summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
13 hoursUse list form of zuul artifact returnHEADmasterJames E. Blair
This relies on the list merge behavior in https://review.openstack.org/638005 however, this will work with the current code in Zuul as long as only one artifact is returned, so a Depends-On is not necessary. Change-Id: Ie5d3a61c8cc1038f3775a3aa81e94b9b909f265a Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Workflow+1: Jeremy Stanley <fungi@yuggoth.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 19 Feb 2019 21:52:36 +0000 Reviewed-on: https://review.openstack.org/638007 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
26 hoursinstall-kubernetes: fix minikube config permissionTristan Cacqueray
It seems like new minikube changed the default minikube config permission. This change ensures the minikube config is owned by the ansible_user Change-Id: Ic1af1541fb1f32253678f989d7b62d21074514d5 Notes (review): Code-Review+2: David Shrewsbury <dshrewsb@redhat.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Workflow+1: Tobias Henkel <tobias.henkel@bmw.de> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 19 Feb 2019 15:45:39 +0000 Reviewed-on: https://review.openstack.org/637682 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
35 hoursFix build-docker-image when using buildset_registryJames E. Blair
This was incorrect ansible -- we need to run two commands here, so let's just do it as two tasks. Change-Id: I88c6382f7f41659217ae66f07d6e5d9db0bf3b38 Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: James E. Blair <corvus@inaugust.com> Workflow+1: James E. Blair <corvus@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 19 Feb 2019 00:25:13 +0000 Reviewed-on: https://review.openstack.org/637650 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
39 hoursLoad buildset_registry in intermediate pullJames E. Blair
The intermediate registry pull role is designed to be used in the same playbook as the run-buildset-registry role, which sets the buildset_registry fact. However, that fact is set on the host where the registry runs, not localhost. Theoretically we should be able to delegate setting that fact to all hosts in the inventory, plus localhost, however, that doesn't seem to work in local testing. Work around this by, once again, loading the buildset_registry fact from the zuul_return file. Change-Id: Ia16b3af8782c875e64ad5eeeeb5f107482a3e30a Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 18 Feb 2019 19:43:12 +0000 Reviewed-on: https://review.openstack.org/637603 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
4 daysUpdate docker image rolesJames E. Blair
* In the build-image role, push to the buildset registry if it is defined. * In the intermediate registry push and pull roles, ensure that the buildset registry TLS cert is in place. This is a self-signed cert, and so needs to be written for each run. This happens inside bubblewrap where we have permission to write to /etc, which is an ephemeral volume. Change-Id: I47781d8a7adb93817dfe9266e2f4ad5fd829385c Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Workflow+1: Jeremy Stanley <fungi@yuggoth.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 18 Feb 2019 17:51:48 +0000 Reviewed-on: https://review.openstack.org/637387 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
4 daysIntermediate registry: correct arg orderJames E. Blair
The --insecure-policy argument must appear before copy. Change-Id: If182405b57c026ced237bf152d323bdea6ff54b2 Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: James E. Blair <corvus@inaugust.com> Workflow+1: James E. Blair <corvus@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 16 Feb 2019 02:25:06 +0000 Reviewed-on: https://review.openstack.org/637342 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
4 daysIntermediate registry: use --insecure-policyJames E. Blair
There is no policy file available, and we aren't concerned with verifying image signatures at this point. Add this option to tell skopeo to proceed regardless. Change-Id: I15a4978ec0fb338bc05c974b0ec6a21f680c853e Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: James E. Blair <corvus@inaugust.com> Workflow+1: James E. Blair <corvus@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 16 Feb 2019 01:10:13 +0000 Reviewed-on: https://review.openstack.org/637336 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
5 daysCorrect host variable in push-to-intermediate-registryJames E. Blair
