- job:
name: system-config-run
description: |
Run the "base" playbook for system-config hosts.
This is a parent job designed to be inherited.
abstract: true
pre-run: playbooks/zuul/run-base-pre.yaml
run: playbooks/zuul/run-base.yaml
post-run: playbooks/zuul/run-base-post.yaml
vars:
install_ansible_ara_enable: true
zuul_copy_output: "{{ copy_output | combine(host_copy_output | default({})) }}"
stage_dir: "{{ ansible_user_dir }}/zuul-output"
copy_output:
'/var/log/syslog': logs_txt
'/var/log/messages': logs_txt
'/var/log/docker': logs
'/var/log/containers': logs
'/var/log/dstat-csv.log': logs
'/etc/iptables/rules.v4': logs_txt
'/etc/iptables/rules.v6': logs_txt
host-vars:
bridge.openstack.org:
host_copy_output:
'{{ zuul.project.src_dir }}/junit.xml': logs
'{{ zuul.project.src_dir }}/test-results.html': logs
'{{ zuul.project.src_dir }}/inventory/base/gate-hosts.yaml': logs
'/var/log/screenshots': logs
# Note: the following two jobs implement the variant-based multiple
# inheritance trick. Both of these variants will always apply,
# therefore both parents will appear in the inheritance hierarchy).
- job:
name: system-config-run-containers
parent: system-config-run
# Note: see above re multiple-inheritance.
- job:
name: system-config-run-containers
parent: opendev-buildset-registry-consumer
description: |
Run the "base" playbook for system-config hosts which use
containers.
This is a parent job designed to be inherited. Use this job if
the service in question is container-based. It expects a
buildset registry and pulls images from the intermediate
registry.
- job:
name: system-config-run-base
parent: system-config-run
description: |
Run the "base" playbook on each of the node types
currently in use.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: xenial
label: ubuntu-xenial
- name: bionic
label: ubuntu-bionic
- name: focal
label: ubuntu-focal
files:
- tox.ini
- playbooks/
- roles/
- testinfra/
- job:
name: system-config-run-base-ansible-devel
parent: system-config-run-base
description: |
Run the base playbook with the latest ansible.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-focal
- name: xenial
label: ubuntu-xenial
- name: bionic
label: ubuntu-bionic
- name: focal
label: ubuntu-focal
required-projects:
- name: github.com/ansible/ansible
override-checkout: devel
- name: github.com/pytest-dev/pytest-testinfra
- name: openstack/openstacksdk
- name: github.com/ansible-collections/ansible.posix
override-checkout: main
- name: github.com/ansible-collections/ansible.netcommon
override-checkout: main
- name: github.com/ansible-collections/community.crypto
override-checkout: main
- name: github.com/ansible-collections/community.general
override-checkout: main
- name: github.com/ansible-community/ara
vars:
bridge_ansible_name: '{{ ansible_user_dir}}/src/github.com/ansible/ansible'
bridge_ansible_version: null
bridge_openstacksdk_name: '{{ ansible_user_dir }}/src/opendev.org/openstack/openstacksdk'
bridge_openstacksdk_version: null
bridge_ara_name: '{{ ansible_user_dir}}/src/github.com/ansible-community/ara[server]'
bridge_ara_version: null
# Although we don't have an arm64 based bridge; Zuul can't currently
# allocate a mixed x86/arm64 situation across clouds. Thus it helps
# to keep this clean so we can run the other tests.
- job:
name: system-config-run-base-arm64
parent: system-config-run
description: |
Run the "base" playbook on ARM64.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic-arm64
- name: bionic
label: ubuntu-bionic-arm64
- name: focal
label: ubuntu-focal-arm64
files:
- playbooks/
- roles/
- testinfra/
- job:
name: system-config-run-eavesdrop
parent: system-config-run-containers
description: |
Run the playbook for an eavesdrop server.
