This PS adds checks for the Stein Release of OpenStack in Ubuntu Bionic
containers.
Depends-On: https://review.opendev.org/667726
Change-Id: Icfad3434ca496a841993b95adaf5d853728d920f
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for running the Rocky release of Openstack under
Python3 in Ubuntu Bionic containers.
Change-Id: I269cef9f8f157e22f6b857822df9a8960dac6ea8
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Rocky Release of OpenStack in Ubuntu Xenial
containers.
Change-Id: Ieed4a6a3afa6e3ebd9b2f72ba227aac891d65214
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Queens Release of OpenStack in Ubuntu Xenial
containers.
Change-Id: I0d4d427e43f06fa955dfd275859939d0adca113c
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves the gates we have with duplicated coverage to
periodics, reducing the load we place on -infra with each ps
Change-Id: I03086d05abc8e14dab60494d1126e849f97ee375
Signed-off-by: Pete Birley <pete@port.direct>
This PS indroduces a simpler way to incorp over-rides into gate
runs, and also ensures that they are scoped to a single chart, rather
than all of the charts deployed within a gate run.
Depends-On: https://review.opendev.org/666957
Change-Id: I49edf52cc1fc5ec60ee9754c28880c9c0c54492e
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Pike Release of OpenStack in Ubuntu Xenial
containers.
Change-Id: I402584bbcdd53a4a6bc21f370586b3498142bf81
Signed-off-by: Pete Birley <pete@port.direct>
This adds a helm test for Horizon, the helm test
runs a selenium webdriver check to verify the dashboard
is up
Change-Id: I3616c05596b2bd94931c39fb774333bf65453d52
Signed-off-by: Steve Wilkerson <sw5822@att.com>
There is currently no testing of the Leap 15 images in OSH.
This addresses it by:
- Using the values_overrides folder according to the multi-os
spec, creating value override files there for changes that
needs to happen on Leap 15 images.
- Point to the right images using the previously created folder,
to allow using those in CI easily.
- Change CI to use previously created overrides.
Depends-On: https://review.openstack.org/#/c/651501
Change-Id: I520d3676195c62b253a19397c86b0d0fbabee710
This adds the deployment of heat to the compute kit and apparmor
job in order to provide a simple mechanism for booting vms to
validate a functional cloud deployment
Change-Id: I1a0b0fd4fd708a045e82781cfe3990e23d2af581
This adds a nonvoting apparmor check job to openstack-helm, which
allows for the removal of default apparmor profiles from the nova
chart. This job also includes overrides for using the default
docker apparmor profile for the neutron chart
Change-Id: I8f407f24b7f10c5d7cf10f21f73671f7e6c72767
This changes the gate check for bandit to only run when either python
or templated python files are edited. This will cause the check
to only be ran when those specific file types are edited, and to
skip the check when not needed.
Change-Id: I149ef6827ca10e32492f2b05beb8a13af5a03fc5
This adds both a periodic and experimental job for deploying Ceph
and the OSH components via Armada. This job will then generate new
passphrases for the OSH components, render an updated manifest for
the OSH components including the new passphrases, then applies the
updated OSH manifest to validate the ability for all deployed
charts to update those passphrases successfully
Change-Id: I42d19bbf8161b60311c4b8101217cdcfbdf6b568
This adds both a periodic and experimental job for deploying Ceph
and the OSH components via Armada. This job will then generate a
new release uuid, render an updated manifest for all previously
deployed releases, then apply that manifest to validate the
ability for all deployed charts to update successfully with the
new release uuid annotation
Change-Id: I6f2125f3505904c4714688e7a9900b8d6bea49b4
This updates the openstack-helm Armada job to instead deploy
only Ceph, the OpenStack service charts, and their dependencies.
This is dependent on the addition of the Armada job for Ceph and
the LMA components to openstack-helm-infra. This also updates the
jobs definition to use the osh-gate-runner playbook instead, as
well as sets the job both to a periodic and experimental job
Depends-On: https://review.openstack.org/#/c/634676/
Depends-On: https://review.openstack.org/#/c/633067/
Change-Id: I7e191a153f123e04e123acc33fb691d8117062a9
This change adds a zuul check job to export any templated python
contained in the helm charts and scan it with bandit for any
potential security flaws.
This also adds two nosec comments on the instances of subprocess
used as they currently do not appear to be malicious, as well
as changing the endpoint_update python code to prevent sql
injection, which satisfies bandit code B608.
Change-Id: I2212d26514c3510353d16a4592893dd2e85cb369
A change was merged that had commented out the check jobs. This
simply uncomments them so checks run against changes to
openstack-helm
The change can be found here: https://review.openstack.org/#/c/591808/48
Change-Id: Ia100f1248ebe783d154420c543a9b19fb1ba4ccc
This patchset updates the chart configuration overrides to account
for functionality supported with the move to Ocata over Newton.
This includes updating the OpenStack service logging configuration
to leverage the fluent handler/formatter that was introduced in the
Ocata release, updating Fluentd's configuration to filter out
duplicate logs, tagging logged events with their log level, and
creating separate indexes for the different log types created by
the elasticsearch templates. This also adds support for leveraging
ceph-radosgw's s3 API for Elasticsearch snapshots.
This also removes the barbican chart deployment from the
armada gate, to help alleviate resource consumption.
Change-Id: I45128bf102909e1762b832fc16ad04bedcfe4f00
This begins the reordering of the openstack-helm gates. This
deprecates the single node checks/gates that deployed the entire
stack in favor of single node checks/gates that are focused on
deploying charts with only their dependencies to reduce the
number of checks/gates required for a particular change. This also
moves the armada check to experimental, and moves the multinode
checks/gates to run as periodics. This will be followed up by
additional efforts to streamline these changes and incorporate
previous work targeting the same.
Change-Id: I63b87aceefc79a7a42c325669f2b4e3abb0c961c
Without this patch, openstack-helm-functional and
openstack-helm-multinode are a repetition of the
openstack-helm-infra-functional and openstack-helm-infra-multinode
jobs.
This is a problem, as multiple patches are required to change a base
job, and can lead to inconsistencies.
Instead the abstract jobs should be defined in only one place, the
openstack-helm-infra repositories. This will therefore be the location
of the openstack-helm project lint, functional, and multinode "base"
jobs.
From that point, openstack-helm-infra and openstack-helm can implement
their own job variants should this be required.
This patch fixes the link dependency between the two repositories by
ensuring all the OSH jobs are using their own local job definition
("-temp" jobs) during the migration.
Change-Id: I3d3193415ba65d58c5dd9bbb1fc515f5399edece
Depends-On: https://review.openstack.org/610482
Depends-On: https://review.openstack.org/610488
Depends-On: https://review.openstack.org/611239
This moves the job definitions into a single location, the zuul.d
folder, like it is done in the openstack-helm-infra repository.
The job playbooks and definitions of this repository will be moved
away to the openstack-helm-infra repository in a later commit.
This patch implements the first job reuse with the job
openstack-helm-lint from openstack-helm-infra's repository.
Change-Id: I233da952548d69f040771007455955131139e860
Depends-On: https://review.openstack.org/#/c/608662/