Change-Id: I4472fde0c7b35bf9b7d54e29e02c6a49280cd714 Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Workflow+1: Jeremy Stanley <fungi@yuggoth.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 15 Feb 2019 22:31:38 +0000 Reviewed-on: https://review.openstack.org/637310 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
5 daysLoad buildset registry data from zuul_returnJames E. Blair
The push-to-intermediate-registry role is meant to be used in the post playbook of a job which most likely started the buildset registry in its pre-playbook. The buildset_registry variable is returned to zuul and therefore available to child jobs, but not to further playbooks in this job. Therefore, load the variable back in to memory here. We may add this functionality directly to Zuul, in which case this can be removed later. Change-Id: I81899a9be92789fc1e5858f985eac41871b9d87a Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: James E. Blair <corvus@inaugust.com> Workflow+1: James E. Blair <corvus@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 15 Feb 2019 19:30:09 +0000 Reviewed-on: https://review.openstack.org/637245 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
5 daysFix undefined attrs in registry push/pull rolesJames E. Blair
The attribute zuul.artifacts is only present if there are artifacts. Use the empty list as default. The default for image.tags should be 'latest' to match the rest of the docker roles. Change-Id: Iff6863043e3a0311cb1c8c2ef4cd3d37ff79cce5 Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Workflow+1: Jeremy Stanley <fungi@yuggoth.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 15 Feb 2019 01:08:07 +0000 Reviewed-on: https://review.openstack.org/637072 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
6 daysEnable logging on registry/push/pull jobsJames E. Blair
This may expose credentials, but these don't work right now. Change-Id: I8b55734d17329ecc6ac9d9a9ad4189482b6c07ee Notes (review): Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Workflow+1: Clark Boylan <cboylan@sapwetik.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Thu, 14 Feb 2019 22:08:18 +0000 Reviewed-on: https://review.openstack.org/637049 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
7 daysMerge "Rework upload-forge role to use module"Zuul
8 daysMerge "Add intermediate registry push/pull roles"Zuul
8 daysAdd intermediate registry push/pull rolesJames E. Blair
Change-Id: Ie2554005f924d2736d1f1fd1c51cfd5ca9e09199 Depends-On: https://review.openstack.org/634825 Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Monty Taylor <mordred@inaugust.com> Workflow+1: Monty Taylor <mordred@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 12 Feb 2019 18:41:27 +0000 Reviewed-on: https://review.openstack.org/634829 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
11 daysRework upload-forge role to use moduleTobias Urdin
Renames the role to upload-forge because you can actually run your own Forge server if you want. This patch adds a custom module to the upload-forge role that provides the "forge_upload" module. This directly interacts with the a Forge API to upload the module. The only dependency is that the python requests module is installed. Change-Id: I5749364bd2c29ad6df866c2bd5a3584c8419f709 Notes (review): Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 13 Feb 2019 17:39:30 +0000 Reviewed-on: https://review.openstack.org/635941 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
11 daysRemove "--verbose" from yarn commandsJames E. Blair
This apparently gets passed to the subcommand, which may not support a "--verbose" argument. Change-Id: I8326403ea01f0121f6ff14c10d2cd1e4e7ca7c70 Notes (review): Code-Review+2: Monty Taylor <mordred@inaugust.com> Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Workflow+1: Clark Boylan <cboylan@sapwetik.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 08 Feb 2019 23:08:02 +0000 Reviewed-on: https://review.openstack.org/635973 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-02-05Fix ownership change in stage-outputJames E. Blair
If the stage_dir/logs directory was a symlink, Ansible would refuse to perform the chmod. However, if we tell Ansible that it is a directory, it's fine. This (perhaps curiously) does not tell Ansible to turn the symlink into a directory. It just tells it that everything is okay. Change-Id: Idbd78b97b95ce50b23dda8f384e32359d31013e3 Notes (review): Code-Review+2: Jens Harbott (frickler) <j.harbott@x-ion.de> Code-Review+2: Ian Wienand <iwienand@redhat.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 05 Feb 2019 19:58:35 +0000 Reviewed-on: https://review.openstack.org/634992 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-02-05Merge "Propose some job writing guidelines"Zuul
