Merge "Add os-ctl-vip address to ctl nodes" into release/proposed/2019.2.0
diff --git a/backupninja/client/single.yml b/backupninja/client/single.yml
index 6eecc33..0ea839b 100644
--- a/backupninja/client/single.yml
+++ b/backupninja/client/single.yml
@@ -1,2 +1,8 @@
classes:
- service.backupninja.client.single
+parameters:
+ backupninja:
+ client:
+ scheduling:
+ when:
+ - manual
diff --git a/defaults/backup.yml b/defaults/backup.yml
new file mode 100644
index 0000000..66e5173
--- /dev/null
+++ b/defaults/backup.yml
@@ -0,0 +1,7 @@
+parameters:
+ _param:
+ backup_min: "0"
+ backup_hour: "*/12"
+ backup_day_of_month: "*"
+ backup_month: "*"
+ backup_day_of_week: "*"
diff --git a/defaults/init.yml b/defaults/init.yml
index c90c404..12ced59 100644
--- a/defaults/init.yml
+++ b/defaults/init.yml
@@ -26,6 +26,7 @@
- system.defaults.secrets
- system.defaults.stacklight
- system.defaults.xtrabackup
+- system.defaults.backup
- system.defaults.haproxy
parameters:
_param:
diff --git a/defaults/jenkins.yml b/defaults/jenkins.yml
index d01bf4e..68d843d 100644
--- a/defaults/jenkins.yml
+++ b/defaults/jenkins.yml
@@ -1,6 +1,6 @@
parameters:
_param:
jenkins_master_port: 8081
- jenkins_master_protocol: http
+ jenkins_master_protocol: https
jenkins_pipelines_branch: "master"
jenkins_salt_api_url: "https://${_param:salt_master_host}:${_param:nginx_proxy_salt_api_site_port}"
diff --git a/docker/swarm/stack/gerrit.yml b/docker/swarm/stack/gerrit.yml
index 42af606..c164d75 100644
--- a/docker/swarm/stack/gerrit.yml
+++ b/docker/swarm/stack/gerrit.yml
@@ -11,6 +11,7 @@
gerrit_db_publish_port: 13306
gerrit_publish_port: 18083
gerrit_ssh_publish_port: 29417
+ gerrit_http_request_log: ""
docker:
client:
stack:
@@ -44,6 +45,7 @@
LDAP_PASSWORD: ${_param:gerrit_ldap_bind_password}
WEBURL: ${_param:gerrit_public_host}
HTTPD_LISTENURL: ${_param:gerrit_http_listen_url}
+ HTTPD_REQUESTLOG: ${_param:gerrit_http_request_log}
GERRIT_ADMIN_SSH_PUBLIC: ${_param:gerrit_admin_public_key}
GERRIT_ADMIN_PWD: ${_param:gerrit_admin_password}
GERRIT_ADMIN_EMAIL: ${_param:gerrit_admin_email}
diff --git a/docker/swarm/stack/postgresql.yml b/docker/swarm/stack/postgresql.yml
index 619e0c2..12eb874 100644
--- a/docker/swarm/stack/postgresql.yml
+++ b/docker/swarm/stack/postgresql.yml
@@ -9,6 +9,8 @@
postgresql_admin_user: postgres
docker:
client:
+ images:
+ - ${_param:docker_image_postgresql}
stack:
postgresql:
environment:
diff --git a/gerrit/client/init.yml b/gerrit/client/init.yml
index 16e4231..4ed374e 100644
--- a/gerrit/client/init.yml
+++ b/gerrit/client/init.yml
@@ -19,7 +19,7 @@
auth_method: basic
http_port: 8080
ssh_port: 29418
- protocol: http
+ protocol: https
password: ${_param:gerrit_admin_password}
key: ${_param:gerrit_admin_private_key}
user:
diff --git a/haproxy/proxy/listen/cicd/gerrit.yml b/haproxy/proxy/listen/cicd/gerrit.yml
index f6ded20..9e11f03 100644
--- a/haproxy/proxy/listen/cicd/gerrit.yml
+++ b/haproxy/proxy/listen/cicd/gerrit.yml
@@ -1,3 +1,5 @@
+classes:
+ - system.salt.minion.cert.proxy.drivetrain_ssl
parameters:
_param:
haproxy_gerrit_bind_host: ${_param:haproxy_bind_address}
@@ -5,7 +7,8 @@
haproxy_gerrit_ssh_bind_host: ${_param:haproxy_gerrit_bind_host}
haproxy_gerrit_ssh_bind_port: 29418
haproxy_gerrit_ssl:
- enabled: false
+ enabled: true
+ pem_file: /etc/haproxy/ssl/drivetrain.pem
haproxy:
proxy:
listen:
diff --git a/haproxy/proxy/listen/cicd/jenkins.yml b/haproxy/proxy/listen/cicd/jenkins.yml
index d8c67d0..9f3bf07 100644
--- a/haproxy/proxy/listen/cicd/jenkins.yml
+++ b/haproxy/proxy/listen/cicd/jenkins.yml
@@ -1,3 +1,5 @@
+classes:
+ - system.salt.minion.cert.proxy.drivetrain_ssl
parameters:
_param:
haproxy_jenkins_bind_host: ${_param:haproxy_bind_address}
@@ -5,7 +7,8 @@
haproxy_jenkins_jnlp_bind_host: ${_param:haproxy_jenkins_bind_host}
haproxy_jenkins_jnlp_bind_port: 50000
haproxy_jenkins_ssl:
- enabled: false
+ enabled: true
+ pem_file: /etc/haproxy/ssl/drivetrain.pem
haproxy:
proxy:
listen:
