airship
/
promenade
Code Issues Proposed changes

updates for focal 

add focal dockerfile
update zuul jobs for focal
update tox for tox4 changes
update all requirements to latest and match deckhand
update cfssl from R1.2 to v1.6.3
fixed local gates for focal
updated examples promenade manifests to run on focal

Change-Id: I2af4043784766d36588c6f738053ad66e7b89a90
This commit is contained in:
Wahlstedt, Walter (ww229g) 2022-12-19 16:02:39 -05:00
parent 3ba747bb48
commit 8ce937a9f7
53 changed files with 753 additions and 358 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Makefile
View File

@ -25,7 +25,7 @@ PUSH_IMAGE ?= false
# use this variable for image labels added in internal build process
LABEL ?= org.airshipit.build=community
COMMIT ?= $(shell git rev-parse HEAD)
DISTRO ?= ubuntu_bionic
DISTRO ?= ubuntu_focal
PYTHON = python3
CHARTS := $(filter-out deps, $(patsubst charts/%/.,%,$(wildcard charts/*/.)))
IMAGE := ${DOCKER_REGISTRY}/${IMAGE_PREFIX}/${IMAGE_NAME}:${IMAGE_TAG}-${DISTRO}
@ -43,7 +43,7 @@ docs: clean
tox -e docs
tests-unit: external-deps
tox -e py36
tox -e py38
external-deps:
./tools/install-external-deps.sh
@ -51,6 +51,9 @@ external-deps:
tests-pep8:
tox -e pep8
tests-freeze:
tox -e freeze
chartbanner:
@echo Building charts: $(CHARTS)

1
charts/promenade/Chart.yaml
View File

@ -2,3 +2,4 @@ apiVersion: v1
description: The Promenade API
name: promenade
version: 0.1.0
appVersion: 1.1.0

2
doc/requirements.txt
View File

@ -1,5 +1,5 @@
sphinx>=1.6.2
sphinx_rtd_theme==0.2.4
falcon==1.4.1
falcon>=1.4.1
oslo.config==7.0.0
markupsafe==2.0.1

4
doc/source/conf.py
View File

@ -57,9 +57,9 @@ author = u'Promenade Authors'
# built documents.
#
# The short X.Y version.
version = u'0.1.0'
version = u'0.9.0'
# The full version, including alpha/beta/rc tags.
release = u'0.1.0'
release = u'0.9.0'
# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.

2
doc/source/configuration/host-system.rst
View File

@ -26,7 +26,7 @@ Sample Document to run containers in Docker runtime
monitoring_image: busybox:1.28.3
packages:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

12
examples/basic/HostSystem.yaml
View File

@ -73,6 +73,14 @@ data:
mode: 0744
content: |-
export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml
- path: /etc/containerd/config.toml
mode: 0400
content: |-
version = 2
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry:5000"]
endpoint = ["http://registry:5000"]
images:
monitoring_image: &busybox busybox:1.28.3
haproxy: haproxy:1.8.3
@ -81,8 +89,8 @@ data:
packages:
common:
repositories:
- deb https://download.ceph.com/debian-nautilus/ bionic main
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb https://download.ceph.com/debian-nautilus/ focal main
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

2
examples/basic/Kubelet.yaml
View File

@ -9,6 +9,8 @@ metadata:
storagePolicy: cleartext
data:
arguments:
- --container-runtime=remote
- --container-runtime-endpoint=unix:///run/containerd/containerd.sock
- --v=3
images:
pause: k8s.gcr.io/pause-amd64:3.1

14
examples/basic/armada-resources.yaml
View File

@ -109,9 +109,9 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -133,9 +133,9 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -501,7 +501,7 @@ data:
CLUSTER_TYPE:
- k8s
- bgp
IP_AUTODETECTION_METHOD: interface=ens3
IP_AUTODETECTION_METHOD: interface=ens1
WAIT_FOR_STORAGE: "true"
endpoints:
@ -533,8 +533,8 @@ data:
service_calico_etcd: false
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
subpath: calico
dependencies:
- infra-helm-toolkit

49
examples/complete/HostSystem.yaml
View File

@ -8,6 +8,9 @@ metadata:
layer: site
storagePolicy: cleartext
data:
systemd_units:
kube-cgroup:
enable: true
files:
- path: /opt/kubernetes/bin/kubelet
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz
@ -17,6 +20,38 @@ data:
tar_url: https://dl.k8s.io/v1.24.4/kubernetes-node-linux-amd64.tar.gz
tar_path: kubernetes/node/bin/kubectl
mode: 0555
- path: /etc/systemd/system/kube-cgroup.service
content: |
[Unit]
Description=Create and tune cgroup for Kubernetes Pods
Requires=network-online.target
Before=kubelet.service
[Service]
Delegate=yes
ExecStart=/usr/local/sbin/kube-cgroup.sh
[Install]
RequiredBy=kubelet.service
mode: 0444
- path: /usr/local/sbin/kube-cgroup.sh
mode: 0744
content: |-
#!/bin/bash
set -x
KUBE_CGROUP=${KUBE_CGROUP:-"kube_whitelist"}
SYSTEMD_ABSPATH="/sys/fs/cgroup/systemd/$KUBE_CGROUP"
CPUSET_ABSPATH="/sys/fs/cgroup/cpuset/$KUBE_CGROUP"
CPU_ABSPATH="/sys/fs/cgroup/cpu/$KUBE_CGROUP"
MEM_ABSPATH="/sys/fs/cgroup/memory/$KUBE_CGROUP"
PIDS_ABSPATH="/sys/fs/cgroup/pids/$KUBE_CGROUP"
for cg in $SYSTEMD_ABSPATH $CPUSET_ABSPATH $CPU_ABSPATH $MEM_ABSPATH $PIDS_ABSPATH
do
mkdir -p "$cg"
done
- path: /etc/logrotate.d/json-logrotate
mode: 0444
content: |-
@ -38,6 +73,14 @@ data:
mode: 0744
content: |-
export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml
- path: /etc/containerd/config.toml
mode: 0400
content: |-
version = 2
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry:5000"]
endpoint = ["http://registry:5000"]
images:
monitoring_image: busybox:1.28.3
haproxy: haproxy:1.8.3
@ -46,7 +89,7 @@ data:
packages:
common:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
@ -121,7 +164,7 @@ data:
socat: socat
genesis:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
@ -196,7 +239,7 @@ data:
socat: socat
join:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

7
examples/complete/Kubelet.yaml
View File

@ -9,10 +9,9 @@ metadata:
storagePolicy: cleartext
data:
arguments:
- --cni-bin-dir=/opt/cni/bin
- --cni-conf-dir=/etc/cni/net.d
- --network-plugin=cni
- --v=5
- --container-runtime=remote
- --container-runtime-endpoint=unix:///run/containerd/containerd.sock
- --v=3
images:
pause: k8s.gcr.io/pause-amd64:3.1
config_file_overrides:

12
examples/complete/armada-resources.yaml
View File

@ -150,9 +150,9 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -175,9 +175,9 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -522,7 +522,7 @@ data:
CLUSTER_TYPE:
- k8s
- bgp
IP_AUTODETECTION_METHOD: interface=ens3
IP_AUTODETECTION_METHOD: interface=ens1
WAIT_FOR_STORAGE: "true"
endpoints:
@ -553,7 +553,7 @@ data:
service_calico_etcd: false
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: master
subpath: calico
dependencies:

6
examples/containerd/armada-resources.yaml
View File

@ -111,7 +111,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -135,7 +135,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -428,7 +428,7 @@ data:
source:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
subpath: calico
dependencies:
- infra-helm-toolkit

10
examples/gate/HostSystem.yaml
View File

@ -73,6 +73,14 @@ data:
mode: 0744
content: |-
export KUBECONFIG=/etc/kubernetes/admin/kubeconfig.yaml
- path: /etc/containerd/config.toml
mode: 0400
content: |-
version = 2
[plugins."io.containerd.grpc.v1.cri"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registry:5000"]
endpoint = ["http://registry:5000"]
images:
monitoring_image: &busybox busybox:1.28.3
haproxy: haproxy:1.8.3
@ -81,7 +89,7 @@ data:
packages:
common:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

5
examples/gate/Kubelet.yaml
View File

@ -9,9 +9,8 @@ metadata:
storagePolicy: cleartext
data:
arguments:
- --cni-bin-dir=/opt/cni/bin
- --cni-conf-dir=/etc/cni/net.d
- --network-plugin=cni
- --container-runtime=remote
- --container-runtime-endpoint=unix:///run/containerd/containerd.sock
- --v=3
images:
pause: k8s.gcr.io/pause-amd64:3.1

8
examples/gate/armada-resources.yaml
View File

@ -111,7 +111,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -135,7 +135,7 @@ data:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -401,7 +401,7 @@ data:
CLUSTER_TYPE:
- k8s
- bgp
IP_AUTODETECTION_METHOD: interface=ens3
IP_AUTODETECTION_METHOD: interface=ens1
WAIT_FOR_STORAGE: "true"
endpoints:
@ -434,7 +434,7 @@ data:
source:
type: git
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
subpath: calico
dependencies:
- infra-helm-toolkit

2
images/promenade/Dockerfile.ubuntu_bionic
View File

@ -82,7 +82,7 @@ COPY requirements-frozen.txt /opt/promenade
RUN pip3 install --no-cache-dir -r requirements-frozen.txt
# Setting promenade version for BPR
ENV PBR_VERSION 0.8.0
ENV PBR_VERSION 0.9.0
COPY . /opt/promenade
RUN pip3 install -e /opt/promenade

95
images/promenade/Dockerfile.ubuntu_focal Normal file
View File

@ -0,0 +1,95 @@
# Copyright 2017 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
ARG FROM=ubuntu:20.04
FROM ${FROM}
LABEL org.opencontainers.image.authors='airship-discuss@lists.airshipit.org, irc://#airshipit@freenode' \
org.opencontainers.image.url='https://airshipit.org' \
org.opencontainers.image.documentation='https://airship-promenade.readthedocs.org' \
org.opencontainers.image.source='https://opendev.org/airship/promenade' \
org.opencontainers.image.vendor='The Airship Authors' \
org.opencontainers.image.licenses='Apache-2.0'
VOLUME /etc/promenade
VOLUME /target
RUN mkdir /opt/promenade
WORKDIR /opt/promenade
ENV PORT 9000
EXPOSE $PORT
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
ARG DEBIAN_FRONTEND=noninteractive
ENV TZ=Etc/UTC
ENTRYPOINT ["/opt/promenade/entrypoint.sh"]
RUN set -ex \
&& apt-get update -qq \
&& apt-get install --no-install-recommends -y \
automake \
ca-certificates \
curl \
dnsutils \
gcc \
git \
gpg \
gpg-agent \
libpcre3-dev \
libtool \
make \
python3-dev \
python3-pip \
python3-setuptools \
rsync \
&& ln -s /usr/bin/python3 /usr/bin/python \
&& curl -Lo /usr/local/bin/cfssl https://pkg.cfssl.org/R1.2/cfssl_linux-amd64 \
&& chmod 555 /usr/local/bin/cfssl \
&& python3 -m pip install -U pip \
&& apt-get autoremove -yqq --purge \
&& apt-get clean \
&& useradd -u 1000 -g users -d /opt/promenade promenade \
&& rm -rf /var/lib/apt/lists/*
# Install LibYAML
ENV LD_LIBRARY_PATH=/usr/local/lib
ARG LIBYAML_VERSION=0.2.5
RUN set -ex \
&& git clone https://github.com/yaml/libyaml.git \
&& cd libyaml \
&& git checkout $LIBYAML_VERSION \
&& ./bootstrap \
&& ./configure \
&& make \
&& make install \
&& cd .. \
&& rm -fr libyaml
COPY requirements-frozen.txt /opt/promenade
RUN pip3 install --no-cache-dir -r requirements-frozen.txt
# Setting promenade version for BPR
ENV PBR_VERSION 0.9.0
COPY . /opt/promenade
RUN pip3 install --verbose --editable /opt/promenade \
&& echo "/opt/promenade" \
> /usr/local/lib/python3.8/dist-packages/promenade.pth
USER promenade

9
promenade/templates/include/up.sh
View File

@ -108,7 +108,11 @@ while true; do
done
while true; do
if ! DEBIAN_FRONTEND=noninteractive apt-get install -o Dpkg::Options::="--force-confold" -y --no-install-recommends \
if ! DEBIAN_FRONTEND=noninteractive apt-get install \
-o Dpkg::Options::="--force-confold" \
-y \
--allow-downgrades \
--no-install-recommends \
{%- for role in roles %}
{%- for package in config.get_path('HostSystem:packages.' + role + '.required',{}).values() %}
{{ package }} \
@ -129,6 +133,9 @@ while true; do
fi
done
sed -i -e 's/slot //g' /lib/systemd/network/99-default.link
DEBIAN_FRONTEND=noninteractive apt-get upgrade -o Dpkg::Options::="--force-confold" -q -y --allow-downgrades --no-install-recommends
# Start core processes
#
set +x

35
requirements-direct.txt
View File

@ -1,18 +1,19 @@
beaker==1.10.0
click==6.7
falcon==1.4.1
jinja2==2.10
jsonpath-ng==1.4.3
Beaker==1.12.0
click==8.1.3
falcon==3.1.1
Jinja2==3.1.2
jsonpath-ng==1.5.3
jsonschema==3.2.0
keystoneauth1==3.18.0
keystonemiddleware==5.3.0
setuptools==40.4.3
kubernetes~=24.2.0
oslo.context==2.21.0
oslo.policy==1.40.1
pastedeploy==1.5.2
pylibyaml~=0.1
pyyaml~=5.1
requests==2.22.0
uwsgi==2.0.19.1
git+https://opendev.org/airship/deckhand.git@5cd799cc5d04527ac782270008ff647b3779ff05#egg=deckhand
keystoneauth1==5.1.1
keystonemiddleware==10.2.0
setuptools==67.0.0
kubernetes==24.2.0
oslo.context==5.0.0
oslo.policy==4.0.0
PasteDeploy==3.0.1
pylibyaml==0.1.0
PyYAML==5.4.1
requests==2.28.2
uWSGI==2.0.21
Deckhand @ git+https://opendev.org/airship/deckhand.git@70aa35a396d5f76753616f5289228f9c2b0e7ec7
# Deckhand @ git+https://review.opendev.org/airship/deckhand@refs/changes/93/869293/222#egg=deckhand

