Merge "aptly mirror parametrization"
diff --git a/devops_portal/service/jenkins.yml b/devops_portal/service/jenkins.yml
index 2a5dbc9..ee00912 100644
--- a/devops_portal/service/jenkins.yml
+++ b/devops_portal/service/jenkins.yml
@@ -1,4 +1,7 @@
 parameters:
+  _param:
+    oss_jenkins_user: admin
+    oss_jenkins_password: password
   devops_portal:
     config:
       service:
@@ -12,3 +15,6 @@
             address: ${_param:haproxy_jenkins_bind_host}
             port: ${_param:haproxy_jenkins_bind_port}
             https: ${_param:haproxy_jenkins_ssl:enabled}
+          credentials:
+            username: ${_param:oss_jenkins_user}
+            password: ${_param:oss_jenkins_password}
diff --git a/grafana/client/datasource/prometheus.yml b/grafana/client/datasource/prometheus.yml
index c4835ef..681b9df 100644
--- a/grafana/client/datasource/prometheus.yml
+++ b/grafana/client/datasource/prometheus.yml
@@ -2,6 +2,7 @@
   _param:
     grafana_prometheus_is_default: true
     grafana_prometheus_ds_name: prometheus
+    grafana_prometheus_address: ${_param:stacklight_monitor_address}
   grafana:
     client:
       datasource:
diff --git a/jenkins/client/approved_scripts.yml b/jenkins/client/approved_scripts.yml
index 4e3d1d1..6afd67e 100644
--- a/jenkins/client/approved_scripts.yml
+++ b/jenkins/client/approved_scripts.yml
@@ -14,6 +14,7 @@
         - method groovy.lang.GroovyObject getProperty java.lang.String
         - method groovy.util.Node attributes
         - method groovy.util.XmlParser parse java.io.File
+        - method groovy.util.XmlParser parseText java.lang.String
         - method hudson.PluginManager getPlugins
         - method hudson.PluginWrapper getShortName
         - method hudson.model.Item getName
diff --git a/jenkins/client/job/ceph/add-osd-host.yml b/jenkins/client/job/ceph/add-osd-host.yml
new file mode 100644
index 0000000..0c7b629
--- /dev/null
+++ b/jenkins/client/job/ceph/add-osd-host.yml
@@ -0,0 +1,29 @@
+parameters:
+  jenkins:
+    client:
+      job:
+        ceph-remove-osd:
+          type: workflow-scm
+          concurrent: true
+          display_name: "Ceph - add OSD host"
+          discard:
+            build:
+              keep_num: 50
+          scm:
+            type: git
+            url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines"
+            credentials: "gerrit"
+            script: ceph-add-osd-host.groovy
+          param:
+            # general parameters
+            SALT_MASTER_URL:
+              type: string
+              description: URL of Salt master
+              default: "http://${_param:salt_master_host}:6969"
+            SALT_MASTER_CREDENTIALS:
+              type: string
+              description: Credentials for login to Salt API
+              default: salt
+            HOST:
+              type: string
+              description: OSD HOST that will be added to Ceph cluster
diff --git a/jenkins/client/job/ceph/init.yml b/jenkins/client/job/ceph/init.yml
index e4f2ba4..4434e09 100644
--- a/jenkins/client/job/ceph/init.yml
+++ b/jenkins/client/job/ceph/init.yml
@@ -1,2 +1,3 @@
 classes:
 - system.jenkins.client.job.ceph.remove-osd
+- system.jenkins.client.job.ceph.add-osd-host
diff --git a/jenkins/client/job/docker/init.yml b/jenkins/client/job/docker/init.yml
index b6ed029..64dc03f 100644
--- a/jenkins/client/job/docker/init.yml
+++ b/jenkins/client/job/docker/init.yml
@@ -19,6 +19,9 @@
               tags: "2.13.6 latest"
               dockerfile: "Dockerfile"
             - name: jenkins
+              branch: "master"
+              tags: ""
+            - name: jenkins
               branch: "2.32.3"
               tags: "2.32"
               dockerfile: "Dockerfile"
diff --git a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
index b5c2d40..645b80d 100644
--- a/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
+++ b/jenkins/client/job/k8s-test/mcp-k8s-test-pipeline.yml
@@ -15,26 +15,26 @@
             url: "${_param:jenkins_gerrit_url}/kubernetes-ci/kubernetes-pipelines"
             credentials: "gerrit"
             script: pipelines/mcp-k8s-test-pipeline.groovy
-            trigger:
-          gerrit:
-            project:
-              kubernetes/kubernetes:
-                branches:
-                  - compare_type: "ANT"
-                    name: "**"
-            message:
-              build_successful: "Build successful"
-              build_unstable: "Build unstable"
