From 55802b5424c5cb8195735ea04a30e15d6e5b0ae6 Mon Sep 17 00:00:00 2001 From: Fabien Boucher Date: Oct 04 2019 13:26:23 +0000 Subject: [PATCH 1/2] Remove uneeded data from the fedora config project --- diff --git a/README.md b/README.md index d69095f..5378929 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,4 @@ Software Factory configuration for the Fedora project. Here are configured: -* Nodepool providers -* Nodepool images -* Zuul tenants -* Base jobs and roles for the default Zuul tenant +* Git repositories to be listened by softwarefactory-project.io's Zuul. diff --git a/containers/README b/containers/README deleted file mode 100644 index ce25a16..0000000 --- a/containers/README +++ /dev/null @@ -1,2 +0,0 @@ -# Each directory shall contains a Dockerfile -# The config-update job build those on the k1s hosts using the localhost/k1s tag prefix diff --git a/nodepool/.placeholder b/nodepool/.placeholder new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/nodepool/.placeholder diff --git a/nodepool/_local_hypervisor_openshift.yaml b/nodepool/_local_hypervisor_openshift.yaml deleted file mode 100644 index 404b62b..0000000 --- a/nodepool/_local_hypervisor_openshift.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# This file is managed by sfconfig, do not edit manually ---- diff --git a/nodepool/_local_hypervisor_runc.yaml b/nodepool/_local_hypervisor_runc.yaml deleted file mode 100644 index 7d591a2..0000000 --- a/nodepool/_local_hypervisor_runc.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# This file is managed by sfconfig, do not edit manually - -labels: - - name: runc-centos - min-ready: 2 - -providers: - - name: managed-runc-provider - driver: runc - pools: - - name: managesf.fedora.softwarefactory-project.io - max-servers: 10 - labels: - - name: runc-centos - username: zuul-worker - diff --git a/nodepool/elements/README b/nodepool/elements/README deleted file mode 100644 index 257e142..0000000 --- a/nodepool/elements/README +++ /dev/null @@ -1,5 +0,0 @@ -Customs diskimage builder elements to be used by nodepool-builder. - -Nodepool is configured to use by default (with low precedence): -* https://softwarefactory-project.io/r/software-factory/sf-elements -* git://git.openstack.org/openstack-infra/project-config/nodepool/elements diff --git a/nodepool/elements/virt-customize/README b/nodepool/elements/virt-customize/README deleted file mode 100644 index 7dfaa32..0000000 --- a/nodepool/elements/virt-customize/README +++ /dev/null @@ -1 +0,0 @@ -This is a fake element to get the script on the nodepool-builder host diff --git a/nodepool/elements/virt-customize/disk-image-create b/nodepool/elements/virt-customize/disk-image-create deleted file mode 100755 index bcc9fe1..0000000 --- a/nodepool/elements/virt-customize/disk-image-create +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/env python -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - - -import argparse -import subprocess - - -def main(): - # Fake dib interface - parser = argparse.ArgumentParser() - parser.add_argument("-x", action='store_true', help="noop") - parser.add_argument("-t", help="Image types") - parser.add_argument("--checksum", action='store_true', help="noop") - parser.add_argument("--no-tmpfs", action='store_true', help="noop") - parser.add_argument("--qemu-img-options", help="noop") - parser.add_argument("-o", help="Image output") - parser.add_argument("elements", nargs='+', help="noop") - args = parser.parse_args() - cmd = ["sudo", "ansible-playbook", "-v"] - - # The first DIB element is the playbook name - cmd.append("%s.yaml" % args.elements[0]) - - # Set the image output var - cmd.extend(["-e", "image_output=%s" % args.o]) - - # Look for image types - img_types = set(args.t.split(',')) - unsupported_types = img_types.difference(set(('raw', 'qcow2'))) - if unsupported_types: - raise RuntimeError("Unsupported type: %s" % unsupported_types) - if "raw" in img_types: - cmd.extend(["-e", "raw_type=True"]) - if "qcow2" in img_types: - cmd.extend(["-e", "qcow2_type=True"]) - - # Execute the