310 lines
10 KiB
YAML
310 lines
10 KiB
YAML
---
|
|
- name: Ensure logs directory exists
|
|
file:
|
|
path: '{{ workspace }}/logs'
|
|
state: directory
|
|
|
|
- name: Set ci_branch for building containers check jobs
|
|
include_tasks: set_ci_branch.yml
|
|
|
|
- name: Set facts for kolla-build.conf
|
|
set_fact:
|
|
push_registry: "{{ push_registry | default('127.0.0.1:8787') }}"
|
|
push_containers: "{{ push_containers | default(false) | bool }}"
|
|
container_config: ""
|
|
|
|
- name: Set arch_tag fact
|
|
set_fact:
|
|
# NOTE(mjturek): Push old style tag for x86_64 first to maintain compatibility.
|
|
arch_tag: "{{ '_' + ansible_architecture if ansible_architecture != 'x86_64' else ''}}"
|
|
|
|
- name: Check the contents of the openstack_repo_name repo
|
|
become: true
|
|
shell: >
|
|
set -o pipefail &&
|
|
cat /etc/yum.repos.d/{{ openstack_repo_name }}.repo |grep -o 'baseurl=' |wc -l
|
|
register: number_baseurl_lines
|
|
when: buildcontainers_version_hash is not defined
|
|
|
|
- name: Use baseurl if there is only one
|
|
when:
|
|
- buildcontainers_version_hash is not defined
|
|
- number_baseurl_lines.stdout|int == 1
|
|
block:
|
|
- name: Get contents of openstack repo baseurl for the version hash
|
|
become: true
|
|
shell: >
|
|
set -o pipefail &&
|
|
cat /etc/yum.repos.d/{{ openstack_repo_name }}.repo |awk -F= '/baseurl/ {print $2}'
|
|
register: baseurl
|
|
|
|
- name: Set version_hash fact
|
|
set_fact:
|
|
version_hash: "{{ baseurl.stdout.split('/')[-1] }}"
|
|
|
|
- name: Use the md5sum if there is more than one baseurl line
|
|
when:
|
|
- buildcontainers_version_hash is not defined
|
|
- number_baseurl_lines.stdout|int > 1
|
|
block:
|
|
- name: Get contents of openstack repo baseurl for the version hash
|
|
become: true
|
|
shell: md5sum /etc/yum.repos.d/{{ openstack_repo_name }}.repo | awk '{print $1}'
|
|
register: md5sum_repo
|
|
|
|
- name: Set version_hash fact
|
|
set_fact:
|
|
version_hash: "{{ md5sum_repo.stdout }}"
|
|
|
|
- name: Set version_hash fact if buildcontainers_version_hash is defined
|
|
set_fact:
|
|
version_hash: "{{ buildcontainers_version_hash }}"
|
|
when: buildcontainers_version_hash is defined
|
|
|
|
# collectd tries to disable epel and epel-modular repository, which doesn't
|
|
# exist, and so fail, this is just a dummy repository so the container won't
|
|
# fail.
|
|
- name: Add dummy epel and epel-module repository
|
|
become: true
|
|
when:
|
|
- ansible_pkg_mgr == "dnf"
|
|
- ansible_distribution|lower == "redhat"
|
|
yum_repository:
|
|
name: "{{ item }}"
|
|
description: Dummy epel repository
|
|
file: delorean_epel_dummy
|
|
baseurl: https://download.fedoraproject.org/pub/epel/$releasever/$basearch/
|
|
enabled: false
|
|
with_items:
|
|
- epel
|
|
- epel-modular
|
|
|
|
- name: grab kolla patch rhel8
|
|
when:
|
|
- ansible_pkg_mgr == "dnf"
|
|
- ansible_distribution|lower == "redhat"
|
|
- zuul_internal is undefined
|
|
shell: |
|
|
set -euxo pipefail
|
|
git config --global user.email "zuul@openstack.org"
|
|
git config --global user.name "Zuul"
|
|
git remote add upstream https://review.opendev.org/openstack/kolla
|
|
git ls-remote https://review.opendev.org/openstack/kolla | \
|
|
grep -E refs/changes/[[:digit:]]+/{{ kolla_rhel8_patch[branch_override|default('master')] }}/ | \
