From 9b6ecc0d6b6aaed56893c47eb606376006d7a1d3 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Evrard Date: Wed, 12 Dec 2018 15:40:19 +0100 Subject: [PATCH] Publish images on DockerHub This adds a playbook for publish jobs which will find "openstackhelm" images, tag them for dockerhub publication, and upload them based on booleans. These publish jobs are put in a post merge pipeline. Post merge pipeline should still have the content of the files changed in the patches, and therefore can be still conditionally triggered with the files: directive. Change-Id: I134e34815743a87b003e1d1fb78974937ae2392e --- zuul.d/ceph-config-helper.yaml | 22 ++++++++++++++++++++++ zuul.d/gate-utils.yaml | 22 ++++++++++++++++++++++ zuul.d/libvirt.yaml | 22 ++++++++++++++++++++++ zuul.d/mariadb.yaml | 12 ++++++++++++ zuul.d/openvswitch.yaml | 22 ++++++++++++++++++++++ zuul.d/playbooks/publish.yml | 25 +++++++++++++++++++++++++ zuul.d/secrets.yaml | 25 +++++++++++++++++++++++++ zuul.d/tempest.yaml | 12 ++++++++++++ zuul.d/vbmc.yaml | 22 ++++++++++++++++++++++ 9 files changed, 184 insertions(+) create mode 100644 zuul.d/playbooks/publish.yml create mode 100644 zuul.d/secrets.yaml diff --git a/zuul.d/ceph-config-helper.yaml b/zuul.d/ceph-config-helper.yaml index 67239d28..f657ee37 100644 --- a/zuul.d/ceph-config-helper.yaml +++ b/zuul.d/ceph-config-helper.yaml @@ -32,6 +32,12 @@ files: *ceph-suse15-files - openstack-helm-images-ceph-config-helper-ubuntu_xenial: files: *ceph-ubuntuxenial-files + post: + jobs: + - publish-openstack-helm-images-ceph-config-helper-suse_15: + files: *ceph-suse15-files + - publish-openstack-helm-images-ceph-config-helper-ubuntu_xenial: + files: *ceph-ubuntuxenial-files periodic: jobs: - openstack-helm-images-ceph-config-helper-suse_15 @@ -58,3 +64,19 @@ parent: openstack-helm-images-ceph-config-helper vars: distro: "ubuntu_xenial" + +- job: + name: publish-openstack-helm-images-ceph-config-helper-suse_15 + parent: openstack-helm-images-ceph-config-helper-suse_15 + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials + +- job: + name: publish-openstack-helm-images-ceph-config-helper-ubuntu_xenial + parent: openstack-helm-images-ceph-config-helper-ubuntu_xenial + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials diff --git a/zuul.d/gate-utils.yaml b/zuul.d/gate-utils.yaml index df22013b..1d9a9859 100644 --- a/zuul.d/gate-utils.yaml +++ b/zuul.d/gate-utils.yaml @@ -32,6 +32,12 @@ files: *gate-debian-files - openstack-helm-images-gate-utils-suse_15: files: *gate-suse15-files + post: + jobs: + - publish-openstack-helm-images-gate-utils-debian: + files: *gate-debian-files + - publish-openstack-helm-images-gate-utils-suse_15: + files: *gate-suse15-files periodic: jobs: - openstack-helm-images-gate-utils-debian @@ -58,3 +64,19 @@ parent: openstack-helm-images-gate-utils vars: distro: "suse_15" + +- job: + name: publish-openstack-helm-images-gate-utils-debian + parent: openstack-helm-images-gate-utils-debian + post-review: true + post-run: zuul.d/playbooks/publish.yml + secrets: + - openstack_helm_images_publish_credentials + +- job: + name: publish-openstack-helm-images-gate-utils-suse_15 + parent: openstack-helm-images-gate-utils-suse_15 + post-review: true + post-run: zuul.d/playbooks/publish.yml + secrets: + - openstack_helm_images_publish_credentials diff --git a/zuul.d/libvirt.yaml b/zuul.d/libvirt.yaml index 95d2fced..f5878220 100644 --- a/zuul.d/libvirt.yaml +++ b/zuul.d/libvirt.yaml @@ -33,6 +33,12 @@ files: *libvirt-suse15-files - openstack-helm-images-libvirt-ubuntu_xenial: files: *libvirt-ubuntuxenial-files + post: + jobs: + - publish-openstack-helm-images-libvirt-suse_15: + files: *libvirt-suse15-files + - publish-openstack-helm-images-libvirt-ubuntu_xenial: + files: *libvirt-ubuntuxenial-files periodic: jobs: - openstack-helm-images-libvirt-suse_15 @@ -59,3 +65,19 @@ parent: openstack-helm-images-libvirt vars: distro: "ubuntu_xenial" + +- job: + name: publish-openstack-helm-images-libvirt-ubuntu_xenial + parent: openstack-helm-images-libvirt-ubuntu_xenial + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials + +- job: + name: publish-openstack-helm-images-libvirt-suse_15 + parent: openstack-helm-images-libvirt-suse_15 + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials diff --git a/zuul.d/mariadb.yaml b/zuul.d/mariadb.yaml index 87a85b2e..2fbdfc05 100644 --- a/zuul.d/mariadb.yaml +++ b/zuul.d/mariadb.yaml @@ -25,6 +25,10 @@ jobs: - openstack-helm-images-mariadb-ubuntu_xenial: files: *mariadb-ubuntuxenial-files + post: + jobs: + - publish-openstack-helm-images-mariadb-ubuntu_xenial: + files: *mariadb-ubuntuxenial-files periodic: jobs: - openstack-helm-images-mariadb-ubuntu_xenial @@ -44,3 +48,11 @@ parent: openstack-helm-images-mariadb vars: distro: "ubuntu_xenial" + +- job: + name: publish-openstack-helm-images-mariadb-ubuntu_xenial + parent: openstack-helm-images-mariadb-ubuntu_xenial + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials diff --git a/zuul.d/openvswitch.yaml b/zuul.d/openvswitch.yaml index c622f181..1b7391ed 100644 --- a/zuul.d/openvswitch.yaml +++ b/zuul.d/openvswitch.yaml @@ -32,6 +32,12 @@ files: *ovs-debian-files - openstack-helm-images-openvswitch-suse_15: files: *ovs-suse15-files + post: + jobs: + - publish-openstack-helm-images-openvswitch-debian: + files: *ovs-debian-files + - publish-openstack-helm-images-openvswitch-suse_15: + files: *ovs-suse15-files periodic: jobs: - openstack-helm-images-openvswitch-debian @@ -58,3 +64,19 @@ parent: openstack-helm-images-openvswitch vars: distro: "suse_15" + +- job: + name: publish-openstack-helm-images-openvswitch-debian + parent: openstack-helm-images-openvswitch-debian + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials + +- job: + name: publish-openstack-helm-images-openvswitch-suse_15 + parent: openstack-helm-images-openvswitch-suse_15 + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials diff --git a/zuul.d/playbooks/publish.yml b/zuul.d/playbooks/publish.yml new file mode 100644 index 00000000..fef5f876 --- /dev/null +++ b/zuul.d/playbooks/publish.yml @@ -0,0 +1,25 @@ +--- +- hosts: all[0] + tasks: + #TODO(evrardjp): Add quay.io support when we have the appropriate credentials. + #See also: https://review.openstack.org/#/c/624713/7/zuul.d/playbooks/publish.yml + - name: Login to Docker Hub + command: docker login -u {{ openstack_helm_images_publish_credentials.dockerhub_user }} -p {{ openstack_helm_images_publish_credentials.dockerhub_password }} + no_log: True + + - name: List unique images of this build, in the format "registry:tag id" + shell: docker images | awk '/openstackhelm/ {print $1 ":" $2 " " $3}' | uniq -f 1 + changed_when: false + register: detailed_image_list + + - name: Show found images + debug: + var: detailed_image_list.stdout_lines + + - name: Tag all images for publication to DockerHub + shell: "docker tag {{ item.split(' ')[1] }} {{ item.split(' ')[0] | regex_replace('^.*openstackhelm/(.*)$', 'openstackhelm/\\1') }}" + loop: "{{ detailed_image_list.stdout_lines }}" + + - name: Push images to Docker Hub + command: "docker push {{ item.split(' ')[0] | regex_replace('^.