diff --git a/.github/workflows/fatimage.yml b/.github/workflows/fatimage.yml index 703e495d7..c3b91fefa 100644 --- a/.github/workflows/fatimage.yml +++ b/.github/workflows/fatimage.yml @@ -26,7 +26,7 @@ jobs: source_image_name: Rocky-8-GenericCloud-Base-8.10-20240528.0.x86_64.qcow2 inventory_groups: control,compute,login,update - image_name: openhpc-RL9 - source_image_name: Rocky-9-GenericCloud-Base-9.4-20240523.0.x86_64.qcow2 + source_image_name: Rocky-9-GenericCloud-Base-9.5-20241118.0.x86_64.qcow2 inventory_groups: control,compute,login,update env: ANSIBLE_FORCE_COLOR: True diff --git a/.github/workflows/trivyscan.yml b/.github/workflows/trivyscan.yml index 4c090b85a..5b65baca1 100644 --- a/.github/workflows/trivyscan.yml +++ b/.github/workflows/trivyscan.yml @@ -25,6 +25,20 @@ jobs: steps: - uses: actions/checkout@v2 + - name: Override CI_CLOUD if PR label is present + if: ${{ github.event_name == 'pull_request' }} + run: | + # Iterate over the labels + labels=$(echo '${{ toJSON(github.event.pull_request.labels) }}' | jq -r '.[].name') + echo $labels + for label in $labels; do + if [[ $label == CI_CLOUD=* ]]; then + # Extract the value after 'CI_CLOUD=' + CI_CLOUD_OVERRIDE=${label#CI_CLOUD=} + echo "CI_CLOUD=${CI_CLOUD_OVERRIDE}" >> $GITHUB_ENV + fi + done + - name: Record settings for CI cloud run: | echo CI_CLOUD: ${{ env.CI_CLOUD }} diff --git a/ansible/adhoc/sync-pulp.yml b/ansible/adhoc/sync-pulp.yml index f26149bba..b2cd9a8c4 100644 --- a/ansible/adhoc/sync-pulp.yml +++ b/ansible/adhoc/sync-pulp.yml @@ -6,5 +6,5 @@ vars: pulp_site_target_arch: "x86_64" pulp_site_target_distribution: "rocky" - pulp_site_target_distribution_version: "9.4" + pulp_site_target_distribution_version: "9.5" pulp_site_target_distribution_version_major: "9" diff --git a/ansible/roles/podman/tasks/config.yml b/ansible/roles/podman/tasks/config.yml index 5fea3c2e0..74cf1d576 100644 --- a/ansible/roles/podman/tasks/config.yml +++ b/ansible/roles/podman/tasks/config.yml @@ -55,6 +55,7 @@ # Type Path Mode User Group Age Argument R! /tmp/containers-user-* R! /tmp/podman-run-* + R! /tmp/storage-run-* dest: /etc/tmpfiles.d/podman-local.conf owner: root group: root diff --git a/docs/experimental/pulp.md b/docs/experimental/pulp.md index 6d30bec6b..fb2cda023 100644 --- a/docs/experimental/pulp.md +++ b/docs/experimental/pulp.md @@ -14,4 +14,4 @@ An existing Pulp server can be used to host Ark repos by overriding `pulp_site_p ## Syncing Pulp content with Ark -If the `pulp` group is added to the Packer build groups, the local Pulp server will be synced with Ark on build. You must authenticate with Ark by overriding `pulp_site_upstream_username` and `pulp_site_upstream_password` with your vault encrypted Ark dev credentials. `dnf_repos_username` and `dnf_repos_password` must remain unset to access content from the local Pulp. Content can also be synced by running `ansible/adhoc/sync-pulp.yml`. By default this syncs repositories for Rocky 9.4 with x86_64 architecture, but can be overriden by setting extravars for `pulp_site_target_arch`, `pulp_site_target_distribution`, `pulp_site_target_distribution_version` and `pulp_site_target_distribution_version_major`. +If the `pulp` group is added to the Packer build groups, the local Pulp server will be synced with Ark on build. You must authenticate with Ark by overriding `pulp_site_upstream_username` and `pulp_site_upstream_password` with your vault encrypted Ark dev credentials. `dnf_repos_username` and `dnf_repos_password` must remain unset to access content from the local Pulp. Content can also be synced by running `ansible/adhoc/sync-pulp.yml`. By default this syncs repositories for Rocky 9.5 with x86_64 architecture, but can be overriden by setting extravars for `pulp_site_target_arch`, `pulp_site_target_distribution`, `pulp_site_target_distribution_version` and `pulp_site_target_distribution_version_major`. diff --git a/environments/.stackhpc/terraform/cluster_image.auto.tfvars.json b/environments/.stackhpc/terraform/cluster_image.auto.tfvars.json index 8061cf356..f9e568c3f 100644 --- a/environments/.stackhpc/terraform/cluster_image.auto.tfvars.json +++ b/environments/.stackhpc/terraform/cluster_image.auto.tfvars.json @@ -1,6 +1,6 @@ { "cluster_image": { - "RL8": "openhpc-RL8-250102-1135-8c98e169", - "RL9": "openhpc-RL9-250102-1135-8c98e169" + "RL8": "openhpc-RL8-250102-1138-77cfc703", + "RL9": "openhpc-RL9-250102-1139-77cfc703" } } diff --git a/environments/common/inventory/group_vars/all/defaults.yml b/environments/common/inventory/group_vars/all/defaults.yml index 8fe1eb402..f32d14c60 100644 --- a/environments/common/inventory/group_vars/all/defaults.yml +++ b/environments/common/inventory/group_vars/all/defaults.yml @@ -108,6 +108,9 @@ appliances_pulp_repos: '9.4': timestamp: 20241115T011711 path: rocky/9.4/BaseOS/x86_64/os + '9.5': + timestamp: 20241216T013503 + path: rocky/9.5/BaseOS/x86_64/os '8.10': timestamp: 20241217T123729 path: rocky/8.10/BaseOS/x86_64/os @@ -115,6 +118,9 @@ appliances_pulp_repos: '9.4': timestamp: 20241112T003151 path: rocky/9.4/AppStream/x86_64/os + '9.5': + timestamp: 20241217T005008 + path: rocky/9.5/AppStream/x86_64/os '8.10': timestamp: 20241217T123729 path: rocky/8.10/AppStream/x86_64/os @@ -122,6 +128,9 @@ appliances_pulp_repos: '9.4': timestamp: 20241115T003133 path: rocky/9.4/CRB/x86_64/os + '9.5': + timestamp: 20241217T005008 + path: rocky/9.5/CRB/x86_64/os '8.10': timestamp: 20241217T123729 path: rocky/8.10/PowerTools/x86_64/os @@ -129,6 +138,9 @@ appliances_pulp_repos: '9.4': timestamp: 20241118T002802 path: rocky/9.4/extras/x86_64/os + '9.5': + timestamp: 20241218T004632 + path: rocky/9.5/extras/x86_64/os '8.10': timestamp: 20241217T123729 path: rocky/8.10/extras/x86_64/os diff --git a/requirements.yml b/requirements.yml index 577ca1c78..2ede96950 100644 --- a/requirements.yml +++ b/requirements.yml @@ -25,7 +25,7 @@ roles: collections: - name: containers.podman - version: 1.10.2 + version: 1.16.2 - name: community.grafana version: 1.5.4 - name: https://github.com/stackhpc/ansible_collection_slurm_openstack_tools