|
|
awk '{print $2}' | \
|
|
sort -t / -k 5 -g -r | \
|
|
head -1 | \
|
|
xargs -I{} git fetch https://review.opendev.org/openstack/kolla {} && \
|
|
git checkout -b rhel8 FETCH_HEAD
|
|
# Look for Kolla changes running in check queue and if present then
|
|
# set the git_rebase branch as kolla change as are already clonned and
|
|
# can be grabbed from zuul.ref var otherwise use master.
|
|
git_rebase_branch={{ branch_override|default('master') }}
|
|
{% if zuul.ref is defined and zuul.ref and zuul.pipeline in ['check', 'openstack-check'] %}
|
|
found=$(git ls-remote https://review.opendev.org/openstack/kolla | grep {{ zuul.ref }} || true);
|
|
echo $found;
|
|
if [[ -n "$found" ]] ; then
|
|
git_rebase_branch={{ zuul.ref }}
|
|
fi
|
|
{% endif %}
|
|
git pull --rebase upstream $git_rebase_branch
|
|
|
|
args:
|
|
chdir: "{{ openstack_git_root }}/kolla"
|
|
warn: false
|
|
register: result
|
|
changed_when: "'nothing to commit, working directory clean' not in result.stdout_lines"
|
|
|
|
|
|
- include_tasks: venv_setup.yml
|
|
when: buildcontainers_venv is defined and buildcontainers_venv
|
|
|
|
- include_tasks: package_setup.yml
|
|
when: buildcontainers_venv is defined and not buildcontainers_venv
|
|
|
|
# TODO(aschultz): make the kolla-build branch aware
|
|
- name: Generate kolla-build.conf
|
|
template:
|
|
src: templates/kolla-build.conf.j2
|
|
dest: "{{ workspace }}/kolla-build.conf"
|
|
mode: 0644
|
|
force: true
|
|
|
|
- name: Set container cli
|
|
set_fact:
|
|
container_cli: "{% if use_buildah|bool %}buildah{% else %}docker{% endif %}"
|
|
cacheable: true
|
|
|
|
- name: Set --config-file for component-ci if component_ci_containers is specified
|
|
set_fact:
|
|
container_config: "--config-file {{ component_ci_configs[component_ci_containers] }}"
|
|
when: component_ci_containers != ""
|
|
|
|
- name: build base rhel container
|
|
block:
|
|
- name: create docker-build dir
|
|
file:
|
|
path: /tmp/base-build
|
|
state: directory
|
|
|
|
- name: create docker-build repos dir
|
|
file:
|
|
path: /tmp/base-build/repos
|
|
state: directory
|
|
|
|
- name: Move delorean repos to base build
|
|
become: true
|
|
shell:
|
|
cmd: |
|
|
{% if zuul_internal is defined %}
|
|
cp /etc/yum.repos.d/* /tmp/base-build/repos/
|
|
{% else %}
|
|
cp /etc/yum.repos.d/delorean* /tmp/base-build/repos/
|
|
{% endif %}
|
|
chown -R {{ ansible_user }}: /tmp/base-build/repos/*
|
|
|
|
- name: render dockerfile zuul_internal
|
|
when: zuul_internal is defined
|
|
template:
|
|
src: templates/Dockerfile_redhat.j2
|
|
dest: /tmp/base-build/Dockerfile
|
|
|
|
- name: create base container with repos from rhel container
|
|
shell:
|
|
cmd: |
|
|
set -x
|
|
sudo buildah --debug bud -t {{ kolla_base_image }}:{{ kolla_base_tag }} . \
|
|
2>&1 {{ timestamper_cmd }} > {{ workspace }}/build-rhel-base.log
|
|
args:
|
|
chdir: /tmp/base-build
|
|
when:
|
|
- ansible_distribution|lower == "redhat"
|
|
- kolla_base_image is defined
|
|
- kolla_base_tag is defined
|
|
|
|
- name: Make sure authfile exists
|
|
when: buildcontainers_authfile_path is defined
|
|
block:
|
|
- name: Check for authfile
|
|
stat:
|
|
path: '{{ buildcontainers_authfile_path }}'
|
|
register: authfile_exist
|
|
|
|
- name: Make sure autfile exists
|
|
assert:
|
|
that:
|
|
- authfile_exist.stat.exists | bool
|
|
|
|
- name: Generate tcib extra config file
|
|
copy:
|
|
dest: "{{ workspace }}/extra_config.yaml"
|
|
content: |
|
|
{{ tcib_extra_config | to_nice_yaml }}
|
|
|
|
- name: Generate kolla building script
|
|
template:
|
|
