This is no longer present in Ansible 9.
Removing these upsets ansible-lint, so those errors are ignored.
The base roles job has bitrotted on centos-7 and bionic due to
a bad voluptuous release used in an stestr test. That is fixed in
this change as well.
Change-Id: I67886d5ad82ab590979f82bd102d6f974b9d4421
The debug repo for NFV wasn't configured to mirrors, this was a typo
in Ibfd88c137855c22b960099cc8d582b241c3b1db6. Switch it back to
false.
Change-Id: If18d5fda42c68f4520a5c553b63c7b2d351ebd4f
When we added 9-stream with I2da3a5e8a45598c6b3ded132ea61b86b4480e262
we had some components pointing to the mirrors and some not. This is
basically because the OpenDev mirrors choose to mirror these parts of
the distribution. It was an oversight to do things like this, as this
is nominally a generic configuration tool.
This proposes that we put each component behind a variable which can
be enabled or disabled. This way users of the role can switch
on-or-off whatever their local mirrors carry, and fall-back to the
generic mirror metalink in other cases.
I imagine that with future distros like this we would have everything
disabled by default in zuul-jobs, and leave it up to sites to
explicitly opt-in the various components. We could announce this via
our usual deprecation path and do similar for 9-stream; but for now
this keeps the defaults as it is currently written.
Change-Id: Ibfd88c137855c22b960099cc8d582b241c3b1db6
This fixes a number of places where we do not have spaces between
filters. I think that this is a reasonable rule for readability (I
also think it probably was enforced, but maybe later versions got
better at detecting it?).
These are detected by a later version of Ansible lint; this change
should have no operational change to any roles but prepares us to
update in a follow-on change.
Change-Id: I07e1a109b87adce86f483d14d7e02fcecb8313d5
The wrong flag was toggled to False. This revers the other flag back to
True and disables enable_deb_src_repos by setting it to false.
This was my mistake and also missed in review :(
Change-Id: Iffef2da4ae1ad4910be6d124e0cb0d019460fbb5
This should only be landed after we have announced this changing default
and enough time has passed for people to reasonably update their CI
systems if necessary.
Change-Id: Ibf2e2ca0579e180db074b7ab342dae15108dad27
This enables deb-src repos on Debian hosts with a flag. The flag
currently defaults to True to maintain backward compatible behavior with
the hardcoded deb-src repos that configure-mirrors previously set. We
intend on flipping this default to False after announcing this change.
The reasons for this are that source package repos are rarely needed
by CI systems, but these repos can consume large amounts of disk in
mirrors. To make it easier to people deploying mirrors we want to avoid
enabling source repos by default.
Change-Id: I7e9cd0ec1e3184c3c0561bbb7d3069feaf5f1ba5
I74b9de7092f182c942a58ac7a46b9fbd791889de hit a common ansible gotcha
where it likes to strip the trailing newline after a {% endif %}.
This has resulted in invalid lines in our sources.list.
Unfortunately we miss this because it still exits with 0. Add a
simple test looking for warning output.
Change-Id: I46d393a5e67d10a52c4dcca803176ff368a4b5bd
Out-of-the-box installs of centos-8 do not enable the PowerTools
or HighAvailability repositories. Debian/Ubuntu do not enable
the backports repository by default.
Having these repos enabled by default in CI has led to merging
broken code for OpenStack deployment tooling which is attempting
to also manage the presence/absence of these repositories. It
is challenging to remove these repositories on the running node
because the repo URL (rather than just the name) is required as
input to the apt_repository and yum_repository ansible modules.
This patch adds a role default variable to configure-mirrors to
allow a job to opt out of these extra repositories. The default
is set to 'True' to allow existing jobs to work as before.
Change-Id: I74b9de7092f182c942a58ac7a46b9fbd791889de
Starting with Debian 11 (bullseye), security packages are in
bullseye-security as opposed to older releases like buster/updates.
List the last several stable releases in hopes nobody is trying to
use this role to configure platforms older than Debian 8 (jessie,
the current "oldoldstable").
A followup change demonstrates this works in the test-base-roles
job, but because the job matrices have to be updated in one fell
swoop, and many of those jobs won't work without this change already
merged (due to protected use in our base job), it's not tested
directly within this change.
Change-Id: I2d7712cbfd037a65b9025980a6c0cccd917f8947
For CentOS we are currently using default values for "wheel_mirror" from
roles/configure-mirrors/defaults/main.yaml, which means that the URL
uses the full distribution version, which is wrong, we should be using
the major version instead.
As an example, centos-8 jobs are trying to use
https://mirror.bhs1.ovh.opendev.org/wheel/centos-8.3-x86_64
When they should be using
https://mirror.bhs1.ovh.opendev.org/wheel/centos-8-x86_64
Which makes some jobs fail to find alembic wheel files and then they
fail to build from source because the CI was expecting the wheel mirror
to have it.
This patch fixes this by creating a Centos specific "wheel_mirror"
variable.
Change-Id: I11199cf943a3070fd62bf486fe2b06381db4b04d
(cherry picked from commit c9cad38eeb)
With CentOS8.3 release repo files are now
renamed to CentOS-Linux*, update in zuul-jobs
too to sync, also update repo names as per
latest CentOS8 minor release.
The change is needed now as dib images are updated
to reflect new repo files post [1].
[1] https://review.opendev.org/c/openstack/diskimage-builder/+/765963
Change-Id: I7ed9bd582043717ae5bae303ea9b32db7f73008e
- replaces ignore with a warn, which displays issue without affecting
the linting outcome (allowing gradual fixing)
- bumps linter to enable the warn_list feature
- fixes a set of issues, others will be fixed in follow-up
Change-Id: I7d6f8c156b06f68f681943e88860930968e7c9f9
zypper wants to autodetect these values and it appears that upstream
changes repo types because we are having errors now. Dropping this
config manually on a held node seems to fix things.
Change-Id: I8ad28da7164d9a0955f43d4864ba24c14f0bd4a3
We should offer the option of https in addition to http in our
configure-mirrors role as users may want to consume mirrors using https.
This has become more viable in recent years with the releases of Debian
Buster and Ubuntu Bionic supporting it out of the box.
Change-Id: I747c1a379dfce9469e643d7fa199c8e8554f5289
The failovermethod option was removed in dnf and produces eye catching
warnings. Clean this up to clean up job output by configure-mirrors.
More details at: https://bugzilla.redhat.com/show_bug.cgi?id=1653831
Change-Id: Id646835e0fa9e5e99cde57382b3148caeb55e8bd
We capitalize the first word in task names in general - and when you
follow a log and suddenly see a single lower-case one flying along...
Fix those names that I could find and that are not variables etc.
Change-Id: I9ccde577413270d49fd790c41767b859366dc2f6
High Availability packages have been added as part of core CentOS
repositories in 8.1.
This patch add this repo and enables it as it provides corosync and
pacemaker based HA solution and some other packages required for it.
Change-Id: Idbddd81f251c1ade97892128e52f9214420bead7
There is mirror_fqdn that, if defined, overrides mirrors used for
packages and also mirrors for pypi. This is generally incorrect,
if one wants to use different mirrors for packages vs pypi eggs.
Add pypi_fqdn that defaults to mirror_fqdn, which allows users
to go with a custom pypi_mirror. Make pypi trusting the given
pypi_fqdn value instead of generally unrelated mirror_fqdn.
Change-Id: I12975b57951699351cfc0d40beaeb7c703651dd0
Signed-off-by: Bogdan Dobrelya <bdobreli@redhat.com>
We install pydistutils.cfg to catch legacy cases where people
are doing things with easy_install. That code path is not
desirable and increasingly broken, as support for things like
allow-hosts is dropped upstream.
Stop installing the file. This will mean people using easy_install
won't get the benefit of the mirrors, but they shouldn't be
using easy_install anyway.
Remove pydistutils.cfg if it's there
Make sure we don't have any pydistutils.cfg around.
Change-Id: I24a05f456f87bd4cb57ebf89d4245477bf675f97
This keeps each platform's "/etc" template files in a separate
top-level directory.
Additionally, we add a distro major version match to the task import
and rename centos7 (in preparation for centos8).
Change-Id: If65d51a27e30311b1da20522afb6dbce7ee6cf35
debian-security has been mirrored by change[1], so we can use
it now.
[1] https://review.openstack.org/#/c/577316/
Change-Id: I2c88306564b04db3c6e061ab52545c5a63665e53
With the release of fedora-28, the default locations for
fedora-update.repo have changed. We still need to support fedora-27
until fedora-29 is released.
Change-Id: I8eacd659cf18a8dc571aea6531483610fcd91d1a
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Today the mirror system in openstack-infra isn't properly setup to
mirror debian-security. Until we can fix this, switch to the upstream
URL.
Change-Id: Icfa7dc874d14de245927d461595f90b9dacc7825
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
Load the variables from an architecture specific file first --
ansible's ansible_architecture fact for arm64 is aarch64 (it's all
confusing, Ubuntu calls it arm64). Add this file that sets up the
repo as "ubuntu-ports", which is our mirror of ports.ubuntu.com
Change-Id: Ieb50ae29c7f822e831ef1e32fdd03f74a93e298a
Unfortunately ansible_distribution is "openSUSE Tumbleweed" on
tumbleweed, and the whitespace in there is harmful. as there
isn't a version with tumbleweed, we can just replace
distribution/version with "opensuse-tumbleweed".
Change-Id: I21da4b5f851ec864dfb3cbf8ea6713bc12cda58f
Last revision of I700ba2279dc7aadc7051cad53898e1de9007a08d
of course had a typo compared to what was tested successfully before.
Change-Id: I6f1053d69650ee6235089e61e7f19f8927d8e8f5
Tumbleweed as a rolling release model distribution does not
have a sensible release version and is kept distinct from the
classing "release + update" distributions that are called "Leap".
Conditionalize the repository setup for tumbleweed properly,
the base path is different and it does not have a releaseversion
component (the release version is always changing, it is
the snapshot date in the form YYYYMMDD).
Change-Id: I700ba2279dc7aadc7051cad53898e1de9007a08d