211
requirements-frozen.txt
View File

@ -1,115 +1,136 @@
alembic==1.0.1
amqp==2.6.0
asn1crypto==1.3.0
Babel==2.8.0
Beaker==1.10.0
cachetools==4.1.0
certifi==2020.4.5.2
cffi==1.14.0
chardet==3.0.4
click==6.7
cliff==3.1.0
cmd2==0.8.9
cryptography==3.1.1
debtcollector==1.22.0
pbr==5.4.5
Deckhand @ git+https://opendev.org/airship/deckhand.git@5cd799cc5d04527ac782270008ff647b3779ff05#egg=deckhand
decorator==4.4.2
deepdiff==3.3.0
dnspython==1.16.0
dogpile.cache==0.9.2
eventlet==0.25.2
alabaster==0.7.13
alembic==1.7.1
amqp==5.0.8
attrs==22.2.0
autopage==0.5.1
Babel==2.11.0
bcrypt==4.0.1
Beaker==1.12.0
cachetools==5.3.0
certifi==2022.12.7
cffi==1.15.1
charset-normalizer==3.0.1
click==8.1.3
cliff==4.2.0
cmd2==2.4.3
cryptography==3.4.8
debtcollector==2.5.0
Deckhand @ git+https://opendev.org/airship/deckhand.git@70aa35a396d5f76753616f5289228f9c2b0e7ec7
decorator==5.1.1
deepdiff==5.8.1
dnspython==2.3.0
docutils==0.17.1
dogpile.cache==1.1.8
entrypoints==0.3
eventlet==0.33.3
extras==1.0.0
falcon==1.4.1
fasteners==0.15
falcon==3.1.1
fasteners==0.18
fixtures==3.0.0
flake8===3.7.9
futurist==1.10.0
google-auth==1.16.1
greenlet==0.4.16
flake8==3.7.9
future==0.18.3
futurist==2.4.1
google-auth==2.16.1
greenlet==2.0.2
hacking==3.0.1
idna==2.8
importlib-metadata==1.6.1
ipaddress==1.0.23
iso8601==0.1.12
Jinja2==2.10
jsonpath-ng==1.4.3
jsonpickle==1.4.1
idna==3.4
imagesize==1.4.1
importlib-metadata==6.0.0
importlib-resources==5.12.0
iso8601==1.1.0
Jinja2==3.1.2
jsonpath-ng==1.5.3
jsonpickle==3.0.1
jsonschema==3.2.0
keystoneauth1==3.18.0
keystonemiddleware==5.3.0
kombu==4.6.10
kubernetes==24.2.0; python_version >= '3.6'
linecache2==1.0.0
Mako==1.1.3
MarkupSafe==1.1.1
keystoneauth1==5.1.1
keystonemiddleware==10.2.0
kombu==5.1.0
kubernetes==24.2.0
Mako==1.2.4
MarkupSafe==2.1.2
mccabe==0.6.1
monotonic==1.5
msgpack==1.0.0
netaddr==0.7.19
netifaces==0.10.9
networkx==2.2
msgpack==1.0.4
netaddr==0.8.0
netifaces==0.11.0
networkx==2.6.2
oauthlib==3.2.2
ordered-set==4.1.0
os-service-types==1.7.0
oslo.cache==1.38.1
oslo.concurrency==3.28.1
oslo.config==7.0.0
oslo.context==2.21.0
oslo.db==4.41.1
oslo.i18n==3.25.1
oslo.log==3.45.2
oslo.messaging==9.1.1
oslo.middleware==3.36.0
oslo.policy==1.40.1
oslo.serialization==2.29.2
oslo.service==1.41.1
oslo.utils==3.42.1
Paste==3.0.1
PasteDeploy==1.5.2
oslo.cache==2.8.2
oslo.concurrency==4.4.1
oslo.config==8.7.1
oslo.context==5.0.0
oslo.db==11.0.0
oslo.i18n==6.0.0
oslo.log==4.6.0
oslo.messaging==12.9.4
oslo.metrics==0.6.0
oslo.middleware==4.4.0
oslo.policy==4.0.0
oslo.serialization==4.2.0
oslo.service==3.1.1
oslo.utils==4.10.2
packaging==23.0
Paste==3.5.0
PasteDeploy==3.0.1
pbr==5.6.0
ply==3.11
prettytable==0.7.2
psycopg2==2.7.5
prettytable==3.6.0
prometheus-client==0.16.0
psycopg2-binary==2.9.5
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycadf==2.10.0
pycadf==3.1.1
pycodestyle==2.5.0
pycparser==2.20
pyflakes==2.1.0
pycparser==2.21
pyflakes==2.1.1
Pygments==2.14.0
pyinotify==0.9.6
pylibyaml==0.1.0
pyparsing==2.4.7
pyperclip==1.8.0
python-barbicanclient==4.7.0
python-dateutil==2.8.1
python-editor==1.0.4
pyparsing==3.0.9
pyperclip==1.8.2
pyrsistent==0.19.3
python-barbicanclient==5.2.0
python-dateutil==2.8.2
python-keystoneclient==3.22.0
python-memcached==1.59
python-mimeparse==1.6.0
pytz==2020.1
python-subunit==1.4.2
pytz==2022.7.1
PyYAML==5.4.1
repoze.lru==0.7
requests==2.22.0
rfc3986==1.4.0
Routes==2.4.1
rsa==4.0
six==1.15.0
SQLAlchemy==1.3.17
requests==2.28.2
requests-oauthlib==1.3.1
rfc3986==2.0.0
Routes==2.5.1
rsa==4.9
six==1.16.0
snowballstemmer==2.2.0
Sphinx==5.3.0
sphinx-rtd-theme==1.1.1
sphinxcontrib-applehelp==1.0.4
sphinxcontrib-devhelp==1.0.2
sphinxcontrib-htmlhelp==2.0.1
sphinxcontrib-jsmath==1.0.1
sphinxcontrib-qthelp==1.0.3
sphinxcontrib-serializinghtml==1.1.5
SQLAlchemy==1.4.23
sqlalchemy-migrate==0.13.0
sqlparse==0.3.1
statsd==3.3.0
stevedore==1.32.0
sqlparse==0.4.3
statsd==4.0.1
stestr==3.2.0
stevedore==4.1.1
Tempita==0.5.2
testresources==2.0.1
testscenarios==0.5.0
testtools==2.4.0
traceback2==1.4.0
unittest2==1.1.0
urllib3==1.25.9
uWSGI==2.0.19.1
vine==1.3.0
wcwidth==0.2.4
WebOb==1.8.6
websocket-client==0.57.0
Werkzeug==0.16.1
wrapt==1.12.1
yappi==1.2.5
zipp==1.2.0
testtools==2.5.0
urllib3==1.26.6
uWSGI==2.0.21
vine==5.0.0
voluptuous==0.13.1
wcwidth==0.2.6
WebOb==1.8.7
websocket-client==1.5.1
Werkzeug==2.0.1
wrapt==1.14.1
yappi==1.4.0
zipp==3.14.0

13
setup.cfg
View File

@ -1,12 +1,10 @@
[metadata]
name = promenade
summary = 'Promenade is a tool for bootstrapping a resilient '
'Kubernetes cluster and managing its life-cycle via '
'Helm charts.
description-file = README.md
summary = Promenade is a tool for bootstrapping a resilient kubernetes cluster and managing its life-cycle via helm charts.
description_file = README.md
author = The Airship Authors
author-email = airship-discuss@lists.airshipit.org
home-page = https://opendev.org/airship/promenade
author_email = airship-discuss@lists.airshipit.org
home_page = https://opendev.org/airship/promenade
classifier =
Intended Audience :: Information Technology
@ -14,8 +12,7 @@ classifier =
License :: OSI Approved :: Apache Software License
Operating System :: POSIX :: Linux
Programming Language :: Python :: 3
Programming Language :: Python :: 3.5
Programming Language :: Python :: 3.6
Programming Language :: Python :: 3.8
[files]
packages =