2019-02-05Merge "Add docker insecure registries feature"Zuul
2019-02-05Merge "upload-pypi: add option to register packages"Zuul
2019-02-04Make install-docker compatible with centosSorin Sbarnea
Allow custom docker_group which is needed on CentOS when use_upstream_docker: false as is value is 'dockeroot'. Assures that docker service is started, which is not always true with all distributions. Validates that we can talk with docker at the end. Change-Id: I993c4ac35055a2a18b5b0fb32c8b230e04b7eb87 Notes (review): Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Mohammed Naser <mnaser@vexxhost.com> Workflow+1: Mohammed Naser <mnaser@vexxhost.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 05 Feb 2019 16:11:33 +0000 Reviewed-on: https://review.openstack.org/633948 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-02-02Merge "Add role to use buildset registry"Zuul
2019-02-02Merge "Add a role to run a buildset registry"Zuul
2019-02-02Merge "stage-output: Add the ability to add .txt extensions to files"Zuul
2019-02-02Merge "Allow stage-output to copy root-owned files"Zuul
2019-02-01Add role to use buildset registryJames E. Blair
Change-Id: Ieacbd033c49afd0bac11cdb17891386c9e1d6a4b Notes (review): Code-Review+2: Monty Taylor <mordred@inaugust.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Workflow+1: Tobias Henkel <tobias.henkel@bmw.de> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 02 Feb 2019 08:12:23 +0000 Reviewed-on: https://review.openstack.org/634346 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-02-01Add a role to run a buildset registryJames E. Blair
Part of a system to interact with an intermediate registry. Change-Id: I2f4662cc587f9379e9ba3b7b705c85793a41864e Notes (review): Code-Review+2: Monty Taylor <mordred@inaugust.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Workflow+1: Tobias Henkel <tobias.henkel@bmw.de> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 02 Feb 2019 08:10:39 +0000 Reviewed-on: https://review.openstack.org/634319 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-02-01Merge "Allow different filenames for Dockerfiles"Zuul
2019-01-31stage-output: Add the ability to add .txt extensions to filesJames E. Blair
So that this can more easily work with files like '/var/log/syslog', make it so that if the user specifies "logs_txt" then the file gets a .txt extension before being placed in the logs directory. The existing extensions_to_txt variable doesn't work for this because it requires an existing extension. Change-Id: I34fea0c44030c04a5540d6b62976557143289196 Notes (review): Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Code-Review+2: Monty Taylor <mordred@inaugust.com> Workflow+1: Monty Taylor <mordred@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 02 Feb 2019 07:18:51 +0000 Reviewed-on: https://review.openstack.org/634293 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-30Allow stage-output to copy root-owned filesJames E. Blair
This makes it easier to tell stage-output to copy files such as syslog from remote nodes. Change-Id: Ica2397a50de1054f5d5ec81b54ab36fda9bdc333 Notes (review): Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Monty Taylor <mordred@inaugust.com> Workflow+1: Monty Taylor <mordred@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 02 Feb 2019 07:15:32 +0000 Reviewed-on: https://review.openstack.org/634069 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-29Block installation of requests-toolbelt 0.9.0Sean McGinnis
This release of requests-toolbelt expects pyOpenSSL to be installed for urllib3, but does not have it in its default requirements. This is being tracked in [0], so should be fixed post 0.9.0. For now, block the use of the 0.9.0 version. [0] https://github.com/requests/toolbelt/compare/0.8.0...0.9.0 Change-Id: I06445adaaeecf244f6482b6db26db58a09426489 Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com> Notes (review): Code-Review+2: James E. Blair <corvus@inaugust.com> Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Workflow+1: Clark Boylan <cboylan@sapwetik.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 29 Jan 2019 23:09:12 +0000 Reviewed-on: https://review.openstack.org/633829 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-26Update playbook paths for docker image build jobsMonty Taylor
When these were copied in from system-config, the paths to the upload and promote playbooks weren't updated. Change-Id: I9da5d7dfb980b2b7690652ee186723ee9ab64cd5 Notes (review): Code-Review+2: James E. Blair <corvus@inaugust.com> Workflow+1: James E. Blair <corvus@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Sat, 26 Jan 2019 16:41:01 +0000 Reviewed-on: https://review.openstack.org/633358 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-26Allow different filenames for DockerfilesJean-Philippe Evrard
