--- /dev/null
+---
+# This playbook should only be run against a teuthology host or a machine inside the Sepia test lab that can lock testnodes.
+# See ceph-cm-ansible/README.rst
+
+- hosts: all
+ become: true
+ user: cm
+ vars:
+ - jenkins_user: 'jenkins-build'
+ # jenkins API credentials:
+ - api_user: 'ceph-jenkins'
+ - token: '{{ token }}'
+ - api_uri: 'https://jenkins.ceph.com'
+ - jenkins_credentials_uuid: '39fa150b-b2a1-416e-b334-29a9a2c0b32d'
+ - nodename: 'teuthology'
+ - labels: 'teuthology'
+
+ tasks:
+ - name: "create a {{ jenkins_user }} user"
+ user:
+ name: "{{ jenkins_user }}"
+ append: yes
+ comment: "Jenkins Build Slave User"
+
+ - name: "create a {{ jenkins_user }} home directory"
+ file:
+ path: "/home/{{ jenkins_user }}/"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: Create .ssh directory
+ file:
+ path: "/home/{{ jenkins_user }}/.ssh"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: set the authorized keys
+ authorized_key:
+ user: "{{ jenkins_user }}"
+ key: "{{ lookup('file', 'files/ssh/keys/jenkins_build.pub') }}"
+
+ - name: Write ~/.ssh/config
+ blockinfile:
+ path: "/home/{{ jenkins_user }}/.ssh/config"
+ create: yes
+ block: |
+ Host *
+ StrictHostKeyChecking no
+ UserKnownHostsFile=/dev/null
+
+ - name: set utf-8 for LC_ALL
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LC_ALL='
+ line: "export LC_ALL=en_US.UTF-8"
+ create: true
+ state: present
+
+ - name: set utf-8 for LANG
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LANG='
+ line: "export LANG=en_US.UTF-8"
+
+ - name: set utf-8 for LANGUAGE
+ lineinfile:
+ dest: "/home/{{ jenkins_user }}/.bashrc"
+ regexp: '^export LANGUAGE='
+ line: "export LANGUAGE=en_US.UTF-8"
+
+ - name: ensure the build dir exists
+ file:
+ path: "/home/{{ jenkins_user }}/build"
+ state: directory
+ owner: "{{ jenkins_user }}"
+
+ - name: ensure the home dir has the right owner permissions
+ file:
+ path: "/home/{{ jenkins_user }}"
+ state: directory
+ owner: "{{ jenkins_user }}"
+ group: "{{ jenkins_user }}"
+ recurse: yes
+
+ - name: ensure the gitconfig file exists
+ shell: printf "[user]\name=Ceph CI\nemail=ceph-release-team@redhat.com\n" > /home/{{ jenkins_user }}/.gitconfig
+
+ - name: ensure the gitconfig file has right permissions
+ file:
+ path: "/home/{{ jenkins_user }}/.gitconfig"
+ owner: "{{ jenkins_user }}"
+
+ - name: install six, latest one
+ pip:
+ name: six
+ state: latest
+
+ - name: install python-jenkins
+ # https://review.openstack.org/460363
+ pip:
+ name: python-jenkins
+ version: 0.4.15
+
+ - name: add github.com host key
+ known_hosts:
+ path: '/etc/ssh/ssh_known_hosts'
+ # we need to use 'host' here because prado currently uses ansible-playbook==1.9.1
+ host: 'github.com'
+ # github.com.pub is the output of `ssh-keyscan github.com`
+ key: "{{ lookup('file', 'files/ssh/hostkeys/github.com.pub') }}"
+
+ - name: register the new slave to jenkins master with jnlp
+ jenkins_node:
+ username: "{{ api_user }}"
+ uri: "{{ api_uri }}"
+ password: "{{ token }}"
+ # relies on a convention to set a unique name that allows a reverse
+ # mapping from Jenkins back to whatever service created the current
+ # node
+ name: "{{ ansible_default_ipv4.address }}+{{ nodename }}"
+ labels: "{{ labels }}"
+ host: "{{ ansible_default_ipv4.address }}"
+ credentialsId: "{{ jenkins_credentials_uuid }}"
+ launcher: 'hudson.slaves.JNLPLauncher'
+ remoteFS: '/home/{{ jenkins_user }}/build'
+ # XXX this should be configurable, not all nodes should have one executor
+ executors: '{{ executors|default(1) }}'
+ exclusive: true
+
+ - name: Download slave.jar
+ get_url:
+ url: "{{ api_uri }}/jnlpJars/slave.jar"
+ dest: "/home/{{ jenkins_user }}/slave.jar"
+ force: yes
+
+ - name: install the systemd unit file for jenkins
+ template:
+ src: "templates/systemd/jenkins.service.j2"
+ dest: "/etc/systemd/system/jenkins.service"
+
+ - name: start jenkins service
+ service:
+ name: jenkins
+ state: started
+ enabled: yes
--- /dev/null
+ceph-cm-ansible-prs
+===================
+
+This job tests changes to the ceph-cm-ansible_ repo. It locks one testnode per machine type **and** distro and runs the ``ansible_managed`` and ``testnodes`` playbooks.
+
+Prerequisites
+-------------
+
+These steps should only have to be performed when a new teuthology host is being set up but it's good to have documented.
+
+#. Run the ``ansible/examples/slave_teuthology.yml`` playbook against the teuthology host.
+
+#. As the ``jenkins-build`` user on the teuthology host, generate a new RSA SSH key (``ssh-keygen -t rsa``).
+
+#. Copy the public key to jenkins-build.pub_ in the keys repo. (This is so the jenkins-build user can ssh to testnodes and VPSHOSTs)
+
+#. Copy/create ``/home/jenkins-build/.config/libvirt/libvirt.conf`` so the jenkins-build user can downburst VPSes.
+
+#. Run the ceph-cm-ansible_ ``users`` playbook against VPSHOSTs so the jenkins-build pubkey is added to the ubuntu user's authorized_keys on the VPSHOSTs.
+
+**NOTE:** This job also relies on:
+
+- teuthology.yaml_ -- If the job is being run on the teuthology host, this should already be in place at ``/etc/teuthology.yaml``.
+- ceph-sepia-secrets_ -- If the job is being run on a teuthology host, ``/etc/ansible`` should already be symlinked to a ceph-sepia-secrets checkout.
+
+.. _ceph-cm-ansible: https://github.com/ceph/ceph-cm-ansible
+.. _jenkins-build.pub: https://github.com/ceph/keys/blob/master/ssh/jenkins-build.pub
+.. _teuthology.yaml: http://docs.ceph.com/teuthology/docs/siteconfig.html
+.. _ceph-sepia-secrets: https://github.com/ceph/ceph-sepia-secrets/
--- /dev/null
+#!/bin/bash
+# NOTE: Commented code was my attempt at creating this as a matrix job.
+# I couldn't get the child jobs to share the same checkout/venv of teuthology
+# so I left the code in place in case I (or somebody else) wants to take a
+# crack at it in the future.
+
+set -ex
+
+# Clone or update teuthology
+if [ ! -d teuthology ]; then
+ git clone https://github.com/ceph/teuthology
+ cd teuthology
+else
+ cd teuthology
+ git pull
+fi
+
+# Bootstrap teuthology
+./bootstrap
+
+cd $WORKSPACE
+
+# Clone or update teuthology
+if [ ! -d downburst ]; then
+ git clone https://github.com/ceph/downburst
+ cd downburst
+else
+ cd downburst
+ git pull
+fi
+
+# Bootstrap downburst
+./bootstrap
+
+# Activate our virtualenv containing teuthology and ansible
+source $WORKSPACE/teuthology/virtualenv/bin/activate
+
+# Add downburst to path
+PATH=$PATH:$WORKSPACE/downburst/virtualenv/bin
+
+#if [ $DISTRO == "xenial" ]; then
+# DISTRO="ubuntu"
+# DISTRO_VERSION="16.04"
+#elif [ $DISTRO == "trusty" ]; then
+# DISTRO="ubuntu"
+# DISTRO_VERSION="14.04"
+#elif [ $DISTRO == "centos" ]; then
+# DISTRO="centos"
+# DISTRO_VERSION="7.3"
+#else
+# echo "Unknown distro: $DISTRO"
+# exit 1
+#fi
+
+# Don't bail since we'll almost certainly not lock every machine/os type on the first try
+set +e
+
+for machine_type in smithi mira vps; do
+ LOCK_TRUSTY_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type ubuntu --os-version 14.04"
+ LOCK_XENIAL_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type ubuntu --os-version 16.04"
