This adds Gerrit 3.11 image builds an a system-config-run job for a 3.11 deployment. We don't add 3.10 to 3.11 upgrade testing yet. This will happen as a followup once we're happy with general image building and testing. This adds explicit push and force push permissions to the Administrators group via code reviewed changes. The reason for this is Gerrit 3.11 has decided that everything should be code reviewed by default including actions by Administrators. Since we're just doing this for bootstrapping of testing we quickly add the old expected permissions back via code review. This has a side effect of bumping up the change numbers for the cahnges we care about in review up by 2 integer values. The tests and screenshots are all updated to accomodate the shift in change numbers. Change-Id: Ib7090563a869577ed100ca71c496e8779e5b1010
346 lines
12 KiB
346 lines
12 KiB
- hosts: "review"
- name: Wait for Gerrit to be up
url: http://localhost:8081/a/accounts/admin/sshkeys
method: GET
user: admin
password: secret
register: result
until: result.status == 200 and not result.redirected
delay: 1
retries: 120
- name: Create openstack-project-creator user
url: http://localhost:8081/a/accounts/openstack-project-creator
method: PUT
user: admin
password: secret
body_format: json
username: 'openstack-project-creator'
name: 'Project Creator'
email: 'project.creator@example.com'
http_password: 'secret'
- Administrators
status_code: 201
- name: Create CI group
url: 'http://localhost:8081/a/groups/CI-tools'
method: PUT
user: admin
password: secret
body_format: json
description: 'Continuous Integration Tools'
status_code: 201
- name: Create Zuul user
url: http://localhost:8081/a/accounts/zuul
method: PUT
user: admin
password: secret
body_format: json
name: 'Zuul'
email: 'zuul@example.com'
http_password: 'secret'
status_code: 201
- name: Add Zuul to group
url: 'http://localhost:8081/a/groups/CI-tools/members/zuul'
method: PUT
user: admin
password: secret
status_code: 201
- name: Get group UUID
url: 'http://localhost:8081/a/groups/CI-tools'
method: GET
user: admin
password: secret
status_code: 200
return_content: yes
register: group_raw
- name: Debug serialized json
var: group_raw
- name: Deserialize returned data to internal variable.
# The first 4 bytes of the returned data are )]}' which is
# invalid json.
group_json: '{{ group_raw.content | regex_replace("^....", "") | from_json }}'
- name: Debug deserialized json
var: group_json
- name: Setup key and initial gerrit config
executable: /bin/bash
cmd: |
set -xe
ssh-keygen -t ed25519 -f /root/.ssh/id_25519 -P ""
curl -X POST --user "admin:secret" -H "Content-Type: text/plain" -d@/root/.ssh/id_25519.pub http://localhost:8081/a/accounts/admin/sshkeys
git config --global user.name "Admin"
git config --global user.email "admin@example.com"
git clone http://admin:secret@localhost:8081/a/All-Projects
pushd All-Projects
# Setup change id hook. Adapted from Zuul quickstart setup.
f="$(git rev-parse --git-dir)/hooks/commit-msg"; curl -o "$f" http://localhost:8081/tools/hooks/commit-msg ; chmod +x "$f"
echo "{{ group_json.id }} CI-tools" >> groups # noqa 203
git commit -a -m "Add CI-tools group"
git push origin HEAD:refs/for/refs/meta/config
ssh -i /root/.ssh/id_25519 -p 29418 -l 'admin' localhost gerrit review -l Code-Review=2 --submit -p All-Projects 1,1
cat >> project.config << EOF
[label "Verified"]
function = NoBlock
value = -2 Fails
value = -1 Doesn't seem to work
value = 0 No score
value = +1 Works for me
value = +2 Verified
[submit-requirement "Verified"]
description = CI result votes. Maximum required to merge and is provided by the Zuul's gate queue.