required-projects:
- opendev/system-config
- openstack/project-config
requires:
- accessbot-container-image
- gerritbot-container-image
- statusbot-container-image
- ircbot-container-image
- matrix-eavesdrop-container-image
- ptgbot-container-image
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: eavesdrop01.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-eavesdrop.yaml
host-vars:
eavesdrop01.opendev.org:
host_copy_output:
'/var/lib/limnoria': logs
'/var/log/apache2': logs
'/var/log/acme.sh': logs
'/etc/apache2': logs
'/var/log/statusbot': logs
'/etc/statusbot': logs
files:
- playbooks/service-eavesdrop.yaml
- playbooks/run-accessbot.yaml
- inventory/service/group_vars/eavesdrop.yaml
- playbooks/roles/install-docker
- playbooks/roles/accessbot
- playbooks/roles/limnoria
- playbooks/roles/logrotate
- playbooks/roles/matrix-eavesdrop
- playbooks/roles/matrix-gerritbot
- playbooks/roles/statusbot
- playbooks/roles/ptgbot
- playbooks/zuul/templates/group_vars/eavesdrop.yaml.j2
- docker/accessbot/
- docker/ircbot
- docker/matrix-eavesdrop
- testinfra/test_eavesdrop.py
- job:
name: system-config-run-letsencrypt
parent: system-config-run
description: |
Run the playbook for letsencrypt key acquisition
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: adns-letsencrypt.opendev.org
label: ubuntu-bionic
- name: letsencrypt01.opendev.org
label: ubuntu-bionic
- name: letsencrypt02.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-nameserver.yaml
- playbooks/letsencrypt.yaml
# Make sure this test runs acme.sh
letsencrypt_self_generate_tokens: False
host-vars:
bridge.openstack.org:
host_copy_output:
'/var/lib/certcheck': logs
letsencrypt01.opendev.org:
host_copy_output:
'/var/log/acme.sh': logs
letsencrypt02.opendev.org:
host_copy_output:
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- inventory/service/group_vars/letsencrypt.yaml
# This is split because we ant to avoid
# ...create-certs/handlers/main.yaml matching since every
# letsencrypt user has its handler in there. re2 matching
# doesn't provide us a way to say "everything but this file"
- playbooks/roles/letsencrypt-acme-sh-install
- playbooks/roles/letsencrypt-config-certcheck
- playbooks/roles/letsencrypt-create-certs/defaults
- playbooks/roles/letsencrypt-create-certs/handlers/restart_apache.yaml
- playbooks/roles/letsencrypt-create-certs/handlers/touch_file.yaml
- playbooks/roles/letsencrypt-create-certs/tasks
- playbooks/roles/letsencrypt-install-txt-record
- playbooks/roles/letsencrypt-request-certs
- job:
name: system-config-run-lists
parent: system-config-run
description: |
Run the playbook for a list server.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: lists.openstack.org
label: ubuntu-focal
- name: lists.katacontainers.io
label: ubuntu-focal
required-projects:
- opendev/system-config
files:
- playbooks/install-ansible.yaml
- inventory/service/host_vars/lists.openstack.org.yaml
- inventory/service/host_vars/lists.katacontainers.io.yaml
- inventory/service/group_vars/mailman.yaml
- playbooks/roles/base/exim
- playbooks/roles/mailman
- playbooks/service-lists.yaml
- playbooks/zuul/templates/host_vars/lists.openstack.org.yaml.j2
- playbooks/zuul/templates/host_vars/lists.katacontainers.io.yaml.j2
- testinfra/test_lists_k_i.py
- testinfra/test_lists_o_o.py
vars:
run_playbooks:
- playbooks/service-lists.yaml
# Run this twice to check idempotency
- playbooks/service-lists.yaml
- job:
name: system-config-run-nodepool
parent: system-config-run
description: |
Run the playbook for nodepool.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zk04.opendev.org
label: ubuntu-focal
- name: nl01.opendev.org
label: ubuntu-focal
- name: nb01.opendev.org
label: ubuntu-bionic
required-projects:
- opendev/system-config
- openstack/project-config
host-vars:
nl01.opendev.org:
host_copy_output:
'/etc/nodepool/nodepool.yaml': logs
'/var/log/nodepool/launcher-debug.log': logs
nb01.opendev.org:
host_copy_output:
'/etc/nodepool/nodepool.yaml': logs
'/var/log/nodepool/builder-debug.log': logs
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-nodepool.yaml
# Test our ad hoc restart playbook works
- playbooks/nodepool_restart.yaml
files:
- playbooks/install-ansible.yaml
- inventory/service/group_vars/nodepool.yaml
- inventory/service/group_vars/nodepool-builder.yaml
- inventory/service/group_vars/nodepool-launcher.yaml
- playbooks/roles/configure-openstacksdk/
- playbooks/roles/nodepool
- playbooks/templates/clouds/
- playbooks/nodepool_restart.yaml
- testinfra/test_nodepool.py
- job:
name: system-config-run-dns
parent: system-config-run
description: |
Run the playbook for dns.
