Skip to content

Add Operator deployment to CI/CD #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 9, 2025
Merged

Add Operator deployment to CI/CD #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/pr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,5 @@ jobs:

- name: Run playbook
run: >
ansible-playbook -i ansible/inventory ansible/run.yml
ansible-playbook -i ansible/inventory ansible/run.yml --check --diff

2 changes: 2 additions & 0 deletions ansible/inventory/group_vars/all/additional
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
zuul_operator_additional: []
192 changes: 192 additions & 0 deletions ansible/inventory/group_vars/all/crd
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,192 @@
---
zuul_operator_crd: |
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: zuuls.operator.zuul-ci.org
spec:
group: operator.zuul-ci.org
names:
kind: Zuul
listKind: ZuulList
plural: zuuls
singular: zuul
shortNames:
- zuul
scope: Namespaced
versions:
- name: v1alpha1
served: false
storage: false
schema:
openAPIV3Schema:
type: object
- name: v1alpha2
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
imagePrefix:
type: string
imagePullSecrets:
type: array
items:
type: string
zuulImageVersion:
type: string
zuulPreviewImageVersion:
type: string
zuulRegistryImageVersion:
type: string
nodepoolImageVersion:
type: string
database:
type: object
properties:
secretName:
type: string
allowUnsafeConfig:
type: boolean
default: false
zookeeper:
type: object
properties:
hosts:
type: string
secretName:
type: string
storageClassName:
type: string
env:
type: array
items:
type: object
properties:
name:
type: string
value:
type: string
scheduler:
type: object
properties:
config:
type: object
properties:
secretName:
type: string
count:
type: integer
default: 1
minimum: 1
storageClassName:
type: string
launcher:
type: object
properties:
config:
type: object
properties:
secretName:
type: string
executor:
type: object
properties:
count:
type: integer
default: 1
minimum: 1
sshkey:
type: object
properties:
secretName:
type: string
terminationGracePeriodSeconds:
type: integer
default: 21600
minimum: 0
merger:
type: object
properties:
count:
type: integer
git_user_email:
type: string
git_user_name:
type: string
web:
type: object
properties:
count:
type: integer
default: 1
status_url:
type: string
fingergw:
type: object
properties:
count:
type: integer
default: 1
connections:
type: object
x-kubernetes-preserve-unknown-fields: true
externalConfig:
type: object
x-kubernetes-preserve-unknown-fields: true
jobVolumes:
type: array
items:
type: object
properties:
context:
type: string
pattern: ^(trusted|untrusted)$
access:
type: string
pattern: ^(rw|ro)$
path:
type: string
volume:
type: object
properties:
name:
type: string
hostPath:
type: object
properties:
path:
type: string
type:
type: string
preview:
type: object
properties:
count:
type: integer
default: 0
registry:
type: object
properties:
count:
type: integer
default: 0
volumeSize:
type: string
default: "80G"
tls:
type: object
properties:
secretName:
type: string
config:
type: object
properties:
secretName:
type: string
storageClassName:
type: string
21 changes: 21 additions & 0 deletions ansible/inventory/group_vars/all/operator
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
zuul_operator_operator: |
apiVersion: apps/v1
kind: Deployment
metadata:
name: zuul-operator
spec:
replicas: 1
selector:
matchLabels:
name: zuul-operator
template:
metadata:
labels:
name: zuul-operator
spec:
serviceAccountName: zuul-operator
containers:
- name: operator
image: "quay.io/zuul-ci/zuul-operator"
imagePullPolicy: "IfNotPresent"
126 changes: 126 additions & 0 deletions ansible/inventory/group_vars/all/rbac
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
---
zuul_operator_rbac: |
apiVersion: v1
kind: ServiceAccount
metadata:
name: zuul-operator

---

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: zuul-operator
rules:
- apiGroups:
- ""
resources:
- pods
- pods/exec
- services
- services/finalizers
- endpoints
- persistentvolumeclaims
- events
- configmaps
- secrets
- ingresses
- namespaces
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
- daemonsets
- replicasets
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resourceNames:
- zuul-operator
resources:
- deployments/finalizers
verbs:
- update
- apiGroups:
- apps
resources:
- replicasets
- deployments
verbs:
- get
- apiGroups:
- operator.zuul-ci.org
- cert-manager.io
- pxc.percona.com
resources:
- '*'
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- monitoring.coreos.com
resources:
- servicemonitors
verbs:
- get
- create

---

kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: zuul-operator
subjects:
- kind: ServiceAccount
name: zuul-operator
namespace: zuul
roleRef:
kind: ClusterRole
name: cluster-admin #zuul-operator
apiGroup: rbac.authorization.k8s.io
2 changes: 2 additions & 0 deletions ansible/inventory/group_vars/all/secrets
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
zuul_operator_secrets: []
30 changes: 30 additions & 0 deletions ansible/run.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,33 @@
api_version: v1
kind: Namespace
state: present

- name: Ensure CRDs
kubernetes.core.k8s:
definition: "{{ zuul_operator_crd }}"
namespace: "zuul"
state: present

- name: Ensure RBAC
kubernetes.core.k8s:
namespace: "zuul"
definition: "{{ zuul_operator_rbac }}"
state: present

- name: Ensure Operator
kubernetes.core.k8s:
definition: "{{ zuul_operator_operator }}"
namespace: "zuul"
state: present

- name: Ensure Secrets
kubernetes.core.k8s:
namespace: "zuul"
state: present
loop: "{{ zuul_operator_secrets }}"

- name: Ensure additional config
kubernetes.core.k8s:
namespace: "zuul"
state: present
loop: "{{ zuul_operator_additional }}"