submittableIf = label:Verified=MAX AND -label:Verified=MIN
canOverrideInChildProjects = false
[access "refs/*"]
push = +force group Administrators
[access "refs/heads/*"]
label-Verified = -2..+2 group CI-tools
git commit -a -m 'Update All-Project configuration'
git push origin HEAD:refs/for/refs/meta/config
ssh -i /root/.ssh/id_25519 -p 29418 -l 'admin' localhost gerrit review -l Code-Review=2 --submit -p All-Projects 2,1
# openstack-project-creator bootstrapping
curl -X POST --user "openstack-project-creator:secret" -H "Content-Type: text/plain" -d@/home/gerrit2/review_site/etc/ssh_project_rsa_key.pub http://localhost:8081/a/accounts/openstack-project-creator/sshkeys
# This is helpful on a held node when you're trying to fix/enhance
# the Zuul summary plugin. You can build it locally, scp the new
# .jar to /tmp and run this to deploy your changes.
- name: Create summary plugin helper script
executable: /bin/bash
cmd: |
set -xe
cat > /root/deploy-zuul-results-summary.sh << EOF
echo "Copying plugin"
docker cp /tmp/zuul-results-summary.jar \
echo "Reloading"
ssh -i /root/.ssh/id_25519 -p 29418 admin@localhost \
gerrit plugin reload zuul-results-summary
echo "Done"
chmod a+x /root/deploy-zuul-results-summary.sh
- name: Create temp dir for project creation
shell: mktemp -d
register: project_tmp
- name: Create project project in Gerrit
url: http://localhost:8081/a/projects/y%2Ftestproject
method: PUT
user: admin
password: secret
status_code: 201
- name: Setup initial test project
executable: /bin/bash
chdir: "{{ project_tmp.stdout }}"
cmd: |
set -xe
git init testproject.config
pushd testproject.config
git remote add origin http://admin:secret@localhost:8081/a/y/testproject
git pull origin refs/meta/config
echo "{{ group_json.id }} CI-tools" >> groups # noqa 203
cat >project.config <<EOF
inheritFrom = All-Projects
action = inherit
[access "refs/heads/*"]
label-Review-Priority = -1..+2 group CI-tools
label-Backport-Candidate = -1..+1 group CI-tools
[label "Review-Priority"]
copyCondition = changekind:NO_CODE_CHANGE OR changekind:TRIVIAL_REBASE OR is:MAX OR is:MIN
defaultValue = 0
function = NoBlock
value = -1 Branch Freeze
value = 0 No Priority
value = +1 Important Change
value = +2 Urgent Change
[label "Backport-Candidate"]
copyCondition = changekind:NO_CODE_CHANGE OR changekind:TRIVIAL_REBASE OR is:MAX OR is:MIN
defaultValue = 0
function = NoBlock
value = -1 Not a backport candidate
value = 0 Backport review needed
value = +1 Should backport
[submit-requirement "Review-Priority"]
description = The review priority
submittableIf = -label:Review-Priority=MIN
[submit-requirement "Backport-Candidate"]
applicableIf = is:false
description = Backport candidate status
submittableIf = is:true
git add project.config groups
git commit -m 'Updated project config'
git push origin HEAD:refs/meta/config
- name: Create initial commit and changes in testproject
executable: /bin/sh
chdir: "{{ project_tmp.stdout }}"
cmd: |
set -x
git init .