In certain build projects, multiple Dockerfiles exist (for example, one per distro) to simplify reading. However, this role is hardwired to use dockerfiles only named "Dockerfile". This is a problem, as you can't override the filename neither per image, or globally. This should fix the problem, allowing certain images to be build by providing the dockerfile argument in docker_images, but also have a globally overridable flag if you are using a different convention (for example Dockerfile.distro_minordistroversion). Change-Id: I075c365bc9f4f85f9ada832d22d1f1e213e68e21 Notes (review): Code-Review+1: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Clint 'SpamapS' Byrum <clint@fewbar.com> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 01 Feb 2019 07:58:04 +0000 Reviewed-on: https://review.openstack.org/632979 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-24Merge "Default private_ipv4 to use public_ipv4 address when null"Zuul
2019-01-24Merge "Document upload-logs reliance on add-fileserver"Zuul
2019-01-23Apply requested tags locally for docker buildMonty Taylor
When doing the local build, go ahead and apply the tags to the local image, so that one can use the role for building local images for testing that will eventually be published with the given tag. Change-Id: I0249ddc4f9a8a2e17466f96a5711672282ce025c Notes (review): Code-Review+2: James E. Blair <corvus@inaugust.com> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Thu, 24 Jan 2019 07:36:58 +0000 Reviewed-on: https://review.openstack.org/632790 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-23Merge "Add docker image build jobs"Zuul
2019-01-23Default private_ipv4 to use public_ipv4 address when nullRonelle Landy
The static zuul driver returns only a public_ipv4 address for nodes in use. The multinode bridge role accesses the node private_ipv4 address. As such, when the private address is empty/null the role fails. This review defaults that private address so that the role uses the public address when the private address is null. Change-Id: I32fb17bae98f13f735da4d5b9a6a01e948f21678 Notes (review): Code-Review+2: Monty Taylor <mordred@inaugust.com> Code-Review+1: Tristan Cacqueray <tdecacqu@redhat.com> Code-Review+2: Ian Wienand <iwienand@redhat.com> Workflow+1: Ian Wienand <iwienand@redhat.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Thu, 24 Jan 2019 12:16:11 +0000 Reviewed-on: https://review.openstack.org/623294 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-22Document upload-logs reliance on add-fileserverJames E. Blair
Change-Id: I0e12756e1f2a876e4f44678d61d64010bee33311 Notes (review): Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Thu, 24 Jan 2019 07:36:59 +0000 Reviewed-on: https://review.openstack.org/632572 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-22Merge "Use become for packages in upload-puppetforge"Zuul
2019-01-22Pull target from item in build imageMonty Taylor
In the image building loop, the loop variable is 'item' - which is where target is located. Change-Id: I4c9e612f58c1fd92a32da1888af195f17cb821eb Notes (review): Code-Review+2: David Shrewsbury <shrewsbury.dave@gmail.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Workflow+1: Tobias Henkel <tobias.henkel@bmw.de> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 22 Jan 2019 19:47:35 +0000 Reviewed-on: https://review.openstack.org/632528 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-22Add docker image build jobsJames E. Blair
These are generic docker image build and upload jobs which use the recently added roles of the same names. With the new pass-to-parent feature, child jobs can add their own credentials to these jobs. Change-Id: I669a9e6616a031837adab8c5c5806431fcca2150 Notes (review): Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: David Shrewsbury <shrewsbury.dave@gmail.com> Workflow+1: David Shrewsbury <shrewsbury.dave@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 23 Jan 2019 15:16:46 +0000 Reviewed-on: https://review.openstack.org/632172 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-21Propose some job writing guidelinesmhuin