+ LOCK_CENTOS_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type centos --os-version 7.3"
+ $LOCK_TRUSTY_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_TRUSTY_CMD; done
+ $LOCK_XENIAL_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_XENIAL_CMD; done
+ $LOCK_CENTOS_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_CENTOS_CMD; done
+done
+
+#LOCK_CMD="teuthology-lock --lock-many 1 --machine-type $MACHINE_TYPE --os-type $DISTRO --os-version $DISTRO_VERSION"
+#
+## Keep trying to lock a machine
+#$LOCK_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_CMD; done
+
+set -e
+
+locked_machines=$(teuthology-lock --brief | awk '{ print $1 }' | paste -sd "," -)
+#locked_machines=$(teuthology-lock --brief --machine-type $MACHINE_TYPE --os-type $DISTRO --os-version $DISTRO_VERSION | awk '{ print $1 }' | paste -sd "," -)
+
+cd $WORKSPACE/ceph-cm-ansible
+
+# Erase line about the vault password since testnodes don't need any secrets
+sed -i '/vault_password_file/d' ./ansible.cfg
+
+ansible-playbook -vv ansible_managed.yml --limit=\"$locked_machines\"
+#ansible-playbook -vvv ansible_managed.yml --limit=\"$locked_machine\"
+
+ansible-playbook -vv testnodes.yml -e ansible_ssh_user=ubuntu --limit=\"$locked_machines\"
+#ansible-playbook -vvv testnodes.yml -e ansible_ssh_user=ubuntu --limit=\"$locked_machine\"
+
+teuthology-lock --unlock -t <(teuthology-lock --list-targets)
+#teuthology-lock --unlock $locked_machine
--- /dev/null
+- scm:
+ name: ceph-cm-ansible
+ scm:
+ - git:
+ url: https://github.com/ceph/ceph-cm-ansible
+ branches:
+ - ${sha1}
+ refspec: +refs/pull/*:refs/remotes/origin/pr/*
+ browser: auto
+ timeout: 20
+ basedir: "ceph-cm-ansible"
+ skip-tag: true
+ wipe-workspace: true
+
+- job:
+ name: ceph-cm-ansible-pull-requests
+ description: Tests changes to ceph-cm-ansible testnode playbook
+ project-type: freestyle
+# project-type: matrix
+ node: teuthology
+ block-downstream: false
+ block-upstream: false
+ defaults: global
+ display-name: 'ceph-cm-ansible: Pull Requests'
+ quiet-period: 5
+# execution-strategy:
+# sequential: false
+# axes:
+# - axis:
+# type: user-defined
+# name: MACHINE_TYPE
+# values:
+# - smithi
+# - mira
+# - vps
+# - axis:
+# type: user-defined
+# name: DISTRO
+# values:
+# - trusty
+# - xenial
+# - centos
+# - axis:
+# type: label-expression
+# name: teuthology
+# values:
+# - teuthology
+
+ logrotate:
+ daysToKeep: 14
+
+ properties:
+ - github:
+ url: https://github.com/ceph/ceph-cm-ansible/
+
+ parameters:
+ - string:
+ name: sha1
+ description: "A pull request ID, like 'origin/pr/72/head'"
+
+ triggers:
+ - github-pull-request:
+ admin-list:
+ - djgalloway
+ - zmc
+ org-list:
+ - ceph
+ only-trigger-phrase: false
+ github-hooks: true
+ permit-all: true
+ auto-close-on-fail: false
+
+ scm:
+ - ceph-cm-ansible
+
+ builders:
+ - shell:
+ !include-raw:
+ - ../../../scripts/build_utils.sh
+ - ../../build/build
+#
+# wrappers:
+# - pre-scm-buildstep:
+# - shell:
+# !include-raw: ../../build/setup
projects / ceph-build.git / commitdiff