3
setup.py
View File

@ -18,5 +18,6 @@ from setuptools import setup
setup(
setup_requires=['setuptools>=17.1', 'pbr>=2.0.0'],
pbr=True
pbr=True,
packages=['promenade']
)

2
test-requirements.txt
View File

@ -1,4 +1,4 @@
pytest
flake8===3.7.9
flake8==3.7.9
bandit>=1.5
yapf==0.24.0

2
tests/unit/api/test_validatedesign.py
View File

@ -168,7 +168,7 @@ VALID_DOCS = [
'-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nmQINBFit2ioBEADhWpZ8/wvZ6hUTiXOwQHXMAlaFHcPH9hAtr4F1y2+OYdbtMuth\nlqqwp028AqyY+PRfVMtSYMbjuQuu5byyKR01BbqYhuS3jtqQmljZ/bJvXqnmiVXh\n38UuLa+z077PxyxQhu5BbqntTPQMfiyqEiU+BKbq2WmANUKQf+1AmZY/IruOXbnq\nL4C1+gJ8vfmXQt99npCaxEjaNRVYfOS8QcixNzHUYnb6emjlANyEVlZzeqo7XKl7\nUrwV5inawTSzWNvtjEjj4nJL8NsLwscpLPQUhTQ+7BbQXAwAmeHCUTQIvvWXqw0N\ncmhh4HgeQscQHYgOJjjDVfoY5MucvglbIgCqfzAHW9jxmRL4qbMZj+b1XoePEtht\nku4bIQN1X5P07fNWzlgaRL5Z4POXDDZTlIQ/El58j9kp4bnWRCJW0lya+f8ocodo\nvZZ+Doi+fy4D5ZGrL4XEcIQP/Lv5uFyf+kQtl/94VFYVJOleAv8W92KdgDkhTcTD\nG7c0tIkVEKNUq48b3aQ64NOZQW7fVjfoKwEZdOqPE72Pa45jrZzvUFxSpdiNk2tZ\nXYukHjlxxEgBdC/J3cMMNRE1F4NCA3ApfV1Y7/hTeOnmDuDYwr9/obA8t016Yljj\nq5rdkywPf4JF8mXUW5eCN1vAFHxeg9ZWemhBtQmGxXnw9M+z6hWwc6ahmwARAQAB\ntCtEb2NrZXIgUmVsZWFzZSAoQ0UgZGViKSA8ZG9ja2VyQGRvY2tlci5jb20+iQI3\nBBMBCgAhBQJYrefAAhsvBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJEI2BgDwO\nv82IsskP/iQZo68flDQmNvn8X5XTd6RRaUH33kXYXquT6NkHJciS7E2gTJmqvMqd\ntI4mNYHCSEYxI5qrcYV5YqX9P6+Ko+vozo4nseUQLPH/ATQ4qL0Zok+1jkag3Lgk\njonyUf9bwtWxFp05HC3GMHPhhcUSexCxQLQvnFWXD2sWLKivHp2fT8QbRGeZ+d3m\n6fqcd5Fu7pxsqm0EUDK5NL+nPIgYhN+auTrhgzhK1CShfGccM/wfRlei9Utz6p9P\nXRKIlWnXtT4qNGZNTN0tR+NLG/6Bqd8OYBaFAUcue/w1VW6JQ2VGYZHnZu9S8LMc\nFYBa5Ig9PxwGQOgq6RDKDbV+PqTQT5EFMeR1mrjckk4DQJjbxeMZbiNMG5kGECA8\ng383P3elhn03WGbEEa4MNc3Z4+7c236QI3xWJfNPdUbXRaAwhy/6rTSFbzwKB0Jm\nebwzQfwjQY6f55MiI/RqDCyuPj3r3jyVRkK86pQKBAJwFHyqj9KaKXMZjfVnowLh\n9svIGfNbGHpucATqREvUHuQbNnqkCx8VVhtYkhDb9fEP2xBu5VvHbR+3nfVhMut5\nG34Ct5RS7Jt6LIfFdtcn8CaSas/l1HbiGeRgc70X/9aYx/V/CEJv0lIe8gP6uDoW\nFPIZ7d6vH+Vro6xuWEGiuMaiznap2KhZmpkgfupyFmplh0s6knymuQINBFit2ioB\nEADneL9S9m4vhU3blaRjVUUyJ7b/qTjcSylvCH5XUE6R2k+ckEZjfAMZPLpO+/tF\nM2JIJMD4SifKuS3xck9KtZGCufGmcwiLQRzeHF7vJUKrLD5RTkNi23ydvWZgPjtx\nQ+DTT1Zcn7BrQFY6FgnRoUVIxwtdw1bMY/89rsFgS5wwuMESd3Q2RYgb7EOFOpnu\nw6da7WakWf4IhnF5nsNYGDVaIHzpiqCl+uTbf1epCjrOlIzkZ3Z3Yk5CM/TiFzPk\nz2lLz89cpD8U+NtCsfagWWfjd2U3jDapgH+7nQnCEWpROtzaKHG6lA3pXdix5zG8\neRc6/0IbUSWvfjKxLLPfNeCS2pCL3IeEI5nothEEYdQH6szpLog79xB9dVnJyKJb\nVfxXnseoYqVrRz2VVbUI5Blwm6B40E3eGVfUQWiux54DspyVMMk41Mx7QJ3iynIa\n1N4ZAqVMAEruyXTRTxc9XW0tYhDMA/1GYvz0EmFpm8LzTHA6sFVtPm/ZlNCX6P1X\nzJwrv7DSQKD6GGlBQUX+OeEJ8tTkkf8QTJSPUdh8P8YxDFS5EOGAvhhpMBYD42kQ\npqXjEC+XcycTvGI7impgv9PDY1RCC1zkBjKPa120rNhv/hkVk/YhuGoajoHyy4h7\nZQopdcMtpN2dgmhEegny9JCSwxfQmQ0zK0g7m6SHiKMwjwARAQABiQQ+BBgBCAAJ\nBQJYrdoqAhsCAikJEI2BgDwOv82IwV0gBBkBCAAGBQJYrdoqAAoJEH6gqcPyc/zY\n1WAP/2wJ+R0gE6qsce3rjaIz58PJmc8goKrir5hnElWhPgbq7cYIsW5qiFyLhkdp\nYcMmhD9mRiPpQn6Ya2w3e3B8zfIVKipbMBnke/ytZ9M7qHmDCcjoiSmwEXN3wKYI\nmD9VHONsl/CG1rU9Isw1jtB5g1YxuBA7M/m36XN6x2u+NtNMDB9P56yc4gfsZVES\nKA9v+yY2/l45L8d/WUkUi0YXomn6hyBGI7JrBLq0CX37GEYP6O9rrKipfz73XfO7\nJIGzOKZlljb/D9RX/g7nRbCn+3EtH7xnk+TK/50euEKw8SMUg147sJTcpQmv6UzZ\ncM4JgL0HbHVCojV4C/plELwMddALOFeYQzTif6sMRPf+3DSj8frbInjChC3yOLy0\n6br92KFom17EIj2CAcoeq7UPhi2oouYBwPxh5ytdehJkoo+sN7RIWua6P2WSmon5\nU888cSylXC0+ADFdgLX9K2zrDVYUG1vo8CX0vzxFBaHwN6Px26fhIT1/hYUHQR1z\nVfNDcyQmXqkOnZvvoMfz/Q0s9BhFJ/zU6AgQbIZE/hm1spsfgvtsD1frZfygXJ9f\nirP+MSAI80xHSf91qSRZOj4Pl3ZJNbq4yYxv0b1pkMqeGdjdCYhLU+LZ4wbQmpCk\nSVe2prlLureigXtmZfkqevRz7FrIZiu9ky8wnCAPwC7/zmS18rgP/17bOtL4/iIz\nQhxAAoAMWVrGyJivSkjhSGx1uCojsWfsTAm11P7jsruIL61ZzMUVE2aM3Pmj5G+W\n9AcZ58Em+1WsVnAXdUR//bMmhyr8wL/G1YO1V3JEJTRdxsSxdYa4deGBBY/Adpsw\n24jxhOJR+lsJpqIUeb999+R8euDhRHG9eFO7DRu6weatUJ6suupoDTRWtr/4yGqe\ndKxV3qQhNLSnaAzqW/1nA3iUB4k7kCaKZxhdhDbClf9P37qaRW467BLCVO/coL3y\nVm50dwdrNtKpMBh3ZpbB1uJvgi9mXtyBOMJ3v8RZeDzFiG8HdCtg9RvIt/AIFoHR\nH3S+U79NT6i0KPzLImDfs8T7RlpyuMc4Ufs8ggyg9v3Ae6cN3eQyxcK3w0cbBwsh\n/nQNfsA6uu+9H7NhbehBMhYnpNZyrHzCmzyXkauwRAqoCbGCNykTRwsur9gS41TQ\nM8ssD1jFheOJf3hODnkKU+HKjvMROl1DK7zdmLdNzA1cvtZH/nCC9KPj1z8QC47S\nxx+dTZSx4ONAhwbS/LN3PoKtn8LPjY9NP9uDWI+TWYquS2U+KHDrBDlsgozDbs/O\njCxcpDzNmXpWQHEtHU7649OXHP7UeNST1mCUCH5qdank0V1iejF6/CfTFU4MfcrG\nYT90qFF93M3v01BbxP+EIY2/9tiIPbrd\n=0YYh\n-----END PGP PUBLIC KEY BLOCK-----'
],
'repositories': [
'deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable'
'deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable'
],
'required': {
'docker': 'docker-ce=5:19.03.8~3-0~ubuntu-bionic',

