Skip to content

Commit

Permalink
Add ceph-cm-ansible-prs job
Browse files Browse the repository at this point in the history
Signed-off-by: David Galloway <[email protected]>
  • Loading branch information
David Galloway committed Nov 10, 2017
1 parent 248aebb commit cf9cba5
Show file tree
Hide file tree
Showing 4 changed files with 348 additions and 0 deletions.
145 changes: 145 additions & 0 deletions ansible/examples/slave_teuthology.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,145 @@
---
# This playbook should only be run against a teuthology host or a machine inside the Sepia test lab that can lock testnodes.
# See ceph-cm-ansible/README.rst

- hosts: all
become: true
user: cm
vars:
- jenkins_user: 'jenkins-build'
# jenkins API credentials:
- api_user: 'ceph-jenkins'
- token: '{{ token }}'
- api_uri: 'https://jenkins.ceph.com'
- jenkins_credentials_uuid: '39fa150b-b2a1-416e-b334-29a9a2c0b32d'
- nodename: 'teuthology'
- labels: 'teuthology'

tasks:
- name: "create a {{ jenkins_user }} user"
user:
name: "{{ jenkins_user }}"
append: yes
comment: "Jenkins Build Slave User"

- name: "create a {{ jenkins_user }} home directory"
file:
path: "/home/{{ jenkins_user }}/"
state: directory
owner: "{{ jenkins_user }}"

- name: Create .ssh directory
file:
path: "/home/{{ jenkins_user }}/.ssh"
state: directory
owner: "{{ jenkins_user }}"

- name: set the authorized keys
authorized_key:
user: "{{ jenkins_user }}"
key: "{{ lookup('file', 'files/ssh/keys/jenkins_build.pub') }}"

- name: Write ~/.ssh/config
blockinfile:
path: "/home/{{ jenkins_user }}/.ssh/config"
create: yes
block: |
Host *
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
- name: set utf-8 for LC_ALL
lineinfile:
dest: "/home/{{ jenkins_user }}/.bashrc"
regexp: '^export LC_ALL='
line: "export LC_ALL=en_US.UTF-8"
create: true
state: present

- name: set utf-8 for LANG
lineinfile:
dest: "/home/{{ jenkins_user }}/.bashrc"
regexp: '^export LANG='
line: "export LANG=en_US.UTF-8"

- name: set utf-8 for LANGUAGE
lineinfile:
dest: "/home/{{ jenkins_user }}/.bashrc"
regexp: '^export LANGUAGE='
line: "export LANGUAGE=en_US.UTF-8"

- name: ensure the build dir exists
file:
path: "/home/{{ jenkins_user }}/build"
state: directory
owner: "{{ jenkins_user }}"

- name: ensure the home dir has the right owner permissions
file:
path: "/home/{{ jenkins_user }}"
state: directory
owner: "{{ jenkins_user }}"
group: "{{ jenkins_user }}"
recurse: yes

- name: ensure the gitconfig file exists
shell: printf "[user]\name=Ceph CI\[email protected]\n" > /home/{{ jenkins_user }}/.gitconfig

- name: ensure the gitconfig file has right permissions
file:
path: "/home/{{ jenkins_user }}/.gitconfig"
owner: "{{ jenkins_user }}"

- name: install six, latest one
pip:
name: six
state: latest

- name: install python-jenkins
# https://review.openstack.org/460363
pip:
name: python-jenkins
version: 0.4.15

- name: add github.com host key
known_hosts:
path: '/etc/ssh/ssh_known_hosts'
# we need to use 'host' here because prado currently uses ansible-playbook==1.9.1
host: 'github.com'
# github.com.pub is the output of `ssh-keyscan github.com`
key: "{{ lookup('file', 'files/ssh/hostkeys/github.com.pub') }}"

- name: register the new slave to jenkins master with jnlp
jenkins_node:
username: "{{ api_user }}"
uri: "{{ api_uri }}"
password: "{{ token }}"
# relies on a convention to set a unique name that allows a reverse
# mapping from Jenkins back to whatever service created the current
# node
name: "{{ ansible_default_ipv4.address }}+{{ nodename }}"
labels: "{{ labels }}"
host: "{{ ansible_default_ipv4.address }}"
credentialsId: "{{ jenkins_credentials_uuid }}"
launcher: 'hudson.slaves.JNLPLauncher'
remoteFS: '/home/{{ jenkins_user }}/build'
# XXX this should be configurable, not all nodes should have one executor
executors: '{{ executors|default(1) }}'
exclusive: true

- name: Download slave.jar
get_url:
url: "{{ api_uri }}/jnlpJars/slave.jar"
dest: "/home/{{ jenkins_user }}/slave.jar"
force: yes

- name: install the systemd unit file for jenkins
template:
src: "templates/systemd/jenkins.service.j2"
dest: "/etc/systemd/system/jenkins.service"

- name: start jenkins service
service:
name: jenkins
state: started
enabled: yes
29 changes: 29 additions & 0 deletions ceph-cm-ansible-prs/README.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
ceph-cm-ansible-prs
===================

This job tests changes to the ceph-cm-ansible_ repo. It locks one testnode per machine type **and** distro and runs the ``ansible_managed`` and ``testnodes`` playbooks.

Prerequisites
-------------

These steps should only have to be performed when a new teuthology host is being set up but it's good to have documented.

#. Run the ``ansible/examples/slave_teuthology.yml`` playbook against the teuthology host.

#. As the ``jenkins-build`` user on the teuthology host, generate a new RSA SSH key (``ssh-keygen -t rsa``).

#. Copy the public key to jenkins-build.pub_ in the keys repo. (This is so the jenkins-build user can ssh to testnodes and VPSHOSTs)

#. Copy/create ``/home/jenkins-build/.config/libvirt/libvirt.conf`` so the jenkins-build user can downburst VPSes.

#. Run the ceph-cm-ansible_ ``users`` playbook against VPSHOSTs so the jenkins-build pubkey is added to the ubuntu user's authorized_keys on the VPSHOSTs.

**NOTE:** This job also relies on:

- teuthology.yaml_ -- If the job is being run on the teuthology host, this should already be in place at ``/etc/teuthology.yaml``.
- ceph-sepia-secrets_ -- If the job is being run on a teuthology host, ``/etc/ansible`` should already be symlinked to a ceph-sepia-secrets checkout.

.. _ceph-cm-ansible: https://github.com/ceph/ceph-cm-ansible
.. _jenkins-build.pub: https://github.com/ceph/keys/blob/master/ssh/jenkins-build.pub
.. _teuthology.yaml: http://docs.ceph.com/teuthology/docs/siteconfig.html
.. _ceph-sepia-secrets: https://github.com/ceph/ceph-sepia-secrets/
89 changes: 89 additions & 0 deletions ceph-cm-ansible-prs/build/build
Original file line number Diff line number Diff line change
@@ -0,0 +1,89 @@
#!/bin/bash
# NOTE: Commented code was my attempt at creating this as a matrix job.
# I couldn't get the child jobs to share the same checkout/venv of teuthology
# so I left the code in place in case I (or somebody else) wants to take a
# crack at it in the future.

set -ex

# Clone or update teuthology
if [ ! -d teuthology ]; then
git clone https://github.com/ceph/teuthology
cd teuthology
else
cd teuthology
git pull
fi

# Bootstrap teuthology
./bootstrap

cd $WORKSPACE

# Clone or update teuthology
if [ ! -d downburst ]; then
git clone https://github.com/ceph/downburst
cd downburst
else
cd downburst
git pull
fi

# Bootstrap downburst
./bootstrap

# Activate our virtualenv containing teuthology and ansible
source $WORKSPACE/teuthology/virtualenv/bin/activate

# Add downburst to path
PATH=$PATH:$WORKSPACE/downburst/virtualenv/bin

#if [ $DISTRO == "xenial" ]; then
# DISTRO="ubuntu"
# DISTRO_VERSION="16.04"
#elif [ $DISTRO == "trusty" ]; then
# DISTRO="ubuntu"
# DISTRO_VERSION="14.04"
#elif [ $DISTRO == "centos" ]; then
# DISTRO="centos"
# DISTRO_VERSION="7.3"
#else
# echo "Unknown distro: $DISTRO"
# exit 1
#fi

# Don't bail since we'll almost certainly not lock every machine/os type on the first try
set +e

for machine_type in smithi mira vps; do
LOCK_TRUSTY_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type ubuntu --os-version 14.04"
LOCK_XENIAL_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type ubuntu --os-version 16.04"
LOCK_CENTOS_CMD="teuthology-lock --lock-many 1 --machine-type $machine_type --os-type centos --os-version 7.3"
$LOCK_TRUSTY_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_TRUSTY_CMD; done
$LOCK_XENIAL_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_XENIAL_CMD; done
$LOCK_CENTOS_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_CENTOS_CMD; done
done

#LOCK_CMD="teuthology-lock --lock-many 1 --machine-type $MACHINE_TYPE --os-type $DISTRO --os-version $DISTRO_VERSION"
#
## Keep trying to lock a machine
#$LOCK_CMD; while [ $? -ne 0 ]; do sleep 5; $LOCK_CMD; done

set -e

locked_machines=$(teuthology-lock --brief | awk '{ print $1 }' | paste -sd "," -)
#locked_machines=$(teuthology-lock --brief --machine-type $MACHINE_TYPE --os-type $DISTRO --os-version $DISTRO_VERSION | awk '{ print $1 }' | paste -sd "," -)

cd $WORKSPACE/ceph-cm-ansible

# Erase line about the vault password since testnodes don't need any secrets
sed -i '/vault_password_file/d' ./ansible.cfg

ansible-playbook -vv ansible_managed.yml --limit=\"$locked_machines\"
#ansible-playbook -vvv ansible_managed.yml --limit=\"$locked_machine\"

ansible-playbook -vv testnodes.yml -e ansible_ssh_user=ubuntu --limit=\"$locked_machines\"
#ansible-playbook -vvv testnodes.yml -e ansible_ssh_user=ubuntu --limit=\"$locked_machine\"

teuthology-lock --unlock -t <(teuthology-lock --list-targets)
#teuthology-lock --unlock $locked_machine
85 changes: 85 additions & 0 deletions ceph-cm-ansible-prs/config/definitions/ceph-cm-ansible-prs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
- scm:
name: ceph-cm-ansible
scm:
- git:
url: https://github.com/ceph/ceph-cm-ansible
branches:
- ${sha1}
refspec: +refs/pull/*:refs/remotes/origin/pr/*
browser: auto
timeout: 20
basedir: "ceph-cm-ansible"
skip-tag: true
wipe-workspace: true

- job:
name: ceph-cm-ansible-pull-requests
description: Tests changes to ceph-cm-ansible testnode playbook
project-type: freestyle
# project-type: matrix
node: teuthology
block-downstream: false
block-upstream: false
defaults: global
display-name: 'ceph-cm-ansible: Pull Requests'
quiet-period: 5
# execution-strategy:
# sequential: false
# axes:
# - axis:
# type: user-defined
# name: MACHINE_TYPE
# values:
# - smithi
# - mira
# - vps
# - axis:
# type: user-defined
# name: DISTRO
# values:
# - trusty
# - xenial
# - centos
# - axis:
# type: label-expression
# name: teuthology
# values:
# - teuthology

logrotate:
daysToKeep: 14

properties:
- github:
url: https://github.com/ceph/ceph-cm-ansible/

parameters:
- string:
name: sha1
description: "A pull request ID, like 'origin/pr/72/head'"

triggers:
- github-pull-request:
admin-list:
- djgalloway
- zmc
org-list:
- ceph
only-trigger-phrase: false
github-hooks: true
permit-all: true
auto-close-on-fail: false

scm:
- ceph-cm-ansible

builders:
- shell:
!include-raw:
- ../../../scripts/build_utils.sh
- ../../build/build
#
# wrappers:
# - pre-scm-buildstep:
# - shell:
# !include-raw: ../../build/setup

0 comments on commit cf9cba5

Please sign in to comment.