required-projects:
- opendev/zone-opendev.org
- opendev/zone-zuul-ci.org
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: adns1.opendev.org
label: ubuntu-bionic
- name: ns1.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-nameserver.yaml
host-vars:
adns1.opendev.org:
host_copy_output:
'/etc/bind/named.conf': logs
'/var/lib/bind/zones': logs
files:
- playbooks/install-ansible.yaml
- inventory/service/group_vars/adns.yaml
- inventory/service/group_vars/dns.yaml
- inventory/service/host_vars/(ad)?ns\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/adns.yaml.j2
- playbooks/zuul/templates/group_vars/ns.yaml.j2
- playbooks/roles/master-nameserver/
- playbooks/roles/nameserver/
- testinfra/test_adns.py
- testinfra/test_ns.py
- job:
name: system-config-run-borg-backup
parent: system-config-run
description: |
Run the playbook for borg backup configuration
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: borg-backup01.region.provider.opendev.org
label: ubuntu-focal
- name: borg-backup-test01.opendev.org
label: ubuntu-focal
- name: borg-backup-test02.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-borg-backup.yaml
run_test_playbook: playbooks/test-borg-backup.yaml
files:
- playbooks/service-borg-backup.yaml
- playbooks/test-borg-bcakup.yaml
- playbooks/install-ansible.yaml
- playbooks/roles/install-borg
- playbooks/roles/borg-backup
- playbooks/zuul/templates/host_vars/borg-backup
- testinfra/test_borg_backups.py
host-vars:
borg-backup01.region.provider.opendev.org:
host_copy_output:
'/var/log/prune-borg-backups.log': logs
'/var/log/verify-borg-backups.log': logs
borg-backup-test01.opendev.org:
host_copy_output:
'/var/log/borg-backup-borg-backup01.region.provider.opendev.org.log': logs
borg-backup-test02.opendev.org:
host_copy_output:
'/var/log/borg-backup-borg-backup01.region.provider.opendev.org.log': logs
- job:
name: system-config-run-mirror-base
parent: system-config-run
abstract: true
description: |
Run the playbook for a mirror node
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-mirror.yaml
host-vars:
mirror01.openafs.provider.opendev.org:
host_copy_output:
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
'/etc/apache2/sites-available/mirror.conf': logs
mirror02.openafs.provider.opendev.org:
host_copy_output:
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
'/etc/apache2/sites-available/mirror.conf': logs
files:
- playbooks/install-ansible.yaml
- roles/
- playbooks/roles/base/
- inventory/service/group_vars/mirror.yaml
- playbooks/roles/mirror/
- playbooks/roles/letsencrypt
- playbooks/letsencrypt.yaml
- playbooks/service-mirror.yaml
- playbooks/zuul/templates/group_vars/mirror.yaml.j2
- testinfra/test_mirror.py
- job:
name: system-config-run-mirror-x86
parent: system-config-run-mirror-base
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: mirror01.openafs.provider.opendev.org
label: ubuntu-bionic
- name: mirror02.openafs.provider.opendev.org
label: ubuntu-focal
- job:
name: system-config-run-mirror-arm64
parent: system-config-run-mirror-base
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic-arm64
- name: mirror01.openafs.provider.opendev.org
label: ubuntu-focal-arm64
- job:
name: system-config-run-mirror-update
parent: system-config-run
description: |
Run the playbook for a mirror update node
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: mirror-update01.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/service-mirror-update.yaml
files:
- playbooks/install-ansible.yaml
- roles/
- playbooks/roles/mirror-update/
- playbooks/roles/reprepro/
- playbooks/service-mirror-update.yaml
- testinfra/test_mirror-update.py
- job:
name: system-config-run-docker-registry
parent: system-config-run
description: |
Run the playbook for the docker registry.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: insecure-ci-registry01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-registry.yaml
host-vars:
insecure-ci-registry01.opendev.org:
host_copy_output:
'/var/registry/auth': logs
'/var/registry/certs': logs
files:
- playbooks/install-ansible.yaml
- inventory/service/group_vars/registry.yaml
- inventory/service/host_vars/insecure-ci-registry\d+.opendev.org.yaml
- playbooks/zuul/templates/group_vars/registry.yaml.j2
- playbooks/roles/letsencrypt-create-certs/handlers/restart_zuul_registry.yaml
- playbooks/roles/registry/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- testinfra/test_registry.py
- job:
name: system-config-run-codesearch
parent: system-config-run-containers
description: |
Run the playbook for the codesearch server.
