From e10923a699f0e7c717a613745a9c96f27f4e3a01 Mon Sep 17 00:00:00 2001 From: "Max.Bed4d" Date: Mon, 15 Jan 2024 13:30:07 +0000 Subject: [PATCH 01/10] CI: Update aio jobs to run on ARC The jobs now run in containers, so some changes are necessary. --- .github/workflows/stackhpc-all-in-one.yml | 25 +++++++++++++------ .../workflows/stackhpc-build-kayobe-image.yml | 4 +++ 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml index f9554c31d..c343a5da3 100644 --- a/.github/workflows/stackhpc-all-in-one.yml +++ b/.github/workflows/stackhpc-all-in-one.yml @@ -70,17 +70,26 @@ jobs: all-in-one: name: All in one if: inputs.if - runs-on: [self-hosted, stackhpc-kayobe-config-aio] + runs-on: arc-skc-aio-runner permissions: {} env: KAYOBE_ENVIRONMENT: ci-aio KAYOBE_VAULT_PASSWORD: ${{ secrets.KAYOBE_VAULT_PASSWORD }} KAYOBE_IMAGE: ${{ inputs.kayobe_image }} steps: + - name: Install Package + uses: ConorMacBride/install-package@main + with: + apt: build-essential git unzip nodejs python3 python3-pip python3-wheel python-is-python3 + - uses: actions/checkout@v4 with: submodules: true + - name: Make sure dockerd is running and test Docker. + run: | + docker run --rm hello-world + - name: Output image tag id: image_tag run: | @@ -209,11 +218,11 @@ jobs: # The same tag may be reused (e.g. pr-123), so ensure we have the latest image. - name: Pull latest Kayobe image run: | - sudo docker image pull $KAYOBE_IMAGE + docker image pull $KAYOBE_IMAGE - name: Run growroot run: | - sudo -E docker run -t --rm \ + docker run -t --rm \ -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ $KAYOBE_IMAGE \ @@ -223,7 +232,7 @@ jobs: - name: Host configure run: | - sudo -E docker run -t --rm \ + docker run -t --rm \ -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ $KAYOBE_IMAGE \ @@ -233,7 +242,7 @@ jobs: - name: Service deploy run: | - sudo -E docker run -t --rm \ + docker run -t --rm \ -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ $KAYOBE_IMAGE \ @@ -243,7 +252,7 @@ jobs: - name: Configure aio resources run: | - sudo -E docker run -t --rm \ + docker run -t --rm \ -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ $KAYOBE_IMAGE \ @@ -254,7 +263,7 @@ jobs: - name: Tempest tests run: | mkdir -p tempest-artifacts - sudo -E docker run -t --rm \ + docker run -t --rm \ -v $(pwd):/stack/kayobe-automation-env/src/kayobe-config \ -v $(pwd)/tempest-artifacts:/stack/tempest-artifacts \ -e KAYOBE_ENVIRONMENT -e KAYOBE_VAULT_PASSWORD -e KAYOBE_AUTOMATION_SSH_PRIVATE_KEY \ @@ -284,5 +293,5 @@ jobs: - name: Prune Docker images over 1 week old # May fail if another prune is running - run: sudo docker image prune --all --force --filter until=168h || true + run: docker image prune --all --force --filter until=168h || true if: always() diff --git a/.github/workflows/stackhpc-build-kayobe-image.yml b/.github/workflows/stackhpc-build-kayobe-image.yml index 0fbc5c7ce..330de33d3 100644 --- a/.github/workflows/stackhpc-build-kayobe-image.yml +++ b/.github/workflows/stackhpc-build-kayobe-image.yml @@ -78,6 +78,8 @@ jobs: https_proxy: ${{ inputs.https_proxy }} no_proxy: ${{ inputs.no_proxy }} + # Setting KAYOBE_USER_UID and KAYOBE_USER_GID to 1001 to match docker's defaults + # so that docker can run as a privileged user within the Kayobe image. - name: Build and push Docker image uses: docker/build-push-action@v3 with: @@ -86,6 +88,8 @@ jobs: build-args: | http_proxy=${{ inputs.http_proxy }} https_proxy=${{ inputs.https_proxy }} + KAYOBE_USER_UID=1001 + KAYOBE_USER_GID=1001 push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From ee19b5b51699165bb920b57195f95641640be42a Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 7 Feb 2024 11:47:57 +0000 Subject: [PATCH 02/10] Support credentials for custom DNF repositories This allows us to use packages from authenticated repositories such as those on Ark. This patch depends on https://review.opendev.org/c/openstack/kayobe/+/908142/ --- etc/kayobe/dnf.yml | 34 ++++++++++++++++++++++++++++++++++ etc/kayobe/stackhpc.yml | 6 ++++++ 2 files changed, 40 insertions(+) diff --git a/etc/kayobe/dnf.yml b/etc/kayobe/dnf.yml index b060c478f..672d14b8b 100644 --- a/etc/kayobe/dnf.yml +++ b/etc/kayobe/dnf.yml @@ -61,6 +61,8 @@ dnf_custom_repos_el8: file: epel gpgkey: "{{ dnf_epel_8_gpg_key_url }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" epel-modular: baseurl: "{{ stackhpc_repo_epel_modular_url }}" description: "Extra Packages for Enterprise Linux Modular $releasever - $basearch" @@ -68,6 +70,8 @@ dnf_custom_repos_el8: file: epel-modular gpgkey: "{{ dnf_epel_8_gpg_key_url }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" docker: baseurl: "{{ stackhpc_repo_docker_url }}" description: "Package repository for installing docker" @@ -75,6 +79,8 @@ dnf_custom_repos_el8: file: docker gpgkey: "{{ dnf_docker_gpg_key_url }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" # CentOS Stream 8 specific repositories dnf_custom_repos_centos: @@ -84,6 +90,8 @@ dnf_custom_repos_centos: file: CentOS-Stream-AppStream gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" baseos: baseurl: "{{ stackhpc_repo_centos_stream_baseos_url }}" description: "CentOS Stream $releasever - BaseOS" @@ -92,6 +100,8 @@ dnf_custom_repos_centos: gpgcheck: yes # Exclude buggy iptables: https://bugzilla.redhat.com/show_bug.cgi?id=2236501 exclude: "iptables-1.8.5* iptables-libs-1.8.5* iptables-ebtables-1.8.5* iptables-services-1.8.5* iptables-arptables-1.8.5* iptables-devel-1.8.5*" + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" extras: # This repo is no longer updated: https://www.spinics.net/lists/centos-devel/msg21454.html baseurl: "{{ stackhpc_repo_centos_stream_extras_url }}" @@ -100,12 +110,16 @@ dnf_custom_repos_centos: enabled: false gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" extras-common: baseurl: "{{ stackhpc_repo_centos_stream_extras_common_url }}" description: "CentOS Stream $releasever - Extras common Packages" file: CentOS-Stream-Extras-common gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" # Rocky 8 specific repositories dnf_custom_repos_rocky: @@ -115,18 +129,24 @@ dnf_custom_repos_rocky: file: "{{ 'Rocky-AppStream' if os_release == '8' else 'rocky' }}" gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" baseos: baseurl: "{{ stackhpc_repo_rocky_baseos_url }}" description: "Rocky Linux $releasever - BaseOS" file: "{{ 'Rocky-BaseOS' if os_release == '8' else 'rocky' }}" gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" extras: baseurl: "{{ stackhpc_repo_rocky_extras_url }}" description: "Rocky Linux $releasever - Extras" file: "{{ 'Rocky-Extras' if os_release == '8' else 'rocky-extras' }}" gpgkey: file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" # Custom repositories shared between all RHEL 9 derivatives. dnf_custom_repos_el9: @@ -137,6 +157,8 @@ dnf_custom_repos_el9: file: epel gpgkey: "{{ dnf_epel_9_gpg_key_url }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" docker: baseurl: "{{ stackhpc_repo_centos_stream_9_docker_url }}" description: "Package repository for installing docker" @@ -144,6 +166,8 @@ dnf_custom_repos_el9: file: docker gpgkey: "{{ dnf_docker_gpg_key_url }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" # ELRepo 9 dnf_custom_repos_elrepo_9: @@ -154,6 +178,8 @@ dnf_custom_repos_elrepo_9: file: elrepo gpgkey: https://www.elrepo.org/RPM-GPG-KEY-elrepo.org gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" # Rocky 9 specific repositories dnf_custom_repos_rocky_9: @@ -163,24 +189,32 @@ dnf_custom_repos_rocky_9: file: rocky gpgkey: "{{ rocky_9_gpg_key }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" baseos: baseurl: "{{ stackhpc_repo_rocky_9_baseos_url }}" description: "Rocky Linux $releasever - BaseOS" file: rocky gpgkey: "{{ rocky_9_gpg_key }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" crb: baseurl: "{{ stackhpc_repo_rocky_9_crb_url }}" description: "Rocky Linux $releasever - CRB" file: rocky gpgkey: "{{ rocky_9_gpg_key }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" extras: baseurl: "{{ stackhpc_repo_rocky_9_extras_url }}" description: "Rocky Linux $releasever - Extras" file: rocky-extras gpgkey: "{{ rocky_9_gpg_key }}" gpgcheck: yes + username: "{{ stackhpc_repo_mirror_username | default(omit, true) }}" + password: "{{ stackhpc_repo_mirror_password | default(omit, true) }}" # Whether to enable EPEL repositories. This affects RedHat-based systems only. dnf_enable_epel: "{{ dnf_install_epel | bool }}" diff --git a/etc/kayobe/stackhpc.yml b/etc/kayobe/stackhpc.yml index 3c0e32430..21233ab34 100644 --- a/etc/kayobe/stackhpc.yml +++ b/etc/kayobe/stackhpc.yml @@ -2,6 +2,12 @@ # Host and port of a package repository mirror. stackhpc_repo_mirror_url: "{{ pulp_url }}" +# Username of a package repository mirror. +stackhpc_repo_mirror_username: + +# Password of a package repository mirror. +stackhpc_repo_mirror_password: + # Distribution name. Either 'development' or 'production'. stackhpc_repo_distribution: "development" From e9130b9c51161fdadd676932eae5f2c13f5948a8 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 7 Feb 2024 11:52:32 +0000 Subject: [PATCH 03/10] CI: Use Ark package repositories to install packages Previously we were using Test Pulp on SMS lab, but this is out of action. Switching to Ark allows CI jobs to run on Leafcloud (or anywhere with Internet access). --- etc/kayobe/environments/ci-aio/stackhpc-ci.yml | 17 ++++++++++------- .../environments/ci-builder/stackhpc-ci.yml | 5 ++++- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/etc/kayobe/environments/ci-aio/stackhpc-ci.yml b/etc/kayobe/environments/ci-aio/stackhpc-ci.yml index 9740da775..6050bffd2 100644 --- a/etc/kayobe/environments/ci-aio/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-aio/stackhpc-ci.yml @@ -17,7 +17,10 @@ resolv_is_managed: false # Host and port of a package repository mirror. # Build and deploy the development Pulp service repositories. -stackhpc_repo_mirror_url: "http://pulp-server.internal.sms-cloud:8080" +# Use Ark's package repositories to install packages. +stackhpc_repo_mirror_url: "{{ stackhpc_release_pulp_url }}" +stackhpc_repo_mirror_username: "{{ stackhpc_docker_registry_username }}" +stackhpc_repo_mirror_password: "{{ stackhpc_docker_registry_password }}" # Build and deploy released Pulp repository versions. stackhpc_repo_centos_stream_baseos_version: "{{ stackhpc_pulp_repo_centos_stream_8_baseos_version }}" @@ -74,11 +77,11 @@ stackhpc_include_os_minor_version_in_repo_url: true stackhpc_docker_registry: "{{ stackhpc_repo_mirror_url | regex_replace('^https?://', '') }}" # Username and password of container registry. -stackhpc_docker_registry_username: "admin" +stackhpc_docker_registry_username: "release-train-ci" stackhpc_docker_registry_password: !vault | $ANSIBLE_VAULT;1.1;AES256 - 38653432663133653430323937626239323836653537633633326265643930653034306532646464 - 3766353637326534643136326533633034666535323364660a633639393433376564363666663233 - 38333133393730633666613965653364316162353337313330346164303631313731646461363461 - 3963323635373866630a633533376339363734626664333765313665623662613764363038383735 - 38646138376438643533376161376634653439386230353365316239613430363338 + 38356134376436656165303634626531653836366233383531343439646433376334396438373735 + 3135643664353934356237376134623235356137383263300a333165386562396134633534376532 + 34386133383366326639353432386235336132663839333337323739633434613934346462363031 + 3265323831663964360a643962346231386462323236373963633066393736323234303833363535 + 3664 diff --git a/etc/kayobe/environments/ci-builder/stackhpc-ci.yml b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml index efe4236e9..946759718 100644 --- a/etc/kayobe/environments/ci-builder/stackhpc-ci.yml +++ b/etc/kayobe/environments/ci-builder/stackhpc-ci.yml @@ -42,7 +42,10 @@ resolv_is_managed: false # Host and port of a package repository mirror. # Build against the development Pulp service repositories. -stackhpc_repo_mirror_url: "http://pulp-server.internal.sms-cloud:8080" +# Use Ark's package repositories to install packages. +stackhpc_repo_mirror_url: "{{ stackhpc_release_pulp_url }}" +stackhpc_repo_mirror_username: "{{ stackhpc_docker_registry_username }}" +stackhpc_repo_mirror_password: "{{ stackhpc_docker_registry_password }}" # Build against released Pulp repository versions. stackhpc_repo_centos_stream_baseos_version: "{{ stackhpc_pulp_repo_centos_stream_8_baseos_version }}" From c22bc405500cfa5e0b81c519dabf99081338f571 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 7 Feb 2024 14:35:55 +0000 Subject: [PATCH 04/10] CI: Switch from sms-lab-release to openstack cloud This more generic name should be more portable. --- .github/workflows/stackhpc-pull-request.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/stackhpc-pull-request.yml b/.github/workflows/stackhpc-pull-request.yml index 2d71792a1..3b4a095f0 100644 --- a/.github/workflows/stackhpc-pull-request.yml +++ b/.github/workflows/stackhpc-pull-request.yml @@ -85,7 +85,7 @@ jobs: with: kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} neutron_plugin: ovs - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -99,7 +99,7 @@ jobs: with: kayobe_image: ${{ needs.build-kayobe-image.outputs.kayobe_image }} neutron_plugin: ovn - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -115,7 +115,7 @@ jobs: os_distribution: rocky os_release: "8" neutron_plugin: ovs - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -131,7 +131,7 @@ jobs: os_distribution: rocky os_release: "8" neutron_plugin: ovn - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -148,7 +148,7 @@ jobs: os_release: focal ssh_username: ubuntu neutron_plugin: ovs - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -165,7 +165,7 @@ jobs: os_release: focal ssh_username: ubuntu neutron_plugin: ovn - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -182,7 +182,7 @@ jobs: os_release: jammy ssh_username: ubuntu neutron_plugin: ovs - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -199,7 +199,7 @@ jobs: os_release: jammy ssh_username: ubuntu neutron_plugin: ovn - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -216,7 +216,7 @@ jobs: os_release: "9" ssh_username: cloud-user neutron_plugin: ovs - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} @@ -233,7 +233,7 @@ jobs: os_release: "9" ssh_username: cloud-user neutron_plugin: ovn - OS_CLOUD: sms-lab-release + OS_CLOUD: openstack if: ${{ needs.check-changes.outputs.aio == 'true' }} secrets: inherit if: ${{ ! failure() && github.repository == 'stackhpc/stackhpc-kayobe-config' }} From 7f014ad6b6ccf6fef5bd4c1d464d1c1de8749910 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 7 Feb 2024 14:47:58 +0000 Subject: [PATCH 05/10] CI: Update aio VM flavor, network and subnet for Leafcloud --- .github/workflows/stackhpc-all-in-one.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml index c343a5da3..39744b57d 100644 --- a/.github/workflows/stackhpc-all-in-one.yml +++ b/.github/workflows/stackhpc-all-in-one.yml @@ -38,15 +38,15 @@ on: vm_flavor: description: Flavor for the all-in-one VM type: string - default: general.v1.medium + default: en1.medium vm_network: description: Network for the all-in-one VM type: string - default: stackhpc-release + default: stackhpc-ci vm_subnet: description: Subnet for the all-in-one VM type: string - default: stackhpc-release-subnet + default: stackhpc-ci OS_CLOUD: description: Name of cloud in clouds.yaml type: string From bc99a536be757f5755b3db2ceb3ceca6f7f9b338 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 7 Feb 2024 14:51:31 +0000 Subject: [PATCH 06/10] CI: Update GitHub action versions for node20 node16 support is deprecated and will be dropped. --- .github/workflows/overcloud-host-image-build.yml | 12 ++++++------ .github/workflows/stackhpc-all-in-one.yml | 4 ++-- .github/workflows/stackhpc-build-kayobe-image.yml | 8 ++++---- .github/workflows/stackhpc-container-image-build.yml | 2 +- .github/workflows/stackhpc-pull-request.yml | 4 ++-- 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/overcloud-host-image-build.yml b/.github/workflows/overcloud-host-image-build.yml index 00952f2cb..0c2fc3efb 100644 --- a/.github/workflows/overcloud-host-image-build.yml +++ b/.github/workflows/overcloud-host-image-build.yml @@ -362,7 +362,7 @@ jobs: if: inputs.ubuntu-jammy && steps.build_ubuntu_jammy.outcome == 'success' - name: Upload updated images artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Updated images list path: /tmp/updated_images.txt @@ -374,7 +374,7 @@ jobs: steps.build_ubuntu_jammy.outcome == 'success' - name: Upload CentOS build logs if build failed - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: CentOS build logs path: | @@ -384,7 +384,7 @@ jobs: if: steps.build_centos_stream_8.outcome == 'failure' - name: Upload Rocky 8 build logs if build failed - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Rocky 8 build logs path: | @@ -394,7 +394,7 @@ jobs: if: steps.build_rocky_8.outcome == 'failure' - name: Upload Rocky 9 build logs if build failed - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Rocky 9 build logs path: | @@ -404,7 +404,7 @@ jobs: if: steps.build_rocky_9.outcome == 'failure' - name: Upload Ubuntu Focal 20.04 build logs if build failed - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Ubuntu Focal 20.04 build logs path: | @@ -414,7 +414,7 @@ jobs: if: steps.build_ubuntu_focal.outcome == 'failure' - name: Upload Ubuntu Jammy 22.04 build logs if build failed - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: Ubuntu Jammy 22.04 build logs path: | diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml index 39744b57d..3a6f1dc84 100644 --- a/.github/workflows/stackhpc-all-in-one.yml +++ b/.github/workflows/stackhpc-all-in-one.yml @@ -106,7 +106,7 @@ jobs: fi - name: Install terraform - uses: hashicorp/setup-terraform@v2 + uses: hashicorp/setup-terraform@v3 - name: Initialise terraform run: terraform init @@ -273,7 +273,7 @@ jobs: KAYOBE_AUTOMATION_SSH_PRIVATE_KEY: ${{ steps.ssh_key.outputs.ssh_key }} - name: Upload test result artifacts - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: tempest-results-${{ inputs.os_distribution }}-${{ inputs.os_release }}-${{ inputs.neutron_plugin }} path: tempest-artifacts/* diff --git a/.github/workflows/stackhpc-build-kayobe-image.yml b/.github/workflows/stackhpc-build-kayobe-image.yml index 330de33d3..ace9a544c 100644 --- a/.github/workflows/stackhpc-build-kayobe-image.yml +++ b/.github/workflows/stackhpc-build-kayobe-image.yml @@ -52,7 +52,7 @@ jobs: submodules: true - name: Log in to the Container registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -60,12 +60,12 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 with: driver-opts: | image=moby/buildkit:master @@ -81,7 +81,7 @@ jobs: # Setting KAYOBE_USER_UID and KAYOBE_USER_GID to 1001 to match docker's defaults # so that docker can run as a privileged user within the Kayobe image. - name: Build and push Docker image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: file: ./.automation/docker/kayobe/Dockerfile context: . diff --git a/.github/workflows/stackhpc-container-image-build.yml b/.github/workflows/stackhpc-container-image-build.yml index d899f20b3..5309b21d5 100644 --- a/.github/workflows/stackhpc-container-image-build.yml +++ b/.github/workflows/stackhpc-container-image-build.yml @@ -209,7 +209,7 @@ jobs: run: if [ $(wc -l < ${{ matrix.distro }}-container-images) -le 1 ]; then exit 1; fi - name: Upload container images artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ matrix.distro }} container images path: ${{ matrix.distro }}-container-images diff --git a/.github/workflows/stackhpc-pull-request.yml b/.github/workflows/stackhpc-pull-request.yml index 3b4a095f0..987e15356 100644 --- a/.github/workflows/stackhpc-pull-request.yml +++ b/.github/workflows/stackhpc-pull-request.yml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v4 - name: Check changed files - uses: dorny/paths-filter@v2 + uses: dorny/paths-filter@v3 id: changes with: # Filters are defined in this file. @@ -51,7 +51,7 @@ jobs: with: fetch-depth: 0 - name: Setup Python ${{ matrix.python-version }} 🐍 - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install Tox 📦 From 1cd35093a9666166152fed0c43a5ce5558e083d3 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 8 Feb 2024 12:52:52 +0000 Subject: [PATCH 07/10] Revert hashicorp/setup-terraform action to v2 due to failure --- .github/workflows/stackhpc-all-in-one.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml index 3a6f1dc84..8c5b673ff 100644 --- a/.github/workflows/stackhpc-all-in-one.yml +++ b/.github/workflows/stackhpc-all-in-one.yml @@ -106,7 +106,7 @@ jobs: fi - name: Install terraform - uses: hashicorp/setup-terraform@v3 + uses: hashicorp/setup-terraform@v2 - name: Initialise terraform run: terraform init From cc5199745180bf07b45c5177001c50b419b6f7c7 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Wed, 7 Feb 2024 15:32:47 +0000 Subject: [PATCH 08/10] CI: Revert to ens3 interface for Leafcloud Leafcloud is not using the q35 machine type yet. --- .github/workflows/stackhpc-all-in-one.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml index 8c5b673ff..922bf5d54 100644 --- a/.github/workflows/stackhpc-all-in-one.yml +++ b/.github/workflows/stackhpc-all-in-one.yml @@ -34,7 +34,7 @@ on: vm_interface: description: Default network interface name type: string - default: enp3s0 + default: ens3 vm_flavor: description: Flavor for the all-in-one VM type: string From 3abdf8c98b0c46c2738a961377e7ad215dbf36c1 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 8 Feb 2024 11:59:15 +0000 Subject: [PATCH 09/10] Add Apt auth configuration This allows us to use packages from authenticated repositories such as those on Ark. This patch depends on https://review.opendev.org/c/openstack/kayobe/+/908413 --- etc/kayobe/apt.yml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/etc/kayobe/apt.yml b/etc/kayobe/apt.yml index 862b21956..1d043d111 100644 --- a/etc/kayobe/apt.yml +++ b/etc/kayobe/apt.yml @@ -75,6 +75,22 @@ apt_repositories: "{{ stackhpc_apt_repositories if 'overcloud' in group_names el # repository mirrors are deployed. apt_disable_sources_list: "{{ 'overcloud' in group_names }}" +# Apt auth configuration for accessing the package repository mirror. +stackhpc_apt_auth: + - machine: "{{ stackhpc_repo_mirror_url }}" + login: "{{ stackhpc_repo_mirror_username }}" + password: "{{ stackhpc_repo_mirror_password }}" + filename: "kayobe.conf" + +# List of Apt auth configurations. Each item is a dict with the following keys: +# * machine: 'machine' entry in the auth file +# * login: 'login' entry in the auth file +# * password: 'password' entry in the auth file +# * filename: Name of a file in which to store the auth configuration. The +# extension should be '.conf'. +# Default is an empty list. +apt_auth: "{{ stackhpc_apt_auth if 'overcloud' in group_names and stackhpc_repo_mirror_username is truthy else [] }}" + ############################################################################### # Dummy variable to allow Ansible to accept this file. workaround_ansible_issue_8743: yes From af7316123cdb27f51dc53b7a374510154d02b6a5 Mon Sep 17 00:00:00 2001 From: Mark Goddard Date: Thu, 8 Feb 2024 12:22:52 +0000 Subject: [PATCH 10/10] CI: Increase flavor to en1.large - some jobs were failing Tempest jobs --- .github/workflows/stackhpc-all-in-one.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stackhpc-all-in-one.yml b/.github/workflows/stackhpc-all-in-one.yml index 922bf5d54..75aff0f82 100644 --- a/.github/workflows/stackhpc-all-in-one.yml +++ b/.github/workflows/stackhpc-all-in-one.yml @@ -38,7 +38,7 @@ on: vm_flavor: description: Flavor for the all-in-one VM type: string - default: en1.medium + default: en1.large vm_network: description: Network for the all-in-one VM type: string