6
tests/unit/builder_data/simple/HostSystem.yaml
View File

@ -42,7 +42,7 @@ data:
packages:
common:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
@ -116,7 +116,7 @@ data:
socat: socat=1.7.3.1-1
genesis:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----
@ -190,7 +190,7 @@ data:
socat: socat=1.7.3.1-1
join:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

6
tests/unit/builder_data/simple/armada-resources.yaml
View File

@ -110,7 +110,7 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: master
dependencies: []
@ -135,7 +135,7 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: master
dependencies: []
@ -439,7 +439,7 @@ data:
service_calico_etcd: false
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: master
subpath: calico
dependencies:

6
tools/g2/lib/config.sh
View File

@ -1,8 +1,8 @@
export TEMP_DIR=${TEMP_DIR:-$(mktemp -d)}
export BASE_IMAGE_SIZE=${BASE_IMAGE_SIZE:-344784896}
export BASE_IMAGE_URL=${BASE_IMAGE_URL:-https://cloud-images.ubuntu.com/releases/bionic/release/ubuntu-18.04-server-cloudimg-amd64.img}
export BASE_IMAGE_SIZE=${BASE_IMAGE_SIZE:-644612096}
export BASE_IMAGE_URL=${BASE_IMAGE_URL:-https://cloud-images.ubuntu.com/releases/focal/release/ubuntu-20.04-server-cloudimg-amd64.img}
export IMAGE_PROMENADE=${IMAGE_PROMENADE:-quay.io/airshipit/promenade:master}
export IMAGE_PROMENADE_DISTRO=${IMAGE_PROMENADE_DISTRO:-ubuntu_bionic}
export IMAGE_PROMENADE_DISTRO=${IMAGE_PROMENADE_DISTRO:-ubuntu_focal}
export NGINX_DIR="${TEMP_DIR}/nginx"
export NGINX_URL="http://192.168.77.1:7777"
export PROMENADE_BASE_URL="http://promenade-api.ucp.svc.cluster.local"

2
tools/g2/lib/promenade.sh
View File

@ -11,7 +11,7 @@ promenade_render_curl_url() {
USE_DECKHAND=${2}
DECKHAND_REVISION=${3}
shift 3
LABELS=(${@})
LABELS=("${@}")
LABEL_PARAMS=
for label in "${LABELS[@]}"; do

8
tools/g2/lib/registry.sh
View File

@ -1,13 +1,13 @@
registry_down() {
REGISTRY_ID=$(docker ps -qa -f name=registry)
if [[ ! -z ${REGISTRY_ID} ]]; then
if [[ -n ${REGISTRY_ID} ]]; then
log Removing docker registry
docker rm -fv "${REGISTRY_ID}" &>> "${LOG_FILE}"
fi
}
registry_list_images() {
FILES=($(config_configuration | xargs -n 1 -I DIRNAME find DIRNAME -type f -name '*.yaml' | grep -v PKICatalog))
FILES=("$(config_configuration | xargs -I dirname find dirname -type f -name '*.yaml' | grep -v PKICatalog)")
HOSTNAME_REGEX='[a-zA-Z0-9][a-zA-Z0-9_-]{0,62}'
DOMAIN_NAME_REGEX="${HOSTNAME_REGEX}(\.${HOSTNAME_REGEX})*"
@ -45,7 +45,7 @@ registry_populate() {
}
registry_replace_references() {
FILES=(${@})
FILES=("${@}")
for image in $(registry_list_images); do
sed -i "s;${image}\$;registry:5000/${image};g" "${FILES[@]}"
done
@ -55,7 +55,7 @@ registry_up() {
log Validating local registry is up
REGISTRY_ID=$(docker ps -qa -f name=registry)
RUNNING_REGISTRY_ID=$(docker ps -q -f name=registry)
if [[ -z ${RUNNING_REGISTRY_ID} && ! -z ${REGISTRY_ID} ]]; then
if [[ -z ${RUNNING_REGISTRY_ID} && -n ${REGISTRY_ID} ]]; then
log Removing stopped docker registry
docker rm -fv "${REGISTRY_ID}" &>> "${LOG_FILE}"
fi

6
tools/g2/lib/virsh.sh
View File

@ -22,6 +22,7 @@ img_base_declare() {
}
iso_gen() {
set -x
NAME=${1}
if virsh vol-key --pool "${VIRSH_POOL}" --vol "cloud-init-${NAME}.iso" &> /dev/null; then
@ -67,6 +68,7 @@ iso_gen() {
--vol "cloud-init-${NAME}.iso" \
--file "${ISO_DIR}/cidata.iso"
} &>> "${LOG_FILE}"
set +x
}
iso_path() {
@ -125,11 +127,12 @@ vm_create() {
DISK_OPTS="bus=virtio,cache=directsync,discard=unmap,format=qcow2"
virt-install \
--name "${NAME}" \
--osinfo ubuntu20.04 \
--virt-type kvm \
--cpu host,+x2apic,-avx2 \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--network "network=promenade,model=virtio" \
--network "network=promenade,model=e1000" \
--vcpus "$(config_vm_vcpus)" \
--memory "$(config_vm_memory)" \
--import \
@ -140,6 +143,7 @@ vm_create() {
ssh_cmd "${NAME}" sync
# docker enables forwarding, containerd - does not
ssh_cmd "${NAME}" sysctl net.ipv4.conf.all.forwarding=1
ssh_cmd "${NAME}" sysctl net.ipv4.conf.all.rp_filter=1
}
vm_create_all() {