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index f15b370..d7a21be 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -138,6 +138,7 @@
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.lang.String int
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.Collection java.lang.String
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.List groovy.lang.Range
+ - staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getAt java.util.regex.Matcher java.util.Collection
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getBytes java.io.File
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getText java.io.InputStream
- staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods hasProperty java.lang.Object java.lang.String
diff --git a/jenkins/client/credential/gerrit.yml b/jenkins/client/credential/gerrit.yml
index b42f5af..8557506 100644
--- a/jenkins/client/credential/gerrit.yml
+++ b/jenkins/client/credential/gerrit.yml
@@ -1,6 +1,8 @@
+# SSH credentials
parameters:
_param:
gerrit_admin_user: admin
+ jenkins_gerrit_credentials: "gerrit"
jenkins:
client:
credential:
diff --git a/jenkins/client/credential/gerrit_http.yml b/jenkins/client/credential/gerrit_http.yml
new file mode 100644
index 0000000..7c13186
--- /dev/null
+++ b/jenkins/client/credential/gerrit_http.yml
@@ -0,0 +1,11 @@
+# HTTP credentials
+parameters:
+ _param:
+ gerrit_admin_user: admin
+ jenkins_gerrit_credentials: "gerrit_http"
+ jenkins:
+ client:
+ credential:
+ gerrit_http:
+ username: ${_param:gerrit_admin_user}
+ password: ${_param:gerrit_admin_password}
diff --git a/jenkins/client/init.yml b/jenkins/client/init.yml
index 11b5430..03406a3 100644
--- a/jenkins/client/init.yml
+++ b/jenkins/client/init.yml
@@ -10,6 +10,7 @@
jenkins_master_host: ${_param:control_vip_address}
jenkins_aptly_storages: "local"
jenkins_offline_deployment: "false"
+ jenkins_gerrit_credentials: "gerrit"
jenkins:
client:
globalenvprop:
@@ -18,13 +19,14 @@
master:
host: ${_param:jenkins_master_host}
port: ${_param:jenkins_master_port}
+ proto: https
username: ${_param:jenkins_client_user}
password: ${_param:jenkins_client_password}
lib:
pipeline-library:
enabled: true
url: ${_param:jenkins_gerrit_url}/mcp-ci/pipeline-library
- credential_id: gerrit
+ credential_id: ${_param:jenkins_gerrit_credentials}
branch: ${_param:jenkins_pipelines_branch}
theme:
css_url: '/userContent/theme/mirantis.css'
diff --git a/jenkins/client/job/ceph/add-node.yml b/jenkins/client/job/ceph/add-node.yml
index 29af563..1c8f234 100644
--- a/jenkins/client/job/ceph/add-node.yml
+++ b/jenkins/client/job/ceph/add-node.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-add-node.groovy
param:
# general parameters
diff --git a/jenkins/client/job/ceph/add-osd-upmap.yml b/jenkins/client/job/ceph/add-osd-upmap.yml
index f6390a6..949154d 100644
--- a/jenkins/client/job/ceph/add-osd-upmap.yml
+++ b/jenkins/client/job/ceph/add-osd-upmap.yml
@@ -14,7 +14,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-add-osd-upmap.groovy
param:
# general parameters
diff --git a/jenkins/client/job/ceph/backend-migration.yml b/jenkins/client/job/ceph/backend-migration.yml
index ab3f639..9289f3d 100644
--- a/jenkins/client/job/ceph/backend-migration.yml
+++ b/jenkins/client/job/ceph/backend-migration.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-backend-migration.groovy
param:
# general parameters
diff --git a/jenkins/client/job/ceph/remove-node.yml b/jenkins/client/job/ceph/remove-node.yml
index 901e319..db43faf 100644
--- a/jenkins/client/job/ceph/remove-node.yml
+++ b/jenkins/client/job/ceph/remove-node.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-remove-node.groovy
param:
# general parameters
diff --git a/jenkins/client/job/ceph/remove-osd.yml b/jenkins/client/job/ceph/remove-osd.yml
index 99dcb37..6f8452d 100644
--- a/jenkins/client/job/ceph/remove-osd.yml
+++ b/jenkins/client/job/ceph/remove-osd.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-remove-osd.groovy
param:
# general parameters
diff --git a/jenkins/client/job/ceph/replace-failed-osd.yml b/jenkins/client/job/ceph/replace-failed-osd.yml
index f5c9396..f76f07f 100644
--- a/jenkins/client/job/ceph/replace-failed-osd.yml
+++ b/jenkins/client/job/ceph/replace-failed-osd.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-replace-failed-osd.groovy
param:
# general parameters
diff --git a/jenkins/client/job/ceph/upgrade.yml b/jenkins/client/job/ceph/upgrade.yml
index d308845..b05fe98 100644
--- a/jenkins/client/job/ceph/upgrade.yml
+++ b/jenkins/client/job/ceph/upgrade.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: ceph-upgrade.groovy
param:
# general parameters
diff --git a/jenkins/client/job/deploy/backupninja_backup.yml b/jenkins/client/job/deploy/backupninja_backup.yml
new file mode 100644
index 0000000..e798e64
--- /dev/null
+++ b/jenkins/client/job/deploy/backupninja_backup.yml
@@ -0,0 +1,27 @@
+parameters:
+ jenkins:
+ client:
+ job:
+ backupninja_backup:
+ type: workflow-scm
+ name: backupninja-backup
+ display_name: "Backupninja salt-master/MaaS backup"
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: backupninja-backup-pipeline.groovy
+ param:
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
+ triggers:
+ - timed: "${_param:backup_min} ${_param:backup_hour} ${_param:backup_day_of_month} ${_param:backup_month} ${_param:backup_day_of_week}"
diff --git a/jenkins/client/job/deploy/backupninja_restore.yml b/jenkins/client/job/deploy/backupninja_restore.yml
new file mode 100644
index 0000000..664aa26
--- /dev/null
+++ b/jenkins/client/job/deploy/backupninja_restore.yml
@@ -0,0 +1,26 @@
+
+parameters:
+ jenkins:
+ client:
+ job:
+ backupninja_restore:
+ type: workflow-scm
+ name: backupninja-restore
+ display_name: "Backupninja restore salt-master/MaaS backup"
+ discard:
+ build:
+ keep_num: 50
+ concurrent: true
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ branch: "${_param:jenkins_pipelines_branch}"
+ credentials: "gerrit"
+ script: backupninja-restore-pipeline.groovy
+ param:
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ SALT_MASTER_URL:
+ type: string
+ default: "${_param:jenkins_salt_api_url}"
diff --git a/jenkins/client/job/deploy/galera_verify_restore.yml b/jenkins/client/job/deploy/galera_verify_restore.yml
index 73e312a..f0e898b 100644
--- a/jenkins/client/job/deploy/galera_verify_restore.yml
+++ b/jenkins/client/job/deploy/galera_verify_restore.yml
@@ -14,7 +14,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: galera-cluster-verify-restore.groovy
param:
SALT_MASTER_CREDENTIALS:
diff --git a/jenkins/client/job/deploy/k8s_control.yml b/jenkins/client/job/deploy/k8s_control.yml
index 4dba2e7..2f55d0b 100644
--- a/jenkins/client/job/deploy/k8s_control.yml
+++ b/jenkins/client/job/deploy/k8s_control.yml
@@ -14,7 +14,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: deploy-k8s-deployments.groovy
param:
# deployments and test settings
diff --git a/jenkins/client/job/deploy/kqueen.yml b/jenkins/client/job/deploy/kqueen.yml
index 9fc5394..1935a43 100644
--- a/jenkins/client/job/deploy/kqueen.yml
+++ b/jenkins/client/job/deploy/kqueen.yml
@@ -14,7 +14,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: deploy-aws-k8s-kqueen-pipeline.groovy
param:
# deployments
@@ -74,7 +74,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: deploy-heat-k8s-kqueen-pipeline.groovy
param:
# deployments
diff --git a/jenkins/client/job/deploy/lab/mom_deploy.yml b/jenkins/client/job/deploy/lab/mom_deploy.yml
index 8ae8f53..c6bbbc5 100644
--- a/jenkins/client/job/deploy/lab/mom_deploy.yml
+++ b/jenkins/client/job/deploy/lab/mom_deploy.yml
@@ -13,7 +13,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: deploy-virtual-edge-mom.groovy
param:
# general parameters
diff --git a/jenkins/client/job/deploy/openstack.yml b/jenkins/client/job/deploy/openstack.yml
index 107b932..3734741 100644
--- a/jenkins/client/job/deploy/openstack.yml
+++ b/jenkins/client/job/deploy/openstack.yml
@@ -14,7 +14,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cloud-deploy-pipeline.groovy
param:
# deployments and test settings
@@ -51,7 +51,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: openstack-compute-install.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/try_mcp.yml b/jenkins/client/job/deploy/try_mcp.yml
index 3ad2878..84ef6ea 100644
--- a/jenkins/client/job/deploy/try_mcp.yml
+++ b/jenkins/client/job/deploy/try_mcp.yml
@@ -14,7 +14,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: deploy-try-mcp.groovy
param:
COOKIECUTTER_TEMPLATE_CONTEXT:
diff --git a/jenkins/client/job/deploy/update/cloud_update.yml b/jenkins/client/job/deploy/update/cloud_update.yml
index f3fe8ef..ba658b0 100644
--- a/jenkins/client/job/deploy/update/cloud_update.yml
+++ b/jenkins/client/job/deploy/update/cloud_update.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cloud-update.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/config.yml b/jenkins/client/job/deploy/update/config.yml
index 5eafd70..eb5da61 100644
--- a/jenkins/client/job/deploy/update/config.yml
+++ b/jenkins/client/job/deploy/update/config.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: change-config.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/init.yml b/jenkins/client/job/deploy/update/init.yml
index be7e82e..8efaad7 100644
--- a/jenkins/client/job/deploy/update/init.yml
+++ b/jenkins/client/job/deploy/update/init.yml
@@ -1,7 +1,6 @@
classes:
- system.jenkins.client.job.deploy.update.package
- system.jenkins.client.job.deploy.update.config
- - system.jenkins.client.job.deploy.update.saltenv
- system.jenkins.client.job.deploy.update.update_mirror_image
- system.jenkins.client.job.deploy.update.update_ceph
- system.jenkins.client.job.deploy.update.upgrade
@@ -19,6 +18,8 @@
- system.jenkins.client.job.deploy.update.cloud_update
- system.jenkins.client.job.deploy.update.kubernetes_update
- system.jenkins.client.job.deploy.galera_verify_restore
+ - system.jenkins.client.job.deploy.backupninja_backup
+ - system.jenkins.client.job.deploy.backupninja_restore
- system.jenkins.client.job.deploy.update.update_glusterfs
- system.jenkins.client.job.deploy.update.update_glusterfs_servers
- system.jenkins.client.job.deploy.update.update_glusterfs_clients
diff --git a/jenkins/client/job/deploy/update/kubernetes_update.yml b/jenkins/client/job/deploy/update/kubernetes_update.yml
index ee77583..419f969 100644
--- a/jenkins/client/job/deploy/update/kubernetes_update.yml
+++ b/jenkins/client/job/deploy/update/kubernetes_update.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: k8s-upgrade-pipeline.groovy
param:
KUBERNETES_HYPERKUBE_SOURCE:
diff --git a/jenkins/client/job/deploy/update/package.yml b/jenkins/client/job/deploy/update/package.yml
index 65a4ac3..7444bcc 100644
--- a/jenkins/client/job/deploy/update/package.yml
+++ b/jenkins/client/job/deploy/update/package.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-package.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/reclass_update_check.yml b/jenkins/client/job/deploy/update/reclass_update_check.yml
index dd279b3..d946d95 100644
--- a/jenkins/client/job/deploy/update/reclass_update_check.yml
+++ b/jenkins/client/job/deploy/update/reclass_update_check.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: test-reclass-package.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/restore_cassandra.yml b/jenkins/client/job/deploy/update/restore_cassandra.yml
index 8b18eb1..d67ba98 100644
--- a/jenkins/client/job/deploy/update/restore_cassandra.yml
+++ b/jenkins/client/job/deploy/update/restore_cassandra.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: restore-cassandra.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/restore_zookeeper.yml b/jenkins/client/job/deploy/update/restore_zookeeper.yml
index 3d0dc05..fe0c7ec 100644
--- a/jenkins/client/job/deploy/update/restore_zookeeper.yml
+++ b/jenkins/client/job/deploy/update/restore_zookeeper.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: restore-zookeeper.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/saltenv.yml b/jenkins/client/job/deploy/update/saltenv.yml
deleted file mode 100644
index f2b38d2..0000000
--- a/jenkins/client/job/deploy/update/saltenv.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-#
-# Following job is about to simply execute Jenkinsfile of given Reclass model
-#
-parameters:
- _param:
- jenkins_salt_model_name: "salt"
- jenkins_salt_model_branch: "master"
- jenkins:
- client:
- job_template:
- update_salt_env:
- name: deploy-update-{{name}}
- jobs:
- - name: ${_param:jenkins_salt_model_name}
- salt_url: "${_param:jenkins_salt_api_url}"
- salt_credentials: salt
- template:
- display_name: "Deploy - update {{name}} environment"
- type: workflow-scm
- concurrent: false
- discard:
- build:
- keep_num: 10
- artifact:
- keep_num: 10
- scm:
- type: git
- url: "${_param:jenkins_gerrit_url}/salt-models/{{name}}"
- branch: ${_param:jenkins_salt_model_branch}
- credentials: "gerrit"
- script: Jenkinsfile
- param:
- SALT_MASTER_URL:
- type: string
- default: "{{salt_url}}"
- SALT_MASTER_CREDENTIALS:
- type: string
- default: "{{salt_credentials}}"
- UPDATE_FORMULAS:
- type: boolean
- default: "true"
diff --git a/jenkins/client/job/deploy/update/update_ceph.yml b/jenkins/client/job/deploy/update/update_ceph.yml
index 4b7603b..ff50db4 100644
--- a/jenkins/client/job/deploy/update/update_ceph.yml
+++ b/jenkins/client/job/deploy/update/update_ceph.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-ceph.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/update_glusterfs.yml b/jenkins/client/job/deploy/update/update_glusterfs.yml
index dfdfc9e..500af76 100644
--- a/jenkins/client/job/deploy/update/update_glusterfs.yml
+++ b/jenkins/client/job/deploy/update/update_glusterfs.yml
@@ -19,7 +19,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-glusterfs.groovy
param:
DRIVE_TRAIN_PARAMS:
diff --git a/jenkins/client/job/deploy/update/update_glusterfs_clients.yml b/jenkins/client/job/deploy/update/update_glusterfs_clients.yml
index 48a393c..c3f3abd 100644
--- a/jenkins/client/job/deploy/update/update_glusterfs_clients.yml
+++ b/jenkins/client/job/deploy/update/update_glusterfs_clients.yml
@@ -19,7 +19,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-glusterfs-clients.groovy
param:
DRIVE_TRAIN_PARAMS:
diff --git a/jenkins/client/job/deploy/update/update_glusterfs_cluster_op_version.yml b/jenkins/client/job/deploy/update/update_glusterfs_cluster_op_version.yml
index 24b1217..25fcc72 100644
--- a/jenkins/client/job/deploy/update/update_glusterfs_cluster_op_version.yml
+++ b/jenkins/client/job/deploy/update/update_glusterfs_cluster_op_version.yml
@@ -19,7 +19,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-glusterfs-cluster-op-version.groovy
param:
DRIVE_TRAIN_PARAMS:
diff --git a/jenkins/client/job/deploy/update/update_glusterfs_servers.yml b/jenkins/client/job/deploy/update/update_glusterfs_servers.yml
index 97f4e77..b6837d7 100644
--- a/jenkins/client/job/deploy/update/update_glusterfs_servers.yml
+++ b/jenkins/client/job/deploy/update/update_glusterfs_servers.yml
@@ -19,7 +19,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-glusterfs-servers.groovy
param:
DRIVE_TRAIN_PARAMS:
diff --git a/jenkins/client/job/deploy/update/update_mirror_image.yml b/jenkins/client/job/deploy/update/update_mirror_image.yml
index 96e905c..63ea898 100644
--- a/jenkins/client/job/deploy/update/update_mirror_image.yml
+++ b/jenkins/client/job/deploy/update/update_mirror_image.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-mirror-image.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/update_opencontrail4.yml b/jenkins/client/job/deploy/update/update_opencontrail4.yml
index e89d622..98110cb 100644
--- a/jenkins/client/job/deploy/update/update_opencontrail4.yml
+++ b/jenkins/client/job/deploy/update/update_opencontrail4.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: opencontrail4-update.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade.yml b/jenkins/client/job/deploy/update/upgrade.yml