timeout: 3600
requires: codesearch-container-image
required-projects:
- opendev/system-config
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: codesearch01.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-codesearch.yaml
files:
- playbooks/bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-codesearch.yaml
- playbooks/roles/codesearch/
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- docker/hound/
- testinfra/test_codesearch.py
- job:
name: system-config-run-etherpad
parent: system-config-run-containers
description: |
Run the playbook for the etherpad servers.
timeout: 3600
requires: etherpad-container-image
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: etherpad01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-etherpad.yaml
files:
- playbooks/bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-etherpad.yaml
- playbooks/roles/etherpad/
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- docker/etherpad/
- testinfra/test_etherpad.py
- job:
name: system-config-run-gitea
parent: system-config-run-containers
description: |
Run the playbook for the gitea servers.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: gitea-lb01.opendev.org
label: ubuntu-bionic
- name: gitea99.opendev.org
label: ubuntu-bionic
required-projects:
- openstack/project-config
- opendev/system-config
requires:
- gitea-container-image
- haproxy-statsd-container-image
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-gitea-lb.yaml
- playbooks/service-gitea.yaml
- playbooks/manage-projects.yaml
- playbooks/test-update-zuul-description.yaml
# Run twice to ensure that we noop properly when
# all projects are created in gitea. We also update
# zuul's description to ensure that descriptions are
# updated. This uses a test specific playbook to set
# the always_update flag.
- playbooks/test-manage-projects.yaml
run_test_playbook: playbooks/test-gitea.yaml
host-vars:
gitea99.opendev.org:
host_copy_output:
'/var/gitea/conf': logs
'/var/gitea/certs': logs
'/var/gitea/logs': logs
gitea-lb01.opendev.org:
host_copy_output:
'/var/haproxy/etc': logs
files:
- playbooks/install-ansible.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-gitea-lb.yaml
- playbooks/service-gitea.yaml
- playbooks/manage-projects.yaml
- playbooks/test-gitea.yaml
- playbooks/rename_repos.yaml
- inventory/service/group_vars/gitea.yaml
- inventory/service/group_vars/gitea-lb.yaml
- inventory/service/host_vars/gitea
- playbooks/zuul/templates/group_vars/gitea.yaml.j2
- playbooks/zuul/templates/group_vars/gitea-lb.yaml.j2
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/letsencrypt
- playbooks/roles/gerrit/
- playbooks/roles/gitea/
- playbooks/roles/gitea-git-repos/
- playbooks/roles/haproxy/
- playbooks/roles/letsencrypt-create-certs/handlers/restart_gitea.yaml
- testinfra/test_gitea.py
- testinfra/test_gitea_lb.py
# From gitea_files -- If we rebuild the image, we want to run
# this job as well.
- docker/gitea/
# From haproxy-statsd_files -- If we rebuild the image, we want
# to run this job as well.
- docker/haproxy-statsd/
- job:
name: system-config-run-grafana
parent: system-config-run-containers
description: |
Run the playbook for the etherpad servers.
timeout: 3600
requires: grafana-container-image
required-projects:
- opendev/system-config
- openstack/project-config
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: grafana01.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-grafana.yaml
run_test_playbook: playbooks/test-grafana.yaml
files:
- playbooks/bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-grafana.yaml
- playbooks/roles/grafana/
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- docker/grafana/
- testinfra/test_grafana.py
- job:
name: system-config-run-graphite
parent: system-config-run
description: |
Run the playbook for the graphite servers.