2
tools/g2/stages/conformance.sh
View File

@ -20,7 +20,7 @@ else
fi
FILENAME=$(ssh_cmd "${GENESIS_NAME}" ls /mnt/sonobuoy || echo "")
if [[ ! -z ${FILENAME} ]]; then
if [[ -n ${FILENAME} ]]; then
if rsync_cmd "${GENESIS_NAME}:/mnt/sonobuoy/${FILENAME}" "${WORKSPACE}/conformance/sonobuoy.tgz"; then
tar xf "${WORKSPACE}/conformance/sonobuoy.tgz" -C "${WORKSPACE}/conformance"
fi

4
tools/g2/stages/generate-certificates.sh
View File

@ -50,7 +50,7 @@ rm -f "${OUTPUT_FILE}"
for source_dir in $(config_configuration); do
log Copying configuration from "${source_dir}"
for filename in ${WORKSPACE}/${source_dir}/*.yaml; do
for filename in "${WORKSPACE}"/"${source_dir}"/*.yaml; do
if should_include_filename "${filename}"; then
log Including config from "$filename"
cat "${filename}" >> "${OUTPUT_FILE}"
@ -68,7 +68,7 @@ log "Setting up local caches.."
nginx_cache_and_replace_tar_urls "${OUTPUT_DIR}"/*.yaml
registry_replace_references "${OUTPUT_DIR}"/*.yaml
FILES=($(ls "${OUTPUT_DIR}"))
FILES=("$(ls "${OUTPUT_DIR}")")
log Generating certificates
docker run --rm -t \

2
tools/g2/templates/network-config.sub
View File

@ -2,7 +2,7 @@
version: 1
config:
- type: physical
name: ens3
name: ens1
subnets:
- type: static
address: ${BR_IP_NODE}/24

6
tools/gate/config-templates/bootstrap-armada-config.yaml
View File

@ -105,9 +105,9 @@ data:
values: {}
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
subpath: helm-toolkit
reference: ee331fd0d38e3584fecbefbf6218ba0c8e112338
reference: fa8916f5bcc8cbf064a387569e2630b7bbf0b49b
dependencies: []
---
schema: armada/Chart/v1
@ -479,7 +479,7 @@ data:
service_calico_etcd: false
source:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
location: https://opendev.org/openstack/openstack-helm-infra.git
reference: master
subpath: calico
dependencies:

2
tools/gate/config-templates/site-config.yaml
View File

@ -75,7 +75,7 @@ data:
helm: ${IMAGE_HELM}
packages:
repositories:
- deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
- deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable
keys:
- |-
-----BEGIN PGP PUBLIC KEY BLOCK-----

2
tools/helm_tk.sh
View File

@ -17,7 +17,7 @@
set -eux
HTK_REPO=${HTK_REPO:-"https://opendev.org/openstack/openstack-helm-infra.git"}
HTK_STABLE_COMMIT=${HTK_COMMIT:-"5c4056ad341afcc577e63902b6ddbfb222d757e1"}
HTK_STABLE_COMMIT=${HTK_COMMIT:-"fa8916f5bcc8cbf064a387569e2630b7bbf0b49b"}

3
tools/install-external-deps.sh
View File

@ -5,7 +5,7 @@ set -ex
CFSSL_URL=${CFSSL_URL:-https://pkg.cfssl.org/R1.2/cfssl_linux-amd64}
if [[ ! $(which cfssl) ]]; then
if [[ ! $(command -v cfssl) ]]; then
TMP_DIR=$(mktemp -d)
pushd "${TMP_DIR}"
curl -Lo cfssl "${CFSSL_URL}"
@ -13,4 +13,5 @@ if [[ ! $(which cfssl) ]]; then
sudo mv cfssl /usr/local/bin/
popd
rm -rf "${TMP_DIR}"
cfssl version
fi

6
tools/lint_gate.sh
View File

@ -7,12 +7,12 @@ WORKSPACE=$(realpath "${SCRIPT_DIR}/..")
for manifest in $(find "${WORKSPACE}/tools/g2/manifests" -type f | sort); do
echo Checking "${manifest}"
python -m jsonschema "${WORKSPACE}/tools/g2/manifest-schema.json" -i "${manifest}"
python3 -m jsonschema "${WORKSPACE}/tools/g2/manifest-schema.json" -i "${manifest}"
done
if [[ -x $(which shellcheck) ]]; then
if [[ -x "$(command -v shellcheck)" ]]; then
echo Checking shell scripts..
shellcheck -s bash -e SC1090 -e SC2162 -e SC2164 -e SC2128 -e SC2029 "${WORKSPACE}"/tools/cleanup.sh "${WORKSPACE}"/tools/*gate*.sh "${WORKSPACE}"/tools/g2/stages/* "${WORKSPACE}"/tools/g2/lib/* "${WORKSPACE}"/tools/install-external-deps.sh
shellcheck -s bash -e SC1091 -e SC1090 -e SC2162 -e SC2164 -e SC2128 -e SC2029 "${WORKSPACE}"/tools/cleanup.sh "${WORKSPACE}"/tools/*gate*.sh "${WORKSPACE}"/tools/g2/stages/* "${WORKSPACE}"/tools/g2/lib/* "${WORKSPACE}"/tools/install-external-deps.sh
else
echo No shellcheck executable found. Please, install it.
exit 1

18
tools/setup_gate.sh
View File

@ -19,7 +19,7 @@ REQUIRE_RELOG=0
log_stage_header "Installing Packages"
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update -qq
sudo apt-get install -q -y --no-install-recommends \
sudo apt-get install -q -y --no-install-recommends --allow-downgrades \
apt-transport-https \
build-essential \
ca-certificates \
@ -28,12 +28,15 @@ sudo apt-get install -q -y --no-install-recommends \
genisoimage \
jq \
libstring-shellquote-perl \
libvirt-bin \
python3-dev \
software-properties-common \
qemu-kvm \
qemu-utils \
software-properties-common \
virtinst
virt-manager \
libvirt-daemon-system \
virtinst \
libvirt-clients \
bridge-utils
# Install the docker gpg key & Add the repository
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
@ -44,10 +47,13 @@ sudo add-apt-repository \
sudo apt-get update -qq
# Remove old versions of docker, if installed
sudo apt-get remove -q -y docker docker-engine docker.io
sudo apt-get remove -q -y docker docker-engine docker.io --allow-downgrades \
# Install docker
sudo apt-get install -q -y --no-install-recommends \
docker-ce
docker-ce \
docker-ce-cli \
docker-buildx-plugin \
containerd.io
# Set up proxy when using docker_image in yamls
sudo mkdir -p /etc/systemd/system/docker.service.d/