*openstackhelm/(.*)$', 'openstackhelm/\\1') }}" + loop: "{{ detailed_image_list.stdout_lines }}" diff --git a/zuul.d/secrets.yaml b/zuul.d/secrets.yaml new file mode 100644 index 00000000..9d77bc72 --- /dev/null +++ b/zuul.d/secrets.yaml @@ -0,0 +1,25 @@ +- secret: + name: openstack_helm_images_publish_credentials + data: + dockerhub_user: !encrypted/pkcs1-oaep + - ElBadZeuRFwbxgDHz+TOCdpaqHMAAA0E2WYnplrREC3ndO25CB0zmoBUaYMHObnykM1Yv + K/bcfWtlcj8Ucz/U8KIDPBVED7T4OqhhUeIIc+8cw5QuQ9now0ltk8S0/fdJ0qHmNypz9 + lnbhE0Ir7NPWCSHRIE61BasVcem5QPMre9rNy91rCby8r0+onHlyArRAIoxF3V5Y6DazC + DeUDw8fIYZsIfMa5/uuGLf1PW4xCyLhiOiZ0Sr0e454l68tjGGniPpYGIxnjAMKy+hwSb + dTX+wc+GP7/7XJnQJ3JcGKt5fYrGgkdzljUeMndfMuKq5WBXkH1EaT6YWJ6V7qAzQk3WN + 0QHNO80Wa4Uu8Yyyeh9HFXut5VCKLQGOObG8t7Rw75Yf4TXKdFCQKRZ/ecV7KSGFNWh5i + 4zvgxCwIcv06TX14PcqUJAC8WAWbtUXWhmVgVSPA1B8DU9o8sBVH5CqwgMg32gzQwrDdN + 8hf3ErWSPVIqtpLZ3SgsnvgUl3W43wwafxp5pMcFEvZS2iG6Ty89BukzEu/xYNEwaS/ys + nvpe+El8VBXuB2ZlgwOXyEzgSdzInibTQsLdCyHGWJ1jy+m0R48GjllCCggjAUzqL9o7e + jPPb8mfq+jHs9LJVJLYI5tRVYEd4GxoK/1c1LO5v9ixeyKj3PWWBHv54gJ6F74= + dockerhub_password: !encrypted/pkcs1-oaep + - OWlZwPHSDB5+E0dDwR9cfRpeoODFtOm6L1VztzvQYShQNce6i0iLHpJ6dUyk1HXSFG53t + hOQ++q5DHpqV8SCZIYgmcDGrw+EhIlYBINxNL94MlkPNz6YYaemAATdP1kzFmCjlQBRB5 + z2CyrTs0gTdOjAKdP1GEBQPKdllt0iw0px3il2ux5fNM2WZuc5Vs0mOXa4+OFioUMCUn7 + KBlSzuVkhYCynvZb/cKDUqsNAuu6RINv/J/OmYbSw0aUxmDHtJ//U8lFHA8YBNUVInQZV + HidTyJxBEVLrqqwQPESV1ZB1K0ydeq2rYq5ebrfnl4TyYAOH/Tegg36Tlc8dPebddPaOk + 38+9KJ25xWpVvFs/83MYxxEdLiUztv3FyxE51yd6gDZ4146l8Vc89VLdi35ce4TVsys0A + 80yfr/mi6U0xIEzhoxqaDPpAE65lQ1zFdz7/10JiZiwlgEKrzjiAKy7gYbdfnWhBz0YaA + U+qKRpWX2r+mOrsyBC6TR3fkCofai11VuL3wwJm37wNteUN9WXTWB61CoDKmuMISKwCxf + zP68/8zIekxwRuqKM9aQrqmPg7TEX/GEj7hpUTW/OO6wPktkHX+I6e+FtNTtL33TNRAbh + /MlQspgCDU2QL/2JvfkXxOwxEe143a8vEn6NMyRuQM7gpIB6yeK29bCgXcH3x8= diff --git a/zuul.d/tempest.yaml b/zuul.d/tempest.yaml index 6db31e44..ff997475 100644 --- a/zuul.d/tempest.yaml +++ b/zuul.d/tempest.yaml @@ -25,6 +25,10 @@ jobs: - openstack-helm-images-tempest-ubuntu_xenial: files: *tempest-ubuntuxenial-files + post: + jobs: + - publish-openstack-helm-images-tempest-ubuntu_xenial: + files: *tempest-ubuntuxenial-files periodic: jobs: - openstack-helm-images-tempest-ubuntu_xenial @@ -44,3 +48,11 @@ parent: openstack-helm-images-tempest vars: distro: "ubuntu_xenial" + +- job: + name: publish-openstack-helm-images-tempest-ubuntu_xenial + parent: openstack-helm-images-tempest-ubuntu_xenial + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials diff --git a/zuul.d/vbmc.yaml b/zuul.d/vbmc.yaml index c2e9061d..fcf5101e 100644 --- a/zuul.d/vbmc.yaml +++ b/zuul.d/vbmc.yaml @@ -32,6 +32,12 @@ files: *vbmc-centos7-files - openstack-helm-images-vbmc-suse_15: files: *vbmc-suse15-files + post: + jobs: + - publish-openstack-helm-images-vbmc-centos_7: + files: *vbmc-centos7-files + - publish-openstack-helm-images-vbmc-suse_15: + files: *vbmc-suse15-files periodic: jobs: - openstack-helm-images-vbmc-centos_7 @@ -55,3 +61,19 @@ parent: openstack-helm-images-vbmc vars: distro: "suse_15" + +- job: + name: publish-openstack-helm-images-vbmc-centos_7 + parent: openstack-helm-images-vbmc-centos_7 + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials + +- job: + name: publish-openstack-helm-images-vbmc-suse_15 + parent: openstack-helm-images-vbmc-suse_15 + post-run: zuul.d/playbooks/publish.yml + post-review: true + secrets: + - openstack_helm_images_publish_credentials