openstack/openstack-helm-infra
Code Issues Proposed changes
openstack-helm-infra/zuul.d/jobs.yaml
Gage Hugo 86e56b2aee Address bandit gate failures 
This change addresses the results that were found when running
bandit against the templated python files in the various charts.

This also makes the bandit gate only run when python template
files are changed as well as makes the job voting.

Change-Id: Ia158f5f9d6d791872568dafe8bce69575fece5aa
2020-02-04 15:33:17 -06:00

489 lines
20 KiB
YAML
Raw Blame History

---
# Copyright 2018 SUSE LINUX GmbH.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- job:
name: openstack-helm-lint
run: zuul.d/playbooks/lint.yml
nodeset: ubuntu-bionic
- job:
name: openstack-helm-infra-functional
irrelevant-files:
- ^.*\.rst$
- ^doc/.*$
- ^releasenotes/.*$
- job:
name: openstack-helm-infra-linter
run: playbooks/zuul-linter.yaml
nodeset: openstack-helm-single-node
- job:
name: openstack-helm-infra-bandit
run: playbooks/osh-infra-bandit.yaml
nodeset: openstack-helm-single-node
files:
- ^.*\.py\.tpl$
- ^.*\.py$
- job:
name: openstack-helm-infra
parent: openstack-helm-infra-functional
timeout: 7200
roles:
- zuul: zuul/zuul-jobs
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-docker.yaml
- playbooks/osh-infra-deploy-selenium.yaml
- playbooks/osh-infra-build.yaml
- playbooks/osh-infra-deploy-k8s.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
vars:
gate_scripts:
- ./tools/deployment/multinode/010-deploy-docker-registry.sh
- ./tools/deployment/multinode/020-ingress.sh
- ./tools/deployment/multinode/030-ceph.sh
- ./tools/deployment/multinode/035-ceph-ns-activate.sh
- ./tools/deployment/multinode/040-ldap.sh
- ./tools/deployment/multinode/045-mariadb.sh
- ./tools/deployment/multinode/050-prometheus.sh
- ./tools/deployment/multinode/060-alertmanager.sh
- ./tools/deployment/multinode/070-kube-state-metrics.sh
- ./tools/deployment/multinode/080-node-exporter.sh
- ./tools/deployment/multinode/085-process-exporter.sh
- ./tools/deployment/multinode/090-openstack-exporter.sh
- ./tools/deployment/multinode/100-grafana.sh
- ./tools/deployment/multinode/110-nagios.sh
- ./tools/deployment/multinode/115-radosgw-osh-infra.sh
- ./tools/deployment/multinode/120-elasticsearch.sh
- ./tools/deployment/multinode/125-fluentbit.sh
- ./tools/deployment/multinode/130-fluentd-daemonset.sh
- ./tools/deployment/multinode/135-fluentd-deployment.sh
- ./tools/deployment/multinode/140-kibana.sh
- ./tools/deployment/multinode/160-zookeeper.sh
- ./tools/deployment/multinode/600-grafana-selenium.sh || true
- ./tools/deployment/multinode/610-nagios-selenium.sh || true
- ./tools/deployment/multinode/620-prometheus-selenium.sh || true
- ./tools/deployment/multinode/630-kibana-selenium.sh || true
- job:
name: openstack-helm-infra-tenant-ceph
parent: openstack-helm-infra-functional
nodeset: openstack-helm-five-node-ubuntu
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-docker.yaml
- playbooks/osh-infra-deploy-selenium.yaml
- playbooks/osh-infra-build.yaml
- playbooks/osh-infra-deploy-k8s.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
vars:
gate_scripts:
- ./tools/deployment/tenant-ceph/010-relabel-nodes.sh
- ./tools/deployment/tenant-ceph/020-ingress.sh
- ./tools/deployment/tenant-ceph/030-ceph.sh
- ./tools/deployment/tenant-ceph/035-ceph-ns-activate.sh
- ./tools/deployment/tenant-ceph/040-tenant-ceph.sh
- ./tools/deployment/tenant-ceph/045-tenant-ceph-ns-activate.sh
- ./tools/deployment/tenant-ceph/050-radosgw-osh-infra.sh
- ./tools/deployment/tenant-ceph/060-radosgw-openstack.sh
- job:
name: openstack-helm-infra-ubuntu
parent: openstack-helm-infra
nodeset: openstack-helm-ubuntu
- job:
name: openstack-helm-infra-centos
parent: openstack-helm-infra
nodeset: openstack-helm-centos
- job:
name: openstack-helm-infra-fedora
parent: openstack-helm-infra
nodeset: openstack-helm-fedora
- job:
name: openstack-helm-infra-aio-logging
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-selenium.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/osh-infra-logging/000-install-packages.sh
- ./tools/deployment/osh-infra-logging/005-deploy-k8s.sh
- ./tools/deployment/osh-infra-logging/010-ingress.sh
- ./tools/deployment/osh-infra-logging/020-ceph.sh
- ./tools/deployment/osh-infra-logging/025-ceph-ns-activate.sh
- ./tools/deployment/osh-infra-logging/030-radosgw-osh-infra.sh
- ./tools/deployment/osh-infra-logging/040-ldap.sh
- ./tools/deployment/osh-infra-logging/050-elasticsearch.sh
- ./tools/deployment/osh-infra-logging/060-fluentd-daemonset.sh
- ./tools/deployment/osh-infra-logging/065-fluentd-deployment.sh
- ./tools/deployment/osh-infra-logging/070-kibana.sh
- ./tools/deployment/osh-infra-logging/600-kibana-selenium.sh || true
- job:
name: openstack-helm-infra-kafka
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/osh-infra-kafka/000-install-packages.sh
- ./tools/deployment/osh-infra-kafka/005-deploy-k8s.sh
- ./tools/deployment/osh-infra-kafka/010-ingress.sh
- ./tools/deployment/osh-infra-kafka/020-ceph.sh
- ./tools/deployment/osh-infra-kafka/025-ceph-ns-activate.sh
- ./tools/deployment/osh-infra-kafka/030-radosgw-osh-infra.sh
- ./tools/deployment/osh-infra-kafka/040-zookeeper.sh
- ./tools/deployment/osh-infra-kafka/050-kafka.sh
- job:
name: openstack-helm-infra-aio-monitoring
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-selenium.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/osh-infra-monitoring/000-install-packages.sh
- ./tools/deployment/osh-infra-monitoring/005-deploy-k8s.sh
- ./tools/deployment/osh-infra-monitoring/010-deploy-docker-registry.sh
- ./tools/deployment/osh-infra-monitoring/020-ingress.sh
- ./tools/deployment/osh-infra-monitoring/030-nfs-provisioner.sh
- ./tools/deployment/osh-infra-monitoring/040-ldap.sh
- ./tools/deployment/osh-infra-monitoring/045-mariadb.sh
- ./tools/deployment/osh-infra-monitoring/050-prometheus.sh
- ./tools/deployment/osh-infra-monitoring/060-alertmanager.sh
- ./tools/deployment/osh-infra-monitoring/070-kube-state-metrics.sh
- ./tools/deployment/osh-infra-monitoring/080-node-exporter.sh
- ./tools/deployment/osh-infra-monitoring/090-process-exporter.sh
- ./tools/deployment/osh-infra-monitoring/100-openstack-exporter.sh
- ./tools/deployment/osh-infra-monitoring/110-grafana.sh
- ./tools/deployment/osh-infra-monitoring/120-nagios.sh
- ./tools/deployment/osh-infra-monitoring/130-postgresql.sh
- ./tools/deployment/osh-infra-monitoring/600-grafana-selenium.sh || true
- ./tools/deployment/osh-infra-monitoring/610-prometheus-selenium.sh || true
- ./tools/deployment/osh-infra-monitoring/620-nagios-selenium.sh || true
- job:
name: openstack-helm-infra-federated-monitoring
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-selenium.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/federated-monitoring/000-install-packages.sh
- ./tools/deployment/federated-monitoring/005-deploy-k8s.sh
- ./tools/deployment/federated-monitoring/010-ingress.sh
- ./tools/deployment/federated-monitoring/020-nfs-provisioner.sh
- ./tools/deployment/federated-monitoring/030-ldap.sh
- ./tools/deployment/federated-monitoring/040-kube-state-metrics.sh
- ./tools/deployment/federated-monitoring/050-node-exporter.sh
- ./tools/deployment/federated-monitoring/060-prometheus.sh
- ./tools/deployment/federated-monitoring/070-federated-prometheus.sh
- ./tools/deployment/federated-monitoring/080-mariadb.sh
- ./tools/deployment/federated-monitoring/090-grafana.sh
- ./tools/deployment/federated-monitoring/100-prometheus-selenium.sh || true
- job:
name: openstack-helm-infra-aio-network-policy
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-selenium.yaml
run: playbooks/osh-infra-gate-runner.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/network-policy/000-install-packages.sh
- ./tools/deployment/network-policy/005-deploy-k8s.sh
- ./tools/deployment/network-policy/010-ingress.sh
- ./tools/deployment/network-policy/020-nfs-provisioner.sh
- ./tools/deployment/network-policy/039-lockdown.sh
- ./tools/deployment/network-policy/040-ldap.sh
- ./tools/deployment/network-policy/045-mariadb.sh
- ./tools/deployment/network-policy/050-prometheus.sh
- ./tools/deployment/network-policy/060-alertmanager.sh
- ./tools/deployment/network-policy/070-kube-state-metrics.sh
- ./tools/deployment/network-policy/080-node-exporter.sh
- ./tools/deployment/network-policy/090-process-exporter.sh
- ./tools/deployment/network-policy/100-grafana.sh
- ./tools/deployment/network-policy/110-nagios.sh
- ./tools/deployment/network-policy/120-elasticsearch.sh
- ./tools/deployment/network-policy/125-fluentbit.sh
- ./tools/deployment/network-policy/130-fluentd-daemonset.sh
- ./tools/deployment/network-policy/135-fluentd-deployment.sh
- ./tools/deployment/network-policy/140-kibana.sh
- ./tools/deployment/network-policy/openstack-exporter.sh
- ./tools/deployment/network-policy/901-test-networkpolicy.sh
- job:
name: openstack-helm-infra-apparmor
parent: openstack-helm-infra-functional
timeout: 7200
pre-run: playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/apparmor/000-install-packages.sh
- ./tools/deployment/apparmor/001-setup-apparmor-profiles.sh
- ./tools/deployment/apparmor/005-deploy-k8s.sh
- ./tools/deployment/apparmor/020-ceph.sh
- ./tools/deployment/apparmor/040-memcached.sh
- ./tools/deployment/apparmor/050-prometheus-alertmanager.sh
- ./tools/deployment/apparmor/060-prometheus-node-exporter.sh
- ./tools/deployment/apparmor/070-prometheus-openstack-exporter.sh
- ./tools/deployment/apparmor/080-prometheus-process-exporter.sh
- ./tools/deployment/apparmor/090-elasticsearch.sh
- ./tools/deployment/apparmor/100-fluentbit.sh
- ./tools/deployment/apparmor/110-fluentd-daemonset.sh
- ./tools/deployment/apparmor/120-openvswitch.sh
- job:
name: openstack-helm-infra-openstack-support
parent: openstack-helm-infra-functional
timeout: 7200
pre-run: playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
required-projects:
- openstack/openstack-helm
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/openstack-support/000-install-packages.sh
- ./tools/deployment/openstack-support/005-deploy-k8s.sh
- ./tools/deployment/openstack-support/010-ingress.sh
- ./tools/deployment/openstack-support/020-ceph.sh
- ./tools/deployment/openstack-support/025-ceph-ns-activate.sh
- ./tools/deployment/openstack-support/030-rabbitmq.sh
- ./tools/deployment/openstack-support/040-memcached.sh
- ./tools/deployment/openstack-support/050-libvirt.sh
- ./tools/deployment/openstack-support/060-openvswitch.sh
- ./tools/deployment/openstack-support/070-mariadb.sh
- ./tools/deployment/openstack-support/080-setup-client.sh
- ./tools/deployment/openstack-support/090-keystone.sh
- ./tools/deployment/openstack-support/100-ceph-radosgateway.sh
- ./tools/deployment/openstack-support/110-openstack-exporter.sh
- ./tools/deployment/openstack-support/120-powerdns.sh
- job:
name: openstack-helm-infra-five-ubuntu
parent: openstack-helm-infra
nodeset: openstack-helm-five-node-ubuntu
- job:
name: openstack-helm-infra-five-centos
parent: openstack-helm-infra
nodeset: openstack-helm-five-node-centos
- job:
name: openstack-helm-infra-five-fedora
parent: openstack-helm-infra
nodeset: openstack-helm-five-node-fedora
- job:
name: openstack-helm-infra-kubernetes-keystone-auth
parent: openstack-helm-infra
nodeset: openstack-helm-single-node
run: playbooks/osh-infra-gate-runner.yaml
required-projects:
- openstack/openstack-helm
vars:
kubernetes_keystone_auth: true
gate_fqdn_test: true
gate_scripts:
- ./tools/deployment/keystone-auth/010-setup-client.sh
- ./tools/deployment/keystone-auth/020-ingress.sh
- ./tools/deployment/keystone-auth/030-nfs-provisioner.sh
- ./tools/deployment/keystone-auth/040-rabbitmq.sh
- ./tools/deployment/keystone-auth/050-memcached.sh
- ./tools/deployment/keystone-auth/060-mariadb.sh
- ./tools/deployment/keystone-auth/070-keystone.sh
- ./tools/deployment/keystone-auth/080-check.sh
- job:
name: openstack-helm-infra-elastic-beats
parent: openstack-helm-infra-functional
timeout: 7200
pre-run: playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/elastic-beats/005-deploy-k8s.sh
- ./tools/deployment/elastic-beats/020-ingress.sh
- ./tools/deployment/elastic-beats/030-ceph.sh
- ./tools/deployment/elastic-beats/035-ceph-ns-activate.sh
- ./tools/deployment/elastic-beats/040-ldap.sh
- ./tools/deployment/elastic-beats/050-elasticsearch.sh
- ./tools/deployment/elastic-beats/060-kibana.sh
- ./tools/deployment/elastic-beats/070-kube-state-metrics.sh
- ./tools/deployment/elastic-beats/080-elastic-metricbeat.sh
- ./tools/deployment/elastic-beats/090-elastic-filebeat.sh
- ./tools/deployment/elastic-beats/100-elastic-packetbeat.sh
- job:
name: openstack-helm-infra-armada-deploy
parent: openstack-helm-infra-functional
nodeset: openstack-helm-five-node-ubuntu
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-docker.yaml
- playbooks/osh-infra-build.yaml
- playbooks/osh-infra-deploy-k8s.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run:
- playbooks/osh-infra-collect-logs.yaml
- playbooks/gather-armada-manifests.yaml
vars:
gate_scripts:
- ./tools/deployment/armada/010-armada-host-setup.sh
- ./tools/deployment/armada/015-armada-build.sh
- ./tools/deployment/armada/020-armada-render-manifests.sh
- ./tools/deployment/armada/025-armada-validate-manifests.sh
- ./tools/deployment/armada/030-armada-apply-manifests.sh
- job:
name: openstack-helm-infra-armada-update-uuid
parent: openstack-helm-infra-functional
nodeset: openstack-helm-five-node-ubuntu
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-docker.yaml
- playbooks/osh-infra-build.yaml
- playbooks/osh-infra-deploy-k8s.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run:
- playbooks/osh-infra-collect-logs.yaml
- playbooks/gather-armada-manifests.yaml
vars:
gate_scripts:
- ./tools/deployment/armada/010-armada-host-setup.sh
- ./tools/deployment/armada/015-armada-build.sh
- ./tools/deployment/armada/020-armada-render-manifests.sh
- ./tools/deployment/armada/025-armada-validate-manifests.sh
- ./tools/deployment/armada/030-armada-apply-manifests.sh
- ./tools/deployment/armada/035-armada-update-uuids.sh
- job:
name: openstack-helm-infra-armada-update-passwords
parent: openstack-helm-infra-functional
nodeset: openstack-helm-five-node-ubuntu
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
- playbooks/osh-infra-deploy-docker.yaml
- playbooks/osh-infra-build.yaml
- playbooks/osh-infra-deploy-k8s.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run:
- playbooks/osh-infra-collect-logs.yaml
- playbooks/gather-armada-manifests.yaml
vars:
gate_scripts:
- ./tools/deployment/armada/010-armada-host-setup.sh
- ./tools/deployment/armada/015-armada-build.sh
- ./tools/deployment/armada/020-armada-render-manifests.sh
- ./tools/deployment/armada/025-armada-validate-manifests.sh
- ./tools/deployment/armada/030-armada-apply-manifests.sh
- ./tools/deployment/armada/040-armada-update-passwords.sh
- job:
name: openstack-helm-infra-airship-divingbell
parent: openstack-helm-infra-functional
nodeset: openstack-helm-single-node
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
vars:
gate_scripts:
- ./tools/deployment/common/005-deploy-k8s.sh
- ./tools/gate/divingbell/divingbell-tests.sh
required-projects:
- airship/divingbell
- job:
name: openstack-helm-infra-aio-podsecuritypolicy
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
gate_scripts:
- ./tools/deployment/podsecuritypolicy/000-install-packages.sh
- ./tools/deployment/podsecuritypolicy/005-deploy-k8s.sh
- ./tools/deployment/podsecuritypolicy/006-config-k8s-psp.sh
- ./tools/deployment/podsecuritypolicy/007-podsecuritypolicy.sh
- job:
name: openstack-helm-infra-local-storage
parent: openstack-helm-infra-functional
timeout: 7200
pre-run:
- playbooks/osh-infra-upgrade-host.yaml
run: playbooks/osh-infra-gate-runner.yaml
post-run: playbooks/osh-infra-collect-logs.yaml
nodeset: openstack-helm-single-node
vars:
osh_params:
openstack_release: stein
container_distro_name: ubuntu
container_distro_version: bionic
feature_gates: local-storage
gate_scripts:
- ./tools/deployment/osh-infra-local-storage/000-install-packages.sh
- ./tools/deployment/osh-infra-local-storage/005-deploy-k8s.sh
- ./tools/deployment/osh-infra-local-storage/010-ingress.sh
- ./tools/deployment/osh-infra-local-storage/020-local-storage.sh
- ./tools/deployment/osh-infra-local-storage/030-mariadb.sh
- ./tools/deployment/osh-infra-local-storage/040-prometheus.sh
- ./tools/deployment/osh-infra-local-storage/050-elasticsearch.sh
- ./tools/deployment/osh-infra-local-storage/060-volume-info.sh
View Git Blame Copy Permalink