-              build_failure: "Build failed"
-            event:
-              patchset:
-                - created:
-                    excludeDrafts: false
-                    excludeTrivialRebase: false
-                    excludeNoCodeChange: false
-              comment:
-                - addedContains:
-                    commentAddedCommentContains: '(recheck|reverify)'
+          trigger:
+            gerrit:
+              project:
+                kubernetes/kubernetes:
+                  branches:
+                    - compare_type: "ANT"
+                      name: "**"
+              message:
+                build_successful: "Build successful"
+                build_unstable: "Build unstable"
+                build_failure: "Build failed"
+              event:
+                patchset:
+                  - created:
+                      excludeDrafts: false
+                      excludeTrivialRebase: false
+                      excludeNoCodeChange: false
+                comment:
+                  - addedContains:
+                      commentAddedCommentContains: '(recheck|reverify)'
           param:
             KUBE_DOCKER_REGISTRY:
               type: string
diff --git a/jenkins/client/job/validate.yml b/jenkins/client/job/validate.yml
index bc7e847..0544f80 100644
--- a/jenkins/client/job/validate.yml
+++ b/jenkins/client/job/validate.yml
@@ -64,18 +64,24 @@
             SPT_SSH_USER:
               type: string
               default: "root"
-            SPT_FLOATING_NETWORK:
+            FLOATING_NETWORK:
               type: string
               default: ""
             SPT_IMAGE:
               type: string
               default: ""
-            SPT_USER:
+            SPT_IMAGE_USER:
               type: string
               default: ""
             SPT_FLAVOR:
               type: string
               default: ""
-            SPT_AVAILABILITY_ZONE:
+            AVAILABILITY_ZONE:
               type: string
               default: "nova"
+            RALLY_IMAGE:
+              type: string
+              default: "cirros"
+            RALLY_FLAVOR:
+              type: string
+              default: "m1.tiny"
diff --git a/keystone/client/service/barbican.yml b/keystone/client/service/barbican.yml
index 70b6054..497eb50 100644
--- a/keystone/client/service/barbican.yml
+++ b/keystone/client/service/barbican.yml
@@ -7,6 +7,7 @@
         identity:
           roles:
           - creator
+          - key-manager:service-admin
           project:
             service:
               user:
@@ -16,6 +17,7 @@
                   roles:
                   - admin
                   - creator
+                  - key-manager:service-admin
           service:
             barbican:
               type: key-manager
diff --git a/neutron/control/ovn/single.yml b/neutron/control/ovn/single.yml
new file mode 100644
index 0000000..c02f621
--- /dev/null
+++ b/neutron/control/ovn/single.yml
@@ -0,0 +1,48 @@
+classes:
+- service.neutron.control.single
+parameters:
+  _param:
+    neutron_control_dvr: False
+    neutron_l3_ha: False
+    neutron_global_physnet_mtu: 1500
+    neutron_external_mtu: 1500
+    neutron_tenant_network_types: "geneve,flat"
+    neutron_enable_qos: False
+    neutron_enable_vlan_aware_vms: False
+  neutron:
+    server:
+      global_physnet_mtu: ${_param:neutron_global_physnet_mtu}
+      l3_ha: ${_param:neutron_l3_ha}
+      dvr: ${_param:neutron_control_dvr}
+      qos: ${_param:neutron_enable_qos}
+      vlan_aware_vms: ${_param:neutron_enable_vlan_aware_vms}
+      backend:
+        engine: ovn
+        tenant_network_types: "${_param:neutron_tenant_network_types}"
+        external_mtu: ${_param:neutron_external_mtu}
+        mechanism:
+          ovn:
+            driver: ovn
+      compute:
+        region: ${_param:openstack_region}
+      database:
+        host: ${_param:openstack_database_address}
+      identity:
+        region: ${_param:openstack_region}
+      message_queue:
+        members:
+          - host: ${_param:openstack_message_queue_node01_address}
+  mysql:
+    server:
+      database:
+        neutron:
+          encoding: utf8
+          users:
+          - name: neutron
+            password: ${_param:mysql_neutron_password}
+            host: '%'
+            rights: all
+          - name: neutron
+            password: ${_param:mysql_neutron_password}
+            host: ${_param:cluster_local_address}
+            rights: all