Also enable glance helm tests for gates.
Temporary replaces cirros url to mirror due to [0]
[0] https://bugs.launchpad.net/rally/+bug/1887705
Change-Id: I21ceba857c375c1de054e69cf84449e02881b0ce
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
This updates the Glance chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem flag to true
Change-Id: I49ac688fa9cb73ddbc215198c74fae26f503cb51
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: Ia035037e000f1bf95202fc07b8cd1ad0fc019094
This patch set adds in job to test the OpenStack train releases.
Depends-On: https://review.opendev.org/#/c/706456/
Change-Id: I89fef1264f68dab7e921a9e5503c29d6a051f342
Signed-off-by: Tin Lam <tin@irrational.io>
This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.
Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.
Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
This patch set updates the default job to use OpenStack Stein release.
The previously default Ocata release will be place in separate job.
Change-Id: I489324f762a179a2cab5499a6d8e57e97c81297f
Signed-off-by: Tin Lam <tin@irrational.io>
- Change all tests to support Nautilus,Mimic and Luminous releases
- Update ceph-config-helper image
Change-Id: I557b1efa12529d0ee51d4c5b9d4beb4abf1b0574
Currently using envsubst to perform substitution of value overrides in
the feature gate caused conflicts as gotpl gets templated into those
overrides. This adds in '%%%REPLACE_${var}%%%' and uses sed to perform
the substitution instead to address the issue.
This is to achieve parity with OSH-infra patch in [0].
[0] https://review.opendev.org/#/c/697749/
Depends-On: https://review.opendev.org/#/c/697749
Change-Id: I3ed504c65900e7b84728019f3acdf706a40c0427
Signed-off-by: Tin Lam <tlam@omegaprime.dev>
This patch set adds in the egress policy for core OpenStack Services.
Depends-On: https://review.opendev.org/#/c/679853/
Change-Id: I585ddabcbd640db784520c913af8eddecaee3843
Signed-off-by: Tin Lam <tlam@omegaprime.dev>
This updates the kubernetes-entrypoint image reference to consume
the publicly available kubernetes-entrypoint image that is built
and maintained under the airshipit namespace, as the stackanetes
image is no longer actively maintainedy
Depends-On: https://review.opendev.org/688435
Change-Id: I8e76cdcc9d4db8975b330e97169754a2a407341f
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the ceph-config-helper image for the ubuntu distro
based jobs to use an image that includes kubernetes 1.16.2
Change-Id: If063db5e6f0abfab10cd0195b3633c41d8ed560f
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This change adds two network policy zuul checks, one for the compute-kit,
and one for cinder/ceph, to test network policy for each OpenStack
service. These checks will be non-voting initially.
The network policy rules for each service will initially allow all
traffic. These ingress/egress rules will be defined in future changes
to only explicitly allow traffic between services that are explicitly
allowed to communicate, other traffic will be denied.
Depends-On: https://review.opendev.org/#/c/685130/
Change-Id: Ide2998ebb2af2832f24ca7abc398a82e4a6d70e3
Glance provide default list of metadata definitions in /etc/glance/metadefs
directory. The patch adds job that will load those defaults definitions.
The job is enabled by default.
Change-Id: Ib3ab20a9a7f73b568b029b06101cf4e5e2473716
glance_store uses bare ConfigParser for swift configuration, that
ceased to strip quotes in PY3. That leads to invalid auth parameters
(e.g. 'project_domain_id': '""') and failure to authenticate.
Current CI process does not hit this issue because Swift backend
is not used.
Change-Id: I6d2c129e6747a3c5fcd2da0c88b0a2135775a914
Closes-bug: #1839772
The patch sets allowed_origin in cors section to have ability to
operate along with CSRF operations and direct upload in horizon dashboard.
Change-Id: Icdd9aa97d24c5bf3cc42d3cd1dfd5b2f7adbefc9
The patch fixes issue when ingress for glance registry is created
when manifests:ingress_registry is set to false.
Change-Id: I8e54c73b3924ea292e18aa1e837d0e10b51e3876
This PS updates the default RMQ policy to not mirror reply queues
as they cause signifigant blocking when resorting a rabbit node to
a cluster, with no advantage.
Change-Id: I6f8d4eaa482fcdf3e877bd38caa9b24358ea5be0
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Stein Release of OpenStack in Ubuntu Bionic
containers.
Depends-On: https://review.opendev.org/667726
Change-Id: Icfad3434ca496a841993b95adaf5d853728d920f
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for running the Rocky release of Openstack under
Python3 in Ubuntu Bionic containers.
Change-Id: I269cef9f8f157e22f6b857822df9a8960dac6ea8
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Rocky Release of OpenStack in Ubuntu Xenial
containers.
Change-Id: Ieed4a6a3afa6e3ebd9b2f72ba227aac891d65214
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Queens Release of OpenStack in Ubuntu Xenial
containers.
Change-Id: I0d4d427e43f06fa955dfd275859939d0adca113c
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds checks for the Pike Release of OpenStack in Ubuntu Xenial
containers.
Change-Id: I402584bbcdd53a4a6bc21f370586b3498142bf81
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the charts to use the htk function recently introduced
to allow oslo.messaging clients ans servers to directly hit their
backends rather than using either DNS or K8S svc based routing.
Depends-On: I5150a64bd29fa062e30496c1f2127de138322863
Change-Id: I458b4313c57fc50c8181cedeca9919670487926a
Signed-off-by: Pete Birley <pete@port.direct>
This PS enables the use of simple logging options if desired.
Change-Id: If6ea420c6ed595b3b6b6eedf99a0bf26a20b6abf
Signed-off-by: Pete Birley <pete@port.direct>
Currently each service uses the same name for their helm test user,
"test". While this works when services are ran sequentially, when
multiple services are deployed and tested at the same time, it can
lead to a race condition where one service deletes the user before
the other is done testing, causing a failure.
This change makes it so that each service defines its own test user
in the form of [service]-test.
Change-Id: Idd7ad3bef78a039f23fb0dd79391e3588e94b73c
This patch make the db sync job template follows the same pattern
that other templates utilize the variables to make in a predictable
pattern.
Change-Id: Idbedd046c6b4fd001cf63004ffac792173a5778b
Story: 2005754
Task: 33457
We now have a process for OSH-images image building,
using Zuul, so we should point the images by default to those
images, instead of pointing to stale images.
Without this, the osh-images build process is completely not
in use, and updating the osh-images process or patching its
code has no impact on OSH.
This should fix it.
Change-Id: I672b8755bf9e182b15eff067479b662529a13477