timeout: 3600
required-projects:
- opendev/system-config
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: graphite02.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-graphite.yaml
host-vars:
graphite02.opendev.org:
host_copy_output:
'/var/log/graphite': logs
files:
- playbooks/bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-graphite.yaml
- playbooks/roles/graphite
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- testinfra/test_graphite.py
- job:
name: system-config-run-meetpad
parent: system-config-run
description: |
Run the playbook for jitsi-meet.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: meetpad01.opendev.org
label: ubuntu-bionic
- name: jvb01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-meetpad.yaml
host-vars:
meetpad01.opendev.org:
host_copy_output:
'/var/jitsi-meet': logs
jvb01.opendev.org:
host_copy_output:
'/var/jitsi-meet': logs
files:
- playbooks/install-ansible.yaml
- inventory/service/group_vars/meetpad.yaml
- inventory/service/host_vars/meetpad\d+.opendev.org.yaml
- playbooks/roles/letsencrypt-create-certs/handlers/restart_jitsi_meet.yaml
- playbooks/roles/jitsi-meet/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/zuul/templates/group_vars/meetpad.yaml.j2
- testinfra/test_meetpad.py
- job:
name: system-config-run-paste
parent: system-config-run-containers
description: |
Run the playbook for the paste server.
timeout: 3600
required-projects:
- opendev/system-config
requires:
- lodgeit-container-image
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: paste01.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-paste.yaml
run_test_playbook: playbooks/test-paste.yaml
files:
- playbooks/bridge.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-paste.yaml
- playbooks/roles/lodgeit
- playbooks/roles/install-docker/
- playbooks/roles/pip3/
- playbooks/test-paste.yaml
- testinfra/test_paste.py
- job:
name: system-config-run-zookeeper
parent: system-config-run
description: |
Run the playbook for the zookeeper cluster.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zk04.opendev.org
label: ubuntu-focal
vars:
run_playbooks:
- playbooks/service-zookeeper.yaml
files:
- playbooks/install-ansible.yaml
- inventory/service/group_vars/zookeeper.yaml
- ^inventory/service/host_vars/zk\d+\..*
- playbooks/roles/zookeeper/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- testinfra/test_zookeeper.py
# From zookeeper-statsd_files -- If we rebuild the image, we want
# to run this job as well.
- docker/zookeeper-statsd/
- job:
name: system-config-run-zuul-preview
parent: system-config-run
description: |
Run the playbook for the zuul-preview service.
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zp01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/service-zuul-preview.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/roles/zuul-preview/
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- testinfra/test_zuul_preview.py
- job:
name: system-config-run-zuul
parent: system-config-run
description: |
Run the playbook for the main Zuul cluster.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: zk04.opendev.org
label: ubuntu-focal
- name: zm01.opendev.org
label: ubuntu-focal
- name: ze01.opendev.org
label: ubuntu-focal
- name: zuul02.opendev.org
label: ubuntu-focal
required-projects:
- openstack/project-config
- opendev/system-config
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-zuul.yaml
# Test our ad hoc restart playbook works
- playbooks/zuul_restart.yaml
host-vars:
zm01.opendev.org:
host_copy_output:
'/etc/hosts': logs
'/etc/zuul/zuul.conf': logs
'/var/log/zuul/merger-debug.log': logs
ze01.opendev.org:
host_copy_output:
'/etc/hosts': logs
'/etc/zuul/zuul.conf': logs
'/var/log/zuul/executor-debug.log': logs
zuul02.opendev.org:
host_copy_output:
'/etc/hosts': logs
'/etc/zuul/zuul.conf': logs
'/var/log/zuul/debug.log': logs
bridge.openstack.org:
host_copy_output:
'/etc/hosts': logs
files:
- playbooks/install-ansible.yaml
- playbooks/service-zookeeper.yaml
- playbooks/service-zuul.yaml
- inventory/service/group_vars/zuul
- inventory/service/group_vars/zookeeper.yaml
- inventory/service/host_vars/zk\d+
- inventory/service/host_vars/zuul02.opendev.org
- playbooks/roles/zookeeper/
- playbooks/roles/install-apt-repo
- playbooks/roles/zuul
- playbooks/zuul/templates/group_vars/zuul
- playbooks/zuul/templates/group_vars/zookeeper.yaml
- playbooks/zuul/templates/host_vars/zk\d+
- playbooks/zuul/templates/host_vars/zuul02.opendev.org
- playbooks/zuul_restart.yaml
- testinfra/test_zuul_executor.py
- testinfra/test_zuul_scheduler.py
- testinfra/test_zuul_merger.py
- testinfra/util.py
- job:
name: system-config-run-review-base
parent: system-config-run-containers
description: |
Base job for testing gerrit
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: review99.opendev.org
label: ubuntu-focal
required-projects:
- openstack/project-config
- opendev/system-config
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-review.yaml
run_test_playbook: playbooks/test-review.yaml
host-vars:
review99.opendev.org:
host_copy_output:
'/home/gerrit2/review_site/etc': logs
'/home/gerrit2/review_site/logs': logs
'/var/log/apache2/': logs
'/var/log/acme.sh': logs
files:
- playbooks/install-ansible.yaml
- playbooks/letsencrypt.yaml
- playbooks/service-review.*.yaml
- playbooks/test-review.yaml
- playbooks/rename_repos.yaml
- inventory/service/group_vars/review.yaml
- playbooks/roles/pip3/
- playbooks/roles/install-docker/
- playbooks/roles/letsencrypt
- playbooks/roles/gerrit/
- playbooks/zuul/gerrit/
- playbooks/zuul/templates/host_vars/review99.opendev.org.yaml.j2
- roles/bazelisk-build/
- testinfra/test_gerrit.py
- docker/gerrit/
- playbooks/zuul/upgrade-review.yaml
- job:
name: system-config-run-review-3.3
parent: system-config-run-review-base
description: |
Run the playbook for gerrit 3.3 (in a container).