index e3b60e1..fdbaab7 100644
--- a/jenkins/client/job/deploy/update/upgrade.yml
+++ b/jenkins/client/job/deploy/update/upgrade.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: openstack-control-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade_compute.yml b/jenkins/client/job/deploy/update/upgrade_compute.yml
index ed5a222..14919d0 100644
--- a/jenkins/client/job/deploy/update/upgrade_compute.yml
+++ b/jenkins/client/job/deploy/update/upgrade_compute.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: openstack-data-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade_mcp_release.yml b/jenkins/client/job/deploy/update/upgrade_mcp_release.yml
index 9d46def..091d169 100644
--- a/jenkins/client/job/deploy/update/upgrade_mcp_release.yml
+++ b/jenkins/client/job/deploy/update/upgrade_mcp_release.yml
@@ -20,7 +20,7 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
script: upgrade-mcp-release.groovy
type: git
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
branch: FETCH_HEAD
wipe_workspace: True
param:
diff --git a/jenkins/client/job/deploy/update/upgrade_opencontrail.yml b/jenkins/client/job/deploy/update/upgrade_opencontrail.yml
index 64c3aff..1530d86 100644
--- a/jenkins/client/job/deploy/update/upgrade_opencontrail.yml
+++ b/jenkins/client/job/deploy/update/upgrade_opencontrail.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: opencontrail-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade_opencontrail4_0.yml b/jenkins/client/job/deploy/update/upgrade_opencontrail4_0.yml
index 2d7ed69..97d151c 100644
--- a/jenkins/client/job/deploy/update/upgrade_opencontrail4_0.yml
+++ b/jenkins/client/job/deploy/update/upgrade_opencontrail4_0.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: opencontrail40-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml b/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
index 9d31352..793dab8 100644
--- a/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
+++ b/jenkins/client/job/deploy/update/upgrade_ovs_gateway.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: openstack-data-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade_rabbitmq.yml b/jenkins/client/job/deploy/update/upgrade_rabbitmq.yml
index 73c2f1f..aaf3e0a 100644
--- a/jenkins/client/job/deploy/update/upgrade_rabbitmq.yml
+++ b/jenkins/client/job/deploy/update/upgrade_rabbitmq.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: openstack-rabbitmq-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/upgrade_stacklight.yml b/jenkins/client/job/deploy/update/upgrade_stacklight.yml
index 578fd28..57747e4 100644
--- a/jenkins/client/job/deploy/update/upgrade_stacklight.yml
+++ b/jenkins/client/job/deploy/update/upgrade_stacklight.yml
@@ -16,7 +16,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: stacklight-upgrade.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/utils.yml b/jenkins/client/job/deploy/update/utils.yml
index ca669d4..aec0574 100644
--- a/jenkins/client/job/deploy/update/utils.yml
+++ b/jenkins/client/job/deploy/update/utils.yml
@@ -15,7 +15,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-reclass-metadata.groovy
param:
SALT_MASTER_URL:
@@ -43,7 +43,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-salt-master-formulas.groovy
param:
SALT_MASTER_URL:
@@ -71,7 +71,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: update-jenkins-master-jobs.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/deploy/update/virt_snapshot.yml b/jenkins/client/job/deploy/update/virt_snapshot.yml
index feada8a..d63c4f7 100644
--- a/jenkins/client/job/deploy/update/virt_snapshot.yml
+++ b/jenkins/client/job/deploy/update/virt_snapshot.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: libvirt-live-snapshots.groovy
param:
SALT_MASTER_URL:
diff --git a/jenkins/client/job/git-mirrors/downstream/init.yml b/jenkins/client/job/git-mirrors/downstream/init.yml
index fbfcd56..5a6257c 100644
--- a/jenkins/client/job/git-mirrors/downstream/init.yml
+++ b/jenkins/client/job/git-mirrors/downstream/init.yml
@@ -19,7 +19,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: git-mirror-pipeline.groovy
param:
SOURCE_URL:
diff --git a/jenkins/client/job/salt-models/generate.yml b/jenkins/client/job/salt-models/generate.yml
index 67f8747..8fe0916 100644
--- a/jenkins/client/job/salt-models/generate.yml
+++ b/jenkins/client/job/salt-models/generate.yml
@@ -20,7 +20,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: generate-cookiecutter-products.groovy
param:
# Cookiecutter
diff --git a/jenkins/client/job/security/openscap.yml b/jenkins/client/job/security/openscap.yml
index 94baf0f..4a9a84d 100644
--- a/jenkins/client/job/security/openscap.yml
+++ b/jenkins/client/job/security/openscap.yml
@@ -18,7 +18,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: test-openscap-pipeline.groovy
param:
OPENSCAP_TEST_TYPE:
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index e4e628a..cac9a59 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -21,7 +21,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: validate-cloud.groovy
param:
SALT_MASTER_URL:
@@ -191,7 +191,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-runner.groovy
param:
IMAGE:
@@ -225,7 +225,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-func.groovy
param:
DEBUG_MODE:
@@ -289,7 +289,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-ha.groovy
param:
SALT_MASTER_URL:
@@ -358,7 +358,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-tempest.groovy
param:
PREPARE_RESOURCES:
@@ -403,7 +403,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-perf.groovy
param:
DEBUG_MODE:
@@ -452,7 +452,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-runner.groovy
param:
IMAGE:
@@ -486,7 +486,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-runner.groovy
param:
IMAGE:
@@ -522,7 +522,7 @@
type: git
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
branch: "${_param:jenkins_pipelines_branch}"
- credentials: "gerrit"
+ credentials: ${_param:jenkins_gerrit_credentials}
script: cvp-shaker.groovy
param:
IMAGE:
diff --git a/keystone/client/service/ceilometer.yml b/keystone/client/service/ceilometer.yml
index 131f3bb..4a21d9c 100644
--- a/keystone/client/service/ceilometer.yml
+++ b/keystone/client/service/ceilometer.yml
@@ -5,6 +5,7 @@
ceilometer_service_protocol: http
ceilometer_public_host: ${_param:cluster_public_host}
ceilometer_endpoint_status: present
+ ceilometer_service_status: ${_param:ceilometer_endpoint_status}
keystone:
client:
server:
@@ -19,6 +20,7 @@
options: ${_param:openstack_service_user_options}
service:
ceilometer:
+ status: ${_param:ceilometer_service_status}
type: metering
description: OpenStack Telemetry Service
endpoints:
diff --git a/keystone/client/v3/service/ceilometer.yml b/keystone/client/v3/service/ceilometer.yml
index 9129773..85af602 100644
--- a/keystone/client/v3/service/ceilometer.yml
+++ b/keystone/client/v3/service/ceilometer.yml
@@ -17,6 +17,7 @@
project_id: service
services:
ceilometer:
+ status: ${_param:ceilometer_service_status}
type: metering
description: OpenStack Telemetry Service
endpoints:
diff --git a/salt/minion/cert/proxy/drivetrain_ssl.yml b/salt/minion/cert/proxy/drivetrain_ssl.yml
new file mode 100644
index 0000000..aecb5fb
--- /dev/null
+++ b/salt/minion/cert/proxy/drivetrain_ssl.yml
@@ -0,0 +1,18 @@
+parameters:
+ salt:
+ minion:
+ cert:
+ gerrit:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ common_name: drivetrain
+ signing_policy: cert_server
+ alternative_names: "DNS:${_param:cluster_public_host}, DNS:*.${_param:cluster_public_host}, DNS:${_param:cicd_control_address}, IP:${_param:cicd_control_address}"
+ key_file: /etc/haproxy/ssl/drivetrain.key
+ cert_file: /etc/haproxy/ssl/drivetrain.crt
+ ca_file: /etc/ssl/certs/ca-${_param:salt_minion_ca_authority}.pem
+ all_file: /etc/haproxy/ssl/drivetrain.pem
+ user: root
+ group: haproxy
+ mode: 640
+ enabled: true