31
tools/zuul/playbooks/deploy-promenade-containerd.yaml
View File

@ -19,9 +19,33 @@
PROMENADE_TMP_LOCAL: "cache"
DISTRO: "{{ distro }}"
become: true
tasks:
- name: Install docker
command: apt-get install docker.io resolvconf -y
- name: Generate configuration files
shell: |
set -xe;
sysctl net.ipv4.conf.all.forwarding=1
sysctl net.ipv4.conf.all.rp_filter=1
args:
chdir: /root
executable: /bin/bash
environment: "{{env}}"
- name: Ensure pip
include_role:
name: ensure-pip
- name: Clear firewall
include_role:
name: clear-firewall
- name: Ensure docker
include_role:
name: ensure-docker
- name: Install resolvconf
command: apt-get install resolvconf -y
- name: Setup Apparmor
shell: |
@ -31,6 +55,9 @@
chdir: "{{ zuul.projects['opendev.org/openstack/openstack-helm-infra'].src_dir }}"
executable: /bin/bash
- name: List interfaces
command: ip addr show
- name: Generate configuration files
shell: |
set -xe;

14
tools/zuul/playbooks/deploy-promenade.yaml
View File

@ -18,9 +18,21 @@
NO_PROXY: ""
DISTRO: "{{ distro }}"
become: true
roles:
- deploy-apparmor
- ensure-docker
tasks:
- name: Install docker
command: apt-get install docker.io resolvconf -y
command: |
apt-get install \
docker-ce \
docker-ce-cli \
docker-buildx-plugin \
containerd.io \
resolvconf \
-y
- name: Setup Apparmor
shell: |

59
tools/zuul/playbooks/docker-image-build.yaml
View File

@ -1,52 +1,19 @@
- hosts: all
tasks:
- include_vars: vars.yaml
- name: Install Docker (Debian)
when: ansible_os_family == 'Debian'
block:
- file:
path: "{{ item }}"
state: directory
with_items:
- /etc/docker/
- /etc/systemd/system/docker.service.d/
- /var/lib/docker/
- mount:
path: /var/lib/docker/
src: tmpfs
fstype: tmpfs
opts: size=25g
state: mounted
- copy: "{{ item }}"
with_items:
- content: "{{ docker_daemon | to_json }}"
dest: /etc/docker/daemon.json
- src: files/docker-systemd.conf
dest: /etc/systemd/system/docker.service.d/
- apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
- apt_repository:
repo: deb http://{{ zuul_site_mirror_fqdn }}/deb-docker/{{ ansible_distribution_release }} {{ ansible_distribution_release }} stable
- apt:
name: "{{ item }}"
allow_unauthenticated: True
with_items:
- docker-ce
- python3-pip
- python3-setuptools
- pip:
name: docker
version: 2.7.0
executable: pip3
# NOTE(SamYaple): Allow all connections from containers to host so the
# containers can access the http server for git and wheels
- iptables:
action: insert
chain: INPUT
in_interface: docker0
jump: ACCEPT
become: True
- name: Ensure pip
include_role:
name: ensure-pip
- name: Clear firewall
include_role:
name: clear-firewall
- name: Ensure docker
include_role:
name: ensure-docker
- name: Debug tag generation inputs
block:
@ -62,7 +29,7 @@
msg: "{{ tags | to_json }}"
- name: Determine tags
shell: echo '{{ tags | to_json }}' | python {{ zuul.project.src_dir }}/tools/image_tags.py
shell: echo '{{ tags | to_json }}' | python3 {{ zuul.project.src_dir }}/tools/image_tags.py
environment:
BRANCH: "{{ zuul.branch | default('') }}"
CHANGE: "{{ zuul.change | default('') }}"

0
tools/zuul/playbooks/osh-infra-upgrade-host.yaml Normal file
View File

41
tools/zuul/playbooks/roles/deploy-apparmor/tasks/main.yaml Normal file
View File

@ -0,0 +1,41 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- block:
- name: ensuring AppArmor is deployed on host
when: ansible_distribution == 'Ubuntu'
include_role:
name: deploy-package
tasks_from: dist
vars:
packages:
deb:
- apparmor
- apt-transport-https
- ca-certificates
- curl
- software-properties-common
- name: "Enable AppArmor"
when: ansible_distribution == 'Ubuntu'
become: true
become_user: root
shell: |-
set -xe
systemctl enable apparmor
systemctl start apparmor
systemctl status apparmor.service
args:
executable: /bin/bash
ignore_errors: True
...

18
tools/zuul/playbooks/roles/deploy-package/defaults/main.yml Normal file
View File

@ -0,0 +1,18 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
proxy:
http: null
https: null
noproxy: null
...

46
tools/zuul/playbooks/roles/deploy-package/tasks/dist.yaml Normal file
View File

@ -0,0 +1,46 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: managing distro packages for ubuntu
become: true
become_user: root
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
vars:
state: present
apt:
name: "{{ item }}"
state: "{{ state }}"
with_items: "{{ packages.deb }}"
- name: managing distro packages for centos
become: true
become_user: root
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'
vars:
state: present
yum:
name: "{{ item }}"
state: "{{ state }}"
with_items: "{{ packages.rpm }}"
- name: managing distro packages for fedora
become: true
become_user: root
when: ansible_distribution == 'Fedora'
vars:
state: present
dnf:
name: "{{ item }}"
state: "{{ state }}"
with_items: "{{ packages.rpm }}"
...

27
tools/zuul/playbooks/roles/deploy-package/tasks/pip.yaml Normal file
View File

@ -0,0 +1,27 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: managing pip packages
become: true
become_user: root
environment:
http_proxy: "{{ proxy.http }}"
https_proxy: "{{ proxy.https }}"
no_proxy: "{{ proxy.noproxy }}"
vars:
state: present
pip:
name: "{{ item }}"
state: "{{ state }}"
with_items: "{{ packages }}"
...

15
tools/zuul/playbooks/roles/upgrade-host/defaults/main.yml Normal file
View File

@ -0,0 +1,15 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
ubuntu_kernel_hwe: false
...

44
tools/zuul/playbooks/roles/upgrade-host/tasks/main.yaml Normal file
View File

@ -0,0 +1,44 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
---
- name: Upgrade to HWE kernel on Ubuntu Hosts
when:
- ansible_distribution == 'Ubuntu'
- ubuntu_kernel_hwe == true
block:
- name: Deploy HWE kernel on Ubuntu Hosts
include_role:
name: deploy-package
tasks_from: dist
vars:
packages:
deb:
- linux-generic-hwe-20.04
- name: Reboot Host following kernel upgrade
shell: sleep 2 && reboot
become: yes
async: 30
poll: 0
ignore_errors: true
args:
executable: /bin/bash
- name: Wait for hosts to come up following reboot
wait_for:
host: '{{ hostvars[item].ansible_host }}'
port: 22
state: started
delay: 60
timeout: 240
with_items: '{{ play_hosts }}'
connection: local
...

