diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index e9a948a0dc..0000000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1 +0,0 @@ -* @stackhpc/kayobe diff --git a/.github/auto-label.yaml b/.github/auto-label.yaml deleted file mode 100644 index 0adaf72840..0000000000 --- a/.github/auto-label.yaml +++ /dev/null @@ -1,55 +0,0 @@ ---- -path: - pullrequest: true - multipleLabelPaths: - - paths: - .automation: 'kayobe-automation' - .automation.conf: 'kayobe-automation' - - paths: - doc: 'documentation' - - paths: - .github: 'workflows' - etc: - kayobe: - enviromnents: - ci-aio: 'workflows' - ci-builder: 'workflows' - ci-multinode: 'workflows' - trivy: 'workflows' - terraform: 'workflows' - tools: - scan-images.sh: "workflows" - tox.ini: 'workflows' - - paths: - etc: - kayobe: - ansible: 'ansible' - ansible.cfg: 'ansible' - - paths: - etc: - kayobe: - kolla: - config: - fluentd: "monitoring" - grafana: "monitoring" - prometheus: "monitoring" - inventory: - group_vars: - prometheus-blackbox-exporter: "monitoring" - - paths: - etc: - kayobe: - kolla: - kolla-build.conf: "kolla" - kolla-image-tags.yml: "kolla" - kolla.yml: "kolla" - tools: - kolla-images.py: "kolla" - -staleness: - pullrequest: true - old: 30 - extraold: 90 - -requestsize: - enabled: true diff --git a/.github/cherry-pick-bot.yml b/.github/cherry-pick-bot.yml deleted file mode 100644 index 4e1570437d..0000000000 --- a/.github/cherry-pick-bot.yml +++ /dev/null @@ -1,3 +0,0 @@ ---- -enabled: true -preservePullRequestTitle: true diff --git a/.github/path-filters.yml b/.github/path-filters.yml deleted file mode 100644 index 574969c0c6..0000000000 --- a/.github/path-filters.yml +++ /dev/null @@ -1,31 +0,0 @@ -# This file is a list of path filters for the PR workflow in .github/workflows/stackhpc-pull-request.yml. -aio: &aio - - '.automation' - - '.automation.conf/config.sh' - - '.automation.conf/tempest/load-lists/default' - - '.automation.conf/tempest/load-lists/platform.2022.11-test-list.txt' - - '.automation.conf/tempest/load-lists/refstack-2019.11-test-list.txt' - - '.automation.conf/tempest/tempest-ci-aio.overrides.conf' - - '.github/workflows/stackhpc-all-in-one.yml' - - '.github/workflows/stackhpc-build-kayobe-image.yml' - - '.github/workflows/stackhpc-pull-request.yml' - - 'etc/kayobe/*.yml' - - 'etc/kayobe/ansible/configure-aio-resources.yml' - - 'etc/kayobe/ansible/stackhpc-openstack-tests.yml' - - 'etc/kayobe/ansible/growroot.yml' - - 'etc/kayobe/ansible/requirements.yml' - - 'etc/kayobe/ansible/scripts/aio-init.sh' - - 'etc/kayobe/environments/ci-aio/**' - - 'etc/kayobe/inventory/**' - - 'etc/kayobe/kolla/**' - - 'kayobe-env' - - 'requirements.txt' - - 'terraform/aio/**' -check-tags: &check-tags - - '.github/workflows/stackhpc-check-tags.yml' - - 'etc/kayobe/kolla-image-tags.yml' - - 'etc/kayobe/pulp.yml' - - 'tools/kolla-images.py' -build-kayobe-image: - - *aio - - *check-tags diff --git a/.github/workflows/amphora-image-build.yml b/.github/workflows/amphora-image-build.yml deleted file mode 100644 index 26bd7cdcd4..0000000000 --- a/.github/workflows/amphora-image-build.yml +++ /dev/null @@ -1,271 +0,0 @@ ---- -name: Build Amphora image -on: - workflow_dispatch: - inputs: - runner_env: - description: Which cloud to run on? - type: choice - default: SMS Lab - options: - - SMS Lab - - Leafcloud - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - CLOUDS_YAML: - required: true - OS_APPLICATION_CREDENTIAL_ID: - required: true - OS_APPLICATION_CREDENTIAL_SECRET: - required: true - -env: - ANSIBLE_FORCE_COLOR: True - KAYOBE_ENVIRONMENT: ci-builder - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} -jobs: - runner-selection: - uses: ./.github/workflows/runner-selector.yml - with: - runner_env: ${{ inputs.runner_env }} - amphora-image-build: - name: Build Amphora image - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - environment: ${{ inputs.runner_env }} - runs-on: ${{ needs.runner-selection.outputs.runner_name_image_build }} - needs: - - runner-selection - permissions: {} - steps: - - - name: Install Package - uses: ConorMacBride/install-package@main - with: - apt: git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq - - - name: Start the SSH service - run: | - sudo /etc/init.d/ssh start - - - name: Checkout - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' src/kayobe-config/.gitreview) - echo "BRANCH=$BRANCH" >> $GITHUB_OUTPUT - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - - # Generate a tag to apply to all built Amphora image. - - name: Generate Amphora image tag - id: image_tag - run: | - echo "image_tag=$(date +${{ steps.openstack_release.outputs.openstack_release }}-%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT - - - name: Display Amphora image tag - run: | - echo "${{ steps.image_tag.outputs.image_tag }}" - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Install terraform - uses: hashicorp/setup-terraform@v2 - - - name: Initialise terraform - run: terraform init - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate SSH keypair - run: ssh-keygen -f id_rsa -N '' - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate terraform.tfvars - run: | - cat << EOF > terraform.tfvars - ssh_public_key = "id_rsa.pub" - ssh_username = "ubuntu" - aio_vm_name = "skc-amphora-image-builder" - # Must be an Ubuntu Jammy host to successfully build all images - # This MUST NOT be an LVM image. It can cause confusing conficts with the built image. - aio_vm_image = "${{ vars.HOST_IMAGE_BUILD_IMAGE }}" - aio_vm_flavor = "${{ vars.HOST_IMAGE_BUILD_FLAVOR }}" - aio_vm_network = "${{ vars.HOST_IMAGE_BUILD_NETWORK }}" - aio_vm_subnet = "${{ vars.HOST_IMAGE_BUILD_SUBNET }}" - aio_vm_interface = "ens3" - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Terraform Plan - run: terraform plan - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: "openstack" - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Terraform Apply - run: | - for attempt in $(seq 5); do - if terraform apply -auto-approve; then - echo "Created infrastructure on attempt $attempt" - exit 0 - fi - echo "Failed to create infrastructure on attempt $attempt" - sleep 10 - terraform destroy -auto-approve - sleep 60 - done - echo "Failed to create infrastructure after $attempt attempts" - exit 1 - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Get Terraform outputs - id: tf_outputs - run: | - terraform output -json - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Write Terraform outputs - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml - ${{ steps.tf_outputs.outputs.stdout }} - EOF - - - name: Write Terraform network config - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-network-allocation.yml - --- - aio_ips: - builder: "{{ access_ip_v4.value }}" - EOF - - - name: Write Terraform network interface config - run: | - mkdir -p src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed - rm -f src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - cat << EOF > src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - admin_interface: "{{ access_interface.value }}" - aio_interface: "{{ access_interface.value }}" - EOF - - - name: Manage SSH keys - run: | - mkdir -p ~/.ssh - touch ~/.ssh/authorized_keys - cat src/kayobe-config/terraform/aio/id_rsa.pub >> ~/.ssh/authorized_keys - cp src/kayobe-config/terraform/aio/id_rsa* ~/.ssh/ - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe control host bootstrap - - - name: Configure the seed host (Builder VM) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host configure -e seed_bootstrap_user=ubuntu --skip-tags network - - - name: Install dependencies - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run \ - --command "sudo apt update && sudo apt -y install gcc git libffi-dev python3-dev python-is-python3 python3-venv" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Create Amphora image output directory - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run \ - --command "mkdir -p /opt/kayobe/images/amphora" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Build Octavia Amphora image - id: build_amphora - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run src/kayobe-config/etc/kayobe/ansible/octavia-amphora-image-build.yml -e amphora_image_dest=/opt/kayobe/images/amphora/amphora-x64-haproxy.qcow2 - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Show last error logs - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run --command "tail -200 /var/log/octavia-amphora-image-build.log" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: steps.build_amphora.outcome == 'failure' - - - name: Upload Octavia Amphora image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/amphora \ - -e artifact_tag=${{ steps.image_tag.outputs.image_tag }} \ - -e file_regex="*.qcow2" \ - -e repository_name="amphora-images-${{ steps.openstack_release.outputs.openstack_release }}" \ - -e pulp_base_path="amphora-images/${{ steps.openstack_release.outputs.openstack_release }}" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: steps.build_amphora.outcome == 'success' - - - name: Copy logs back to runner - continue-on-error: true - run: | - mkdir artifact - scp stack@$(jq -r .access_ip_v4.value src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml):/var/log/octavia-amphora-image-build.log ./artifact - if: always() - - - name: Fail if Amphora image builds failed - run: | - echo "Builds failed. See workflow artifacts for details." && - exit 1 - if: steps.build_amphora.outcome == 'failure' - - - name: Upload logs & image artifact - uses: actions/upload-artifact@v4 - with: - name: amphora-image-build-log - path: ./artifact - if: always() - - - name: Destroy - run: terraform destroy -auto-approve - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: always() diff --git a/.github/workflows/amphora-image-promote.yml b/.github/workflows/amphora-image-promote.yml deleted file mode 100644 index 3d1e6b8729..0000000000 --- a/.github/workflows/amphora-image-promote.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -name: Promote Amphora image -on: - workflow_dispatch: - inputs: - image_tag: - description: Tag to promote - type: string - required: true -env: - ANSIBLE_FORCE_COLOR: True -jobs: - amphora-image-promote: - name: Promote Amphora image - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' .gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - working-directory: src/kayobe-config - - - name: Setup networking - run: | - if ! ip l show breth1 >/dev/null 2>&1; then - sudo ip l add breth1 type bridge - fi - sudo ip l set breth1 up - if ! ip a show breth1 | grep 192.168.33.3/24; then - sudo ip a add 192.168.33.3/24 dev breth1 - fi - if ! ip l show dummy1 >/dev/null 2>&1; then - sudo ip l add dummy1 type dummy - fi - sudo ip l set dummy1 up - sudo ip l set dummy1 master breth1 - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe control host bootstrap - - - name: Promote Amphora image artifact - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-promote.yml \ - -e repository_name="amphora-images-${{ steps.openstack_release.outputs.openstack_release }}" \ - -e pulp_base_path="amphora-images/${{ steps.openstack_release.outputs.openstack_release }}" - env: - ARTIFACT_TAG: ${{ inputs.image_tag }} - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} diff --git a/.github/workflows/ipa-image-build.yml b/.github/workflows/ipa-image-build.yml deleted file mode 100644 index 59162afde6..0000000000 --- a/.github/workflows/ipa-image-build.yml +++ /dev/null @@ -1,356 +0,0 @@ ---- -name: Build IPA images -on: - workflow_dispatch: - inputs: - rocky9: - description: Build Rocky Linux 9 - type: boolean - default: true - ubuntu-noble: - description: Build Ubuntu 24.04 Noble - type: boolean - default: true - runner_env: - description: Which cloud to run on? - type: choice - default: SMS Lab - options: - - SMS Lab - - Leafcloud - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - CLOUDS_YAML: - required: true - OS_APPLICATION_CREDENTIAL_ID: - required: true - OS_APPLICATION_CREDENTIAL_SECRET: - required: true - -env: - ANSIBLE_FORCE_COLOR: True - KAYOBE_ENVIRONMENT: ci-builder - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} -jobs: - runner-selection: - uses: ./.github/workflows/runner-selector.yml - with: - runner_env: ${{ inputs.runner_env }} - - ipa-image-build: - name: Build IPA images - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - environment: ${{ inputs.runner_env }} - runs-on: ${{ needs.runner-selection.outputs.runner_name_image_build }} - needs: - - runner-selection - permissions: {} - steps: - - name: Install Package - uses: ConorMacBride/install-package@main - with: - apt: git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq - - - name: Start the SSH service - run: | - sudo /etc/init.d/ssh start - - - name: Checkout - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Output image tag of the builder - id: builder_image_tag - run: | - echo image_tag=$(grep stackhpc_rocky_9_overcloud_host_image_version: etc/kayobe/pulp-host-image-versions.yml | awk '{print $2}') >> $GITHUB_OUTPUT - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' src/kayobe-config/.gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - - - name: Generate IPA image tag - id: ipa_image_tag - run: | - echo "ipa_image_tag=$(date +${{ steps.openstack_release.outputs.openstack_release }}-%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT - - - name: Display IPA image tag - run: | - echo "${{ steps.ipa_image_tag.outputs.ipa_image_tag }}" - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Install terraform - uses: hashicorp/setup-terraform@v2 - - - name: Initialise terraform - run: terraform init - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate SSH keypair - run: ssh-keygen -f id_rsa -N '' - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate terraform.tfvars - run: | - cat << EOF > terraform.tfvars - ssh_public_key = "id_rsa.pub" - ssh_username = "ubuntu" - aio_vm_name = "skc-ipa-image-builder" - aio_vm_image = "${{ vars.HOST_IMAGE_BUILD_IMAGE }}" - aio_vm_flavor = "${{ vars.HOST_IMAGE_BUILD_FLAVOR }}" - aio_vm_network = "${{ vars.HOST_IMAGE_BUILD_NETWORK }}" - aio_vm_subnet = "${{ vars.HOST_IMAGE_BUILD_SUBNET }}" - aio_vm_interface = "ens3" - aio_vm_volume_size = "${{ vars.HOST_IMAGE_BUILD_VOLUME }}" - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Terraform Plan - run: terraform plan - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Terraform Apply - run: | - for attempt in $(seq 5); do - if terraform apply -auto-approve; then - echo "Created infrastructure on attempt $attempt" - exit 0 - fi - echo "Failed to create infrastructure on attempt $attempt" - sleep 10 - terraform destroy -auto-approve - sleep 60 - done - echo "Failed to create infrastructure after $attempt attempts" - exit 1 - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Get Terraform outputs - id: tf_outputs - run: | - terraform output -json - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Write Terraform outputs - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml - ${{ steps.tf_outputs.outputs.stdout }} - EOF - - - name: Write Terraform network config - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-network-allocation.yml - --- - aio_ips: - builder: "{{ access_ip_v4.value }}" - EOF - - - name: Write Terraform network interface config - run: | - mkdir -p src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed - rm -f src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - cat << EOF > src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - admin_interface: "{{ access_interface.value }}" - aio_interface: "{{ access_interface.value }}" - EOF - - - name: Manage SSH keys - run: | - mkdir -p ~/.ssh - touch ~/.ssh/authorized_keys - cat src/kayobe-config/terraform/aio/id_rsa.pub >> ~/.ssh/authorized_keys - cp src/kayobe-config/terraform/aio/id_rsa* ~/.ssh/ - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe control host bootstrap - - - name: Configure the seed host (Builder VM) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host configure \ - -e seed_bootstrap_user=ubuntu \ - --skip-tags network,apt,docker,docker-registry - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Install dependencies - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run \ - --command "sudo apt update && sudo apt -y install gcc git libffi-dev python3-dev python-is-python3 python3-venv" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Build a Ubuntu 24.04 Noble IPA image - id: build_ubuntu_noble_ipa - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe overcloud deployment image build --force-rebuild \ - -e os_distribution="ubuntu" \ - -e os_release="noble" \ - -e ipa_ci_builder_distribution="ubuntu" \ - -e ipa_ci_builder_release="noble" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble - - - name: Show last error logs - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run --command "tail -200 /opt/kayobe/images/ipa/ipa.stdout" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: steps.build_ubuntu_noble_ipa.outcome == 'failure' - - - name: Upload Ubuntu 24.04 Noble IPA kernel image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/ipa \ - -e artifact_type=ipa-images \ - -e artifact_tag=${{ steps.ipa_image_tag.outputs.ipa_image_tag }} \ - -e os_distribution="ubuntu" \ - -e os_release="noble" \ - -e file_regex='*.kernel' - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble && steps.build_ubuntu_noble_ipa.outcome == 'success' - - - name: Upload Ubuntu 24.04 Noble IPA ramdisk image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/ipa \ - -e artifact_type=ipa-images \ - -e artifact_tag=${{ steps.ipa_image_tag.outputs.ipa_image_tag }} \ - -e os_distribution="ubuntu" \ - -e os_release="noble" \ - -e file_regex='*.initramfs' - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble && steps.build_ubuntu_noble_ipa.outcome == 'success' - - - name: Build a Rocky 9 IPA image - id: build_rocky_9_ipa - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe overcloud deployment image build --force-rebuild \ - -e os_distribution="rocky" \ - -e os_release="9" \ - -e ipa_ci_builder_distribution="rocky" \ - -e ipa_ci_builder_release="9" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 - - - name: Show last error logs - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run --command "tail -200 /opt/kayobe/images/ipa/ipa.stdout" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: steps.build_rocky_9_ipa.outcome == 'failure' - - - name: Upload Rocky 9 IPA kernel image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/ipa \ - -e artifact_type=ipa-images \ - -e artifact_tag=${{ steps.ipa_image_tag.outputs.ipa_image_tag }} \ - -e os_distribution="rocky" \ - -e os_release="9" \ - -e file_regex='*.kernel' - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 && steps.build_rocky_9_ipa.outcome == 'success' - - - name: Upload Rocky 9 IPA ramdisk image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/ipa \ - -e artifact_type=ipa-images \ - -e artifact_tag=${{ steps.ipa_image_tag.outputs.ipa_image_tag }} \ - -e os_distribution="rocky" \ - -e os_release="9" \ - -e file_regex='*.initramfs' - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 && steps.build_rocky_9_ipa.outcome == 'success' - - - name: Copy logs back - continue-on-error: true - run: | - mkdir logs - scp -r ubuntu@$(jq -r .access_ip_v4.value src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml):/opt/kayobe/images/*/*.std* ./logs/ - if: always() - - - name: Upload logs artifact - uses: actions/upload-artifact@v4 - with: - name: Build logs - path: ./logs - - - name: Fail if the IPA image build failed - run: | - echo "Builds failed. See workflow artifacts for details." && - exit 1 - if: steps.build_rocky_9_ipa.outcome == 'failure' || - steps.build_ubuntu_noble_ipa.outcome == 'failure' - - - name: Destroy - run: terraform destroy -auto-approve - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: always() diff --git a/.github/workflows/ipa-image-promote.yml b/.github/workflows/ipa-image-promote.yml deleted file mode 100644 index 4d830796e0..0000000000 --- a/.github/workflows/ipa-image-promote.yml +++ /dev/null @@ -1,100 +0,0 @@ ---- -name: Promote IPA image -on: - workflow_dispatch: - inputs: - rocky9: - description: Promote Rocky Linux 9 - type: boolean - default: true - ubuntu-noble: - description: Promote Ubuntu 24.04 Noble - type: boolean - default: true - image_tag: - description: Tag to promote - type: string - required: true -env: - ANSIBLE_FORCE_COLOR: True -jobs: - ipa-image-promote: - name: Promote IPA image - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-latest - steps: - - name: Validate inputs - run: | - if [[ ${{ inputs.rocky9 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then - echo "At least one distribution must be selected" - exit 1 - fi - - - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' .gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - working-directory: src/kayobe-config - - - name: Setup networking - run: | - if ! ip l show breth1 >/dev/null 2>&1; then - sudo ip l add breth1 type bridge - fi - sudo ip l set breth1 up - if ! ip a show breth1 | grep 192.168.33.3/24; then - sudo ip a add 192.168.33.3/24 dev breth1 - fi - if ! ip l show dummy1 >/dev/null 2>&1; then - sudo ip l add dummy1 type dummy - fi - sudo ip l set dummy1 up - sudo ip l set dummy1 master breth1 - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe control host bootstrap - - - name: Promote Rocky Linux 9 IPA image artifact - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-promote.yml \ - -e artifact_type="ipa-images" \ - -e os_distribution='rocky' \ - -e os_release='9' - env: - ARTIFACT_TAG: ${{ inputs.image_tag }} - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 - - - name: Promote Ubuntu Noble 24.04 IPA image artifact - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-promote.yml \ - -e artifact_type="ipa-images" \ - -e os_distribution='ubuntu' \ - -e os_release='noble' - env: - ARTIFACT_TAG: ${{ inputs.image_tag }} - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble diff --git a/.github/workflows/multinode-inputs.py b/.github/workflows/multinode-inputs.py deleted file mode 100644 index 930b4c776e..0000000000 --- a/.github/workflows/multinode-inputs.py +++ /dev/null @@ -1,83 +0,0 @@ -# Generate inputs for the reusable multinode.yml workflow. -# The test scenario is randomly selected. -# The inputs are printed to stdout in GitHub step output key=value format. - -from dataclasses import dataclass -import random -import typing as t - - -@dataclass -class OSRelease: - distribution: str - release: str - ssh_username: str - - -@dataclass -class OpenStackRelease: - version: str - previous_version: str - os_releases: t.List[OSRelease] - - -@dataclass -class Scenario: - openstack_release: OpenStackRelease - os_release: OSRelease - neutron_plugin: str - upgrade: str - - -ROCKY_9 = OSRelease("rocky", "9", "cloud-user") -UBUNTU_JAMMY = OSRelease("ubuntu", "jammy", "ubuntu") -UBUNTU_NOBLE = OSRelease("ubuntu", "noble", "ubuntu") -# NOTE(upgrade): Add supported releases here. -OPENSTACK_RELEASES = [ - OpenStackRelease("2023.1", "zed", [ROCKY_9, UBUNTU_JAMMY]), - OpenStackRelease("2024.1", "2023.1", [ROCKY_9, UBUNTU_JAMMY]), - OpenStackRelease("2025.1", "2024.1", [ROCKY_9, UBUNTU_NOBLE]), -] -NEUTRON_PLUGINS = ["ovs", "ovn"] - - -def main() -> None: - scenario = random_scenario() - inputs = generate_inputs(scenario) - for name, value in inputs.items(): - write_output(name, value) - - -def random_scenario() -> Scenario: - openstack_release = random.choice(OPENSTACK_RELEASES) - os_release = random.choice(openstack_release.os_releases) - neutron_plugin = random.choice(NEUTRON_PLUGINS) - upgrade = 'major' if random.random() > 0.6 else 'none' - return Scenario(openstack_release, os_release, neutron_plugin, upgrade) - - -def generate_inputs(scenario: Scenario) -> t.Dict[str, str]: - branch = get_branch(scenario.openstack_release.version) - previous_branch = get_branch(scenario.openstack_release.previous_version) - inputs = { - "os_distribution": scenario.os_release.distribution, - "os_release": scenario.os_release.release, - "ssh_username": scenario.os_release.ssh_username, - "neutron_plugin": scenario.neutron_plugin, - "upgrade": scenario.upgrade, - "stackhpc_kayobe_config_version": branch, - "stackhpc_kayobe_config_previous_version": previous_branch, - } - return inputs - - -def get_branch(version: str) -> str: - return f"stackhpc/{version}" - - -def write_output(name: str, value: str) -> None: - print(f"{name}={value}") - - -if __name__ == "__main__": - main() diff --git a/.github/workflows/overcloud-host-image-build.yml b/.github/workflows/overcloud-host-image-build.yml deleted file mode 100644 index 54777bd6cb..0000000000 --- a/.github/workflows/overcloud-host-image-build.yml +++ /dev/null @@ -1,392 +0,0 @@ ---- -name: Build overcloud host images -on: - workflow_dispatch: - inputs: - rocky9: - description: Build Rocky Linux 9 - type: boolean - default: true - ubuntu-noble: - description: Build Ubuntu 24.04 Noble - type: boolean - default: true - runner_env: - description: Which cloud to run on? - type: choice - default: SMS Lab - options: - - SMS Lab - - Leafcloud - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - CLOUDS_YAML: - required: true - OS_APPLICATION_CREDENTIAL_ID: - required: true - OS_APPLICATION_CREDENTIAL_SECRET: - required: true - -env: - ANSIBLE_FORCE_COLOR: True - KAYOBE_ENVIRONMENT: ci-builder - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} -jobs: - runner-selection: - uses: ./.github/workflows/runner-selector.yml - with: - runner_env: ${{ inputs.runner_env }} - overcloud-host-image-build: - name: Build overcloud host images - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - environment: ${{ inputs.runner_env }} - runs-on: ${{ needs.runner-selection.outputs.runner_name_image_build }} - needs: - - runner-selection - permissions: {} - steps: - - name: Validate inputs - run: | - if [[ ${{ inputs.rocky9 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then - echo "At least one distribution must be selected" - exit 1 - fi - - - name: Install Package - uses: ConorMacBride/install-package@main - with: - apt: git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq - - - name: Start the SSH service - run: | - sudo /etc/init.d/ssh start - - - name: Checkout - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Output image tag of the builder - id: builder_image_tag - run: | - echo image_tag=$(grep stackhpc_rocky_9_overcloud_host_image_version: etc/kayobe/pulp-host-image-versions.yml | awk '{print $2}') >> $GITHUB_OUTPUT - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' src/kayobe-config/.gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - - # Generate a tag to apply to all built overcloud host images. - - name: Generate overcloud host image tag - id: host_image_tag - run: | - echo "host_image_tag=$(date +${{ steps.openstack_release.outputs.openstack_release }}-%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT - - - name: Display overcloud host image tag - run: | - echo "${{ steps.host_image_tag.outputs.host_image_tag }}" - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Install terraform - uses: hashicorp/setup-terraform@v2 - - - name: Initialise terraform - run: terraform init - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate SSH keypair - run: ssh-keygen -f id_rsa -N '' - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate terraform.tfvars - run: | - cat << EOF > terraform.tfvars - ssh_public_key = "id_rsa.pub" - ssh_username = "ubuntu" - aio_vm_name = "skc-host-image-builder" - # Must be an Ubuntu Noble host to successfully build all images - # This MUST NOT be an LVM image. It can cause confusing conficts with the built image. - aio_vm_image = "${{ vars.HOST_IMAGE_BUILD_IMAGE }}" - aio_vm_flavor = "${{ vars.HOST_IMAGE_BUILD_FLAVOR }}" - aio_vm_network = "${{ vars.HOST_IMAGE_BUILD_NETWORK }}" - aio_vm_subnet = "${{ vars.HOST_IMAGE_BUILD_SUBNET }}" - aio_vm_interface = "ens3" - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Terraform Plan - run: terraform plan - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Terraform Apply - run: | - for attempt in $(seq 5); do - if terraform apply -auto-approve; then - echo "Created infrastructure on attempt $attempt" - exit 0 - fi - echo "Failed to create infrastructure on attempt $attempt" - sleep 10 - terraform destroy -auto-approve - sleep 60 - done - echo "Failed to create infrastructure after $attempt attempts" - exit 1 - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Get Terraform outputs - id: tf_outputs - run: | - terraform output -json - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Write Terraform outputs - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml - ${{ steps.tf_outputs.outputs.stdout }} - EOF - - - name: Write Terraform network config - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-builder/tf-network-allocation.yml - --- - aio_ips: - builder: "{{ access_ip_v4.value }}" - EOF - - - name: Write Terraform network interface config - run: | - mkdir -p src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed - rm -f src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - cat << EOF > src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - admin_interface: "{{ access_interface.value }}" - aio_interface: "{{ access_interface.value }}" - EOF - - - name: Manage SSH keys - run: | - mkdir -p ~/.ssh - touch ~/.ssh/authorized_keys - cat src/kayobe-config/terraform/aio/id_rsa.pub >> ~/.ssh/authorized_keys - cp src/kayobe-config/terraform/aio/id_rsa* ~/.ssh/ - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe control host bootstrap - - - name: Configure the seed host (Builder VM) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host configure -e seed_bootstrap_user=ubuntu --skip-tags network - - - name: Install dependencies - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run \ - --command "sudo apt update && sudo apt -y install gcc git libffi-dev python3-dev python-is-python3 python3-venv" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Create bifrost_httpboot Docker volume - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run --command "sudo mkdir -p /var/lib/docker/volumes/bifrost_httpboot/_data" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Build a Rocky Linux 9 overcloud host image - id: build_rocky_9 - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe overcloud host image build --force-rebuild \ - -e os_distribution="rocky" \ - -e os_release="9" \ - -e stackhpc_overcloud_dib_name=overcloud-rocky-9 - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 - - - name: Show last error logs - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run --command "tail -200 /opt/kayobe/images/overcloud-rocky-9/overcloud-rocky-9.stdout" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: steps.build_rocky_9.outcome == 'failure' - - - name: Upload Rocky Linux 9 overcloud host image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/overcloud-rocky-9 \ - -e artifact_tag=${{ steps.host_image_tag.outputs.host_image_tag }} \ - -e artifact_type="kayobe-images" \ - -e file_regex="*.qcow2" \ - -e os_distribution="rocky" \ - -e os_release="9" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 && steps.build_rocky_9.outcome == 'success' - - - name: Upload Rocky Linux 9 overcloud host image to current Dev Cloud (SMS/Leafcloud) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/openstack-host-image-upload.yml \ - -e local_image_path="/opt/kayobe/images/overcloud-rocky-9/overcloud-rocky-9.qcow2" \ - -e image_name=overcloud-rocky-9-${{ steps.host_image_tag.outputs.host_image_tag }} - env: - CLOUDS_YAML: ${{ secrets.CLOUDS_YAML }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: inputs.rocky9 && steps.build_rocky_9.outcome == 'success' - - - name: Upload Rocky Linux 9 overcloud host image to other Dev Cloud (Leafcloud/SMS) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/openstack-host-image-upload.yml \ - -e local_image_path="/opt/kayobe/images/overcloud-rocky-9/overcloud-rocky-9.qcow2" \ - -e image_name=overcloud-rocky-9-${{ steps.host_image_tag.outputs.host_image_tag }} - env: - CLOUDS_YAML: ${{ secrets.CLOUDS_YAML_OTHER_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID_OTHER_CLOUD }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET_OTHER_CLOUD }} - if: inputs.rocky9 && steps.build_rocky_9.outcome == 'success' - - - name: Build an Ubuntu Noble 24.04 overcloud host image - id: build_ubuntu_noble - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe overcloud host image build --force-rebuild \ - -e os_distribution="ubuntu" \ - -e os_release="noble" \ - -e stackhpc_overcloud_dib_name=overcloud-ubuntu-noble - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble - - - name: Show last error logs - continue-on-error: true - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed host command run --command "tail -200 /opt/kayobe/images/overcloud-ubuntu-noble/overcloud-ubuntu-noble.stdout" --show-output - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: steps.build_ubuntu_noble.outcome == 'failure' - - - name: Upload Ubuntu Noble 24.04 overcloud host image to Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-upload.yml \ - -e artifact_path=/opt/kayobe/images/overcloud-ubuntu-noble \ - -e artifact_tag=${{ steps.host_image_tag.outputs.host_image_tag }} \ - -e artifact_type="kayobe-images" \ - -e file_regex="*.qcow2" \ - -e os_distribution="ubuntu" \ - -e os_release="noble" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble && steps.build_ubuntu_noble.outcome == 'success' - - - name: Upload Ubuntu Noble overcloud host image to current Dev Cloud (SMS/Leafcloud) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/openstack-host-image-upload.yml \ - -e local_image_path="/opt/kayobe/images/overcloud-ubuntu-noble/overcloud-ubuntu-noble.qcow2" \ - -e image_name=overcloud-ubuntu-noble-${{ steps.host_image_tag.outputs.host_image_tag }} - env: - CLOUDS_YAML: ${{ secrets.CLOUDS_YAML }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: inputs.ubuntu-noble && steps.build_ubuntu_noble.outcome == 'success' - - - name: Upload Ubuntu Noble overcloud host image to other Dev Cloud (Leafcloud/SMS) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/openstack-host-image-upload.yml \ - -e local_image_path="/opt/kayobe/images/overcloud-ubuntu-noble/overcloud-ubuntu-noble.qcow2" \ - -e image_name=overcloud-ubuntu-noble-${{ steps.host_image_tag.outputs.host_image_tag }} - env: - CLOUDS_YAML: ${{ secrets.CLOUDS_YAML_OTHER_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID_OTHER_CLOUD }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET_OTHER_CLOUD }} - if: inputs.ubuntu-noble && steps.build_ubuntu_noble.outcome == 'success' - - - name: Copy logs back - continue-on-error: true - run: | - mkdir logs - scp -r ubuntu@$(jq -r .access_ip_v4.value src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml):/opt/kayobe/images/*/*.std* ./logs/ - scp -r ubuntu@$(jq -r .access_ip_v4.value src/kayobe-config/etc/kayobe/environments/ci-builder/tf-outputs.yml):/tmp/updated_images.txt ./logs/ || true - if: always() - - - name: Fail if any overcloud host image builds failed - run: | - echo "Builds failed. See workflow artifacts for details." && - exit 1 - if: steps.build_rocky_9.outcome == 'failure' || - steps.build_ubuntu_noble.outcome == 'failure' - - - name: Upload logs artifact - uses: actions/upload-artifact@v4 - with: - name: Build logs - path: ./logs - if: always() - - - name: Destroy - run: terraform destroy -auto-approve - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: always() diff --git a/.github/workflows/overcloud-host-image-promote.yml b/.github/workflows/overcloud-host-image-promote.yml deleted file mode 100644 index 960dbc0df8..0000000000 --- a/.github/workflows/overcloud-host-image-promote.yml +++ /dev/null @@ -1,100 +0,0 @@ ---- -name: Promote overcloud host image -on: - workflow_dispatch: - inputs: - rocky9: - description: Promote Rocky Linux 9 - type: boolean - default: true - ubuntu-noble: - description: Promote Ubuntu 24.04 Noble - type: boolean - default: true - image_tag: - description: Tag to promote - type: string - required: true -env: - ANSIBLE_FORCE_COLOR: True -jobs: - overcloud-host-image-promote: - name: Promote overcloud host image - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-24.04 - steps: - - name: Validate inputs - run: | - if [[ ${{ inputs.rocky9 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then - echo "At least one distribution must be selected" - exit 1 - fi - - - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' .gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - working-directory: src/kayobe-config - - - name: Setup networking - run: | - if ! ip l show breth1 >/dev/null 2>&1; then - sudo ip l add breth1 type bridge - fi - sudo ip l set breth1 up - if ! ip a show breth1 | grep 192.168.33.3/24; then - sudo ip a add 192.168.33.3/24 dev breth1 - fi - if ! ip l show dummy1 >/dev/null 2>&1; then - sudo ip l add dummy1 type dummy - fi - sudo ip l set dummy1 up - sudo ip l set dummy1 master breth1 - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe control host bootstrap - - - name: Promote Rocky Linux 9 overcloud host image artifact - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-promote.yml \ - -e artifact_type="kayobe-images" \ - -e os_distribution='rocky' \ - -e os_release='9' - env: - ARTIFACT_TAG: ${{ inputs.image_tag }} - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 - - - name: Promote Ubuntu Noble 24.04 overcloud host image artifact - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-artifact-promote.yml \ - -e artifact_type="kayobe-images" \ - -e os_distribution='ubuntu' \ - -e os_release='noble' - env: - ARTIFACT_TAG: ${{ inputs.image_tag }} - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble diff --git a/.github/workflows/overcloud-host-image-upload.yml b/.github/workflows/overcloud-host-image-upload.yml deleted file mode 100644 index f0b7df0092..0000000000 --- a/.github/workflows/overcloud-host-image-upload.yml +++ /dev/null @@ -1,187 +0,0 @@ ---- -name: Upload overcloud host images -on: - workflow_dispatch: - inputs: - rocky9: - description: Upload Rocky Linux 9 - type: boolean - default: true - ubuntu-noble: - description: Upload Ubuntu 24.04 Noble - type: boolean - default: true - kayobe-environment: - description: Kayobe environment to use - type: string - default: "ci-builder" - runner_env: - description: Which cloud to run on? - type: choice - default: SMS Lab - options: - - SMS Lab - - Leafcloud - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - CLOUDS_YAML: - required: true - OS_APPLICATION_CREDENTIAL_ID: - required: true - OS_APPLICATION_CREDENTIAL_SECRET: - required: true - -env: - ANSIBLE_FORCE_COLOR: True -jobs: - runner-selection: - uses: ./.github/workflows/runner-selector.yml - with: - runner_env: ${{ inputs.runner_env }} - overcloud-host-image-upload: - name: Upload overcloud host images - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - environment: ${{ inputs.runner_env }} - runs-on: ${{ needs.runner-selection.outputs.runner_name_image_build }} - needs: - - runner-selection - permissions: {} - steps: - - name: Validate inputs - run: | - if [[ ${{ inputs.rocky9 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then - echo "At least one distribution must be selected" - exit 1 - fi - - - name: Install package dependencies - run: | - sudo apt update - sudo apt install -y build-essential git unzip nodejs python3-wheel python3-pip python3-venv - - - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' src/kayobe-config/.gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ${{ inputs.kayobe-environment }} && - kayobe control host bootstrap --skip-tags bootstrap - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - - - name: Install OpenStack client - run: | - source venvs/kayobe/bin/activate && - pip install python-openstackclient -c https://raw.githubusercontent.com/stackhpc/requirements/refs/heads/stackhpc/${{ steps.openstack_release.outputs.openstack_release }}/upper-constraints.txt - - - name: Output Rocky Linux 9 image tag - id: rocky_9_image_tag - run: | - echo image_tag=$(grep stackhpc_rocky_9_overcloud_host_image_version: src/kayobe-config/etc/kayobe/pulp-host-image-versions.yml | awk '{print $2}') >> $GITHUB_OUTPUT - - - name: Check if image exists already - id: rocky_9_image_exists - run: | - source venvs/kayobe/bin/activate && - openstack image show \ - overcloud-rocky-9-${{ steps.rocky_9_image_tag.outputs.image_tag }} - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - continue-on-error: true - - - name: Download Rocky Linux 9 overcloud host image from Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ${{ inputs.kayobe-environment }} && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-host-image-download.yml \ - -e os_distribution="rocky" \ - -e os_release="9" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.rocky9 && steps.rocky_9_image_exists.outcome == 'failure' - - - name: Upload Rocky Linux 9 overcloud host image to Cloud - run: | - source venvs/kayobe/bin/activate && - openstack image create \ - overcloud-rocky-9-${{ steps.rocky_9_image_tag.outputs.image_tag }} \ - --container-format bare \ - --disk-format qcow2 \ - --file /tmp/rocky-9.qcow2 \ - --private \ - --progress - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: inputs.rocky9 && steps.rocky_9_image_exists.outcome == 'failure' - - - name: Output Ubuntu Noble image tag - id: ubuntu_noble_image_tag - run: | - echo image_tag=$(grep stackhpc_ubuntu_noble_overcloud_host_image_version: src/kayobe-config/etc/kayobe/pulp-host-image-versions.yml | awk '{print $2}') >> $GITHUB_OUTPUT - - - name: Check if image exists already - id: ubuntu_noble_image_exists - run: | - source venvs/kayobe/bin/activate && - openstack image show \ - overcloud-ubuntu-noble-${{ steps.ubuntu_noble_image_tag.outputs.image_tag }} - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - continue-on-error: true - - - name: Download Ubuntu Noble 24.04 overcloud host image from Ark - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ${{ inputs.kayobe-environment }} && - kayobe playbook run \ - src/kayobe-config/etc/kayobe/ansible/pulp-host-image-download.yml \ - -e os_distribution="ubuntu" \ - -e os_release="noble" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.ubuntu-noble && steps.ubuntu_noble_image_exists.outcome == 'failure' - - - name: Upload Ubuntu Noble 24.04 overcloud host image to Cloud - run: | - source venvs/kayobe/bin/activate && - openstack image create \ - overcloud-ubuntu-noble-${{ steps.ubuntu_noble_image_tag.outputs.image_tag }} \ - --container-format bare \ - --disk-format qcow2 \ - --file /tmp/ubuntu-noble.qcow2 \ - --private \ - --progress - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: inputs.ubuntu-noble && steps.ubuntu_noble_image_exists.outcome == 'failure' diff --git a/.github/workflows/package-build-ofed.yml b/.github/workflows/package-build-ofed.yml deleted file mode 100644 index 4dd23065f9..0000000000 --- a/.github/workflows/package-build-ofed.yml +++ /dev/null @@ -1,248 +0,0 @@ ---- -name: Build OFED kernel modules -on: - workflow_dispatch: - inputs: - rocky9: - description: Build Rocky Linux 9 - type: boolean - default: true - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - CLOUDS_YAML: - required: true - OS_APPLICATION_CREDENTIAL_ID: - required: true - OS_APPLICATION_CREDENTIAL_SECRET: - required: true - -env: - ANSIBLE_FORCE_COLOR: True - KAYOBE_ENVIRONMENT: ci-doca-builder - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} -jobs: - overcloud-ofed-packages: - name: Build OFED kernel modules - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: arc-skc-host-image-builder-runner - permissions: {} - steps: - - name: Generate OFED tag - id: ofed_tag - run: | - echo "ofed_tag=$(date +%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT - - - name: Install Package - uses: ConorMacBride/install-package@main - with: - apt: git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq - - - name: Start the SSH service - run: | - sudo /etc/init.d/ssh start - - - name: Checkout - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - - name: Install terraform - uses: hashicorp/setup-terraform@v2 - - - name: Initialise terraform - run: terraform init - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate SSH keypair - run: ssh-keygen -f id_rsa -N '' - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Output image tag - id: image_tag - run: | - echo image_tag=$(grep stackhpc_rocky_9_overcloud_host_image_version: etc/kayobe/pulp-host-image-versions.yml | awk '{print $2}') >> $GITHUB_OUTPUT - working-directory: ${{ github.workspace }}/src/kayobe-config - - # Use the image override if set, otherwise use overcloud-os_distribution-os_release-tag - - name: Output image name - id: image_name - run: | - echo image_name=overcloud-rocky-9-${{ steps.image_tag.outputs.image_tag }} >> $GITHUB_OUTPUT - - - name: Generate terraform.tfvars - run: | - cat << EOF > terraform.tfvars - ssh_public_key = "id_rsa.pub" - ssh_username = "cloud-user" - aio_vm_name = "skc-ofed-builder" - aio_vm_image = "${{ env.VM_IMAGE }}" - aio_vm_flavor = "en1.medium" - aio_vm_network = "stackhpc-ci" - aio_vm_subnet = "stackhpc-ci" - aio_vm_interface = "ens3" - EOF - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - VM_IMAGE: ${{ steps.image_name.outputs.image_name }} - - - name: Terraform Plan - run: terraform plan - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: "openstack" - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Terraform Apply - run: | - for attempt in $(seq 5); do - if terraform apply -auto-approve; then - echo "Created infrastructure on attempt $attempt" - exit 0 - fi - echo "Failed to create infrastructure on attempt $attempt" - sleep 10 - terraform destroy -auto-approve - sleep 60 - done - echo "Failed to create infrastructure after $attempt attempts" - exit 1 - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: "openstack" - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Get Terraform outputs - id: tf_outputs - run: | - terraform output -json - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - - - name: Write Terraform outputs - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-doca-builder/tf-outputs.yml - ${{ steps.tf_outputs.outputs.stdout }} - EOF - - - name: Write Terraform network config - run: | - cat << EOF > src/kayobe-config/etc/kayobe/environments/ci-doca-builder/tf-network-allocation.yml - --- - aio_ips: - builder: "{{ access_ip_v4.value }}" - EOF - - - name: Write Terraform network interface config - run: | - mkdir -p src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed - rm -f src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - cat << EOF > src/kayobe-config/etc/kayobe/environments/$KAYOBE_ENVIRONMENT/inventory/group_vars/seed/network-interfaces - admin_interface: "{{ access_interface.value }}" - aio_interface: "{{ access_interface.value }}" - EOF - - - name: Manage SSH keys - run: | - mkdir -p ~/.ssh - touch ~/.ssh/authorized_keys - cat src/kayobe-config/terraform/aio/id_rsa.pub >> ~/.ssh/authorized_keys - cp src/kayobe-config/terraform/aio/id_rsa* ~/.ssh/ - - - name: Bootstrap the control host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe control host bootstrap - - - name: Run growroot playbook - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe playbook run src/kayobe-config/etc/kayobe/ansible/growroot.yml - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Configure the seed host (Builder VM) - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe seed host configure --skip-tags network,docker,docker-registry - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Run a distro-sync - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe seed host command run --become --command "dnf distro-sync --refresh --assumeyes" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Reset BLS entries on the seed host - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe playbook run src/kayobe-config/etc/kayobe/ansible/reset-bls-entries.yml \ - -e "reset_bls_host=ofed-builder" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Disable noexec in /var/tmp - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe seed host command run --become --command "sed -i 's/noexec,//g' /etc/fstab" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Reboot to apply the kernel update - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe playbook run src/kayobe-config/etc/kayobe/ansible/reboot.yml - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Run OFED builder playbook - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe playbook run src/kayobe-config/etc/kayobe/ansible/build-ofed-rocky.yml - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Run OFED upload playbook - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-doca-builder && - kayobe playbook run src/kayobe-config/etc/kayobe/ansible/push-ofed.yml \ - -e "ofed_tag=${{ steps.ofed_tag.outputs.ofed_tag }}" - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Destroy - run: terraform destroy -auto-approve - working-directory: ${{ github.workspace }}/src/kayobe-config/terraform/aio - env: - OS_CLOUD: openstack - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: always() diff --git a/.github/workflows/runner-selector.yml b/.github/workflows/runner-selector.yml deleted file mode 100644 index f825ec6042..0000000000 --- a/.github/workflows/runner-selector.yml +++ /dev/null @@ -1,48 +0,0 @@ ---- -name: Create output for `runs-on` variable - -on: - workflow_call: - inputs: - runner_env: - description: 'The environment input from caller workflow' - default: 'SMS Lab' - required: True - type: string - outputs: - runner_name_image_build: - description: "Image builder runner name" - value: ${{ jobs.define_runner.outputs.image-build-runner }} - runner_name_container_image_build: - description: "Container image build runner name" - value: ${{ jobs.define_runner.outputs.container-image-build-runner }} - runner_name_aio: - description: "AiO runner name" - value: ${{ jobs.define_runner.outputs.aio-runner }} - -jobs: - define_runner: - environment: ${{ inputs.runner_env }} - runs-on: ubuntu-latest - outputs: - image-build-runner: ${{ steps.builder-runner.outputs.runner_name_image_build }} - container-image-build-runner: ${{ steps.container-image-build-runner.outputs.runner_name_container_image_build }} - aio-runner: ${{ steps.aio-runner.outputs.runner_name_aio }} - steps: - - name: Set output for image builder runner - run: echo "Setting runner for ${{ inputs.runner_env }} -> ${{ vars.RUNS_ON_TARGET_IMAGE_BUILDER }}" - - - id: builder-runner - run: echo "runner_name_image_build=${{ vars.RUNS_ON_TARGET_IMAGE_BUILDER }}" >> $GITHUB_OUTPUT - - - name: Set output for container image build runner - run: echo "Setting runner for ${{ inputs.runner_env }} -> ${{ vars.RUNS_ON_TARGET_CONTAINER_IMAGE_BUILDER }}" - - - id: container-image-build-runner - run: echo "runner_name_container_image_build=${{ vars.RUNS_ON_TARGET_CONTAINER_IMAGE_BUILDER }}" >> $GITHUB_OUTPUT - - - name: Set output for aio runner - run: echo "Setting runner for ${{ inputs.runner_env }} -> ${{ vars.RUNS_ON_TARGET_AIO }}" - - - id: aio-runner - run: echo "runner_name_aio=${{ vars.RUNS_ON_TARGET_AIO }}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml deleted file mode 100644 index a1c2e78ed0..0000000000 --- a/.github/workflows/stackhpc-all-in-one.yml +++ /dev/null @@ -1,496 +0,0 @@ ---- -# This reusable workflow deploys a VM on a cloud using Terraform, then deploys -# OpenStack in the VM via Kayobe. Tempest is then used to test the cloud. - -name: All in one - -on: - workflow_call: - inputs: - runner_env: - description: Which cloud to run on? - type: string - default: SMS Lab - kayobe_image: - description: Kayobe container image - type: string - required: true - os_distribution: - description: Host OS distribution - type: string - default: rocky - os_release: - description: Host OS release - type: string - default: '9' - ssh_username: - description: User for terraform to access the all-in-one VM - type: string - default: cloud-user - neutron_plugin: - description: Neutron ML2 plugin - type: string - required: true - vm_image_override: - description: Full name of an image to use instead of the default - type: string - default: "" - vm_interface: - description: Default network interface name - type: string - default: ens3 - OS_CLOUD: - description: Name of cloud in clouds.yaml - type: string - required: true - if: - description: Whether to run the workflow (workaround for required status checks issue) - type: boolean - default: true - upgrade: - description: Whether to perform an upgrade - type: boolean - default: false - stackhpc_cloud_tests_version: - description: Git version of https://github.com/stackhpc/stackhpc-cloud-tests to use for testing - type: string - default: main - repository: - description: SKC repository to checkout (convenience for external CI) - type: string - default: ${{ github.repository }} - github_ref: - description: Git ref to checkout (convenience for external CI) - type: string - default: ${{ github.ref }} - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - CLOUDS_YAML: - required: true - OS_APPLICATION_CREDENTIAL_ID: - required: true - OS_APPLICATION_CREDENTIAL_SECRET: - required: true - -jobs: - runner-selection: - uses: ./.github/workflows/runner-selector.yml - with: - runner_env: ${{ inputs.upgrade == true && 'Leafcloud' || inputs.runner_env }} - # NOTE: Runner needs unzip and nodejs packages. - all-in-one: - name: All in one - if: ${{ inputs.if && !cancelled() }} - environment: ${{ inputs.upgrade == true && 'Leafcloud' || inputs.runner_env }} - runs-on: ${{ needs.runner-selection.outputs.runner_name_aio }} - needs: - - runner-selection - permissions: {} - env: - KAYOBE_ENVIRONMENT: ci-aio - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - KAYOBE_IMAGE: ${{ inputs.kayobe_image }} - # NOTE(upgrade): Reference the PREVIOUS release here. - PREVIOUS_KAYOBE_IMAGE: ghcr.io/stackhpc/stackhpc-kayobe-config:stackhpc-2024.1 - # NOTE(upgrade): Reference the PREVIOUS release branch here. - PREVIOUS_BRANCH: stackhpc/2024.1 - steps: - - name: Install Package - uses: ConorMacBride/install-package@main - with: - apt: git unzip nodejs openssh-client - - # If testing upgrade, checkout previous release, otherwise checkout current branch - - name: Checkout ${{ inputs.upgrade && 'previous release' || 'current' }} config - uses: actions/checkout@v4 - with: - repository: ${{ inputs.repository }} - ref: ${{ inputs.upgrade && env.PREVIOUS_BRANCH || inputs.github_ref }} - submodules: true - - - name: Output Kayobe image - id: kayobe_image - run: | - if ${{ inputs.upgrade }}; then - kayobe_image=$PREVIOUS_KAYOBE_IMAGE - else - kayobe_image=$KAYOBE_IMAGE - fi - echo kayobe_image=$kayobe_image >> $GITHUB_OUTPUT - - - name: Make sure dockerd is running and test Docker - run: | - docker ps - - - name: Output image tag - id: image_tag - run: | - echo image_tag=$(grep stackhpc_${{ inputs.os_distribution }}_$(sed s/-/_/ <(echo "${{ inputs.os_release }}"))_overcloud_host_image_version: etc/kayobe/pulp-host-image-versions.yml | awk '{print $2}') >> $GITHUB_OUTPUT - - # Use the image override if set, otherwise use overcloud-os_distribution-os_release-tag - - name: Output image name - id: image_name - run: | - if [ -z "${{ inputs.vm_image_override }}" ]; then - echo image_name=overcloud-${{ inputs.os_distribution }}-${{ inputs.os_release }}-${{ steps.image_tag.outputs.image_tag }} >> $GITHUB_OUTPUT - else - echo image_name=${{ inputs.vm_image_override }} >> $GITHUB_OUTPUT - fi - - - name: Install terraform - uses: hashicorp/setup-terraform@v2 - - - name: Initialise terraform - run: terraform init - working-directory: ${{ github.workspace }}/terraform/aio - - - name: Generate SSH keypair - run: ssh-keygen -f id_rsa -N '' - working-directory: ${{ github.workspace }}/terraform/aio - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - working-directory: ${{ github.workspace }}/terraform/aio - - - name: Generate terraform.tfvars - run: | - cat << EOF > terraform.tfvars - ssh_public_key = "id_rsa.pub" - ssh_username = "${{ env.SSH_USERNAME }}" - aio_vm_interface = "${{ env.VM_INTERFACE }}" - aio_vm_name = "${{ env.VM_NAME }}" - aio_vm_image = "${{ env.VM_IMAGE }}" - aio_vm_flavor = "${{ vars.HOST_IMAGE_BUILD_FLAVOR }}" - aio_vm_network = "${{ vars.HOST_IMAGE_BUILD_NETWORK }}" - aio_vm_subnet = "${{ vars.HOST_IMAGE_BUILD_SUBNET }}" - aio_vm_volume_size = "${{ env.VM_VOLUME_SIZE }}" - aio_vm_tags = ${{ env.VM_TAGS }} - EOF - working-directory: ${{ github.workspace }}/terraform/aio - env: - SSH_USERNAME: "${{ inputs.ssh_username }}" - VM_NAME: "skc-ci-aio-${{ inputs.neutron_plugin }}-${{ github.run_id }}" - VM_IMAGE: ${{ steps.image_name.outputs.image_name }} - VM_INTERFACE: ${{ inputs.vm_interface }} - VM_VOLUME_SIZE: ${{ inputs.upgrade && '75' || '50' }} - VM_TAGS: '["skc-ci-aio", "PR=${{ github.event.number }}"]' - - - name: Terraform Plan - run: terraform plan - working-directory: ${{ github.workspace }}/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Terraform Apply - id: tf_apply - run: | - for attempt in $(seq 5); do - if terraform apply -auto-approve; then - echo "Created infrastructure on attempt $attempt" - exit 0 - fi - echo "Failed to create infrastructure on attempt $attempt" - sleep 10 - terraform destroy -auto-approve - sleep 60 - done - echo "Failed to create infrastructure after $attempt attempts" - exit 1 - working-directory: ${{ github.workspace }}/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Get Terraform outputs - id: tf_outputs - run: | - terraform output -json - working-directory: ${{ github.workspace }}/terraform/aio - - - name: Write Terraform outputs - run: | - cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/tf-outputs.yml - ${{ steps.tf_outputs.outputs.stdout }} - EOF - - - name: Write Terraform network config - run: | - cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/tf-networks.yml - admin_oc_net_name: ethernet - ethernet_cidr: "{{ access_cidr.value }}" - ethernet_allocation_pool_start: 0.0.0.0 - ethernet_allocation_pool_end: 0.0.0.0 - ethernet_ips: - controller0: "{{ access_ip_v4.value }}" - EOF - - - name: Write all-in-one scenario config - run: | - cat << EOF > etc/kayobe/environments/$KAYOBE_ENVIRONMENT/zz-aio-scenario.yml - --- - os_distribution: ${{ env.OS_DISTRIBUTION }} - os_release: "${{ env.OS_RELEASE }}" - kolla_enable_ovn: ${{ env.ENABLE_OVN }} - EOF - env: - ENABLE_OVN: ${{ inputs.neutron_plugin == 'ovn' }} - OS_DISTRIBUTION: ${{ inputs.os_distribution }} - OS_RELEASE: ${{ inputs.os_release }} - - # Use a heredoc to define a multiline string output - # https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#multiline-strings - - name: Set SSH key output - id: ssh_key - run: | - echo "ssh_key<> $GITHUB_OUTPUT - cat terraform/aio/id_rsa >> $GITHUB_OUTPUT - echo "EOF" >> $GITHUB_OUTPUT - - # The same tag may be reused (e.g. stackhpc/yoga), so ensure we have the latest image. - - name: Pull previous Kayobe image - run: | - docker image pull ${{ steps.kayobe_image.outputs.kayobe_image }} - if: inputs.upgrade - - # The same tag may be reused (e.g. pr-123), so ensure we have the latest image. - - name: Pull current Kayobe image - run: | - docker image pull $KAYOBE_IMAGE - - # Rocky 9 OVN deployments will fail when the hostname contains a '.' - - name: Fix hostname - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/fix-hostname.yml - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - # Reboot to Apply hostname change - - name: Reboot - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/reboot.yml -e reboot_with_bootstrap_user=true - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: Run growroot - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh '$KAYOBE_CONFIG_PATH/ansible/growroot.yml' - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: Host configure - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-host-configure.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: Service deploy - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-service-deploy.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: Configure aio resources - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh etc/kayobe/ansible/configure-aio-resources.yml - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: Upgrade host OS - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - -e KAYOBE_PATH=/stack/kayobe-automation-env/src/kayobe \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/script-run.sh tools/ubuntu-upgrade-overcloud.sh all - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: inputs.upgrade && inputs.os_release == 'jammy' - - - name: Deploy services that are built for later OS - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-service-deploy.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: inputs.upgrade && inputs.os_release == 'jammy' - - - name: Run upgrade prerequisites - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - ${{ steps.kayobe_image.outputs.kayobe_image }} \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/script-run.sh tools/upgrade-prerequisites.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: inputs.upgrade - - # If testing upgrade, checkout the current release branch - # Stash changes to tracked files, and set clean=false to avoid removing untracked files. - # Revert changes to RabbitMQ Queue types to avoid a merge conflict - - name: Stash config changes - run: git restore etc/kayobe/environments/ci-aio/kolla/globals.yml && git stash - if: inputs.upgrade - - - name: Checkout current release config - uses: actions/checkout@v4 - with: - repository: ${{ inputs.repository }} - ref: ${{ inputs.github_ref }} - submodules: true - clean: false - if: inputs.upgrade - - - name: Pop stashed config changes - run: git stash pop - if: inputs.upgrade - - # Now begin upgrade - - name: Host upgrade - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-host-upgrade.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: inputs.upgrade - - - name: Host configure - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-host-configure.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: inputs.upgrade - - - name: Service upgrade - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/overcloud-service-upgrade.sh - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: inputs.upgrade - - - name: Prune unused docker images - run: | - docker image prune -af - if: inputs.upgrade - - - name: Tempest tests - id: tempest - run: | - mkdir -p tempest-artifacts - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -v $(pwd)/tempest-artifacts:/stack/tempest-artifacts \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/tempest.sh -e ansible_user=stack - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: StackHPC Cloud tests - id: stackhpc-cloud-tests - continue-on-error: true - run: | - mkdir -p sct-results - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -v $(pwd)/sct-results:/stack/sct-results \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh '$KAYOBE_CONFIG_PATH/ansible/stackhpc-cloud-tests.yml' \ - -e sct_version=${{ inputs.stackhpc_cloud_tests_version }} - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - - - name: Collect diagnostic information - id: diagnostics - run: | - mkdir -p diagnostics - sudo -E docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -v $(pwd)/diagnostics:/stack/diagnostics \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh '$KAYOBE_CONFIG_PATH/ansible/diagnostics.yml' - env: - KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - if: ${{ !cancelled() && steps.tf_apply.outcome == 'success' }} - - - name: Upload test result artifacts - uses: actions/upload-artifact@v4 - with: - name: test-results-${{ inputs.os_distribution }}-${{ inputs.os_release }}-${{ inputs.neutron_plugin }}${{ inputs.upgrade && '-upgrade' || '' }} - path: | - diagnostics/ - tempest-artifacts/ - sct-results/ - if: ${{ !cancelled() && (steps.tempest.outcome == 'success' || steps.stackhpc-cloud-tests.outcome == 'success' || steps.diagnostics.outcome == 'success') }} - - - name: Fail if any tests failed - run: | - rc=0 - if [[ $(wc -l < tempest-artifacts/failed-tests) -ne 0 ]]; then - echo "Some Tempest tests failed." - echo "See HTML results artifact (tempest-artifacts) for details." - rc=1 - fi - if [[ $(wc -l < sct-results/failed-tests) -ne 0 ]]; then - echo "Some StackHPC Cloud tests failed." - echo "See HTML results artifact (sct-results) for details." - rc=1 - fi - exit $rc - - - name: Destroy - run: terraform destroy -auto-approve - working-directory: ${{ github.workspace }}/terraform/aio - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - if: always() diff --git a/.github/workflows/stackhpc-build-kayobe-image.yml b/.github/workflows/stackhpc-build-kayobe-image.yml deleted file mode 100644 index b61f1c10a4..0000000000 --- a/.github/workflows/stackhpc-build-kayobe-image.yml +++ /dev/null @@ -1,123 +0,0 @@ ---- -# This reusable workflow builds a Kayobe container image using the Dockerfile -# in kayobe-automation, then pushes it to a registry. - -name: Build kayobe image - -on: - push: - branches: - # NOTE(upgrade): Reference only the current release branch here. - - stackhpc/2025.1 - - workflow_call: - inputs: - http_proxy: - type: string - required: false - https_proxy: - type: string - required: false - no_proxy: - type: string - required: false - base_image: - type: string - required: false - default: "rockylinux:9" - if: - description: Whether to run the workflow (workaround for required status checks issue) - type: boolean - default: true - outputs: - kayobe_image: - description: Reference of Kayobe image that was built - value: ${{ jobs.build-kayobe-image.outputs.kayobe_image }} - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - -jobs: - build-kayobe-image: - name: Build kayobe image - if: inputs.if || github.repository == 'stackhpc/stackhpc-kayobe-config' && github.event_name == 'push' - runs-on: ubuntu-22.04 - permissions: - contents: read - packages: write - outputs: - kayobe_image: ${{ fromJSON(steps.meta.outputs.json).tags[0] }} - steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - name: Checkout kayobe config - uses: actions/checkout@v4 - with: - submodules: true - - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - driver-opts: | - image=moby/buildkit:master - env.http_proxy=${{ env.http_proxy }} - env.https_proxy=${{ env.https_proxy }} - # Doesn't like commas: invalid value "127.0.0.1", expecting k=v - # env.no_proxy='${{ env.no_proxy }}' - env: - http_proxy: ${{ inputs.http_proxy }} - https_proxy: ${{ inputs.https_proxy }} - no_proxy: ${{ inputs.no_proxy }} - - # Setting KAYOBE_USER_UID and KAYOBE_USER_GID to 1001 to match docker's defaults - # so that docker can run as a privileged user within the Kayobe image. - - name: Build and push Docker image - uses: docker/build-push-action@v5 - with: - file: ./.automation/docker/kayobe/Dockerfile - context: . - build-args: | - http_proxy=${{ inputs.http_proxy }} - https_proxy=${{ inputs.https_proxy }} - BASE_IMAGE=${{ inputs.base_image || 'rockylinux:9' }} - USE_PYTHON_312=true - KAYOBE_USER_UID=1001 - KAYOBE_USER_GID=1001 - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - - name: Send message to Slack via Workflow Builder - uses: slackapi/slack-github-action@v1.26.0 - with: - payload: | - { - "channel-id": "${{ env.SLACK_CHANNEL_ID }}", - "inputs": "${{ env.INPUTS }}", - "message": "${{ env.MESSAGE }}", - "results-url": "${{ env.RESULTS_URL }}", - "workflow-url": "${{ env.WORKFLOW_URL }}" - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - # #release-train-alerts - SLACK_CHANNEL_ID: C03B28HRP53 - INPUTS: >- - branch: ${{ github.ref_name }} - MESSAGE: "SKC Build Kayobe Image workflow failed :sob:" - RESULTS_URL: "N/A" - WORKFLOW_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" - if: failure() && github.event_name == 'push' diff --git a/.github/workflows/stackhpc-check-tags.yml b/.github/workflows/stackhpc-check-tags.yml deleted file mode 100644 index db2383e21d..0000000000 --- a/.github/workflows/stackhpc-check-tags.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -# This workflow queries the Test Pulp server to check that all image tags -# specified in kolla_image_tags are present. - -name: Check container image tags -on: - workflow_call: - inputs: - kayobe_image: - description: Kayobe container image - type: string - required: true - if: - description: Whether to run the workflow (workaround for required status checks issue) - type: boolean - default: true - secrets: - KAYOBE_VAULT_PASSWORD: - required: true - -env: - ANSIBLE_FORCE_COLOR: True -jobs: - check-tags: - name: Check container image tags - if: ${{ inputs.if && ! cancelled() }} - runs-on: arc-skc-aio-runner - permissions: {} - env: - KAYOBE_ENVIRONMENT: ci-aio - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - KAYOBE_IMAGE: ${{ inputs.kayobe_image }} - steps: - - name: Install package dependencies - run: | - sudo apt update - sudo apt install -y git unzip nodejs - - - name: Checkout - uses: actions/checkout@v4 - with: - submodules: true - - # The same tag may be reused (e.g. pr-123), so ensure we have the latest image. - - name: Pull latest Kayobe image - run: | - docker image pull $KAYOBE_IMAGE - - - name: Check kolla-images.py image map and tag hierarchy - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh \ - '$KAYOBE_CONFIG_PATH/ansible/check-kolla-images-py.yml' - - - name: Check container image tags - run: | - docker run -t --rm \ - -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ - -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ - $KAYOBE_IMAGE \ - /stack/kayobe-automation-env/src/kayobe-config/.automation/pipeline/playbook-run.sh \ - '$KAYOBE_CONFIG_PATH/ansible/check-tags.yml' diff --git a/.github/workflows/stackhpc-ci-cleanup.yml b/.github/workflows/stackhpc-ci-cleanup.yml deleted file mode 100644 index e0977f2f56..0000000000 --- a/.github/workflows/stackhpc-ci-cleanup.yml +++ /dev/null @@ -1,122 +0,0 @@ ---- -name: Clean up stale CI resources -on: - schedule: - # Every 2 hours at quarter past - - cron: '15 0/2 * * *' - -jobs: - ci-cleanup: - name: Clean up stale CI resources - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-latest - permissions: {} - strategy: - matrix: - environment: [SMS Lab, Leafcloud] - environment: ${{ matrix.environment }} - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Setup Python - uses: actions/setup-python@v5 - - - name: Generate clouds.yaml - run: | - cat << EOF > clouds.yaml - ${{ secrets.CLOUDS_YAML }} - EOF - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' src/kayobe-config/.gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - - - name: Install OpenStack client - run: | - pip install python-openstackclient -c https://raw.githubusercontent.com/stackhpc/requirements/refs/heads/stackhpc/${{ steps.openstack_release.outputs.openstack_release }}/upper-constraints.txt - - - name: Clean up aio instances over 3 hours old - run: | - result=0 - changes_before=$(date -Imin -d -3hours) - for status in ACTIVE BUILD ERROR SHUTOFF; do - for instance in $(openstack server list --tags skc-ci-aio --os-compute-api-version 2.66 --format value --column ID --changes-before $changes_before --status $status); do - echo "Cleaning up $status instance $instance" - openstack server show $instance - if ! openstack server delete $instance; then - echo "Failed to delete $status instance $instance" - result=1 - fi - done - done - exit $result - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Clean up host image builder instances over 5 hours old - run: | - result=0 - changes_before=$(date -Imin -d -5hours) - for status in ACTIVE BUILD ERROR SHUTOFF; do - for instance in $(openstack server list --tags skc-host-image-build --os-compute-api-version 2.66 --format value --column ID --changes-before $changes_before --status $status); do - echo "Cleaning up $status instance $instance" - openstack server show $instance - if ! openstack server delete $instance; then - echo "Failed to delete $status instance $instance" - result=1 - fi - done - done - exit $result - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Clean up GH actions multinode instances over 12 hours old - run: | - result=0 - changes_before=$(date -Imin -d -12hours) - for status in ACTIVE BUILD ERROR SHUTOFF; do - for instance in $(openstack server list --tags gh-actions-multinode --os-compute-api-version 2.66 --format value --column ID --changes-before $changes_before --status $status); do - echo "Cleaning up $status instance $instance" - openstack server show $instance - if ! openstack server delete $instance; then - echo "Failed to delete $status instance $instance" - result=1 - fi - done - done - exit $result - env: - OS_CLOUD: ${{ vars.OS_CLOUD }} - OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} - OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} - - - name: Send message to Slack via Workflow Builder - uses: slackapi/slack-github-action@v1.26.0 - with: - payload: | - { - "channel-id": "${{ env.SLACK_CHANNEL_ID }}", - "inputs": "${{ env.INPUTS }}", - "message": "${{ env.MESSAGE }}", - "results-url": "${{ env.RESULTS_URL }}", - "workflow-url": "${{ env.WORKFLOW_URL }}" - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - # #release-train-alerts - SLACK_CHANNEL_ID: C03B28HRP53 - INPUTS: "N/A" - MESSAGE: "SKC CI Cleanup workflow failed :sob:" - RESULTS_URL: "N/A" - WORKFLOW_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" - if: failure() diff --git a/.github/workflows/stackhpc-container-image-build.yml b/.github/workflows/stackhpc-container-image-build.yml deleted file mode 100644 index 595ab9cd3b..0000000000 --- a/.github/workflows/stackhpc-container-image-build.yml +++ /dev/null @@ -1,347 +0,0 @@ ---- -name: Build Kolla container images -on: - workflow_dispatch: - inputs: - regexes: - description: Space-separated list of regular expressions matching overcloud images to build - type: string - required: false - default: "" - overcloud: - description: Build container images for overcloud services? - type: boolean - required: false - default: true - seed: - description: Build container images for seed services? - type: boolean - required: false - default: false - rocky-linux-9: - description: Build Rocky Linux 9 images? - type: boolean - required: false - default: true - ubuntu-noble: - description: Build Ubuntu Noble 24.04 images? - type: boolean - required: false - default: true - push: - description: Whether to push images - type: boolean - required: false - default: true - push-dirty: - description: Push scanned images that have critical vulnerabilities? - type: boolean - required: false - default: false - runner_env: - description: Which cloud to run on? - type: choice - default: SMS Lab - options: - - SMS Lab - - Leafcloud - -env: - ANSIBLE_FORCE_COLOR: True -jobs: - generate-tag: - name: Generate container image tag - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-latest - permissions: {} - outputs: - datetime_tag: ${{ steps.datetime_tag.outputs.datetime_tag }} - matrix: ${{ steps.set-matrix.outputs.matrix }} - openstack_release: ${{ steps.openstack_release.outputs.openstack_release }} - steps: - - name: Validate inputs - run: | - if [[ ${{ inputs.rocky-linux-9 }} == 'false' && ${{ inputs.ubuntu-noble }} == 'false' ]]; then - echo "At least one distribution must be selected" - exit 1 - fi - if [[ ${{ inputs.overcloud }} == 'false' && ${{ inputs.seed }} == 'false' ]]; then - echo "At least one of overcloud or seed must be selected" - exit 1 - fi - - - name: Checkout - uses: actions/checkout@v4 - - - name: Determine OpenStack release - id: openstack_release - run: | - BRANCH=$(awk -F'=' '/defaultbranch/ {print $2}' .gitreview) - echo "openstack_release=${BRANCH}" | sed -E "s,(stable|unmaintained)/,," >> $GITHUB_OUTPUT - - # Generate a tag to apply to all built container images. - # Without this, each kayobe * container image build command would use a different tag. - - name: Generate container datetime tag - id: datetime_tag - run: | - echo "datetime_tag=$(date +%Y%m%dT%H%M%S)" >> $GITHUB_OUTPUT - - # Dynamically define job matrix. - # We need a separate matrix entry for each distribution, when the relevant input is true. - # https://stackoverflow.com/questions/65384420/how-do-i-make-a-github-action-matrix-element-conditional - - name: Generate build matrix - id: set-matrix - run: | - output="{'distro': [" - if [[ ${{ inputs.rocky-linux-9 }} == 'true' ]]; then - output+="{'name': 'rocky', 'release': 9}," - fi - if [[ ${{ inputs.ubuntu-noble }} == 'true' ]]; then - output+="{'name': 'ubuntu', 'release': 'noble'}," - fi - # remove trailing comma - output="${output%,}" - output+="]}" - echo "matrix=$output" >> $GITHUB_OUTPUT - - - name: Display container datetime tag - run: | - echo "${{ steps.datetime_tag.outputs.datetime_tag }}" - - runner-selection: - uses: ./.github/workflows/runner-selector.yml - with: - runner_env: ${{ inputs.runner_env }} - - container-image-build: - name: Build Kolla container images - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ${{ needs.runner-selection.outputs.runner_name_container_image_build }} - timeout-minutes: 720 - permissions: {} - strategy: - fail-fast: false - matrix: ${{ fromJson(needs.generate-tag.outputs.matrix) }} - needs: - - generate-tag - - runner-selection - steps: - - name: Install package dependencies - run: | - sudo apt update - sudo apt install -y build-essential git unzip nodejs python3-wheel python3-pip python3-venv curl jq wget - - - name: Install gh - run: | - sudo mkdir -p -m 755 /etc/apt/keyrings && wget -qO- https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo tee /etc/apt/keyrings/githubcli-archive-keyring.gpg > /dev/null - sudo chmod go+r /etc/apt/keyrings/githubcli-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null - sudo apt update - sudo apt install gh -y - - - name: Checkout - uses: actions/checkout@v4 - with: - path: src/kayobe-config - - - name: Make sure dockerd is running and test Docker - run: | - docker ps - - - name: Install Trivy - run: | - curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin v0.49.0 - - - name: Install yq - run: | - curl -sL https://github.com/mikefarah/yq/releases/download/v4.42.1/yq_linux_amd64.tar.gz | tar xz && sudo mv yq_linux_amd64 /usr/bin/yq - - - name: Install Kayobe - run: | - mkdir -p venvs && - pushd venvs && - python3 -m venv kayobe && - source kayobe/bin/activate && - pip install -U pip && - pip install -r ../src/kayobe-config/requirements.txt - - # Required for Pulp auth proxy deployment and Docker registry login. - # Normally installed during host configure. - - name: Install Docker Python SDK - run: | - sudo pip install docker 'requests<2.32.0' - - - name: Get Kolla tag - id: write-kolla-tag - run: echo "kolla-tag=${{ needs.generate-tag.outputs.openstack_release }}-${{ matrix.distro.name }}-${{ matrix.distro.release }}-${{ needs.generate-tag.outputs.datetime_tag }}" >> $GITHUB_OUTPUT - - - name: Configure localhost as a seed - run: | - cat > src/kayobe-config/etc/kayobe/environments/ci-builder/inventory/hosts << EOF - # A 'seed' host used for building images. - # Use localhost for container image builds. - [seed] - localhost ansible_connection=local ansible_python_interpreter=/usr/bin/python3 - EOF - - # See etc/kayobe/ansible/roles/pulp_auth_proxy/README.md