cat >.gitreview <<EOF
git add .gitreview
git commit -m "Initial commit"
git remote add gerrit http://admin:secret@localhost:8081/y/testproject
git push -f --set-upstream gerrit +HEAD:master
curl -Lo .git/hooks/commit-msg http://localhost:8081/tools/hooks/commit-msg
chmod u+x .git/hooks/commit-msg
cat >file-3.txt <<EOF
Hello, this is a file
git add file-3.txt
git commit -m "Sample review 3"
git push gerrit HEAD:refs/for/master
cat >file-4.txt <<EOF
Hello, this is a file
git add file-4.txt
git commit -m "Sample review 4"
git push gerrit HEAD:refs/for/master
cat >file-5.txt <<EOF
Hello, this is a file
git add file-5.txt
git commit -m "Sample review 5"
git push gerrit HEAD:refs/for/master
- name: Post a sample failure review
url: 'http://localhost:8081/a/changes/{{ item.id }}/revisions/1/review'
method: POST
user: zuul
password: secret
body_format: json
tag: 'autogenerated:zuul:check'
'Verified': '{{ item.verified }}'
'Review-Priority': '{{ item.priority }}'
'Backport-Candidate': '{{ item.backport }}'
message: |
Build failed (check pipeline). For information on how to proceed, see
- test-success https://zuul.opendev.org/t/openstack/build/00b1ce7d5d994339a54dd8142a6813a6 : SUCCESS in {{ range(1, 59) | random }}m 22s
- test-failure https://zuul.opendev.org/t/openstack/build/00b1ce7d5d994339a54dd8142a6813a6 : FAILURE in {{ range(1, 59) | random }}m 22s
- test-retry-limit https://zuul.opendev.org/t/openstack/build/20efbb1b6983453884103e9628a70942 : RETRY_LIMIT in {{ range(1, 59) | random }}m 24s
- test-skipped https://zuul.opendev.org/t/openstack/build/None : SKIPPED
- test-aborted https://zuul.opendev.org/t/openstack/build/bc4a4559645b4088a9f8586c043c4764 : ABORTED in {{ range(1, 59) | random }}m 19s
- test-merger-failure https://zuul.opendev.org/t/openstack/build/cb469750b250430b95a02697931d6030 : MERGER_FAILURE in {{ range(1, 59) | random }}m 14s
- test-node-failure https://zuul.opendev.org/t/openstack/build/0897fafc9652480794652fc49e3c9baf : NODE_FAILURE in {{ range(1, 59) | random }}m 48s
- test-timed-out https://zuul.opendev.org/t/openstack/build/57c4eb5174554cbfbb06fd9118eb1ae4 : TIMED_OUT in {{ range(1, 59) | random }}m 37s (non-voting)
- test-post-failure https://zuul.opendev.org/t/openstack/build/30afb96669fe4f19b6215e79615ecd90 : POST_FAILURE in {{ range(1, 59) | random }}m 58s
- test-config-error https://zuul.opendev.org/t/openstack/build/76c69b8062284d959a85b55bc460f822 : CONFIG_ERROR in {{ range(1, 59) | random }}m 27s
- test-disk-full https://zuul.opendev.org/t/openstack/build/0897fafc9743580794652fc49e3c9baf : DISK_FULL in {{ range(1, 59) | random }}m 48s
- test-error https://zuul.opendev.org/t/openstack/build/0897bedc9743580794652fc49e3c1234 : ERROR This is an error message in {{ range(1, 59) | random }}m 32s
- id: '3'
verified: '-2'
priority: '-1'
backport: '-1'
- id: '4'
verified: '+1'
priority: '+1'
backport: '0'
- id: '5'
verified: '+2'
priority: '+2'
backport: '+1'
- name: Post a sample good review in another pipeline
url: 'http://localhost:8081/a/changes/{{ item }}/revisions/1/review'
method: POST
user: zuul
password: secret
body_format: json
tag: 'autogenerated:zuul:check-secondary'
message: |
Build succeeded (Secondary pipeline).
- test-second-ci https://zuul.opendev.org/t/openstack/build/f9c14856bf4e485089ca8fc8f00f324b : SUCCESS in {{ range(1, 59) | random}}m 11s
- 3
- 4
- 5
# NOTE(ianw) we do an add/delete/add cycle as we've seen issues
# with duplicate updates causing problems before; e.g.
# https://gerrit-review.googlesource.com/c/gerrit/+/312602
- name: Post a file review to confirm accountPatchDb connection
url: 'http://localhost:8081/a/changes/y%2Ftestproject~3/revisions/1/files/file-3.txt/reviewed'
method: '{{ item[0] }}'
user: admin
password: secret
status_code: '{{ item[1] }}'
- [ PUT, 201 ]
- [ DELETE, 204 ]
- [ PUT, 201 ]