add focal dockerfile
update zuul jobs for focal
update tox for tox4 changes
update all requirements to latest and match deckhand
update cfssl from R1.2 to v1.6.3
fixed local gates for focal
updated examples promenade manifests to run on focal
Change-Id: I2af4043784766d36588c6f738053ad66e7b89a90
Address changes and deprecations in Kubernetes v1.21=>v1.23
controller-manager:
* --authorization-kubeconfig and --authentication-kubeconfig must be set
* liveness/readiness probes must use HTTPS
* the default port has been changed to 10257
kubelet:
* --dynamic-config-dir has been deprecated, will not move to GA
* --cni-bin-dir has been deprecated, will be removed with dockershim
* --cni-conf-dir has been deprecated, will be removed with dockershim
* --network-plugin has been deprecated, will be removed with dockershim
https: //github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#deprecation
https: //kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/
https: //github.com/kubernetes/enhancements/tree/master/keps/sig-node/281-dynamic-kubelet-configuration
Change-Id: Ia996d7c14d81d1d8b8067f11c02ffb4ce90eb49a
This commit updates the Pegleg pep8 gate to use Ubuntu 18.04 (bionic) as
the base Ubuntu image for the job. Upstream CI has a community goal to
use Ubuntu 20.04 (focal) which defaults to python3.8. By moving to
python3.8, some of the pip packages need to be updated but until pip
conflicts are resolved, it is difficult to do so.
Additionally, update the deb-docker path to fix the docker image build
jobs.
Change-Id: I263c646f9fbf14cb65267df586c524de3da2878f
The current Promenade image is vulnerable to several CVEs:
CVE-2019-3462
CVE-2018-16865
CVE-2018-16864
Which Ubuntu 16.04/18.04 addresses.
This patchset makes the following changes:
1. Adds new distro specific dockerfiles for xenial/bionic.
2. Updates gates to be specific about the ubuntu image being
checked.
3. Updates .zuul.yaml checks/gates/post jobs for xenial/bionic.
4. Updates build-image.sh docker build for specific dockerfile
specified in config.sh (IMAGE_PROMENADE_DISTRO).
Change-Id: I89e5297a3baa8c2d2c142e5e29932476fc628398
Also added AppArmor to promenade genesis gates in order to test apparmor changes
to promenade charts
Change-Id: Ib393306dabf40ef9817072aaa9824c22e60626dc
Introduced new name for the field to define package that has files
which will be used as runtime for UCP containers.
Prepared set of yaml files as an example of containerd usage.
Prepared zuul job to use containerd in simple deployment.
Change-Id: Ifc82a505d064c4f13efccfd92ffc336a510220bf
This patch adds a post-run step to the genesis gate to allow for easier
debugging of failed gate runs
This patch also brings the genesis gate HostSystem configuration up to
date with the proper schema as defined here:
aea0c9d1e9
Change-Id: Iccd971010217709fc3f1047f64fc22e9829b2f36
Readthedocs failed to render Promenade exceptions with error:
> WARNING: autodoc: failed to import exception 'xxx' from module
> 'promenade'; the following exception was raised: No module
> named 'falcon'
Trying to add Promenade requirements to the installed requirements list,
so that Readthedocs has all modules, including those needed for the
Promenade itself.
Unify docs building by utilizing Zuul docs-on-readthedocs template job.
Cosmetic readability changes:
1. combined all Makefile .PHONY targets into one
2. merged multiple LABEL instructions in Dockerfile into one
Change-Id: I731ee3426a631fa765f13ba7091dcb4b9ebd0353
Add 'INFO' as default log level.Create logging
section in /etc/promenade/promenade.conf. Set log_level
key in the logging section of promenade.conf to override
the default log level.The allowed log_level values are
as follows:
1. 'DEBUG'
2. 'INFO'
3. 'WARNING'
4. 'ERROR'
5. 'CRITICAL'
Add log_level under logging section in promenade charts values.yaml.
Change-Id: I9bbd36e04bbac96779d3f198b0484176e0045a4e
This commit introduces a non-voting job to lint Helm charts against the
latest version of Helm toolkit from OpenStack-Helm Infra. This job
should serve as an indicator of when it's safe to advance the version of
Helm toolkit used by Airship.
Additionally, this commit modifies all Helm chart lint jobs to run on
each commit, regardless of the files modified by a change. This should
not introduce a noticeable difference in CI runtime, as these jobs
execute quicker than the tox jobs.
Change-Id: I0b38ef3388629b88ea6d6f88eabdc2d7f5f69a3b
This PS fixes the gate job. As the playbook was renamed without
updating the zuul config: https://review.openstack.org/#/c/596854/1..2
Change-Id: Ib41cfd0eac97d8104a0243e29819018f27e342cb
Signed-off-by: Pete Birley <pete@port.direct>
This change adds the global zuul pep8 tox job, which runs both
bandit and pep8 using tox. This also removes the two other airship
specific lint-pep8 and bandit zuul jobs since they are both covered
by the default openstack global one.
Also cleaned up the tox.ini by moving the requirements into the
test-requirements.txt file.
Change-Id: Iccf6228ab9e6d621d3047994b3adc192d67273c9
This patchset either expands on existing entries in irrelevant-files
or adds irrelevant-files to various jobs to save on resources
in Zuul. Ditto for files entry.
Change-Id: I50e3323d989fa0dc0087d9c5f6709425780d42be
* Use docker_login module instead of "command"
* Use docker_image module to push, instead of "command"
* Refresh credentials to rule out typos
Change-Id: I378140e806083a0c778346a71b93446f9621012b
This PS adds the skeleton for a set of zuul checks and gates for
Airship, using the framework from OpenStack-Helm.
Change-Id: Id6df20308f5568979d3ca9107aa348452b20ebf9
Signed-off-by: Pete Birley <pete@port.direct>