41
tox.ini
View File

@ -1,22 +1,19 @@
[tox]
envlist = pep8,py35,py36,bandit,docs
envlist = pep8,py38,bandit,docs
[testenv]
basepython=python3
passenv = http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy NO_PROXY
pass_env =
http_proxy
HTTP_PROXY
https_proxy
HTTPS_PROXY
no_proxy
NO_PROXY
[testenv:venv]
commands = {posargs}
[testenv:py35]
setenv =
PYTHONWARNING=all
deps = -r{toxinidir}/requirements-frozen.txt
-r{toxinidir}/test-requirements.txt
commands =
pytest {posargs}
[testenv:py36]
[testenv:py38]
setenv =
PYTHONWARNING=all
deps = -r{toxinidir}/requirements-frozen.txt
@ -31,7 +28,9 @@ commands =
bandit -r promenade
[testenv:docs]
whitelist_externals = rm
pass_env = {[pkgenv]pass_env}
allowlist_externals =
rm
deps =
-r{toxinidir}/doc/requirements.txt
commands =
@ -47,7 +46,7 @@ commands =
[testenv:freeze]
deps = -r{toxinidir}/requirements-direct.txt
recreate = True
whitelist_externals = sh
allowlist_externals = sh
grep
commands=
sh -c "pip freeze | grep -vE '^(promenade)|(pkg-resources)' > {toxinidir}/requirements-frozen.txt"
@ -55,7 +54,7 @@ commands=
[testenv:gate-lint]
deps =
jsonschema==2.6.0
whitelist_externals = sh
allowlist_externals = sh
commands =
{toxinidir}/tools/lint_gate.sh
@ -66,3 +65,15 @@ commands =
yapf -rd {toxinidir}/promenade {toxinidir}/tests {toxinidir}/tools/image_tags.py
flake8 {toxinidir}/promenade
bandit -r promenade
[flake8]
# [H106] Don't put vim configuration in source files.
# [H203] Use assertIs(Not)None to check for None.
# [H204] Use assert(Not)Equal to check for equality.
# [H205] Use assert(Greater|Less)(Equal) for comparison.
# [H210] Require 'autospec', 'spec', or 'spec_set' in mock.patch/mock.patch.object calls
# [H904] Delay string interpolations at logging calls.
enable-extensions = H106,H203,H204,H205,H210
# [E731] Do not assign a lambda expression, use a def. This reduces readability in some cases.
ignore = E126,E731,F405,H102,H301,H306,H401,H404,H405,H904,W503,W504
exclude = .venv,.git,.tox,dist,*lib/python*,*egg,build,releasenotes,doc,alembic/versions

117
.zuul.yaml → zuul.d/jobs.yaml
View File

@ -1,3 +1,6 @@
---
# Copyright 2018 SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
@ -10,61 +13,18 @@
# See the License for the specific language governing permissions and
# limitations under the License.
- project:
templates:
- docs-on-readthedocs
vars:
rtd_webhook_id: '38575'
rtd_project_name: 'airship-promenade'
check:
jobs:
- openstack-tox-pep8-bionic
- airship-promenade-lint-ws
- airship-promenade-docker-build-gate-ubuntu_xenial
- airship-promenade-docker-build-gate-ubuntu_bionic
- airship-promenade-chart-build-gate
- airship-promenade-chart-build-latest-htk
- airship-promenade-unit-py35
- airship-promenade-genesis-containerd-gate
gate:
jobs:
- openstack-tox-pep8-bionic
- airship-promenade-lint-ws
- airship-promenade-docker-build-gate-ubuntu_xenial
- airship-promenade-docker-build-gate-ubuntu_bionic
- airship-promenade-chart-build-gate
- airship-promenade-unit-py35
- airship-promenade-genesis-containerd-gate
post:
jobs:
- airship-promenade-docker-build-post-ubuntu_xenial
- airship-promenade-docker-build-post-ubuntu_bionic
- promenade-upload-git-mirror
- nodeset:
name: airship-promenade-single-node
nodes:
- name: primary
label: ubuntu-bionic
- nodeset:
name: airship-promenade-single-node-bionic
nodes:
- name: primary
label: ubuntu-bionic
- job:
name: airship-promenade-genesis-containerd-gate
description: |
Deploy airship promenade genesis with containerd
run: tools/zuul/playbooks/deploy-promenade-containerd.yaml
run:
- tools/zuul/playbooks/deploy-promenade-containerd.yaml
required-projects:
- openstack/openstack-helm-infra
timeout: 3600
nodeset: airship-promenade-single-node-bionic
nodeset: airship-promenade-single-node-focal
vars:
distro: ubuntu_bionic
distro: ubuntu_focal
- job:
name: airship-promenade-lint-ws
@ -72,7 +32,7 @@
Lints all files for trailing whitespace
run: tools/zuul/playbooks/zuul-linter.yaml
timeout: 300
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
- job:
name: airship-promenade-chart-build-gate
@ -80,7 +40,7 @@
Lints charts using pinned HTK
run: tools/zuul/playbooks/helm-linter.yaml
timeout: 300
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
- job:
name: airship-promenade-chart-build-latest-htk
@ -89,33 +49,33 @@
voting: false
run: tools/zuul/playbooks/helm-linter.yaml
timeout: 300
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
vars:
HTK_COMMIT: master
- job:
name: airship-promenade-unit-py35
name: airship-promenade-unit-py38
description: |
Executes unit tests under Python 3.5
Executes unit tests under Python 3.8
run: tools/zuul/playbooks/make-tests.yaml
timeout: 1500
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
files:
- ^.*\.py$
- job:
name: airship-promenade-linter
run: tools/zuul/playbooks/zuul-linter.yaml
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
- job:
name: airship-promenade-docker-build-gate-ubuntu_bionic
voting: false
name: airship-promenade-docker-build-gate
voting: true
run: tools/zuul/playbooks/docker-image-build.yaml
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
vars:
publish: false
distro: ubuntu_bionic
distro: ubuntu_focal
tags:
dynamic:
patch_set: true
@ -125,50 +85,15 @@
- ^tests/.*$
- ^tools/.*$
- job:
name: airship-promenade-docker-build-gate-ubuntu_bionic
run: tools/zuul/playbooks/docker-image-build.yaml
nodeset: airship-promenade-single-node
vars:
publish: false
distro: ubuntu_bionic
tags:
dynamic:
patch_set: true
irrelevant-files:
- ^charts/.*$
- ^etc/.*$
- ^tests/.*$
- ^tools/.*$
- job:
name: airship-promenade-docker-build-post-ubuntu_xenial
name: airship-promenade-docker-build-post
voting: false
run: tools/zuul/playbooks/docker-image-build.yaml
nodeset: airship-promenade-single-node
nodeset: airship-promenade-single-node-focal
secrets:
- airship_promenade_quay_creds
vars:
publish: true
distro: ubuntu_xenial
tags:
dynamic:
branch: true
commit: true
static:
- latest
irrelevant-files:
- ^charts/.*$
- ^etc/.*$
- ^tests/.*$
- ^tools/.*$
- job:
name: airship-promenade-docker-build-post-ubuntu_bionic
run: tools/zuul/playbooks/docker-image-build.yaml
nodeset: airship-promenade-single-node
secrets:
- airship_promenade_quay_creds
vars:
publish: true
distro: ubuntu_bionic
distro: ubuntu_focal
tags:
dynamic:
branch: true

22
zuul.d/nodesets.yaml Normal file
View File

@ -0,0 +1,22 @@
---
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- nodeset:
name: airship-promenade-single-node-focal
nodes:
- name: primary
label: ubuntu-focal
groups:
- name: primary
nodes:
- primary

44
zuul.d/project.yaml Normal file
View File

@ -0,0 +1,44 @@
---
# Copyright 2018 SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- project:
templates:
- docs-on-readthedocs
vars:
rtd_webhook_id: '38575'
rtd_project_name: 'airship-promenade'
check:
jobs:
- openstack-tox-pep8
# - openstack-tox-py38
- airship-promenade-lint-ws
- airship-promenade-docker-build-gate
- airship-promenade-chart-build-gate
- airship-promenade-chart-build-latest-htk
- airship-promenade-unit-py38
- airship-promenade-genesis-containerd-gate
gate:
jobs:
- openstack-tox-pep8
- airship-promenade-lint-ws
- airship-promenade-docker-build-gate
- airship-promenade-chart-build-gate
- airship-promenade-unit-py38
- airship-promenade-genesis-containerd-gate
post:
jobs:
- airship-promenade-docker-build-post
- promenade-upload-git-mirror
...