In order to see more consistency and good practices in zuul-jobs, suggest some guidelines regarding OS and containers support, and dealing with roles dependencies. Change-Id: Iad001766a56833094ac8703fca11559265b6f914 Notes (review): Code-Review+2: Ian Wienand <iwienand@redhat.com> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+2: Clint 'SpamapS' Byrum <clint@fewbar.com> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Code-Review+2: James E. Blair <corvus@inaugust.com> Code-Review+2: Monty Taylor <mordred@inaugust.com> Workflow+1: Monty Taylor <mordred@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 05 Feb 2019 17:14:35 +0000 Reviewed-on: https://review.openstack.org/631507 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-21Use become for packages in upload-puppetforgeTobias Urdin
The upload-puppetforge role when executed as a unprivileged user fails to install system packages and the gems in the system gem home, see failure [1]. This adds become to the calls so that it becomes the privileged user and executes these which will make them have system access like the bindep role [2]. [1] http://logs.openstack.org/61/617ffad84b633618490ca1023f8a31d9694b31a9/release/release-openstack-puppet/c6e519d/job-output.txt.gz#_2019-01-21_20_53_17_207155 [2] https://git.openstack.org/cgit/openstack-infra/zuul-jobs/tree/roles/bindep/tasks/packages.yaml#n6 Change-Id: I4f11319727a4a5694f11abad4ded69ee554326f2 Notes (review): Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Code-Review+2: Tobias Henkel <tobias.henkel@bmw.de> Code-Review+1: Jean-Philippe Evrard <jean-philippe@evrard.me> Code-Review+1: Sean McGinnis <sean.mcginnis@gmail.com> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 22 Jan 2019 20:08:54 +0000 Reviewed-on: https://review.openstack.org/632163 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-21Merge "docker: add ability to restrict repository names"Zuul
2019-01-21Use find instead of ls for determining dir emptinessMonty Taylor
ls foo/* isn't a great way to do this - but find, as is usually the case, solves all problems. Change-Id: Ic30b36ccee41e9b74e187eb3cdab0359f659a1c9 Notes (review): Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Code-Review+2: James E. Blair <corvus@inaugust.com> Code-Review+2: Jeremy Stanley <fungi@yuggoth.org> Verified+2: Monty Taylor <mordred@inaugust.com> Submitted-by: Monty Taylor <mordred@inaugust.com> Submitted-at: Mon, 21 Jan 2019 17:33:07 +0000 Reviewed-on: https://review.openstack.org/632136 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-21Fix concurrency and syntax issue in merge-output-to-logsMonty Taylor
In a multi-node job, these mv commands run in parallel which makes the second invocation weird and racy (even though there is a mv -f there) Put in run_once - we don't need to perform this more than one time, no matter how many nodes there are in the nodeset. Also, when there are actually files present, if ! $(ls work_dir/*) winds up expanding as a command to be run. Change-Id: Ia59c604d6639fab762fae5e53790da8992437587 Notes (review): Code-Review+2: Jens Harbott (frickler) <j.harbott@x-ion.de> Code-Review+2: Paul Belanger <pabelanger@redhat.com> Workflow+1: Monty Taylor <mordred@inaugust.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 21 Jan 2019 16:14:55 +0000 Reviewed-on: https://review.openstack.org/632092 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-18Set ANSIBLE_ACTION_PLUGINS for lintersPaul Belanger
The zuul_return plugin was recently converted to an action plugin, make sure we also export that path for ansible-lint. Change-Id: I9e497ef4258753d4d305f8caab6d47e469a38ccd Signed-off-by: Paul Belanger <pabelanger@redhat.com> Notes (review): Code-Review+2: James E. Blair <corvus@inaugust.com> Code-Review+2: Clark Boylan <cboylan@sapwetik.org> Workflow+1: Clark Boylan <cboylan@sapwetik.org> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 18 Jan 2019 23:24:31 +0000 Reviewed-on: https://review.openstack.org/631897 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-18docker: add ability to restrict repository namesJames E. Blair
This allows us to construct a job which allows users to pass in a secret (via pass-to-parent) which includes not only the user/pass, but also a restriction for what docker image repositories may be accessed using that user/pass. This allows an operator to create one credential, and then use that credential in multiple secrets for multiple projects, each with a distinct restriction on where images may be uploaded. Change-Id: I7a3cf97a16d34c76df8601990954e1f2b0e498f5 Notes (review): Code-Review+2: Monty Taylor <mordred@inaugust.com> Code-Review+2: Andreas Jaeger <jaegerandi@gmail.com> Workflow+1: Andreas Jaeger <jaegerandi@gmail.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 21 Jan 2019 18:15:29 +0000 Reviewed-on: https://review.openstack.org/631848 Project: openstack-infra/zuul-jobs Branch: refs/heads/master
2019-01-18Merge "Fix upload-puppetforge role"Zuul