for details. - # NOTE: We override pulp_auth_proxy_conf_path to a path shared by the - # runner and dind containers. - - name: Deploy an authenticating package repository mirror proxy - run: | - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/pulp-auth-proxy.yml -e pulp_auth_proxy_conf_path=/home/runner/_work/pulp_proxy - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - - - name: Create build logs output directory - run: mkdir image-build-logs - - - name: Build kolla overcloud images - id: build_overcloud_images - continue-on-error: true - run: | - args="${{ inputs.regexes }}" - args="$args -e kolla_base_distro=${{ matrix.distro.name }}" - args="$args -e kolla_base_distro_version=${{ matrix.distro.release }}" - args="$args -e kolla_tag=${{ steps.write-kolla-tag.outputs.kolla-tag }}" - args="$args -e stackhpc_repo_mirror_auth_proxy_enabled=true" - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe overcloud container image build $args - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.overcloud - - - name: Copy overcloud container image build logs to output directory - run: sudo mv /var/log/kolla-build.log image-build-logs/kolla-build-overcloud.log - if: inputs.overcloud - - - name: Build kolla seed images - id: build_seed_images - continue-on-error: true - run: | - args="-e kolla_base_distro=${{ matrix.distro.name }}" - args="$args -e kolla_base_distro_version=${{ matrix.distro.release }}" - args="$args -e kolla_tag=${{ steps.write-kolla-tag.outputs.kolla-tag }}" - args="$args -e stackhpc_repo_mirror_auth_proxy_enabled=true" - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe seed container image build $args - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.seed - - - name: Copy seed container image build logs to output directory - run: sudo mv /var/log/kolla-build.log image-build-logs/kolla-build-seed.log - if: inputs.seed - - - name: Get built container images - run: docker image ls --filter "reference=ark.stackhpc.com/stackhpc-dev/*:${{ steps.write-kolla-tag.outputs.kolla-tag }}" > ${{ matrix.distro.name }}-${{ matrix.distro.release }}-container-images - - - name: Fail if no images have been built - run: if [ $(wc -l < ${{ matrix.distro.name }}-${{ matrix.distro.release }}-container-images) -le 1 ]; then exit 1; fi - - - name: Scan built container images - run: src/kayobe-config/tools/scan-images.sh ${{ matrix.distro.name }}-${{ matrix.distro.release }} ${{ steps.write-kolla-tag.outputs.kolla-tag }} - - - name: Move image scan logs to output artifact - run: mv image-scan-output image-build-logs/image-scan-output - - - name: Fail if no images have passed scanning - run: if [ $(wc -l < image-build-logs/image-scan-output/critical-images.txt) -gt 0 ]; then exit 1; fi - if: ${{ !inputs.push-dirty }} - - - name: Copy clean images to push-attempt-images list - run: cp image-build-logs/image-scan-output/clean-images.txt image-build-logs/push-attempt-images.txt - if: inputs.push - - # NOTE(seunghun1ee): This always appends dirty images with CVEs severity lower than critical. - # This should be reverted when it's decided to filter high level CVEs as well. - - name: Append dirty images to push list - run: | - cat image-build-logs/image-scan-output/dirty-images.txt >> image-build-logs/push-attempt-images.txt - if: ${{ inputs.push }} - - - name: Append images with critical vulnerabilities to push list - run: | - cat image-build-logs/image-scan-output/critical-images.txt >> image-build-logs/push-attempt-images.txt - if: ${{ inputs.push && inputs.push-dirty }} - - - name: Push images - run: | - touch image-build-logs/push-failed-images.txt - source venvs/kayobe/bin/activate && - source src/kayobe-config/kayobe-env --environment ci-builder && - kayobe playbook run ${KAYOBE_CONFIG_PATH}/ansible/docker-registry-login.yml && - - while read -r image; do - # Retries! - for i in {1..5}; do - if docker push $image; then - echo "Pushed $image" - break - elif [ $i -eq 5 ] ; then - echo "Failed to push $image" - echo $image >> image-build-logs/push-failed-images.txt - else - echo "Failed on retry $i" - sleep 5 - fi; - done - done < image-build-logs/push-attempt-images.txt - shell: bash - env: - KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} - if: inputs.push - - - name: Upload output artifact - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.distro.name }}-${{ matrix.distro.release }}-logs - path: image-build-logs - retention-days: 7 - if: ${{ !cancelled() }} - - - name: Fail when images failed to build - run: echo "An image build failed. Check the workflow artifact for build logs" && exit 1 - if: ${{ steps.build_overcloud_images.outcome == 'failure' || steps.build_seed_images.outcome == 'failure' }} - - - name: Fail when images failed to push - run: if [ $(wc -l < image-build-logs/push-failed-images.txt) -gt 0 ]; then cat image-build-logs/push-failed-images.txt && exit 1; fi - if: ${{ !cancelled() }} - - # NOTE(seunghun1ee): Currently we want to mark the job fail only when critical CVEs are detected. - # This can be used again instead of "Fail when critical vulnerabilities are found" when it's - # decided to fail the job on detecting high CVEs as well. - # - name: Fail when images failed scanning - # run: if [ $(wc -l < image-build-logs/image-scan-output/dirty-images.txt) -gt 0 ]; then cat image-build-logs/image-scan-output/dirty-images.txt && exit 1; fi - # if: ${{ !inputs.push-dirty && !cancelled() }} - - - name: Fail when critical vulnerabilities are found - run: if [ $(wc -l < image-build-logs/image-scan-output/critical-images.txt) -gt 0 ]; then cat image-build-logs/image-scan-output/critical-images.txt && exit 1; fi - if: ${{ !inputs.push-dirty && !cancelled() }} - - # NOTE(mgoddard): Trigger another CI workflow in the - # stackhpc-release-train repository. - - name: Trigger container image repository sync - run: | - filter='${{ inputs.regexes }}' - if [[ -n $filter ]] && [[ ${{ inputs.seed }} == 'true' ]]; then - filter="$filter bifrost" - fi - gh workflow run \ - container-sync.yml \ - --repo stackhpc/stackhpc-release-train \ - --ref main \ - -f filter="$filter" \ - -f sync-old-images=false - env: - GITHUB_TOKEN: ${{ secrets.STACKHPC_RELEASE_TRAIN_TOKEN }} - if: ${{ github.repository == 'stackhpc/stackhpc-kayobe-config' && inputs.push && !cancelled() }} - - - name: Display link to container image repository sync workflows - run: | - echo "::notice Container image repository sync workflows: https://github.com/stackhpc/stackhpc-release-train/actions/workflows/container-sync.yml" - if: ${{ github.repository == 'stackhpc/stackhpc-kayobe-config' && inputs.push && !cancelled() }} diff --git a/.github/workflows/stackhpc-multinode-periodic.yml b/.github/workflows/stackhpc-multinode-periodic.yml deleted file mode 100644 index ab79407a14..0000000000 --- a/.github/workflows/stackhpc-multinode-periodic.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -# This workflow provides a periodic deploy of a multi-node test cluster. -# The test scenario is randomly selected. - -name: Multinode periodic -'on': - schedule: - # Runs nightly at 2:42 AM. - - cron: "42 2 * * *" -jobs: - generate-inputs: - name: Generate inputs - runs-on: ubuntu-latest - outputs: - os_distribution: ${{ steps.generate-inputs.outputs.os_distribution }} - os_release: ${{ steps.generate-inputs.outputs.os_release }} - ssh_username: ${{ steps.generate-inputs.outputs.ssh_username }} - neutron_plugin: ${{ steps.generate-inputs.outputs.neutron_plugin }} - upgrade: ${{ steps.generate-inputs.outputs.upgrade }} - stackhpc_kayobe_config_version: ${{ steps.generate-inputs.outputs.stackhpc_kayobe_config_version }} - stackhpc_kayobe_config_previous_version: ${{ steps.generate-inputs.outputs.stackhpc_kayobe_config_previous_version }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Generate inputs for multinode workflow - id: generate-inputs - run: | - python3 .github/workflows/multinode-inputs.py >> $GITHUB_OUTPUT - - - name: Display generated inputs - run: | - echo '${{ toJSON(steps.generate-inputs.outputs) }}' - multinode: - name: Multinode periodic - needs: - - generate-inputs - uses: stackhpc/stackhpc-openstack-gh-workflows/.github/workflows/multinode.yml@1.4.0 - with: - multinode_name: mn-periodic-${{ github.run_id }} - os_distribution: ${{ needs.generate-inputs.outputs.os_distribution }} - os_release: ${{ needs.generate-inputs.outputs.os_release }} - ssh_username: ${{ needs.generate-inputs.outputs.ssh_username }} - neutron_plugin: ${{ needs.generate-inputs.outputs.neutron_plugin }} - upgrade: ${{ needs.generate-inputs.outputs.upgrade }} - stackhpc_kayobe_config_version: ${{ needs.generate-inputs.outputs.stackhpc_kayobe_config_version }} - stackhpc_kayobe_config_previous_version: ${{ needs.generate-inputs.outputs.stackhpc_kayobe_config_previous_version }} - enable_slack_alert: true - secrets: inherit - if: github.repository == 'stackhpc/stackhpc-kayobe-config' diff --git a/.github/workflows/stackhpc-multinode.yml b/.github/workflows/stackhpc-multinode.yml deleted file mode 100644 index 4869df6feb..0000000000 --- a/.github/workflows/stackhpc-multinode.yml +++ /dev/null @@ -1,75 +0,0 @@ ---- -# This workflow provides a workflow_dispatch (manual) trigger to deploy a -# multi-node test cluster. - -name: Multinode -'on': - workflow_dispatch: - # NOTE: workflow_dispatch is limited to 10 inputs. - inputs: - multinode_name: - description: Multinode cluster name - type: string - required: true - os_distribution: - description: Host OS distribution - type: choice - default: rocky - options: - - rocky - - ubuntu - neutron_plugin: - description: Neutron ML2 plugin - type: choice - default: ovn - options: - - ovn - - ovs - upgrade: - description: Whether to perform an upgrade - default: none - type: choice - options: - - none - - minor - - major - break_on: - description: When to break execution for manual interaction - type: choice - default: never - options: - - always - - failure - - never - - success - break_duration: - description: How long to break execution for (minutes) (note that instances are cleaned up after 12h) - type: number - default: 60 - ssh_key: - description: SSH public key to authorise on Ansible control host - type: string - terraform_kayobe_multinode_version: - description: terraform-kayobe-multinode version - type: string - default: main -jobs: - multinode: - name: Multinode - uses: stackhpc/stackhpc-openstack-gh-workflows/.github/workflows/multinode.yml@1.4.1 - with: - multinode_name: ${{ inputs.multinode_name }} - os_distribution: ${{ inputs.os_distribution }} - os_release: ${{ inputs.os_distribution == 'rocky' && '9' || 'noble' }} - ssh_username: ${{ inputs.os_distribution == 'rocky' && 'cloud-user' || 'ubuntu' }} - neutron_plugin: ${{ inputs.neutron_plugin }} - upgrade: ${{ inputs.upgrade }} - break_on: ${{ inputs.break_on }} - # Workaround loss of number type using fromJSON: https://github.com/orgs/community/discussions/67182 - break_duration: ${{ fromJSON(inputs.break_duration) }} - ssh_key: ${{ inputs.ssh_key }} - stackhpc_kayobe_config_version: ${{ github.ref_name }} - # NOTE(upgrade): Reference the PREVIOUS and CURRENT releases here. - stackhpc_kayobe_config_previous_version: ${{ inputs.upgrade == 'major' && 'stackhpc/2024.1' || 'stackhpc/2025.1' }} - terraform_kayobe_multinode_version: ${{ inputs.terraform_kayobe_multinode_version }} - secrets: inherit diff --git a/.github/workflows/stackhpc-promote.yml b/.github/workflows/stackhpc-promote.yml deleted file mode 100644 index 8524621465..0000000000 --- a/.github/workflows/stackhpc-promote.yml +++ /dev/null @@ -1,67 +0,0 @@ ---- -name: Promote Pulp repositories -on: - push: - branches: - # NOTE(upgrade): Reference only the current release branch here. - - stackhpc/2025.1 -jobs: - promote: - name: Trigger Pulp promotion workflows - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-latest - permissions: {} - steps: - # NOTE(mgoddard): Trigger another CI workflow in the - # stackhpc-release-train repository. - - name: Trigger package repository promotion - run: | - gh workflow run \ - package-promote.yml \ - --repo stackhpc/stackhpc-release-train \ - --ref main \ - -f kayobe_config_branch=${{ github.ref_name }} - env: - GITHUB_TOKEN: ${{ secrets.STACKHPC_RELEASE_TRAIN_TOKEN }} - - - name: Display link to package repository promotion workflows - run: | - echo "::notice Package repository promote workflow: https://github.com/stackhpc/stackhpc-release-train/actions/workflows/package-promote.yml" - - # NOTE(mgoddard): Trigger another CI workflow in the - # stackhpc-release-train repository. - - name: Trigger container image promotion - run: | - gh workflow run \ - container-promote.yml \ - --repo stackhpc/stackhpc-release-train \ - --ref main \ - -f kayobe_config_branch=${{ github.ref_name }} - env: - GITHUB_TOKEN: ${{ secrets.STACKHPC_RELEASE_TRAIN_TOKEN }} - - - name: Display link to container image promotion workflows - run: | - echo "::notice Container image promote workflow: https://github.com/stackhpc/stackhpc-release-train/actions/workflows/container-promote.yml" - - - name: Send message to Slack via Workflow Builder - uses: slackapi/slack-github-action@v1.26.0 - with: - payload: | - { - "channel-id": "${{ env.SLACK_CHANNEL_ID }}", - "inputs": "${{ env.INPUTS }}", - "message": "${{ env.MESSAGE }}", - "results-url": "${{ env.RESULTS_URL }}", - "workflow-url": "${{ env.WORKFLOW_URL }}" - } - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - # #release-train-alerts - SLACK_CHANNEL_ID: C03B28HRP53 - INPUTS: >- - branch: ${{ github.ref_name }} - MESSAGE: "SKC promote workflow failed :sob:" - RESULTS_URL: "N/A" - WORKFLOW_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" - if: failure() diff --git a/.github/workflows/stackhpc-pull-request.yml b/.github/workflows/stackhpc-pull-request.yml deleted file mode 100644 index 5d71d0f74a..0000000000 --- a/.github/workflows/stackhpc-pull-request.yml +++ /dev/null @@ -1,238 +0,0 @@ ---- - -concurrency: - group: stackhpc-pull-request-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -name: Pull request -'on': - pull_request: -jobs: - # Detect which files have changed and use this to run jobs conditionally. - # Note that we can't use the workflow-level paths attribute since this - # would skip the workflow entirely, and would prevent us from making the - # aio jobs required to pass (a skip counts as a pass). - check-changes: - runs-on: ubuntu-24.04 - permissions: - pull-requests: read - name: Check changed files - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - needs: - - lint - # - tox - outputs: - aio: ${{ steps.changes.outputs.aio }} - build-kayobe-image: ${{ steps.changes.outputs.build-kayobe-image }} - check-tags: ${{ steps.changes.outputs.check-tags }} - steps: - - name: GitHub Checkout - uses: actions/checkout@v4 - - - name: Check changed files - uses: dorny/paths-filter@v3 - id: changes - with: - # Filters are defined in this file. - filters: .github/path-filters.yml - - tox: - runs-on: ubuntu-24.04 - permissions: {} - strategy: - matrix: - include: - - environment: pep8 - python-version: "3.12" - - environment: releasenotes - python-version: "3.12" - - environment: docs - python-version: "3.12" - name: Tox ${{ matrix.environment }} with Python ${{ matrix.python-version }} - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - steps: - - name: GitHub Checkout ๐Ÿ›Ž - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Setup Python ${{ matrix.python-version }} ๐Ÿ - uses: actions/setup-python@v5 - with: - python-version: ${{ matrix.python-version }} - - name: Install Tox ๐Ÿ“ฆ - run: pip install tox - - name: Run Tox ${{ matrix.environment }} ๐Ÿงช - run: tox -e ${{ matrix.environment }} - - lint: - runs-on: ubuntu-24.04 - permissions: {} - strategy: - fail-fast: false - matrix: - include: - # NOTE(upgrade): Keep these in sync with Kayobe's supported Ansible and Python versions (see release notes). - - ansible: "2.18" - python: "3.12" - - ansible: "2.17" - python: "3.10" - name: Ansible ${{ matrix.ansible }} lint with Python ${{ matrix.python }} - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - steps: - - name: GitHub Checkout ๐Ÿ›Ž - uses: actions/checkout@v4 - - - name: Setup Python ${{ matrix.python-version }} ๐Ÿ - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python }} - - - name: Install dependencies ๐Ÿ“ฆ - run: | - python -m pip install --upgrade pip - pip install ansible-core==${{ matrix.ansible }}.* ansible-lint -r requirements.txt - - - name: Install Ansible Galaxy collections and roles - run: | - ansible-galaxy collection install -r etc/kayobe/ansible/requirements.yml - ansible-galaxy role install -r etc/kayobe/ansible/requirements.yml - - - name: Linting code ๐Ÿงช - run: | - ansible-lint -v --force-color etc/kayobe/ansible/. - - # A skipped job is treated as success when used as a required status check. - # The registered required status checks refer to the name of the job in the - # called reusable workflow rather than the jobs in this file. The following - # jobs need to run unconditionally to allow GitHub required status checks to - # pass even when there are changed files. The `! failure()` condition runs - # when the parent jobs completed successfully or were skipped. We pass an - # 'if' argument to the called workflow to allow running it conditionally. - - build-kayobe-image: - name: Build Kayobe Image - needs: - - check-changes - uses: ./.github/workflows/stackhpc-build-kayobe-image.yml - with: - if: ${{ needs.check-changes.outputs.build-kayobe-image == 'true' }} - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - - check-tags: - name: Check container image tags - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-check-tags.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - if: ${{ needs.check-changes.outputs.check-tags == 'true' }} - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} - - all-in-one-ubuntu-noble-ovn: - name: aio (Ubuntu Noble OVN) - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-all-in-one.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - os_distribution: ubuntu - os_release: noble - ssh_username: ubuntu - neutron_plugin: ovn - OS_CLOUD: openstack - if: ${{ needs.check-changes.outputs.aio == 'true' }} - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} - - all-in-one-rocky-9-ovs: - name: aio (Rocky 9 OVS) - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-all-in-one.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - os_distribution: rocky - os_release: "9" - ssh_username: cloud-user - neutron_plugin: ovs - OS_CLOUD: openstack - if: ${{ needs.check-changes.outputs.aio == 'true' }} - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} - - all-in-one-rocky-9-ovn: - name: aio (Rocky 9 OVN) - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-all-in-one.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - os_distribution: rocky - os_release: "9" - ssh_username: cloud-user - neutron_plugin: ovn - OS_CLOUD: openstack - if: ${{ needs.check-changes.outputs.aio == 'true' }} - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} - - # Test two upgrade scenarios: Ubuntu Jammy to Noble OVN and Rocky 9 OVN. - - all-in-one-upgrade-ubuntu-jammy-to-noble-ovn: - name: aio upgrade (Ubuntu Jammy to Noble OVN) - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-all-in-one.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - os_distribution: ubuntu - os_release: jammy - ssh_username: ubuntu - neutron_plugin: ovn - OS_CLOUD: openstack - if: ${{ needs.check-changes.outputs.aio == 'true' }} - upgrade: true - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} - - all-in-one-upgrade-rocky-9-ovn: - name: aio upgrade (Rocky 9 OVN) - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-all-in-one.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - os_distribution: rocky - os_release: "9" - ssh_username: cloud-user - neutron_plugin: ovn - OS_CLOUD: openstack - if: ${{ needs.check-changes.outputs.aio == 'true' }} - upgrade: true - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} - - all-in-one-upgrade-rocky-9-ovs: - name: aio upgrade (Rocky 9 OVS) - needs: - - check-changes - - build-kayobe-image - uses: ./.github/workflows/stackhpc-all-in-one.yml - with: - kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} - os_distribution: rocky - os_release: "9" - ssh_username: cloud-user - neutron_plugin: ovs - OS_CLOUD: openstack - if: ${{ needs.check-changes.outputs.aio == 'true' }} - upgrade: true - secrets: inherit - if: ${{ ! failure() && ! cancelled() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} diff --git a/.github/workflows/stackhpc-update-kolla.yml b/.github/workflows/stackhpc-update-kolla.yml deleted file mode 100644 index fdffb66843..0000000000 --- a/.github/workflows/stackhpc-update-kolla.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: Update Kolla versions - -on: - # Allow manual executions - workflow_dispatch: - # Run weekly on Tuesday - schedule: - - cron: '0 0 * * 2' - -jobs: - update-from-branch: - name: Update dependencies - strategy: - matrix: - include: - - version: stackhpc/2023.1 - codename: Antelope - - version: stackhpc/2024.1 - codename: Caracal - - version: stackhpc/2025.1 - codename: Epoxy - uses: ./.github/workflows/update-dependencies.yml - with: - openstack_version: ${{ matrix.version }} - openstack_codename: ${{ matrix.codename }} - permissions: - contents: write - pull-requests: write - if: github.repository == 'stackhpc/stackhpc-kayobe-config' diff --git a/.github/workflows/tag-and-release.yml b/.github/workflows/tag-and-release.yml deleted file mode 100644 index b03e03411b..0000000000 --- a/.github/workflows/tag-and-release.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -name: Tag & Release -'on': - push: - branches: - - stackhpc/2025.1 -permissions: - actions: read - contents: write -jobs: - tag-and-release: - uses: stackhpc/.github/.github/workflows/tag-and-release.yml@main - with: - upstream: https://github.com/openstack/kayobe-config diff --git a/.github/workflows/update-dependencies.yml b/.github/workflows/update-dependencies.yml deleted file mode 100644 index 8ae3eb9ca4..0000000000 --- a/.github/workflows/update-dependencies.yml +++ /dev/null @@ -1,94 +0,0 @@ -name: Update dependencies - -on: - workflow_call: - inputs: - openstack_version: - description: OpenStack version - type: string - required: true - openstack_codename: - description: OpenStack codename - type: string - required: true - -jobs: - propose_github_release_updates: - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - runs-on: ubuntu-22.04 - strategy: - matrix: - include: - - key: kolla - path: src/kayobe-config/etc/kayobe/stackhpc.yml - repository: stackhpc/kolla - search_regex: 'stackhpc_kolla_source_version\:.*$' - prefix: 'stackhpc_kolla_source_version\: ' - - - key: kolla-ansible - path: src/kayobe-config/etc/kayobe/stackhpc.yml - repository: stackhpc/kolla-ansible - search_regex: 'stackhpc_kolla_ansible_source_version\:.*$' - prefix: 'stackhpc_kolla_ansible_source_version\: ' - - - key: kayobe - path: src/kayobe-config/requirements.txt - repository: stackhpc/kayobe - search_regex: 'kayobe@stackhpc\/.*$' - prefix: 'kayobe@' - permissions: - contents: write - pull-requests: write - name: ${{ matrix.key }} - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ inputs.openstack_version }} - path: ${{ github.workspace }}/src/kayobe-config - - - name: Checkout the dependency repo - uses: actions/checkout@v4 - with: - repository: ${{ matrix.repository }} - ref: ${{ inputs.openstack_version }} - fetch-tags: true - path: ${{ github.workspace }}/src/${{ matrix.key }} - - - name: Get latest tag - id: latest_tag - run: | - TAG=$(git describe --tags --abbrev=0 --match stackhpc/\*) - echo latest_tag=${TAG} >> $GITHUB_OUTPUT - working-directory: ${{ github.workspace }}/src/${{ matrix.key }} - - - name: Update dependency key - run: | - TAG_OVERRIDE=$(echo $TAG | sed 's/\//\\\//g') - sed -i "s/$SEARCH/$PREFIX$TAG_OVERRIDE/g" $REQUIREMENTS - env: - PREFIX: ${{ matrix.prefix }} - TAG: ${{ steps.latest_tag.outputs.latest_tag }} - REQUIREMENTS: ${{ github.workspace }}/${{ matrix.path }} - SEARCH: ${{ matrix.search_regex }} - - - name: Propose changes via PR if required - uses: peter-evans/create-pull-request@v7 - with: - path: ${{ github.workspace }}/src/kayobe-config - commit-message: >- - Bump ${{ matrix.key }} to ${{ steps.latest_tag.outputs.latest_tag }} - author: stackhpc-ci <22933334+stackhpc-ci@users.noreply.github.com> - branch: update-dependency/${{ matrix.key }}/${{ inputs.openstack_version }} - delete-branch: true - title: >- - Bump ${{ matrix.key }} to ${{ steps.latest_tag.outputs.latest_tag }} - body: > - This PR was created automatically to update ${{ inputs.openstack_version }} - ${{ matrix.key }} to ${{ steps.latest_tag.outputs.latest_tag }}. - - GitHub Release Changelog: - https://github.com/stackhpc/${{ matrix.key }}/releases/tag/${{ steps.latest_tag.outputs.latest_tag }} - labels: | - automated - ${{ inputs.openstack_codename }} diff --git a/.github/workflows/upstream-sync.yml b/.github/workflows/upstream-sync.yml deleted file mode 100644 index 92e5c1f548..0000000000 --- a/.github/workflows/upstream-sync.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -name: Upstream Sync -'on': - schedule: - - cron: "15 8 * * 1" - workflow_dispatch: -permissions: - contents: write - pull-requests: write -jobs: - synchronise-2023-1: - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - name: Synchronise 2023.1 - uses: stackhpc/.github/.github/workflows/upstream-sync.yml@main - with: - release_series: 2023.1 - upstream: openstack/kayobe-config - synchronise-2024-1: - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - name: Synchronise 2024.1 - uses: stackhpc/.github/.github/workflows/upstream-sync.yml@main - with: - release_series: 2024.1 - upstream: openstack/kayobe-config - synchronise-2025-1: - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - name: Synchronise 2025.1 - uses: stackhpc/.github/.github/workflows/upstream-sync.yml@main - with: - release_series: 2025.1 - upstream: openstack/kayobe-config - synchronise-master: - if: github.repository == 'stackhpc/stackhpc-kayobe-config' - name: Synchronise master - uses: stackhpc/.github/.github/workflows/upstream-sync.yml@main - with: - release_series: master - upstream: openstack/kayobe-config diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index 2551dd112e..14019306c1 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -1,10 +1,8 @@ --- - project: - queue: kayobe check: jobs: - openstack-tox-pep8 - gate: jobs: - openstack-tox-pep8