initialization for the Drydock API.""" import logging import sys import os diff --git a/tools/gate/playbooks/airship-drydock-check.yaml b/tools/gate/playbooks/helm-linter.yaml similarity index 70% rename from tools/gate/playbooks/airship-drydock-check.yaml rename to tools/gate/playbooks/helm-linter.yaml index 89cbd90d..60452935 100644 --- a/tools/gate/playbooks/airship-drydock-check.yaml +++ b/tools/gate/playbooks/helm-linter.yaml @@ -1,5 +1,4 @@ -# Copyright 2017 The Openstack-Helm Authors. -# + # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -14,9 +13,9 @@ - hosts: primary tasks: - - name: Build Charts - shell: | - set -xe; - ./tools/gate/scripts/010-build-charts.sh - args: - chdir: "{{ zuul_osh_relative_path | default(zuul.project.src_dir) }}" + - name: Execute the make target for Helm chart linting + make: + chdir: "{{ zuul.project.src_dir }}" + target: helm_lint + register: result + failed_when: result.failed diff --git a/tools/gate/playbooks/osh-infra-deploy-docker.yaml b/tools/gate/playbooks/osh-infra-deploy-docker.yaml deleted file mode 100644 index 4c543245..00000000 --- a/tools/gate/playbooks/osh-infra-deploy-docker.yaml +++ /dev/null @@ -1,43 +0,0 @@ -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- hosts: all - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: False - become: yes - roles: - - deploy-python - tags: - - deploy-python - -- hosts: all - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: True - become: yes - roles: - - setup-firewall - - deploy-python-pip - - deploy-docker - - deploy-yq - tags: - - setup-firewall - - deploy-python-pip - - deploy-docker - - deploy-yq diff --git a/tools/gate/playbooks/osh-infra-upgrade-host.yaml b/tools/gate/playbooks/osh-infra-upgrade-host.yaml deleted file mode 100644 index 495b5cb9..00000000 --- a/tools/gate/playbooks/osh-infra-upgrade-host.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -- hosts: all - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: False - become: yes - roles: - - deploy-python - tags: - - deploy-python - -- hosts: all - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: True - become: yes - roles: - - upgrade-host - - start-zuul-console - - disable-local-nameserver - tags: - - upgrade-host - - start-zuul-console - - disable-local-nameserver diff --git a/tools/gate/playbooks/osh-infra-collect-logs.yaml b/tools/gate/playbooks/pep8-linter.yaml similarity index 54% rename from tools/gate/playbooks/osh-infra-collect-logs.yaml rename to tools/gate/playbooks/pep8-linter.yaml index f08f7066..b4ec66e8 100644 --- a/tools/gate/playbooks/osh-infra-collect-logs.yaml +++ b/tools/gate/playbooks/pep8-linter.yaml @@ -1,5 +1,3 @@ -# Copyright 2017 The Openstack-Helm Authors. -# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -12,19 +10,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -- hosts: all - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - logs_dir: "/tmp/logs" - roles: - - gather-host-logs - - helm-release-status - - describe-kubernetes-objects - - gather-pod-logs - - gather-prom-metrics - tags: - - gather-host-logs - - helm-release-status - - describe-kubernetes-objects - - gather-pod-logs - - gather-prom-metrics \ No newline at end of file +- hosts: primary + tasks: + - name: Execute the make target for PEP8 linting + make: + chdir: "{{ zuul.project.src_dir }}" + target: pep8 + register: result + failed_when: result.failed diff --git a/tools/gate/playbooks/osh-infra-build.yaml b/tools/gate/playbooks/security-bandit.yaml similarity index 52% rename from tools/gate/playbooks/osh-infra-build.yaml rename to tools/gate/playbooks/security-bandit.yaml index d06296c1..927ea05f 100644 --- a/tools/gate/playbooks/osh-infra-build.yaml +++ b/tools/gate/playbooks/security-bandit.yaml @@ -1,5 +1,3 @@ -# Copyright 2017 The Openstack-Helm Authors. -# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,24 +11,10 @@ # limitations under the License. - hosts: primary - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: True - roles: - - build-helm-packages - tags: - - build-helm-packages - -- hosts: all - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: False - become: yes - roles: - - build-images - tags: - - build-images + tasks: + - name: Execute the make target for security scanning + make: + chdir: "{{ zuul.project.src_dir }}" + target: security + register: result + failed_when: result.failed diff --git a/tools/gate/playbooks/osh-infra-deploy-k8s.yaml b/tools/gate/playbooks/unit-py35.yaml similarity index 50% rename from tools/gate/playbooks/osh-infra-deploy-k8s.yaml rename to tools/gate/playbooks/unit-py35.yaml index 5dc2ddeb..7f73036f 100644 --- a/tools/gate/playbooks/osh-infra-deploy-k8s.yaml +++ b/tools/gate/playbooks/unit-py35.yaml @@ -1,5 +1,3 @@ -# Copyright 2017 The Openstack-Helm Authors. -# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -13,24 +11,10 @@ # limitations under the License. - hosts: primary - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - gather_facts: True - roles: - - build-helm-packages - - deploy-kubeadm-aio-master - tags: - - build-helm-packages - - deploy-kubeadm-aio-master - -- hosts: nodes - vars_files: - - vars.yaml - vars: - work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}" - roles: - - deploy-kubeadm-aio-node - tags: - - deploy-kubeadm-aio-node \ No newline at end of file + tasks: + - name: Execute the make target for unit testing + make: + chdir: "{{ zuul.project.src_dir }}" + target: unit_tests + register: result + failed_when: result.failed diff --git a/tools/gate/scripts/010-build-charts.sh b/tools/gate/scripts/010-build-charts.sh deleted file mode 100755 index 878f54ae..00000000 --- a/tools/gate/scripts/010-build-charts.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -set -xe - -make charts diff --git a/tools/helm_tk.sh b/tools/helm_tk.sh index 0b3abdeb..d24cf026 100755 --- a/tools/helm_tk.sh +++ b/tools/helm_tk.sh @@ -58,6 +58,12 @@ pushd openstack-helm/$HTK_PATH git reset --hard "${HTK_STABLE_COMMIT}" helm_serve +# OSH Makefile is bugged, so ensure helm is in the path +if [[ ${HELM} != "helm" ]] +then + export PATH=${PATH}:$(dirname ${HELM}) +fi + make helm-toolkit popd && popd for c in $DEP_UP_LIST