playbook - print("Running: ", cmd) - return subprocess.Popen(cmd, cwd="/etc/nodepool/elements/virt-customize").wait() - - -if __name__ == "__main__": - exit(main()) diff --git a/nodepool/elements/virt-customize/fedora-cloud.yaml b/nodepool/elements/virt-customize/fedora-cloud.yaml deleted file mode 100644 index cb7265b..0000000 --- a/nodepool/elements/virt-customize/fedora-cloud.yaml +++ /dev/null @@ -1,148 +0,0 @@ ---- -- name: Build a fedora cloud image suitable for Zuul - hosts: localhost - vars: - image_url: "http://mirror.in2p3.fr/pub/fedora/linux/releases/30/Cloud/x86_64/images/Fedora-Cloud-Base-30-1.2.x86_64.qcow2" - image_checksum: "sha256:72b6ae7b4ed09a4dccd6e966e1b3ac69bd97da419de9760b410e837ba00b4e26" - image_cache_file: "/var/cache/nodepool/Fedora-Cloud-Base-30-1.2.x86_64.qcow2" - image_cache_dir: "/var/cache/nodepool" - image_tmp_dir: "/var/tmp/{{ image_output | basename }}" - extra_packages: - # For validate-host and prepare-workspace - - traceroute - - iproute - - git - - rsync - # Extra system tools - - pigz - - bridge-utils - - wget - - unzip - # Basic CI tools - - make - - gcc - - patch - # RPM building tools - - redhat-lsb-core - - redhat-rpm-config - - rpm-build - - rpm-sign - - rpmlint - - createrepo - - gnupg2 - - expect - - libselinux-python - # Devel libraries - - libffi-devel - - libpcap-devel - - libseccomp-devel - - libxml2-devel - - libxslt-devel - - mariadb-devel - - openldap-devel - - openssl-devel - - python-devel - - readline-devel - - ruby-devel - - systemd-devel - - zlib-devel - # Python - - PyYAML - - python-virtualenv - - python-six - # Haskell - - hlint - tasks: - - name: Ensure libvirt is started - service: - name: libvirtd - state: started - - - name: Check if image is already downloaded - stat: - path: "{{ image_cache_file }}" - get_checksum: no - register: _image_cache_file_stat - - - name: Download if checksum doesn't match - get_url: - url: "{{ image_url }}" - dest: "{{ image_cache_file }}" - checksum: "{{ image_checksum }}" - when: not _image_cache_file_stat.stat.exists - - - name: Update the cache - command: "virt-customize -m 1024 -a {{ image_cache_file }} --update" - - - name: Customize the image for zuul ci - block: - - name: Create tmp directory - file: - path: "{{ image_tmp_dir }}" - state: directory - mode: 0755 - - - name: Set filename copy fact - set_fact: - image_file: "{{ image_tmp_dir }}/{{ image_cache_file | basename }}" - - - name: Copy the image - copy: - src: "{{ image_cache_file }}" - dest: "{{ image_file }}" - remote_src: true - mode: 0644 - - - name: Prepare the sudoers file - copy: - content: | - Defaults !requiretty - zuul-worker ALL=(ALL) NOPASSWD:ALL - dest: "{{ image_tmp_dir }}/zuul" - - - name: Prepare the authorized_keys file - copy: - src: /var/lib/nodepool/.ssh/zuul_rsa.pub - dest: "{{ image_tmp_dir }}/authorized_keys" - remote_src: true - - - name: Customize the image - command: >- - virt-customize -m 1024 -a {{ image_file }} - {# Ensure zuul user exists #} - --run-command 'adduser -m zuul-worker' - {# Setup authorized_keys #} - --mkdir '/home/zuul-worker/.ssh' - --chmod '0700:/home/zuul-worker/.ssh' - --copy-in '{{ image_tmp_dir }}/authorized_keys:/home/zuul-worker/.ssh/' - --chmod '0600:/home/zuul-worker/.ssh/authorized_keys' - --run-command 'chown -R zuul-worker:zuul-worker /home/zuul-worker/.ssh/' - {# Setup sudoers file #} - --copy-in '{{ image_tmp_dir }}/zuul:/etc/sudoers.d/' - --chmod '0440:/etc/sudoers.d/zuul' - {# Install extra packages #} - --install '{{ extra_packages | join(',') }}' - {# Disable IPv6 because rdo-cloud does not route v6 #} - --append-line '/etc/sysctl.conf:net.ipv6.conf.all.disable_ipv6 = 1' - --append-line '/etc/sysctl.conf:net.ipv6.conf.default.disable_ipv6 = 1' - --append-line '/etc/sysconfig/network:IPV6INIT=no' - --append-line '/etc/sysconfig/network:IPV6_AUTOCONF=no' - --append-line '/etc/sysconfig/network:IPV6_DEFROUTE=no' - {# Ensure yum is only resolve using ipv4 #} - --append-line '/etc/yum.conf:ip_resolve=4' - {# Ensure selinux labels are correct #} - --selinux-relabel - - - name: Create raw file - command: "qemu-img convert -O raw {{ image_file }} {{ image_output }}.raw" - when: raw_type | default(False) | bool - - - name: Create qcow file - command: "mv {{ image_file }} {{ image_output }}.qcow2" - when: qcow2_type | default(False) | bool - - always: - - name: Remove tmp directory - file: - path: "{{ image_tmp_dir }}" - state: absent diff --git a/nodepool/nodepool.yaml b/nodepool/nodepool.yaml deleted file mode 100644 index 12f8370..0000000 --- a/nodepool/nodepool.yaml +++ /dev/null @@ -1,35 +0,0 @@ ---- -diskimages: - - name: cloud-fedora - username: zuul-worker - elements: - # This is a fake element to reference the playbook - - fedora-cloud - env-vars: - PATH: /etc/nodepool/elements/virt-customize:/bin:/sbin:/usr/bin:/usr/sbin - formats: - - raw - -labels: - - name: cloud-fedora - -providers: - - name: rdo-cloud - cloud: rdocloud - launch-retries: 15 - region-name: regionOne - clean-floating-ips: true - image-name-format: '{image_name}-{timestamp}' - boot-timeout: 240 - rate: 1.0 - diskimages: - - name: cloud-fedora - config-drive: true - pools: - - name: main - max-servers: 3 - labels: - - name: cloud-fedora - min-ram: 2000 - flavor-name: rdo.m1.small - diskimage: cloud-fedora diff --git a/nodepool/openshift.yaml b/nodepool/openshift.yaml deleted file mode 100644 index 64bb998..0000000 --- a/nodepool/openshift.yaml +++ /dev/null @@ -1,45 +0,0 @@ -# Uncomment to enable openshift provider -#--- -# After the provider is registered in sfconfig.yaml, grab the context name using: -# sudo -u nodepool oc config get-contexts -# -# -# To use the openshift driver, a self provisioner service account is needed: -# Request the cluster operator to create: -# oc create sa nodepool -# oc adm policy add-cluster-role-to-user self-provisioner --serviceaccount=nodepool -# oc policy add-role-to-user admin --serviceaccount=nodepool -# oc sa get-token nodepool -# Then register the token in sfconfig.yaml -# -#providers: -# - name: openshift01 -# driver: openshift -# context: self-provisioner-service-account-context-name -# pools: -# - name: zuul-ci -# labels: -# - name: openshift-project -# type: project -# - name: openshift-pod-fedora -# type: pod -# image: docker.io/fedora:28 -# -# -############################################################################### -# Or use the openshiftpods driver with a regular service account: -# oc new-project nodepool -# oc create sa nodepool -# oc policy add-role-to-user admin --serviceaccount=nodepool -# oc sa get-token nodepool -# Then register the token in sfconfig.yaml -# -#providers: -# - name: openshift01 -# driver: openshiftpods -# context: "nodepool/openshift-example-com:8443/system:serviceaccount:nodepool:nodepool" -# pools: -# - name: nodepool -# labels: -# - name: openshift-pod -# image: docker.io/fedora:28 diff --git a/nodepool/runC/_linters-packages.yaml b/nodepool/runC/_linters-packages.yaml deleted file mode 100644 index fdb5f56..0000000 --- a/nodepool/runC/_linters-packages.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# This file is managed by ansible, do not edit directly - -- name: Define linters packages fact - set_fact: - linters_pkgs: - - yamllint - - bashate - - python-flake8 - - python-tox - - traceroute - - rpm-build - - python2-coverage - - python2-pelican - - python2-sphinx - - doc8 - - ansible-lint - -- name: Install linters packages - yum: - name: "{{ linters_pkgs }}" - state: present diff --git a/nodepool/runC/customize.yaml b/nodepool/runC/customize.yaml deleted file mode 100644 index 12594f2..0000000 --- a/nodepool/runC/customize.yaml +++ /dev/null @@ -1,6 +0,0 @@ ---- -# Tasks in that files are executed on the hypervisor-oci node by the config-update -- include_tasks: _linters-packages.yaml - -# Uncomment to configure a fedora environment -- include_tasks: fedora-rootfs.yaml diff --git a/nodepool/runC/fedora-rootfs.yaml b/nodepool/runC/fedora-rootfs.yaml deleted file mode 100644 index 3378559..0000000 --- a/nodepool/runC/fedora-rootfs.yaml +++ /dev/null @@ -1,66 +0,0 @@ -- name: Set fedora version fact - set_fact: - fedora_version: 30 - target_dir: /srv/f30 - -- name: Set bwrap command fact - set_fact: - bwrap_command: "bwrap --unshare-pid --bind {{ target_dir }} / --proc /proc --dev /dev" - -- name: Extract fedora image - shell: | - set -ex - skopeo copy docker://fedora:{{ fedora_version }} dir:{{ target_dir }}-cache - mkdir -p {{ target_dir }} - tar -C {{ target_dir }} -xzf {{ target_dir }}-cache/$(python -c "import json; print(json.load(open('{{ target_dir }}-cache/manifest.json'))['layers'][0]['digest']).split(':')[1]") - cp /etc/resolv.conf /srv/f{{ fedora_version }}/etc/resolv.conf - {{ bwrap_command }} dnf install -y openssh-server - rm -Rf {{ target_dir }}-cache - args: - creates: "{{ target_dir }}/sbin/sshd" - -- name: Create sshd server keys - command: "{{ bwrap_command }} /usr/libexec/openssh/sshd-keygen rsa" - args: - creates: "{{ target_dir }}/etc/ssh/ssh_host_rsa_key" - -- name: Read host user id - command: awk -F ":" '/zuul-worker/ { print $3 }' /etc/passwd - register: _host_uid - -- name: Create zuul-worker user - command: "{{ bwrap_command }} useradd -u {{ _host_uid.stdout }} -m zuul-worker" - args: - creates: "{{ target_dir }}/home/zuul-worker" - -- name: Create /home/zuul-worker/.ssh - file: - path: "{{ target_dir }}/home/zuul-worker/.ssh" - state: directory - mode: 0700 - owner: zuul-worker - -- name: Adds ssh key - copy: - src: /var/lib/software-factory/bootstrap-data/ssh_keys/zuul_rsa.pub - dest: "{{ target_dir }}/home/zuul-worker/.ssh/authorized_keys" - owner: zuul-worker - -- name: Ensure src dir exists - file: - path: "{{ target_dir }}/home/zuul-worker/src" - state: directory - owner: zuul-worker - -- name: Install packages - command: > - {{ bwrap_command }} dnf install -y - iproute rsync git traceroute - python3-pip python3-devel - python3-tox python3-flake8 python3-ansible-lint python3-pycodestyle yamllint - python3-sphinx python3-pelican python3-jinja2 python3-coverage - rpm-build make gcc - -- name: Install pip packages - command: > - {{ bwrap_command }} pip3 install bashate doc8 diff --git a/nodepool/runc_labels.yaml b/nodepool/runc_labels.yaml deleted file mode 100644 index 194b87f..0000000 --- a/nodepool/runc_labels.yaml +++ /dev/null @@ -1,11 +0,0 @@ -labels: - - name: runc-fedora-30 - -extra-labels: - - provider: managed-runc-provider - pool: managesf.fedora.softwarefactory-project.io - labels: - # New labels - - name: runc-fedora-30 - username: zuul-worker - path: /srv/f30 diff --git a/resources/_internal.yaml b/resources/_internal.yaml index 9ecc04d..e461fd5 100644 --- a/resources/_internal.yaml +++ b/resources/_internal.yaml @@ -16,7 +16,6 @@ resources: source-repositories: - fedora-project-config: zuul/config-project: True - - fedora-zuul-jobs - zuul-jobs: connection: gerrit zuul/include: [job] diff --git a/resources/fedora.yaml b/resources/fedora.yaml index 78ff022..03fa96f 100644 --- a/resources/fedora.yaml +++ b/resources/fedora.yaml @@ -1,8 +1,8 @@ --- resources: projects: - Fedora-Packaging-Zuul: - description: A project to showcase Fedora packaging with Zuul + Fedora-Zuul-CI: + description: connection: pagure.io source-repositories: - zuul-distro-jobs: diff --git a/resources/software-factory.yaml b/resources/software-factory.yaml index 315c82b..b91b5cc 100644 --- a/resources/software-factory.yaml +++ b/resources/software-factory.yaml @@ -2,6 +2,6 @@ resources: projects: Software-Factory: - description: Software Factory related projects + description: Software Factory / Pagure related projects source-repositories: - software-factory/zuul-gateway From 170bf3e17e641e893824708b757c9f1cdcbc4376 Mon Sep 17 00:00:00 2001 From: Fabien Boucher Date: Oct 04 2019 13:26:44 +0000 Subject: [PATCH 2/2] Fix missing description sf-resources: allow-delete --- diff --git a/resources/fedora.yaml b/resources/fedora.yaml index 03fa96f..8004d27 100644 --- a/resources/fedora.yaml +++ b/resources/fedora.yaml @@ -2,7 +2,7 @@ resources: projects: Fedora-Zuul-CI: - description: + description: Zuul CI for Fedora connection: pagure.io source-repositories: - zuul-distro-jobs: