Merge "Finish linux:system:user:sudo parametrization"
diff --git a/artifactory/client/init.yml b/artifactory/client/init.yml
index 0148879..ef43633 100644
--- a/artifactory/client/init.yml
+++ b/artifactory/client/init.yml
@@ -15,12 +15,121 @@
ldap_searchFilter: ${_param:artifactory_security_ldap_searchFilter}
ssl_verify: False
repo:
- local_artifactory_repo:
- name: local_artifactory_repo
- package_type: generic
+ _genericRepository-local:
+ description: "Used by Jimbo"
repo_type: local
- remote_artifactory_repo:
- name: remote_artifactory_repo
package_type: generic
+ binary-dev-local:
+ description: "None"
+ repo_type: local
+ package_type: generic
+ binary-prod-local:
+ repo_type: local
+ package_type: generic
+ docker-dev-local:
+ repo_type: local
+ package_type: docker
+ docker-prod-local:
+ repo_type: local
+ package_type: docker
+ k8s-tests-images:
+ repo_type: local
+ package_type: docker
+ maven-local:
+ description: "Hosts Java libraries needed to build Docker images"
+ repo_type: local
+ package_type: maven
+ mcp-ci-images:
+ repo_type: local
+ package_type: docker
+ vm-images:
+ repo_type: local
+ package_type: generic
+ _genericRepository-remote:
+ description: "Used by Jimbo"
repo_type: remote
- url: "http://artifactory.mcp.mirantis.net/"
+ package_type: generic
+ url: http://localhost
+ apk-remote:
+ repo_type: remote
+ package_type: generic
+ url: http://dl-cdn.alpinelinux.org/alpine/
+ apt-docker-project:
+ repo_type: remote
+ package_type: debian
+ url: https://apt.dockerproject.org/repo
+ artifactory-pro-debian:
+ repo_type: remote
+ package_type: debian
+ url: https://jfrog.bintray.com/artifactory-pro-debs
+ debian-mariadb-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://sfo1.mirrors.digitalocean.com/mariadb/repo/10.1/debian/
+ debian-nginx:
+ repo_type: remote
+ package_type: debian
+ url: http://nginx.org/packages/debian/
+ debian-percona-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://repo.percona.com/apt
+ debian-rabbitmq-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://www.rabbitmq.com/debian/
+ debian-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://ftp.us.debian.org/debian
+ debian-security-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://security.debian.org/
+ docker-remote:
+ description: "Remote repository for DockerHub"
+ repo_type: remote
+ package_type: docker
+ url: https://registry-1.docker.io/
+ gcs-remote:
+ description: "Has zero downloads. Can be removed."
+ repo_type: remote
+ package_type: generic
+ url: https://storage.googleapis.com
+ gerrit-plugins:
+ description: "Overlaps with maven-local. We should resolve overlap and remove this repo."
+ repo_type: remote
+ package_type: generic
+ url: http://builds.quelltextlich.at/gerrit/nightly
+ jcenter:
+ repo_type: remote
+ package_type: maven
+ url: https://jcenter.bintray.com
+ jenkins-deb-pkgs:
+ repo_type: remote
+ package_type: generic
+ url: https://pkg.jenkins.io/debian-stable/binary
+ jenkins-plugins:
+ repo_type: remote
+ package_type: generic
+ url: http://mirrors.jenkins-ci.org/plugins
+ jenkins-plugins-jars:
+ repo_type: remote
+ package_type: maven
+ url: https://repo.jenkins-ci.org/releases/org/jenkins-ci/plugins/
+ jenkins-updates:
+ repo_type: remote
+ package_type: generic
+ url: https://updates.jenkins.io/
+ mysql-connector-java:
+ repo_type: remote
+ package_type: maven
+ url: http://repo.jfrog.org/artifactory/remote-repos/mysql/mysql-connector-java/
+ pypi-remote:
+ repo_type: remote
+ package_type: pypi
+ url: https://pypi.python.org
+ ubuntu-remote:
+ repo_type: remote
+ package_type: debian
+ url: http://us.archive.ubuntu.com/ubuntu/
diff --git a/ceph/mon/cluster.yml b/ceph/mon/cluster.yml
new file mode 100644
index 0000000..35d5596
--- /dev/null
+++ b/ceph/mon/cluster.yml
@@ -0,0 +1,2 @@
+classes:
+- service.ceph.mon.cluster
diff --git a/ceph/osd/cluster.yml b/ceph/osd/cluster.yml
new file mode 100644
index 0000000..9e98f91
--- /dev/null
+++ b/ceph/osd/cluster.yml
@@ -0,0 +1,2 @@
+classes:
+- service.ceph.osd.cluster
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 5d9a140..ebacf60 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -12,6 +12,8 @@
- method groovy.json.JsonSlurperClassic parseText java.lang.String
- method groovy.lang.GString getBytes
- method groovy.lang.GroovyObject getProperty java.lang.String
+ - method groovy.util.Node attributes
+ - method groovy.util.XmlParser parse java.io.File
- method hudson.PluginManager getPlugins
- method hudson.PluginWrapper getShortName
- method hudson.model.Item getName
@@ -68,6 +70,7 @@
- new groovy.json.JsonBuilder
- new groovy.json.JsonBuilder java.lang.Object
- new groovy.json.JsonSlurperClassic
+ - new groovy.util.XmlParser
- new java.io.File java.lang.String
- new java.io.IOException java.lang.String
- new java.io.OutputStreamWriter java.io.OutputStream
@@ -82,6 +85,7 @@
- new java.util.HashMap
- staticField groovy.io.FileType FILES
- staticMethod com.cloudbees.plugins.credentials.CredentialsProvider lookupCredentials java.lang.Class hudson.model.ItemGroup
+ - staticMethod java.lang.Double parseDouble java.lang.String
- staticMethod java.lang.Integer valueOf int
- staticMethod java.lang.Integer valueOf java.lang.String
- staticMethod java.lang.Math min int int
diff --git a/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml b/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml
index ab84659..8dfc70e 100644
--- a/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml
+++ b/jenkins/client/job/deploy/lab/test-devops-portal-cicd.yml
@@ -18,6 +18,18 @@
script: test-func-devops-portal-pipeline.groovy
param:
# heat
+ HEAT_STACK_DELETE:
+ type: boolean
+ default: 'true'
+ description: "Delete heat stack at the end of job"
+ HEAT_STACK_REUSE:
+ type: boolean
+ default: 'false'
+ description: "Reuse existing stack and only orchestrate deployment"
+ HEAT_STACK_KEEP_INTACT:
+ type: boolean
+ default: 'false'
+ description: "Save current deployment status without re-orchestrating"
HEAT_TEMPLATE_URL:
type: string
default: "${_param:jenkins_gerrit_url}/mk/heat-templates"
@@ -42,14 +54,6 @@
HEAT_STACK_PUBLIC_NET:
type: string
default: "public"
- HEAT_STACK_DELETE:
- type: boolean
- default: 'true'
- description: "Delete heat stack at the end of job"
- HEAT_STACK_REUSE:
- type: boolean
- default: 'false'
- description: "Reuse existing stack and only orchestrate deployment"
# salt master
SALT_MASTER_CREDENTIALS:
diff --git a/jenkins/client/job/deploy/test.yml b/jenkins/client/job/deploy/test.yml
index fe79e73..0b5d541 100644
--- a/jenkins/client/job/deploy/test.yml
+++ b/jenkins/client/job/deploy/test.yml
@@ -36,10 +36,10 @@
TEST_TEMPEST_IMAGE:
type: string
description: "Tempest docker image"
- default: "sandbox-docker-prod-local.docker.mirantis.net/mirantis/rally_tempest:0.1"
+ default: "obutenko/rally_tempest_docker"
TEST_TEMPEST_TARGET:
type: string
- description: "Node to run tests"
+ description: "Node to run tests. use FQDN for ctl01 e.g. ctl01.deploy-heat-os_ha_contrail-17.bud-mk.local"
default: ""
TEST_DOCKER_INSTALL:
type: boolean
@@ -47,5 +47,13 @@
default: "true"
TEST_TEMPEST_PATTERN:
type: string
- description: "Run tests matched to pattern only"
- default: ""
+ description: "Run tests matched to pattern only e.g. tempest.api.identity"
+ default: "false"
+ TEST_SERVICE:
+ type: string
+ description: "openstack or k8s"
+ default: "openstack"
+ TEST_JUNIT_RATIO:
+ type: string
+ description: "The amplification factor to apply to test failures when computing the test result contribution to the build health score."
+ default: "1.0"
diff --git a/jenkins/client/job/gating.yml b/jenkins/client/job/gating.yml
index 6886b06..d0f2149 100644
--- a/jenkins/client/job/gating.yml
+++ b/jenkins/client/job/gating.yml
@@ -38,7 +38,6 @@
quiet_period: 60
trigger:
gerrit:
- silent_start_mode: true
project:
'{{regex}}':
compare_type: REG_EXP
diff --git a/jenkins/client/job/opencontrail/init.yml b/jenkins/client/job/opencontrail/init.yml
index 595dcc0..e07adaf 100644
--- a/jenkins/client/job/opencontrail/init.yml
+++ b/jenkins/client/job/opencontrail/init.yml
@@ -27,6 +27,8 @@
naming_rule: "R3.1.1.x"
- group_regex: "build-opencontrail-oc32-.*"
naming_rule: "R3.2"
+ - group_regex: "build-opencontrail-oc323-.*"
+ naming_rule: "R3.2.3.x"
- group_regex: "build-opencontrail-oc40-.*"
naming_rule: "R4.0"
- group_regex: "build-opencontrail-oc666-.*"
diff --git a/jenkins/client/job/salt-models/tests.yml b/jenkins/client/job/salt-models/tests.yml
index 4b6c006..7849adc 100644
--- a/jenkins/client/job/salt-models/tests.yml
+++ b/jenkins/client/job/salt-models/tests.yml
@@ -73,6 +73,16 @@
url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
credentials: "gerrit"
script: test-system-reclass-pipeline.groovy
+ trigger:
+ gerrit:
+ project:
+ salt-models/{{name}}:
+ branches:
+ - master
+ event:
+ comment:
+ - addedContains:
+ commentAddedCommentContains: '(recheck|reverify)'
concurrent: true
param:
TEST_MODELS:
@@ -85,6 +95,9 @@
DEFAULT_GIT_REF:
type: string
default: master
+ PARALLEL_NODE_GROUP_SIZE:
+ type: string
+ default: "5"
test_salt_model_cookiecutter:
name: test-salt-model-cookiecutter-{{cookiecutter_template}}
jobs:
diff --git a/jenkins/client/job/test_pipelines.yml b/jenkins/client/job/test_pipelines.yml
index d0f0a6e..822084d 100644
--- a/jenkins/client/job/test_pipelines.yml
+++ b/jenkins/client/job/test_pipelines.yml
@@ -46,7 +46,7 @@
default: "niaquinto/gradle"
GRADLE_CMD:
type: string
- default: "check"
+ default: "check --info"
DEFAULT_GIT_URL:
type: string
description: "Run against alternate system reclass"
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
new file mode 100644
index 0000000..f8ebcc7
--- /dev/null
+++ b/jenkins/client/job/validate.yml
@@ -0,0 +1,49 @@
+parameters:
+ jenkins:
+ client:
+ view:
+ Validation:
+ enabled: true
+ type: ListView
+ include_regex: "validate.*"
+ job:
+ validate_openstack:
+ type: workflow-scm
+ name: validate-openstack
+ display_name: "Validate - Openstack"
+ discard:
+ build:
+ keep_num: 20
+ artifact:
+ keep_num: 20
+ concurrent: false
+ scm:
+ type: git
+ url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+ credentials: "gerrit"
+ script: validate-cloud.groovy
+
+ param:
+ SALT_MASTER_URL:
+ type: string
+ default: ""
+ SALT_MASTER_CREDENTIALS:
+ type: string
+ default: "salt"
+ TEST_IMAGE:
+ type: string
+ default: "docker-prod-local.artifactory.mirantis.com/mirantis/oss/qa-tools"
+ TARGET_NODE:
+ type: string
+ default: ""
+ RUN_RALLY_TESTS:
+ type: boolean
+ default: 'true'
+ RUN_TEMPEST_TESTS:
+ type: boolean
+ default: 'true'
+ TEMPEST_TEST_SET:
+ type: choice
+ choices:
+ - smoke
+ - full
diff --git a/libvirt/server/single.yml b/libvirt/server/single.yml
new file mode 100644
index 0000000..f25f8ed
--- /dev/null
+++ b/libvirt/server/single.yml
@@ -0,0 +1,7 @@
+parameters:
+ linux:
+ system:
+ group:
+ libvirtd:
+ enabled: true
+ name: libvirtd
diff --git a/linux/system/single.yml b/linux/system/single.yml
index ef23a39..4c5228f 100644
--- a/linux/system/single.yml
+++ b/linux/system/single.yml
@@ -6,8 +6,13 @@
parameters:
linux:
system:
+ user:
+ root:
+ enabled: true
+ name: root
+ home: /root
package:
- python-msgpack:
+ python-msgpack:
version: latest
cloud-init:
version: purged
diff --git a/opencontrail/client/resource/k8s_api.yml b/opencontrail/client/resource/k8s_api.yml
index 3c6102b..79d6f0d 100644
--- a/opencontrail/client/resource/k8s_api.yml
+++ b/opencontrail/client/resource/k8s_api.yml
@@ -4,6 +4,6 @@
linklocal_service:
k8s_api:
lls_ip: ${_param:kubernetes_internal_api_address}
- lls_port: 6443
+ lls_port: 443
ipf_addresses: ${_param:kubernetes_control_address}
ipf_port: 443
diff --git a/openssh/server/team/cicd.yml b/openssh/server/team/cicd.yml
new file mode 100644
index 0000000..99f6bd6
--- /dev/null
+++ b/openssh/server/team/cicd.yml
@@ -0,0 +1,19 @@
+classes:
+- system.openssh.server.team.members.akomarek
+- system.openssh.server.team.members.atengler
+- system.openssh.server.team.members.fpytloun
+- system.openssh.server.team.members.jbroulik
+- system.openssh.server.team.members.jcach
+- system.openssh.server.team.members.jjosef
+- system.openssh.server.team.members.jpavlik
+- system.openssh.server.team.members.mpolreich
+- system.openssh.server.team.members.rfelkl
+- system.openssh.server.team.members.tkukral
+- system.openssh.server.team.members.psvimbersky
+
+parameters:
+ _param:
+ linux_system_user_sudo: true
+ openssh:
+ server:
+ enabled: true
diff --git a/openssh/server/team/members/mniedbala.yml b/openssh/server/team/members/mniedbala.yml
new file mode 100644
index 0000000..30f7f30
--- /dev/null
+++ b/openssh/server/team/members/mniedbala.yml
@@ -0,0 +1,20 @@
+parameters:
+ linux:
+ system:
+ user:
+ mniedbala:
+ enabled: true
+ name: mniedbala
+ sudo: ${_param:linux_system_user_sudo}
+ full_name: Mikolaj Niedbala
+ home: /home/mniedbala
+ email: mniedbala@mirantis.com
+ openssh:
+ server:
+ enabled: true
+ user:
+ mniedbala:
+ enabled: true
+ public_keys:
+ - key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNepHgtflir2vNW+h9cr3hP3llsTlg5uIvvmByykfk455Cum0vSO27mWKZJu0ebU4LXfeH+WP4MjR3tKAKvXqzjGhPVGjMO3wo4/NLlel2CDx99w0KotcjQhW6p+iqLv1AT9E5LW4Kr1NuQ65nvGn6y4SevRw2y36bNS4VJBq40HlgQFTW3oNP+5u4TVzu7QQhulsTUdQETgLswZKsarX7whgvcHvFs1dnbriZlkPXvrKhZLA/CUb7ot+ugw6KWOl+g4gTFLjnt0IXjJXMstCOL9R7/juflUku9CYFvSuq4/T67yMW7XntQ89VkwudSCMjjUWg6ilEG0ghd9+b3bPr mniedbala@mirantis.com
+ user: ${linux:system:user:mniedbala}
diff --git a/openssh/server/team/networking.yml b/openssh/server/team/networking.yml
index f64d69c..d912490 100644
--- a/openssh/server/team/networking.yml
+++ b/openssh/server/team/networking.yml
@@ -1,3 +1,8 @@
+classes:
+- system.openssh.server.team.members.mceloud
+- system.openssh.server.team.members.pjediny
+- system.openssh.server.team.members.skreys
+- system.openssh.server.team.members.smatov
parameters:
_param:
linux_system_user_sudo: true
diff --git a/openssh/server/team/services.yml b/openssh/server/team/services.yml
new file mode 100644
index 0000000..564fc32
--- /dev/null
+++ b/openssh/server/team/services.yml
@@ -0,0 +1,9 @@
+classes:
+- system.linux.system.sudo
+- system.openssh.server.team.members.mniedbala
+parameters:
+ linux:
+ system:
+ user:
+ mniedbala:
+ sudo: true
diff --git a/reclass/storage/system/ceph_mon_cluster.yml b/reclass/storage/system/ceph_mon_cluster.yml
new file mode 100644
index 0000000..6b99d21
--- /dev/null
+++ b/reclass/storage/system/ceph_mon_cluster.yml
@@ -0,0 +1,38 @@
+parameters:
+ _param:
+ ceph_mon_node01_hostname: cmn01
+ ceph_mon_node02_hostname: cmn02
+ ceph_mon_node03_hostname: cmn03
+ reclass:
+ storage:
+ node:
+ ceph_mon_node01:
+ name: ${_param:ceph_mon_node01_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.ceph.mon
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:ceph_mon_node01_address}
+ keepalived_vip_priority: 103
+ ceph_mon_node02:
+ name: ${_param:ceph_mon_node02_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.ceph.mon
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:ceph_mon_node02_address}
+ keepalived_vip_priority: 102
+ ceph_mon_node03:
+ name: ${_param:ceph_mon_node03_hostname}
+ domain: ${_param:cluster_domain}
+ classes:
+ - cluster.${_param:cluster_name}.ceph.mon
+ params:
+ salt_master_host: ${_param:reclass_config_master}
+ linux_system_codename: xenial
+ single_address: ${_param:ceph_mon_node03_address}
+ keepalived_vip_priority: 101
diff --git a/reclass/storage/system/ceph_monitor_cluster.yml b/reclass/storage/system/ceph_monitor_cluster.yml
deleted file mode 100644
index ca7e7ff..0000000
--- a/reclass/storage/system/ceph_monitor_cluster.yml
+++ /dev/null
@@ -1,38 +0,0 @@
-parameters:
- _param:
- ceph_monitor_node01_hostname: cmn01
- ceph_monitor_node02_hostname: cmn02
- ceph_monitor_node03_hostname: cmn03
- reclass:
- storage:
- node:
- ceph_monitor_node01:
- name: ${_param:ceph_monitor_node01_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.ceph.monitor
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- single_address: ${_param:ceph_monitor_node01_address}
- keepalived_vip_priority: 103
- ceph_monitor_node02:
- name: ${_param:ceph_monitor_node02_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.ceph.monitor
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- single_address: ${_param:ceph_monitor_node02_address}
- keepalived_vip_priority: 102
- ceph_monitor_node03:
- name: ${_param:ceph_monitor_node03_hostname}
- domain: ${_param:cluster_domain}
- classes:
- - cluster.${_param:cluster_name}.ceph.monitor
- params:
- salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: xenial
- single_address: ${_param:ceph_monitor_node03_address}
- keepalived_vip_priority: 101
diff --git a/reclass/storage/system/openstack_dns_cluster.yml b/reclass/storage/system/openstack_dns_cluster.yml
index d134c88..d671e78 100644
--- a/reclass/storage/system/openstack_dns_cluster.yml
+++ b/reclass/storage/system/openstack_dns_cluster.yml
@@ -12,7 +12,7 @@
- cluster.${_param:cluster_name}.openstack.dns
params:
salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: trusty
+ linux_system_codename: xenial
single_address: ${_param:openstack_dns_node01_address}
keepalived_vip_priority: 110
openstack_dns_node02:
@@ -22,6 +22,6 @@
- cluster.${_param:cluster_name}.openstack.dns
params:
salt_master_host: ${_param:reclass_config_master}
- linux_system_codename: trusty
+ linux_system_codename: xenial
single_address: ${_param:openstack_dns_node02_address}
keepalived_vip_priority: 111