src: templates/kolla-build.sh.j2
|
|
dest: "{{ workspace }}/build_containers.sh"
|
|
mode: 0777
|
|
force: true
|
|
when: use_kolla | default(true)
|
|
|
|
- name: Generate tripleo building script
|
|
template:
|
|
src: templates/tripleo-build.sh.j2
|
|
dest: "{{ workspace }}/build_containers.sh"
|
|
mode: 0777
|
|
force: true
|
|
when: not use_kolla | default(true)
|
|
|
|
|
|
- name: "Run image build as ansible user > {{ workspace }}/logs/build.log"
|
|
args:
|
|
chdir: '{{ workspace }}'
|
|
shell: set -o pipefail && bash build_containers.sh 2>&1 {{ timestamper_cmd }} > {{ workspace }}/logs/build.log
|
|
when:
|
|
- ansible_distribution|lower != "redhat"
|
|
|
|
- name: "Run image build as root > {{ workspace }}/logs/build.log"
|
|
args:
|
|
chdir: '{{ workspace }}'
|
|
shell: set -o pipefail && bash build_containers.sh 2>&1 {{ timestamper_cmd }} > {{ workspace }}/logs/build.log
|
|
when:
|
|
- ansible_distribution|lower == "redhat"
|
|
become: true
|
|
|
|
# Workaround for https://bugs.launchpad.net/tripleo/+bug/1916742 as buildah is throwing warnings
|
|
- name: Check if "/usr/share/containers/libpod.conf" exists.
|
|
become: true
|
|
stat: path=/usr/share/containers/libpod.conf
|
|
register: libpod_conf_file_stat
|
|
|
|
- name: "Move /usr/share/containers/libpod.conf to /usr/share/containers/libpod.conf_backup"
|
|
become: true
|
|
command: mv /usr/share/containers/libpod.conf /usr/share/containers/libpod.conf_backup
|
|
when: libpod_conf_file_stat.stat.exists
|
|
|
|
- name: Retrieve built images # noqa risky-shell-pipe
|
|
shell: "{{ container_cli }} images | grep {{ container_name_prefix }} | awk '{ print $1 }'"
|
|
register: built_images
|
|
become: true
|
|
changed_when: false
|
|
|
|
- name: Retag and push x86_64 images
|
|
when:
|
|
- ansible_architecture == "x86_64"
|
|
- push_containers | bool
|
|
- not push_containers_podman | default(false) | bool
|
|
block:
|
|
- name: Disable HTTPS and certificates to access registry (buildah)
|
|
set_fact:
|
|
container_cli_opt: '--tls-verify=false'
|
|
when: use_buildah | bool
|
|
- name: Tag images
|
|
vars:
|
|
image: "{{ item }}"
|
|
include: tag.yaml
|
|
static: false
|
|
with_items: "{{ built_images.stdout_lines }}"
|
|
become: true
|
|
|
|
- name: Run registry
|
|
when:
|
|
- job.provider_job|default(false)|bool
|
|
block:
|
|
- name: Run registry
|
|
shell: >-
|
|
$(command -v docker || command -v podman) run -d \
|
|
-e REGISTRY_HTTP_ADDR=0.0.0.0:{{ provider_registry_port }} \
|
|
-p {{ provider_registry_port }}:{{ provider_registry_port }} \
|
|
--name registry {{ container_registry_image }}
|
|
changed_when: true
|
|
rescue:
|
|
- name: Run registry (rescue)
|
|
shell: >-
|
|
$(command -v docker || command -v podman) run -d \
|
|
-e REGISTRY_HTTP_ADDR=0.0.0.0:{{ provider_registry_port }} \
|
|
-p {{ provider_registry_port }}:{{ provider_registry_port }} \
|
|
--name registry quay.rdoproject.org/ceph/registry:2
|
|
changed_when: true
|
|
become: true
|
|
|
|
- name: Populate provider registry
|
|
when:
|
|
- job.provider_job|default(false)|bool
|
|
block:
|
|
- name: Open ports
|
|
command: iptables -I INPUT -p tcp --dport 5001 -j ACCEPT
|
|
changed_when: true
|
|
- name: Disable HTTPS and certificates to access registry (buildah)
|
|
set_fact:
|
|
container_cli_opt: '--tls-verify=false'
|
|
when: use_buildah | bool
|
|
- name: Retag and push images to provider registry
|
|
vars:
|
|
image: "{{ item }}"
|
|
include: provider_push.yaml
|
|
static: false
|
|
with_items: "{{ built_images.stdout_lines }}"
|
|
become: true
|