requires: gerrit-3.3-container-image
vars:
zuul_test_gerrit_version: '3.3'
- job:
name: system-config-run-review-3.4
parent: system-config-run-review-base
description: |
Run the playbook for gerrit 3.4 (in a container).
requires: gerrit-3.4-container-image
vars:
zuul_test_gerrit_version: '3.4'
- job:
name: system-config-upgrade-review
parent: system-config-run-review-base
description: |
Test we can upgrade a gerrit 3.3 to 3.4
requires:
- gerrit-3.3-container-image
- gerrit-3.4-container-image
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/zuul/upgrade-review.yaml
zuul_test_gerrit_version: '3.3'
- job:
name: system-config-run-static
parent: system-config-run
description: |
Run the playbook for a static node.
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: static01.opendev.org
label: ubuntu-bionic
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-static.yaml
files:
- playbooks/install-ansible.yaml
- playbooks/roles/static/
- playbooks/roles/letsencrypt
- playbooks/letsencrypt.yaml
- playbooks/service-static.yaml
- testinfra/test_static.py
host-vars:
static01.opendev.org:
host_copy_output:
'/var/log/acme.sh/': logs
'/etc/apache2/': logs
'/var/log/apache2/': logs
- job:
name: system-config-run-refstack
parent: system-config-run
ansible-version: 2.9
description: |
Run the playbook for refstack server.
dependencies: opendev-buildset-registry
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: refstack01.openstack.org
label: ubuntu-focal
host-vars:
refstack01.openstack.org:
host_copy_output:
'/var/log/apache2/': logs
'/var/lib/refstack/': logs
'/var/refstack/': logs
vars:
run_playbooks:
- playbooks/letsencrypt.yaml
- playbooks/service-refstack.yaml
container_command: docker
files:
- playbooks/bridge.yaml
- inventory/service/group-vars/refstack.yaml
- playbooks/zuul/templates/group_vars/refstack.yaml.j2
- playbooks/roles/refstack/
- playbooks/roles/letsencrypt-create-certs/handlers/restart_apache.yaml
- testinfra/test_refstack.py
# If we rebuild the image, we want to run this job as well.
- docker/refstack/.*
- job:
name: system-config-run-kerberos
parent: system-config-run
ansible-version: 2.9
description: |
Run the playbook for kerberos servers
timeout: 3600
nodeset:
nodes:
- name: bridge.openstack.org
label: ubuntu-bionic
- name: kdc-primary.opendev.org
label: ubuntu-focal
- name: kdc-replica.opendev.org
label: ubuntu-focal
host-vars:
kdc-primary.opendev.org:
host_copy_output:
'/etc/krb5kdc/': logs
'/var/krb5kdc/': logs
kdc-replica.opendev.org:
host_copy_output:
'/etc/krb5kdc/': logs
'/var/krb5kdc/': logs
vars:
run_playbooks:
- playbooks/service-kerberos.yaml
# Run twice to double-check idempotence
- playbooks/service-kerberos.yaml
run_test_playbook: playbooks/test-kerberos.yaml
files:
- playbooks/bridge.yaml
- playbooks/roles/kerberos-kdc/