Switches to the built-in inspection by default and deprecates support
for ironic-inspector. The actual removal should happen after we get
inspection rules in since it's the last feature that is relevant for
bifrost.
Depends-On: https://review.opendev.org/c/openstack/ironic/+/907398
Change-Id: Id157d5ada2ff3f87f3f4d161423b1f3989f73194
Third in a series of commits to add Codespell to Ironic Repos. This commit adds the Tox Target to CI
A future commit could potentially add a git-blame-ignore-revs file if their are lots of spelling mistakes that could clutter git blame.
Change-Id: I08ecde1afbda435e0e45d2b6d1edbca52a643e07
IPMI in these jobs regularly fails with:
Failed to prepare node 4e41df61-84b1-5856-bfb6-6b5f2cd3dd11 for cleaning:
IPMI call failed: raw 0x00 0x08 0x05 0xa0 0x04 0x00 0x00 0x00."
Since the goal of these jobs is not to test IPMI, and since we have
never seen this issue outside of these jobs, just switch them to Redfish.
Change-Id: I34f1bb57909acab4be21588d11e4de37de29839d
Its Python 3.8 is not supported by any active version of Ansible.
Focal has been best-effort for a while already.
Change-Id: Id04f9b9835cc705716a797caa7beef2536027186
Newest versions break libvirtd
For more info check https://bugs.launchpad.net/neutron/+bug/2029335
Disabling upgrade job until we fix CS9 in all stable branches
Change-Id: If5da0b1b81e17ad0dd6dc1ac62442a84510e35ce
It is now possible to do a PXE network boot with grub as an
alternative to iPXE. Grub is loaded via the signed shim, so it may
allow end-to-end automated deployments with secure-boot enabled.
To use grub network boot, deploy bifrost with variable
``default_boot_interface`` set to ``pxe``.
This feature is tested by job
bifrost-integration-redfish-uefi-fedora-latest.
test-bifrost.sh is also modified to only enable the hardware-type
driver which matches driver used for test nodes. This allows a default
interface to be set which is not supported by one of the enabled
drivers (for example, ironic will exit because the ilo driver doesn't
support the pxe boot interface)
Change-Id: I8ac33d0aa0f71b092d2c0538ac3a73491ff44921
The latest release 1.9.1 of Ansible OpenStack Collection [1] is
compatible only to openstacksdk <0.99.0. Until the former has been
fixed, a workaround [2] is required in Bifrost to pin both the
Ansible OpenStack Collection as well as openstacksdk.
These pinned versions will be overwritten when their repositories
are listed in job.required-projects in .zuul.yaml, which we do in
the master branch of Ansible OpenStack collection [3] for both jobs
bifrost-collections-src and bifrost-keystone-collections-src.
This has two side effects: First, Bifrost's CI jobs use the master
branch of both openstacksdk and Ansible OpenStack Collection for
both bifrost-*collections-* jobs which thus differ from other
Bifrost jobs that use pinned releases.
Second, it causes a chicken-and-egg problem: Applying a breaking
change to module openstack.cloud.baremetal_node [4] will break
Bifrost but could easily be fixed [5]. The fix would be backward
compatible to previous releases of Ansible OpenStack Collection
and openstacksdk. But merging that fix [5] without patching
module openstack.cloud.baremetal_port [6] first would break the
bifrost-*collections-* jobs. The patch for openstack.cloud.\
baremetal_port [6] would break bifrost-*collections-* jobs
without the Bifrost fix [5].
The solution is to use the last known working releases of
Ansible OpenStack collection and openstacksdk in both
bifrost-*collections-* jobs like all other Bifrost jobs already
do.
Once we release Ansible OpenStack collection 2.0.0, we simply
have to revert Dmitry's workaround [2] and this patch.
[1] https://opendev.org/openstack/ansible-collections-openstack
[2] 03ddd02656
[3] 41f3007a80/.zuul.yaml (L286)
[4] https://review.opendev.org/c/openstack/ansible-collections-openstack/+/854113
[5] https://review.opendev.org/c/openstack/bifrost/+/859430/
Change-Id: I1bb2fc8057e769dafdbeb10b4874591c03c89d1e
This is an automatically generated patch to ensure unit testing
is in place for all the of the tested runtimes for antelope. Also,
updating the template name to generic one.
See also the PTI in governance [1].
[1]: https://governance.openstack.org/tc/reference/project-testing-interface.html
Change-Id: I12214e0794a8c434c64fbdda472e0c11f8f00862
* Downgrade openstacksdk instead of the collections since some keystone
code does not work on old collection and new SDK.
* Force checkout on upgrade since we have local changes to requirements
Reverts commit c12b7fafe8.
Change-Id: I14a83b703c1c76fd311c60aa23880b5708105165
This is because CentOS Stream 8 is no longer supported in Zed and
Stream 9 support is not ready on Kolla's side.
Long-term it is also ok to keep testing here against Ubuntu
because it is a bit stabler than Stream in general.
Change-Id: I09eb82ca122483fbd0f91486af35e80698c92ce0
Depends-On: https://review.opendev.org/c/openstack/kolla/+/842368
The dib image is based on debian "bullseye" which currently suffers of
two issues:
- does not get an ip when booting
- does not recognize any partition for the EFI installation
The first issue is fixed by the patch in diskimage-builder this patch
depends on.
The second issue is fixed addin the block-device-efi dib element to
the dib image.
Depends-On: I117964a60615a5b7e9984f52f02cd018d1a48ed0
Story: 2009756
Task: 44226
Change-Id: I7ee0bd04f387e7fc2055feeab345f80ca6b3ad0a
Also change bifrost-integration-tinyipa-keystone-centos-8 parent to
bifrost-integration-tinyipa-centos-8
Change-Id: I9004f0dde0d20203360e7a5b945ba30095db3457
The ansible-collections-openstack project has moved to
bifrost-integration-tinyipa-keystone-ubuntu-focal since a while.
No other projects are using bifrost-integration-tinyipa-keystone-ubuntu-bionic
Change-Id: Icf40c0ded39b2afa9a667425971faa61f260c9c8
Virtual media images can potentially contain sensitive data, such as
password hashes or private keys. This change adds TLS to this traffic.
A new HTTP server is now started with Nginx, serving the same /httpboot
directory as the old one. If vmedia_enable_tls is true, the /redfish
and /ilo directories are only accessible through it.
One of the redfish-vmedia CI jobs has been switched to using TLS.
Change-Id: I024b81efdbebe08ddb5a20cd0d5e7ae61a180f1b
Bifrost jobs run on ironic and ironic-inspector as well, we need to skip
integration jobs if only unit tests are modified.
Change-Id: I7796f0b4d702b8347f3dadb4f3c907b8b499a819
Adds a new job which can be invoked by Ironic to allow it to easily
benchmark in CI on a minimalist deployment.
Depends-On: https://review.opendev.org/c/openstack/ironic/+/788335
Change-Id: Ib32f4f05133f68f4c79cd0861597bbf81a736a97
As discussed during the upstream ironic community meeting on
Monday Dec 14 2020, the lower-constraints job is being removed.
Change-Id: Ie5e6a655b103dd7edb447f56bff8da870193deba